feat: add bastion host commands

carlalexander · carlalexander · commit 35d2c238fd3e · 2021-05-03T17:20:49.000-04:00
diff --git a/src/ApiClient.php b/src/ApiClient.php
@@ -52,6 +52,14 @@ public function __construct(string $baseUrl, ClientInterface $client, CliConfigu
         $this->cliConfiguration = $cliConfiguration;
     }
 
+    /**
+     * Add a bastion host to the given network.
+     */
+    public function addBastionHost(int $networkId): Collection
+    {
+        return $this->request('post', "/networks/{$networkId}/bastion-host");
+    }
+
     /**
      * Add a NAT gateway to the given network.
      */
@@ -404,6 +412,14 @@ public function getArtifactUploadUrl(int $deploymentId): string
         return $uploadUrl;
     }
 
+    /**
+     * Get the bastion host with the given ID.
+     */
+    public function getBastionHost(int $bastionHostId): Collection
+    {
+        return $this->request('get', "/bastion-hosts/{$bastionHostId}");
+    }
+
     /**
      * Get the SSL certificates with the given ID.
      */
@@ -748,6 +764,14 @@ public function isAuthenticated(): bool
         }
     }
 
+    /**
+     * Remove the bastion host from the given network.
+     */
+    public function removeBastionHost(int $networkId)
+    {
+        $this->request('delete', "/networks/{$networkId}/bastion-host");
+    }
+
     /**
      * Remove the NAT gateway from the given network.
      */
diff --git a/src/Command/Network/AddBastionHostCommand.php b/src/Command/Network/AddBastionHostCommand.php
@@ -0,0 +1,119 @@
+<?php
+
+declare(strict_types=1);
+
+/*
+ * This file is part of Ymir command-line tool.
+ *
+ * (c) Carl Alexander <support@ymirapp.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Ymir\Cli\Command\Network;
+
+use Symfony\Component\Console\Input\InputArgument;
+use Symfony\Component\Console\Input\InputInterface;
+use Symfony\Component\Filesystem\Filesystem;
+use Ymir\Cli\ApiClient;
+use Ymir\Cli\CliConfiguration;
+use Ymir\Cli\Command\AbstractCommand;
+use Ymir\Cli\Console\ConsoleOutput;
+use Ymir\Cli\ProjectConfiguration;
+
+class AddBastionHostCommand extends AbstractCommand
+{
+    /**
+     * The name of the command.
+     *
+     * @var string
+     */
+    public const NAME = 'network:bastion:add';
+
+    /**
+     * The file system.
+     *
+     * @var Filesystem
+     */
+    private $filesystem;
+
+    /**
+     * The path to the user's home directory.
+     *
+     * @var string
+     */
+    private $homeDirectory;
+
+    /**
+     * Constructor.
+     */
+    public function __construct(ApiClient $apiClient, CliConfiguration $cliConfiguration, Filesystem $filesystem, string $homeDirectory, ProjectConfiguration $projectConfiguration)
+    {
+        parent::__construct($apiClient, $cliConfiguration, $projectConfiguration);
+
+        $this->filesystem = $filesystem;
+        $this->homeDirectory = rtrim($homeDirectory, '/');
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    protected function configure()
+    {
+        $this
+            ->setName(self::NAME)
+            ->setDescription('Add a bastion host to the network')
+            ->addArgument('network', InputArgument::OPTIONAL, 'The ID or name of the network to add a bastion host to');
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    protected function perform(InputInterface $input, ConsoleOutput $output)
+    {
+        $network = $this->apiClient->getNetwork($this->determineNetwork('Which network would like to add a bastion host to', $input, $output));
+
+        $bastionHost = $this->apiClient->addBastionHost((int) $network->get('id'));
+
+        $output->infoWithDelayWarning('Bastion host added');
+        $output->newLine();
+        $output->warn('SSH private key:');
+        $output->newLine();
+        $output->writeln($bastionHost['private_key']);
+
+        if (!is_dir($this->homeDirectory.'/.ssh') || !$output->confirm('Would you like to create the SSH private key in your ~/.ssh directory?')) {
+            return;
+        }
+
+        $privateKeyFilename = $this->homeDirectory.'/.ssh/ymir-'.$network->get('name');
+
+        if ($this->filesystem->exists($privateKeyFilename) && !$output->confirm('A SSH key already exists for this network. Do you want to overwrite it?', false)) {
+            return;
+        }
+
+        $this->filesystem->dumpFile($privateKeyFilename, $bastionHost->get('private_key'));
+        $this->filesystem->chmod($privateKeyFilename, 0600);
+
+        $output->infoWithValue('SSH private key created', $privateKeyFilename);
+
+        $sshConfigFilename = $this->homeDirectory.'/.ssh/config';
+
+        if (!$this->filesystem->exists($sshConfigFilename) || !$output->confirm('Would you like to configure SSH to connect to the bastion host?')) {
+            return;
+        }
+
+        $output->infoWithWarning('Waiting for bastion host to get assigned a public domain name', 'takes a few minutes');
+
+        $bastionHost = $this->wait(function () use ($bastionHost) {
+            $bastionHost = $this->apiClient->getBastionHost((int) $bastionHost->get('id'));
+
+            return 'available' === $bastionHost->get('status') ? $bastionHost : [];
+        }, 20, 15);
+
+        $this->filesystem->appendToFile($sshConfigFilename, sprintf("\nHost %s\n  User ec2-user\n  IdentitiesOnly yes\n  IdentityFile %s\n", $bastionHost->get('endpoint'), $privateKeyFilename));
+
+        $output->newLine();
+        $output->infoWithValue('SSH configured. Login using', sprintf('ssh %s', $bastionHost->get('endpoint')));
+    }
+}
diff --git a/src/Command/Network/RemoveBastionHostCommand.php b/src/Command/Network/RemoveBastionHostCommand.php
@@ -0,0 +1,50 @@
+<?php
+
+declare(strict_types=1);
+
+/*
+ * This file is part of Ymir command-line tool.
+ *
+ * (c) Carl Alexander <support@ymirapp.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Ymir\Cli\Command\Network;
+
+use Symfony\Component\Console\Input\InputArgument;
+use Symfony\Component\Console\Input\InputInterface;
+use Ymir\Cli\Command\AbstractCommand;
+use Ymir\Cli\Console\ConsoleOutput;
+
+class RemoveBastionHostCommand extends AbstractCommand
+{
+    /**
+     * The name of the command.
+     *
+     * @var string
+     */
+    public const NAME = 'network:bastion:remove';
+
+    /**
+     * {@inheritdoc}
+     */
+    protected function configure()
+    {
+        $this
+            ->setName(self::NAME)
+            ->setDescription('Remove bastion host from the network')
+            ->addArgument('network', InputArgument::OPTIONAL, 'The ID or name of the network to remove the bastion host from');
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    protected function perform(InputInterface $input, ConsoleOutput $output)
+    {
+        $this->apiClient->removeBastionHost($this->determineNetwork('Which network would like to remove the bastion host from', $input, $output));
+
+        $output->infoWithDelayWarning('Bastion host removed');
+    }
+}
