Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

boundary connect's -host-id flag expects the hst_ prefix instead of the actual h_ one #1850

Closed
psypuff opened this issue Feb 10, 2022 · 1 comment · Fixed by #1853
Closed

boundary connect's -host-id flag expects the hst_ prefix instead of the actual h_ one #1850

psypuff opened this issue Feb 10, 2022 · 1 comment · Fixed by #1853
Assignees
@talanknight

Comments

@psypuff
Copy link

psypuff commented Feb 10, 2022
edited
Loading

Describe the bug
When using boundary connect with the -host-id flag in order to connect to a specific host using its h_ prefixed ID, it fails with the following error:

Error information:
  Kind:                InvalidArgument
  Message:             Errors in provided fields.
  Status:              400
  context:             Error from controller when performing authorize-session action against given target

  Field-specific Errors:
    Name:              -host-id
      Error:           Incorrectly formatted identifier.

Trying the same with the (former?) hst_ prefixed ID, it passes validation but fails with another error:

Error information:
  Kind:                FailedPrecondition
  Message:             No workers are available to handle this session, or all have been filtered.
  Status:              400
  context:             Error from controller when performing authorize-session action against given target

Omitting the -host-id flag makes boundary connect work as expected.

To Reproduce
Steps to reproduce the behavior:

  1. Create whatever resources it takes to have a SSHable host in Boundary
  2. Fetch the host ID using boundary host-sets read -id hs_<host_set_id>
  3. Run boundary connect ssh -target-id ttcp_<target_id> -host-id h_<host_id>
  4. See error

Expected behavior
boundary connect ssh -target-id ttcp_<target_id> -host-id h_<host_id> should connect to the specified host

Additional context
Boundary version - 0.7.4
Connecting through Boundary Desktop (1.4.1) fails as well with a less verbose error:

Errors in provided fields.

Would you like to retry?
justenwalker added a commit to justenwalker/boundary that referenced this issue Feb 10, 2022
@justenwalker
fix(controller/targets): authorize-session should allow h_ ids
bc57ef1 
The targets controller previously only allowed hosts from a static catalog
since it checked for the ID subtype from the static package.

This change validates host ids with the plugin.Subtype as well

Fixes: hashicorp#1850
@justenwalker justenwalker mentioned this issue Feb 10, 2022
Merged
@talanknight talanknight self-assigned this Feb 10, 2022
@psypuff
Copy link
Author

psypuff commented Feb 10, 2022

Thanks for the quick response here.
Please ignore the other error, we had actual issues with the worker.

talanknight pushed a commit that referenced this issue Feb 10, 2022
@justenwalker
fix(controller/targets): authorize-session should allow h_ ids (#1853)
bd30ff4 
* fix(controller/targets): authorize-session should allow h_ ids

The targets controller previously only allowed hosts from a static catalog
since it checked for the ID subtype from the static package.

This change validates host ids with the plugin.Subtype as well

Fixes: #1850

* test: cover authorize-session with host id

Add a regression test to cover the case where an explicit host ID was
given when calling AuthorizeSession
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees

@talanknight talanknight

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix(controller/targets): authorize-session should allow h_ ids justenwalker/boundary
2 participants
@talanknight @psypuff