Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Split auth client and auth server code #41445

Closed
wants to merge 1 commit into from
Closed

Split auth client and auth server code #41445

wants to merge 1 commit into from

Conversation

rosstimothy
Copy link
Contributor

Moves client facing code into lib/auth/authclient from lib/auth so that client binaries can depend on less junk. While this doesn't eliminate lib/auth from tctl, tbot, and tsh yet it does reduce the import paths down to as few as one in tbot and tctl.

Dependency tree from master:

$ goda tree "reach(github.com/gravitational/teleport/tool/tbot...:all, github.com/gravitational/teleport/lib/auth)"
  ├ github.com/gravitational/teleport/tool/tbot
    ├ github.com/gravitational/teleport/lib/tbot
      ├ github.com/gravitational/teleport/lib/auth
      ├ github.com/gravitational/teleport/lib/auth/authclient
        ├ github.com/gravitational/teleport/lib/auth ~
        └ github.com/gravitational/teleport/lib/reversetunnelclient
          ├ github.com/gravitational/teleport/lib/auth ~
          └ github.com/gravitational/teleport/lib/proxy/peer
            └ github.com/gravitational/teleport/lib/auth ~
      ├ github.com/gravitational/teleport/lib/client
        ├ github.com/gravitational/teleport/lib/auth ~
        └ github.com/gravitational/teleport/lib/srv/alpnproxy
          └ github.com/gravitational/teleport/lib/auth ~
      ├ github.com/gravitational/teleport/lib/client/identityfile
        ├ github.com/gravitational/teleport/lib/client ~
        └ github.com/gravitational/teleport/lib/kube/kubeconfig
          └ github.com/gravitational/teleport/lib/client ~
      ├ github.com/gravitational/teleport/lib/reversetunnelclient ~
      ├ github.com/gravitational/teleport/lib/srv/alpnproxy ~
      ├ github.com/gravitational/teleport/lib/tbot/config
        ├ github.com/gravitational/teleport/lib/auth ~
        ├ github.com/gravitational/teleport/lib/client ~
        ├ github.com/gravitational/teleport/lib/client/identityfile ~
        └ github.com/gravitational/teleport/lib/kube/kubeconfig ~
      └ github.com/gravitational/teleport/lib/tbot/tshwrap
        ├ github.com/gravitational/teleport/lib/client ~
        └ github.com/gravitational/teleport/lib/tbot/config ~
    ├ github.com/gravitational/teleport/lib/tbot/config ~
    └ github.com/gravitational/teleport/lib/tbot/tshwrap ~

$ goda tree "reach(github.com/gravitational/teleport/tool/tctl...:all, github.com/gravitational/teleport/lib/auth)"
  ├ github.com/gravitational/teleport/tool/tctl
    └ github.com/gravitational/teleport/tool/tctl/common
      ├ github.com/gravitational/teleport/lib/auth
      ├ github.com/gravitational/teleport/lib/auth/authclient
        ├ github.com/gravitational/teleport/lib/auth ~
        └ github.com/gravitational/teleport/lib/reversetunnelclient
          ├ github.com/gravitational/teleport/lib/auth ~
          └ github.com/gravitational/teleport/lib/proxy/peer
            └ github.com/gravitational/teleport/lib/auth ~
      ├ github.com/gravitational/teleport/lib/auth/windows
        └ github.com/gravitational/teleport/lib/auth ~
      ├ github.com/gravitational/teleport/lib/client
        ├ github.com/gravitational/teleport/lib/auth ~
        └ github.com/gravitational/teleport/lib/srv/alpnproxy
          └ github.com/gravitational/teleport/lib/auth ~
      ├ github.com/gravitational/teleport/lib/client/db
        ├ github.com/gravitational/teleport/lib/auth ~
        ├ github.com/gravitational/teleport/lib/client ~
        └ github.com/gravitational/teleport/lib/client/identityfile
          ├ github.com/gravitational/teleport/lib/client ~
          └ github.com/gravitational/teleport/lib/kube/kubeconfig
            └ github.com/gravitational/teleport/lib/client ~
      ├ github.com/gravitational/teleport/lib/client/identityfile ~
      ├ github.com/gravitational/teleport/lib/config
        ├ github.com/gravitational/teleport/lib/client ~
        ├ github.com/gravitational/teleport/lib/pam
          └ github.com/gravitational/teleport/lib/service/servicecfg
            └ github.com/gravitational/teleport/lib/auth ~
        └ github.com/gravitational/teleport/lib/service/servicecfg ~
      ├ github.com/gravitational/teleport/lib/reversetunnelclient ~
      ├ github.com/gravitational/teleport/lib/service/servicecfg ~
      ├ github.com/gravitational/teleport/tool/tctl/common/accessmonitoring
        ├ github.com/gravitational/teleport/lib/auth ~
        └ github.com/gravitational/teleport/lib/service/servicecfg ~
      ├ github.com/gravitational/teleport/tool/tctl/common/loginrule
        ├ github.com/gravitational/teleport/lib/auth ~
        └ github.com/gravitational/teleport/lib/service/servicecfg ~
      ├ github.com/gravitational/teleport/tool/tctl/sso/configure
        ├ github.com/gravitational/teleport/lib/auth ~
        ├ github.com/gravitational/teleport/lib/service/servicecfg ~
        └ github.com/gravitational/teleport/tool/tctl/sso/tester
          ├ github.com/gravitational/teleport/lib/auth ~
          ├ github.com/gravitational/teleport/lib/client ~
          └ github.com/gravitational/teleport/lib/service/servicecfg ~
      └ github.com/gravitational/teleport/tool/tctl/sso/tester ~


$ goda tree "reach(github.com/gravitational/teleport/tool/tsh...:all, github.com/gravitational/teleport/lib/auth)"
  ├ github.com/gravitational/teleport/tool/tsh
    └ github.com/gravitational/teleport/tool/tsh/common
      ├ github.com/gravitational/teleport/lib/auth
      ├ github.com/gravitational/teleport/lib/benchmark
        ├ github.com/gravitational/teleport/lib/client
          ├ github.com/gravitational/teleport/lib/auth ~
          └ github.com/gravitational/teleport/lib/srv/alpnproxy
            └ github.com/gravitational/teleport/lib/auth ~
        └ github.com/gravitational/teleport/lib/web
          ├ github.com/gravitational/teleport/lib/auth ~
          ├ github.com/gravitational/teleport/lib/client ~
          ├ github.com/gravitational/teleport/lib/client/conntest
            ├ github.com/gravitational/teleport/lib/auth ~
            └ github.com/gravitational/teleport/lib/client ~
          ├ github.com/gravitational/teleport/lib/client/db
            ├ github.com/gravitational/teleport/lib/auth ~
            ├ github.com/gravitational/teleport/lib/client ~
            └ github.com/gravitational/teleport/lib/client/identityfile
              ├ github.com/gravitational/teleport/lib/client ~
              └ github.com/gravitational/teleport/lib/kube/kubeconfig
                └ github.com/gravitational/teleport/lib/client ~
          ├ github.com/gravitational/teleport/lib/client/identityfile ~
          ├ github.com/gravitational/teleport/lib/integrations/awsoidc/deployserviceconfig
            └ github.com/gravitational/teleport/lib/config
              ├ github.com/gravitational/teleport/lib/client ~
              ├ github.com/gravitational/teleport/lib/pam
                └ github.com/gravitational/teleport/lib/service/servicecfg
                  └ github.com/gravitational/teleport/lib/auth ~
              └ github.com/gravitational/teleport/lib/service/servicecfg ~
          ├ github.com/gravitational/teleport/lib/proxy
            ├ github.com/gravitational/teleport/lib/auth ~
            └ github.com/gravitational/teleport/lib/reversetunnelclient
              ├ github.com/gravitational/teleport/lib/auth ~
              └ github.com/gravitational/teleport/lib/proxy/peer
                └ github.com/gravitational/teleport/lib/auth ~
          ├ github.com/gravitational/teleport/lib/reversetunnelclient ~
          ├ github.com/gravitational/teleport/lib/srv/desktop/tdp
            └ github.com/gravitational/teleport/lib/client ~
          ├ github.com/gravitational/teleport/lib/web/app
            ├ github.com/gravitational/teleport/lib/auth ~
            └ github.com/gravitational/teleport/lib/reversetunnelclient ~
          └ github.com/gravitational/teleport/lib/web/ui
            └ github.com/gravitational/teleport/lib/reversetunnelclient ~
      ├ github.com/gravitational/teleport/lib/benchmark/db
        ├ github.com/gravitational/teleport/lib/benchmark ~
        ├ github.com/gravitational/teleport/lib/client ~
        └ github.com/gravitational/teleport/lib/srv/alpnproxy ~
      ├ github.com/gravitational/teleport/lib/client ~
      ├ github.com/gravitational/teleport/lib/client/db ~
      ├ github.com/gravitational/teleport/lib/client/db/dbcmd
        ├ github.com/gravitational/teleport/lib/client ~
        └ github.com/gravitational/teleport/lib/client/db ~
      ├ github.com/gravitational/teleport/lib/client/db/oracle
        └ github.com/gravitational/teleport/lib/client ~
      ├ github.com/gravitational/teleport/lib/client/identityfile ~
      ├ github.com/gravitational/teleport/lib/client/kube
        └ github.com/gravitational/teleport/lib/client ~
      ├ github.com/gravitational/teleport/lib/kube/kubeconfig ~
      ├ github.com/gravitational/teleport/lib/srv/alpnproxy ~
      ├ github.com/gravitational/teleport/lib/srv/desktop/tdp ~
      └ github.com/gravitational/teleport/lib/teleterm
        ├ github.com/gravitational/teleport/lib/teleterm/apiserver
          ├ github.com/gravitational/teleport/lib/teleterm/apiserver/handler
            ├ github.com/gravitational/teleport/lib/client ~
            ├ github.com/gravitational/teleport/lib/teleterm/clusters
              ├ github.com/gravitational/teleport/lib/auth ~
              ├ github.com/gravitational/teleport/lib/client ~
              ├ github.com/gravitational/teleport/lib/client/db ~
              ├ github.com/gravitational/teleport/lib/client/db/dbcmd ~
              ├ github.com/gravitational/teleport/lib/client/kube ~
              ├ github.com/gravitational/teleport/lib/kube/kubeconfig ~
              └ github.com/gravitational/teleport/lib/teleterm/gateway
                ├ github.com/gravitational/teleport/lib/client ~
                ├ github.com/gravitational/teleport/lib/kube/kubeconfig ~
                └ github.com/gravitational/teleport/lib/srv/alpnproxy ~
            ├ github.com/gravitational/teleport/lib/teleterm/cmd
              ├ github.com/gravitational/teleport/lib/client/db/dbcmd ~
              ├ github.com/gravitational/teleport/lib/teleterm/clusters ~
              └ github.com/gravitational/teleport/lib/teleterm/gateway ~
            ├ github.com/gravitational/teleport/lib/teleterm/daemon
              ├ github.com/gravitational/teleport/lib/auth ~
              ├ github.com/gravitational/teleport/lib/client ~
              ├ github.com/gravitational/teleport/lib/teleterm/clusters ~
              ├ github.com/gravitational/teleport/lib/teleterm/cmd ~
              ├ github.com/gravitational/teleport/lib/teleterm/gateway ~
              ├ github.com/gravitational/teleport/lib/teleterm/services/clientcache
                ├ github.com/gravitational/teleport/lib/client ~
                └ github.com/gravitational/teleport/lib/teleterm/clusters ~
              ├ github.com/gravitational/teleport/lib/teleterm/services/connectmycomputer
                ├ github.com/gravitational/teleport/lib/client ~
                └ github.com/gravitational/teleport/lib/teleterm/clusters ~
              └ github.com/gravitational/teleport/lib/teleterm/services/unifiedresources
                └ github.com/gravitational/teleport/lib/teleterm/clusters ~
            └ github.com/gravitational/teleport/lib/teleterm/gateway ~
          └ github.com/gravitational/teleport/lib/teleterm/daemon ~
        ├ github.com/gravitational/teleport/lib/teleterm/clusters ~
        └ github.com/gravitational/teleport/lib/teleterm/daemon ~

Dependency tree from tross/tbot_auth

$ goda tree "reach(github.com/gravitational/teleport/tool/tbot...:all, github.com/gravitational/teleport/lib/auth)"
  ├ github.com/gravitational/teleport/tool/tbot
    └ github.com/gravitational/teleport/lib/tbot
      └ github.com/gravitational/teleport/lib/auth

$ goda tree "reach(github.com/gravitational/teleport/tool/tctl...:all, github.com/gravitational/teleport/lib/auth)"
  ├ github.com/gravitational/teleport/tool/tctl
    └ github.com/gravitational/teleport/tool/tctl/common
      └ github.com/gravitational/teleport/lib/auth

$ goda tree "reach(github.com/gravitational/teleport/tool/tsh...:all, github.com/gravitational/teleport/lib/auth)"
  ├ github.com/gravitational/teleport/tool/tsh
    └ github.com/gravitational/teleport/tool/tsh/common
      ├ github.com/gravitational/teleport/lib/auth
      ├ github.com/gravitational/teleport/lib/benchmark
        └ github.com/gravitational/teleport/lib/web
          ├ github.com/gravitational/teleport/lib/auth ~
          ├ github.com/gravitational/teleport/lib/proxy
            └ github.com/gravitational/teleport/lib/auth ~
          └ github.com/gravitational/teleport/lib/web/app
            └ github.com/gravitational/teleport/lib/auth ~
      ├ github.com/gravitational/teleport/lib/benchmark/db
        └ github.com/gravitational/teleport/lib/benchmark ~
      └ github.com/gravitational/teleport/lib/teleterm
        ├ github.com/gravitational/teleport/lib/teleterm/apiserver
          ├ github.com/gravitational/teleport/lib/teleterm/apiserver/handler
            ├ github.com/gravitational/teleport/lib/teleterm/clusters
              └ github.com/gravitational/teleport/lib/auth ~
            ├ github.com/gravitational/teleport/lib/teleterm/cmd
              └ github.com/gravitational/teleport/lib/teleterm/clusters ~
            └ github.com/gravitational/teleport/lib/teleterm/daemon
              ├ github.com/gravitational/teleport/lib/auth ~
              ├ github.com/gravitational/teleport/lib/teleterm/clusters ~
              ├ github.com/gravitational/teleport/lib/teleterm/cmd ~
              ├ github.com/gravitational/teleport/lib/teleterm/services/clientcache
                └ github.com/gravitational/teleport/lib/teleterm/clusters ~
              ├ github.com/gravitational/teleport/lib/teleterm/services/connectmycomputer
                └ github.com/gravitational/teleport/lib/teleterm/clusters ~
              └ github.com/gravitational/teleport/lib/teleterm/services/unifiedresources
                └ github.com/gravitational/teleport/lib/teleterm/clusters ~
          └ github.com/gravitational/teleport/lib/teleterm/daemon ~
        ├ github.com/gravitational/teleport/lib/teleterm/clusters ~
        └ github.com/gravitational/teleport/lib/teleterm/daemon ~

@rosstimothy
Split auth client and auth server code
adab6f7 
Moves client facing code into lib/auth/authclient from lib/auth
so that client binaries can depend on less junk.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@rosstimothy