added proxycomamnd to be used directly by ssh

Dockerfile

@@ -11,7 +11,7 @@ RUN go build -ldflags "-linkmode 'external' -extldflags '-static'" -o bin ./cmd/
 FROM scratch
 
 COPY --from=builder /opt/converge/bin/converge /opt/converge/bin/
-COPY --from=builder /opt/converge/bin/agent /opt/converge/bin/tcptows /opt/converge/docs/
+COPY --from=builder /opt/converge/bin/agent /opt/converge/bin/tcptows /opt/converge/bin/convergeproxy /opt/converge/docs/
 COPY --from=builder /opt/converge/static/ /opt/converge/docs/
 
 ENTRYPOINT ["/opt/converge/bin/converge", "/opt/converge/docs" ]

cmd/agent/agent.go

@@ -154,9 +154,9 @@ func (f ReaderFunc) Read(p []byte) (n int, err error) {
 func main() {
 	wsURL := os.Args[1]
 
-	advanceWarningTime := 1 * time.Minute
+	advanceWarningTime := 10 * time.Minute
-	agentExpriryTime := 2 * time.Minute
+	agentExpriryTime := 30 * time.Minute
-	tickerInterval := 10 * time.Second
+	tickerInterval := 60 * time.Second
 	agent.ConfigureAgent(advanceWarningTime, agentExpriryTime, tickerInterval)
 
 	conn, _, err := websocket.DefaultDialer.Dial(wsURL, nil)

cmd/convergeproxy/proxy.go

@@ -0,0 +1,40 @@
+package main
+
+import (
+	"cidebug/pkg/iowrappers"
+	"cidebug/pkg/websocketutil"
+	"github.com/gorilla/websocket"
+	"log"
+	"net"
+	"os"
+)
+
+func closeConnection(conn net.Conn) {
+	if tcpConn, ok := conn.(*net.TCPConn); ok {
+		tcpConn.SetLinger(0)
+	}
+	_ = conn.Close()
+}
+
+type Stdio struct{}
+
+func (stdio Stdio) Read(b []byte) (n int, err error) {
+	return os.Stdin.Read(b)
+}
+func (stdio Stdio) Write(b []byte) (n int, err error) {
+	return os.Stdout.Write(b)
+}
+
+func main() {
+	wsURL := os.Args[1]
+
+	_wsConn, _, err := websocket.DefaultDialer.Dial(wsURL, nil)
+	if err != nil {
+		log.Println("WebSocket connection error:", err)
+		panic(err)
+	}
+	wsConn := websocketutil.NewWebSocketConn(_wsConn)
+	defer wsConn.Close()
+
+	iowrappers.SynchronizeStreams(wsConn, Stdio{})
+}

static/index.html

@@ -40,7 +40,10 @@
         to establish a connection to the CI job through converge.
     </p>
 
-    <h2>Local clients</h2>
+    <h2>Local clients: with a local TCP forwarding proxy</h2>
+
+    This option is less convenient than the proxy command because it requires two separate
+    commands to execute.
 
     <p>
         Local clients can connect using regular ssh and sftp commands through a tunnel that
@@ -51,14 +54,14 @@
 
     <pre>
     # for HTTP hosted server
-    curl http://HOST:PORT/docs/wstotcp > wstotcp
+    curl http://HOST:PORT/docs/tcptows > tcptows
-    chmod 755 wstotcp
+    chmod 755 tcptows
-    ./wstotcp 10000 ws://HOST:PORT/client/ID
+    ./tcptows 10000 ws://HOST:PORT/client/ID
 
     # for HTTPS hosted server
-    curl https://HOST:PORT/docs/wstotcp > wstotcp
+    curl https://HOST:PORT/docs/tcptows > tcptows
-    chmod 755 wstotcp
+    chmod 755 tcptows
-    ./wstotcp 10000 wss://HOST:PORT/client/ID
+    ./tcptows 10000 wss://HOST:PORT/client/ID
 </pre>
 
     <p>
@@ -86,6 +89,8 @@
         <li><a href="/docs/tcptows">tcptows</a>: TCP to WS tunnel for allowing regular
             SSH and SFTP clients to connect to converge.
         </li>
+        <li><a href="/docs/convergeproxy">convergeproxy</a>: SSH proxy command that can be directly used by ssh
+        </li>
     </ul>
 
 </div>