Conversation
|
Do we want a separate cli for tunnels or do we want to bake in functionality into datumctl? |
drewr
force-pushed
the
cli-tunnel-and-auth
branch
from
ea2df66 to
80ffdf7
Compare
|
Yeah, it's why this is a draft. I needed the functionality and didn't want to commit one way or the other yet. I explored doing it in datumctl and it would involve either replicating the Iroh sidecar in go or making the project hybrid with a rust component. This method uses all the same machinery as the GUI which felt like a better first pass. |
- Add 'tunnel' subcommand to datum-connect CLI with: - 'tunnel list': read-only listing of tunnels (no side effects) - 'tunnel listen': create/update and run tunnel in foreground - 'tunnel update': update tunnel label/endpoint - 'tunnel delete': delete a tunnel - Add 'nix run .#connect' app to flake.nix - Split find_connector_readonly for list operations - Remove side effects from tunnel list (no patching Connector) - Listen command: - Generates random label if not provided - Confirms before updating existing tunnel - Handles Ctrl+C to disable tunnel on exit
- Add 'auth' subcommand to CLI with: - 'auth status': Show current authentication and selected context - 'auth login': Log in via browser OAuth with account picker - 'auth logout': Log out and clear credentials - 'auth list': Show current authenticated user - 'auth switch': Log out current user and prompt for new login Also add is_authenticated(), login(), logout() methods to DatumCloudClient.
drewr
force-pushed
the
cli-tunnel-and-auth
branch
from
80ffdf7 to
01c3ab8
Compare
|
Ya the challenge is the core stuff we need is in rust so we'll need some magic to make the UX good |
|
How does this interact with the GUI based application? Would auth be shared? Since the GUI is locked to a specific project (because connectors are project-scoped resources), switching the authenticated user could break existing tunnels without the user knowing and it doesn't seem like we warn the user. |
|
It's all shared. I'll show what it looks like when Rust is done compiling... |
3 participants
Summary
Add CLI tunnel and auth commands for managing Datum Connect tunnels from the command line.
Changes
nix run .#cliapp to flake.nixtunnelsubcommand with list, listen, update, delete commandsauthsubcommand with status, login, logout, list, switch commandsfind_connector_readonlyfor read-only list operations (no side effects)RUST_LOGenv var)Tunnel Commands
tunnel listtunnel listentunnel updatetunnel deleteAuth Commands
auth statusauth loginauth logoutauth listauth switchBug fixes (found during testing)
delete_projectreturned early iffind_connectorfound nothing, skipping deletion of HTTPProxy/ConnectorAdvertisement/TrafficProtectionPolicy. Fixed: connector lookup is now only needed for post-deletion cleanup; resource deletion proceeds regardless.HeartbeatAgentthat continuously patchesstatus.connectionDetailson the connector (relay URL, addresses, public key). Without it the gateway has no routing info. Fixed:tunnel listennow starts the heartbeat and registers the project before enabling the tunnel.tunnel listenon an existing endpoint updates the label unexpectedly: A random label was generated before checking for an existing tunnel, so it always differed and triggered the update prompt. Fixed: random label generation moved into the create-new-tunnel path; existing tunnels reuse their stored label unless--labelis explicitly provided.tunnel-<u16>format (same as resource IDs): Switched to 12 hex chars of random entropy (e.g.a3f9c2e1b047) to distinguish display names from resource names.tunnel deleteprinted confusing(connector deleted: false): Connector cleanup is an internal detail. Output simplified to justDeleted tunnel <id>.Usage Example
Building