Improve tsh profile support. #3089
Comments
benarent
added
feature-request
|
I think user profile should be more like So devs can write things like this: # cluster name
[staging]
k8s-cluster=
user=alice
[prod]
...
I was also thinking about using (setq cluster 'staging)
(defun select-cluster ()
(mapc (lambda (K)
(let* ((key (car K)) (fun (cdr K)))
(define-key cluster-map (parse-cluster key) fun)))
'(("<right>" . cluster-next-match)
("<left>" . cluster-prev-match)
("<up>" . ignore )
("<down>" . ignore ))))
(add-hook 'select-cluster 'select-cluster-hook-local-keys)... Just kidding about lisp one :) |
|
Would also be nice to let devs add port forwarding, agent forwarding etc to their profile files: [staginghost21839]
login=staginguser
agent_forwarding=yes
port_forwarding=54321:localhost:12345,3434:localhost:3434Then |
|
For what it's worth I found a work around here for easily switching between two teleport instances: alias t_one="echo teleport.one.url.without.port.io > ~/.tsh/current-profile"
alias t_two="echo teleport.two.url.without.port.io > ~/.tsh/current-profile"Obviously replace the url with the real one. |
|
We merged this recently: #5395 - it basically allows you to 'pin' a terminal to a given cluster by running |
I can't believe this is the way to deal with multiple profiles. At th very least, |
|
The easiest way to solve this is to expose an environment variable that can pick up the current profile. Then we can toggle that env variable on-demand to the profile we want. |
|
See also #2972 |
|
I don't know what the state of tsh was in 2019, but at this point the issue likely represents different problems for different people.
tsh has no notion of a default profile. It works more like kubectl where there's a current profile that, in theory, can be changed globally, but tsh doesn't expose an easy way of changing it yet.
I'm not sure what an alias for a profile would be. We could probably let users set custom profile aliases through
This is in theory supported by It also forces you to provide both the proxy and the user flags. The user flag is in theory unnecessary, as tsh doesn't support multiple users per proxy. The way I understand the issue as of today is that tsh lacks subcommands for switching the current profile and removing a specific profile. Another issue that's present in the current codebase is that there's a bunch of cases where under specific circumstances a tsh call might override the current profile without the user knowing that. IIRC, |
What happened:
If a customer has multiple Teleport proxies, customers use
➜ $ tsh login --proxy=work.example.comto login.If you are working with multiple Teleport proxies you need to switch each time with, and
tshsets the profile to the last one it logged in.Examples of apps with different profile systems.
What you expected to happen
tshuser should know what their default profile is.tshcan set a default profile.tshusers easily list all known profiles, and output current certificate status ( e.g. time left before reauthorisation )tshusers can login to an account using a profile alais vs full URLtshusers can remove accounts.The text was updated successfully, but these errors were encountered: