Compare commits

...

22 Commits

Author SHA1 Message Date
老J
0a9f5be727
Merge 9813acaff3 into 113b502abb 2024-02-11 19:50:12 -08:00
Søren L. Hansen
113b502abb Leverage up-to-date Docker actions 2024-02-11 19:49:12 -08:00
Søren L. Hansen
ddca6a4663 Add more docker tags (docker/metadata-action) 2024-02-11 19:49:12 -08:00
Soren L. Hansen
8dd044c7cf Merge remote-tracking branch 'origin/master' 2024-02-11 18:05:53 -08:00
Soren L. Hansen
4b7715e6b3 npm update 2024-02-11 18:04:48 -08:00
180909
546ac8d62b Remove ioutil import 2024-02-11 17:35:53 -08:00
dependabot[bot]
3557ea60a6
Bump postcss from 8.4.16 to 8.4.31 in /js
Bumps [postcss](https://github.com/postcss/postcss) from 8.4.16 to 8.4.31.
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/postcss/postcss/compare/8.4.16...8.4.31)

---
updated-dependencies:
- dependency-name: postcss
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-10-07 03:47:51 +00:00
llaoj
9813acaff3 Merge branch 'develop': control sequence 2022-12-13 13:53:30 +08:00
llaoj
8450aa5ee2 control sequenes 2022-12-13 13:52:15 +08:00
llaoj
9c203ef201 For the brevity of the code, I changed the print format of arguments. 2022-12-12 09:25:43 +08:00
llaoj
0620cb5c2c For the brevity of the code, I changed the print format of arguments. 2022-12-12 09:19:30 +08:00
老J
9224e98568
Merge branch 'sorenisanerd:master' into master 2022-12-11 18:10:11 +08:00
llaoj
f764187d57 1. Adjusted the log format
2. optimized code
Merge branch 'develop'
2022-12-11 18:01:49 +08:00
llaoj
24549dca01 1. Adjusted the log format
2. optimized code
2022-12-11 18:00:15 +08:00
llaoj
abddcbc68d 1. add writes logs in stdout
Merge branch 'develop'
2022-11-15 09:52:03 +08:00
llaoj
8a407192cc ascii to str 2022-11-15 09:34:38 +08:00
llaoj
8a7fa9ecb9 ascii to str 2022-11-14 12:15:16 +08:00
llaoj
70a264ed00 writes log 2022-11-14 09:36:47 +08:00
llaoj
1c4427af53 writes log 2022-11-14 09:32:24 +08:00
llaoj
73f0ca5a2f writes log 2022-11-14 08:53:57 +08:00
llaoj
a7d7ea6629 1. introduct operation log feature in README.md
2. add args(json) in operation logs
2022-11-13 11:14:11 +08:00
llaoj
3e9fbfc86e operation log 2022-11-11 17:06:22 +08:00
19 changed files with 976 additions and 3837 deletions

View File

@ -1,36 +1,42 @@
--- ---
name: "pre-release" name: "pre-release"
on: on: [push]
push:
branches: env:
- "master" IMAGE_NAME: ${{ github.repository }}
jobs: jobs:
pre-release-docker: pre-release-docker:
name: "Pre Release Docker" name: "Pre Release Docker"
runs-on: "ubuntu-latest" runs-on: "ubuntu-latest"
steps: steps:
- uses: actions/checkout@v2 -
name: Docker meta
id: meta
uses: docker/metadata-action@v4
with: with:
fetch-depth: 0 images: ${{ env.IMAGE_NAME }}
tags: |
type=raw,value=latest,enable={{is_default_branch}}
type=sha,format=long
type=sha
type=semver,pattern=v{{major}}.{{minor}}.{{patch}}
type=semver,pattern=v{{major}}.{{minor}}
type=semver,pattern=v{{major}}
type=ref,event=tag
type=ref,event=branch
- uses: docker/setup-qemu-action@v1 - uses: docker/setup-qemu-action@v2
- uses: docker/setup-buildx-action@v2
- uses: docker/setup-buildx-action@v1 - uses: docker/login-action@v2
- uses: docker/login-action@v1
with: with:
username: "${{ secrets.DOCKER_HUB_USER }}" username: "${{ secrets.DOCKER_HUB_USER }}"
password: "${{ secrets.DOCKER_HUB_TOKEN }}" password: "${{ secrets.DOCKER_HUB_TOKEN }}"
- name: "Build and push docker image" - name: "Build and push docker image"
uses: docker/build-push-action@v2 uses: docker/build-push-action@v4
with: with:
context: .
file: ./Dockerfile
platforms: linux/amd64,linux/arm/v7,linux/arm64 platforms: linux/amd64,linux/arm/v7,linux/arm64
push: true push: true
tags: "${{ secrets.DOCKER_REPO }}:latest" tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}

3
.gotty
View File

@ -7,6 +7,9 @@
// [bool] Permit clients to write to the TTY // [bool] Permit clients to write to the TTY
// permit_write = false // permit_write = false
// [bool] Log user's writes in the TTY
// write_log = false
// [bool] Enable basic authentication // [bool] Enable basic authentication
// enable_basic_auth = false // enable_basic_auth = false

View File

@ -57,6 +57,7 @@ By default, GoTTY starts a web server at port 8080. Open the URL on your web bro
--port value, -p value Port number to liten (default: "8080") [$GOTTY_PORT] --port value, -p value Port number to liten (default: "8080") [$GOTTY_PORT]
--path value, -m value Base path (default: "/") [$GOTTY_PATH] --path value, -m value Base path (default: "/") [$GOTTY_PATH]
--permit-write, -w Permit clients to write to the TTY (BE CAREFUL) (default: false) [$GOTTY_PERMIT_WRITE] --permit-write, -w Permit clients to write to the TTY (BE CAREFUL) (default: false) [$GOTTY_PERMIT_WRITE]
--write-log Log user's writes in the TTY (default: false) [$GOTTY_WRITE_LOG]
--credential value, -c value Credential for Basic Authentication (ex: user:pass, default disabled) [$GOTTY_CREDENTIAL] --credential value, -c value Credential for Basic Authentication (ex: user:pass, default disabled) [$GOTTY_CREDENTIAL]
--random-url, -r Add a random string to the URL (default: false) [$GOTTY_RANDOM_URL] --random-url, -r Add a random string to the URL (default: false) [$GOTTY_RANDOM_URL]
--random-url-length value Random URL length (default: 8) [$GOTTY_RANDOM_URL_LENGTH] --random-url-length value Random URL length (default: 8) [$GOTTY_RANDOM_URL_LENGTH]
@ -151,6 +152,37 @@ When you want to create a jailed environment for each client, you can use Docker
$ gotty -w docker run -it --rm busybox $ gotty -w docker run -it --rm busybox
``` ```
## Write log
If you set `--write-log` option, user's writes in the TTY can be Logged. for example:
if you run gotty like this:
```shell
./gotty -w --write-log --permit-arguments ./test.sh
```
this is `test.sh`:
```sh
#!/bin/bash
echo "Welcome: $4"
kubectl -n $1 exec -it $2 -c $3 -- sh
```
visit `http://127.0.0.1:8080/?arg=without-istio&arg=sleep-7b6d569576-57sjq&arg=sleep&arg=21001713` and input your commands in shell, and you will see user's writes in the log (operation logs):
```
...
2022/12/13 13:36:46 [write-log] map[arg:[without-istio sleep-7b6d569576-8nz7t sleep 21001713]] ls[CR]
2022/12/13 13:37:25 [write-log] map[arg:[without-istio sleep-7b6d569576-8nz7t sleep 21001713]] echo[SPACE]hello[SPACE]world;[CR]
2022/12/13 13:47:00 [write-log] map[arg:[without-istio sleep-7b6d569576-8nz7t sleep 21001713]] [CUU][CR]
...
```
Using the `[write-log]` flag, you can collect and store these logs persistently. All args are in the log, including the userID.
## Development ## Development
You can build a binary by simply running `make`. go1.16 is required. You can build a binary by simply running `make`. go1.16 is required.

File diff suppressed because one or more lines are too long

View File

@ -1,6 +1,6 @@
/*! /*!
* Bootstrap v5.2.0 (https://getbootstrap.com/) * Bootstrap v5.3.2 (https://getbootstrap.com/)
* Copyright 2011-2022 The Bootstrap Authors (https://github.com/twbs/bootstrap/graphs/contributors) * Copyright 2011-2023 The Bootstrap Authors (https://github.com/twbs/bootstrap/graphs/contributors)
* Licensed under MIT (https://github.com/twbs/bootstrap/blob/main/LICENSE) * Licensed under MIT (https://github.com/twbs/bootstrap/blob/main/LICENSE)
*/ */

File diff suppressed because one or more lines are too long

View File

@ -26,8 +26,7 @@ bootstrap
MIT MIT
The MIT License (MIT) The MIT License (MIT)
Copyright (c) 2011-2022 Twitter, Inc. Copyright (c) 2011-2023 The Bootstrap Authors
Copyright (c) 2011-2022 The Bootstrap Authors
Permission is hereby granted, free of charge, to any person obtaining a copy Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal of this software and associated documentation files (the "Software"), to deal

4525
js/package-lock.json generated

File diff suppressed because it is too large Load Diff

View File

@ -3,29 +3,29 @@
"version": "1.4.0", "version": "1.4.0",
"private": true, "private": true,
"devDependencies": { "devDependencies": {
"@types/bootstrap": "^5.1.9", "@types/bootstrap": "^5.2.10",
"compression-webpack-plugin": "^9.2.0", "compression-webpack-plugin": "^9.2.0",
"license-loader": "^0.5.0", "license-loader": "^0.5.0",
"license-webpack-plugin": "^4.0.2", "license-webpack-plugin": "^4.0.2",
"purgecss": "^4.1.3", "purgecss": "^4.1.3",
"sass": "^1.54.5", "sass": "^1.70.0",
"sass-loader": "^12.6.0", "sass-loader": "^12.6.0",
"terser-webpack-plugin": "^5.3.1", "terser-webpack-plugin": "^5.3.10",
"ts-loader": "^8.3.0", "ts-loader": "^8.4.0",
"typescript": "^4.3.2", "typescript": "^4.9.5",
"webpack": "^5.76.0", "webpack": "^5.90.1",
"webpack-cli": "^4.7.0", "webpack-cli": "^4.10.0",
"webpack-dev-server": "^4.11.1" "webpack-dev-server": "^4.15.1"
}, },
"dependencies": { "dependencies": {
"@popperjs/core": "^2.11.5", "@popperjs/core": "^2.11.8",
"bootstrap": "^5.1.3", "bootstrap": "^5.3.2",
"css-loader": "^5.2.6", "css-loader": "^5.2.7",
"debounce": "^1.2.1", "debounce": "^1.2.1",
"preact": "^10.7.1", "preact": "^10.19.4",
"react-bootstrap": "^2.2.3", "react-bootstrap": "^2.10.1",
"style-loader": "^2.0.0", "style-loader": "^2.0.0",
"xterm": "^4.12.0", "xterm": "^4.19.0",
"xterm-addon-fit": "^0.5.0", "xterm-addon-fit": "^0.5.0",
"xterm-addon-web-links": "^0.4.0", "xterm-addon-web-links": "^0.4.0",
"xterm-addon-webgl": "^0.10.0", "xterm-addon-webgl": "^0.10.0",

View File

@ -6,6 +6,7 @@
// Configuration // Configuration
@import "functions"; @import "functions";
@import "variables"; @import "variables";
@import "variables-dark";
@import "maps"; @import "maps";
@import "mixins"; @import "mixins";
@import "utilities"; @import "utilities";

View File

@ -3,7 +3,7 @@ package main
import ( import (
"context" "context"
"fmt" "fmt"
"io/ioutil" "io"
"log" "log"
"os" "os"
"os/signal" "os/signal"
@ -68,7 +68,7 @@ func main() {
if appOptions.Quiet { if appOptions.Quiet {
log.SetFlags(0) log.SetFlags(0)
log.SetOutput(ioutil.Discard) log.SetOutput(io.Discard)
} }
if c.IsSet("credential") { if c.IsSet("credential") {

View File

@ -145,10 +145,14 @@ func (server *Server) processWSConn(ctx context.Context, conn *websocket.Conn, h
opts := []webtty.Option{ opts := []webtty.Option{
webtty.WithWindowTitle(titleBuf.Bytes()), webtty.WithWindowTitle(titleBuf.Bytes()),
webtty.WithArguments(params),
} }
if server.options.PermitWrite { if server.options.PermitWrite {
opts = append(opts, webtty.WithPermitWrite()) opts = append(opts, webtty.WithPermitWrite())
} }
if server.options.WriteLog {
opts = append(opts, webtty.WithWriteLog())
}
if server.options.EnableReconnect { if server.options.EnableReconnect {
opts = append(opts, webtty.WithReconnect(server.options.ReconnectTime)) opts = append(opts, webtty.WithReconnect(server.options.ReconnectTime))
} }

View File

@ -9,6 +9,7 @@ type Options struct {
Port string `hcl:"port" flagName:"port" flagSName:"p" flagDescribe:"Port number to liten" default:"8080"` Port string `hcl:"port" flagName:"port" flagSName:"p" flagDescribe:"Port number to liten" default:"8080"`
Path string `hcl:"path" flagName:"path" flagSName:"m" flagDescribe:"Base path" default:"/"` Path string `hcl:"path" flagName:"path" flagSName:"m" flagDescribe:"Base path" default:"/"`
PermitWrite bool `hcl:"permit_write" flagName:"permit-write" flagSName:"w" flagDescribe:"Permit clients to write to the TTY (BE CAREFUL)" default:"false"` PermitWrite bool `hcl:"permit_write" flagName:"permit-write" flagSName:"w" flagDescribe:"Permit clients to write to the TTY (BE CAREFUL)" default:"false"`
WriteLog bool `hcl:"write_log" flagName:"write-log" flagDescribe:"Log user's writes in the TTY" default:"false"`
EnableBasicAuth bool `hcl:"enable_basic_auth" default:"false"` EnableBasicAuth bool `hcl:"enable_basic_auth" default:"false"`
Credential string `hcl:"credential" flagName:"credential" flagSName:"c" flagDescribe:"Credential for Basic Authentication (ex: user:pass, default disabled)" default:""` Credential string `hcl:"credential" flagName:"credential" flagSName:"c" flagDescribe:"Credential for Basic Authentication (ex: user:pass, default disabled)" default:""`
EnableRandomUrl bool `hcl:"enable_random_url" flagName:"random-url" flagSName:"r" flagDescribe:"Add a random string to the URL" default:"false"` EnableRandomUrl bool `hcl:"enable_random_url" flagName:"random-url" flagSName:"r" flagDescribe:"Add a random string to the URL" default:"false"`

View File

@ -6,10 +6,10 @@ import (
"crypto/x509" "crypto/x509"
"html/template" "html/template"
"io/fs" "io/fs"
"io/ioutil"
"log" "log"
"net" "net"
"net/http" "net/http"
"os"
"regexp" "regexp"
"strings" "strings"
noesctmpl "text/template" noesctmpl "text/template"
@ -45,7 +45,7 @@ func New(factory Factory, options *Options) (*Server, error) {
} }
if options.IndexFile != "" { if options.IndexFile != "" {
path := homedir.Expand(options.IndexFile) path := homedir.Expand(options.IndexFile)
indexData, err = ioutil.ReadFile(path) indexData, err = os.ReadFile(path)
if err != nil { if err != nil {
return nil, errors.Wrapf(err, "failed to read custom index file at `%s`", path) return nil, errors.Wrapf(err, "failed to read custom index file at `%s`", path)
} }
@ -253,7 +253,7 @@ func (server *Server) setupHTTPServer(handler http.Handler) (*http.Server, error
func (server *Server) tlsConfig() (*tls.Config, error) { func (server *Server) tlsConfig() (*tls.Config, error) {
caFile := homedir.Expand(server.options.TLSCACrtFile) caFile := homedir.Expand(server.options.TLSCACrtFile)
caCert, err := ioutil.ReadFile(caFile) caCert, err := os.ReadFile(caFile)
if err != nil { if err != nil {
return nil, errors.New("could not open CA crt file " + caFile) return nil, errors.New("could not open CA crt file " + caFile)
} }

View File

@ -1,7 +1,7 @@
package server package server
import ( import (
"io/ioutil" "io"
"github.com/gorilla/websocket" "github.com/gorilla/websocket"
"github.com/pkg/errors" "github.com/pkg/errors"
@ -31,7 +31,7 @@ func (wsw *wsWrapper) Read(p []byte) (n int, err error) {
continue continue
} }
b, err := ioutil.ReadAll(reader) b, err := io.ReadAll(reader)
if len(b) > len(p) { if len(b) > len(p) {
return 0, errors.Wrapf(err, "Client message exceeded buffer size") return 0, errors.Wrapf(err, "Client message exceeded buffer size")
} }

View File

@ -1,7 +1,6 @@
package utils package utils
import ( import (
"io/ioutil"
"log" "log"
"os" "os"
"reflect" "reflect"
@ -114,7 +113,7 @@ func ApplyConfigFile(filePath string, options ...interface{}) error {
fileString := []byte{} fileString := []byte{}
log.Printf("Loading config file at: %s", filePath) log.Printf("Loading config file at: %s", filePath)
fileString, err := ioutil.ReadFile(filePath) fileString, err := os.ReadFile(filePath)
if err != nil { if err != nil {
return err return err
} }

114
utils/log.go Normal file
View File

@ -0,0 +1,114 @@
package utils
import (
"fmt"
"regexp"
)
var ControlCodes = map[byte]string{
0: "NUL",
1: "SOH",
2: "STX",
3: "ETX",
4: "EOT",
5: "ENQ",
6: "ACK",
7: "BEL",
8: "BS",
9: "HT",
10: "LF",
11: "VT",
12: "FF",
13: "CR",
14: "SO",
15: "SI",
16: "DLE",
17: "DCI",
18: "DC2",
19: "DC3",
20: "DC4",
21: "NAK",
22: "SYN",
23: "TB",
24: "CAN",
25: "EM",
26: "SUB",
27: "ESC",
28: "FS",
29: "GS",
30: "RS",
31: "US",
32: "SPACE",
127: "DEL",
}
// https://en.wikipedia.org/wiki/ANSI_escape_code
// https://xtermjs.org/docs/api/vtfeatures/
var ControlSequences = map[string]string{
// Cursor Up
"ESC[A": "CUU",
// Cursor Down
"ESC[B": "CUD",
// Cursor Forward
"ESC[C": "CUF",
// Cursor Back
"ESC[D": "CUB",
}
var ControlSequencePatterns = map[string]string{
// Device Status Report
// Reports the cursor position (CPR) by transmitting `ESC[n;mR`, where n is the row and m is the column.
"^ESC\\[\\d+;\\d+R$": "",
}
func ControlCodesToStr(codes []byte) (str string) {
for _, code := range codes {
if value, ok := ControlCodes[code]; ok {
str += value
} else {
str += string(code)
}
}
return
}
func ControlCodesToEscapedStr(codes []byte) (str string) {
for _, code := range codes {
if value, ok := ControlCodes[code]; ok {
str += fmt.Sprintf("[%s]", value)
} else if code == 91 || code == 92 || code == 93 {
// escaping [ ] \
str += fmt.Sprintf("\\%s", string(code))
} else {
str += string(code)
}
}
return
}
func ControlSequenceToStr(codes []byte) (string, bool) {
sequence := ControlCodesToStr(codes)
for key, value := range ControlSequences {
if key == sequence {
return fmt.Sprintf("[%s]", value), true
}
}
for key, value := range ControlSequencePatterns {
if regexp.MustCompile(key).Match([]byte(sequence)) {
return value, true
}
}
return sequence, false
}
func FormatWriteLog(codes []byte, line *string) {
n := len(codes)
if n >= 3 {
if str, exists := ControlSequenceToStr(codes); exists {
*line += str
return
}
}
*line += ControlCodesToEscapedStr(codes)
}

View File

@ -17,6 +17,14 @@ func WithPermitWrite() Option {
} }
} }
// WithWriteLog sets a WebTTY to log user's writes in the TTY.
func WithWriteLog() Option {
return func(wt *WebTTY) error {
wt.writeLog = true
return nil
}
}
// WithFixedColumns sets a fixed width to TTY master. // WithFixedColumns sets a fixed width to TTY master.
func WithFixedColumns(columns int) Option { func WithFixedColumns(columns int) Option {
return func(wt *WebTTY) error { return func(wt *WebTTY) error {
@ -41,6 +49,14 @@ func WithWindowTitle(windowTitle []byte) Option {
} }
} }
// WithArguments sets the command line arguments that clients send
func WithArguments(arguments map[string][]string) Option {
return func(wt *WebTTY) error {
wt.arguments = arguments
return nil
}
}
// WithReconnect enables reconnection on the master side. // WithReconnect enables reconnection on the master side.
func WithReconnect(timeInSeconds int) Option { func WithReconnect(timeInSeconds int) Option {
return func(wt *WebTTY) error { return func(wt *WebTTY) error {

View File

@ -4,6 +4,8 @@ import (
"context" "context"
"encoding/base64" "encoding/base64"
"encoding/json" "encoding/json"
"github.com/sorenisanerd/gotty/utils"
"log"
"sync" "sync"
"github.com/pkg/errors" "github.com/pkg/errors"
@ -19,7 +21,9 @@ type WebTTY struct {
slave Slave slave Slave
windowTitle []byte windowTitle []byte
arguments map[string][]string
permitWrite bool permitWrite bool
writeLog bool
columns int columns int
rows int rows int
reconnect int // in seconds reconnect int // in seconds
@ -93,13 +97,14 @@ func (wt *WebTTY) Run(ctx context.Context) error {
go func() { go func() {
errs <- func() error { errs <- func() error {
buffer := make([]byte, wt.bufferSize) buffer := make([]byte, wt.bufferSize)
var line string
for { for {
n, err := wt.masterConn.Read(buffer) n, err := wt.masterConn.Read(buffer)
if err != nil { if err != nil {
return ErrMasterClosed return ErrMasterClosed
} }
err = wt.handleMasterReadEvent(buffer[:n]) err = wt.handleMasterReadEvent(buffer[:n], &line)
if err != nil { if err != nil {
return err return err
} }
@ -168,7 +173,7 @@ func (wt *WebTTY) masterWrite(data []byte) error {
return nil return nil
} }
func (wt *WebTTY) handleMasterReadEvent(data []byte) error { func (wt *WebTTY) handleMasterReadEvent(data []byte, line *string) error {
if len(data) == 0 { if len(data) == 0 {
return errors.New("unexpected zero length read from master") return errors.New("unexpected zero length read from master")
} }
@ -189,6 +194,16 @@ func (wt *WebTTY) handleMasterReadEvent(data []byte) error {
return errors.Wrapf(err, "failed to decode received data") return errors.Wrapf(err, "failed to decode received data")
} }
if wt.writeLog {
utils.FormatWriteLog(decodedBuffer[:n], line)
// 13(ASCII) means carriage return(CR)
// it is the end of a line
if decodedBuffer[n-1] == 13 {
log.Printf("[write-log] %v %s\n", wt.arguments, *line)
*line = ""
}
}
_, err = wt.slave.Write(decodedBuffer[:n]) _, err = wt.slave.Write(decodedBuffer[:n])
if err != nil { if err != nil {
return errors.Wrapf(err, "failed to write received data to slave") return errors.Wrapf(err, "failed to write received data to slave")