diff --git a/.github/workflows/golangci-lint.yaml b/.github/workflows/golangci-lint.yaml index e8653d7c..c0ba858c 100644 --- a/.github/workflows/golangci-lint.yaml +++ b/.github/workflows/golangci-lint.yaml @@ -46,6 +46,9 @@ jobs: - name: Check go.mod/go.sum to be consistent run: go mod tidy -v && git diff --exit-code + + - name: Check schemas to be consistent + run: make schemas && git diff --exit-code - name: golangci-lint uses: golangci/golangci-lint-action@v4 diff --git a/Makefile b/Makefile index 6efa1d05..2f156bc7 100644 --- a/Makefile +++ b/Makefile @@ -24,3 +24,6 @@ endif lint: golangci-lint run -v $(fixparam) +.PHONY: schemas +schemas: + $(MAKE) -C internal/jsonschema diff --git a/connection.go b/connection.go index 5d1360a9..e26b80c6 100644 --- a/connection.go +++ b/connection.go @@ -70,14 +70,18 @@ type sudofn func(string) string // output, err := h.ExecOutput("echo hello") // } type Connection struct { - WinRM *WinRM `yaml:"winRM,omitempty"` - SSH *SSH `yaml:"ssh,omitempty"` - Localhost *Localhost `yaml:"localhost,omitempty"` - OpenSSH *OpenSSH `yaml:"openSSH,omitempty"` - - OSVersion *OSVersion `yaml:"-"` - - client client `yaml:"-"` + // Connection configuration for WinRM targets + WinRM *WinRM `yaml:"winRM,omitempty" json:"winRM,omitempty"` + // Connection configuration for SSH targets + SSH *SSH `yaml:"ssh,omitempty" json:"ssh,omitempty"` + // Connection configuration for localhost + Localhost *Localhost `yaml:"localhost,omitempty" json:"localhost,omitempty"` + // Connection configuration for SSH targets over OpenSSH client integration" + OpenSSH *OpenSSH `yaml:"openSSH,omitempty" json:"openSSH,omitempty"` + + OSVersion *OSVersion `yaml:"-" json:"-"` + + client client sudofunc sudofn fsys rigfs.Fsys sudofsys rigfs.Fsys diff --git a/internal/jsonschema/Makefile b/internal/jsonschema/Makefile new file mode 100644 index 00000000..7bba96ba --- /dev/null +++ b/internal/jsonschema/Makefile @@ -0,0 +1,28 @@ +SCHEMA_TOOL := go run . +SCHEMA_TYPES := ssh openssh winrm localhost +TARGET := ../../schemas + +.PHONY: all json yaml clean deps + +all: json yaml + +json: $(SCHEMA_TYPES:%=$(TARGET)/%.json) + +yaml: $(SCHEMA_TYPES:%=$(TARGET)/%.yaml) + +deps: + go mod tidy + +$(TARGET): deps + @mkdir -p $(TARGET) + +$(TARGET)/%.json: $(TARGET) ../../%.go + $(SCHEMA_TOOL) -type=$(basename $(notdir $(basename $@))) > $@ + +$(TARGET)/%.yaml: $(TARGET) ../../%.go + $(SCHEMA_TOOL) -yaml -type=$(basename $(notdir $(basename $@))) > $@ + +clean: + @for t in $(SCHEMA_TYPES); do \ + rm -f $(TARGET)/$$t.json $(TARGET)/$$t.yaml; \ + done diff --git a/internal/jsonschema/gen_schema.go b/internal/jsonschema/gen_schema.go new file mode 100644 index 00000000..eea8ef70 --- /dev/null +++ b/internal/jsonschema/gen_schema.go @@ -0,0 +1,71 @@ +package main + +import ( + "bytes" + "encoding/json" + "flag" + "fmt" + "os" + + "github.com/invopop/jsonschema" + "gopkg.in/yaml.v3" + + "github.com/k0sproject/rig" +) + +func main() { + var name string + var useYAML bool + + flag.StringVar(&name, "type", "", "Type to generate schema for (ssh, openssh, winrm, localhost)") + flag.BoolVar(&useYAML, "yaml", false, "Output YAML instead of JSON") + flag.Parse() + + var schema *jsonschema.Schema + reflector := jsonschema.Reflector{ + AllowAdditionalProperties: false, + } + + switch name { + case "ssh": + schema = reflector.Reflect(new(rig.SSH)) + case "openssh": + schema = reflector.Reflect(new(rig.OpenSSH)) + case "winrm": + schema = reflector.Reflect(new(rig.WinRM)) + case "localhost": + schema = reflector.Reflect(new(rig.Localhost)) + default: + fmt.Fprintf(os.Stderr, "unknown type: %q\n", name) + os.Exit(1) + } + + if useYAML { + var buf bytes.Buffer + if err := json.NewEncoder(&buf).Encode(schema); err != nil { + fmt.Fprintf(os.Stderr, "failed to encode JSON: %v\n", err) + os.Exit(1) + } + + var raw any + if err := json.Unmarshal(buf.Bytes(), &raw); err != nil { + fmt.Fprintf(os.Stderr, "failed to unmarshal JSON: %v\n", err) + os.Exit(1) + } + + enc := yaml.NewEncoder(os.Stdout) + enc.SetIndent(2) + if err := enc.Encode(raw); err != nil { + fmt.Fprintf(os.Stderr, "failed to encode YAML: %v\n", err) + os.Exit(1) + } + return + } + + enc := json.NewEncoder(os.Stdout) + enc.SetIndent("", " ") + if err := enc.Encode(schema); err != nil { + fmt.Fprintf(os.Stderr, "failed to encode schema: %v\n", err) + os.Exit(1) + } +} diff --git a/internal/jsonschema/go.mod b/internal/jsonschema/go.mod new file mode 100644 index 00000000..0cb60c4f --- /dev/null +++ b/internal/jsonschema/go.mod @@ -0,0 +1,48 @@ +module github.com/k0sproject/rig/internal/jsonschema + +go 1.24.2 + +require ( + github.com/invopop/jsonschema v0.13.0 + github.com/k0sproject/rig v0.21.0 + gopkg.in/yaml.v3 v3.0.1 +) + +replace github.com/k0sproject/rig => ../../ + +require ( + al.essio.dev/pkg/shellescape v1.6.0 // indirect + github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358 // indirect + github.com/ChrisTrenkamp/goxpath v0.0.0-20210404020558-97928f7e12b6 // indirect + github.com/Microsoft/go-winio v0.6.2 // indirect + github.com/acarl005/stripansi v0.0.0-20180116102854-5a71ef0e047d // indirect + github.com/bahlo/generic-list-go v0.2.0 // indirect + github.com/bodgit/ntlmssp v0.0.0-20240506230425-31973bb52d9b // indirect + github.com/bodgit/windows v1.0.1 // indirect + github.com/buger/jsonparser v1.1.1 // indirect + github.com/creasty/defaults v1.8.0 // indirect + github.com/davidmz/go-pageant v1.0.2 // indirect + github.com/go-logr/logr v1.4.2 // indirect + github.com/gofrs/uuid v4.4.0+incompatible // indirect + github.com/hashicorp/go-cleanhttp v0.5.2 // indirect + github.com/hashicorp/go-uuid v1.0.3 // indirect + github.com/jcmturner/aescts/v2 v2.0.0 // indirect + github.com/jcmturner/dnsutils/v2 v2.0.0 // indirect + github.com/jcmturner/gofork v1.7.6 // indirect + github.com/jcmturner/goidentity/v6 v6.0.1 // indirect + github.com/jcmturner/gokrb5/v8 v8.4.4 // indirect + github.com/jcmturner/rpc/v2 v2.0.3 // indirect + github.com/kevinburke/ssh_config v1.2.0 // indirect + github.com/mailru/easyjson v0.7.7 // indirect + github.com/masterzen/simplexml v0.0.0-20190410153822-31eea3082786 // indirect + github.com/masterzen/winrm v0.0.0-20240702205601-3fad6e106085 // indirect + github.com/mattn/go-shellwords v1.0.12 // indirect + github.com/mitchellh/go-homedir v1.1.0 // indirect + github.com/tidwall/transform v0.0.0-20201103190739-32f242e2dbde // indirect + github.com/wk8/go-ordered-map/v2 v2.1.8 // indirect + golang.org/x/crypto v0.38.0 // indirect + golang.org/x/net v0.40.0 // indirect + golang.org/x/sys v0.33.0 // indirect + golang.org/x/term v0.32.0 // indirect + golang.org/x/text v0.25.0 // indirect +) diff --git a/internal/jsonschema/go.sum b/internal/jsonschema/go.sum new file mode 100644 index 00000000..91eef752 --- /dev/null +++ b/internal/jsonschema/go.sum @@ -0,0 +1,136 @@ +al.essio.dev/pkg/shellescape v1.6.0 h1:NxFcEqzFSEVCGN2yq7Huv/9hyCEGVa/TncnOOBBeXHA= +al.essio.dev/pkg/shellescape v1.6.0/go.mod h1:6sIqp7X2P6mThCQ7twERpZTuigpr6KbZWtls1U8I890= +github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358 h1:mFRzDkZVAjdal+s7s0MwaRv9igoPqLRdzOLzw/8Xvq8= +github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358/go.mod h1:chxPXzSsl7ZWRAuOIE23GDNzjWuZquvFlgA8xmpunjU= +github.com/ChrisTrenkamp/goxpath v0.0.0-20210404020558-97928f7e12b6 h1:w0E0fgc1YafGEh5cROhlROMWXiNoZqApk2PDN0M1+Ns= +github.com/ChrisTrenkamp/goxpath v0.0.0-20210404020558-97928f7e12b6/go.mod h1:nuWgzSkT5PnyOd+272uUmV0dnAnAn42Mk7PiQC5VzN4= +github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= +github.com/Microsoft/go-winio v0.6.2/go.mod h1:yd8OoFMLzJbo9gZq8j5qaps8bJ9aShtEA8Ipt1oGCvU= +github.com/acarl005/stripansi v0.0.0-20180116102854-5a71ef0e047d h1:licZJFw2RwpHMqeKTCYkitsPqHNxTmd4SNR5r94FGM8= +github.com/acarl005/stripansi v0.0.0-20180116102854-5a71ef0e047d/go.mod h1:asat636LX7Bqt5lYEZ27JNDcqxfjdBQuJ/MM4CN/Lzo= +github.com/bahlo/generic-list-go v0.2.0 h1:5sz/EEAK+ls5wF+NeqDpk5+iNdMDXrh3z3nPnH1Wvgk= +github.com/bahlo/generic-list-go v0.2.0/go.mod h1:2KvAjgMlE5NNynlg/5iLrrCCZ2+5xWbdbCW3pNTGyYg= +github.com/bodgit/ntlmssp v0.0.0-20240506230425-31973bb52d9b h1:baFN6AnR0SeC194X2D292IUZcHDs4JjStpqtE70fjXE= +github.com/bodgit/ntlmssp v0.0.0-20240506230425-31973bb52d9b/go.mod h1:Ram6ngyPDmP+0t6+4T2rymv0w0BS9N8Ch5vvUJccw5o= +github.com/bodgit/windows v1.0.1 h1:tF7K6KOluPYygXa3Z2594zxlkbKPAOvqr97etrGNIz4= +github.com/bodgit/windows v1.0.1/go.mod h1:a6JLwrB4KrTR5hBpp8FI9/9W9jJfeQ2h4XDXU74ZCdM= +github.com/buger/jsonparser v1.1.1 h1:2PnMjfWD7wBILjqQbt530v576A/cAbQvEW9gGIpYMUs= +github.com/buger/jsonparser v1.1.1/go.mod h1:6RYKKt7H4d4+iWqouImQ9R2FZql3VbhNgx27UK13J/0= +github.com/creasty/defaults v1.8.0 h1:z27FJxCAa0JKt3utc0sCImAEb+spPucmKoOdLHvHYKk= +github.com/creasty/defaults v1.8.0/go.mod h1:iGzKe6pbEHnpMPtfDXZEr0NVxWnPTjb1bbDy08fPzYM= +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davidmz/go-pageant v1.0.2 h1:bPblRCh5jGU+Uptpz6LgMZGD5hJoOt7otgT454WvHn0= +github.com/davidmz/go-pageant v1.0.2/go.mod h1:P2EDDnMqIwG5Rrp05dTRITj9z2zpGcD9efWSkTNKLIE= +github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY= +github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= +github.com/gofrs/uuid v4.4.0+incompatible h1:3qXRTX8/NbyulANqlc0lchS1gqAVxRgsuW1YrTJupqA= +github.com/gofrs/uuid v4.4.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM= +github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= +github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 h1:El6M4kTTCOh6aBiKaUGG7oYTSPP8MxqL4YI3kZKwcP4= +github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510/go.mod h1:pupxD2MaaD3pAXIBCelhxNneeOaAeabZDe5s4K6zSpQ= +github.com/gorilla/securecookie v1.1.1 h1:miw7JPhV+b/lAHSXz4qd/nN9jRiAFV5FwjeKyCS8BvQ= +github.com/gorilla/securecookie v1.1.1/go.mod h1:ra0sb63/xPlUeL+yeDciTfxMRAA+MP+HVt/4epWDjd4= +github.com/gorilla/sessions v1.2.1 h1:DHd3rPN5lE3Ts3D8rKkQ8x/0kqfeNmBAaiSi+o7FsgI= +github.com/gorilla/sessions v1.2.1/go.mod h1:dk2InVEVJ0sfLlnXv9EAgkf6ecYs/i80K/zI+bUmuGM= +github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ= +github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48= +github.com/hashicorp/go-uuid v1.0.2/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= +github.com/hashicorp/go-uuid v1.0.3 h1:2gKiV6YVmrJ1i2CKKa9obLvRieoRGviZFL26PcT/Co8= +github.com/hashicorp/go-uuid v1.0.3/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= +github.com/invopop/jsonschema v0.13.0 h1:KvpoAJWEjR3uD9Kbm2HWJmqsEaHt8lBUpd0qHcIi21E= +github.com/invopop/jsonschema v0.13.0/go.mod h1:ffZ5Km5SWWRAIN6wbDXItl95euhFz2uON45H2qjYt+0= +github.com/jcmturner/aescts/v2 v2.0.0 h1:9YKLH6ey7H4eDBXW8khjYslgyqG2xZikXP0EQFKrle8= +github.com/jcmturner/aescts/v2 v2.0.0/go.mod h1:AiaICIRyfYg35RUkr8yESTqvSy7csK90qZ5xfvvsoNs= +github.com/jcmturner/dnsutils/v2 v2.0.0 h1:lltnkeZGL0wILNvrNiVCR6Ro5PGU/SeBvVO/8c/iPbo= +github.com/jcmturner/dnsutils/v2 v2.0.0/go.mod h1:b0TnjGOvI/n42bZa+hmXL+kFJZsFT7G4t3HTlQ184QM= +github.com/jcmturner/gofork v1.7.6 h1:QH0l3hzAU1tfT3rZCnW5zXl+orbkNMMRGJfdJjHVETg= +github.com/jcmturner/gofork v1.7.6/go.mod h1:1622LH6i/EZqLloHfE7IeZ0uEJwMSUyQ/nDd82IeqRo= +github.com/jcmturner/goidentity/v6 v6.0.1 h1:VKnZd2oEIMorCTsFBnJWbExfNN7yZr3EhJAxwOkZg6o= +github.com/jcmturner/goidentity/v6 v6.0.1/go.mod h1:X1YW3bgtvwAXju7V3LCIMpY0Gbxyjn/mY9zx4tFonSg= +github.com/jcmturner/gokrb5/v8 v8.4.4 h1:x1Sv4HaTpepFkXbt2IkL29DXRf8sOfZXo8eRKh687T8= +github.com/jcmturner/gokrb5/v8 v8.4.4/go.mod h1:1btQEpgT6k+unzCwX1KdWMEwPPkkgBtP+F6aCACiMrs= +github.com/jcmturner/rpc/v2 v2.0.3 h1:7FXXj8Ti1IaVFpSAziCZWNzbNuZmnvw/i6CqLNdWfZY= +github.com/jcmturner/rpc/v2 v2.0.3/go.mod h1:VUJYCIDm3PVOEHw8sgt091/20OJjskO/YJki3ELg/Hc= +github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= +github.com/kevinburke/ssh_config v1.2.0 h1:x584FjTGwHzMwvHx18PXxbBVzfnxogHaAReU4gf13a4= +github.com/kevinburke/ssh_config v1.2.0/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM= +github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI= +github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= +github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= +github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= +github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= +github.com/masterzen/simplexml v0.0.0-20190410153822-31eea3082786 h1:2ZKn+w/BJeL43sCxI2jhPLRv73oVVOjEKZjKkflyqxg= +github.com/masterzen/simplexml v0.0.0-20190410153822-31eea3082786/go.mod h1:kCEbxUJlNDEBNbdQMkPSp6yaKcRXVI6f4ddk8Riv4bc= +github.com/masterzen/winrm v0.0.0-20240702205601-3fad6e106085 h1:PiQLLKX4vMYlJImDzJYtQScF2BbQ0GAjPIHCDqzHHHs= +github.com/masterzen/winrm v0.0.0-20240702205601-3fad6e106085/go.mod h1:JajVhkiG2bYSNYYPYuWG7WZHr42CTjMTcCjfInRNCqc= +github.com/mattn/go-shellwords v1.0.12 h1:M2zGm7EW6UQJvDeQxo4T51eKPurbeFbe8WtebGE2xrk= +github.com/mattn/go-shellwords v1.0.12/go.mod h1:EZzvwXDESEeg03EKmM+RmDnNOPKG4lLtQsUlTZDWQ8Y= +github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= +github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= +github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= +github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= +github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= +github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= +github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= +github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= +github.com/tidwall/transform v0.0.0-20201103190739-32f242e2dbde h1:AMNpJRc7P+GTwVbl8DkK2I9I8BBUzNiHuH/tlxrpan0= +github.com/tidwall/transform v0.0.0-20201103190739-32f242e2dbde/go.mod h1:MvrEmduDUz4ST5pGZ7CABCnOU5f3ZiOAZzT6b1A6nX8= +github.com/wk8/go-ordered-map/v2 v2.1.8 h1:5h/BUHu93oj4gIdvHHHGsScSTMijfx5PeYkE/fJgbpc= +github.com/wk8/go-ordered-map/v2 v2.1.8/go.mod h1:5nJHM5DyteebpVlHnWMV0rPz6Zp7+xBAnxjb1X5vnTw= +github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= +golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a/go.mod h1:P+XmwS30IXTQdn5tA2iutPOUgjI07+tq3H3K9MVA1s8= +golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= +golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58= +golang.org/x/crypto v0.38.0 h1:jt+WWG8IZlBnVbomuhg2Mdq0+BBQaHbtqHEFEigjUV8= +golang.org/x/crypto v0.38.0/go.mod h1:MvrbAqul58NNYPKnOra203SB9vpuZW0e+RRZV+Ggqjw= +golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= +golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= +golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= +golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= +golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= +golang.org/x/net v0.40.0 h1:79Xs7wF06Gbdcg4kdCCIQArK11Z1hr5POQ6+fIYHNuY= +golang.org/x/net v0.40.0/go.mod h1:y0hY0exeL2Pku80/zKK7tpntoX23cqL3Oa6njdgRtds= +golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.33.0 h1:q3i8TbbEz+JRD9ywIRlyRAQbM0qF7hu24q3teo2hbuw= +golang.org/x/sys v0.33.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= +golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= +golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= +golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= +golang.org/x/term v0.32.0 h1:DR4lr0TjUs3epypdhTOkMmuF5CDFJ/8pOnbzMZPQ7bg= +golang.org/x/term v0.32.0/go.mod h1:uZG1FhGx848Sqfsq4/DlJr3xGGsYMu/L5GW4abiaEPQ= +golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= +golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= +golang.org/x/text v0.25.0 h1:qVyWApTSYLk/drJRO5mDlNYskwQznZmkpV2c8q9zls4= +golang.org/x/text v0.25.0/go.mod h1:WEdwpYrmk1qmdHvhkSTNPm3app7v4rsT8F2UD6+VHIA= +golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= +golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY= +gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= +gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= diff --git a/localhost.go b/localhost.go index ea4965df..e6ad5ff8 100644 --- a/localhost.go +++ b/localhost.go @@ -18,7 +18,8 @@ const name = "[local] localhost" // Localhost is a direct localhost connection type Localhost struct { - Enabled bool `yaml:"enabled" validate:"required,eq=true" default:"true"` + // Enabled must be true for the connection to be valid + Enabled bool `yaml:"enabled" json:"enabled" validate:"required,eq=true" default:"true" jsonschema:"const=true,description=Enabled must be true for the connection to be valid"` } // Protocol returns the protocol name, "Local" diff --git a/openssh.go b/openssh.go index 17764bf4..13a76d47 100644 --- a/openssh.go +++ b/openssh.go @@ -21,13 +21,26 @@ var ErrControlPathNotSet = errors.New("controlpath not set") // OpenSSH is a rig.Connection implementation that uses the system openssh client "ssh" to connect to remote hosts. // The connection is multiplexec over a control master, so that subsequent connections don't need to re-authenticate. type OpenSSH struct { - Address string `yaml:"address" validate:"required"` - User *string `yaml:"user"` - Port *int `yaml:"port"` - KeyPath *string `yaml:"keyPath,omitempty"` - ConfigPath *string `yaml:"configPath,omitempty"` - Options OpenSSHOptions `yaml:"options,omitempty"` - DisableMultiplexing bool `yaml:"disableMultiplexing,omitempty"` + // Address of the remote host + Address string `yaml:"address" json:"address" validate:"required" jsonschema:"required,format=hostname,description=Address of the remote host"` + + // Optional SSH user + User *string `yaml:"user,omitempty" json:"user,omitempty" jsonschema:"description=Optional SSH user"` + + // Optional SSH port + Port *int `yaml:"port,omitempty" json:"port,omitempty" jsonschema:"minimum=1,maximum=65535,description=Optional SSH port"` + + // Path to SSH private key + KeyPath *string `yaml:"keyPath,omitempty" json:"keyPath,omitempty" jsonschema:"description=Path to SSH private key"` + + // Path to SSH config file + ConfigPath *string `yaml:"configPath,omitempty" json:"configPath,omitempty" jsonschema:"description=Path to SSH config file"` + + // Additional SSH options as key-value pairs, such as StrictHostKeyChecking: false + Options OpenSSHOptions `yaml:"options,omitempty" json:"options,omitempty" jsonschema:"description=Additional SSH options as key-value pairs, such as StrictHostKeyChecking: false"` + + // Disable SSH connection multiplexing + DisableMultiplexing bool `yaml:"disableMultiplexing,omitempty" json:"disableMultiplexing,omitempty" jsonschema:"default=false,description=Disable SSH connection multiplexing"` isConnected bool controlMutex sync.Mutex diff --git a/schemas/localhost.json b/schemas/localhost.json new file mode 100644 index 00000000..9f5fc8a8 --- /dev/null +++ b/schemas/localhost.json @@ -0,0 +1,20 @@ +{ + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "https://github.com/k0sproject/rig/localhost", + "$ref": "#/$defs/Localhost", + "$defs": { + "Localhost": { + "properties": { + "enabled": { + "type": "boolean", + "description": "Enabled must be true for the connection to be valid" + } + }, + "additionalProperties": false, + "type": "object", + "required": [ + "enabled" + ] + } + } +} diff --git a/schemas/localhost.yaml b/schemas/localhost.yaml new file mode 100644 index 00000000..ec05b52c --- /dev/null +++ b/schemas/localhost.yaml @@ -0,0 +1,13 @@ +$defs: + Localhost: + additionalProperties: false + properties: + enabled: + description: Enabled must be true for the connection to be valid + type: boolean + required: + - enabled + type: object +$id: https://github.com/k0sproject/rig/localhost +$ref: '#/$defs/Localhost' +$schema: https://json-schema.org/draft/2020-12/schema diff --git a/schemas/openssh.json b/schemas/openssh.json new file mode 100644 index 00000000..6afbc303 --- /dev/null +++ b/schemas/openssh.json @@ -0,0 +1,51 @@ +{ + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "https://github.com/k0sproject/rig/open-ssh", + "$ref": "#/$defs/OpenSSH", + "$defs": { + "OpenSSH": { + "properties": { + "address": { + "type": "string", + "format": "hostname", + "description": "Address of the remote host" + }, + "user": { + "type": "string", + "description": "Optional SSH user" + }, + "port": { + "type": "integer", + "maximum": 65535, + "minimum": 1, + "description": "Optional SSH port" + }, + "keyPath": { + "type": "string", + "description": "Path to SSH private key" + }, + "configPath": { + "type": "string", + "description": "Path to SSH config file" + }, + "options": { + "$ref": "#/$defs/OpenSSHOptions", + "description": "Additional SSH options as key-value pairs" + }, + "disableMultiplexing": { + "type": "boolean", + "description": "Disable SSH connection multiplexing", + "default": false + } + }, + "additionalProperties": false, + "type": "object", + "required": [ + "address" + ] + }, + "OpenSSHOptions": { + "type": "object" + } + } +} diff --git a/schemas/openssh.yaml b/schemas/openssh.yaml new file mode 100644 index 00000000..ca42d7a3 --- /dev/null +++ b/schemas/openssh.yaml @@ -0,0 +1,37 @@ +$defs: + OpenSSH: + additionalProperties: false + properties: + address: + description: Address of the remote host + format: hostname + type: string + configPath: + description: Path to SSH config file + type: string + disableMultiplexing: + default: false + description: Disable SSH connection multiplexing + type: boolean + keyPath: + description: Path to SSH private key + type: string + options: + $ref: '#/$defs/OpenSSHOptions' + description: Additional SSH options as key-value pairs + port: + description: Optional SSH port + maximum: 65535 + minimum: 1 + type: integer + user: + description: Optional SSH user + type: string + required: + - address + type: object + OpenSSHOptions: + type: object +$id: https://github.com/k0sproject/rig/open-ssh +$ref: '#/$defs/OpenSSH' +$schema: https://json-schema.org/draft/2020-12/schema diff --git a/schemas/ssh.json b/schemas/ssh.json new file mode 100644 index 00000000..ff3d32e3 --- /dev/null +++ b/schemas/ssh.json @@ -0,0 +1,47 @@ +{ + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "https://github.com/k0sproject/rig/ssh", + "$ref": "#/$defs/SSH", + "$defs": { + "SSH": { + "properties": { + "address": { + "type": "string", + "format": "hostname", + "description": "Address of the remote host (IP or hostname)" + }, + "user": { + "type": "string", + "description": "User to log in as", + "default": "root" + }, + "port": { + "type": "integer", + "maximum": 65535, + "minimum": 1, + "description": "SSH port", + "default": 22 + }, + "keyPath": { + "type": "string", + "description": "Optional path to private key" + }, + "hostKey": { + "type": "string", + "description": "Optional known host key fingerprint" + }, + "bastion": { + "$ref": "#/$defs/SSH", + "description": "Optional bastion host" + } + }, + "additionalProperties": false, + "type": "object", + "required": [ + "address", + "user", + "port" + ] + } + } +} diff --git a/schemas/ssh.yaml b/schemas/ssh.yaml new file mode 100644 index 00000000..94977a8e --- /dev/null +++ b/schemas/ssh.yaml @@ -0,0 +1,35 @@ +$defs: + SSH: + additionalProperties: false + properties: + address: + description: Address of the remote host (IP or hostname) + format: hostname + type: string + bastion: + $ref: '#/$defs/SSH' + description: Optional bastion host + hostKey: + description: Optional known host key fingerprint + type: string + keyPath: + description: Optional path to private key + type: string + port: + default: 22 + description: SSH port + maximum: 65535 + minimum: 1 + type: integer + user: + default: root + description: User to log in as + type: string + required: + - address + - user + - port + type: object +$id: https://github.com/k0sproject/rig/ssh +$ref: '#/$defs/SSH' +$schema: https://json-schema.org/draft/2020-12/schema diff --git a/schemas/winrm.json b/schemas/winrm.json new file mode 100644 index 00000000..72f22fc0 --- /dev/null +++ b/schemas/winrm.json @@ -0,0 +1,119 @@ +{ + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "https://github.com/k0sproject/rig/win-rm", + "$ref": "#/$defs/WinRM", + "$defs": { + "SSH": { + "properties": { + "address": { + "type": "string", + "format": "hostname", + "description": "Address of the remote host (IP or hostname)" + }, + "user": { + "type": "string", + "description": "User to log in as", + "default": "root" + }, + "port": { + "type": "integer", + "maximum": 65535, + "minimum": 1, + "description": "SSH port", + "default": 22 + }, + "keyPath": { + "type": "string", + "description": "Optional path to private key" + }, + "hostKey": { + "type": "string", + "description": "Optional known host key fingerprint" + }, + "bastion": { + "$ref": "#/$defs/SSH", + "description": "Optional bastion host" + } + }, + "additionalProperties": false, + "type": "object", + "required": [ + "address", + "user", + "port" + ] + }, + "WinRM": { + "properties": { + "address": { + "type": "string", + "format": "hostname", + "description": "Address of the remote host" + }, + "user": { + "type": "string", + "minLength": 3, + "description": "User to authenticate as", + "default": "Administrator" + }, + "port": { + "type": "integer", + "maximum": 65535, + "minimum": 1, + "description": "WinRM port", + "default": 5985 + }, + "password": { + "type": "string", + "description": "Password for WinRM authentication" + }, + "useHTTPS": { + "type": "boolean", + "description": "Use HTTPS for WinRM", + "default": false + }, + "insecure": { + "type": "boolean", + "description": "Accept invalid TLS certificates", + "default": false + }, + "useNTLM": { + "type": "boolean", + "description": "Use NTLM authentication", + "default": false + }, + "caCertPath": { + "type": "string", + "description": "Path to CA certificate" + }, + "certPath": { + "type": "string", + "description": "Path to client certificate" + }, + "keyPath": { + "type": "string", + "description": "Path to client key" + }, + "tlsServerName": { + "type": "string", + "format": "hostname", + "description": "TLS server name override" + }, + "bastion": { + "$ref": "#/$defs/SSH", + "description": "Optional SSH bastion" + } + }, + "additionalProperties": false, + "type": "object", + "required": [ + "address", + "user", + "port", + "useHTTPS", + "insecure", + "useNTLM" + ] + } + } +} diff --git a/schemas/winrm.yaml b/schemas/winrm.yaml new file mode 100644 index 00000000..d74a9708 --- /dev/null +++ b/schemas/winrm.yaml @@ -0,0 +1,92 @@ +$defs: + SSH: + additionalProperties: false + properties: + address: + description: Address of the remote host (IP or hostname) + format: hostname + type: string + bastion: + $ref: '#/$defs/SSH' + description: Optional bastion host + hostKey: + description: Optional known host key fingerprint + type: string + keyPath: + description: Optional path to private key + type: string + port: + default: 22 + description: SSH port + maximum: 65535 + minimum: 1 + type: integer + user: + default: root + description: User to log in as + type: string + required: + - address + - user + - port + type: object + WinRM: + additionalProperties: false + properties: + address: + description: Address of the remote host + format: hostname + type: string + bastion: + $ref: '#/$defs/SSH' + description: Optional SSH bastion + caCertPath: + description: Path to CA certificate + type: string + certPath: + description: Path to client certificate + type: string + insecure: + default: false + description: Accept invalid TLS certificates + type: boolean + keyPath: + description: Path to client key + type: string + password: + description: Password for WinRM authentication + type: string + port: + default: 5985 + description: WinRM port + maximum: 65535 + minimum: 1 + type: integer + tlsServerName: + description: TLS server name override + format: hostname + type: string + useHTTPS: + default: false + description: Use HTTPS for WinRM + type: boolean + useNTLM: + default: false + description: Use NTLM authentication + type: boolean + user: + default: Administrator + description: User to authenticate as + minLength: 3 + type: string + required: + - address + - user + - port + - useHTTPS + - insecure + - useNTLM + type: object +$id: https://github.com/k0sproject/rig/win-rm +$ref: '#/$defs/WinRM' +$schema: https://json-schema.org/draft/2020-12/schema diff --git a/ssh.go b/ssh.go index 281b98da..2d12440a 100644 --- a/ssh.go +++ b/ssh.go @@ -27,20 +27,32 @@ import ( // SSH describes an SSH connection type SSH struct { - Address string `yaml:"address" validate:"required,hostname_rfc1123|ip"` - User string `yaml:"user" validate:"required" default:"root"` - Port int `yaml:"port" default:"22" validate:"gt=0,lte=65535"` - KeyPath *string `yaml:"keyPath" validate:"omitempty"` - HostKey string `yaml:"hostKey,omitempty"` - Bastion *SSH `yaml:"bastion,omitempty"` - PasswordCallback PasswordCallback `yaml:"-"` + // Address of the remote host (IP or hostname) + Address string `yaml:"address" json:"address" validate:"required,hostname_rfc1123|ip" jsonschema:"required,format=hostname,description=Address of the remote host (IP or hostname)"` + + // User to log in as + User string `yaml:"user" json:"user" validate:"required" default:"root" jsonschema:"required,default=root,description=User to log in as"` + + // SSH port, usually 22 + Port int `yaml:"port" json:"port" validate:"gt=0,lte=65535" default:"22" jsonschema:"minimum=1,maximum=65535,default=22,description=SSH port, usually 22"` + + // Optional path to private key + KeyPath *string `yaml:"keyPath,omitempty" json:"keyPath,omitempty" validate:"omitempty" jsonschema:"description=Optional path to private key"` + + // Optional known host key fingerprint + HostKey string `yaml:"hostKey,omitempty" json:"hostKey,omitempty" jsonschema:"description=Optional known host key fingerprint"` + + // Optional bastion host + Bastion *SSH `yaml:"bastion,omitempty" json:"bastion,omitempty" jsonschema:"description=Optional bastion host"` + // Optional password callback function + PasswordCallback PasswordCallback `yaml:"-" json:"-"` // AuthMethods can be used to pass in a list of ssh.AuthMethod objects // for example to use a private key from memory: // ssh.PublicKeys(privateKey) // For convenience, you can use ParseSSHPrivateKey() to parse a private key: // authMethods, err := rig.ParseSSHPrivateKey(key, rig.DefaultPassphraseCallback) - AuthMethods []ssh.AuthMethod `yaml:"-"` + AuthMethods []ssh.AuthMethod `yaml:"-" json:"-"` alias string name string diff --git a/winrm.go b/winrm.go index e7eb3928..6d41ae59 100644 --- a/winrm.go +++ b/winrm.go @@ -18,18 +18,41 @@ import ( // WinRM describes a WinRM connection with its configuration options type WinRM struct { - Address string `yaml:"address" validate:"required,hostname_rfc1123|ip"` - User string `yaml:"user" validate:"omitempty,gt=2" default:"Administrator"` - Port int `yaml:"port" default:"5985" validate:"gt=0,lte=65535"` - Password string `yaml:"password,omitempty"` - UseHTTPS bool `yaml:"useHTTPS" default:"false"` - Insecure bool `yaml:"insecure" default:"false"` - UseNTLM bool `yaml:"useNTLM" default:"false"` - CACertPath string `yaml:"caCertPath,omitempty" validate:"omitempty,file"` - CertPath string `yaml:"certPath,omitempty" validate:"omitempty,file"` - KeyPath string `yaml:"keyPath,omitempty" validate:"omitempty,file"` - TLSServerName string `yaml:"tlsServerName,omitempty" validate:"omitempty,hostname_rfc1123|ip"` - Bastion *SSH `yaml:"bastion,omitempty"` + // Address of the remote host + Address string `yaml:"address" json:"address" validate:"required,hostname_rfc1123|ip" jsonschema:"required,format=hostname,description=Address of the remote host"` + + // User to authenticate as + User string `yaml:"user" json:"user" validate:"omitempty,gt=2" default:"Administrator" jsonschema:"minLength=3,default=Administrator,description=User to authenticate as"` + + // WinRM port + Port int `yaml:"port" json:"port" validate:"gt=0,lte=65535" default:"5985" jsonschema:"minimum=1,maximum=65535,default=5985,description=WinRM port"` + + // Password for WinRM authentication + Password string `yaml:"password,omitempty" json:"password,omitempty" jsonschema:"description=Password for WinRM authentication"` + + // Use HTTPS for WinRM + UseHTTPS bool `yaml:"useHTTPS" json:"useHTTPS" default:"false" jsonschema:"default=false,description=Use HTTPS for WinRM"` + + // Accept invalid TLS certificates + Insecure bool `yaml:"insecure" json:"insecure" default:"false" jsonschema:"default=false,description=Accept invalid TLS certificates"` + + // Use NTLM authentication + UseNTLM bool `yaml:"useNTLM" json:"useNTLM" default:"false" jsonschema:"default=false,description=Use NTLM authentication"` + + // Path to CA certificate + CACertPath string `yaml:"caCertPath,omitempty" json:"caCertPath,omitempty" validate:"omitempty,file" jsonschema:"description=Path to CA certificate"` + + // Path to client certificate + CertPath string `yaml:"certPath,omitempty" json:"certPath,omitempty" validate:"omitempty,file" jsonschema:"description=Path to client certificate"` + + // Path to client key + KeyPath string `yaml:"keyPath,omitempty" json:"keyPath,omitempty" validate:"omitempty,file" jsonschema:"description=Path to client key"` + + // TLS server name override + TLSServerName string `yaml:"tlsServerName,omitempty" json:"tlsServerName,omitempty" validate:"omitempty,hostname_rfc1123|ip" jsonschema:"format=hostname,description=TLS server name override"` + + // Optional SSH bastion + Bastion *SSH `yaml:"bastion,omitempty" json:"bastion,omitempty" jsonschema:"description=Optional SSH bastion"` name string