feat(exec): add exec support for on-demand services

[thde]

Adds nctl exec sub-commands for connecting directly to on-demand services: PostgreSQL instances and databases, MySQL instances and databases, and KeyValueStore. Using their native CLI clients.

❯ nctl exec postgresdatabase test
psql (18.3, server 17.9 (Ubuntu 17.9-1.pgdg24.04+1))
SSL connection (protocol: TLSv1.3, cipher: TLS_AES_256_GCM_SHA384, compression: off, ALPN: postgresql)
Type "help" for help.

05571f2_e4416af=>

New nctl exec sub-commands:

• nctl exec postgres <name> connects to a Postgres instance via psql
• nctl exec postgresdatabase <name> connects to a PostgresDatabase via psql
• nctl exec mysql <name> connects to a MySQL instance via mysql
• nctl exec mysqldatabase <name> connects to a MySQLDatabase via mysql
• nctl exec keyvaluestore <name> connects to a KeyValueStore via redis-cli

Access Management

For instance-level resources (Postgres, MySQL, KeyValueStore), the command detects the caller's public IP via ip.nine.ch, checks whether it is already in the allowed CIDR list, and if not prompts the user for confirmation before adding it.

The resource is then patched and connectivity is awaited before launching the CLI.

Import from stdin

The command also supports importing using stdin like so:

mysqldump -h source.example.com -u user -ppass mydb | nctl exec mysqldatabase mydb
pg_dump -h source.example.com -U user mydb | nctl exec postgresdatabase mydb

[thde]

TODO:

• Check autocomplete support.
• Add flag for DB instances to change the database.