add nodeset capabilities to sshproxyctl

Author: cyrilst

cmd/sshproxyctl/sshproxyctl.go

@@ -24,6 +24,7 @@ import (
 
 	"github.com/cea-hpc/sshproxy/pkg/utils"
 
+	"github.com/iskylite/nodeset"
 	"github.com/olekukonko/tablewriter"
 )
 
@@ -502,7 +503,8 @@ func newEnableParser() *flag.FlagSet {
 	fs.Usage = func() {
 		fmt.Fprintf(flag.CommandLine.Output(), `Usage: %s enable HOST [PORT]
 
-Enable a previously disabled host in etcd. The default port is %s.
+Enable a previously disabled host in etcd. The default port is %s. Host and port
+can be nodesets.
 `, os.Args[0], defaultHostPort)
 		os.Exit(2)
 	}
@@ -515,7 +517,7 @@ func newForgetParser() *flag.FlagSet {
 		fmt.Fprintf(flag.CommandLine.Output(), `Usage: %s forget HOST [PORT]
 
 Forget a host in etcd. The default port is %s. Remember that if this host is
-used, it will appear back in the list.
+used, it will appear back in the list. Host and port can be nodesets.
 `, os.Args[0], defaultHostPort)
 		os.Exit(2)
 	}
@@ -527,7 +529,7 @@ func newDisableParser() *flag.FlagSet {
 	fs.Usage = func() {
 		fmt.Fprintf(flag.CommandLine.Output(), `Usage: %s disable HOST [PORT]
 
-Disabe a host in etcd. The default port is %s.
+Disabe a host in etcd. The default port is %s. Host and port can be nodesets.
 `, os.Args[0], defaultHostPort)
 		os.Exit(2)
 	}
@@ -550,25 +552,37 @@ The options are:
 	return fs
 }
 
-func getHostPortFromCommandLine(args []string) (string, string, error) {
-	host, port := "", defaultHostPort
+func getHostPortFromCommandLine(args []string) ([]string, []string, error) {
+	hostsNodeset, portsNodeset := "", defaultHostPort
 	switch len(args) {
 	case 2:
-		host, port = args[0], args[1]
+		hostsNodeset, portsNodeset = args[0], args[1]
 	case 1:
-		host = args[0]
+		hostsNodeset = args[0]
 	default:
-		return "", "", fmt.Errorf("wrong number of arguments")
+		return []string{}, []string{}, fmt.Errorf("wrong number of arguments")
 	}
-	if iport, err := strconv.Atoi(port); err != nil {
-		return "", "", fmt.Errorf("port must be an integer")
-	} else if iport < 0 || iport > 65535 {
-		return "", "", fmt.Errorf("port must be in the 0-65535 range")
+	hosts, err := nodeset.Expand(hostsNodeset)
+	if err != nil {
+		return []string{}, []string{}, fmt.Errorf("%s", err)
+	}
+	ports, err := nodeset.Expand(portsNodeset)
+	if err != nil {
+		return []string{}, []string{}, fmt.Errorf("%s", err)
 	}
-	if _, _, err := net.SplitHostPort(host + ":" + port); err != nil {
-		return "", "", fmt.Errorf("%s", err)
+	for _, port := range ports {
+		if iport, err := strconv.Atoi(port); err != nil {
+			return []string{}, []string{}, fmt.Errorf("port \"%s\" must be an integer", port)
+		} else if iport < 0 || iport > 65535 {
+			return []string{}, []string{}, fmt.Errorf("port \"%s\" must be in the 0-65535 range", port)
+		}
+		for _, host := range hosts {
+			if _, _, err := net.SplitHostPort(host + ":" + port); err != nil {
+				return []string{}, []string{}, fmt.Errorf("%s", err)
+			}
+		}
 	}
-	return host, port, nil
+	return hosts, ports, nil
 }
 
 func getErrorBannerFromCommandLine(args []string) (string, error) {
@@ -691,30 +705,42 @@ func main() {
 	case "enable":
 		p := parsers[cmd]
 		p.Parse(args)
-		host, port, err := getHostPortFromCommandLine(p.Args())
+		hosts, ports, err := getHostPortFromCommandLine(p.Args())
 		if err != nil {
 			fmt.Fprintf(os.Stderr, "ERROR: %s\n\n", err)
 			p.Usage()
 		}
-		enableHost(host, port, *configFile)
+		for _, host := range hosts {
+			for _, port := range ports {
+				enableHost(host, port, *configFile)
+			}
+		}
 	case "forget":
 		p := parsers[cmd]
 		p.Parse(args)
-		host, port, err := getHostPortFromCommandLine(p.Args())
+		hosts, ports, err := getHostPortFromCommandLine(p.Args())
 		if err != nil {
 			fmt.Fprintf(os.Stderr, "ERROR: %s\n\n", err)
 			p.Usage()
 		}
-		forgetHost(host, port, *configFile)
+		for _, host := range hosts {
+			for _, port := range ports {
+				forgetHost(host, port, *configFile)
+			}
+		}
 	case "disable":
 		p := parsers[cmd]
 		p.Parse(args)
-		host, port, err := getHostPortFromCommandLine(p.Args())
+		hosts, ports, err := getHostPortFromCommandLine(p.Args())
 		if err != nil {
 			fmt.Fprintf(os.Stderr, "ERROR: %s\n\n", err)
 			p.Usage()
 		}
-		disableHost(host, port, *configFile)
+		for _, host := range hosts {
+			for _, port := range ports {
+				disableHost(host, port, *configFile)
+			}
+		}
 	case "error_banner":
 		p := parsers[cmd]
 		p.Parse(args)

doc/sshproxyctl.txt

@@ -40,19 +40,20 @@ COMMANDS
 	Show version number and exit.
 
 *enable HOST [PORT]*::
-	Enable a destination host in etcd. The host was previously disabled by
+	Enable a destination host in etcd if the host was previously disabled by
 	the 'disable' command (see below). The port by default is 22 if not
-	specified.
+	specified. Host and port can be nodesets.
 
 *disable HOST [PORT]*::
 	Disable a destination host in etcd. A disabled host will not be
 	proposed as a destination. The only way to enable it again is to send
 	the 'enable' command. It could be used for host maintenance. The port
-	by default is 22 if not specified.
+	by default is 22 if not specified. Host and port can be nodesets.
 
 *forget HOST [PORT]*::
-	Forget a host in etcd. The default port is 22. Remember that if this
-	host is used, it will appear back in the list.
+	Forget a host in etcd. Remember that if this host is used, it will
+	appear back in the list. The port by default is 22 if not specified.
+	Host and port can be nodesets.
 
 *error_banner [-expire] MESSAGE*::
 	Set the error banner in etcd. Removes the error banner in etcd if

go.mod

@@ -4,10 +4,13 @@ go 1.21
 
 require (
 	github.com/creack/pty v1.1.20
+	github.com/iskylite/nodeset v1.0.1
 	github.com/moby/term v0.5.0
 	github.com/olekukonko/tablewriter v0.0.5
 	github.com/op/go-logging v0.0.0-20160315200505-970db520ece7
 	go.etcd.io/etcd/client/v3 v3.5.10
+	go.uber.org/zap v1.17.0
+	google.golang.org/grpc v1.58.3
 	gopkg.in/yaml.v2 v2.4.0
 )
 
@@ -18,17 +21,17 @@ require (
 	github.com/gogo/protobuf v1.3.2 // indirect
 	github.com/golang/protobuf v1.5.3 // indirect
 	github.com/mattn/go-runewidth v0.0.9 // indirect
+	github.com/segmentio/fasthash v1.0.3 // indirect
+	github.com/willf/bitset v1.1.10 // indirect
 	go.etcd.io/etcd/api/v3 v3.5.10 // indirect
 	go.etcd.io/etcd/client/pkg/v3 v3.5.10 // indirect
 	go.uber.org/atomic v1.7.0 // indirect
 	go.uber.org/multierr v1.6.0 // indirect
-	go.uber.org/zap v1.17.0 // indirect
 	golang.org/x/net v0.17.0 // indirect
 	golang.org/x/sys v0.13.0 // indirect
 	golang.org/x/text v0.13.0 // indirect
 	google.golang.org/genproto v0.0.0-20230711160842-782d3b101e98 // indirect
 	google.golang.org/genproto/googleapis/api v0.0.0-20230711160842-782d3b101e98 // indirect
 	google.golang.org/genproto/googleapis/rpc v0.0.0-20230711160842-782d3b101e98 // indirect
-	google.golang.org/grpc v1.58.3 // indirect
 	google.golang.org/protobuf v1.31.0 // indirect
 )

go.sum

@@ -18,6 +18,8 @@ github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiu
 github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
 github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
+github.com/iskylite/nodeset v1.0.1 h1:2yif2U3tyioRQyWSYSRVC47DUL0Raib4Ej+tEZIFlLs=
+github.com/iskylite/nodeset v1.0.1/go.mod h1:PCZzSaZBqVBbiHxCJb4PVHl7m6C5+5DrD1EVMl5+Clw=
 github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8=
 github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
 github.com/mattn/go-runewidth v0.0.9 h1:Lm995f3rfxdpd6TSmuVCHVb/QhupuXlYr8sCI/QdE+0=
@@ -32,11 +34,15 @@ github.com/pkg/errors v0.8.1 h1:iURUrRGxPUNPdy5/HRSm+Yj6okJ6UtLINN0Q9M4+h3I=
 github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/segmentio/fasthash v1.0.3 h1:EI9+KE1EwvMLBWwjpRDc+fEM+prwxDYbslddQGtrmhM=
+github.com/segmentio/fasthash v1.0.3/go.mod h1:waKX8l2N8yckOgmSsXJi7x1ZfdKZ4x7KRMzBtS3oedY=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk=
 github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
+github.com/willf/bitset v1.1.10 h1:NotGKqX0KwQ72NUzqrjZq5ipPNDQex9lo3WpaS8L2sc=
+github.com/willf/bitset v1.1.10/go.mod h1:RjeCKbqT1RxIR/KWY6phxZiaY1IyutSBfGjNPySAYV4=
 github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 go.etcd.io/etcd/api/v3 v3.5.10 h1:szRajuUUbLyppkhs9K6BRtjY37l66XQQmw7oZRANE4k=

test/centos-image/Dockerfile

@@ -3,7 +3,7 @@ FROM fedora:latest
 # Install development environment to compile RPM
 RUN set -ex \
 	&& yum -y update \
-	&& yum -y install asciidoc etcd git golang hostname iproute make openssh-server rpm-build
+	&& yum -y install asciidoc etcd git golang hostname iproute make openssh-server rpm-build procps
 
 # Create centos, user1 and user2 users ; centos and user1 groups
 RUN set -ex \

test/centos-image/sshproxy_test.go

@@ -596,7 +596,7 @@ func TestEnableDisableHost(t *testing.T) {
 		t.Errorf("%s got %s, expected server1", cmdStr, dest)
 	}
 
-	disableHost("server1")
+	disableHost("server[1,100]")
 	checkHostState(t, "server1", "disabled")
 
 	_, stdout, _, err = runCommand(ctx, "ssh", args, nil, nil)