Compatibility fixes with ContainerSSH 0.3 (#2)

Author: janoszen

CHANGELOG.md

@@ -0,0 +1,2 @@
+# Changelog
+

appconfig.go

@@ -13,6 +13,8 @@ import (
 
 // AppConfig is the root configuration object of ContainerSSH.
 type AppConfig struct {
+	// Listen is an alias for ssh.listen. Its usage is deprecated.
+	Listen string `json:"listen,omitempty" yaml:"listen,omitempty" default:""`
 	// SSH contains the configuration for the SSH server.
 	// swagger:ignore
 	SSH sshserver.Config `json:"ssh" yaml:"ssh" comment:"SSH configuration"`
@@ -42,3 +44,16 @@ type AppConfig struct {
 	// KubeRun contains the configuration for the kuberun backend.
 	KubeRun kuberun.Config `json:"kuberun" yaml:"kuberun" comment:"Kubernetes configuration to use when the Kubernetes run backend is used."`
 }
+
+func (cfg *AppConfig) FixCompatibility(logger log.Logger) error {
+	if cfg.Listen != "" {
+		if cfg.SSH.Listen == "" || cfg.SSH.Listen == "0.0.0.0:2222" {
+			logger.Warningf("you are using the deprecated 'listen' option for SSH listen socket instead of the new 'ssh -> listen', please change your configuration")
+			cfg.SSH.Listen = cfg.Listen
+			cfg.Listen = ""
+		} else {
+			logger.Warningf("you are using both the deprecated 'listen' and the new 'ssh -> listen' options, the new option takes precedence")
+		}
+	}
+	return nil
+}

compatibility_test.go

@@ -0,0 +1,42 @@
+package configuration_test
+
+import (
+	"context"
+	"os"
+	"testing"
+
+	"github.com/containerssh/log"
+	"github.com/stretchr/testify/assert"
+
+	"github.com/containerssh/configuration"
+)
+
+// Test03Compatibility tests if a configuration file for ContainerSSH version 0.3 can be read.
+func Test03Compatibility(t *testing.T) {
+	logger, err := log.New(
+		log.Config{
+			Level:  log.LevelDebug,
+			Format: "text",
+		},
+		"config",
+		os.Stdout,
+	)
+	assert.NoError(t, err)
+
+	logger.Infof("FYI: the deprecation notice in this test is intentional")
+
+	testFile, err := os.Open("data/0.3.yaml")
+	assert.NoError(t, err)
+	reader, err := configuration.NewReaderLoader(
+		testFile,
+		logger,
+		configuration.FormatYAML,
+	)
+	assert.NoError(t, err)
+
+	config := configuration.AppConfig{}
+	err = reader.Load(context.Background(), &config)
+	assert.NoError(t, err)
+
+	assert.Equal(t, "0.0.0.0:2222", config.SSH.Listen)
+}

data/0.3.yaml

@@ -0,0 +1,241 @@
+listen: 0.0.0.0:2222
+ssh:
+  ciphers:
+    - chacha20-poly1305@openssh.com
+    - aes256-gcm@openssh.com
+    - aes128-gcm@openssh.com
+    - aes256-ctr
+    - aes192-ctr
+    - aes128-ctr
+  kex:
+    - curve25519-sha256@libssh.org
+    - ecdh-sha2-nistp521
+    - ecdh-sha2-nistp384
+    - ecdh-sha2-nistp256
+  macs:
+    - hmac-sha2-256-etm@openssh.com
+    - hmac-sha2-256
+    - hmac-sha1
+    - hmac-sha1-96
+  hostkeys: []
+configserver:
+  timeout: 2s
+  url: ""
+  cacert: ""
+  cert: ""
+  key: ""
+auth:
+  url: ""
+  cacert: ""
+  timeout: 2s
+  cert: ""
+  key: ""
+  password: true
+  pubkey: false
+backend: dockerrun
+dockerrun:
+  host: unix:///var/run/docker.sock
+  cacert: ""
+  cert: ""
+  key: ""
+  config:
+    container:
+      hostname: ""
+      domainname: ""
+      user: ""
+      attachstdin: false
+      attachstdout: false
+      attachstderr: false
+      exposedports: {}
+      tty: false
+      openstdin: false
+      stdinonce: false
+      env: []
+      cmd: []
+      healthcheck: null
+      argsescaped: false
+      image: janoszen/containerssh-image
+      volumes: {}
+      workingdir: ""
+      entrypoint: []
+      networkdisabled: false
+      macaddress: ""
+      onbuild: []
+      labels: {}
+      stopsignal: ""
+      stoptimeout: null
+      shell: []
+    host:
+      binds: []
+      containeridfile: ""
+      logconfig:
+        type: ""
+        config: {}
+      networkmode: ""
+      portbindings: {}
+      restartpolicy:
+        name: ""
+        maximumretrycount: 0
+      autoremove: false
+      volumedriver: ""
+      volumesfrom: []
+      capadd: []
+      capdrop: []
+      dns: []
+      dnsoptions: []
+      dnssearch: []
+      extrahosts: []
+      groupadd: []
+      ipcmode: ""
+      cgroup: ""
+      links: []
+      oomscoreadj: 0
+      pidmode: ""
+      privileged: false
+      publishallports: false
+      readonlyrootfs: false
+      securityopt: []
+      storageopt: {}
+      tmpfs: {}
+      utsmode: ""
+      usernsmode: ""
+      shmsize: 0
+      sysctls: {}
+      runtime: ""
+      consolesize:
+        - 0
+        - 0
+      isolation: ""
+      resources:
+        cpushares: 0
+        memory: 0
+        nanocpus: 0
+        cgroupparent: ""
+        blkioweight: 0
+        blkioweightdevice: []
+        blkiodevicereadbps: []
+        blkiodevicewritebps: []
+        blkiodevicereadiops: []
+        blkiodevicewriteiops: []
+        cpuperiod: 0
+        cpuquota: 0
+        cpurealtimeperiod: 0
+        cpurealtimeruntime: 0
+        cpusetcpus: ""
+        cpusetmems: ""
+        devices: []
+        diskquota: 0
+        kernelmemory: 0
+        memoryreservation: 0
+        memoryswap: 0
+        memoryswappiness: null
+        oomkilldisable: null
+        pidslimit: 0
+        ulimits: []
+        cpucount: 0
+        cpupercent: 0
+        iomaximumiops: 0
+        iomaximumbandwidth: 0
+      mounts: []
+      init: null
+      initpath: ""
+    network:
+      endpointsconfig: {}
+    containername: ""
+    subsystems:
+      sftp: /usr/lib/openssh/sftp-server
+    disableCommand: false
+kuberun:
+  connection:
+    host: kubernetes.default.svc
+    path: /api
+    username: ""
+    password: ""
+    insecure: false
+    serverName: ""
+    certFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+    keyFile: ""
+    cacertFile: ""
+    cert: ""
+    key: ""
+    cacert: ""
+    bearerToken: ""
+    bearerTokenFile: ""
+    qps: 5
+    burst: 10
+    timeout: 0s
+  pod:
+    namespace: default
+    consoleContainerNumber: 0
+    podSpec:
+      volumes: []
+      initcontainers: []
+      containers:
+        - name: shell
+          image: janoszen/containerssh-image
+          command: []
+          args: []
+          workingdir: ""
+          ports: []
+          envfrom: []
+          env: []
+          resources:
+            limits: {}
+            requests: {}
+          volumemounts: []
+          volumedevices: []
+          livenessprobe: null
+          readinessprobe: null
+          startupprobe: null
+          lifecycle: null
+          terminationmessagepath: ""
+          terminationmessagepolicy: ""
+          imagepullpolicy: ""
+          securitycontext: null
+          stdin: false
+          stdinonce: false
+          tty: false
+      ephemeralcontainers: []
+      restartpolicy: ""
+      terminationgraceperiodseconds: null
+      activedeadlineseconds: null
+      dnspolicy: ""
+      nodeselector: {}
+      serviceaccountname: ""
+      deprecatedserviceaccount: ""
+      automountserviceaccounttoken: null
+      nodename: ""
+      hostnetwork: false
+      hostpid: false
+      hostipc: false
+      shareprocessnamespace: null
+      securitycontext: null
+      imagepullsecrets: []
+      hostname: ""
+      subdomain: ""
+      affinity: null
+      schedulername: ""
+      tolerations: []
+      hostaliases: []
+      priorityclassname: ""
+      priority: null
+      dnsconfig: null
+      readinessgates: []
+      runtimeclassname: null
+      enableservicelinks: null
+      preemptionpolicy: null
+      overhead: {}
+      topologyspreadconstraints: []
+      sethostnameasfqdn: null
+    subsystems:
+      sftp: /usr/lib/openssh/sftp-server
+    disableCommand: false
+  timeout: 1m0s
+log:
+  level: info
+metrics:
+  enable: false
+  listen: 0.0.0.0:9100
+  path: /metrics
+geoip:
+  maxmind-geoip2-file: /var/lib/GeoIP/GeoIP2-Country.mmdb

format.go

@@ -0,0 +1,27 @@
+package configuration
+
+import (
+	"fmt"
+)
+
+// Format describes the format of the file being read.
+type Format string
+
+const (
+	// FormatJSON reads/writes in JSON format
+	FormatJSON Format = "json"
+	// FormatYAML reads/writes in YAML format
+	FormatYAML Format = "yaml"
+)
+
+// Validate validates the given format.
+func (f Format) Validate() error {
+	switch f {
+	case FormatJSON:
+		fallthrough
+	case FormatYAML:
+		return nil
+	default:
+		return fmt.Errorf("invalid format: %s", f)
+	}
+}

go.mod

@@ -4,19 +4,18 @@ go 1.14
 
 require (
 	github.com/containerssh/auditlog v0.9.3
-	github.com/containerssh/auth v0.9.1
+	github.com/containerssh/auth v0.9.2
 	github.com/containerssh/dockerrun v0.9.1
 	github.com/containerssh/geoip v0.9.3
 	github.com/containerssh/http v0.9.1
 	github.com/containerssh/kuberun v0.9.1
-	github.com/containerssh/log v0.9.4
-	github.com/containerssh/metrics v0.9.1
+	github.com/containerssh/log v0.9.6
+	github.com/containerssh/metrics v0.9.2
 	github.com/containerssh/service v0.9.0
 	github.com/containerssh/sshserver v0.9.9
 	github.com/containerssh/structutils v0.9.0
-	github.com/google/go-cmp v0.5.2
+	github.com/google/go-cmp v0.5.4
 	github.com/stretchr/testify v1.6.1
-	gopkg.in/yaml.v2 v2.4.0 // indirect
 	gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776
 	gotest.tools v2.2.0+incompatible
 )