From 08fcdc8be9ddaea5176b0e2303f914a3c51288f9 Mon Sep 17 00:00:00 2001 From: Chad Unrein Date: Fri, 6 Oct 2023 13:36:42 -0500 Subject: [PATCH 1/8] updates required by pwdb improvements --- .../service/connections/connections.go | 3 + bastionzero/service/targets/database.go | 66 ++++++++++++------- .../targets_disambiguated/database_target.go | 20 +++--- 3 files changed, 57 insertions(+), 32 deletions(-) diff --git a/bastionzero/service/connections/connections.go b/bastionzero/service/connections/connections.go index 3f796a4..e90bcb1 100644 --- a/bastionzero/service/connections/connections.go +++ b/bastionzero/service/connections/connections.go @@ -122,7 +122,10 @@ type CreateUniversalConnectionResponse struct { AgentVersion string `json:"agentVersion"` ConnectionAuthDetails ConnectionAuthDetails `json:"connectionAuthDetails"` SshScpOnly bool `json:"sshScpOnly"` + // Deprecated: SplitCert exist for historical compatibility and should not be used. + // Use IsPasswordless instead. SplitCert bool `json:"splitCert"` + IsPasswordless bool `json:"isPasswordless"` } // ConnectionAuthDetails contains details needed to connect to a connection node diff --git a/bastionzero/service/targets/database.go b/bastionzero/service/targets/database.go index 2a6fce5..14f2b0e 100644 --- a/bastionzero/service/targets/database.go +++ b/bastionzero/service/targets/database.go @@ -17,16 +17,20 @@ const ( // CreateDatabaseTargetRequest is used to create a new Database target type CreateDatabaseTargetRequest struct { - TargetName string `json:"targetName"` - ProxyTargetID string `json:"proxyTargetId"` - RemoteHost string `json:"remoteHost"` - RemotePort Port `json:"remotePort"` - LocalPort *Port `json:"localPort,omitempty"` - LocalHost string `json:"localHost,omitempty"` - IsSplitCert bool `json:"splitCert,omitempty"` - DatabaseType string `json:"databaseType,omitempty"` - EnvironmentID string `json:"environmentId,omitempty"` - EnvironmentName string `json:"environmentName,omitempty"` + TargetName string `json:"targetName"` + ProxyTargetID string `json:"proxyTargetId"` + RemoteHost string `json:"remoteHost"` + // RemotePort is required for all databases except GCP-hosted ones. For GCP-hosted databases, + // Port.Value can be specified but will be ignored when connecting to the database. + // If not provided when creating a CGP database target, Port.Value will be set to 0. + RemotePort *Port `json:"remotePort,omitempty"` + LocalPort *Port `json:"localPort,omitempty"` + LocalHost string `json:"localHost,omitempty"` + IsSplitCert bool `json:"splitCert,omitempty"` + DatabaseType string `json:"databaseType,omitempty"` + EnvironmentID string `json:"environmentId,omitempty"` + EnvironmentName string `json:"environmentName,omitempty"` + DatabaseAuthenticationConfig DatabaseAuthenticationConfig `json:"databaseAuthenticationConfig,omitempty"` } // CreateDatabaseTargetResponse is the response returned if a Database target is @@ -37,15 +41,16 @@ type CreateDatabaseTargetResponse struct { // ModifyDatabaseTargetRequest is used to modify a Database target type ModifyDatabaseTargetRequest struct { - TargetName *string `json:"targetName,omitempty"` - ProxyTargetID *string `json:"proxyTargetId,omitempty"` - RemoteHost *string `json:"remoteHost,omitempty"` - RemotePort *Port `json:"remotePort,omitempty"` - LocalPort *Port `json:"localPort,omitempty"` - LocalHost *string `json:"localHost,omitempty"` - IsSplitCert *bool `json:"splitCert,omitempty"` - DatabaseType *string `json:"databaseType,omitempty"` - EnvironmentID *string `json:"environmentId,omitempty"` + TargetName *string `json:"targetName,omitempty"` + ProxyTargetID *string `json:"proxyTargetId,omitempty"` + RemoteHost *string `json:"remoteHost,omitempty"` + RemotePort *Port `json:"remotePort,omitempty"` + LocalPort *Port `json:"localPort,omitempty"` + LocalHost *string `json:"localHost,omitempty"` + IsSplitCert *bool `json:"splitCert,omitempty"` + DatabaseType *string `json:"databaseType,omitempty"` + EnvironmentID *string `json:"environmentId,omitempty"` + DatabaseAuthenticationConfig DatabaseAuthenticationConfig `json:"databaseAuthenticationConfig,omitempty"` } // ListDatabaseTargetsOptions specifies the optional parameters when querying @@ -81,9 +86,26 @@ type ListSplitCertDatabaseTypesResponse struct { type DatabaseTarget struct { VirtualTarget - IsSplitCert bool `json:"splitCert"` - DatabaseType *string `json:"databaseType"` - AllowedTargetUsers []policies.TargetUser `json:"allowedTargetUsers"` + // Deprecated: IsSplitCert exists for historical compatibility and should not be used. + // Set AuthenticationType in DatabaseAuthenticationConfig appropriately instead. + IsSplitCert bool `json:"splitCert"` + // Deprecated: DatabaseType exists for historical compatibility and should not be used. + // Set Database in DatabaseAuthenticationConfig appropriately instead. + DatabaseType *string `json:"databaseType"` + AllowedTargetUsers []policies.TargetUser `json:"allowedTargetUsers"` + DatabaseAuthenticationConfig DatabaseAuthenticationConfig `json:"databaseAuthenticationConfig"` +} + +// DatabaseAuthenticationConfig defines a database authentication configuration supported +// by BastionZero. When using a non-null DatabaseAuthenticationConfig in a request, it +// is recommended that the supported configurations are retrieved from a GET request to +// /api/v2/targets/database/supported-database-configs and then one of the returned +// configurations are used in any subsequent create or update request as needed. +type DatabaseAuthenticationConfig struct { + AuthenticationType *string `json:"authenticationType"` + CloudServiceProvider *string `json:"cloudServiceProvider"` + Database *string `json:"database"` + Label *string `json:"label"` } // ListDatabaseTargets lists all Database targets. diff --git a/bastionzero/service/targets_disambiguated/database_target.go b/bastionzero/service/targets_disambiguated/database_target.go index 79a5ae0..7b6f80b 100644 --- a/bastionzero/service/targets_disambiguated/database_target.go +++ b/bastionzero/service/targets_disambiguated/database_target.go @@ -3,19 +3,19 @@ package targets_disambiguated import ( "github.com/bastionzero/bastionzero-sdk-go/bastionzero/service/connections" "github.com/bastionzero/bastionzero-sdk-go/bastionzero/service/policies" + "github.com/bastionzero/bastionzero-sdk-go/bastionzero/service/targets" ) type DatabaseTarget struct { Target - ProxyAgentId string `json:"proxyAgentId"` - ProxyAgentName string `json:"proxyAgentName"` - RemoteHost string `json:"remoteHost"` - RemotePort Port `json:"remotePort"` - LocalHost string `json:"localHost"` - LocalPort *Port `json:"localPort"` - SplitCert bool `json:"splitCert"` - DatabaseType string `json:"databaseType"` - AllowedTargetUsers []policies.TargetUser `json:"allowedTargetUsers"` - Connections []connections.DbConnection `json:"connections"` + ProxyAgentId string `json:"proxyAgentId"` + ProxyAgentName string `json:"proxyAgentName"` + RemoteHost string `json:"remoteHost"` + RemotePort Port `json:"remotePort"` + LocalHost string `json:"localHost"` + LocalPort *Port `json:"localPort"` + AllowedTargetUsers []policies.TargetUser `json:"allowedTargetUsers"` + Connections []connections.DbConnection `json:"connections"` + DatabaseAuthenticationConfig targets.DatabaseAuthenticationConfig `json:"databaseAuthenticationConfig"` } From 9a2fe72686a8498a15690339858e877774ae9ca2 Mon Sep 17 00:00:00 2001 From: Chad Unrein Date: Fri, 6 Oct 2023 13:58:45 -0500 Subject: [PATCH 2/8] add changelog entry --- .changes/unreleased/FEATURES-20231006-135721.yaml | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 .changes/unreleased/FEATURES-20231006-135721.yaml diff --git a/.changes/unreleased/FEATURES-20231006-135721.yaml b/.changes/unreleased/FEATURES-20231006-135721.yaml new file mode 100644 index 0000000..4a59b4f --- /dev/null +++ b/.changes/unreleased/FEATURES-20231006-135721.yaml @@ -0,0 +1,6 @@ +kind: FEATURES +body: 'targets/database: Add new field DatabaseAuthenticationConfig and deprecate + SplitCert and DatabaseType' +time: 2023-10-06T13:57:21.309141752-05:00 +custom: + Issues: "40" From d4529a27ef53d1433884c55f175c17ae06c2fe5c Mon Sep 17 00:00:00 2001 From: Chad Unrein Date: Fri, 6 Oct 2023 17:13:04 -0500 Subject: [PATCH 3/8] added ListDatabaseAuthenticationConfigs --- bastionzero/service/targets/database.go | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/bastionzero/service/targets/database.go b/bastionzero/service/targets/database.go index 14f2b0e..38c768a 100644 --- a/bastionzero/service/targets/database.go +++ b/bastionzero/service/targets/database.go @@ -237,6 +237,7 @@ func (s *TargetsService) ModifyDatabaseTarget(ctx context.Context, targetID stri // ListSplitCertDatabaseTypes lists all Database types for which SplitCert // access is supported. // +// Deprecated: Use ListDatabaseAuthenticationConfigs // BastionZero API docs: https://cloud.bastionzero.com/api/#get-/api/v2/targets/database/supported-databases func (s *TargetsService) ListSplitCertDatabaseTypes(ctx context.Context) (*ListSplitCertDatabaseTypesResponse, *http.Response, error) { u := databaseBasePath + "/supported-databases" @@ -254,6 +255,25 @@ func (s *TargetsService) ListSplitCertDatabaseTypes(ctx context.Context) (*ListS return listResp, resp, nil } +// ListDatabaseAuthenticationConfigs lists all database authentication configurations supported by BasionZero. +// +// BastionZero API docs: https://cloud.bastionzero.com/api/#get-/api/v2/targets/database/supported-database-configs +func (s *TargetsService) ListDatabaseAuthenticationConfigs(ctx context.Context) ([]DatabaseAuthenticationConfig, *http.Response, error) { + u := databaseBasePath + "/supported-database-configs" + req, err := s.Client.NewRequest(ctx, http.MethodGet, u, nil) + if err != nil { + return nil, nil, err + } + + dbAuthConfigList := new([]DatabaseAuthenticationConfig) + resp, err := s.Client.Do(req, dbAuthConfigList) + if err != nil { + return nil, resp, err + } + + return *dbAuthConfigList, resp, nil +} + // Ensure DatabaseTarget implementation satisfies the expected interfaces. var ( // DatabaseTarget implements VirtualTargetInterface From ed2f270fa929fed5d67a9250cdf87c9bfdcaed05 Mon Sep 17 00:00:00 2001 From: Chad Unrein Date: Tue, 10 Oct 2023 13:23:40 -0500 Subject: [PATCH 4/8] fix formatting and add helpful constants --- .../service/connections/connections.go | 4 +- bastionzero/service/targets/database.go | 67 ++++++++----------- .../dbauthconfig/authenticationtype.go | 8 +++ .../dbauthconfig/cloudserviceprovider.go | 7 ++ .../service/targets/dbauthconfig/database.go | 10 +++ .../targets/dbauthconfig/dbauthconfig.go | 13 ++++ .../targets_disambiguated/database_target.go | 20 +++--- 7 files changed, 78 insertions(+), 51 deletions(-) create mode 100644 bastionzero/service/targets/dbauthconfig/authenticationtype.go create mode 100644 bastionzero/service/targets/dbauthconfig/cloudserviceprovider.go create mode 100644 bastionzero/service/targets/dbauthconfig/database.go create mode 100644 bastionzero/service/targets/dbauthconfig/dbauthconfig.go diff --git a/bastionzero/service/connections/connections.go b/bastionzero/service/connections/connections.go index e90bcb1..5b52767 100644 --- a/bastionzero/service/connections/connections.go +++ b/bastionzero/service/connections/connections.go @@ -124,8 +124,8 @@ type CreateUniversalConnectionResponse struct { SshScpOnly bool `json:"sshScpOnly"` // Deprecated: SplitCert exist for historical compatibility and should not be used. // Use IsPasswordless instead. - SplitCert bool `json:"splitCert"` - IsPasswordless bool `json:"isPasswordless"` + SplitCert bool `json:"splitCert"` + IsPasswordless bool `json:"isPasswordless"` } // ConnectionAuthDetails contains details needed to connect to a connection node diff --git a/bastionzero/service/targets/database.go b/bastionzero/service/targets/database.go index 38c768a..032e277 100644 --- a/bastionzero/service/targets/database.go +++ b/bastionzero/service/targets/database.go @@ -6,6 +6,7 @@ import ( "net/http" "github.com/bastionzero/bastionzero-sdk-go/bastionzero/service/policies" + "github.com/bastionzero/bastionzero-sdk-go/bastionzero/service/targets/dbauthconfig" "github.com/bastionzero/bastionzero-sdk-go/bastionzero/types/targettype" "github.com/bastionzero/bastionzero-sdk-go/internal/client" ) @@ -17,20 +18,20 @@ const ( // CreateDatabaseTargetRequest is used to create a new Database target type CreateDatabaseTargetRequest struct { - TargetName string `json:"targetName"` - ProxyTargetID string `json:"proxyTargetId"` - RemoteHost string `json:"remoteHost"` + TargetName string `json:"targetName"` + ProxyTargetID string `json:"proxyTargetId"` + RemoteHost string `json:"remoteHost"` // RemotePort is required for all databases except GCP-hosted ones. For GCP-hosted databases, // Port.Value can be specified but will be ignored when connecting to the database. // If not provided when creating a CGP database target, Port.Value will be set to 0. - RemotePort *Port `json:"remotePort,omitempty"` - LocalPort *Port `json:"localPort,omitempty"` - LocalHost string `json:"localHost,omitempty"` - IsSplitCert bool `json:"splitCert,omitempty"` - DatabaseType string `json:"databaseType,omitempty"` - EnvironmentID string `json:"environmentId,omitempty"` - EnvironmentName string `json:"environmentName,omitempty"` - DatabaseAuthenticationConfig DatabaseAuthenticationConfig `json:"databaseAuthenticationConfig,omitempty"` + RemotePort *Port `json:"remotePort,omitempty"` + LocalPort *Port `json:"localPort,omitempty"` + LocalHost string `json:"localHost,omitempty"` + IsSplitCert bool `json:"splitCert,omitempty"` + DatabaseType string `json:"databaseType,omitempty"` + EnvironmentID string `json:"environmentId,omitempty"` + EnvironmentName string `json:"environmentName,omitempty"` + DatabaseAuthenticationConfig dbauthconfig.DatabaseAuthenticationConfig `json:"databaseAuthenticationConfig,omitempty"` } // CreateDatabaseTargetResponse is the response returned if a Database target is @@ -41,16 +42,16 @@ type CreateDatabaseTargetResponse struct { // ModifyDatabaseTargetRequest is used to modify a Database target type ModifyDatabaseTargetRequest struct { - TargetName *string `json:"targetName,omitempty"` - ProxyTargetID *string `json:"proxyTargetId,omitempty"` - RemoteHost *string `json:"remoteHost,omitempty"` - RemotePort *Port `json:"remotePort,omitempty"` - LocalPort *Port `json:"localPort,omitempty"` - LocalHost *string `json:"localHost,omitempty"` - IsSplitCert *bool `json:"splitCert,omitempty"` - DatabaseType *string `json:"databaseType,omitempty"` - EnvironmentID *string `json:"environmentId,omitempty"` - DatabaseAuthenticationConfig DatabaseAuthenticationConfig `json:"databaseAuthenticationConfig,omitempty"` + TargetName *string `json:"targetName,omitempty"` + ProxyTargetID *string `json:"proxyTargetId,omitempty"` + RemoteHost *string `json:"remoteHost,omitempty"` + RemotePort *Port `json:"remotePort,omitempty"` + LocalPort *Port `json:"localPort,omitempty"` + LocalHost *string `json:"localHost,omitempty"` + IsSplitCert *bool `json:"splitCert,omitempty"` + DatabaseType *string `json:"databaseType,omitempty"` + EnvironmentID *string `json:"environmentId,omitempty"` + DatabaseAuthenticationConfig dbauthconfig.DatabaseAuthenticationConfig `json:"databaseAuthenticationConfig,omitempty"` } // ListDatabaseTargetsOptions specifies the optional parameters when querying @@ -88,24 +89,12 @@ type DatabaseTarget struct { // Deprecated: IsSplitCert exists for historical compatibility and should not be used. // Set AuthenticationType in DatabaseAuthenticationConfig appropriately instead. - IsSplitCert bool `json:"splitCert"` + IsSplitCert bool `json:"splitCert"` // Deprecated: DatabaseType exists for historical compatibility and should not be used. // Set Database in DatabaseAuthenticationConfig appropriately instead. - DatabaseType *string `json:"databaseType"` - AllowedTargetUsers []policies.TargetUser `json:"allowedTargetUsers"` - DatabaseAuthenticationConfig DatabaseAuthenticationConfig `json:"databaseAuthenticationConfig"` -} - -// DatabaseAuthenticationConfig defines a database authentication configuration supported -// by BastionZero. When using a non-null DatabaseAuthenticationConfig in a request, it -// is recommended that the supported configurations are retrieved from a GET request to -// /api/v2/targets/database/supported-database-configs and then one of the returned -// configurations are used in any subsequent create or update request as needed. -type DatabaseAuthenticationConfig struct { - AuthenticationType *string `json:"authenticationType"` - CloudServiceProvider *string `json:"cloudServiceProvider"` - Database *string `json:"database"` - Label *string `json:"label"` + DatabaseType *string `json:"databaseType"` + AllowedTargetUsers []policies.TargetUser `json:"allowedTargetUsers"` + DatabaseAuthenticationConfig dbauthconfig.DatabaseAuthenticationConfig `json:"databaseAuthenticationConfig"` } // ListDatabaseTargets lists all Database targets. @@ -258,14 +247,14 @@ func (s *TargetsService) ListSplitCertDatabaseTypes(ctx context.Context) (*ListS // ListDatabaseAuthenticationConfigs lists all database authentication configurations supported by BasionZero. // // BastionZero API docs: https://cloud.bastionzero.com/api/#get-/api/v2/targets/database/supported-database-configs -func (s *TargetsService) ListDatabaseAuthenticationConfigs(ctx context.Context) ([]DatabaseAuthenticationConfig, *http.Response, error) { +func (s *TargetsService) ListDatabaseAuthenticationConfigs(ctx context.Context) ([]dbauthconfig.DatabaseAuthenticationConfig, *http.Response, error) { u := databaseBasePath + "/supported-database-configs" req, err := s.Client.NewRequest(ctx, http.MethodGet, u, nil) if err != nil { return nil, nil, err } - dbAuthConfigList := new([]DatabaseAuthenticationConfig) + dbAuthConfigList := new([]dbauthconfig.DatabaseAuthenticationConfig) resp, err := s.Client.Do(req, dbAuthConfigList) if err != nil { return nil, resp, err diff --git a/bastionzero/service/targets/dbauthconfig/authenticationtype.go b/bastionzero/service/targets/dbauthconfig/authenticationtype.go new file mode 100644 index 0000000..0efd601 --- /dev/null +++ b/bastionzero/service/targets/dbauthconfig/authenticationtype.go @@ -0,0 +1,8 @@ +package dbauthconfig + +// These constants represent the supported values for the AuthenticationType field in DatabaseAuthenticationConfig. +const ( + Default string = "Default" + SplitCert string = "SplitCert" + ServiceAccountInjection string = "ServiceAccountInjection" +) diff --git a/bastionzero/service/targets/dbauthconfig/cloudserviceprovider.go b/bastionzero/service/targets/dbauthconfig/cloudserviceprovider.go new file mode 100644 index 0000000..47084a3 --- /dev/null +++ b/bastionzero/service/targets/dbauthconfig/cloudserviceprovider.go @@ -0,0 +1,7 @@ +package dbauthconfig + +// These constants represent the supported values for the CloudServiceProvider field in DatabaseAuthenticationConfig. +const ( + AWS string = "AWS" + GCP string = "GCP" +) diff --git a/bastionzero/service/targets/dbauthconfig/database.go b/bastionzero/service/targets/dbauthconfig/database.go new file mode 100644 index 0000000..7cdc352 --- /dev/null +++ b/bastionzero/service/targets/dbauthconfig/database.go @@ -0,0 +1,10 @@ +package dbauthconfig + +// These constants represent the supported values for the Database field in DatabaseAuthenticationConfig. +const ( + CockroachDB string = "CockroachDB" + MicrosoftSQLServer string = "MicrosoftSQLServer" + MongoDB string = "MongoDB" + MySQL string = "MySQL" + Postgres string = "Postgres" +) diff --git a/bastionzero/service/targets/dbauthconfig/dbauthconfig.go b/bastionzero/service/targets/dbauthconfig/dbauthconfig.go new file mode 100644 index 0000000..c89b4e8 --- /dev/null +++ b/bastionzero/service/targets/dbauthconfig/dbauthconfig.go @@ -0,0 +1,13 @@ +package dbauthconfig + +// DatabaseAuthenticationConfig defines a database authentication configuration supported +// by BastionZero. When using a non-null DatabaseAuthenticationConfig in a request, it +// is recommended that the supported configurations are retrieved from a GET request to +// /api/v2/targets/database/supported-database-configs and then one of the returned +// configurations is used in any subsequent create or update request as needed. +type DatabaseAuthenticationConfig struct { + AuthenticationType *string `json:"authenticationType"` + CloudServiceProvider *string `json:"cloudServiceProvider"` + Database *string `json:"database"` + Label *string `json:"label"` +} diff --git a/bastionzero/service/targets_disambiguated/database_target.go b/bastionzero/service/targets_disambiguated/database_target.go index 7b6f80b..962253c 100644 --- a/bastionzero/service/targets_disambiguated/database_target.go +++ b/bastionzero/service/targets_disambiguated/database_target.go @@ -3,19 +3,19 @@ package targets_disambiguated import ( "github.com/bastionzero/bastionzero-sdk-go/bastionzero/service/connections" "github.com/bastionzero/bastionzero-sdk-go/bastionzero/service/policies" - "github.com/bastionzero/bastionzero-sdk-go/bastionzero/service/targets" + "github.com/bastionzero/bastionzero-sdk-go/bastionzero/service/targets/dbauthconfig" ) type DatabaseTarget struct { Target - ProxyAgentId string `json:"proxyAgentId"` - ProxyAgentName string `json:"proxyAgentName"` - RemoteHost string `json:"remoteHost"` - RemotePort Port `json:"remotePort"` - LocalHost string `json:"localHost"` - LocalPort *Port `json:"localPort"` - AllowedTargetUsers []policies.TargetUser `json:"allowedTargetUsers"` - Connections []connections.DbConnection `json:"connections"` - DatabaseAuthenticationConfig targets.DatabaseAuthenticationConfig `json:"databaseAuthenticationConfig"` + ProxyAgentId string `json:"proxyAgentId"` + ProxyAgentName string `json:"proxyAgentName"` + RemoteHost string `json:"remoteHost"` + RemotePort Port `json:"remotePort"` + LocalHost string `json:"localHost"` + LocalPort *Port `json:"localPort"` + AllowedTargetUsers []policies.TargetUser `json:"allowedTargetUsers"` + Connections []connections.DbConnection `json:"connections"` + DatabaseAuthenticationConfig dbauthconfig.DatabaseAuthenticationConfig `json:"databaseAuthenticationConfig"` } From ff0913777a09c13bffd00dcecb2dd49678e2aa20 Mon Sep 17 00:00:00 2001 From: Chad Unrein Date: Tue, 10 Oct 2023 15:17:50 -0500 Subject: [PATCH 5/8] spelling fix and add missing deprecations --- .../service/connections/connections.go | 2 +- bastionzero/service/targets/database.go | 44 +++++++++++-------- 2 files changed, 27 insertions(+), 19 deletions(-) diff --git a/bastionzero/service/connections/connections.go b/bastionzero/service/connections/connections.go index 5b52767..5182178 100644 --- a/bastionzero/service/connections/connections.go +++ b/bastionzero/service/connections/connections.go @@ -122,7 +122,7 @@ type CreateUniversalConnectionResponse struct { AgentVersion string `json:"agentVersion"` ConnectionAuthDetails ConnectionAuthDetails `json:"connectionAuthDetails"` SshScpOnly bool `json:"sshScpOnly"` - // Deprecated: SplitCert exist for historical compatibility and should not be used. + // Deprecated: SplitCert exists for historical compatibility and should not be used. // Use IsPasswordless instead. SplitCert bool `json:"splitCert"` IsPasswordless bool `json:"isPasswordless"` diff --git a/bastionzero/service/targets/database.go b/bastionzero/service/targets/database.go index 032e277..00126c9 100644 --- a/bastionzero/service/targets/database.go +++ b/bastionzero/service/targets/database.go @@ -24,14 +24,18 @@ type CreateDatabaseTargetRequest struct { // RemotePort is required for all databases except GCP-hosted ones. For GCP-hosted databases, // Port.Value can be specified but will be ignored when connecting to the database. // If not provided when creating a CGP database target, Port.Value will be set to 0. - RemotePort *Port `json:"remotePort,omitempty"` - LocalPort *Port `json:"localPort,omitempty"` - LocalHost string `json:"localHost,omitempty"` - IsSplitCert bool `json:"splitCert,omitempty"` - DatabaseType string `json:"databaseType,omitempty"` - EnvironmentID string `json:"environmentId,omitempty"` - EnvironmentName string `json:"environmentName,omitempty"` - DatabaseAuthenticationConfig dbauthconfig.DatabaseAuthenticationConfig `json:"databaseAuthenticationConfig,omitempty"` + RemotePort *Port `json:"remotePort,omitempty"` + LocalPort *Port `json:"localPort,omitempty"` + LocalHost string `json:"localHost,omitempty"` + // Deprecated: IsSplitCert exists for historical compatibility and should not be used. + // Set AuthenticationType in DatabaseAuthenticationConfig appropriately instead. + IsSplitCert bool `json:"splitCert,omitempty"` + // Deprecated: DatabaseType exists for historical compatibility and should not be used. + // Set Database in DatabaseAuthenticationConfig appropriately instead. + DatabaseType string `json:"databaseType,omitempty"` + EnvironmentID string `json:"environmentId,omitempty"` + EnvironmentName string `json:"environmentName,omitempty"` + DatabaseAuthenticationConfig *dbauthconfig.DatabaseAuthenticationConfig `json:"databaseAuthenticationConfig,omitempty"` } // CreateDatabaseTargetResponse is the response returned if a Database target is @@ -42,16 +46,20 @@ type CreateDatabaseTargetResponse struct { // ModifyDatabaseTargetRequest is used to modify a Database target type ModifyDatabaseTargetRequest struct { - TargetName *string `json:"targetName,omitempty"` - ProxyTargetID *string `json:"proxyTargetId,omitempty"` - RemoteHost *string `json:"remoteHost,omitempty"` - RemotePort *Port `json:"remotePort,omitempty"` - LocalPort *Port `json:"localPort,omitempty"` - LocalHost *string `json:"localHost,omitempty"` - IsSplitCert *bool `json:"splitCert,omitempty"` - DatabaseType *string `json:"databaseType,omitempty"` - EnvironmentID *string `json:"environmentId,omitempty"` - DatabaseAuthenticationConfig dbauthconfig.DatabaseAuthenticationConfig `json:"databaseAuthenticationConfig,omitempty"` + TargetName *string `json:"targetName,omitempty"` + ProxyTargetID *string `json:"proxyTargetId,omitempty"` + RemoteHost *string `json:"remoteHost,omitempty"` + RemotePort *Port `json:"remotePort,omitempty"` + LocalPort *Port `json:"localPort,omitempty"` + LocalHost *string `json:"localHost,omitempty"` + // Deprecated: IsSplitCert exists for historical compatibility and should not be used. + // Set AuthenticationType in DatabaseAuthenticationConfig appropriately instead. + IsSplitCert *bool `json:"splitCert,omitempty"` + // Deprecated: DatabaseType exists for historical compatibility and should not be used. + // Set Database in DatabaseAuthenticationConfig appropriately instead. + DatabaseType *string `json:"databaseType,omitempty"` + EnvironmentID *string `json:"environmentId,omitempty"` + DatabaseAuthenticationConfig *dbauthconfig.DatabaseAuthenticationConfig `json:"databaseAuthenticationConfig,omitempty"` } // ListDatabaseTargetsOptions specifies the optional parameters when querying From 2b1a2b7b8956d71a208c203f700e1e8197f00e04 Mon Sep 17 00:00:00 2001 From: Chad Unrein Date: Wed, 11 Oct 2023 12:29:44 -0500 Subject: [PATCH 6/8] add omitempty where missing and changie changes --- .changes/unreleased/ENHANCEMENTS-20231011-122738.yaml | 6 ++++++ .changes/unreleased/FEATURES-20231006-135721.yaml | 3 +-- bastionzero/service/targets/dbauthconfig/dbauthconfig.go | 8 ++++---- 3 files changed, 11 insertions(+), 6 deletions(-) create mode 100644 .changes/unreleased/ENHANCEMENTS-20231011-122738.yaml diff --git a/.changes/unreleased/ENHANCEMENTS-20231011-122738.yaml b/.changes/unreleased/ENHANCEMENTS-20231011-122738.yaml new file mode 100644 index 0000000..c2fdee8 --- /dev/null +++ b/.changes/unreleased/ENHANCEMENTS-20231011-122738.yaml @@ -0,0 +1,6 @@ +kind: ENHANCEMENTS +body: 'targets/database: Add new field DatabaseAuthenticationConfig and deprecate + SplitCert and DatabaseType' +time: 2023-10-11T12:27:38.297052484-05:00 +custom: + Issues: "40" diff --git a/.changes/unreleased/FEATURES-20231006-135721.yaml b/.changes/unreleased/FEATURES-20231006-135721.yaml index 4a59b4f..9cba31d 100644 --- a/.changes/unreleased/FEATURES-20231006-135721.yaml +++ b/.changes/unreleased/FEATURES-20231006-135721.yaml @@ -1,6 +1,5 @@ kind: FEATURES -body: 'targets/database: Add new field DatabaseAuthenticationConfig and deprecate - SplitCert and DatabaseType' +body: 'targets/database: Add support for GET list of database authentication configs' time: 2023-10-06T13:57:21.309141752-05:00 custom: Issues: "40" diff --git a/bastionzero/service/targets/dbauthconfig/dbauthconfig.go b/bastionzero/service/targets/dbauthconfig/dbauthconfig.go index c89b4e8..06fdffe 100644 --- a/bastionzero/service/targets/dbauthconfig/dbauthconfig.go +++ b/bastionzero/service/targets/dbauthconfig/dbauthconfig.go @@ -6,8 +6,8 @@ package dbauthconfig // /api/v2/targets/database/supported-database-configs and then one of the returned // configurations is used in any subsequent create or update request as needed. type DatabaseAuthenticationConfig struct { - AuthenticationType *string `json:"authenticationType"` - CloudServiceProvider *string `json:"cloudServiceProvider"` - Database *string `json:"database"` - Label *string `json:"label"` + AuthenticationType *string `json:"authenticationType,omitempty"` + CloudServiceProvider *string `json:"cloudServiceProvider,omitempty"` + Database *string `json:"database,omitempty"` + Label *string `json:"label,omitempty"` } From e2718ba438236f5b02cba5bd9f0064b626866253 Mon Sep 17 00:00:00 2001 From: Chad Unrein Date: Wed, 11 Oct 2023 13:24:34 -0500 Subject: [PATCH 7/8] revert RemotePort field change --- bastionzero/service/targets/database.go | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/bastionzero/service/targets/database.go b/bastionzero/service/targets/database.go index 00126c9..e7eae62 100644 --- a/bastionzero/service/targets/database.go +++ b/bastionzero/service/targets/database.go @@ -21,10 +21,10 @@ type CreateDatabaseTargetRequest struct { TargetName string `json:"targetName"` ProxyTargetID string `json:"proxyTargetId"` RemoteHost string `json:"remoteHost"` - // RemotePort is required for all databases except GCP-hosted ones. For GCP-hosted databases, - // Port.Value can be specified but will be ignored when connecting to the database. - // If not provided when creating a CGP database target, Port.Value will be set to 0. - RemotePort *Port `json:"remotePort,omitempty"` + // RemotePort is required for all databases; however, for GCP-hosted databases, the + // value specified for Port.Value will be ignored when connecting to the database. + // TODO: To match REST API, change to: RemotePort *Port `json:"remotePort,omitempty"` (to be combined with other breaking changes) + RemotePort Port `json:"remotePort"` LocalPort *Port `json:"localPort,omitempty"` LocalHost string `json:"localHost,omitempty"` // Deprecated: IsSplitCert exists for historical compatibility and should not be used. From 873b2689548484976d0e2ebf62a0c71e92180a66 Mon Sep 17 00:00:00 2001 From: Chad Unrein Date: Wed, 11 Oct 2023 14:16:42 -0500 Subject: [PATCH 8/8] move TODO to exclude it from generated docs --- bastionzero/service/targets/database.go | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/bastionzero/service/targets/database.go b/bastionzero/service/targets/database.go index e7eae62..4020564 100644 --- a/bastionzero/service/targets/database.go +++ b/bastionzero/service/targets/database.go @@ -21,9 +21,11 @@ type CreateDatabaseTargetRequest struct { TargetName string `json:"targetName"` ProxyTargetID string `json:"proxyTargetId"` RemoteHost string `json:"remoteHost"` + // TODO: To match REST API, change to: RemotePort *Port `json:"remotePort,omitempty"` + // and update the comment below in a batched breaking changes release + // RemotePort is required for all databases; however, for GCP-hosted databases, the // value specified for Port.Value will be ignored when connecting to the database. - // TODO: To match REST API, change to: RemotePort *Port `json:"remotePort,omitempty"` (to be combined with other breaking changes) RemotePort Port `json:"remotePort"` LocalPort *Port `json:"localPort,omitempty"` LocalHost string `json:"localHost,omitempty"`