From 6292def3d72c23baa8ec111e85cbb1c1af379698 Mon Sep 17 00:00:00 2001 From: Nikita Podshivalov Date: Mon, 24 Oct 2022 18:13:05 +0300 Subject: [PATCH 1/7] added debug logs for tunnel up/down --- internal/commands/tunnel_down.go | 5 +++++ internal/commands/tunnel_up.go | 38 ++++++++++++++++++++++---------- 2 files changed, 31 insertions(+), 12 deletions(-) diff --git a/internal/commands/tunnel_down.go b/internal/commands/tunnel_down.go index 32d37a64..dad0f235 100644 --- a/internal/commands/tunnel_down.go +++ b/internal/commands/tunnel_down.go @@ -71,6 +71,11 @@ func (o *TunnelDownOptions) Run() error { c := exec.Command( "ssh", "-S", "bastion.sock", "-O", "exit", "", ) + + if o.Config.LogLevel == "debug" { + c.Args = append(c.Args, "-vvv") + } + out := &bytes.Buffer{} c.Stdout = out c.Stderr = out diff --git a/internal/commands/tunnel_up.go b/internal/commands/tunnel_up.go index e32eedfb..0bb1b214 100644 --- a/internal/commands/tunnel_up.go +++ b/internal/commands/tunnel_up.go @@ -5,6 +5,18 @@ import ( "encoding/base64" "encoding/json" "fmt" + "io" + "io/ioutil" + "log" + "net" + "os" + "os/exec" + "path/filepath" + "regexp" + "strconv" + "strings" + "text/template" + "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/ec2instanceconnect" @@ -17,17 +29,6 @@ import ( "github.com/sirupsen/logrus" "github.com/spf13/cobra" "golang.org/x/crypto/ssh" - "io" - "io/ioutil" - "log" - "net" - "os" - "os/exec" - "path/filepath" - "regexp" - "strconv" - "strings" - "text/template" ) const sshConfig = `# SSH over Session Manager @@ -170,12 +171,15 @@ func (o *TunnelUpOptions) Validate() error { func (o *TunnelUpOptions) Run() error { logrus.Debugf("public key path: %s", o.PublicKeyFile) + logrus.Debugf("private key path: %s", o.PrivateKeyFile) pk, err := getPublicKey(o.PublicKeyFile) if err != nil { return fmt.Errorf("can't get public key: %s", err) } + logrus.Debugf("public key:\n", pk) + if o.Metadata { err = sendSSHPublicKey(o.BastionHostID, pk, o.Config.Session) if err != nil { @@ -201,6 +205,7 @@ func (o *TunnelUpOptions) Run() error { func (o *TunnelUpOptions) upTunnel() (string, error) { sshConfigPath := fmt.Sprintf("%s/ssh.config", o.Config.EnvDir) + logrus.Debugf("ssh config path: %s", sshConfigPath) if err := setAWSCredentials(o.Config.Session); err != nil { return "", fmt.Errorf("can't run tunnel: %w", err) @@ -249,6 +254,11 @@ func (o *TunnelUpOptions) getSSHCommandArgs(sshConfigPath string) []string { if _, err := os.Stat(o.PrivateKeyFile); !os.IsNotExist(err) { args = append(args, "-i", o.PrivateKeyFile) } + + if o.Config.LogLevel == "debug" { + args = append(args, "-vvv") + } + return args } @@ -272,6 +282,8 @@ func getTerraformOutput(wr *SSMWrapper, env string) (terraformOutput, error) { return terraformOutput{}, fmt.Errorf("can't get terraform output: %w", err) } + logrus.Debugf("decoded terrafrom output: \n%s", value) + var output terraformOutput err = json.Unmarshal(value, &output) @@ -310,9 +322,11 @@ func sendSSHPublicKeyLegacy(bastionID string, key string, sess *session.Session) // This command is executed in the bastion host and it checks if our public key is present. If it's not it uploads it to _authorized_keys file. command := fmt.Sprintf( `grep -qR "%s" /home/ubuntu/.ssh/authorized_keys || echo "%s" >> /home/ubuntu/.ssh/authorized_keys`, - key, key, + strings.TrimSpace(key), strings.TrimSpace(key), ) + logrus.Debugf("send command: \n%s", command) + _, err := ssm.New(sess).SendCommand(&ssm.SendCommandInput{ InstanceIds: []*string{&bastionID}, DocumentName: aws.String("AWS-RunShellScript"), From dee1113b3b318897a3b69c6ac054a8e4694da6ea Mon Sep 17 00:00:00 2001 From: Nikita Podshivalov Date: Wed, 19 Oct 2022 10:16:32 +0300 Subject: [PATCH 2/7] added another ssh key for tunnel test --- .github/workflows/run.e2e-tests.yml | 4 +++- test-e2e/bastion_tunnel_test.go | 2 +- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/.github/workflows/run.e2e-tests.yml b/.github/workflows/run.e2e-tests.yml index aff03290..fad19360 100644 --- a/.github/workflows/run.e2e-tests.yml +++ b/.github/workflows/run.e2e-tests.yml @@ -157,7 +157,9 @@ jobs: run: ize gen aws-profile - name: Generate Test SSH Key - run: ssh-keygen -q -f ~/.ssh/id_rsa + run: | + ssh-keygen -q -f ~/.ssh/id_rsa + ssh-keygen -q -f ~/.ssh/id_rsa_tunnel_test - name: Run Tests run: | diff --git a/test-e2e/bastion_tunnel_test.go b/test-e2e/bastion_tunnel_test.go index 71f7bb2d..d95bc858 100644 --- a/test-e2e/bastion_tunnel_test.go +++ b/test-e2e/bastion_tunnel_test.go @@ -68,7 +68,7 @@ func TestIzeTunnelUp(t *testing.T) { ize := NewBinary(t, izeBinary, examplesRootDir) - stdout, stderr, err := ize.RunRaw("tunnel", "up") + stdout, stderr, err := ize.RunRaw("tunnel", "up", "--ssh-public-key", "~/.ssh/id_rsa_tunnel_test.pub") if err != nil { t.Errorf("error: %s", err) From 7b04a707e452e8f426ae95e4f35093bab46ff087 Mon Sep 17 00:00:00 2001 From: Nikita Podshivalov Date: Thu, 20 Oct 2022 17:15:12 +0300 Subject: [PATCH 3/7] added a private key for the `tunnel up` test --- test-e2e/bastion_tunnel_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test-e2e/bastion_tunnel_test.go b/test-e2e/bastion_tunnel_test.go index d95bc858..bd22566f 100644 --- a/test-e2e/bastion_tunnel_test.go +++ b/test-e2e/bastion_tunnel_test.go @@ -68,7 +68,7 @@ func TestIzeTunnelUp(t *testing.T) { ize := NewBinary(t, izeBinary, examplesRootDir) - stdout, stderr, err := ize.RunRaw("tunnel", "up", "--ssh-public-key", "~/.ssh/id_rsa_tunnel_test.pub") + stdout, stderr, err := ize.RunRaw("tunnel", "up", "--ssh-public-key", "~/.ssh/id_rsa_tunnel_test.pub", "--ssh-private-key", "~/.ssh/id_rsa_tunnel_test") if err != nil { t.Errorf("error: %s", err) From eeb87690c7115e34fe9eaf9ae6a6b30b27cf6695 Mon Sep 17 00:00:00 2001 From: Nikita Podshivalov Date: Thu, 20 Oct 2022 18:27:50 +0300 Subject: [PATCH 4/7] fixed run `Cleanup Infra` --- .github/workflows/run.e2e-tests.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/run.e2e-tests.yml b/.github/workflows/run.e2e-tests.yml index fad19360..14d84b5d 100644 --- a/.github/workflows/run.e2e-tests.yml +++ b/.github/workflows/run.e2e-tests.yml @@ -98,9 +98,9 @@ jobs: - name: Run Tests run: | go test -v --timeout 0 --tags="e2e ecs_apps" ./test-e2e - continue-on-error: true - name: Cleanup Infra + if: ${{ always() }} run: | cd "${{ env.IZE_EXAMPLES_PATH }}" ize down --auto-approve @@ -164,9 +164,9 @@ jobs: - name: Run Tests run: | go test -v --timeout 0 --tags="e2e bastion_tunnel" ./test-e2e - continue-on-error: true - name: Cleanup Infra + if: ${{ always() }} run: | cd "${{ env.IZE_EXAMPLES_PATH }}" ize down --auto-approve From 8d3237d272c58828156d687e597f606c5cf824b8 Mon Sep 17 00:00:00 2001 From: Nikita Podshivalov Date: Thu, 20 Oct 2022 18:28:28 +0300 Subject: [PATCH 5/7] fixed path to keys --- .github/workflows/run.e2e-tests.yml | 8 +- pkg/mocks/mock_sts.go | 437 ++++++++++++++++++++++++++++ test-e2e/bastion_tunnel_test.go | 10 +- 3 files changed, 452 insertions(+), 3 deletions(-) create mode 100644 pkg/mocks/mock_sts.go diff --git a/.github/workflows/run.e2e-tests.yml b/.github/workflows/run.e2e-tests.yml index 14d84b5d..e1f06191 100644 --- a/.github/workflows/run.e2e-tests.yml +++ b/.github/workflows/run.e2e-tests.yml @@ -158,8 +158,12 @@ jobs: - name: Generate Test SSH Key run: | - ssh-keygen -q -f ~/.ssh/id_rsa - ssh-keygen -q -f ~/.ssh/id_rsa_tunnel_test + ssh-keygen -q -f ~/.ssh/id_rsa -t rsa -N '' + ssh-keygen -q -f ~/.ssh/id_rsa_tunnel_test -t rsa -N '' + chmod 600 /home/runner/.ssh/id_rsa_tunnel_test + chmod 600 /home/runner/.ssh/id_rsa_tunnel_test.pub + cat /home/runner/.ssh/id_rsa_tunnel_test.pub + ls -ld /home/runner/.ssh/* - name: Run Tests run: | diff --git a/pkg/mocks/mock_sts.go b/pkg/mocks/mock_sts.go new file mode 100644 index 00000000..97362494 --- /dev/null +++ b/pkg/mocks/mock_sts.go @@ -0,0 +1,437 @@ +// Code generated by MockGen. DO NOT EDIT. +// Source: github.com/aws/aws-sdk-go/service/sts/stsiface (interfaces: STSAPI) + +// Package mocks is a generated GoMock package. +package mocks + +import ( + context "context" + reflect "reflect" + + request "github.com/aws/aws-sdk-go/aws/request" + sts "github.com/aws/aws-sdk-go/service/sts" + gomock "github.com/golang/mock/gomock" +) + +// MockSTSAPI is a mock of STSAPI interface. +type MockSTSAPI struct { + ctrl *gomock.Controller + recorder *MockSTSAPIMockRecorder +} + +// MockSTSAPIMockRecorder is the mock recorder for MockSTSAPI. +type MockSTSAPIMockRecorder struct { + mock *MockSTSAPI +} + +// NewMockSTSAPI creates a new mock instance. +func NewMockSTSAPI(ctrl *gomock.Controller) *MockSTSAPI { + mock := &MockSTSAPI{ctrl: ctrl} + mock.recorder = &MockSTSAPIMockRecorder{mock} + return mock +} + +// EXPECT returns an object that allows the caller to indicate expected use. +func (m *MockSTSAPI) EXPECT() *MockSTSAPIMockRecorder { + return m.recorder +} + +// AssumeRole mocks base method. +func (m *MockSTSAPI) AssumeRole(arg0 *sts.AssumeRoleInput) (*sts.AssumeRoleOutput, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "AssumeRole", arg0) + ret0, _ := ret[0].(*sts.AssumeRoleOutput) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// AssumeRole indicates an expected call of AssumeRole. +func (mr *MockSTSAPIMockRecorder) AssumeRole(arg0 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "AssumeRole", reflect.TypeOf((*MockSTSAPI)(nil).AssumeRole), arg0) +} + +// AssumeRoleRequest mocks base method. +func (m *MockSTSAPI) AssumeRoleRequest(arg0 *sts.AssumeRoleInput) (*request.Request, *sts.AssumeRoleOutput) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "AssumeRoleRequest", arg0) + ret0, _ := ret[0].(*request.Request) + ret1, _ := ret[1].(*sts.AssumeRoleOutput) + return ret0, ret1 +} + +// AssumeRoleRequest indicates an expected call of AssumeRoleRequest. +func (mr *MockSTSAPIMockRecorder) AssumeRoleRequest(arg0 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "AssumeRoleRequest", reflect.TypeOf((*MockSTSAPI)(nil).AssumeRoleRequest), arg0) +} + +// AssumeRoleWithContext mocks base method. +func (m *MockSTSAPI) AssumeRoleWithContext(arg0 context.Context, arg1 *sts.AssumeRoleInput, arg2 ...request.Option) (*sts.AssumeRoleOutput, error) { + m.ctrl.T.Helper() + varargs := []interface{}{arg0, arg1} + for _, a := range arg2 { + varargs = append(varargs, a) + } + ret := m.ctrl.Call(m, "AssumeRoleWithContext", varargs...) + ret0, _ := ret[0].(*sts.AssumeRoleOutput) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// AssumeRoleWithContext indicates an expected call of AssumeRoleWithContext. +func (mr *MockSTSAPIMockRecorder) AssumeRoleWithContext(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + varargs := append([]interface{}{arg0, arg1}, arg2...) + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "AssumeRoleWithContext", reflect.TypeOf((*MockSTSAPI)(nil).AssumeRoleWithContext), varargs...) +} + +// AssumeRoleWithSAML mocks base method. +func (m *MockSTSAPI) AssumeRoleWithSAML(arg0 *sts.AssumeRoleWithSAMLInput) (*sts.AssumeRoleWithSAMLOutput, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "AssumeRoleWithSAML", arg0) + ret0, _ := ret[0].(*sts.AssumeRoleWithSAMLOutput) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// AssumeRoleWithSAML indicates an expected call of AssumeRoleWithSAML. +func (mr *MockSTSAPIMockRecorder) AssumeRoleWithSAML(arg0 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "AssumeRoleWithSAML", reflect.TypeOf((*MockSTSAPI)(nil).AssumeRoleWithSAML), arg0) +} + +// AssumeRoleWithSAMLRequest mocks base method. +func (m *MockSTSAPI) AssumeRoleWithSAMLRequest(arg0 *sts.AssumeRoleWithSAMLInput) (*request.Request, *sts.AssumeRoleWithSAMLOutput) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "AssumeRoleWithSAMLRequest", arg0) + ret0, _ := ret[0].(*request.Request) + ret1, _ := ret[1].(*sts.AssumeRoleWithSAMLOutput) + return ret0, ret1 +} + +// AssumeRoleWithSAMLRequest indicates an expected call of AssumeRoleWithSAMLRequest. +func (mr *MockSTSAPIMockRecorder) AssumeRoleWithSAMLRequest(arg0 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "AssumeRoleWithSAMLRequest", reflect.TypeOf((*MockSTSAPI)(nil).AssumeRoleWithSAMLRequest), arg0) +} + +// AssumeRoleWithSAMLWithContext mocks base method. +func (m *MockSTSAPI) AssumeRoleWithSAMLWithContext(arg0 context.Context, arg1 *sts.AssumeRoleWithSAMLInput, arg2 ...request.Option) (*sts.AssumeRoleWithSAMLOutput, error) { + m.ctrl.T.Helper() + varargs := []interface{}{arg0, arg1} + for _, a := range arg2 { + varargs = append(varargs, a) + } + ret := m.ctrl.Call(m, "AssumeRoleWithSAMLWithContext", varargs...) + ret0, _ := ret[0].(*sts.AssumeRoleWithSAMLOutput) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// AssumeRoleWithSAMLWithContext indicates an expected call of AssumeRoleWithSAMLWithContext. +func (mr *MockSTSAPIMockRecorder) AssumeRoleWithSAMLWithContext(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + varargs := append([]interface{}{arg0, arg1}, arg2...) + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "AssumeRoleWithSAMLWithContext", reflect.TypeOf((*MockSTSAPI)(nil).AssumeRoleWithSAMLWithContext), varargs...) +} + +// AssumeRoleWithWebIdentity mocks base method. +func (m *MockSTSAPI) AssumeRoleWithWebIdentity(arg0 *sts.AssumeRoleWithWebIdentityInput) (*sts.AssumeRoleWithWebIdentityOutput, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "AssumeRoleWithWebIdentity", arg0) + ret0, _ := ret[0].(*sts.AssumeRoleWithWebIdentityOutput) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// AssumeRoleWithWebIdentity indicates an expected call of AssumeRoleWithWebIdentity. +func (mr *MockSTSAPIMockRecorder) AssumeRoleWithWebIdentity(arg0 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "AssumeRoleWithWebIdentity", reflect.TypeOf((*MockSTSAPI)(nil).AssumeRoleWithWebIdentity), arg0) +} + +// AssumeRoleWithWebIdentityRequest mocks base method. +func (m *MockSTSAPI) AssumeRoleWithWebIdentityRequest(arg0 *sts.AssumeRoleWithWebIdentityInput) (*request.Request, *sts.AssumeRoleWithWebIdentityOutput) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "AssumeRoleWithWebIdentityRequest", arg0) + ret0, _ := ret[0].(*request.Request) + ret1, _ := ret[1].(*sts.AssumeRoleWithWebIdentityOutput) + return ret0, ret1 +} + +// AssumeRoleWithWebIdentityRequest indicates an expected call of AssumeRoleWithWebIdentityRequest. +func (mr *MockSTSAPIMockRecorder) AssumeRoleWithWebIdentityRequest(arg0 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "AssumeRoleWithWebIdentityRequest", reflect.TypeOf((*MockSTSAPI)(nil).AssumeRoleWithWebIdentityRequest), arg0) +} + +// AssumeRoleWithWebIdentityWithContext mocks base method. +func (m *MockSTSAPI) AssumeRoleWithWebIdentityWithContext(arg0 context.Context, arg1 *sts.AssumeRoleWithWebIdentityInput, arg2 ...request.Option) (*sts.AssumeRoleWithWebIdentityOutput, error) { + m.ctrl.T.Helper() + varargs := []interface{}{arg0, arg1} + for _, a := range arg2 { + varargs = append(varargs, a) + } + ret := m.ctrl.Call(m, "AssumeRoleWithWebIdentityWithContext", varargs...) + ret0, _ := ret[0].(*sts.AssumeRoleWithWebIdentityOutput) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// AssumeRoleWithWebIdentityWithContext indicates an expected call of AssumeRoleWithWebIdentityWithContext. +func (mr *MockSTSAPIMockRecorder) AssumeRoleWithWebIdentityWithContext(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + varargs := append([]interface{}{arg0, arg1}, arg2...) + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "AssumeRoleWithWebIdentityWithContext", reflect.TypeOf((*MockSTSAPI)(nil).AssumeRoleWithWebIdentityWithContext), varargs...) +} + +// DecodeAuthorizationMessage mocks base method. +func (m *MockSTSAPI) DecodeAuthorizationMessage(arg0 *sts.DecodeAuthorizationMessageInput) (*sts.DecodeAuthorizationMessageOutput, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "DecodeAuthorizationMessage", arg0) + ret0, _ := ret[0].(*sts.DecodeAuthorizationMessageOutput) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// DecodeAuthorizationMessage indicates an expected call of DecodeAuthorizationMessage. +func (mr *MockSTSAPIMockRecorder) DecodeAuthorizationMessage(arg0 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DecodeAuthorizationMessage", reflect.TypeOf((*MockSTSAPI)(nil).DecodeAuthorizationMessage), arg0) +} + +// DecodeAuthorizationMessageRequest mocks base method. +func (m *MockSTSAPI) DecodeAuthorizationMessageRequest(arg0 *sts.DecodeAuthorizationMessageInput) (*request.Request, *sts.DecodeAuthorizationMessageOutput) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "DecodeAuthorizationMessageRequest", arg0) + ret0, _ := ret[0].(*request.Request) + ret1, _ := ret[1].(*sts.DecodeAuthorizationMessageOutput) + return ret0, ret1 +} + +// DecodeAuthorizationMessageRequest indicates an expected call of DecodeAuthorizationMessageRequest. +func (mr *MockSTSAPIMockRecorder) DecodeAuthorizationMessageRequest(arg0 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DecodeAuthorizationMessageRequest", reflect.TypeOf((*MockSTSAPI)(nil).DecodeAuthorizationMessageRequest), arg0) +} + +// DecodeAuthorizationMessageWithContext mocks base method. +func (m *MockSTSAPI) DecodeAuthorizationMessageWithContext(arg0 context.Context, arg1 *sts.DecodeAuthorizationMessageInput, arg2 ...request.Option) (*sts.DecodeAuthorizationMessageOutput, error) { + m.ctrl.T.Helper() + varargs := []interface{}{arg0, arg1} + for _, a := range arg2 { + varargs = append(varargs, a) + } + ret := m.ctrl.Call(m, "DecodeAuthorizationMessageWithContext", varargs...) + ret0, _ := ret[0].(*sts.DecodeAuthorizationMessageOutput) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// DecodeAuthorizationMessageWithContext indicates an expected call of DecodeAuthorizationMessageWithContext. +func (mr *MockSTSAPIMockRecorder) DecodeAuthorizationMessageWithContext(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + varargs := append([]interface{}{arg0, arg1}, arg2...) + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DecodeAuthorizationMessageWithContext", reflect.TypeOf((*MockSTSAPI)(nil).DecodeAuthorizationMessageWithContext), varargs...) +} + +// GetAccessKeyInfo mocks base method. +func (m *MockSTSAPI) GetAccessKeyInfo(arg0 *sts.GetAccessKeyInfoInput) (*sts.GetAccessKeyInfoOutput, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetAccessKeyInfo", arg0) + ret0, _ := ret[0].(*sts.GetAccessKeyInfoOutput) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetAccessKeyInfo indicates an expected call of GetAccessKeyInfo. +func (mr *MockSTSAPIMockRecorder) GetAccessKeyInfo(arg0 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetAccessKeyInfo", reflect.TypeOf((*MockSTSAPI)(nil).GetAccessKeyInfo), arg0) +} + +// GetAccessKeyInfoRequest mocks base method. +func (m *MockSTSAPI) GetAccessKeyInfoRequest(arg0 *sts.GetAccessKeyInfoInput) (*request.Request, *sts.GetAccessKeyInfoOutput) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetAccessKeyInfoRequest", arg0) + ret0, _ := ret[0].(*request.Request) + ret1, _ := ret[1].(*sts.GetAccessKeyInfoOutput) + return ret0, ret1 +} + +// GetAccessKeyInfoRequest indicates an expected call of GetAccessKeyInfoRequest. +func (mr *MockSTSAPIMockRecorder) GetAccessKeyInfoRequest(arg0 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetAccessKeyInfoRequest", reflect.TypeOf((*MockSTSAPI)(nil).GetAccessKeyInfoRequest), arg0) +} + +// GetAccessKeyInfoWithContext mocks base method. +func (m *MockSTSAPI) GetAccessKeyInfoWithContext(arg0 context.Context, arg1 *sts.GetAccessKeyInfoInput, arg2 ...request.Option) (*sts.GetAccessKeyInfoOutput, error) { + m.ctrl.T.Helper() + varargs := []interface{}{arg0, arg1} + for _, a := range arg2 { + varargs = append(varargs, a) + } + ret := m.ctrl.Call(m, "GetAccessKeyInfoWithContext", varargs...) + ret0, _ := ret[0].(*sts.GetAccessKeyInfoOutput) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetAccessKeyInfoWithContext indicates an expected call of GetAccessKeyInfoWithContext. +func (mr *MockSTSAPIMockRecorder) GetAccessKeyInfoWithContext(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + varargs := append([]interface{}{arg0, arg1}, arg2...) + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetAccessKeyInfoWithContext", reflect.TypeOf((*MockSTSAPI)(nil).GetAccessKeyInfoWithContext), varargs...) +} + +// GetCallerIdentity mocks base method. +func (m *MockSTSAPI) GetCallerIdentity(arg0 *sts.GetCallerIdentityInput) (*sts.GetCallerIdentityOutput, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetCallerIdentity", arg0) + ret0, _ := ret[0].(*sts.GetCallerIdentityOutput) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetCallerIdentity indicates an expected call of GetCallerIdentity. +func (mr *MockSTSAPIMockRecorder) GetCallerIdentity(arg0 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetCallerIdentity", reflect.TypeOf((*MockSTSAPI)(nil).GetCallerIdentity), arg0) +} + +// GetCallerIdentityRequest mocks base method. +func (m *MockSTSAPI) GetCallerIdentityRequest(arg0 *sts.GetCallerIdentityInput) (*request.Request, *sts.GetCallerIdentityOutput) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetCallerIdentityRequest", arg0) + ret0, _ := ret[0].(*request.Request) + ret1, _ := ret[1].(*sts.GetCallerIdentityOutput) + return ret0, ret1 +} + +// GetCallerIdentityRequest indicates an expected call of GetCallerIdentityRequest. +func (mr *MockSTSAPIMockRecorder) GetCallerIdentityRequest(arg0 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetCallerIdentityRequest", reflect.TypeOf((*MockSTSAPI)(nil).GetCallerIdentityRequest), arg0) +} + +// GetCallerIdentityWithContext mocks base method. +func (m *MockSTSAPI) GetCallerIdentityWithContext(arg0 context.Context, arg1 *sts.GetCallerIdentityInput, arg2 ...request.Option) (*sts.GetCallerIdentityOutput, error) { + m.ctrl.T.Helper() + varargs := []interface{}{arg0, arg1} + for _, a := range arg2 { + varargs = append(varargs, a) + } + ret := m.ctrl.Call(m, "GetCallerIdentityWithContext", varargs...) + ret0, _ := ret[0].(*sts.GetCallerIdentityOutput) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetCallerIdentityWithContext indicates an expected call of GetCallerIdentityWithContext. +func (mr *MockSTSAPIMockRecorder) GetCallerIdentityWithContext(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + varargs := append([]interface{}{arg0, arg1}, arg2...) + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetCallerIdentityWithContext", reflect.TypeOf((*MockSTSAPI)(nil).GetCallerIdentityWithContext), varargs...) +} + +// GetFederationToken mocks base method. +func (m *MockSTSAPI) GetFederationToken(arg0 *sts.GetFederationTokenInput) (*sts.GetFederationTokenOutput, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetFederationToken", arg0) + ret0, _ := ret[0].(*sts.GetFederationTokenOutput) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetFederationToken indicates an expected call of GetFederationToken. +func (mr *MockSTSAPIMockRecorder) GetFederationToken(arg0 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetFederationToken", reflect.TypeOf((*MockSTSAPI)(nil).GetFederationToken), arg0) +} + +// GetFederationTokenRequest mocks base method. +func (m *MockSTSAPI) GetFederationTokenRequest(arg0 *sts.GetFederationTokenInput) (*request.Request, *sts.GetFederationTokenOutput) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetFederationTokenRequest", arg0) + ret0, _ := ret[0].(*request.Request) + ret1, _ := ret[1].(*sts.GetFederationTokenOutput) + return ret0, ret1 +} + +// GetFederationTokenRequest indicates an expected call of GetFederationTokenRequest. +func (mr *MockSTSAPIMockRecorder) GetFederationTokenRequest(arg0 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetFederationTokenRequest", reflect.TypeOf((*MockSTSAPI)(nil).GetFederationTokenRequest), arg0) +} + +// GetFederationTokenWithContext mocks base method. +func (m *MockSTSAPI) GetFederationTokenWithContext(arg0 context.Context, arg1 *sts.GetFederationTokenInput, arg2 ...request.Option) (*sts.GetFederationTokenOutput, error) { + m.ctrl.T.Helper() + varargs := []interface{}{arg0, arg1} + for _, a := range arg2 { + varargs = append(varargs, a) + } + ret := m.ctrl.Call(m, "GetFederationTokenWithContext", varargs...) + ret0, _ := ret[0].(*sts.GetFederationTokenOutput) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetFederationTokenWithContext indicates an expected call of GetFederationTokenWithContext. +func (mr *MockSTSAPIMockRecorder) GetFederationTokenWithContext(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + varargs := append([]interface{}{arg0, arg1}, arg2...) + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetFederationTokenWithContext", reflect.TypeOf((*MockSTSAPI)(nil).GetFederationTokenWithContext), varargs...) +} + +// GetSessionToken mocks base method. +func (m *MockSTSAPI) GetSessionToken(arg0 *sts.GetSessionTokenInput) (*sts.GetSessionTokenOutput, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetSessionToken", arg0) + ret0, _ := ret[0].(*sts.GetSessionTokenOutput) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetSessionToken indicates an expected call of GetSessionToken. +func (mr *MockSTSAPIMockRecorder) GetSessionToken(arg0 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetSessionToken", reflect.TypeOf((*MockSTSAPI)(nil).GetSessionToken), arg0) +} + +// GetSessionTokenRequest mocks base method. +func (m *MockSTSAPI) GetSessionTokenRequest(arg0 *sts.GetSessionTokenInput) (*request.Request, *sts.GetSessionTokenOutput) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetSessionTokenRequest", arg0) + ret0, _ := ret[0].(*request.Request) + ret1, _ := ret[1].(*sts.GetSessionTokenOutput) + return ret0, ret1 +} + +// GetSessionTokenRequest indicates an expected call of GetSessionTokenRequest. +func (mr *MockSTSAPIMockRecorder) GetSessionTokenRequest(arg0 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetSessionTokenRequest", reflect.TypeOf((*MockSTSAPI)(nil).GetSessionTokenRequest), arg0) +} + +// GetSessionTokenWithContext mocks base method. +func (m *MockSTSAPI) GetSessionTokenWithContext(arg0 context.Context, arg1 *sts.GetSessionTokenInput, arg2 ...request.Option) (*sts.GetSessionTokenOutput, error) { + m.ctrl.T.Helper() + varargs := []interface{}{arg0, arg1} + for _, a := range arg2 { + varargs = append(varargs, a) + } + ret := m.ctrl.Call(m, "GetSessionTokenWithContext", varargs...) + ret0, _ := ret[0].(*sts.GetSessionTokenOutput) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetSessionTokenWithContext indicates an expected call of GetSessionTokenWithContext. +func (mr *MockSTSAPIMockRecorder) GetSessionTokenWithContext(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + varargs := append([]interface{}{arg0, arg1}, arg2...) + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetSessionTokenWithContext", reflect.TypeOf((*MockSTSAPI)(nil).GetSessionTokenWithContext), varargs...) +} diff --git a/test-e2e/bastion_tunnel_test.go b/test-e2e/bastion_tunnel_test.go index bd22566f..c947e531 100644 --- a/test-e2e/bastion_tunnel_test.go +++ b/test-e2e/bastion_tunnel_test.go @@ -5,6 +5,7 @@ package test import ( "io/fs" + "os" "path/filepath" "strings" "testing" @@ -68,7 +69,14 @@ func TestIzeTunnelUp(t *testing.T) { ize := NewBinary(t, izeBinary, examplesRootDir) - stdout, stderr, err := ize.RunRaw("tunnel", "up", "--ssh-public-key", "~/.ssh/id_rsa_tunnel_test.pub", "--ssh-private-key", "~/.ssh/id_rsa_tunnel_test") + home, err := os.UserHomeDir() + if err != nil { + t.Errorf("error: %s", err) + } + + time.Sleep(time.Minute) + + stdout, stderr, err := ize.RunRaw("tunnel", "up", "--ssh-public-key", filepath.Join(home, ".ssh", "id_rsa_tunnel_test.pub"), "--ssh-private-key", filepath.Join(home, ".ssh", "id_rsa_tunnel_test")) if err != nil { t.Errorf("error: %s", err) From 9a7256f0ede11bc9e9f3a4bdfe2dea466289d01a Mon Sep 17 00:00:00 2001 From: Nikita Podshivalov Date: Mon, 24 Oct 2022 18:19:33 +0300 Subject: [PATCH 6/7] added debug logs for tunnel up/down --- internal/commands/tunnel_down.go | 5 +++++ internal/commands/tunnel_up.go | 15 ++++++++++++++- 2 files changed, 19 insertions(+), 1 deletion(-) diff --git a/internal/commands/tunnel_down.go b/internal/commands/tunnel_down.go index 32d37a64..dad0f235 100644 --- a/internal/commands/tunnel_down.go +++ b/internal/commands/tunnel_down.go @@ -71,6 +71,11 @@ func (o *TunnelDownOptions) Run() error { c := exec.Command( "ssh", "-S", "bastion.sock", "-O", "exit", "", ) + + if o.Config.LogLevel == "debug" { + c.Args = append(c.Args, "-vvv") + } + out := &bytes.Buffer{} c.Stdout = out c.Stderr = out diff --git a/internal/commands/tunnel_up.go b/internal/commands/tunnel_up.go index 2e1c5adc..c5160e43 100644 --- a/internal/commands/tunnel_up.go +++ b/internal/commands/tunnel_up.go @@ -171,12 +171,15 @@ func (o *TunnelUpOptions) Validate() error { func (o *TunnelUpOptions) Run() error { logrus.Debugf("public key path: %s", o.PublicKeyFile) + logrus.Debugf("private key path: %s", o.PrivateKeyFile) pk, err := getPublicKey(o.PublicKeyFile) if err != nil { return fmt.Errorf("can't get public key: %s", err) } + logrus.Debugf("public key:\n%s", pk) + if o.Metadata { err = sendSSHPublicKey(o.BastionHostID, pk, o.Config.Session) if err != nil { @@ -202,6 +205,7 @@ func (o *TunnelUpOptions) Run() error { func (o *TunnelUpOptions) upTunnel() (string, error) { sshConfigPath := fmt.Sprintf("%s/ssh.config", o.Config.EnvDir) + logrus.Debugf("ssh config path: %s", sshConfigPath) if err := setAWSCredentials(o.Config.Session); err != nil { return "", fmt.Errorf("can't run tunnel: %w", err) @@ -250,6 +254,11 @@ func (o *TunnelUpOptions) getSSHCommandArgs(sshConfigPath string) []string { if _, err := os.Stat(o.PrivateKeyFile); !os.IsNotExist(err) { args = append(args, "-i", o.PrivateKeyFile) } + + if o.Config.LogLevel == "debug" { + args = append(args, "-vvv") + } + return args } @@ -273,6 +282,8 @@ func getTerraformOutput(wr *SSMWrapper, env string) (terraformOutput, error) { return terraformOutput{}, fmt.Errorf("can't get terraform output: %w", err) } + logrus.Debugf("decoded terrafrom output: \n%s", value) + var output terraformOutput err = json.Unmarshal(value, &output) @@ -311,9 +322,11 @@ func sendSSHPublicKeyLegacy(bastionID string, key string, sess *session.Session) // This command is executed in the bastion host and it checks if our public key is present. If it's not it uploads it to _authorized_keys file. command := fmt.Sprintf( `grep -qR "%s" /home/ubuntu/.ssh/authorized_keys || echo "%s" >> /home/ubuntu/.ssh/authorized_keys`, - key, key, + strings.TrimSpace(key), strings.TrimSpace(key), ) + logrus.Debugf("send command: \n%s", command) + _, err := ssm.New(sess).SendCommand(&ssm.SendCommandInput{ InstanceIds: []*string{&bastionID}, DocumentName: aws.String("AWS-RunShellScript"), From e24ef5f3be85bec052ea2207d9a8e43faae6cede Mon Sep 17 00:00:00 2001 From: Nikita Podshivalov Date: Thu, 27 Oct 2022 10:57:06 +0300 Subject: [PATCH 7/7] removed time.sleep --- pkg/mocks/mock_sts.go | 437 -------------------------------- test-e2e/bastion_tunnel_test.go | 2 - 2 files changed, 439 deletions(-) delete mode 100644 pkg/mocks/mock_sts.go diff --git a/pkg/mocks/mock_sts.go b/pkg/mocks/mock_sts.go deleted file mode 100644 index 97362494..00000000 --- a/pkg/mocks/mock_sts.go +++ /dev/null @@ -1,437 +0,0 @@ -// Code generated by MockGen. DO NOT EDIT. -// Source: github.com/aws/aws-sdk-go/service/sts/stsiface (interfaces: STSAPI) - -// Package mocks is a generated GoMock package. -package mocks - -import ( - context "context" - reflect "reflect" - - request "github.com/aws/aws-sdk-go/aws/request" - sts "github.com/aws/aws-sdk-go/service/sts" - gomock "github.com/golang/mock/gomock" -) - -// MockSTSAPI is a mock of STSAPI interface. -type MockSTSAPI struct { - ctrl *gomock.Controller - recorder *MockSTSAPIMockRecorder -} - -// MockSTSAPIMockRecorder is the mock recorder for MockSTSAPI. -type MockSTSAPIMockRecorder struct { - mock *MockSTSAPI -} - -// NewMockSTSAPI creates a new mock instance. -func NewMockSTSAPI(ctrl *gomock.Controller) *MockSTSAPI { - mock := &MockSTSAPI{ctrl: ctrl} - mock.recorder = &MockSTSAPIMockRecorder{mock} - return mock -} - -// EXPECT returns an object that allows the caller to indicate expected use. -func (m *MockSTSAPI) EXPECT() *MockSTSAPIMockRecorder { - return m.recorder -} - -// AssumeRole mocks base method. -func (m *MockSTSAPI) AssumeRole(arg0 *sts.AssumeRoleInput) (*sts.AssumeRoleOutput, error) { - m.ctrl.T.Helper() - ret := m.ctrl.Call(m, "AssumeRole", arg0) - ret0, _ := ret[0].(*sts.AssumeRoleOutput) - ret1, _ := ret[1].(error) - return ret0, ret1 -} - -// AssumeRole indicates an expected call of AssumeRole. -func (mr *MockSTSAPIMockRecorder) AssumeRole(arg0 interface{}) *gomock.Call { - mr.mock.ctrl.T.Helper() - return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "AssumeRole", reflect.TypeOf((*MockSTSAPI)(nil).AssumeRole), arg0) -} - -// AssumeRoleRequest mocks base method. -func (m *MockSTSAPI) AssumeRoleRequest(arg0 *sts.AssumeRoleInput) (*request.Request, *sts.AssumeRoleOutput) { - m.ctrl.T.Helper() - ret := m.ctrl.Call(m, "AssumeRoleRequest", arg0) - ret0, _ := ret[0].(*request.Request) - ret1, _ := ret[1].(*sts.AssumeRoleOutput) - return ret0, ret1 -} - -// AssumeRoleRequest indicates an expected call of AssumeRoleRequest. -func (mr *MockSTSAPIMockRecorder) AssumeRoleRequest(arg0 interface{}) *gomock.Call { - mr.mock.ctrl.T.Helper() - return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "AssumeRoleRequest", reflect.TypeOf((*MockSTSAPI)(nil).AssumeRoleRequest), arg0) -} - -// AssumeRoleWithContext mocks base method. -func (m *MockSTSAPI) AssumeRoleWithContext(arg0 context.Context, arg1 *sts.AssumeRoleInput, arg2 ...request.Option) (*sts.AssumeRoleOutput, error) { - m.ctrl.T.Helper() - varargs := []interface{}{arg0, arg1} - for _, a := range arg2 { - varargs = append(varargs, a) - } - ret := m.ctrl.Call(m, "AssumeRoleWithContext", varargs...) - ret0, _ := ret[0].(*sts.AssumeRoleOutput) - ret1, _ := ret[1].(error) - return ret0, ret1 -} - -// AssumeRoleWithContext indicates an expected call of AssumeRoleWithContext. -func (mr *MockSTSAPIMockRecorder) AssumeRoleWithContext(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call { - mr.mock.ctrl.T.Helper() - varargs := append([]interface{}{arg0, arg1}, arg2...) - return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "AssumeRoleWithContext", reflect.TypeOf((*MockSTSAPI)(nil).AssumeRoleWithContext), varargs...) -} - -// AssumeRoleWithSAML mocks base method. -func (m *MockSTSAPI) AssumeRoleWithSAML(arg0 *sts.AssumeRoleWithSAMLInput) (*sts.AssumeRoleWithSAMLOutput, error) { - m.ctrl.T.Helper() - ret := m.ctrl.Call(m, "AssumeRoleWithSAML", arg0) - ret0, _ := ret[0].(*sts.AssumeRoleWithSAMLOutput) - ret1, _ := ret[1].(error) - return ret0, ret1 -} - -// AssumeRoleWithSAML indicates an expected call of AssumeRoleWithSAML. -func (mr *MockSTSAPIMockRecorder) AssumeRoleWithSAML(arg0 interface{}) *gomock.Call { - mr.mock.ctrl.T.Helper() - return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "AssumeRoleWithSAML", reflect.TypeOf((*MockSTSAPI)(nil).AssumeRoleWithSAML), arg0) -} - -// AssumeRoleWithSAMLRequest mocks base method. -func (m *MockSTSAPI) AssumeRoleWithSAMLRequest(arg0 *sts.AssumeRoleWithSAMLInput) (*request.Request, *sts.AssumeRoleWithSAMLOutput) { - m.ctrl.T.Helper() - ret := m.ctrl.Call(m, "AssumeRoleWithSAMLRequest", arg0) - ret0, _ := ret[0].(*request.Request) - ret1, _ := ret[1].(*sts.AssumeRoleWithSAMLOutput) - return ret0, ret1 -} - -// AssumeRoleWithSAMLRequest indicates an expected call of AssumeRoleWithSAMLRequest. -func (mr *MockSTSAPIMockRecorder) AssumeRoleWithSAMLRequest(arg0 interface{}) *gomock.Call { - mr.mock.ctrl.T.Helper() - return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "AssumeRoleWithSAMLRequest", reflect.TypeOf((*MockSTSAPI)(nil).AssumeRoleWithSAMLRequest), arg0) -} - -// AssumeRoleWithSAMLWithContext mocks base method. -func (m *MockSTSAPI) AssumeRoleWithSAMLWithContext(arg0 context.Context, arg1 *sts.AssumeRoleWithSAMLInput, arg2 ...request.Option) (*sts.AssumeRoleWithSAMLOutput, error) { - m.ctrl.T.Helper() - varargs := []interface{}{arg0, arg1} - for _, a := range arg2 { - varargs = append(varargs, a) - } - ret := m.ctrl.Call(m, "AssumeRoleWithSAMLWithContext", varargs...) - ret0, _ := ret[0].(*sts.AssumeRoleWithSAMLOutput) - ret1, _ := ret[1].(error) - return ret0, ret1 -} - -// AssumeRoleWithSAMLWithContext indicates an expected call of AssumeRoleWithSAMLWithContext. -func (mr *MockSTSAPIMockRecorder) AssumeRoleWithSAMLWithContext(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call { - mr.mock.ctrl.T.Helper() - varargs := append([]interface{}{arg0, arg1}, arg2...) - return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "AssumeRoleWithSAMLWithContext", reflect.TypeOf((*MockSTSAPI)(nil).AssumeRoleWithSAMLWithContext), varargs...) -} - -// AssumeRoleWithWebIdentity mocks base method. -func (m *MockSTSAPI) AssumeRoleWithWebIdentity(arg0 *sts.AssumeRoleWithWebIdentityInput) (*sts.AssumeRoleWithWebIdentityOutput, error) { - m.ctrl.T.Helper() - ret := m.ctrl.Call(m, "AssumeRoleWithWebIdentity", arg0) - ret0, _ := ret[0].(*sts.AssumeRoleWithWebIdentityOutput) - ret1, _ := ret[1].(error) - return ret0, ret1 -} - -// AssumeRoleWithWebIdentity indicates an expected call of AssumeRoleWithWebIdentity. -func (mr *MockSTSAPIMockRecorder) AssumeRoleWithWebIdentity(arg0 interface{}) *gomock.Call { - mr.mock.ctrl.T.Helper() - return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "AssumeRoleWithWebIdentity", reflect.TypeOf((*MockSTSAPI)(nil).AssumeRoleWithWebIdentity), arg0) -} - -// AssumeRoleWithWebIdentityRequest mocks base method. -func (m *MockSTSAPI) AssumeRoleWithWebIdentityRequest(arg0 *sts.AssumeRoleWithWebIdentityInput) (*request.Request, *sts.AssumeRoleWithWebIdentityOutput) { - m.ctrl.T.Helper() - ret := m.ctrl.Call(m, "AssumeRoleWithWebIdentityRequest", arg0) - ret0, _ := ret[0].(*request.Request) - ret1, _ := ret[1].(*sts.AssumeRoleWithWebIdentityOutput) - return ret0, ret1 -} - -// AssumeRoleWithWebIdentityRequest indicates an expected call of AssumeRoleWithWebIdentityRequest. -func (mr *MockSTSAPIMockRecorder) AssumeRoleWithWebIdentityRequest(arg0 interface{}) *gomock.Call { - mr.mock.ctrl.T.Helper() - return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "AssumeRoleWithWebIdentityRequest", reflect.TypeOf((*MockSTSAPI)(nil).AssumeRoleWithWebIdentityRequest), arg0) -} - -// AssumeRoleWithWebIdentityWithContext mocks base method. -func (m *MockSTSAPI) AssumeRoleWithWebIdentityWithContext(arg0 context.Context, arg1 *sts.AssumeRoleWithWebIdentityInput, arg2 ...request.Option) (*sts.AssumeRoleWithWebIdentityOutput, error) { - m.ctrl.T.Helper() - varargs := []interface{}{arg0, arg1} - for _, a := range arg2 { - varargs = append(varargs, a) - } - ret := m.ctrl.Call(m, "AssumeRoleWithWebIdentityWithContext", varargs...) - ret0, _ := ret[0].(*sts.AssumeRoleWithWebIdentityOutput) - ret1, _ := ret[1].(error) - return ret0, ret1 -} - -// AssumeRoleWithWebIdentityWithContext indicates an expected call of AssumeRoleWithWebIdentityWithContext. -func (mr *MockSTSAPIMockRecorder) AssumeRoleWithWebIdentityWithContext(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call { - mr.mock.ctrl.T.Helper() - varargs := append([]interface{}{arg0, arg1}, arg2...) - return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "AssumeRoleWithWebIdentityWithContext", reflect.TypeOf((*MockSTSAPI)(nil).AssumeRoleWithWebIdentityWithContext), varargs...) -} - -// DecodeAuthorizationMessage mocks base method. -func (m *MockSTSAPI) DecodeAuthorizationMessage(arg0 *sts.DecodeAuthorizationMessageInput) (*sts.DecodeAuthorizationMessageOutput, error) { - m.ctrl.T.Helper() - ret := m.ctrl.Call(m, "DecodeAuthorizationMessage", arg0) - ret0, _ := ret[0].(*sts.DecodeAuthorizationMessageOutput) - ret1, _ := ret[1].(error) - return ret0, ret1 -} - -// DecodeAuthorizationMessage indicates an expected call of DecodeAuthorizationMessage. -func (mr *MockSTSAPIMockRecorder) DecodeAuthorizationMessage(arg0 interface{}) *gomock.Call { - mr.mock.ctrl.T.Helper() - return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DecodeAuthorizationMessage", reflect.TypeOf((*MockSTSAPI)(nil).DecodeAuthorizationMessage), arg0) -} - -// DecodeAuthorizationMessageRequest mocks base method. -func (m *MockSTSAPI) DecodeAuthorizationMessageRequest(arg0 *sts.DecodeAuthorizationMessageInput) (*request.Request, *sts.DecodeAuthorizationMessageOutput) { - m.ctrl.T.Helper() - ret := m.ctrl.Call(m, "DecodeAuthorizationMessageRequest", arg0) - ret0, _ := ret[0].(*request.Request) - ret1, _ := ret[1].(*sts.DecodeAuthorizationMessageOutput) - return ret0, ret1 -} - -// DecodeAuthorizationMessageRequest indicates an expected call of DecodeAuthorizationMessageRequest. -func (mr *MockSTSAPIMockRecorder) DecodeAuthorizationMessageRequest(arg0 interface{}) *gomock.Call { - mr.mock.ctrl.T.Helper() - return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DecodeAuthorizationMessageRequest", reflect.TypeOf((*MockSTSAPI)(nil).DecodeAuthorizationMessageRequest), arg0) -} - -// DecodeAuthorizationMessageWithContext mocks base method. -func (m *MockSTSAPI) DecodeAuthorizationMessageWithContext(arg0 context.Context, arg1 *sts.DecodeAuthorizationMessageInput, arg2 ...request.Option) (*sts.DecodeAuthorizationMessageOutput, error) { - m.ctrl.T.Helper() - varargs := []interface{}{arg0, arg1} - for _, a := range arg2 { - varargs = append(varargs, a) - } - ret := m.ctrl.Call(m, "DecodeAuthorizationMessageWithContext", varargs...) - ret0, _ := ret[0].(*sts.DecodeAuthorizationMessageOutput) - ret1, _ := ret[1].(error) - return ret0, ret1 -} - -// DecodeAuthorizationMessageWithContext indicates an expected call of DecodeAuthorizationMessageWithContext. -func (mr *MockSTSAPIMockRecorder) DecodeAuthorizationMessageWithContext(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call { - mr.mock.ctrl.T.Helper() - varargs := append([]interface{}{arg0, arg1}, arg2...) - return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DecodeAuthorizationMessageWithContext", reflect.TypeOf((*MockSTSAPI)(nil).DecodeAuthorizationMessageWithContext), varargs...) -} - -// GetAccessKeyInfo mocks base method. -func (m *MockSTSAPI) GetAccessKeyInfo(arg0 *sts.GetAccessKeyInfoInput) (*sts.GetAccessKeyInfoOutput, error) { - m.ctrl.T.Helper() - ret := m.ctrl.Call(m, "GetAccessKeyInfo", arg0) - ret0, _ := ret[0].(*sts.GetAccessKeyInfoOutput) - ret1, _ := ret[1].(error) - return ret0, ret1 -} - -// GetAccessKeyInfo indicates an expected call of GetAccessKeyInfo. -func (mr *MockSTSAPIMockRecorder) GetAccessKeyInfo(arg0 interface{}) *gomock.Call { - mr.mock.ctrl.T.Helper() - return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetAccessKeyInfo", reflect.TypeOf((*MockSTSAPI)(nil).GetAccessKeyInfo), arg0) -} - -// GetAccessKeyInfoRequest mocks base method. -func (m *MockSTSAPI) GetAccessKeyInfoRequest(arg0 *sts.GetAccessKeyInfoInput) (*request.Request, *sts.GetAccessKeyInfoOutput) { - m.ctrl.T.Helper() - ret := m.ctrl.Call(m, "GetAccessKeyInfoRequest", arg0) - ret0, _ := ret[0].(*request.Request) - ret1, _ := ret[1].(*sts.GetAccessKeyInfoOutput) - return ret0, ret1 -} - -// GetAccessKeyInfoRequest indicates an expected call of GetAccessKeyInfoRequest. -func (mr *MockSTSAPIMockRecorder) GetAccessKeyInfoRequest(arg0 interface{}) *gomock.Call { - mr.mock.ctrl.T.Helper() - return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetAccessKeyInfoRequest", reflect.TypeOf((*MockSTSAPI)(nil).GetAccessKeyInfoRequest), arg0) -} - -// GetAccessKeyInfoWithContext mocks base method. -func (m *MockSTSAPI) GetAccessKeyInfoWithContext(arg0 context.Context, arg1 *sts.GetAccessKeyInfoInput, arg2 ...request.Option) (*sts.GetAccessKeyInfoOutput, error) { - m.ctrl.T.Helper() - varargs := []interface{}{arg0, arg1} - for _, a := range arg2 { - varargs = append(varargs, a) - } - ret := m.ctrl.Call(m, "GetAccessKeyInfoWithContext", varargs...) - ret0, _ := ret[0].(*sts.GetAccessKeyInfoOutput) - ret1, _ := ret[1].(error) - return ret0, ret1 -} - -// GetAccessKeyInfoWithContext indicates an expected call of GetAccessKeyInfoWithContext. -func (mr *MockSTSAPIMockRecorder) GetAccessKeyInfoWithContext(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call { - mr.mock.ctrl.T.Helper() - varargs := append([]interface{}{arg0, arg1}, arg2...) - return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetAccessKeyInfoWithContext", reflect.TypeOf((*MockSTSAPI)(nil).GetAccessKeyInfoWithContext), varargs...) -} - -// GetCallerIdentity mocks base method. -func (m *MockSTSAPI) GetCallerIdentity(arg0 *sts.GetCallerIdentityInput) (*sts.GetCallerIdentityOutput, error) { - m.ctrl.T.Helper() - ret := m.ctrl.Call(m, "GetCallerIdentity", arg0) - ret0, _ := ret[0].(*sts.GetCallerIdentityOutput) - ret1, _ := ret[1].(error) - return ret0, ret1 -} - -// GetCallerIdentity indicates an expected call of GetCallerIdentity. -func (mr *MockSTSAPIMockRecorder) GetCallerIdentity(arg0 interface{}) *gomock.Call { - mr.mock.ctrl.T.Helper() - return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetCallerIdentity", reflect.TypeOf((*MockSTSAPI)(nil).GetCallerIdentity), arg0) -} - -// GetCallerIdentityRequest mocks base method. -func (m *MockSTSAPI) GetCallerIdentityRequest(arg0 *sts.GetCallerIdentityInput) (*request.Request, *sts.GetCallerIdentityOutput) { - m.ctrl.T.Helper() - ret := m.ctrl.Call(m, "GetCallerIdentityRequest", arg0) - ret0, _ := ret[0].(*request.Request) - ret1, _ := ret[1].(*sts.GetCallerIdentityOutput) - return ret0, ret1 -} - -// GetCallerIdentityRequest indicates an expected call of GetCallerIdentityRequest. -func (mr *MockSTSAPIMockRecorder) GetCallerIdentityRequest(arg0 interface{}) *gomock.Call { - mr.mock.ctrl.T.Helper() - return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetCallerIdentityRequest", reflect.TypeOf((*MockSTSAPI)(nil).GetCallerIdentityRequest), arg0) -} - -// GetCallerIdentityWithContext mocks base method. -func (m *MockSTSAPI) GetCallerIdentityWithContext(arg0 context.Context, arg1 *sts.GetCallerIdentityInput, arg2 ...request.Option) (*sts.GetCallerIdentityOutput, error) { - m.ctrl.T.Helper() - varargs := []interface{}{arg0, arg1} - for _, a := range arg2 { - varargs = append(varargs, a) - } - ret := m.ctrl.Call(m, "GetCallerIdentityWithContext", varargs...) - ret0, _ := ret[0].(*sts.GetCallerIdentityOutput) - ret1, _ := ret[1].(error) - return ret0, ret1 -} - -// GetCallerIdentityWithContext indicates an expected call of GetCallerIdentityWithContext. -func (mr *MockSTSAPIMockRecorder) GetCallerIdentityWithContext(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call { - mr.mock.ctrl.T.Helper() - varargs := append([]interface{}{arg0, arg1}, arg2...) - return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetCallerIdentityWithContext", reflect.TypeOf((*MockSTSAPI)(nil).GetCallerIdentityWithContext), varargs...) -} - -// GetFederationToken mocks base method. -func (m *MockSTSAPI) GetFederationToken(arg0 *sts.GetFederationTokenInput) (*sts.GetFederationTokenOutput, error) { - m.ctrl.T.Helper() - ret := m.ctrl.Call(m, "GetFederationToken", arg0) - ret0, _ := ret[0].(*sts.GetFederationTokenOutput) - ret1, _ := ret[1].(error) - return ret0, ret1 -} - -// GetFederationToken indicates an expected call of GetFederationToken. -func (mr *MockSTSAPIMockRecorder) GetFederationToken(arg0 interface{}) *gomock.Call { - mr.mock.ctrl.T.Helper() - return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetFederationToken", reflect.TypeOf((*MockSTSAPI)(nil).GetFederationToken), arg0) -} - -// GetFederationTokenRequest mocks base method. -func (m *MockSTSAPI) GetFederationTokenRequest(arg0 *sts.GetFederationTokenInput) (*request.Request, *sts.GetFederationTokenOutput) { - m.ctrl.T.Helper() - ret := m.ctrl.Call(m, "GetFederationTokenRequest", arg0) - ret0, _ := ret[0].(*request.Request) - ret1, _ := ret[1].(*sts.GetFederationTokenOutput) - return ret0, ret1 -} - -// GetFederationTokenRequest indicates an expected call of GetFederationTokenRequest. -func (mr *MockSTSAPIMockRecorder) GetFederationTokenRequest(arg0 interface{}) *gomock.Call { - mr.mock.ctrl.T.Helper() - return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetFederationTokenRequest", reflect.TypeOf((*MockSTSAPI)(nil).GetFederationTokenRequest), arg0) -} - -// GetFederationTokenWithContext mocks base method. -func (m *MockSTSAPI) GetFederationTokenWithContext(arg0 context.Context, arg1 *sts.GetFederationTokenInput, arg2 ...request.Option) (*sts.GetFederationTokenOutput, error) { - m.ctrl.T.Helper() - varargs := []interface{}{arg0, arg1} - for _, a := range arg2 { - varargs = append(varargs, a) - } - ret := m.ctrl.Call(m, "GetFederationTokenWithContext", varargs...) - ret0, _ := ret[0].(*sts.GetFederationTokenOutput) - ret1, _ := ret[1].(error) - return ret0, ret1 -} - -// GetFederationTokenWithContext indicates an expected call of GetFederationTokenWithContext. -func (mr *MockSTSAPIMockRecorder) GetFederationTokenWithContext(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call { - mr.mock.ctrl.T.Helper() - varargs := append([]interface{}{arg0, arg1}, arg2...) - return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetFederationTokenWithContext", reflect.TypeOf((*MockSTSAPI)(nil).GetFederationTokenWithContext), varargs...) -} - -// GetSessionToken mocks base method. -func (m *MockSTSAPI) GetSessionToken(arg0 *sts.GetSessionTokenInput) (*sts.GetSessionTokenOutput, error) { - m.ctrl.T.Helper() - ret := m.ctrl.Call(m, "GetSessionToken", arg0) - ret0, _ := ret[0].(*sts.GetSessionTokenOutput) - ret1, _ := ret[1].(error) - return ret0, ret1 -} - -// GetSessionToken indicates an expected call of GetSessionToken. -func (mr *MockSTSAPIMockRecorder) GetSessionToken(arg0 interface{}) *gomock.Call { - mr.mock.ctrl.T.Helper() - return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetSessionToken", reflect.TypeOf((*MockSTSAPI)(nil).GetSessionToken), arg0) -} - -// GetSessionTokenRequest mocks base method. -func (m *MockSTSAPI) GetSessionTokenRequest(arg0 *sts.GetSessionTokenInput) (*request.Request, *sts.GetSessionTokenOutput) { - m.ctrl.T.Helper() - ret := m.ctrl.Call(m, "GetSessionTokenRequest", arg0) - ret0, _ := ret[0].(*request.Request) - ret1, _ := ret[1].(*sts.GetSessionTokenOutput) - return ret0, ret1 -} - -// GetSessionTokenRequest indicates an expected call of GetSessionTokenRequest. -func (mr *MockSTSAPIMockRecorder) GetSessionTokenRequest(arg0 interface{}) *gomock.Call { - mr.mock.ctrl.T.Helper() - return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetSessionTokenRequest", reflect.TypeOf((*MockSTSAPI)(nil).GetSessionTokenRequest), arg0) -} - -// GetSessionTokenWithContext mocks base method. -func (m *MockSTSAPI) GetSessionTokenWithContext(arg0 context.Context, arg1 *sts.GetSessionTokenInput, arg2 ...request.Option) (*sts.GetSessionTokenOutput, error) { - m.ctrl.T.Helper() - varargs := []interface{}{arg0, arg1} - for _, a := range arg2 { - varargs = append(varargs, a) - } - ret := m.ctrl.Call(m, "GetSessionTokenWithContext", varargs...) - ret0, _ := ret[0].(*sts.GetSessionTokenOutput) - ret1, _ := ret[1].(error) - return ret0, ret1 -} - -// GetSessionTokenWithContext indicates an expected call of GetSessionTokenWithContext. -func (mr *MockSTSAPIMockRecorder) GetSessionTokenWithContext(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call { - mr.mock.ctrl.T.Helper() - varargs := append([]interface{}{arg0, arg1}, arg2...) - return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetSessionTokenWithContext", reflect.TypeOf((*MockSTSAPI)(nil).GetSessionTokenWithContext), varargs...) -} diff --git a/test-e2e/bastion_tunnel_test.go b/test-e2e/bastion_tunnel_test.go index c947e531..f41b3599 100644 --- a/test-e2e/bastion_tunnel_test.go +++ b/test-e2e/bastion_tunnel_test.go @@ -74,8 +74,6 @@ func TestIzeTunnelUp(t *testing.T) { t.Errorf("error: %s", err) } - time.Sleep(time.Minute) - stdout, stderr, err := ize.RunRaw("tunnel", "up", "--ssh-public-key", filepath.Join(home, ".ssh", "id_rsa_tunnel_test.pub"), "--ssh-private-key", filepath.Join(home, ".ssh", "id_rsa_tunnel_test")) if err != nil {