From 808ea06217de192ac0778a447c31c6911cc40cca Mon Sep 17 00:00:00 2001 From: Noah Stride Date: Thu, 17 Oct 2024 15:27:48 +0100 Subject: [PATCH 1/6] Add validation for login and fix yaml generation --- .../Bots/Add/GitHubActions/ConfigureBot.tsx | 13 +++++-- .../Bots/Add/GitHubActions/useGitHubFlow.tsx | 34 +++---------------- 2 files changed, 15 insertions(+), 32 deletions(-) diff --git a/web/packages/teleport/src/Bots/Add/GitHubActions/ConfigureBot.tsx b/web/packages/teleport/src/Bots/Add/GitHubActions/ConfigureBot.tsx index 0dca6a9796de..3a63f7d44c6d 100644 --- a/web/packages/teleport/src/Bots/Add/GitHubActions/ConfigureBot.tsx +++ b/web/packages/teleport/src/Bots/Add/GitHubActions/ConfigureBot.tsx @@ -162,7 +162,7 @@ export function ConfigureBot({ nextStep, prevStep }: FlowStepProps) { fontWeight="lighter" fontSize="1" > - (optional) + (required field) + rule={requireValidLinuxPrincipal} + /> {attempt.status === 'failed' && {attempt.statusText}} @@ -222,3 +223,11 @@ const requireValidBotName = (value: string) => () => { return { valid: true }; }; + +const requireValidLinuxPrincipal = (value: string) => () => { + if (!value || !value.trim()) { + return { valid: false, message: 'Linux user is required' }; + } + + return { valid: true }; +}; \ No newline at end of file diff --git a/web/packages/teleport/src/Bots/Add/GitHubActions/useGitHubFlow.tsx b/web/packages/teleport/src/Bots/Add/GitHubActions/useGitHubFlow.tsx index c233935d141b..265850957e16 100644 --- a/web/packages/teleport/src/Bots/Add/GitHubActions/useGitHubFlow.tsx +++ b/web/packages/teleport/src/Bots/Add/GitHubActions/useGitHubFlow.tsx @@ -229,9 +229,9 @@ function getRoleYaml( labels: ResourceLabel[], login: string ): string { - const nodeLabelsStanza = labels.map( - label => `'${label.name}': '${label.value}'\n` - ); + const nodeLabels = labels.map( + label => `'${label.name}': '${label.value}'` + ).join('\n '); return `kind: role metadata: @@ -240,38 +240,12 @@ metadata: ${GITHUB_ACTIONS_LABEL_KEY}: ${GITHUB_ACTIONS_LABEL_VAL} spec: allow: - # List of Kubernetes cluster users can access the k8s API - kubernetes_labels: - ${nodeLabelsStanza} - kubernetes_groups: - - '{{internal.kubernetes_groups}}' - kubernetes_users: - - '{{internal.kubernetes_users}}' - - kubernetes_resources: - - kind: '*' - namespace: '*' - name: '*' - verbs: ['*'] - # List of allowed SSH logins logins: [${login}] # List of node labels that users can SSH into node_labels: - ${nodeLabelsStanza} - rules: - - resources: - - event - verbs: - - list - - read - - resources: - - session - verbs: - - read - - list - where: contains(session.participants, user.metadata.name) + ${nodeLabels} options: max_session_ttl: 8h0m0s version: v7 From fc44befdd5c7e5de3abeefa42f9daf56d302daa5 Mon Sep 17 00:00:00 2001 From: Noah Stride Date: Thu, 17 Oct 2024 16:38:43 +0100 Subject: [PATCH 2/6] Rename function --- .../teleport/src/Bots/Add/GitHubActions/ConfigureBot.tsx | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/web/packages/teleport/src/Bots/Add/GitHubActions/ConfigureBot.tsx b/web/packages/teleport/src/Bots/Add/GitHubActions/ConfigureBot.tsx index 3a63f7d44c6d..c4080233bdf5 100644 --- a/web/packages/teleport/src/Bots/Add/GitHubActions/ConfigureBot.tsx +++ b/web/packages/teleport/src/Bots/Add/GitHubActions/ConfigureBot.tsx @@ -175,7 +175,7 @@ export function ConfigureBot({ nextStep, prevStep }: FlowStepProps) { login: e.target.value, }) } - rule={requireValidLinuxPrincipal} + rule={requireValidSSHUser} /> @@ -224,9 +224,9 @@ const requireValidBotName = (value: string) => () => { return { valid: true }; }; -const requireValidLinuxPrincipal = (value: string) => () => { +const requireValidSSHUser = (value: string) => () => { if (!value || !value.trim()) { - return { valid: false, message: 'Linux user is required' }; + return { valid: false, message: 'SSH user is required' }; } return { valid: true }; From a6f7bfa9ee906ffbfabdab044bb77ed953a88707 Mon Sep 17 00:00:00 2001 From: Noah Stride Date: Thu, 17 Oct 2024 16:55:48 +0100 Subject: [PATCH 3/6] Fix missing newline --- .../teleport/src/Bots/Add/GitHubActions/ConfigureBot.tsx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/packages/teleport/src/Bots/Add/GitHubActions/ConfigureBot.tsx b/web/packages/teleport/src/Bots/Add/GitHubActions/ConfigureBot.tsx index c4080233bdf5..33aeae575a32 100644 --- a/web/packages/teleport/src/Bots/Add/GitHubActions/ConfigureBot.tsx +++ b/web/packages/teleport/src/Bots/Add/GitHubActions/ConfigureBot.tsx @@ -230,4 +230,4 @@ const requireValidSSHUser = (value: string) => () => { } return { valid: true }; -}; \ No newline at end of file +}; From f92a2269d69e750ae3e07c486e6d750548dd49ea Mon Sep 17 00:00:00 2001 From: Noah Stride Date: Fri, 18 Oct 2024 10:47:14 +0100 Subject: [PATCH 4/6] Prettier --- .../teleport/src/Bots/Add/GitHubActions/ConfigureBot.tsx | 4 ++-- .../teleport/src/Bots/Add/GitHubActions/useGitHubFlow.tsx | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/web/packages/teleport/src/Bots/Add/GitHubActions/ConfigureBot.tsx b/web/packages/teleport/src/Bots/Add/GitHubActions/ConfigureBot.tsx index 33aeae575a32..9336c3f5775a 100644 --- a/web/packages/teleport/src/Bots/Add/GitHubActions/ConfigureBot.tsx +++ b/web/packages/teleport/src/Bots/Add/GitHubActions/ConfigureBot.tsx @@ -176,7 +176,7 @@ export function ConfigureBot({ nextStep, prevStep }: FlowStepProps) { }) } rule={requireValidSSHUser} - /> + /> {attempt.status === 'failed' && {attempt.statusText}} @@ -225,7 +225,7 @@ const requireValidBotName = (value: string) => () => { }; const requireValidSSHUser = (value: string) => () => { - if (!value || !value.trim()) { + if (!value || !value.trim()) { return { valid: false, message: 'SSH user is required' }; } diff --git a/web/packages/teleport/src/Bots/Add/GitHubActions/useGitHubFlow.tsx b/web/packages/teleport/src/Bots/Add/GitHubActions/useGitHubFlow.tsx index 265850957e16..558bad33b4bf 100644 --- a/web/packages/teleport/src/Bots/Add/GitHubActions/useGitHubFlow.tsx +++ b/web/packages/teleport/src/Bots/Add/GitHubActions/useGitHubFlow.tsx @@ -229,9 +229,9 @@ function getRoleYaml( labels: ResourceLabel[], login: string ): string { - const nodeLabels = labels.map( - label => `'${label.name}': '${label.value}'` - ).join('\n '); + const nodeLabels = labels + .map(label => `'${label.name}': '${label.value}'`) + .join('\n '); return `kind: role metadata: From 51e77f645382f11211352f60ebd98c47028f2361 Mon Sep 17 00:00:00 2001 From: Noah Stride Date: Fri, 18 Oct 2024 10:55:47 +0100 Subject: [PATCH 5/6] Fix tests --- .../teleport/src/Bots/Add/GitHubActions/ConfigureBot.test.tsx | 2 ++ .../teleport/src/Bots/Add/GitHubActions/GitHubActions.test.tsx | 2 ++ 2 files changed, 4 insertions(+) diff --git a/web/packages/teleport/src/Bots/Add/GitHubActions/ConfigureBot.test.tsx b/web/packages/teleport/src/Bots/Add/GitHubActions/ConfigureBot.test.tsx index e7bbc0bc7cb5..8831e5f19c9d 100644 --- a/web/packages/teleport/src/Bots/Add/GitHubActions/ConfigureBot.test.tsx +++ b/web/packages/teleport/src/Bots/Add/GitHubActions/ConfigureBot.test.tsx @@ -118,6 +118,8 @@ describe('configureBot Component', () => { const botNameInput = screen.getByPlaceholderText('github-actions-cd'); await userEvent.type(botNameInput, 'bot-name'); + const sshUserInput = screen.getByPlaceholderText('ubuntu'); + await userEvent.type(sshUserInput, 'ssh-user'); await userEvent.click(screen.getByTestId('button-next')); expect( screen.getByText( diff --git a/web/packages/teleport/src/Bots/Add/GitHubActions/GitHubActions.test.tsx b/web/packages/teleport/src/Bots/Add/GitHubActions/GitHubActions.test.tsx index f61f216c9419..9c3f3a77b895 100644 --- a/web/packages/teleport/src/Bots/Add/GitHubActions/GitHubActions.test.tsx +++ b/web/packages/teleport/src/Bots/Add/GitHubActions/GitHubActions.test.tsx @@ -113,6 +113,8 @@ describe('gitHub component', () => { // step 1: Configure Bot Access const botNameInput = screen.getByPlaceholderText('github-actions-cd'); await userEvent.type(botNameInput, 'bot-name'); + const sshUserInput = screen.getByPlaceholderText('ubuntu'); + await userEvent.type(sshUserInput, 'ssh-user'); await userEvent.click(screen.getByTestId('button-next')); // step 2: Connect GitHub expect( From 7b7d8dbacf967af80c2ba5bd95a3b3bf5b5e43f9 Mon Sep 17 00:00:00 2001 From: Noah Stride Date: Fri, 18 Oct 2024 15:22:13 +0100 Subject: [PATCH 6/6] Use existing helper --- .../src/Bots/Add/GitHubActions/ConfigureBot.tsx | 11 ++--------- 1 file changed, 2 insertions(+), 9 deletions(-) diff --git a/web/packages/teleport/src/Bots/Add/GitHubActions/ConfigureBot.tsx b/web/packages/teleport/src/Bots/Add/GitHubActions/ConfigureBot.tsx index 9336c3f5775a..5878cde70980 100644 --- a/web/packages/teleport/src/Bots/Add/GitHubActions/ConfigureBot.tsx +++ b/web/packages/teleport/src/Bots/Add/GitHubActions/ConfigureBot.tsx @@ -26,6 +26,7 @@ import Validation, { Validator } from 'shared/components/Validation'; import Text from 'design/Text'; import FieldInput from 'shared/components/FieldInput'; +import { requiredField } from 'shared/components/Validation/rules'; import Alert from 'design/Alert'; @@ -175,7 +176,7 @@ export function ConfigureBot({ nextStep, prevStep }: FlowStepProps) { login: e.target.value, }) } - rule={requireValidSSHUser} + rule={requiredField('SSH user is required')} /> @@ -223,11 +224,3 @@ const requireValidBotName = (value: string) => () => { return { valid: true }; }; - -const requireValidSSHUser = (value: string) => () => { - if (!value || !value.trim()) { - return { valid: false, message: 'SSH user is required' }; - } - - return { valid: true }; -};