Skip to content

feat(sshtunnel): add provider #226

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
zeyadmoslem wants to merge 8 commits into
base: main
Choose a base branch
from
Open

feat(sshtunnel): add provider #226

zeyadmoslem wants to merge 8 commits into from

Conversation

@zeyadmoslem
Copy link

@zeyadmoslem zeyadmoslem commented Aug 26, 2025

This PR introduces a new SSH Tunnel provider command to manage multiple SSH tunnels via configuration. Key features include:

  • Tunnel Management: Start and stop SSH tunnels based on a declarative YAML configuration.

  • Authentication Support:

    • Password-based authentication (including 1Password integration)
    • SSH key authentication (including 1Password integration)

  • 1Password Integration: Resolve passwords or private keys directly from 1Password vaults.

  • Optional Sudo: Ability to run tunnels with sudo when required.

  • Port Conflict Handling: Checks if the local port is already in use before starting a tunnel.

  • Temporary Key Handling: Creates temporary files for private keys obtained from 1Password and cleans them up after use.

  • CLI Integration: Fully integrated into the CLI with autocompletion and command tree support.

This provider enables secure and automated management of SSH tunnels for multiple environments, supporting both developer and CI/CD workflows.

For more information, please read the README.md.

@franklinkim
Copy link
Member

franklinkim commented Aug 28, 2025
edited
Loading

Hi @zeyadmoslem, thanks for the PR. Did you check the implementation of kubeforward in combination with gokazi. It might be a simple way to check if the tunnel process is already running and also being able to add the checker

@zeyadmoslem
Copy link
Author

zeyadmoslem commented Aug 29, 2025
edited
Loading

Hi @franklinkim , thanks for the suggestion. Actually, at the beginning I tried to implement gokazi, but the issue is that I would have to provide the exact same command and arguments in gokazi.Add() that are built and run in the execute function’s start case; otherwise, it wouldn’t be recognized as running (the findProcess function in gokazi compares the arguments and fails if they don’t match). In some cases, building these arguments requires retrieving credentials from 1PW. This means that every time the shell starts or is rebuilt, the prompt would ask for authentication in 1PW before building or starting, if it’s not already authenticated.

Would you recommend implementing it this way for now, so that the prompt asks for 1PW authentication before starting, or should we leave it as is for now and refactor it later?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@zeyadmoslem @franklinkim