https://github.com/eddiewebb/circleci-dmz-orb
Allows CircleCI builds to access private network services over a intermediate jump host using SSH port forwarding.
https://github.com/eddiewebb/circleci-dmz-orb
circleci circleci-orbs
Last synced: about 1 month ago
JSON representation
Allows CircleCI builds to access private network services over a intermediate jump host using SSH port forwarding.
- Host: GitHub
- URL: https://github.com/eddiewebb/circleci-dmz-orb
- Owner: eddiewebb
- Created: 2018-11-08T13:36:48.000Z (almost 7 years ago)
- Default Branch: master
- Last Pushed: 2021-04-21T17:30:50.000Z (over 4 years ago)
- Last Synced: 2025-04-09T08:13:27.484Z (6 months ago)
- Topics: circleci, circleci-orbs
- Language: Shell
- Homepage: https://circleci.com
- Size: 42 KB
- Stars: 17
- Watchers: 1
- Forks: 7
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# circleci-dmz-orb
Allows CircleCI builds to access private network services over a intermediate jump host using SSH port forwarding.
**Note**: port 3306 represents the local port, in this example for a DB connection, but can be any available port.
## Examples
Full usage examples can be found under the `examples` key in the [orb's source](/src/orb.yml#L67)
```
version: 2.1
orbs:
dmz: eddiewebb/dmz@volatile
workflows:
test_all:
jobs:
- build
- build_key_path
- build_key_value
- build_key_variable
jobs:
build: # this job uses ssh-keyscan to dynamically trust public key of bastion host
docker:
- image: circleci/node:10
steps:
- checkout
- dmz/open_tunnel:
local_port: "9001"
target_host: "104.154.89.105"
target_port: "80"
bastion_user: ubuntu
bastion_host: ec2-18-191-19-150.us-east-2.compute.amazonaws.com
# and simply confirm that accessing local port resolves the target (in this case an HTTP server)
- run: curl localhost:9001
build_key_path: #this job uses a *public* key file within the repo to be explicitly trusted
docker:
- image: circleci/node:10
steps:
- checkout
- dmz/open_tunnel:
local_port: "9001"
target_host: "104.154.89.105"
target_port: "80"
bastion_user: ubuntu
bastion_host: ec2-18-191-19-150.us-east-2.compute.amazonaws.com
bastion_public_key: bastion.pub
# and simply confirm that accessing local port resolves the target (in this case an HTTP server)
- run: curl localhost:9001
build_key_value: # this job uses a public key string value to trust bastion explicitly
docker:
- image: circleci/node:10
steps:
- checkout
- dmz/open_tunnel:
local_port: "9001"
target_host: "104.154.89.105"
target_port: "80"
bastion_user: ubuntu
bastion_host: ec2-18-191-19-150.us-east-2.compute.amazonaws.com
bastion_public_key: 'ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEQonlo27Q6jHMBHm7FczYsVbSDMMejUCZmSTcloE2DrDNfL/fzbzNlP5Xk8MxqRfjrPEsrlvRlyNYSxDLVA+0g='
# and simply confirm that accessing local port resolves the target (in this case an HTTP server)
- run: curl localhost:9001
build_key_variable: # this job uses a public key string value to trust bastion explicitly
docker:
- image: circleci/node:10
steps:
- checkout
- dmz/open_tunnel:
local_port: "9001"
target_host: "104.154.89.105"
target_port: "80"
bastion_user: ubuntu
bastion_host: ec2-18-191-19-150.us-east-2.compute.amazonaws.com
bastion_public_key: ${BASTION_PUBLIC_KEY}
# and simply confirm that accessing local port resolves the target (in this case an HTTP server)
- run: curl localhost:9001
```