sshforwarding: exit on ssh errors without printing any further errors

estuary · Oct 24, 2024 · bcb56de · bcb56de
1 parent ccaf43a
commit bcb56de
Show file tree

Hide file tree

Showing 3 changed files with 26 additions and 13 deletions.
diff --git a/src/errors.rs b/src/errors.rs
@@ -19,4 +19,9 @@ pub enum Error {
 
     #[error("malformed destination address {0}")]
     BadDestinationAddress(String),
+
+    // Used to silently terminate the SSH tunnel without logging any further errors
+    // this allows the last `ssh: ` log to be reported as the main error to the user
+    #[error("")]
+    SilentError
 }
diff --git a/src/main.rs b/src/main.rs
@@ -54,7 +54,9 @@ async fn main() -> io::Result<()> {
     init_logging(&log_args);
 
     if let Err(err) = run(command).await.as_ref() {
-        tracing::error!(error = ?err, "network tunnel failed.");
+        if !matches!(err, Error::SilentError) {
+            tracing::error!(error = ?err, "network tunnel failed.");
+        }
         std::process::exit(1);
     }
     Ok(())
@@ -64,15 +66,15 @@ async fn run_and_cleanup(tunnel: &mut Box<dyn NetworkTunnel>) -> Result<(), Erro
     let tunnel_block = {
         let prep = tunnel.prepare().await;
 
-        // Write "READY" to stdio to unblock Go logic.
-        // The current workflow assumes that
-        //   1. After tunnel.prepare() is called, the network tunnel is able to accept requests from clients without sending errors back to clients.
-        //   2. The network tunnel is able to process client requests immediately after `tunnel.start_serve` is called.
-        // If either of the assumptions is invalid for any new tunnel type, the READY-logic need to be moved to a separate task, which
-        //    sends out the "READY" signal after making sure the network tunnel is started and working properly.
-        println!("READY");
-
         future::ready(prep).and_then(|()| {
+            // Write "READY" to stdio to unblock Go logic.
+            // The current workflow assumes that
+            //   1. After tunnel.prepare() is called, the network tunnel is able to accept requests from clients without sending errors back to clients.
+            //   2. The network tunnel is able to process client requests immediately after `tunnel.start_serve` is called.
+            // If either of the assumptions is invalid for any new tunnel type, the READY-logic need to be moved to a separate task, which
+            //    sends out the "READY" signal after making sure the network tunnel is started and working properly.
+            println!("READY");
+
             tunnel.start_serve()
         }).await
     };

diff --git a/src/sshforwarding.rs b/src/sshforwarding.rs
@@ -112,13 +112,19 @@ impl NetworkTunnel for SshForwarding {
             if line.starts_with("debug1:") {
                 tracing::debug!("ssh: {}", &line);
             } else if line.starts_with("Warning: Permanently added") {
-                tracing::debug!("ssh: {}", &line);
+                tracing::debug!("network-tunnel: {}", &line);
             } else if line.contains("Permission denied") {
-                tracing::error!("ssh: {}", &line);
+                tracing::error!("network-tunnel: {}", &line);
+                return Err(Error::SilentError)
             } else if line.contains("Network is unreachable") {
-                tracing::error!("ssh: {}", &line);
+                tracing::error!("network-tunnel: {}", &line);
+                return Err(Error::SilentError)
             } else if line.contains("Connection timed out") {
-                tracing::error!("ssh: {}", &line);
+                tracing::error!("network-tunnel: {}", &line);
+                return Err(Error::SilentError)
+            } else if line.contains("Operation timed out") {
+                tracing::error!("network-tunnel: {}", &line);
+                return Err(Error::SilentError)
             } else {
                 tracing::info!("ssh: {}", &line);
             }