Our remote environments are currently fronted by a Linux instance acting as the gatekeeper between the developers and the actual environments (apache and mysql instances running Drupal). This was done to limit the exposure of the actual environments and limit the details that need to be shared to developers (e.g. ssh keys, URLs, IP addresses).
On the gatekeeper machine, Drush is installed and a ~/.drush/sites/project.site.yml exists with the details of the actual environments:
'dev':
db-url: ...
# Other dev details
'test':
db-url: ...
# Other test details
'live':
db-url: ...
# Other live details
On our local machines, the developers have limited SSH access to this gatekeeper server and have a web/drush/sites/project.site.yml in the project that just looks like this:
'*':
host: 'gatekeeper.project.net'
user: 'admin'
The expectation was that developers should be able to do something like drush @project.dev sql:dump and Drush would just forward this to the gatekeeper server to run it against the dev alias. However, I get the following error:
The command "ssh -t -o PasswordAuthentication=no [email protected] 'drush sql:dump --uri=default'" failed.
It looks like it only forwarded drush sql:dump --uri=default to the server and not drush @project.dev sql:dump --uri=default. This used to work with Drush 8, we had a successful setup using this method. But this no longer works with Drush 9+ with a translated configuration.
How do I pass @project.dev (or any alias) to the remote server? Am I missing some configuration? Is there a better way to do this?
