Interpolation in connect -exec command?

If I want to open a port and connect to it using a random program, it’s clear from the help text that I can do this:

boundary connect -target-name=foo_target -exec foo -- -fooarg1 --fooarg2

But what is missing here is where foo should connect too. Obviously, localhost – but which port? Seems I can do this:

boundary connect -target-name=foo_target -exec foo -listen-port=8000 -- localhost:8000 -fooarg1 --fooarg2

… but this requires local management of which port is in use. It would be really great if we could get the randomly assigned port interpolated into the args, perhaps like this?

boundary connect -target-name=foo_target -exec foo -- localhost:%target-port% --fooarg1

Thanks for trying Boundary @jorhett!

There’s built-in templating when passing arguments to the wrapped exec command. The two variables available are {{boundary.ip}} and {{boundary.port}}.

Example:

boundary connect -exec nc -- {{boundary.ip}} {{boundary.port}}`

Is equivalent to:

nc 127.0.0.1 33456

Let me know if this makes sense! Thanks.

Awesome! I tested and confirmed this makes for a clean SSH configuration then.

Host foo
  HostName foo.example.com
  ProxyCommand boundary connect --target-name foo -exec nc -- {{boundary.ip}} {{boundary.port}}

Much nicer than the shell script I was using :lollipop:

#!/usr/bin/env bash
coproc BC { boundary connect -target-name=$1 -format=json; }
read -u ${BC[0]} JSON
nc localhost $(echo $JSON |jq .port)

…although late yesterday I realized that I could just do this in the shell script:

nc localhost ${BOUNDARY_PROXIED_PORT}

Both this environment variable and those interpolation methods should be documented :+1:

Right on. If you’re doing ProxyCommand stuff, this might also interest you: https://github.com/hashicorp/boundary/pull/796