Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: Move module-based device trust check to the teleport binary #44105

Merged
merged 1 commit into from
Jul 12, 2024
Merged

fix: Move module-based device trust check to the teleport binary #44105

merged 1 commit into from
Jul 12, 2024

Conversation

codingllama
Copy link
Contributor

Move a module-based device mode check from ApplyFileConfig (which is used by both teleport and tctl) exclusively to the teleport binary.

Fixes an issue where an "OSS" tctl fails to load a file-based config because it can't clear the modules check.

#44089

Changelog: Fixes "device trust mode x requires Teleport Enterprise" errors on tctl.

@github-actions github-actions bot requested review from justinas and nklaassen July 11, 2024 21:10
codingllama
codingllama commented Jul 11, 2024
View reviewed changes
lib/config/configuration.go
@@ -427,6 +426,8 @@ func ReadResources(filePath string) ([]types.Resource, error) {

// ApplyFileConfig applies configuration from a YAML file to Teleport
// runtime config
//
// ApplyFileConfig is used by both teleport and tctl binaries.
func ApplyFileConfig(fc *FileConfig, cfg *servicecfg.Config) error {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

One could argue that tctl using ApplyFileConfig is the real problem, as the function is written mainly with teleport in mind (or at least that was my reading of it).

This is a harder problem to solve (if it's even a problem), so I've opted to move the modules-based check instead.

@codingllama
Copy link
Contributor Author

FYI @benarent.

@public-teleport-github-review-bot public-teleport-github-review-bot bot removed the request for review from nklaassen July 12, 2024 11:18
@codingllama codingllama added this pull request to the merge queue Jul 12, 2024
Merged via the queue into master with commit f06547a Jul 12, 2024
40 of 41 checks passed
@codingllama codingllama deleted the codingllama/dt-module-validation branch July 12, 2024 13:36
@public-teleport-github-review-bot
Copy link

@codingllama See the table below for backport results.

Branch Result
branch/v14 Failed
branch/v15 Create PR
branch/v16 Create PR

This was referenced Jul 12, 2024
Merged
Merged
codingllama added a commit that referenced this pull request Jul 12, 2024
@codingllama
fix: Move module-based device trust check to the teleport binary (#44105
6aedd97 
)
@codingllama codingllama mentioned this pull request Jul 12, 2024
Merged
github-merge-queue bot pushed a commit that referenced this pull request Jul 15, 2024
@codingllama
fix: Move module-based device trust check to the teleport binary (#44105
3f96efc 
) (#44136)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rosstimothy rosstimothy rosstimothy approved these changes

@justinas justinas justinas approved these changes

Assignees
No one assigned
Labels
backport/branch/v14 backport/branch/v15 backport/branch/v16 size/sm
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@codingllama @justinas @rosstimothy