fix(cli): reject tssvc host endpoints for clients

Disallow tssvc:// for exec/console host resolution and return a clear listen-only error. Add integration tests for both commands.

Author: lox

internal/cli/cli.go

@@ -207,6 +207,9 @@ func (e *ExecCommand) Run(ctx *runtimeContext) error {
 	if err != nil {
 		return err
 	}
+	if err := validateClientEndpoint(ep); err != nil {
+		return err
+	}
 	var cwd string
 	if ep.Scheme != "unix" {
 		if e.Chdir == "" {
@@ -414,6 +417,9 @@ func (c *ConsoleCommand) Run(ctx *runtimeContext) error {
 	if err != nil {
 		return err
 	}
+	if err := validateClientEndpoint(ep); err != nil {
+		return err
+	}
 	var cwd string
 	if ep.Scheme != "unix" {
 		if c.Chdir == "" {
@@ -734,6 +740,13 @@ func resolveBackendName(requested, configuredDefault string) string {
 	return "firecracker"
 }
 
+func validateClientEndpoint(ep endpoint.Endpoint) error {
+	if ep.Scheme != "tssvc" {
+		return nil
+	}
+	return errors.New("tssvc:// endpoints are listen-only; use https://<service>.<your-tailnet>.ts.net for --host")
+}
+
 func mergeFirecrackerConfig(cwd string, e *ExecCommand, cfg runtimeconfig.Config) backend.FirecrackerConfig {
 	out := backend.FirecrackerConfig{
 		BinaryPath:      cfg.Backends.Firecracker.BinaryPath,

internal/cli/console_integration_test.go

@@ -203,3 +203,20 @@ func TestConsoleIntegrationInterruptCancelsExecution(t *testing.T) {
 		t.Fatalf("unexpected console exit code: got %d want %d (err=%v)", got, want, outcome.err)
 	}
 }
+
+func TestConsoleRejectsTailscaleServiceListenEndpointAsHost(t *testing.T) {
+	outcome := runConsoleWithCapture(ConsoleCommand{
+		Host: "tssvc://cleanroom",
+	}, "", runtimeContext{
+		CWD: t.TempDir(),
+	})
+	if outcome.cause != nil {
+		t.Fatalf("capture failure: %v", outcome.cause)
+	}
+	if outcome.err == nil {
+		t.Fatal("expected host validation error")
+	}
+	if !strings.Contains(outcome.err.Error(), "listen-only") {
+		t.Fatalf("expected listen-only host error, got %v", outcome.err)
+	}
+}

internal/cli/exec_integration_test.go

@@ -442,3 +442,21 @@ func TestParseSandboxID(t *testing.T) {
 		t.Fatalf("expected empty sandbox id for invalid input, got %q", got)
 	}
 }
+
+func TestExecRejectsTailscaleServiceListenEndpointAsHost(t *testing.T) {
+	outcome := runExecWithCapture(ExecCommand{
+		Host:    "tssvc://cleanroom",
+		Command: []string{"echo", "hi"},
+	}, runtimeContext{
+		CWD: t.TempDir(),
+	})
+	if outcome.cause != nil {
+		t.Fatalf("capture failure: %v", outcome.cause)
+	}
+	if outcome.err == nil {
+		t.Fatal("expected host validation error")
+	}
+	if !strings.Contains(outcome.err.Error(), "listen-only") {
+		t.Fatalf("expected listen-only host error, got %v", outcome.err)
+	}
+}