add 'zrok access private' to dual-path cli (#751)

cmd/zrok/accessPrivate.go

@@ -1,17 +1,21 @@
 package main
 
 import (
+	"context"
 	"encoding/json"
 	"fmt"
 	tea "github.com/charmbracelet/bubbletea"
 	"github.com/go-openapi/runtime"
 	httptransport "github.com/go-openapi/runtime/client"
+	"github.com/openziti/zrok/agent/agentClient"
+	"github.com/openziti/zrok/agent/agentGrpc"
 	"github.com/openziti/zrok/endpoints"
 	"github.com/openziti/zrok/endpoints/proxy"
 	"github.com/openziti/zrok/endpoints/tcpTunnel"
 	"github.com/openziti/zrok/endpoints/udpTunnel"
 	"github.com/openziti/zrok/endpoints/vpn"
 	"github.com/openziti/zrok/environment"
+	"github.com/openziti/zrok/environment/env_core"
 	"github.com/openziti/zrok/rest_client_zrok"
 	"github.com/openziti/zrok/rest_client_zrok/share"
 	"github.com/openziti/zrok/rest_model_zrok"
@@ -54,30 +58,49 @@ func newAccessPrivateCommand() *accessPrivateCommand {
 }
 
 func (cmd *accessPrivateCommand) run(_ *cobra.Command, args []string) {
-	shrToken := args[0]
-
-	env, err := environment.LoadRoot()
+	root, err := environment.LoadRoot()
 	if err != nil {
-		tui.Error("error loading environment", err)
+		if !panicInstead {
+			tui.Error("error loading environment", err)
+		}
+		panic(err)
 	}
 
-	if !env.IsEnabled() {
+	if !root.IsEnabled() {
 		tui.Error("unable to load environment; did you 'zrok enable'?", nil)
 	}
 
-	zrok, err := env.Client()
+	if cmd.agent {
+		cmd.accessLocal(args, root)
+	} else {
+		agent, err := agentClient.IsAgentRunning(root)
+		if err != nil {
+			tui.Error("error checking if agent is running", err)
+		}
+		if agent {
+			cmd.accessAgent(args, root)
+		} else {
+			cmd.accessLocal(args, root)
+		}
+	}
+}
+
+func (cmd *accessPrivateCommand) accessLocal(args []string, root env_core.Root) {
+	shrToken := args[0]
+
+	zrok, err := root.Client()
 	if err != nil {
 		if !panicInstead {
 			tui.Error("unable to create zrok client", err)
 		}
 		panic(err)
 	}
 
-	auth := httptransport.APIKeyAuth("X-TOKEN", "header", env.Environment().Token)
+	auth := httptransport.APIKeyAuth("X-TOKEN", "header", root.Environment().Token)
 	req := share.NewAccessParams()
 	req.Body = &rest_model_zrok.AccessRequest{
 		ShrToken: shrToken,
-		EnvZID:   env.Environment().ZitiIdentity,
+		EnvZID:   root.Environment().ZitiIdentity,
 	}
 	accessResp, err := zrok.Share.Access(req, auth)
 	if err != nil {
@@ -121,7 +144,7 @@ func (cmd *accessPrivateCommand) run(_ *cobra.Command, args []string) {
 	case "tcpTunnel":
 		fe, err := tcpTunnel.NewFrontend(&tcpTunnel.FrontendConfig{
 			BindAddress:  cmd.bindAddress,
-			IdentityName: env.EnvironmentIdentityName(),
+			IdentityName: root.EnvironmentIdentityName(),
 			ShrToken:     args[0],
 			RequestsChan: requests,
 		})
@@ -143,7 +166,7 @@ func (cmd *accessPrivateCommand) run(_ *cobra.Command, args []string) {
 	case "udpTunnel":
 		fe, err := udpTunnel.NewFrontend(&udpTunnel.FrontendConfig{
 			BindAddress:  cmd.bindAddress,
-			IdentityName: env.EnvironmentIdentityName(),
+			IdentityName: root.EnvironmentIdentityName(),
 			ShrToken:     args[0],
 			RequestsChan: requests,
 			IdleTime:     time.Minute,
@@ -166,7 +189,7 @@ func (cmd *accessPrivateCommand) run(_ *cobra.Command, args []string) {
 	case "socks":
 		fe, err := tcpTunnel.NewFrontend(&tcpTunnel.FrontendConfig{
 			BindAddress:  cmd.bindAddress,
-			IdentityName: env.EnvironmentIdentityName(),
+			IdentityName: root.EnvironmentIdentityName(),
 			ShrToken:     args[0],
 			RequestsChan: requests,
 		})
@@ -190,7 +213,7 @@ func (cmd *accessPrivateCommand) run(_ *cobra.Command, args []string) {
 			Scheme: "VPN",
 		}
 		fe, err := vpn.NewFrontend(&vpn.FrontendConfig{
-			IdentityName: env.EnvironmentIdentityName(),
+			IdentityName: root.EnvironmentIdentityName(),
 			ShrToken:     args[0],
 			RequestsChan: requests,
 		})
@@ -210,7 +233,7 @@ func (cmd *accessPrivateCommand) run(_ *cobra.Command, args []string) {
 		}()
 
 	default:
-		cfg := proxy.DefaultFrontendConfig(env.EnvironmentIdentityName())
+		cfg := proxy.DefaultFrontendConfig(root.EnvironmentIdentityName())
 		cfg.ShrToken = shrToken
 		cfg.Address = cmd.bindAddress
 		cfg.ResponseHeaders = cmd.responseHeaders
@@ -232,10 +255,10 @@ func (cmd *accessPrivateCommand) run(_ *cobra.Command, args []string) {
 	}
 
 	c := make(chan os.Signal)
-	signal.Notify(c, os.Interrupt, syscall.SIGTERM)
+	signal.Notify(c, os.Interrupt, os.Kill, syscall.SIGHUP, syscall.SIGTERM, syscall.SIGKILL, syscall.SIGQUIT)
 	go func() {
 		<-c
-		cmd.destroy(accessResp.Payload.FrontendToken, env.Environment().ZitiIdentity, shrToken, zrok, auth)
+		cmd.destroy(accessResp.Payload.FrontendToken, root.Environment().ZitiIdentity, shrToken, zrok, auth)
 		os.Exit(0)
 	}()
 
@@ -285,12 +308,12 @@ func (cmd *accessPrivateCommand) run(_ *cobra.Command, args []string) {
 		}
 
 		close(requests)
-		cmd.destroy(accessResp.Payload.FrontendToken, env.Environment().ZitiIdentity, shrToken, zrok, auth)
+		cmd.destroy(accessResp.Payload.FrontendToken, root.Environment().ZitiIdentity, shrToken, zrok, auth)
 	}
 }
 
 func (cmd *accessPrivateCommand) destroy(frontendName, envZId, shrToken string, zrok *rest_client_zrok.Zrok, auth runtime.ClientAuthInfoWriter) {
-	logrus.Debugf("shutting down '%v'", shrToken)
+	logrus.Infof("shutting down '%v'", shrToken)
 	req := share.NewUnaccessParams()
 	req.Body = &rest_model_zrok.UnaccessRequest{
 		FrontendToken: frontendName,
@@ -303,3 +326,22 @@ func (cmd *accessPrivateCommand) destroy(frontendName, envZId, shrToken string,
 		logrus.Errorf("error shutting down: %v", err)
 	}
 }
+
+func (cmd *accessPrivateCommand) accessAgent(args []string, root env_core.Root) {
+	client, conn, err := agentClient.NewClient(root)
+	if err != nil {
+		tui.Error("error connecting to agent", err)
+	}
+	defer func() { _ = conn.Close() }()
+
+	acc, err := client.AccessPrivate(context.Background(), &agentGrpc.AccessPrivateRequest{
+		Token:           args[0],
+		BindAddress:     cmd.bindAddress,
+		ResponseHeaders: cmd.responseHeaders,
+	})
+	if err != nil {
+		tui.Error("error creating access", err)
+	}
+
+	fmt.Println(acc)
+}