create a deferral to automatically close sessions after creating them during boundary connect (#6054)

8 months ago · 5ebf11caeb
parent 5f6cb00108
commit 5ebf11caeb
2 changed files with 45 additions and 16 deletions
--- a/api/proxy/proxy.go
+++ b/api/proxy/proxy.go
@ -350,12 +350,20 @@ func (p *ClientProxy) Start(opt ...Option) (retErr error) {
 		return nil
 	}
-	ctx, cancel := context.WithTimeout(context.Background(), opts.withSessionTeardownTimeout)
+	return p.CloseSession(opts.withSessionTeardownTimeout)
 }
 // CloseSession attempts to close the currently proxied session by sending a
 // request to do so to the worker proxying the connection
 func (p *ClientProxy) CloseSession(sessionTeardownTimeout time.Duration) error {
 	if sessionTeardownTimeout == 0 {
 		sessionTeardownTimeout = sessionCancelTimeout
 	}
 	ctx, cancel := context.WithTimeout(context.Background(), sessionTeardownTimeout)
 	defer cancel()
 	if err := p.sendSessionTeardown(ctx); err != nil {
 		return fmt.Errorf("error sending session teardown request to worker: %w", err)
 	}
 	return nil
 }
--- a/internal/cmd/commands/connect/connect.go
+++ b/internal/cmd/commands/connect/connect.go
@ -19,6 +19,7 @@ import (
 	"github.com/hashicorp/boundary/api"
 	apiproxy "github.com/hashicorp/boundary/api/proxy"
 	"github.com/hashicorp/boundary/api/sessions"
 	"github.com/hashicorp/boundary/api/targets"
 	"github.com/hashicorp/boundary/internal/cmd/base"
 	"github.com/hashicorp/boundary/internal/util"
@ -336,6 +337,19 @@ func (c *Command) Run(args []string) (retCode int) {
 		}
 	}
 	var addr netip.Addr
 	if c.flagListenAddr == "" {
 		c.flagListenAddr = "127.0.0.1"
 	}
 	addr, err := netip.ParseAddr(c.flagListenAddr)
 	if err != nil {
 		c.PrintCliError(fmt.Errorf("Error parsing listen address: %w", err))
 		return base.CommandCliError
 	}
 	listenAddr := netip.AddrPortFrom(addr, uint16(c.flagListenPort))
 	var clientProxy *apiproxy.ClientProxy
 	authzString := c.flagAuthzToken
 	switch {
 	case authzString != "":
@ -431,28 +445,35 @@ func (c *Command) Run(args []string) (retCode int) {
 			HostId:          sa.HostId,
 			Credentials:     sa.Credentials,
 		}
 		authzString = sa.AuthorizationToken
 	}
-	var listenAddr netip.AddrPort
+		// the session was created specifically for this `boundary connect`
-	var addr netip.Addr
+		// command, and should be closed as soon as the command has exited
-	if c.flagListenAddr == "" {
+		defer func() {
-		c.flagListenAddr = "127.0.0.1"
+			var err error
-	}
+			switch {
-	addr, err := netip.ParseAddr(c.flagListenAddr)
+			case clientProxy != nil:
-	if err != nil {
+				err = clientProxy.CloseSession(0)
-		c.PrintCliError(fmt.Errorf("Error parsing listen address: %w", err))
+			default:
-		return base.CommandCliError
+				// this is a weird special case. normally we let the client proxy end
-	}
+				// the session, but it failed to be inited, so we need to create the
 				// session client to ensure we don't leave hanging sessions
 				sClient := sessions.NewClient(client)
 				_, err = sClient.Cancel(c.Context, sa.SessionId, 0, sessions.WithAutomaticVersioning(true))
 			}
 			if err != nil {
 				c.PrintCliError(fmt.Errorf("Error closing session after command end: %w", err))
 			}
 		}()
-	listenAddr = netip.AddrPortFrom(addr, uint16(c.flagListenPort))
+		authzString = sa.AuthorizationToken
 	}
 	connsLeftCh := make(chan int32)
 	apiProxyOpts := []apiproxy.Option{apiproxy.WithConnectionsLeftCh(connsLeftCh)}
 	if listenAddr.IsValid() {
 		apiProxyOpts = append(apiProxyOpts, apiproxy.WithListenAddrPort(listenAddr))
 	}
-	clientProxy, err := apiproxy.New(
+	clientProxy, err = apiproxy.New(
 		c.proxyCtx,
 		authzString,
 		apiProxyOpts...,