feat: add dblab teleport serve CLI command + hostssl cert in default pg_hba
Implements webhook-driven Teleport integration as a CLI sidecar. See #683 (closed) for details.
Summary
- New
dblab teleport servesubcommand - Receives webhooks from DBLab Engine on clone_create/clone_delete
- Calls tctl to register/deregister Teleport DB services
- Startup reconciliation catches missed events
- Zero engine server changes — works with existing 4.0.4
Architecture
The sidecar runs on the DBLab host alongside the Engine and Teleport agent. Engine webhooks fire instantly on clone lifecycle events. The sidecar translates them into tctl create/rm calls.
Closes #683 (closed)
Edited by Maya P