From 2f8646cb3cb509c262481282f501c274ff76e5be Mon Sep 17 00:00:00 2001 From: afeiszli Date: Wed, 7 Jul 2021 21:12:24 +0000 Subject: [PATCH 01/11] adding kube yaml --- kube/mongo-statefulset.yaml | 59 +++++++++++++++++++++++++ kube/netmaker-api.yaml | 66 ++++++++++++++++++++++++++++ kube/netmaker-grpc.yaml | 68 +++++++++++++++++++++++++++++ kube/netmaker-ingress-api.yaml | 25 +++++++++++ kube/netmaker-ingress-frontend.yaml | 25 +++++++++++ kube/netmaker-ingress-grpc.yaml | 17 ++++++++ kube/netmaker-ui.yaml | 40 +++++++++++++++++ 7 files changed, 300 insertions(+) create mode 100644 kube/mongo-statefulset.yaml create mode 100644 kube/netmaker-api.yaml create mode 100644 kube/netmaker-grpc.yaml create mode 100644 kube/netmaker-ingress-api.yaml create mode 100644 kube/netmaker-ingress-frontend.yaml create mode 100644 kube/netmaker-ingress-grpc.yaml create mode 100644 kube/netmaker-ui.yaml diff --git a/kube/mongo-statefulset.yaml b/kube/mongo-statefulset.yaml new file mode 100644 index 00000000..43c2f862 --- /dev/null +++ b/kube/mongo-statefulset.yaml @@ -0,0 +1,59 @@ +apiVersion: v1 +kind: Service +metadata: + name: mongo + labels: + name: mongo +spec: + ports: + - port: 27017 + targetPort: 27017 + clusterIP: None + selector: + role: mongo +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: mongo +spec: + serviceName: "mongo" + replicas: 1 + selector: + matchLabels: + role: mongo + template: + metadata: + labels: + app: mongo + role: mongo + spec: + containers: + - name: mongo + image: mongo + env: + - name: MONGO_INITDB_ROOT_USERNAME + value: mongoadmin + - name: MONGO_INITDB_ROOT_PASSWORD + value: mongopass + securityContext: + privileged: true + volumeMounts: + - name: mongovol + mountPath: /data/db + volumes: + - name: mongovol + persistentVolumeClaim: + claimName: mongo-pvc +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: mongo-pvc +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 7Gi + storageClassName: longhorn diff --git a/kube/netmaker-api.yaml b/kube/netmaker-api.yaml new file mode 100644 index 00000000..f9cc36a7 --- /dev/null +++ b/kube/netmaker-api.yaml @@ -0,0 +1,66 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: netmaker + labels: + app: netmaker +spec: + selector: + matchLabels: + app: netmaker + replicas: 1 + template: + metadata: + labels: + app: netmaker + spec: + containers: + - name: netmaker + image: gravitl/netmaker:v0.5 + ports: + - containerPort: 8081 + env: + - name: SERVER_HOST + value: "api.test.netmaker.org" + - name: API_PORT + value: "8081" + - name: AGENT_BACKEND + value: "off" + - name: CLIENT_MODE + value: "off" + - name: DNS_MODE + value: "off" + - name: MASTER_KEY + value: "Unkn0wn!" + - name: SERVER_GRPC_WIREGUARD + value: "off" + - name: MASTER_KEY + value: "secretkey" + - name: CORS_ALLOWED_ORIGIN + value: "*" + - name: DISABLE_REMOTE_IP_CHECK + value: "on" + - name: MONGO_ADMIN + value: "mongoadmin" + - name: MONGO_PASS + value: "mongopass" + - name: MONGO_HOST + value: "mongo-0.mongo" + - name: MONGO_OPTS + value: "/?authSource=admin" +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: netmaker + name: netmaker +spec: + ports: + - port: 8081 + protocol: TCP + targetPort: 8081 + selector: + app: netmaker + sessionAffinity: None + type: ClusterIP diff --git a/kube/netmaker-grpc.yaml b/kube/netmaker-grpc.yaml new file mode 100644 index 00000000..56c0c78d --- /dev/null +++ b/kube/netmaker-grpc.yaml @@ -0,0 +1,68 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: netmaker-grpc + labels: + app: netmaker-grpc +spec: + selector: + matchLabels: + app: netmaker-grpc + replicas: 1 + template: + metadata: + labels: + app: netmaker-grpc + spec: + containers: + - name: netmaker-grpc + image: gravitl/netmaker:v0.5 + ports: + - containerPort: 50051 + env: + - name: SERVER_HOST + value: "grpc.test.netmaker.org" + - name: CLIENT_MODE + value: "off" + - name: DNS_MODE + value: "off" + - name: MASTER_KEY + value: "Unkn0wn!" + - name: SERVER_GRPC_WIREGUARD + value: "off" + - name: MASTER_KEY + value: "secretkey" + - name: CORS_ALLOWED_ORIGIN + value: "*" + - name: DISABLE_REMOTE_IP_CHECK + value: "on" + - name: MONGO_ADMIN + value: "mongoadmin" + - name: MONGO_PASS + value: "mongopass" + - name: MONGO_HOST + value: "mongo-0.mongo" + - name: MONGO_OPTS + value: "/?authSource=admin" + - name: SERVER_GRPC_HOST + value: "0.0.0.0" + - name: GRPC_PORT + value: "50051" + - name: REST_BACKEND + value: "off" +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: netmaker-grpc + name: netmaker-grpc +spec: + ports: + - port: 50051 + protocol: TCP + targetPort: 50051 + selector: + app: netmaker-grpc + sessionAffinity: None + type: ClusterIP diff --git a/kube/netmaker-ingress-api.yaml b/kube/netmaker-ingress-api.yaml new file mode 100644 index 00000000..69a24eed --- /dev/null +++ b/kube/netmaker-ingress-api.yaml @@ -0,0 +1,25 @@ +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + annotations: + kubernetes.io/ingress.class: "traefik" + kubernetes.io/ingress.allow-http: "false" + traefik.ingress.kubernetes.io/redirect-entry-point: https + traefik.ingress.kubernetes.io/redirect-permanent: "true" + traefik.ingress.kubernetes.io/rule-type: "PathPrefixStrip" + cert-manager.io/cluster-issuer: wildcard-issuer + name: nm-api-ingress + namespace: netmaker +spec: + rules: + - host: api.test.netmaker.org + http: + paths: + - path: / + backend: + serviceName: netmaker + servicePort: 8081 + tls: + - hosts: + - api.test.netmaker.org + secretName: cert-nm-api diff --git a/kube/netmaker-ingress-frontend.yaml b/kube/netmaker-ingress-frontend.yaml new file mode 100644 index 00000000..652a512a --- /dev/null +++ b/kube/netmaker-ingress-frontend.yaml @@ -0,0 +1,25 @@ +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + annotations: + kubernetes.io/ingress.class: "traefik" + kubernetes.io/ingress.allow-http: "false" + traefik.ingress.kubernetes.io/redirect-entry-point: https + traefik.ingress.kubernetes.io/redirect-permanent: "true" + traefik.ingress.kubernetes.io/rule-type: "PathPrefixStrip" + cert-manager.io/cluster-issuer: wildcard-issuer + name: nm-ui-ingress + namespace: netmaker +spec: + rules: + - host: nm.test.netmaker.org + http: + paths: + - path: / + backend: + serviceName: netmaker-ui + servicePort: 80 + tls: + - hosts: + - nm.test.netmaker.org + secretName: cert-nm-ui diff --git a/kube/netmaker-ingress-grpc.yaml b/kube/netmaker-ingress-grpc.yaml new file mode 100644 index 00000000..9999ed72 --- /dev/null +++ b/kube/netmaker-ingress-grpc.yaml @@ -0,0 +1,17 @@ +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + annotations: + kubernetes.io/ingress.class: "traefik" + ingress.kubernetes.io/protocol: "h2c" + name: nm-grpc-ingress + namespace: netmaker +spec: + rules: + - host: grpc.test.netmaker.org + http: + paths: + - path: / + backend: + serviceName: netmaker-grpc + servicePort: 50051 diff --git a/kube/netmaker-ui.yaml b/kube/netmaker-ui.yaml new file mode 100644 index 00000000..a386b933 --- /dev/null +++ b/kube/netmaker-ui.yaml @@ -0,0 +1,40 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: netmaker-ui + labels: + app: netmaker-ui +spec: + selector: + matchLabels: + app: netmaker-ui + replicas: 1 + template: + metadata: + labels: + app: netmaker-ui + spec: + containers: + - name: netmaker-ui + image: gravitl/netmaker-ui:v0.5 + ports: + - containerPort: 80 + env: + - name: BACKEND_URL + value: "https://api.test.netmaker.org" +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: netmaker-ui + name: netmaker-ui +spec: + ports: + - port: 80 + protocol: TCP + targetPort: 80 + selector: + app: netmaker-ui + sessionAffinity: None + type: ClusterIP From e11a15dfff5211ac29288475868cf08a8d54af66 Mon Sep 17 00:00:00 2001 From: afeiszli Date: Sat, 10 Jul 2021 20:11:19 -0400 Subject: [PATCH 02/11] figured out how to get GRPC working --- controllers/nodeHttpController.go | 2 +- models/node.go | 2 +- netclient/functions/join.go | 19 +++++++++++++++++-- 3 files changed, 19 insertions(+), 4 deletions(-) diff --git a/controllers/nodeHttpController.go b/controllers/nodeHttpController.go index 722ad135..149f5299 100644 --- a/controllers/nodeHttpController.go +++ b/controllers/nodeHttpController.go @@ -578,7 +578,7 @@ func CreateEgressGateway(gateway models.EgressGatewayRequest) (models.Node, erro } var nodechange models.Node nodechange.IsEgressGateway = true - nodechange.EgressGatewayRange = gateway.RangeString + nodechange.EgressGatewayRanges = gateway.Ranges nodechange.PostUp = "iptables -A FORWARD -i " + node.Interface + " -j ACCEPT; iptables -t nat -A POSTROUTING -o " + gateway.Interface + " -j MASQUERADE" nodechange.PostDown = "iptables -D FORWARD -i " + node.Interface + " -j ACCEPT; iptables -t nat -D POSTROUTING -o " + gateway.Interface + " -j MASQUERADE" if gateway.PostUp != "" { diff --git a/models/node.go b/models/node.go index 884fa1cd..14dff64a 100644 --- a/models/node.go +++ b/models/node.go @@ -45,7 +45,7 @@ type Node struct { IsPending bool `json:"ispending" bson:"ispending"` IsEgressGateway bool `json:"isegressgateway" bson:"isegressgateway"` IsIngressGateway bool `json:"isingressgateway" bson:"isingressgateway"` - EgressGatewayRange string `json:"egressgatewayrange" bson:"egressgatewayrange"` + EgressGatewayRanges []string `json:"egressgatewayranges" bson:"egressgatewayranges"` IngressGatewayRange string `json:"ingressgatewayrange" bson:"ingressgatewayrange"` PostChanges string `json:"postchanges" bson:"postchanges"` } diff --git a/netclient/functions/join.go b/netclient/functions/join.go index fe6dc37a..298e2371 100644 --- a/netclient/functions/join.go +++ b/netclient/functions/join.go @@ -1,6 +1,8 @@ package functions import ( + "google.golang.org/grpc/credentials" + "crypto/tls" "fmt" "errors" "context" @@ -139,11 +141,18 @@ func JoinNetwork(cfg config.ClientConfig) error { } var wcclient nodepb.NodeServiceClient var requestOpts grpc.DialOption - requestOpts = grpc.WithInsecure() - conn, err := grpc.Dial(cfg.Server.GRPCAddress, requestOpts) + log.Println("cant believe we made it") + //requestOpts = grpc.WithInsecure() + h2creds := credentials.NewTLS(&tls.Config{NextProtos: []string{"h2"}}) + requestOpts = grpc.WithTransportCredentials(h2creds) + + conn, err := grpc.Dial(cfg.Server.GRPCAddress, requestOpts) + if err != nil { log.Fatalf("Unable to establish client connection to localhost:50051: %v", err) } + log.Println("cant believe we made it 2") + wcclient = nodepb.NewNodeServiceClient(conn) postnode := &nodepb.Node{ @@ -165,12 +174,16 @@ func JoinNetwork(cfg config.ClientConfig) error { if err != nil { return err } + log.Println("cant believe we made it 3") + res, err := wcclient.CreateNode( context.TODO(), &nodepb.CreateNodeReq{ Node: postnode, }, ) + log.Println(res) + log.Println("cant believe we made it 3.5") if err != nil { return err } @@ -179,6 +192,7 @@ func JoinNetwork(cfg config.ClientConfig) error { return err } + log.Println("cant believe we made it 3.75") if node.Dnsoff==true { cfg.Node.DNS = "yes" } @@ -189,6 +203,7 @@ func JoinNetwork(cfg config.ClientConfig) error { } node.Endpoint = node.Localaddress } + log.Println("cant believe we made it 4") err = config.ModConfig(node) if err != nil { From 977da6b129c811fcbf90416cb4e8ab5a4fb9ca63 Mon Sep 17 00:00:00 2001 From: afeiszli Date: Sun, 11 Jul 2021 00:49:31 -0400 Subject: [PATCH 03/11] compiling with changes pushed for json token. Have NOT TESTED. Will probably run into issues. Need to test multiple egress ranges, AllowedIPs, and overriding connection strings. --- config/config.go | 5 ++ controllers/authGrpc.go | 2 +- controllers/networkHttpController.go | 57 ++++++++++++----- controllers/nodeHttpController.go | 14 ++--- functions/helpers.go | 2 +- go.mod | 1 + go.sum | 2 + main.go | 9 ++- models/accessToken.go | 31 ++++++++++ models/network.go | 14 +++-- models/node.go | 17 ++++- netclient/config/config.go | 93 ++++++++++++++++++++-------- servercfg/serverconf.go | 57 ++++++++++++++++- 13 files changed, 243 insertions(+), 61 deletions(-) create mode 100644 models/accessToken.go diff --git a/config/config.go b/config/config.go index a9637c50..5fc99133 100644 --- a/config/config.go +++ b/config/config.go @@ -36,10 +36,13 @@ type EnvironmentConfig struct { // ServerConfig : type ServerConfig struct { + APIConnString string `yaml:"apiconn"` APIHost string `yaml:"apihost"` APIPort string `yaml:"apiport"` + GRPCConnString string `yaml:"grpcconn"` GRPCHost string `yaml:"grpchost"` GRPCPort string `yaml:"grpcport"` + GRPCSecure string `yaml:"grpcsecure"` DefaultNodeLimit int32 `yaml:"defaultnodelimit"` MasterKey string `yaml:"masterkey"` AllowedOrigin string `yaml:"allowedorigin"` @@ -48,6 +51,8 @@ type ServerConfig struct { ClientMode string `yaml:"clientmode"` DNSMode string `yaml:"dnsmode"` DisableRemoteIPCheck string `yaml:"disableremoteipcheck"` + DisableDefaultNet string `yaml:"disabledefaultnet"` + GRPCSSL string `yaml:"grpcssl"` } type WG struct { diff --git a/controllers/authGrpc.go b/controllers/authGrpc.go index 0686c4f4..b7344675 100644 --- a/controllers/authGrpc.go +++ b/controllers/authGrpc.go @@ -84,7 +84,7 @@ func grpcAuthorize(ctx context.Context) error { } emptynode := models.Node{} node, err := functions.GetNodeByMacAddress(network, mac) - if err != nil || node == emptynode { + if err != nil || node.MacAddress == emptynode.MacAddress { return status.Errorf(codes.Unauthenticated, "Node does not exist.") } diff --git a/controllers/networkHttpController.go b/controllers/networkHttpController.go index 69a60f3e..3516806d 100644 --- a/controllers/networkHttpController.go +++ b/controllers/networkHttpController.go @@ -6,11 +6,10 @@ import ( "encoding/json" "errors" "fmt" - "net" "net/http" "strings" "time" - + "github.com/jinzhu/copier" "github.com/go-playground/validator/v10" "github.com/gorilla/mux" "github.com/gravitl/netmaker/functions" @@ -194,13 +193,14 @@ func ValidateNetworkCreate(network models.Network) error { // _ = v.RegisterValidation("netid_valid", func(fl validator.FieldLevel) bool { isFieldUnique, _ := functions.IsNetworkNameUnique(fl.Field().String()) - // inCharSet := functions.NameInNetworkCharSet(fl.Field().String()) - return isFieldUnique + inCharSet := functions.NameInNetworkCharSet(fl.Field().String()) + return isFieldUnique && inCharSet }) // - _ = v.RegisterValidation("displayname_unique", func(fl validator.FieldLevel) bool { + _ = v.RegisterValidation("displayname_valid", func(fl validator.FieldLevel) bool { isFieldUnique, _ := functions.IsNetworkDisplayNameUnique(fl.Field().String()) - return isFieldUnique + inCharSet := functions.NameInNetworkCharSet(fl.Field().String()) + return isFieldUnique && inCharSet }) err := v.Struct(network) @@ -677,12 +677,28 @@ func CreateAccessKey(accesskey models.AccessKey, network models.Network) (models } netID := network.NetID - grpcaddress := net.JoinHostPort(servercfg.GetGRPCHost(), servercfg.GetGRPCPort()) - apiaddress := net.JoinHostPort(servercfg.GetAPIHost(), servercfg.GetAPIPort()) - wgport := servercfg.GetGRPCWGPort() - accessstringdec := wgport + "|" +grpcaddress + "|" + apiaddress + "|" + netID + "|" + accesskey.Value + "|" + privAddr - accesskey.AccessString = base64.StdEncoding.EncodeToString([]byte(accessstringdec)) + var accessToken models.AccessToken + var tokensrvcfg models.ServerConfig + var tokenwgcfg models.WG + srvcfg := servercfg.GetServerConfig() + wgcfg := servercfg.GetWGConfig() + copier.Copy(tokensrvcfg, srvcfg) + copier.Copy(tokenwgcfg, wgcfg) + + accessToken.ServerConfig = tokensrvcfg + accessToken.WG = tokenwgcfg + accessToken.ClientConfig.Network = netID + accessToken.ClientConfig.Key = accesskey.Value + accessToken.ClientConfig.LocalRange = privAddr + + tokenjson, err := json.Marshal(accessToken) + if err != nil { + return accesskey, err + } + + accesskey.AccessString = base64.StdEncoding.EncodeToString([]byte(tokenjson)) + //validate accesskey v := validator.New() err = v.Struct(accesskey) @@ -716,10 +732,23 @@ func CreateAccessKey(accesskey models.AccessKey, network models.Network) (models func GetSignupToken(netID string) (models.AccessKey, error) { var accesskey models.AccessKey - address := net.JoinHostPort(servercfg.GetGRPCHost(), servercfg.GetGRPCPort()) + var accessToken models.AccessToken + var tokensrvcfg models.ServerConfig + var tokenwgcfg models.WG + srvcfg := servercfg.GetServerConfig() + wgcfg := servercfg.GetWGConfig() + copier.Copy(tokensrvcfg, srvcfg) + copier.Copy(tokenwgcfg, wgcfg) - accessstringdec := address + "|" + netID + "|" + "" + "|" - accesskey.AccessString = base64.StdEncoding.EncodeToString([]byte(accessstringdec)) + accessToken.ServerConfig = tokensrvcfg + accessToken.WG = tokenwgcfg + + tokenjson, err := json.Marshal(accessToken) + if err != nil { + return accesskey, err + } + + accesskey.AccessString = base64.StdEncoding.EncodeToString([]byte(tokenjson)) return accesskey, nil } func getSignupToken(w http.ResponseWriter, r *http.Request) { diff --git a/controllers/nodeHttpController.go b/controllers/nodeHttpController.go index 149f5299..d2e7defa 100644 --- a/controllers/nodeHttpController.go +++ b/controllers/nodeHttpController.go @@ -612,7 +612,7 @@ func CreateEgressGateway(gateway models.EgressGatewayRequest) (models.Node, erro {"postup", nodechange.PostUp}, {"postdown", nodechange.PostDown}, {"isegressgateway", nodechange.IsEgressGateway}, - {"egressgatewayrange", nodechange.EgressGatewayRange}, + {"egressgatewayranges", nodechange.EgressGatewayRanges}, {"lastmodified", nodechange.LastModified}, }}, } @@ -636,10 +636,10 @@ func CreateEgressGateway(gateway models.EgressGatewayRequest) (models.Node, erro func ValidateEgressGateway(gateway models.EgressGatewayRequest) error { var err error - isIp := functions.IsIpCIDR(gateway.RangeString) - empty := gateway.RangeString == "" - if empty || !isIp { - err = errors.New("IP Range Not Valid") + //isIp := functions.IsIpCIDR(gateway.RangeString) + empty := len(gateway.Ranges)==0 + if empty { + err = errors.New("IP Ranges Cannot Be Empty") } empty = gateway.Interface == "" if empty { @@ -670,7 +670,7 @@ func DeleteEgressGateway(network, macaddress string) (models.Node, error) { } nodechange.IsEgressGateway = false - nodechange.EgressGatewayRange = "" + nodechange.EgressGatewayRanges = []string{} nodechange.PostUp = "" nodechange.PostDown = "" @@ -685,7 +685,7 @@ func DeleteEgressGateway(network, macaddress string) (models.Node, error) { {"postup", nodechange.PostUp}, {"postdown", nodechange.PostDown}, {"isegressgateway", nodechange.IsEgressGateway}, - {"egressgatewayrange", nodechange.EgressGatewayRange}, + {"egressgatewayranges", nodechange.EgressGatewayRanges}, {"lastmodified", nodechange.LastModified}, }}, } diff --git a/functions/helpers.go b/functions/helpers.go index b2c9215f..989e2734 100644 --- a/functions/helpers.go +++ b/functions/helpers.go @@ -555,7 +555,7 @@ func GetNodeObj(id primitive.ObjectID) models.Node { //Switch to REGEX? func NameInNetworkCharSet(name string) bool { - charset := "abcdefghijklmnopqrstuvwxyz1234567890-_" + charset := "abcdefghijklmnopqrstuvwxyz1234567890-_." for _, char := range name { if !strings.Contains(charset, strings.ToLower(string(char))) { diff --git a/go.mod b/go.mod index 491144b0..ac53d081 100644 --- a/go.mod +++ b/go.mod @@ -9,6 +9,7 @@ require ( github.com/golang/protobuf v1.5.2 // indirect github.com/gorilla/handlers v1.5.1 github.com/gorilla/mux v1.8.0 + github.com/jinzhu/copier v0.3.2 // indirect github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e // indirect github.com/stretchr/testify v1.6.1 github.com/txn2/txeh v1.3.0 diff --git a/go.sum b/go.sum index bdf66065..abe0fb5d 100644 --- a/go.sum +++ b/go.sum @@ -93,6 +93,8 @@ github.com/gorilla/mux v1.8.0 h1:i40aqfkR1h2SlN9hojwV5ZA91wcXFOvkdNIeFDP5koI= github.com/gorilla/mux v1.8.0/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= +github.com/jinzhu/copier v0.3.2 h1:QdBOCbaouLDYaIPFfi1bKv5F5tPpeTwXe4sD0jqtz5w= +github.com/jinzhu/copier v0.3.2/go.mod h1:24xnZezI2Yqac9J61UC6/dG/k76ttpq0DdJI3QmUvro= github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg= github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8= diff --git a/main.go b/main.go index 9296be0b..1e2b8c19 100644 --- a/main.go +++ b/main.go @@ -146,9 +146,12 @@ func runGRPC(wg *sync.WaitGroup, installserver bool) { log.Println("Agent Server succesfully started on port " + grpcport + " (gRPC)") if installserver { - log.Println("Adding server to default network") - success, err := serverctl.AddNetwork("default") - if err != nil { + success := true + if !servercfg.DisableDefaultNet() { + log.Println("Adding server to default network") + success, err = serverctl.AddNetwork("default") + } + if err != nil { log.Printf("Error adding to default network: %v", err) log.Println("Unable to add server to network. Continuing.") log.Println("Please investigate client installation on server.") diff --git a/models/accessToken.go b/models/accessToken.go new file mode 100644 index 00000000..04ca5baf --- /dev/null +++ b/models/accessToken.go @@ -0,0 +1,31 @@ +package models + +type AccessToken struct { + ServerConfig + ClientConfig + WG +} + +type ClientConfig struct { + Network string `json:"network"` + Key string `json:"key"` + LocalRange string `json:"localrange"` +} + +type ServerConfig struct { + APIConnString string `json:"apiconn"` + APIHost string `json:"apihost"` + APIPort string `json:"apiport"` + GRPCConnString string `json:"grpcconn"` + GRPCHost string `json:"grpchost"` + GRPCPort string `json:"grpcport"` + GRPCSSL string `json:"grpcssl"` +} + +type WG struct { + GRPCWireGuard string `json:"grpcwg"` + GRPCWGAddress string `json:"grpcaddr"` + GRPCWGPort string `json:"grpcport"` + GRPCWGPubKey string `json:"pubkey"` + GRPCWGEndpoint string `json:"endpoint"` +} diff --git a/models/network.go b/models/network.go index 9158a234..7f5a9c3a 100644 --- a/models/network.go +++ b/models/network.go @@ -16,8 +16,8 @@ type Network struct { // AddressRange6 string `json:"addressrange6" bson:"addressrange6" validate:"required_with=isdualstack true,cidrv6"` AddressRange6 string `json:"addressrange6" bson:"addressrange6" validate:"addressrange6_valid"` //can't have min=1 with omitempty - DisplayName string `json:"displayname,omitempty" bson:"displayname,omitempty" validate:"omitempty,alphanum,min=2,max=20,displayname_unique"` - NetID string `json:"netid" bson:"netid" validate:"required,alphanum,min=1,max=12,netid_valid"` + DisplayName string `json:"displayname,omitempty" bson:"displayname,omitempty" validate:"omitempty,min=1,max=20,displayname_valid"` + NetID string `json:"netid" bson:"netid" validate:"required,min=1,max=12,netid_valid"` NodesLastModified int64 `json:"nodeslastmodified" bson:"nodeslastmodified"` NetworkLastModified int64 `json:"networklastmodified" bson:"networklastmodified"` DefaultInterface string `json:"defaultinterface" bson:"defaultinterface"` @@ -47,8 +47,8 @@ type NetworkUpdate struct { // AddressRange6 string `json:"addressrange6" bson:"addressrange6" validate:"required_with=isdualstack true,cidrv6"` AddressRange6 string `json:"addressrange6" bson:"addressrange6" validate:"omitempty,cidr"` //can't have min=1 with omitempty - DisplayName string `json:"displayname,omitempty" bson:"displayname,omitempty" validate:"omitempty,alphanum,min=2,max=20"` - NetID string `json:"netid" bson:"netid" validate:"omitempty,alphanum,min=1,max=12"` + DisplayName string `json:"displayname,omitempty" bson:"displayname,omitempty" validate:"omitempty,validnetid,min=1,max=20"` + NetID string `json:"netid" bson:"netid" validate:"omitempty,validnetid,min=1,max=15"` NodesLastModified int64 `json:"nodeslastmodified" bson:"nodeslastmodified"` NetworkLastModified int64 `json:"networklastmodified" bson:"networklastmodified"` DefaultInterface string `json:"defaultinterface" bson:"defaultinterface"` @@ -86,7 +86,11 @@ func (network *Network) SetDefaults() { network.DisplayName = network.NetID } if network.DefaultInterface == "" { - network.DefaultInterface = "nm-" + network.NetID + if len(network.NetID) < 13 { + network.DefaultInterface = "nm-" + network.NetID + } else { + network.DefaultInterface = network.NetID + } } if network.DefaultListenPort == 0 { network.DefaultListenPort = 51821 diff --git a/models/node.go b/models/node.go index 14dff64a..14180be7 100644 --- a/models/node.go +++ b/models/node.go @@ -28,7 +28,7 @@ type Node struct { Endpoint string `json:"endpoint" bson:"endpoint" validate:"required,ip"` PostUp string `json:"postup" bson:"postup"` PostDown string `json:"postdown" bson:"postdown"` - AllowedIPs string `json:"allowedips" bson:"allowedips"` + AllowedIPs []string `json:"allowedips" bson:"allowedips"` PersistentKeepalive int32 `json:"persistentkeepalive" bson:"persistentkeepalive" validate:"omitempty,numeric,max=1000"` SaveConfig *bool `json:"saveconfig" bson:"saveconfig"` AccessKey string `json:"accesskey" bson:"accesskey"` @@ -48,6 +48,8 @@ type Node struct { EgressGatewayRanges []string `json:"egressgatewayranges" bson:"egressgatewayranges"` IngressGatewayRange string `json:"ingressgatewayrange" bson:"ingressgatewayrange"` PostChanges string `json:"postchanges" bson:"postchanges"` + StaticIP string `json:"staticip" bson:"staticip"` + StaticPubKey string `json:"staticpubkey" bson:"staticpubkey"` } //node update struct --- only validations are different @@ -62,7 +64,7 @@ type NodeUpdate struct { Endpoint string `json:"endpoint" bson:"endpoint" validate:"omitempty,ip"` PostUp string `json:"postup" bson:"postup"` PostDown string `json:"postdown" bson:"postdown"` - AllowedIPs string `json:"allowedips" bson:"allowedips"` + AllowedIPs []string `json:"allowedips" bson:"allowedips"` PersistentKeepalive int32 `json:"persistentkeepalive" bson:"persistentkeepalive" validate:"omitempty,numeric,max=1000"` SaveConfig *bool `json:"saveconfig" bson:"saveconfig"` AccessKey string `json:"accesskey" bson:"accesskey"` @@ -80,8 +82,10 @@ type NodeUpdate struct { IsIngressGateway bool `json:"isingressgateway" bson:"isingressgateway"` IsEgressGateway bool `json:"isegressgateway" bson:"isegressgateway"` IngressGatewayRange string `json:"ingressgatewayrange" bson:"ingressgatewayrange"` - EgressGatewayRange string `json:"gatewayrange" bson:"gatewayrange"` + EgressGatewayRanges []string `json:"egressgatewayranges" bson:"egressgatewayranges"` PostChanges string `json:"postchanges" bson:"postchanges"` + StaticIP string `json:"staticip" bson:"staticip"` + StaticPubKey string `json:"staticpubkey" bson:"staticpubkey"` } //Duplicated function for NodeUpdates @@ -191,6 +195,13 @@ func (node *Node) SetDefaults() { postup := parentNetwork.DefaultPostUp node.PostUp = postup } + if node.StaticIP == "" { + node.StaticIP = "no" + } + if node.StaticPubKey == "" { + node.StaticPubKey = "no" + } + node.CheckInInterval = parentNetwork.DefaultCheckInInterval } diff --git a/netclient/config/config.go b/netclient/config/config.go index 37c20790..386565ca 100644 --- a/netclient/config/config.go +++ b/netclient/config/config.go @@ -6,10 +6,9 @@ import ( "os" "encoding/base64" "errors" - "strings" "fmt" - "net" "log" + "encoding/json" "gopkg.in/yaml.v3" nodepb "github.com/gravitl/netmaker/grpc" "github.com/gravitl/netmaker/models" @@ -29,6 +28,8 @@ type ServerConfig struct { GRPCAddress string `yaml:"grpcaddress"` APIAddress string `yaml:"apiaddress"` AccessKey string `yaml:"accesskey"` + GRPCSSL string `yaml:"grpcssl"` + GRPCWireGuard string `yaml:"grpcwg"` } type ListConfig struct { @@ -53,16 +54,19 @@ type NodeConfig struct { IsLocal string `yaml:"islocal"` IsDualStack string `yaml:"isdualstack"` IsIngressGateway string `yaml:"isingressgateway"` - AllowedIPs string `yaml:"allowedips"` + AllowedIPs []string `yaml:"allowedips"` LocalRange string `yaml:"localrange"` PostUp string `yaml:"postup"` PostDown string `yaml:"postdown"` Port int32 `yaml:"port"` KeepAlive int32 `yaml:"keepalive"` PublicKey string `yaml:"publickey"` + ServerPubKey string `yaml:"serverpubkey"` PrivateKey string `yaml:"privatekey"` Endpoint string `yaml:"endpoint"` PostChanges string `yaml:"postchanges"` + StaticIP string `yaml:"staticip"` + StaticPubKey string `yaml:"staticpubkey"` IPForwarding string `yaml:"ipforwarding"` } @@ -375,16 +379,34 @@ func GetCLIConfig(c *cli.Context) (ClientConfig, error){ log.Println("error decoding token") return cfg, err } - token := string(tokenbytes) - tokenvals := strings.Split(token, "|") - - cfg.Server.GRPCAddress = tokenvals[1] - cfg.Network = tokenvals[3] - cfg.Node.Network = tokenvals[3] - cfg.Server.AccessKey = tokenvals[4] - if len(tokenvals) > 4 { - cfg.Node.LocalRange = tokenvals[5] + var accesstoken models.AccessToken + if err := json.Unmarshal(tokenbytes, &accesstoken); err != nil { + log.Println("error converting token json to object", tokenbytes ) + return cfg, err } + + if accesstoken.ServerConfig.APIConnString != "" { + cfg.Server.APIAddress = accesstoken.ServerConfig.APIConnString + } else { + cfg.Server.APIAddress = accesstoken.ServerConfig.APIHost + if accesstoken.ServerConfig.APIPort != "" { + cfg.Server.APIAddress = cfg.Server.APIAddress + ":" + accesstoken.ServerConfig.APIPort + } + } + if accesstoken.ServerConfig.GRPCConnString != "" { + cfg.Server.GRPCAddress = accesstoken.ServerConfig.GRPCConnString + } else { + cfg.Server.GRPCAddress = accesstoken.ServerConfig.GRPCHost + if accesstoken.ServerConfig.GRPCPort != "" { + cfg.Server.GRPCAddress = cfg.Server.GRPCAddress + ":" + accesstoken.ServerConfig.GRPCPort + } + } + cfg.Network = accesstoken.ClientConfig.Network + cfg.Node.Network = accesstoken.ClientConfig.Network + cfg.Server.AccessKey = accesstoken.ClientConfig.Key + cfg.Node.LocalRange = accesstoken.ClientConfig.LocalRange + cfg.Server.GRPCSSL = accesstoken.ServerConfig.GRPCSSL + cfg.Server.GRPCWireGuard = accesstoken.WG.GRPCWireGuard if c.String("grpcserver") != "" { cfg.Server.GRPCAddress = c.String("grpcserver") } @@ -401,6 +423,13 @@ func GetCLIConfig(c *cli.Context) (ClientConfig, error){ if c.String("localrange") != "" { cfg.Node.LocalRange = c.String("localrange") } + if c.String("grpcssl") != "" { + cfg.Server.GRPCSSL = c.String("grpcssl") + } + if c.String("grpcwg") != "" { + cfg.Server.GRPCWireGuard = c.String("grpcwg") + } + } else { cfg.Server.GRPCAddress = c.String("grpcserver") cfg.Server.APIAddress = c.String("apiserver") @@ -408,6 +437,8 @@ func GetCLIConfig(c *cli.Context) (ClientConfig, error){ cfg.Network = c.String("network") cfg.Node.Network = c.String("network") cfg.Node.LocalRange = c.String("localrange") + cfg.Server.GRPCWireGuard = c.String("grpcwg") + cfg.Server.GRPCSSL = c.String("grpcssl") } cfg.Node.Name = c.String("name") cfg.Node.Interface = c.String("interface") @@ -442,22 +473,32 @@ func GetCLIConfigRegister(c *cli.Context) (GlobalConfig, error){ log.Println("error decoding token") return cfg, err } - token := string(tokenbytes) - tokenvals := strings.Split(token, "|") - - cfg.Client.ServerPrivateAddress, cfg.Client.ServerGRPCPort, err = net.SplitHostPort(tokenvals[1]) + var accesstoken models.AccessToken + if err := json.Unmarshal(tokenbytes, &accesstoken); err != nil { + log.Println("error converting token json to object", tokenbytes ) + return cfg, err + } + cfg.Client.ServerPrivateAddress = accesstoken.WG.GRPCWGAddress + cfg.Client.ServerGRPCPort = accesstoken.WG.GRPCWGPort if err != nil { log.Println("error decoding token grpcserver") return cfg, err } - cfg.Client.ServerPublicEndpoint, cfg.Client.ServerAPIPort, err = net.SplitHostPort(tokenvals[2]) - if err != nil { - log.Println("error decoding token apiserver") - return cfg, err - } - - cfg.Client.ServerWGPort = tokenvals[0] - cfg.Client.ServerKey = tokenvals[4] + if err != nil { + log.Println("error decoding token apiserver") + return cfg, err + } + if accesstoken.ServerConfig.APIConnString != "" { + cfg.Client.ServerPublicEndpoint = accesstoken.ServerConfig.APIConnString + } else { + cfg.Client.ServerPublicEndpoint = accesstoken.ServerConfig.APIHost + if accesstoken.ServerConfig.APIPort != "" { + cfg.Client.ServerAPIPort = accesstoken.ServerConfig.APIPort + } + } + cfg.Client.ServerWGPort = accesstoken.WG.GRPCWGPort + cfg.Client.ServerKey = accesstoken.ClientConfig.Key + cfg.Client.ServerKey = accesstoken.WG.GRPCWGPubKey if c.String("grpcserver") != "" { cfg.Client.ServerPrivateAddress = c.String("grpcserver") @@ -465,8 +506,8 @@ func GetCLIConfigRegister(c *cli.Context) (GlobalConfig, error){ if c.String("apiserver") != "" { cfg.Client.ServerPublicEndpoint = c.String("apiserver") } - if c.String("key") != "" { - cfg.Client.ServerKey = c.String("key") + if c.String("pubkey") != "" { + cfg.Client.ServerKey = c.String("pubkey") } if c.String("network") != "all" { cfg.Client.Network = c.String("network") diff --git a/servercfg/serverconf.go b/servercfg/serverconf.go index 5d780058..a587000c 100644 --- a/servercfg/serverconf.go +++ b/servercfg/serverconf.go @@ -19,8 +19,10 @@ func SetHost() error { } func GetServerConfig() config.ServerConfig { var cfg config.ServerConfig + cfg.APIConnString = GetAPIConnString() cfg.APIHost = GetAPIHost() cfg.APIPort = GetAPIPort() + cfg.GRPCConnString = GetGRPCConnString() cfg.GRPCHost = GetGRPCHost() cfg.GRPCPort = GetGRPCPort() cfg.MasterKey = "(hidden)" @@ -41,10 +43,18 @@ func GetServerConfig() config.ServerConfig { if IsDNSMode() { cfg.DNSMode = "on" } + cfg.GRPCSSL = "off" + if IsGRPCSSL() { + cfg.GRPCSSL = "on" + } cfg.DisableRemoteIPCheck = "off" if DisableRemoteIPCheck() { cfg.DisableRemoteIPCheck = "on" } + cfg.DisableDefaultNet = "off" + if DisableDefaultNet() { + cfg.DisableRemoteIPCheck = "on" + } return cfg } @@ -63,7 +73,15 @@ func GetWGConfig() config.WG{ cfg.GRPCWGPrivKey = GetGRPCWGPrivKey() return cfg } - +func GetAPIConnString() string { + conn := "" + if os.Getenv("SERVER_API_CONN_STRING") != "" { + conn = os.Getenv("SERVER_API_CONN_STRING") + } else if config.Config.Server.APIConnString != "" { + conn = config.Config.Server.APIConnString + } + return conn +} func GetAPIHost() string { serverhost := "127.0.0.1" if os.Getenv("SERVER_HTTP_HOST") != "" { @@ -101,6 +119,15 @@ func GetDefaultNodeLimit() int32 { } return limit } +func GetGRPCConnString() string { + conn := "" + if os.Getenv("SERVER_GRPC_CONN_STRING") != "" { + conn = os.Getenv("SERVER_GRPC_CONN_STRING") + } else if config.Config.Server.GRPCConnString != "" { + conn = config.Config.Server.GRPCConnString + } + return conn +} func GetGRPCHost() string { serverhost := "127.0.0.1" @@ -201,6 +228,21 @@ func IsDNSMode() bool { } return isdns } + +func IsGRPCSSL() bool { + isssl := false + if os.Getenv("GRPC_SSL") != "" { + if os.Getenv("GRPC_SSL") == "on" { + isssl = true + } + } else if config.Config.Server.DNSMode != "" { + if config.Config.Server.DNSMode == "on" { + isssl = true + } + } + return isssl +} + func DisableRemoteIPCheck() bool { disabled := false if os.Getenv("DISABLE_REMOTE_IP_CHECK") != "" { @@ -214,6 +256,19 @@ func DisableRemoteIPCheck() bool { } return disabled } +func DisableDefaultNet() bool { + disabled := false + if os.Getenv("DISABLE_DEFAULT_NET") != "" { + if os.Getenv("DISABLE_DEFAULT_NET") == "on" { + disabled = true + } + } else if config.Config.Server.DisableDefaultNet != "" { + if config.Config.Server.DisableDefaultNet == "on" { + disabled= true + } + } + return disabled +} func GetPublicIP() (string, error) { endpoint := "" From 9860082b7c54d95e8b5862e0df452df23a5b42bf Mon Sep 17 00:00:00 2001 From: afeiszli Date: Sun, 11 Jul 2021 10:18:31 -0400 Subject: [PATCH 04/11] token configs and secure grpc working --- compose/docker-compose.localserver.yml | 2 +- controllers/networkHttpController.go | 57 +++++++++++++++++-------- models/accessToken.go | 8 ++-- netclient/config/.config.go.swp | Bin 0 -> 40960 bytes netclient/config/config.go | 2 + netclient/functions/checkin.go | 15 ++++++- netclient/functions/common.go | 6 +++ netclient/functions/join.go | 21 +++------ netclient/main.go | 6 ++- netclient/server/grpc.go | 7 ++- netclient/wireguard/kernel.go | 14 +++++- 11 files changed, 98 insertions(+), 40 deletions(-) create mode 100644 netclient/config/.config.go.swp diff --git a/compose/docker-compose.localserver.yml b/compose/docker-compose.localserver.yml index e7f615b8..b0b3d66e 100644 --- a/compose/docker-compose.localserver.yml +++ b/compose/docker-compose.localserver.yml @@ -21,6 +21,6 @@ services: ports: - "80:80" environment: - BACKEND_URL: "http://HOST_IP:8081" + BACKEND_URL: "http://localhost:8081" volumes: mongovol: {} diff --git a/controllers/networkHttpController.go b/controllers/networkHttpController.go index 3516806d..e9e4b9c6 100644 --- a/controllers/networkHttpController.go +++ b/controllers/networkHttpController.go @@ -9,7 +9,6 @@ import ( "net/http" "strings" "time" - "github.com/jinzhu/copier" "github.com/go-playground/validator/v10" "github.com/gorilla/mux" "github.com/gravitl/netmaker/functions" @@ -679,15 +678,27 @@ func CreateAccessKey(accesskey models.AccessKey, network models.Network) (models netID := network.NetID var accessToken models.AccessToken - var tokensrvcfg models.ServerConfig - var tokenwgcfg models.WG - srvcfg := servercfg.GetServerConfig() - wgcfg := servercfg.GetWGConfig() - copier.Copy(tokensrvcfg, srvcfg) - copier.Copy(tokenwgcfg, wgcfg) + s := servercfg.GetServerConfig() + w := servercfg.GetWGConfig() + servervals := models.ServerConfig{ + APIConnString: s.APIConnString, + APIHost: s.APIHost, + APIPort: s.APIPort, + GRPCConnString: s.GRPCConnString, + GRPCHost: s.GRPCHost, + GRPCPort: s.GRPCPort, + GRPCSSL: s.GRPCSSL, + } + wgvals := models.WG{ + GRPCWireGuard: w.GRPCWireGuard, + GRPCWGAddress: w.GRPCWGAddress, + GRPCWGPort: w.GRPCWGPort, + GRPCWGPubKey: w.GRPCWGPubKey, + GRPCWGEndpoint: s.APIHost, + } - accessToken.ServerConfig = tokensrvcfg - accessToken.WG = tokenwgcfg + accessToken.ServerConfig = servervals + accessToken.WG = wgvals accessToken.ClientConfig.Network = netID accessToken.ClientConfig.Key = accesskey.Value accessToken.ClientConfig.LocalRange = privAddr @@ -733,15 +744,27 @@ func GetSignupToken(netID string) (models.AccessKey, error) { var accesskey models.AccessKey var accessToken models.AccessToken - var tokensrvcfg models.ServerConfig - var tokenwgcfg models.WG - srvcfg := servercfg.GetServerConfig() - wgcfg := servercfg.GetWGConfig() - copier.Copy(tokensrvcfg, srvcfg) - copier.Copy(tokenwgcfg, wgcfg) + s := servercfg.GetServerConfig() + w := servercfg.GetWGConfig() + servervals := models.ServerConfig{ + APIConnString: s.APIConnString, + APIHost: s.APIHost, + APIPort: s.APIPort, + GRPCConnString: s.GRPCConnString, + GRPCHost: s.GRPCHost, + GRPCPort: s.GRPCPort, + GRPCSSL: s.GRPCSSL, + } + wgvals := models.WG{ + GRPCWireGuard: w.GRPCWireGuard, + GRPCWGAddress: w.GRPCWGAddress, + GRPCWGPort: w.GRPCWGPort, + GRPCWGPubKey: w.GRPCWGPubKey, + GRPCWGEndpoint: s.APIHost, + } - accessToken.ServerConfig = tokensrvcfg - accessToken.WG = tokenwgcfg + accessToken.ServerConfig = servervals + accessToken.WG = wgvals tokenjson, err := json.Marshal(accessToken) if err != nil { diff --git a/models/accessToken.go b/models/accessToken.go index 04ca5baf..a09de8f5 100644 --- a/models/accessToken.go +++ b/models/accessToken.go @@ -24,8 +24,8 @@ type ServerConfig struct { type WG struct { GRPCWireGuard string `json:"grpcwg"` - GRPCWGAddress string `json:"grpcaddr"` - GRPCWGPort string `json:"grpcport"` - GRPCWGPubKey string `json:"pubkey"` - GRPCWGEndpoint string `json:"endpoint"` + GRPCWGAddress string `json:"grpcwgaddr"` + GRPCWGPort string `json:"grpcwgport"` + GRPCWGPubKey string `json:"grpcwgpubkey"` + GRPCWGEndpoint string `json:"grpcwgendpoint"` } diff --git a/netclient/config/.config.go.swp b/netclient/config/.config.go.swp new file mode 100644 index 0000000000000000000000000000000000000000..012bdf9682a6ef35d9831060d108a8a2c0166e93 GIT binary patch literal 40960 zcmeI53z%G0eZU7nWJJ_L`KnOhX4J3?$!s7o(8yNfF03m_ST{ffdCkt;-Apn&GtSIz zNJ9j)f*9(ve$`q~i&`lX0ksM~smP;N3oW(kr#!79)t0x9itX=z9`~O6nBCcp?N{yH z@B8Iu?s@;ux#yn$|2*!*iql8ed&d`#$?^C6TyE*p51;qELt438R_>K6)%^42_I!Wa z8m+DEPN`FE)aUg228nQBsxi=Rl?Up6XS%f2Z^?hkwW?q543r!7$?BB36sH<|EkVznuKqi4q0+|Fd z3H-)OpwrwhcOj*ChAGK`=DJtxx{vuiX|4yw-1jrTFE&?eII!_N%iNze*PolKb>G+g zKGR$q#=*Kj)7*cdx!w_T&zt+FnCtgr?t7d2hnedNQ(zmvxt(1y31kw;B#=oUlRzec zOahq%G6`f7$RvN_{0Q!Z z-S9>@68ev4R{}14wu1MFa(Ff-tZ8Hi+kV}_zGMD zm%|(3BzP3V%D3TL@CmpQ-U)Am9k3nFg=1hJ_&$b=-SBqkz!n&VSHTMS9e5Ue4g1C{ zoC9aWayS@%5g0tY*k8-<%(UvB-)iNoOLbCydP@eqdbQ^52=2?xL2r9$x>nraZ#%JG zZdCkM-(-JL|F=&s$<{rtwoYtUE*h|J3o*HVi30>q&deZ%sRq65J!o$>~mUW3yGQ zcP9HbH>Q2>Xs@7Fo2X?b%cp9MiBfI(iWSEc!mvAota;|I)|e`uRO*y!eUv)%7#B?t zPNhWZg#p&Jgo|4Wfrn%gDU#pm`L(w1#Z$4Fie8b<`mL2}t1q7BGVi!mt0H;E>u7sJ zqjTc<)pkdf$f?$I-P+j5f}TW#{a$Wzre5|owW=L|L-C-s{P#o!b_zcZK5yT9WC$p2O}y#h^1VYjgQ7jV+(o8JVwn<*B4SZ&!(`S5?h}q*_v2I-0)1hK7}!*K9Rrs};Xe^k~Z+ zT3C_CSh8XS>kaY@7HHjJgAJPMkXmo1o9eP4K)XX^{X5wUjyB7_i*3gxkGZS0=?THYhW2wHYO~>b0qum+W zT&hp`?U?5#E@kcF_&>2;X*TE|W1f9;+wnQps?L@=elpMWui_BPvEQ2YTj^y~PKh$& zw^l8uM6d2gV?WvVn`>*;S-Qu1XXUY0-dnj{lG|>!8?8>%SCcyt5ADuyV_Q8Y0TEY) z+cBS~HB1d#^h?+7?RMsoHEi{zu!R z^{JNMZjT`HZKZhoskUjq;yk6DBO!-pN;TSEd21|V)pi9JnqGNp#J?&@!mlcZ<8OGw z#+aW<-OcfMqclyXVt!ist`pCuk+qeIWPNqa>$a(qaY*ys&9mcImBU0H^R5bGqIW{9 zFO}2%PnXI`-(#hAn~uB^i@RxVJMnJNJ$}ri>8>1qqxFv8nk<#$O^DX6?>l}slo;1U zTTY!@_~>kJ`rZZxN4lF6Pc!8X{h`x)>8EbNy};<$Y){o>It{$9isdn=Ri`Mw#$vBy za5G1-N5;p7HdR~x$P68KEN4@#W_jC`lP&SQapSraZ|!!?@wc{Iruim&u#&nT?ZMWL zji$G-QnQ+DVUmM%?~>WjzpC+#s(+0ao?#WE>lSaG`qakl?T$YkD^J6^wv{X8$`6

&!M!iUWjhB30zo5No{MHz;);sz}F5gqtDM7fy zQ7No${0tEaQ`OGqnTcY#F+DKVD$Q0qH5sPs#ppW4LM|`aY)*J{dKU5HwJ_CaZk;Mt z>jO$7nq3)=^$Wh}MhJaiOS@4Qzl`bRf^H%gJ+?{nKT&G?t5=DiMqB=MGCf1*FzXMn zXntV!Slk8%T-OS2<*CgqvtQnB`r8KNpF*xWEiXQ=FPCf5(U*8VmDNB!C;I=*=+v)4 z?-u>v&X3=VK7SRw3El`>U>%6Ae-!k?b6|gX3Vr@|5IuhzcCWfW_&Y;v7}m`Y%t?8 z%;b!=^oLe{<7E=#o3E_HbD7a4p2Y0TWWP3U%cPl_&}sKg8oj>Xn`ks-%FeO&m;{%W zC#O_Yfk`^dlQmK&?^qWT3G;!`IIO$9%H$jNpL(ZO?<;g#4eYqSSMjwrtY(0mSvMOf zKHFpO+pC`ZQL*@~;;_W#_epueSrqHlc#?TQJ5Q|ooC&Iq zeq%bq{}&mxU534y?vaivc&y{kyY;F&Gut_3izwV4xNCQ1g_rDXQzYMIUfaeIz0Nnw zZGBUndp_A6&PivBD0qi2YW+^Oh$6PasNc(Fizo`&B8tSi5>{KVxFR|QnJuEo7Ez>6 zDyPlOXNxG*Y-u=;?5Ne*B8qGgg{t!?kcVTn0mMDCFTbqwBBd`WQO>ZWxE-VJSR<9)A;TgIO4c$I;jChwDJ} z`3>N~J?QFx4}T74zzB#Q{}Xick3bz>3P-~)(8F(mcfmPuHk=4U@Jd(<`@v7p&HozS z3Ku~GP6H2QE&jgnBx~>g6&`@Q;7+&+ZiH)K7u4Y_SOrVqFgOJEgMHzda5uJ^&x8C~ zmBiSY#5AOgiAuW|XWg}H!0PMw`XXzzmHn>K>eog>yXrc$4yv)FtjD%afz6LwJ(>6N zvK&{`++YJi-mKqFHR0v+a~tg>Hpg0*w`MxGZPQ@l_BmCKs3|UyuUx*H@h#t@)h(ip zbYGCox}qS$!0;>e*j1qoq;6~5UPZ7ATpn$MB1p6BFuF=w+KgU0)@R-I+CphNu9)4n z4phb2S`Z z%+O{v+f>3d%u>10vC~(lr(*|1DS?~-$*OX)YL~^iQ5ab|QP_%b0_ufuvVPDF8Wl;` zV6icX8v{!U&8r|3RQGsv<)q0$7P}=PG8UF_XON9KDI@FR6nSB?qS1y`8HiN+mI8~V zWu?DO!d`pIM7rEjnbJic$%XZ$GO>p_SY#DO^5fL?uO&+hYz%~nYMYZ~K1WECj@M7vAklSe$yM)>_GA3&y2fg&va7$#jd&}zXVx^PF zHLHPBGN8qvd*h<v^9Upi*;OpvE7E<-xrTmQD0`LdTfr149viK20#r3=&v{o`wa5jAe>m#iF%MHEu~S0&!9XNDNmq&yOSyYB+}@5?es^?uEbA>;D4kF%8fdE zlVl;hrz=5LX7gXKF|oxjcM8k&?TPIjHc=&CnMQUDyd+%lwEA?Z)!xkRP!*X9wai=U zJSqJziwfJe4tteRtmECTd0(rx4V)@HA97xF)idTut8X{6(iA9;UU1HMtfHo(kdK*Q zHzTz0-Kzo@`t@$R#O>gL3dZNI7NQp{jQE|Qb)&j(8~3N!t-T%U6cht0OSi0^I#VPoHQ{e~9aLA?d8uPi$$`U>GjIqFdK|K;eC*NaYx z{%_CU`x^TG%^-XJw?PFapagwzAUuJ-e`OCcj zQ|SBu2A_b7K=$){@cSTkh>Ktfei!}$eg8Cg8T7-$==vXp38VM_J9_@7;2m%_oB@6C z0DAtN@JYA~-V7x;0S<)c!o%qNH^JY)rEn6gf_*{e?svnra232B*1`+m2k84UZ{LDd z@So`RKZ9?A*Z@TT9|zI>pF&^14L$%D!X`Kp_JV&w-Xinsj4m(wd{2L>C97s>`e)YI ztUT7%ZIgakJ(|+qjW4sq(QS&s{zkXK$nH^gIL7_4ztQ!@Vy0jxq3hM%M;P_5jK`5^ zt8KOQE)uWoBy{7GeS~g2b|<0h$L=F^{W&`cU9VByFBD?nJ(9Tb9mzn%2JS|!%90ks z*+}U6ceW9_84orRx_*OggsxAXVzWWe^-4Q1+XG#{YJ;HbO>GavNAl$=O-7F#)oWWe zy}1F^Ac8G#$#-HbV7Rp|9-NJJ>7i9iRRY#~XWf8Gyn5&C9Dx_6ORA^CY{zud3e-w7 zwlU(+FJsh)h(NT0sK+_hW4N);jn*CKMf}U~XkKO8?$38tsM*0ovJ$P!p4ADXobbgi z6)!axyxDCU_S$nUdT&yR49I57Fb8Htq^eQg(7iMrH4X|(31;=BMkz|>A zYwV((gtg>qE>6^Qv~FiC9heLP4I}aJ=@#jR(G{S_rnVn6y+N{h`xes*T}&=YsA3rW-?Jv zG8{@2(xynGnm2IJzHFfQ)v38?w&#p`@s<(O7c3wxn(bmNB9cNFG?0UNgq8BCMohMI zioE5*Ds#G#d27sCwCF?UsvG0Y$x_#hbgcy9P<23Y^r=cac%By(O(-L+RnL`V=r_nb zffk_1mltNJ2-N(=n7KD#abt$7%H~g{- z+8b=!u~*w-M%!xqLMtn5_c?yTy7PR-+K=hmmM+x}qgt`&$xYEO!`Mforx=k;y}>~i zPWL>QUzH_!YpA@8#tuDldX4UnMAV3pUdYk#U?iC(mpwd@xby0a5E&C_(?y{%IhhpI zaJ|j_)CjCp?bVi9>@fBeFa4Ys<(4_VD^VGaTkxi_QFfO=VE2$IawSMJ*jk-Pz&hyI z!)ewYB9F!0E$ZH5c8nw{)An~FX6w*<)Q-(oMQwj4qP7mbN3Cbl7|2_B=o@HmiO2(& z-eY$Sy(;H&L!E?{h&^zT*jMyYmBz@Z;+12S{JNMJ6A_0_3y3)|OzNtnjmw#9iMXYK zi$m`ckr2v~8ALqOOpSJ?*?Xj_OSBq^d1lnTl0Kj;k$~&idomHDp~^pZx+M`h^`1be zGOE}&Fd#5Si9`t;x8CD-t&=K+;6@_;z@_)tjXhImos-TIaVih8D5MZJZ}Ck>Ez?}l zag^RL5!~bPJZh%Rwo(~{#YXFl)byZVhHSwAHJ=ast0A8xkz7TExs}(|N#Qo#*g>t% zskDWoO=ZZsJT)Gd^q@iVGFKR8)*WvKVn}w%;i$9G3XjpWtzgU?qv?#s<;`mC0wPD} zt!M93N?ij^<58;)*EfO%WH@<8iLd5_8nXrmYckpla~b9?D1sE&jET+esBmQ5AFe42 zYOiO5VnCRp^ZGQ$SQBwE*{H-vN!dll(M-svBcp8DjA`;PRw|;#{euLlf zL;{CJBw`zc7M1xGPr!PLJzqUkMKFla@!OyA1nm7q6u<;Eb!~pB2Tx>XT^F8nEmSj4 zYopPnNOOvpD9z6zN@t=`^S{9WB$A7WQeI z@9d!;%KZPu@`Jyp(DfgL`{BJHd;izK5pXa(ExJB@9NrCO7zVKeJciCM=ljdP|6Adm z(10TB509hse;KZYx5LHIfh{l&uYu!W3CP-j{o&Kt0WO8JU=17s`@p^E`d^2e;Q}bb z8W20c!LTp<3_bq|cmVE)o8irH7Q7lp;YipA_J;4G^WO-61zTVQUJ6HpoD=YMxB_ah z61yvV5|o#!Jr8gM#9g=|341?H%H^J#%O_Mr?6h^T@zm5a^!KNOc-|wnB zYA;cj(S6Q77RjeQdB^(QgXdpw1FHMml3yLMvCAVH9uH(s;E*8UmrT;m77`zUz@{I*j6=PF4Cx6N*Ep0CK!yb2V6?3^`-Q!=4G?L=Dx1=H$-jNz zr5$^vPW0Ic9-ZZp{D<9)jow}tRe?5eB#-tvv*#uU4_e|$%k#{b50;oZTyIw5QaAcc zDBE4lamI>NFWuI>H4*XBo9w#_#VxVwY^*5aSJz{3h*qo%iie5!NUBqgetjo84M`60 zgEaNyAnR%Q8QUc zbe;L`4|w+~knhq2pF2{ecV(SgDaqVhk*W3-t^^O-pDnk&Y5|*9WN~=$$CpKGqaa`7 zk>{F4?7n>0NB(a{2n%_>Z8jJDdPBi+BetOGwO->s5{YhUy> zZ8xdKzwdd<^f!cZHr_ouIH`*;C#&^}3=PZbJ?F)boe2^*!_c@~ZQksa^3M6WD(UL+ zvq#^l3i34PILGE_!JBfW&$NN7t&&ha|{_J+sMx4#8f!COJT z*>^r{1|O`RKFI%1fFe8>9z{O)!e>Cv^!p%O0lVNbcnfR-B}Xm7?B7fRnFM~jC188- z_!}fUg2VmXr!rf`hH~*yLUsg4&}N2|IW0Sa!=4RN(hDq5CGF#uRP029*P4hme~ERp zXrnNLBPR+Ql@m~pw9Gtf5EMg9FTwN_l{+;T#Ncd?2ujd3`Q$`n5RbbVB8Vuk{n{Aq zH7O(O;uLvlP3%76q*9J~kIEiaO_huH1$pyNadzb7JgA$V(Xz6KUJL%zre7 x^SmZvi4RetcGDnn%!l)*<358Jz>-lX>OPqCkJdnsM{xMz Date: Sun, 11 Jul 2021 10:18:39 -0400 Subject: [PATCH 05/11] token configs and secure grpc working --- netclient/config/.config.go.swp | Bin 40960 -> 0 bytes 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 netclient/config/.config.go.swp diff --git a/netclient/config/.config.go.swp b/netclient/config/.config.go.swp deleted file mode 100644 index 012bdf9682a6ef35d9831060d108a8a2c0166e93..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 40960 zcmeI53z%G0eZU7nWJJ_L`KnOhX4J3?$!s7o(8yNfF03m_ST{ffdCkt;-Apn&GtSIz zNJ9j)f*9(ve$`q~i&`lX0ksM~smP;N3oW(kr#!79)t0x9itX=z9`~O6nBCcp?N{yH z@B8Iu?s@;ux#yn$|2*!*iql8ed&d`#$?^C6TyE*p51;qELt438R_>K6)%^42_I!Wa z8m+DEPN`FE)aUg228nQBsxi=Rl?Up6XS%f2Z^?hkwW?q543r!7$?BB36sH<|EkVznuKqi4q0+|Fd z3H-)OpwrwhcOj*ChAGK`=DJtxx{vuiX|4yw-1jrTFE&?eII!_N%iNze*PolKb>G+g zKGR$q#=*Kj)7*cdx!w_T&zt+FnCtgr?t7d2hnedNQ(zmvxt(1y31kw;B#=oUlRzec zOahq%G6`f7$RvN_{0Q!Z z-S9>@68ev4R{}14wu1MFa(Ff-tZ8Hi+kV}_zGMD zm%|(3BzP3V%D3TL@CmpQ-U)Am9k3nFg=1hJ_&$b=-SBqkz!n&VSHTMS9e5Ue4g1C{ zoC9aWayS@%5g0tY*k8-<%(UvB-)iNoOLbCydP@eqdbQ^52=2?xL2r9$x>nraZ#%JG zZdCkM-(-JL|F=&s$<{rtwoYtUE*h|J3o*HVi30>q&deZ%sRq65J!o$>~mUW3yGQ zcP9HbH>Q2>Xs@7Fo2X?b%cp9MiBfI(iWSEc!mvAota;|I)|e`uRO*y!eUv)%7#B?t zPNhWZg#p&Jgo|4Wfrn%gDU#pm`L(w1#Z$4Fie8b<`mL2}t1q7BGVi!mt0H;E>u7sJ zqjTc<)pkdf$f?$I-P+j5f}TW#{a$Wzre5|owW=L|L-C-s{P#o!b_zcZK5yT9WC$p2O}y#h^1VYjgQ7jV+(o8JVwn<*B4SZ&!(`S5?h}q*_v2I-0)1hK7}!*K9Rrs};Xe^k~Z+ zT3C_CSh8XS>kaY@7HHjJgAJPMkXmo1o9eP4K)XX^{X5wUjyB7_i*3gxkGZS0=?THYhW2wHYO~>b0qum+W zT&hp`?U?5#E@kcF_&>2;X*TE|W1f9;+wnQps?L@=elpMWui_BPvEQ2YTj^y~PKh$& zw^l8uM6d2gV?WvVn`>*;S-Qu1XXUY0-dnj{lG|>!8?8>%SCcyt5ADuyV_Q8Y0TEY) z+cBS~HB1d#^h?+7?RMsoHEi{zu!R z^{JNMZjT`HZKZhoskUjq;yk6DBO!-pN;TSEd21|V)pi9JnqGNp#J?&@!mlcZ<8OGw z#+aW<-OcfMqclyXVt!ist`pCuk+qeIWPNqa>$a(qaY*ys&9mcImBU0H^R5bGqIW{9 zFO}2%PnXI`-(#hAn~uB^i@RxVJMnJNJ$}ri>8>1qqxFv8nk<#$O^DX6?>l}slo;1U zTTY!@_~>kJ`rZZxN4lF6Pc!8X{h`x)>8EbNy};<$Y){o>It{$9isdn=Ri`Mw#$vBy za5G1-N5;p7HdR~x$P68KEN4@#W_jC`lP&SQapSraZ|!!?@wc{Iruim&u#&nT?ZMWL zji$G-QnQ+DVUmM%?~>WjzpC+#s(+0ao?#WE>lSaG`qakl?T$YkD^J6^wv{X8$`6

&!M!iUWjhB30zo5No{MHz;);sz}F5gqtDM7fy zQ7No${0tEaQ`OGqnTcY#F+DKVD$Q0qH5sPs#ppW4LM|`aY)*J{dKU5HwJ_CaZk;Mt z>jO$7nq3)=^$Wh}MhJaiOS@4Qzl`bRf^H%gJ+?{nKT&G?t5=DiMqB=MGCf1*FzXMn zXntV!Slk8%T-OS2<*CgqvtQnB`r8KNpF*xWEiXQ=FPCf5(U*8VmDNB!C;I=*=+v)4 z?-u>v&X3=VK7SRw3El`>U>%6Ae-!k?b6|gX3Vr@|5IuhzcCWfW_&Y;v7}m`Y%t?8 z%;b!=^oLe{<7E=#o3E_HbD7a4p2Y0TWWP3U%cPl_&}sKg8oj>Xn`ks-%FeO&m;{%W zC#O_Yfk`^dlQmK&?^qWT3G;!`IIO$9%H$jNpL(ZO?<;g#4eYqSSMjwrtY(0mSvMOf zKHFpO+pC`ZQL*@~;;_W#_epueSrqHlc#?TQJ5Q|ooC&Iq zeq%bq{}&mxU534y?vaivc&y{kyY;F&Gut_3izwV4xNCQ1g_rDXQzYMIUfaeIz0Nnw zZGBUndp_A6&PivBD0qi2YW+^Oh$6PasNc(Fizo`&B8tSi5>{KVxFR|QnJuEo7Ez>6 zDyPlOXNxG*Y-u=;?5Ne*B8qGgg{t!?kcVTn0mMDCFTbqwBBd`WQO>ZWxE-VJSR<9)A;TgIO4c$I;jChwDJ} z`3>N~J?QFx4}T74zzB#Q{}Xick3bz>3P-~)(8F(mcfmPuHk=4U@Jd(<`@v7p&HozS z3Ku~GP6H2QE&jgnBx~>g6&`@Q;7+&+ZiH)K7u4Y_SOrVqFgOJEgMHzda5uJ^&x8C~ zmBiSY#5AOgiAuW|XWg}H!0PMw`XXzzmHn>K>eog>yXrc$4yv)FtjD%afz6LwJ(>6N zvK&{`++YJi-mKqFHR0v+a~tg>Hpg0*w`MxGZPQ@l_BmCKs3|UyuUx*H@h#t@)h(ip zbYGCox}qS$!0;>e*j1qoq;6~5UPZ7ATpn$MB1p6BFuF=w+KgU0)@R-I+CphNu9)4n z4phb2S`Z z%+O{v+f>3d%u>10vC~(lr(*|1DS?~-$*OX)YL~^iQ5ab|QP_%b0_ufuvVPDF8Wl;` zV6icX8v{!U&8r|3RQGsv<)q0$7P}=PG8UF_XON9KDI@FR6nSB?qS1y`8HiN+mI8~V zWu?DO!d`pIM7rEjnbJic$%XZ$GO>p_SY#DO^5fL?uO&+hYz%~nYMYZ~K1WECj@M7vAklSe$yM)>_GA3&y2fg&va7$#jd&}zXVx^PF zHLHPBGN8qvd*h<v^9Upi*;OpvE7E<-xrTmQD0`LdTfr149viK20#r3=&v{o`wa5jAe>m#iF%MHEu~S0&!9XNDNmq&yOSyYB+}@5?es^?uEbA>;D4kF%8fdE zlVl;hrz=5LX7gXKF|oxjcM8k&?TPIjHc=&CnMQUDyd+%lwEA?Z)!xkRP!*X9wai=U zJSqJziwfJe4tteRtmECTd0(rx4V)@HA97xF)idTut8X{6(iA9;UU1HMtfHo(kdK*Q zHzTz0-Kzo@`t@$R#O>gL3dZNI7NQp{jQE|Qb)&j(8~3N!t-T%U6cht0OSi0^I#VPoHQ{e~9aLA?d8uPi$$`U>GjIqFdK|K;eC*NaYx z{%_CU`x^TG%^-XJw?PFapagwzAUuJ-e`OCcj zQ|SBu2A_b7K=$){@cSTkh>Ktfei!}$eg8Cg8T7-$==vXp38VM_J9_@7;2m%_oB@6C z0DAtN@JYA~-V7x;0S<)c!o%qNH^JY)rEn6gf_*{e?svnra232B*1`+m2k84UZ{LDd z@So`RKZ9?A*Z@TT9|zI>pF&^14L$%D!X`Kp_JV&w-Xinsj4m(wd{2L>C97s>`e)YI ztUT7%ZIgakJ(|+qjW4sq(QS&s{zkXK$nH^gIL7_4ztQ!@Vy0jxq3hM%M;P_5jK`5^ zt8KOQE)uWoBy{7GeS~g2b|<0h$L=F^{W&`cU9VByFBD?nJ(9Tb9mzn%2JS|!%90ks z*+}U6ceW9_84orRx_*OggsxAXVzWWe^-4Q1+XG#{YJ;HbO>GavNAl$=O-7F#)oWWe zy}1F^Ac8G#$#-HbV7Rp|9-NJJ>7i9iRRY#~XWf8Gyn5&C9Dx_6ORA^CY{zud3e-w7 zwlU(+FJsh)h(NT0sK+_hW4N);jn*CKMf}U~XkKO8?$38tsM*0ovJ$P!p4ADXobbgi z6)!axyxDCU_S$nUdT&yR49I57Fb8Htq^eQg(7iMrH4X|(31;=BMkz|>A zYwV((gtg>qE>6^Qv~FiC9heLP4I}aJ=@#jR(G{S_rnVn6y+N{h`xes*T}&=YsA3rW-?Jv zG8{@2(xynGnm2IJzHFfQ)v38?w&#p`@s<(O7c3wxn(bmNB9cNFG?0UNgq8BCMohMI zioE5*Ds#G#d27sCwCF?UsvG0Y$x_#hbgcy9P<23Y^r=cac%By(O(-L+RnL`V=r_nb zffk_1mltNJ2-N(=n7KD#abt$7%H~g{- z+8b=!u~*w-M%!xqLMtn5_c?yTy7PR-+K=hmmM+x}qgt`&$xYEO!`Mforx=k;y}>~i zPWL>QUzH_!YpA@8#tuDldX4UnMAV3pUdYk#U?iC(mpwd@xby0a5E&C_(?y{%IhhpI zaJ|j_)CjCp?bVi9>@fBeFa4Ys<(4_VD^VGaTkxi_QFfO=VE2$IawSMJ*jk-Pz&hyI z!)ewYB9F!0E$ZH5c8nw{)An~FX6w*<)Q-(oMQwj4qP7mbN3Cbl7|2_B=o@HmiO2(& z-eY$Sy(;H&L!E?{h&^zT*jMyYmBz@Z;+12S{JNMJ6A_0_3y3)|OzNtnjmw#9iMXYK zi$m`ckr2v~8ALqOOpSJ?*?Xj_OSBq^d1lnTl0Kj;k$~&idomHDp~^pZx+M`h^`1be zGOE}&Fd#5Si9`t;x8CD-t&=K+;6@_;z@_)tjXhImos-TIaVih8D5MZJZ}Ck>Ez?}l zag^RL5!~bPJZh%Rwo(~{#YXFl)byZVhHSwAHJ=ast0A8xkz7TExs}(|N#Qo#*g>t% zskDWoO=ZZsJT)Gd^q@iVGFKR8)*WvKVn}w%;i$9G3XjpWtzgU?qv?#s<;`mC0wPD} zt!M93N?ij^<58;)*EfO%WH@<8iLd5_8nXrmYckpla~b9?D1sE&jET+esBmQ5AFe42 zYOiO5VnCRp^ZGQ$SQBwE*{H-vN!dll(M-svBcp8DjA`;PRw|;#{euLlf zL;{CJBw`zc7M1xGPr!PLJzqUkMKFla@!OyA1nm7q6u<;Eb!~pB2Tx>XT^F8nEmSj4 zYopPnNOOvpD9z6zN@t=`^S{9WB$A7WQeI z@9d!;%KZPu@`Jyp(DfgL`{BJHd;izK5pXa(ExJB@9NrCO7zVKeJciCM=ljdP|6Adm z(10TB509hse;KZYx5LHIfh{l&uYu!W3CP-j{o&Kt0WO8JU=17s`@p^E`d^2e;Q}bb z8W20c!LTp<3_bq|cmVE)o8irH7Q7lp;YipA_J;4G^WO-61zTVQUJ6HpoD=YMxB_ah z61yvV5|o#!Jr8gM#9g=|341?H%H^J#%O_Mr?6h^T@zm5a^!KNOc-|wnB zYA;cj(S6Q77RjeQdB^(QgXdpw1FHMml3yLMvCAVH9uH(s;E*8UmrT;m77`zUz@{I*j6=PF4Cx6N*Ep0CK!yb2V6?3^`-Q!=4G?L=Dx1=H$-jNz zr5$^vPW0Ic9-ZZp{D<9)jow}tRe?5eB#-tvv*#uU4_e|$%k#{b50;oZTyIw5QaAcc zDBE4lamI>NFWuI>H4*XBo9w#_#VxVwY^*5aSJz{3h*qo%iie5!NUBqgetjo84M`60 zgEaNyAnR%Q8QUc zbe;L`4|w+~knhq2pF2{ecV(SgDaqVhk*W3-t^^O-pDnk&Y5|*9WN~=$$CpKGqaa`7 zk>{F4?7n>0NB(a{2n%_>Z8jJDdPBi+BetOGwO->s5{YhUy> zZ8xdKzwdd<^f!cZHr_ouIH`*;C#&^}3=PZbJ?F)boe2^*!_c@~ZQksa^3M6WD(UL+ zvq#^l3i34PILGE_!JBfW&$NN7t&&ha|{_J+sMx4#8f!COJT z*>^r{1|O`RKFI%1fFe8>9z{O)!e>Cv^!p%O0lVNbcnfR-B}Xm7?B7fRnFM~jC188- z_!}fUg2VmXr!rf`hH~*yLUsg4&}N2|IW0Sa!=4RN(hDq5CGF#uRP029*P4hme~ERp zXrnNLBPR+Ql@m~pw9Gtf5EMg9FTwN_l{+;T#Ncd?2ujd3`Q$`n5RbbVB8Vuk{n{Aq zH7O(O;uLvlP3%76q*9J~kIEiaO_huH1$pyNadzb7JgA$V(Xz6KUJL%zre7 x^SmZvi4RetcGDnn%!l)*<358Jz>-lX>OPqCkJdnsM{xMz Date: Sun, 11 Jul 2021 10:28:50 -0400 Subject: [PATCH 06/11] fixing validation --- controllers/.networkHttpController_test.go.swp | Bin 0 -> 16384 bytes controllers/networkHttpController.go | 8 ++++++++ models/network.go | 4 ++-- 3 files changed, 10 insertions(+), 2 deletions(-) create mode 100644 controllers/.networkHttpController_test.go.swp diff --git a/controllers/.networkHttpController_test.go.swp b/controllers/.networkHttpController_test.go.swp new file mode 100644 index 0000000000000000000000000000000000000000..1b70a76ff31403ea412cf6923f339f211748decb GIT binary patch literal 16384 zcmeI3Uu+yl9mm%|(_TVIfwl-yq3N|s&Xu!w=O!j`YC&oTYBjl%#7!t5-1YAGym)Wd z*`0H8DsEFEo=}DQR276$8j6H?DLk}AAn}$50<^#be}tgm2vs!j1X4xShVO4?_IB@X z*G|%;2(%}CDt9IavFz`GcMs$%HyH|*%$?oM@!6RWd zgEiYOZWam@3aqEVX5+5WdW}lmUcQZe@B6bcjy6bcjy6bcjy6bcjy6bcjy6bcjy6bf8{0+wSKA40v4(E$K{|9?!k z@%Jr;aRID?--4IHOW-@;B={`&3^)p^;8rjM{_#H41FwOffoH)JAOiP;o501*hVfUh z3VsTn2TuVD+zD<5Z@kwqUI#CM?}3xxAlL(TfibWXl)(mYVUuB;1!ur15P}E65ikRG zg7DgPmXtxKJ{TpMxKQ7r^7-Bv=BU0C$6pVD$#W_ysrv zPJ=Ikyu;t3uZ;k z73{d{d343~nd%A((@Q6)xNLo?7rVfL_5S|RhaRQry#Eh$!6b$YXqWK z<=M9>uzEZsJMMO#|}ASLwzB!*bJ0XisB+^J|N#p zo`BldBeA#0LDN%d&3eMpSM7IY`;_dId}JIpsH?qt#PVDx*R)KB_D0FWE8TvjdX#v- z75L3y9KL5xV7FV`7l=!rg*<9|;?kpFEu-cv2e-?KQH=l!k-@o!Wx6LNRDWp4z7ZI& z&5G*0ImJCLxHB2FeUW9m>x;1+mD=!#wl=RqZ@jCQTjkxOzvusG~gbBDv!-jk^N()UU03l>4NIFi&2Yhpy%Lhsc-HIX!D= zJC3_zp@B6c${lCbsv2n+|0tF-Eus&-QJyjSvKC-0AT;St##61F;&dz{jN+)Ca-${B z>NKpDTw+_aaLRF#6xr)I7i$$FmowEwc( zq_HYy$#t}?i7ixP>Y0^)BCkcBaS?iF@tg4Z+3=Z<4E|4(^&j%rcR=NN+ z9m-vzz7Ua?@xQhEsPls{L)#JZkRC!aVVlz?R(G6i$QoQZhD|jNSFnbM9h1frR8ap` z;Yn@v8|e5E73#pkwd!eWWs$^Isthx;`iEQHH4=fe*Yl`r*`}%`HP_PY6&Dj$g=Q`D zfMx6X0p6esjeKkAKKW7>gFtv@>_=Qm45I?MrpcRK;}WMTGaFPDhRR4yO)`C(af(_D zyaR|;3%NxkLWEm4Vi-QX`#9_fu|xG~l4Nmd(OKe5TPrt;@~wB;$xd34Y_n|(8X+*V z+{9wgo-^&BRmH=&uouFrOb_NeRpmfrE9p|r&{}qdS49x3cjHxu)+^Q3qimo(;kG!{ zkWccPWy5VP1)*RSB(9ddNTw&R+#8htcaR(Y8F?h-|MBnd=aI|*1e^w^zyg>9H-b%o z@_fqgp95b5l;0l$d%#ZcDsuQ$a29+Ed<8h*UQh#+=buB~einQeoB~a7H@F4-3wio4 z!8s5C9~=b3U^Dm&^79{qZ-6g>W$;n(VQ>rhH}dkA!MDLz!GmB190a$6o4`MjpZ@{8 z2%ZFwg3p0_0Ojv@fGyxPA(DFRx<$!d31r(n` zfkJ^ofp=Vi6|4#AG?)HgmF4=_3(NI1K5rUfJV_Mz2vz# zMB}NBV!uOc@<6)rwj3e*H{b%uz5em%SK9^clp8rNBBT_zKw1Fr4ORO5reuBW9Z@_h_N_ZBkDi`*W%r4UNGuyxUiE=xQ$J$+=Nqh zv@$|nN_se+J4Nt$3rCle3*26u_NRTpLj>eNsJ2{Rg{W*-wO*RatUJ!?vQQ}%RpYcn zk3SgWs(|!G&n;CXJ{DA^(lMAWT&|~%HDpmOcEat>N=Or|dm$^D63^4u!FS7`4=~mpoS(OHZpZICRYR z2IbZck5rWP#^PELc*SwoUFVJ>w+z~1`qRr}S5chg7p(zhY}W|~Bdt%0cvL3s&}d8l zh9^5K$H??lcO+gDsiu8QLavi^f=_T)9`n2{R#au^@ literal 0 HcmV?d00001 diff --git a/controllers/networkHttpController.go b/controllers/networkHttpController.go index e9e4b9c6..b50d3ace 100644 --- a/controllers/networkHttpController.go +++ b/controllers/networkHttpController.go @@ -137,6 +137,14 @@ func RemoveComms(networks []models.Network) []models.Network { func ValidateNetworkUpdate(network models.NetworkUpdate) error { v := validator.New() + _ = v.RegisterValidation("netid_valid", func(fl validator.FieldLevel) bool { + if fl.Field().String() == "" { + return true + } + inCharSet := functions.NameInNetworkCharSet(fl.Field().String()) + return inCharSet + }) + // _ = v.RegisterValidation("addressrange_valid", func(fl validator.FieldLevel) bool { // isvalid := fl.Field().String() == "" || functions.IsIpCIDR(fl.Field().String()) // return isvalid diff --git a/models/network.go b/models/network.go index 7f5a9c3a..8e0a0b6e 100644 --- a/models/network.go +++ b/models/network.go @@ -47,8 +47,8 @@ type NetworkUpdate struct { // AddressRange6 string `json:"addressrange6" bson:"addressrange6" validate:"required_with=isdualstack true,cidrv6"` AddressRange6 string `json:"addressrange6" bson:"addressrange6" validate:"omitempty,cidr"` //can't have min=1 with omitempty - DisplayName string `json:"displayname,omitempty" bson:"displayname,omitempty" validate:"omitempty,validnetid,min=1,max=20"` - NetID string `json:"netid" bson:"netid" validate:"omitempty,validnetid,min=1,max=15"` + DisplayName string `json:"displayname,omitempty" bson:"displayname,omitempty" validate:"omitempty,netid_valid,min=1,max=20"` + NetID string `json:"netid" bson:"netid" validate:"omitempty,netid_valid,min=1,max=15"` NodesLastModified int64 `json:"nodeslastmodified" bson:"nodeslastmodified"` NetworkLastModified int64 `json:"networklastmodified" bson:"networklastmodified"` DefaultInterface string `json:"defaultinterface" bson:"defaultinterface"` From 2178612d60785173c4ea68cb8c5e734160e5cc86 Mon Sep 17 00:00:00 2001 From: afeiszli Date: Sun, 11 Jul 2021 10:28:57 -0400 Subject: [PATCH 07/11] fixing validation --- controllers/.networkHttpController_test.go.swp | Bin 16384 -> 0 bytes 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 controllers/.networkHttpController_test.go.swp diff --git a/controllers/.networkHttpController_test.go.swp b/controllers/.networkHttpController_test.go.swp deleted file mode 100644 index 1b70a76ff31403ea412cf6923f339f211748decb..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 16384 zcmeI3Uu+yl9mm%|(_TVIfwl-yq3N|s&Xu!w=O!j`YC&oTYBjl%#7!t5-1YAGym)Wd z*`0H8DsEFEo=}DQR276$8j6H?DLk}AAn}$50<^#be}tgm2vs!j1X4xShVO4?_IB@X z*G|%;2(%}CDt9IavFz`GcMs$%HyH|*%$?oM@!6RWd zgEiYOZWam@3aqEVX5+5WdW}lmUcQZe@B6bcjy6bcjy6bcjy6bcjy6bcjy6bcjy6bf8{0+wSKA40v4(E$K{|9?!k z@%Jr;aRID?--4IHOW-@;B={`&3^)p^;8rjM{_#H41FwOffoH)JAOiP;o501*hVfUh z3VsTn2TuVD+zD<5Z@kwqUI#CM?}3xxAlL(TfibWXl)(mYVUuB;1!ur15P}E65ikRG zg7DgPmXtxKJ{TpMxKQ7r^7-Bv=BU0C$6pVD$#W_ysrv zPJ=Ikyu;t3uZ;k z73{d{d343~nd%A((@Q6)xNLo?7rVfL_5S|RhaRQry#Eh$!6b$YXqWK z<=M9>uzEZsJMMO#|}ASLwzB!*bJ0XisB+^J|N#p zo`BldBeA#0LDN%d&3eMpSM7IY`;_dId}JIpsH?qt#PVDx*R)KB_D0FWE8TvjdX#v- z75L3y9KL5xV7FV`7l=!rg*<9|;?kpFEu-cv2e-?KQH=l!k-@o!Wx6LNRDWp4z7ZI& z&5G*0ImJCLxHB2FeUW9m>x;1+mD=!#wl=RqZ@jCQTjkxOzvusG~gbBDv!-jk^N()UU03l>4NIFi&2Yhpy%Lhsc-HIX!D= zJC3_zp@B6c${lCbsv2n+|0tF-Eus&-QJyjSvKC-0AT;St##61F;&dz{jN+)Ca-${B z>NKpDTw+_aaLRF#6xr)I7i$$FmowEwc( zq_HYy$#t}?i7ixP>Y0^)BCkcBaS?iF@tg4Z+3=Z<4E|4(^&j%rcR=NN+ z9m-vzz7Ua?@xQhEsPls{L)#JZkRC!aVVlz?R(G6i$QoQZhD|jNSFnbM9h1frR8ap` z;Yn@v8|e5E73#pkwd!eWWs$^Isthx;`iEQHH4=fe*Yl`r*`}%`HP_PY6&Dj$g=Q`D zfMx6X0p6esjeKkAKKW7>gFtv@>_=Qm45I?MrpcRK;}WMTGaFPDhRR4yO)`C(af(_D zyaR|;3%NxkLWEm4Vi-QX`#9_fu|xG~l4Nmd(OKe5TPrt;@~wB;$xd34Y_n|(8X+*V z+{9wgo-^&BRmH=&uouFrOb_NeRpmfrE9p|r&{}qdS49x3cjHxu)+^Q3qimo(;kG!{ zkWccPWy5VP1)*RSB(9ddNTw&R+#8htcaR(Y8F?h-|MBnd=aI|*1e^w^zyg>9H-b%o z@_fqgp95b5l;0l$d%#ZcDsuQ$a29+Ed<8h*UQh#+=buB~einQeoB~a7H@F4-3wio4 z!8s5C9~=b3U^Dm&^79{qZ-6g>W$;n(VQ>rhH}dkA!MDLz!GmB190a$6o4`MjpZ@{8 z2%ZFwg3p0_0Ojv@fGyxPA(DFRx<$!d31r(n` zfkJ^ofp=Vi6|4#AG?)HgmF4=_3(NI1K5rUfJV_Mz2vz# zMB}NBV!uOc@<6)rwj3e*H{b%uz5em%SK9^clp8rNBBT_zKw1Fr4ORO5reuBW9Z@_h_N_ZBkDi`*W%r4UNGuyxUiE=xQ$J$+=Nqh zv@$|nN_se+J4Nt$3rCle3*26u_NRTpLj>eNsJ2{Rg{W*-wO*RatUJ!?vQQ}%RpYcn zk3SgWs(|!G&n;CXJ{DA^(lMAWT&|~%HDpmOcEat>N=Or|dm$^D63^4u!FS7`4=~mpoS(OHZpZICRYR z2IbZck5rWP#^PELc*SwoUFVJ>w+z~1`qRr}S5chg7p(zhY}W|~Bdt%0cvL3s&}d8l zh9^5K$H??lcO+gDsiu8QLavi^f=_T)9`n2{R#au^@ From 45895f5f93a8b511d356bd1afc12862cb5f7c30a Mon Sep 17 00:00:00 2001 From: afeiszli Date: Sun, 11 Jul 2021 10:35:01 -0400 Subject: [PATCH 08/11] fixing validation --- compose/docker-compose.localserver.yml | 2 +- controllers/nodeHttpController_test.go | 21 +++++++-------------- 2 files changed, 8 insertions(+), 15 deletions(-) diff --git a/compose/docker-compose.localserver.yml b/compose/docker-compose.localserver.yml index b0b3d66e..e7f615b8 100644 --- a/compose/docker-compose.localserver.yml +++ b/compose/docker-compose.localserver.yml @@ -21,6 +21,6 @@ services: ports: - "80:80" environment: - BACKEND_URL: "http://localhost:8081" + BACKEND_URL: "http://HOST_IP:8081" volumes: mongovol: {} diff --git a/controllers/nodeHttpController_test.go b/controllers/nodeHttpController_test.go index 814ad005..a84c4fc5 100644 --- a/controllers/nodeHttpController_test.go +++ b/controllers/nodeHttpController_test.go @@ -34,7 +34,7 @@ func TestCheckIn(t *testing.T) { func TestCreateEgressGateway(t *testing.T) { var gateway models.EgressGatewayRequest gateway.Interface = "eth0" - gateway.RangeString = "10.100.100.0/24" + gateway.Ranges = ["10.100.100.0/24"] deleteNet(t) createNet() t.Run("NoNodes", func(t *testing.T) { @@ -62,18 +62,18 @@ func TestDeleteEgressGateway(t *testing.T) { createTestNode(t) testnode := createTestNode(t) gateway.Interface = "eth0" - gateway.RangeString = "10.100.100.0/24" + gateway.Ranges = ["10.100.100.0/24"] gateway.NetID = "skynet" gateway.NodeID = testnode.MacAddress t.Run("Success", func(t *testing.T) { node, err := CreateEgressGateway(gateway) assert.Nil(t, err) assert.Equal(t, true, node.IsEgressGateway) - assert.Equal(t, "10.100.100.0/24", node.EgressGatewayRange) + assert.Equal(t, ["10.100.100.0/24"], node.EgressGatewayRanges) node, err = DeleteEgressGateway(gateway.NetID, gateway.NodeID) assert.Nil(t, err) assert.Equal(t, false, node.IsEgressGateway) - assert.Equal(t, "", node.EgressGatewayRange) + assert.Equal(t, "", node.EgressGatewayRanges) assert.Equal(t, "", node.PostUp) assert.Equal(t, "", node.PostDown) }) @@ -81,7 +81,7 @@ func TestDeleteEgressGateway(t *testing.T) { node, err := DeleteEgressGateway(gateway.NetID, gateway.NodeID) assert.Nil(t, err) assert.Equal(t, false, node.IsEgressGateway) - assert.Equal(t, "", node.EgressGatewayRange) + assert.Equal(t, "", node.EgressGatewayRanges) assert.Equal(t, "", node.PostUp) assert.Equal(t, "", node.PostDown) }) @@ -162,16 +162,9 @@ func TestUncordonNode(t *testing.T) { } func TestValidateEgressGateway(t *testing.T) { var gateway models.EgressGatewayRequest - t.Run("InvalidRange", func(t *testing.T) { - gateway.Interface = "eth0" - gateway.RangeString = "helloworld" - err := ValidateEgressGateway(gateway) - assert.NotNil(t, err) - assert.Equal(t, "IP Range Not Valid", err.Error()) - }) t.Run("EmptyRange", func(t *testing.T) { gateway.Interface = "eth0" - gateway.RangeString = "" + gateway.Ranges = []string{} err := ValidateEgressGateway(gateway) assert.NotNil(t, err) assert.Equal(t, "IP Range Not Valid", err.Error()) @@ -184,7 +177,7 @@ func TestValidateEgressGateway(t *testing.T) { }) t.Run("Success", func(t *testing.T) { gateway.Interface = "eth0" - gateway.RangeString = "10.100.100.0/24" + gateway.Ranges = ["10.100.100.0/24"] err := ValidateEgressGateway(gateway) assert.Nil(t, err) }) From 0d60cd385baccd470cacb4c5429bccb27a507133 Mon Sep 17 00:00:00 2001 From: afeiszli Date: Sun, 11 Jul 2021 10:45:22 -0400 Subject: [PATCH 09/11] fixing validation --- test/node_test.go | 16 ++-------------- 1 file changed, 2 insertions(+), 14 deletions(-) diff --git a/test/node_test.go b/test/node_test.go index 3e74c966..f4a911a8 100644 --- a/test/node_test.go +++ b/test/node_test.go @@ -274,7 +274,7 @@ func TestCreateEgressGateway(t *testing.T) { //assert.False(t, node.IsEgressGateway/g) var gateway models.EgressGatewayRequest t.Run("Valid", func(t *testing.T) { - gateway.RangeString = "0.0.0.0/0" + gateway.Ranges = ["0.0.0.0/0"] gateway.Interface = "eth0" response, err := api(t, gateway, http.MethodPost, baseURL+"/api/nodes/skynet/01:02:03:04:05:06/creategateway", "secretkey") assert.Nil(t, err, err) @@ -286,21 +286,9 @@ func TestCreateEgressGateway(t *testing.T) { assert.True(t, message.IsEgressGateway) t.Log(err) }) - t.Run("BadRange", func(t *testing.T) { - gateway.RangeString = "0.0.0.0/36" - gateway.Interface = "eth0" - response, err := api(t, gateway, http.MethodPost, baseURL+"/api/nodes/skynet/01:02:03:04:05:06/creategateway", "secretkey") - assert.Nil(t, err, err) - assert.Equal(t, http.StatusInternalServerError, response.StatusCode) - defer response.Body.Close() - var message models.ErrorResponse - err = json.NewDecoder(response.Body).Decode(&message) - assert.Nil(t, err, err) - assert.Equal(t, http.StatusInternalServerError, message.Code) - assert.Equal(t, "IP Range Not Valid", message.Message) }) t.Run("BadInterface", func(t *testing.T) { - gateway.RangeString = "0.0.0.0/0" + gateway.Ranges = ["0.0.0.0/0"] gateway.Interface = "" response, err := api(t, gateway, http.MethodPost, baseURL+"/api/nodes/skynet/01:02:03:04:05:06/creategateway", "secretkey") assert.Nil(t, err, err) From b7257bc2ff65cc1061226f81431593b0fee1801b Mon Sep 17 00:00:00 2001 From: afeiszli Date: Sun, 11 Jul 2021 10:47:57 -0400 Subject: [PATCH 10/11] fixing validation --- test/node_test.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/node_test.go b/test/node_test.go index f4a911a8..2e41a87e 100644 --- a/test/node_test.go +++ b/test/node_test.go @@ -274,7 +274,7 @@ func TestCreateEgressGateway(t *testing.T) { //assert.False(t, node.IsEgressGateway/g) var gateway models.EgressGatewayRequest t.Run("Valid", func(t *testing.T) { - gateway.Ranges = ["0.0.0.0/0"] + gateway.Ranges = []string{"0.0.0.0/0"} gateway.Interface = "eth0" response, err := api(t, gateway, http.MethodPost, baseURL+"/api/nodes/skynet/01:02:03:04:05:06/creategateway", "secretkey") assert.Nil(t, err, err) @@ -288,7 +288,7 @@ func TestCreateEgressGateway(t *testing.T) { }) }) t.Run("BadInterface", func(t *testing.T) { - gateway.Ranges = ["0.0.0.0/0"] + gateway.Ranges = []string{"0.0.0.0/0"} gateway.Interface = "" response, err := api(t, gateway, http.MethodPost, baseURL+"/api/nodes/skynet/01:02:03:04:05:06/creategateway", "secretkey") assert.Nil(t, err, err) From 4cf5aad2e7daa7ab79110ebb0011a0bedc45cddb Mon Sep 17 00:00:00 2001 From: afeiszli Date: Sun, 11 Jul 2021 10:51:21 -0400 Subject: [PATCH 11/11] fixing validation --- controllers/nodeHttpController_test.go | 8 ++++---- test/node_test.go | 1 - 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/controllers/nodeHttpController_test.go b/controllers/nodeHttpController_test.go index a84c4fc5..108ecafa 100644 --- a/controllers/nodeHttpController_test.go +++ b/controllers/nodeHttpController_test.go @@ -34,7 +34,7 @@ func TestCheckIn(t *testing.T) { func TestCreateEgressGateway(t *testing.T) { var gateway models.EgressGatewayRequest gateway.Interface = "eth0" - gateway.Ranges = ["10.100.100.0/24"] + gateway.Ranges = []string{"10.100.100.0/24"} deleteNet(t) createNet() t.Run("NoNodes", func(t *testing.T) { @@ -62,14 +62,14 @@ func TestDeleteEgressGateway(t *testing.T) { createTestNode(t) testnode := createTestNode(t) gateway.Interface = "eth0" - gateway.Ranges = ["10.100.100.0/24"] + gateway.Ranges = []string{"10.100.100.0/24"} gateway.NetID = "skynet" gateway.NodeID = testnode.MacAddress t.Run("Success", func(t *testing.T) { node, err := CreateEgressGateway(gateway) assert.Nil(t, err) assert.Equal(t, true, node.IsEgressGateway) - assert.Equal(t, ["10.100.100.0/24"], node.EgressGatewayRanges) + assert.Equal(t, []string{"10.100.100.0/24"}, node.EgressGatewayRanges) node, err = DeleteEgressGateway(gateway.NetID, gateway.NodeID) assert.Nil(t, err) assert.Equal(t, false, node.IsEgressGateway) @@ -177,7 +177,7 @@ func TestValidateEgressGateway(t *testing.T) { }) t.Run("Success", func(t *testing.T) { gateway.Interface = "eth0" - gateway.Ranges = ["10.100.100.0/24"] + gateway.Ranges = []string{"10.100.100.0/24"} err := ValidateEgressGateway(gateway) assert.Nil(t, err) }) diff --git a/test/node_test.go b/test/node_test.go index 2e41a87e..7b6259a0 100644 --- a/test/node_test.go +++ b/test/node_test.go @@ -286,7 +286,6 @@ func TestCreateEgressGateway(t *testing.T) { assert.True(t, message.IsEgressGateway) t.Log(err) }) - }) t.Run("BadInterface", func(t *testing.T) { gateway.Ranges = []string{"0.0.0.0/0"} gateway.Interface = ""