From 384ca032083a4f51f966b86911f01abc88aa8f5c Mon Sep 17 00:00:00 2001 From: Kristoffer Dalby Date: Sun, 18 Feb 2024 19:31:29 +0100 Subject: [PATCH] new IP allocator and add postgres to integration tests. (#1756) --- ...ation-v2-TestACLAllowStarDst-postgres.yaml | 68 ++++++ ...st-integration-v2-TestACLAllowStarDst.yaml | 1 + ...ion-v2-TestACLAllowUser80Dst-postgres.yaml | 68 ++++++ ...-integration-v2-TestACLAllowUser80Dst.yaml | 1 + ...ation-v2-TestACLAllowUserDst-postgres.yaml | 68 ++++++ ...st-integration-v2-TestACLAllowUserDst.yaml | 1 + ...tion-v2-TestACLDenyAllPort80-postgres.yaml | 68 ++++++ ...t-integration-v2-TestACLDenyAllPort80.yaml | 1 + ...stACLDevice1CanAccessDevice2-postgres.yaml | 68 ++++++ ...ion-v2-TestACLDevice1CanAccessDevice2.yaml | 1 + ...v2-TestACLHostsInNetMapTable-postgres.yaml | 68 ++++++ ...egration-v2-TestACLHostsInNetMapTable.yaml | 1 + ...v2-TestACLNamedHostsCanReach-postgres.yaml | 68 ++++++ ...egration-v2-TestACLNamedHostsCanReach.yaml | 1 + ...CLNamedHostsCanReachBySubnet-postgres.yaml | 68 ++++++ ...-v2-TestACLNamedHostsCanReachBySubnet.yaml | 1 + ...gration-v2-TestApiKeyCommand-postgres.yaml | 68 ++++++ ...test-integration-v2-TestApiKeyCommand.yaml | 1 + ...-TestAuthKeyLogoutAndRelogin-postgres.yaml | 68 ++++++ ...ration-v2-TestAuthKeyLogoutAndRelogin.yaml | 1 + ...WebFlowAuthenticationPingAll-postgres.yaml | 68 ++++++ ...-TestAuthWebFlowAuthenticationPingAll.yaml | 1 + ...tAuthWebFlowLogoutAndRelogin-postgres.yaml | 68 ++++++ ...on-v2-TestAuthWebFlowLogoutAndRelogin.yaml | 1 + ...ation-v2-TestCreateTailscale-postgres.yaml | 68 ++++++ ...st-integration-v2-TestCreateTailscale.yaml | 1 + ...on-v2-TestDERPServerScenario-postgres.yaml | 68 ++++++ ...integration-v2-TestDERPServerScenario.yaml | 1 + ...ableDisableAutoApprovedRoute-postgres.yaml | 68 ++++++ ...v2-TestEnableDisableAutoApprovedRoute.yaml | 1 + ...ration-v2-TestEnablingRoutes-postgres.yaml | 68 ++++++ ...est-integration-v2-TestEnablingRoutes.yaml | 1 + ...integration-v2-TestEphemeral-postgres.yaml | 68 ++++++ .../test-integration-v2-TestEphemeral.yaml | 1 + ...ntegration-v2-TestExpireNode-postgres.yaml | 68 ++++++ .../test-integration-v2-TestExpireNode.yaml | 1 + ...2-TestHASubnetRouterFailover-postgres.yaml | 68 ++++++ ...gration-v2-TestHASubnetRouterFailover.yaml | 1 + ...integration-v2-TestHeadscale-postgres.yaml | 68 ++++++ .../test-integration-v2-TestHeadscale.yaml | 1 + ...NodeAdvertiseTagNoACLCommand-postgres.yaml | 68 ++++++ ...n-v2-TestNodeAdvertiseTagNoACLCommand.yaml | 1 + ...deAdvertiseTagWithACLCommand-postgres.yaml | 68 ++++++ ...v2-TestNodeAdvertiseTagWithACLCommand.yaml | 1 + ...tegration-v2-TestNodeCommand-postgres.yaml | 68 ++++++ .../test-integration-v2-TestNodeCommand.yaml | 1 + ...ion-v2-TestNodeExpireCommand-postgres.yaml | 68 ++++++ ...-integration-v2-TestNodeExpireCommand.yaml | 1 + ...ation-v2-TestNodeMoveCommand-postgres.yaml | 68 ++++++ ...st-integration-v2-TestNodeMoveCommand.yaml | 1 + ...TestNodeOnlineLastSeenStatus-postgres.yaml | 68 ++++++ ...ation-v2-TestNodeOnlineLastSeenStatus.yaml | 1 + ...ion-v2-TestNodeRenameCommand-postgres.yaml | 68 ++++++ ...-integration-v2-TestNodeRenameCommand.yaml | 1 + ...ration-v2-TestNodeTagCommand-postgres.yaml | 68 ++++++ ...est-integration-v2-TestNodeTagCommand.yaml | 1 + ...estOIDCAuthenticationPingAll-postgres.yaml | 68 ++++++ ...tion-v2-TestOIDCAuthenticationPingAll.yaml | 1 + ...xpireNodesBasedOnTokenExpiry-postgres.yaml | 68 ++++++ ...TestOIDCExpireNodesBasedOnTokenExpiry.yaml | 1 + ...ion-v2-TestPingAllByHostname-postgres.yaml | 68 ++++++ ...-integration-v2-TestPingAllByHostname.yaml | 1 + ...tegration-v2-TestPingAllByIP-postgres.yaml | 68 ++++++ .../test-integration-v2-TestPingAllByIP.yaml | 1 + ...v2-TestPingAllByIPPublicDERP-postgres.yaml | 68 ++++++ ...egration-v2-TestPingAllByIPPublicDERP.yaml | 1 + ...ion-v2-TestPreAuthKeyCommand-postgres.yaml | 68 ++++++ ...-integration-v2-TestPreAuthKeyCommand.yaml | 1 + ...hKeyCommandReusableEphemeral-postgres.yaml | 68 ++++++ ...estPreAuthKeyCommandReusableEphemeral.yaml | 1 + ...eAuthKeyCommandWithoutExpiry-postgres.yaml | 68 ++++++ ...v2-TestPreAuthKeyCommandWithoutExpiry.yaml | 1 + ...ation-v2-TestResolveMagicDNS-postgres.yaml | 68 ++++++ ...st-integration-v2-TestResolveMagicDNS.yaml | 1 + ...ion-v2-TestSSHIsBlockedInACL-postgres.yaml | 68 ++++++ ...-integration-v2-TestSSHIsBlockedInACL.yaml | 1 + ...TestSSHMultipleUsersAllToAll-postgres.yaml | 68 ++++++ ...ation-v2-TestSSHMultipleUsersAllToAll.yaml | 1 + ...on-v2-TestSSHNoSSHConfigured-postgres.yaml | 68 ++++++ ...integration-v2-TestSSHNoSSHConfigured.yaml | 1 + ...ation-v2-TestSSHOneUserToAll-postgres.yaml | 68 ++++++ ...st-integration-v2-TestSSHOneUserToAll.yaml | 1 + ...-v2-TestSSHUserOnlyIsolation-postgres.yaml | 68 ++++++ ...tegration-v2-TestSSHUserOnlyIsolation.yaml | 1 + ...ration-v2-TestSubnetRouteACL-postgres.yaml | 68 ++++++ ...est-integration-v2-TestSubnetRouteACL.yaml | 1 + ...-integration-v2-TestTaildrop-postgres.yaml | 68 ++++++ .../test-integration-v2-TestTaildrop.yaml | 1 + ...ailscaleNodesJoiningHeadcale-postgres.yaml | 68 ++++++ ...-v2-TestTailscaleNodesJoiningHeadcale.yaml | 1 + ...tegration-v2-TestUserCommand-postgres.yaml | 68 ++++++ .../test-integration-v2-TestUserCommand.yaml | 1 + CHANGELOG.md | 2 + cmd/gh-action-integration-generator/main.go | 38 ++-- cmd/headscale/cli/api_key.go | 5 +- config-example.yaml | 6 +- flake.nix | 2 +- go.mod | 2 +- hscontrol/app.go | 15 +- hscontrol/auth.go | 13 ++ hscontrol/db/addresses.go | 106 ---------- hscontrol/db/addresses_test.go | 196 ------------------ hscontrol/db/db.go | 16 +- hscontrol/db/ip.go | 148 +++++++++++++ hscontrol/db/ip_test.go | 151 ++++++++++++++ hscontrol/db/node.go | 25 +-- hscontrol/db/routes_test.go | 5 - hscontrol/db/suite_test.go | 6 - hscontrol/grpcv1.go | 24 ++- hscontrol/oidc.go | 7 +- hscontrol/suite_test.go | 4 - hscontrol/types/config.go | 103 ++++----- hscontrol/types/node.go | 1 - integration/acl_test.go | 2 +- integration/cli_test.go | 3 +- integration/hsic/config.go | 9 +- integration/hsic/hsic.go | 58 +++++- integration/scenario.go | 7 + integration/utils.go | 1 - 119 files changed, 3686 insertions(+), 443 deletions(-) create mode 100644 .github/workflows/test-integration-v2-TestACLAllowStarDst-postgres.yaml create mode 100644 .github/workflows/test-integration-v2-TestACLAllowUser80Dst-postgres.yaml create mode 100644 .github/workflows/test-integration-v2-TestACLAllowUserDst-postgres.yaml create mode 100644 .github/workflows/test-integration-v2-TestACLDenyAllPort80-postgres.yaml create mode 100644 .github/workflows/test-integration-v2-TestACLDevice1CanAccessDevice2-postgres.yaml create mode 100644 .github/workflows/test-integration-v2-TestACLHostsInNetMapTable-postgres.yaml create mode 100644 .github/workflows/test-integration-v2-TestACLNamedHostsCanReach-postgres.yaml create mode 100644 .github/workflows/test-integration-v2-TestACLNamedHostsCanReachBySubnet-postgres.yaml create mode 100644 .github/workflows/test-integration-v2-TestApiKeyCommand-postgres.yaml create mode 100644 .github/workflows/test-integration-v2-TestAuthKeyLogoutAndRelogin-postgres.yaml create mode 100644 .github/workflows/test-integration-v2-TestAuthWebFlowAuthenticationPingAll-postgres.yaml create mode 100644 .github/workflows/test-integration-v2-TestAuthWebFlowLogoutAndRelogin-postgres.yaml create mode 100644 .github/workflows/test-integration-v2-TestCreateTailscale-postgres.yaml create mode 100644 .github/workflows/test-integration-v2-TestDERPServerScenario-postgres.yaml create mode 100644 .github/workflows/test-integration-v2-TestEnableDisableAutoApprovedRoute-postgres.yaml create mode 100644 .github/workflows/test-integration-v2-TestEnablingRoutes-postgres.yaml create mode 100644 .github/workflows/test-integration-v2-TestEphemeral-postgres.yaml create mode 100644 .github/workflows/test-integration-v2-TestExpireNode-postgres.yaml create mode 100644 .github/workflows/test-integration-v2-TestHASubnetRouterFailover-postgres.yaml create mode 100644 .github/workflows/test-integration-v2-TestHeadscale-postgres.yaml create mode 100644 .github/workflows/test-integration-v2-TestNodeAdvertiseTagNoACLCommand-postgres.yaml create mode 100644 .github/workflows/test-integration-v2-TestNodeAdvertiseTagWithACLCommand-postgres.yaml create mode 100644 .github/workflows/test-integration-v2-TestNodeCommand-postgres.yaml create mode 100644 .github/workflows/test-integration-v2-TestNodeExpireCommand-postgres.yaml create mode 100644 .github/workflows/test-integration-v2-TestNodeMoveCommand-postgres.yaml create mode 100644 .github/workflows/test-integration-v2-TestNodeOnlineLastSeenStatus-postgres.yaml create mode 100644 .github/workflows/test-integration-v2-TestNodeRenameCommand-postgres.yaml create mode 100644 .github/workflows/test-integration-v2-TestNodeTagCommand-postgres.yaml create mode 100644 .github/workflows/test-integration-v2-TestOIDCAuthenticationPingAll-postgres.yaml create mode 100644 .github/workflows/test-integration-v2-TestOIDCExpireNodesBasedOnTokenExpiry-postgres.yaml create mode 100644 .github/workflows/test-integration-v2-TestPingAllByHostname-postgres.yaml create mode 100644 .github/workflows/test-integration-v2-TestPingAllByIP-postgres.yaml create mode 100644 .github/workflows/test-integration-v2-TestPingAllByIPPublicDERP-postgres.yaml create mode 100644 .github/workflows/test-integration-v2-TestPreAuthKeyCommand-postgres.yaml create mode 100644 .github/workflows/test-integration-v2-TestPreAuthKeyCommandReusableEphemeral-postgres.yaml create mode 100644 .github/workflows/test-integration-v2-TestPreAuthKeyCommandWithoutExpiry-postgres.yaml create mode 100644 .github/workflows/test-integration-v2-TestResolveMagicDNS-postgres.yaml create mode 100644 .github/workflows/test-integration-v2-TestSSHIsBlockedInACL-postgres.yaml create mode 100644 .github/workflows/test-integration-v2-TestSSHMultipleUsersAllToAll-postgres.yaml create mode 100644 .github/workflows/test-integration-v2-TestSSHNoSSHConfigured-postgres.yaml create mode 100644 .github/workflows/test-integration-v2-TestSSHOneUserToAll-postgres.yaml create mode 100644 .github/workflows/test-integration-v2-TestSSHUserOnlyIsolation-postgres.yaml create mode 100644 .github/workflows/test-integration-v2-TestSubnetRouteACL-postgres.yaml create mode 100644 .github/workflows/test-integration-v2-TestTaildrop-postgres.yaml create mode 100644 .github/workflows/test-integration-v2-TestTailscaleNodesJoiningHeadcale-postgres.yaml create mode 100644 .github/workflows/test-integration-v2-TestUserCommand-postgres.yaml delete mode 100644 hscontrol/db/addresses.go delete mode 100644 hscontrol/db/addresses_test.go create mode 100644 hscontrol/db/ip.go create mode 100644 hscontrol/db/ip_test.go diff --git a/.github/workflows/test-integration-v2-TestACLAllowStarDst-postgres.yaml b/.github/workflows/test-integration-v2-TestACLAllowStarDst-postgres.yaml new file mode 100644 index 0000000..fdac977 --- /dev/null +++ b/.github/workflows/test-integration-v2-TestACLAllowStarDst-postgres.yaml @@ -0,0 +1,68 @@ +# DO NOT EDIT, generated with cmd/gh-action-integration-generator/main.go +# To regenerate, run "go generate" in cmd/gh-action-integration-generator/ + +name: Integration Test v2 - TestACLAllowStarDst-postgres + +on: [pull_request] + +concurrency: + group: ${{ github.workflow }}-$${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + TestACLAllowStarDst-postgres: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 2 + + - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main + - uses: satackey/action-docker-layer-caching@main + continue-on-error: true + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v34 + with: + files: | + *.nix + go.* + **/*.go + integration_test/ + config-example.yaml + + - name: Run TestACLAllowStarDst-postgres + uses: Wandalen/wretry.action@master + if: steps.changed-files.outputs.any_changed == 'true' + with: + attempt_limit: 5 + command: | + nix develop --command -- docker run \ + --tty --rm \ + --volume ~/.cache/hs-integration-go:/go \ + --name headscale-test-suite \ + --volume $PWD:$PWD -w $PWD/integration \ + --volume /var/run/docker.sock:/var/run/docker.sock \ + --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=1 \ + golang:1 \ + go run gotest.tools/gotestsum@latest -- ./... \ + -failfast \ + -timeout 120m \ + -parallel 1 \ + -run "^TestACLAllowStarDst$" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: logs + path: "control_logs/*.log" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: pprof + path: "control_logs/*.pprof.tar" diff --git a/.github/workflows/test-integration-v2-TestACLAllowStarDst.yaml b/.github/workflows/test-integration-v2-TestACLAllowStarDst.yaml index 63017ac..1e10401 100644 --- a/.github/workflows/test-integration-v2-TestACLAllowStarDst.yaml +++ b/.github/workflows/test-integration-v2-TestACLAllowStarDst.yaml @@ -47,6 +47,7 @@ jobs: --volume $PWD:$PWD -w $PWD/integration \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=0 \ golang:1 \ go run gotest.tools/gotestsum@latest -- ./... \ -failfast \ diff --git a/.github/workflows/test-integration-v2-TestACLAllowUser80Dst-postgres.yaml b/.github/workflows/test-integration-v2-TestACLAllowUser80Dst-postgres.yaml new file mode 100644 index 0000000..9c3a23d --- /dev/null +++ b/.github/workflows/test-integration-v2-TestACLAllowUser80Dst-postgres.yaml @@ -0,0 +1,68 @@ +# DO NOT EDIT, generated with cmd/gh-action-integration-generator/main.go +# To regenerate, run "go generate" in cmd/gh-action-integration-generator/ + +name: Integration Test v2 - TestACLAllowUser80Dst-postgres + +on: [pull_request] + +concurrency: + group: ${{ github.workflow }}-$${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + TestACLAllowUser80Dst-postgres: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 2 + + - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main + - uses: satackey/action-docker-layer-caching@main + continue-on-error: true + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v34 + with: + files: | + *.nix + go.* + **/*.go + integration_test/ + config-example.yaml + + - name: Run TestACLAllowUser80Dst-postgres + uses: Wandalen/wretry.action@master + if: steps.changed-files.outputs.any_changed == 'true' + with: + attempt_limit: 5 + command: | + nix develop --command -- docker run \ + --tty --rm \ + --volume ~/.cache/hs-integration-go:/go \ + --name headscale-test-suite \ + --volume $PWD:$PWD -w $PWD/integration \ + --volume /var/run/docker.sock:/var/run/docker.sock \ + --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=1 \ + golang:1 \ + go run gotest.tools/gotestsum@latest -- ./... \ + -failfast \ + -timeout 120m \ + -parallel 1 \ + -run "^TestACLAllowUser80Dst$" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: logs + path: "control_logs/*.log" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: pprof + path: "control_logs/*.pprof.tar" diff --git a/.github/workflows/test-integration-v2-TestACLAllowUser80Dst.yaml b/.github/workflows/test-integration-v2-TestACLAllowUser80Dst.yaml index e3d5d29..f0d6b5c 100644 --- a/.github/workflows/test-integration-v2-TestACLAllowUser80Dst.yaml +++ b/.github/workflows/test-integration-v2-TestACLAllowUser80Dst.yaml @@ -47,6 +47,7 @@ jobs: --volume $PWD:$PWD -w $PWD/integration \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=0 \ golang:1 \ go run gotest.tools/gotestsum@latest -- ./... \ -failfast \ diff --git a/.github/workflows/test-integration-v2-TestACLAllowUserDst-postgres.yaml b/.github/workflows/test-integration-v2-TestACLAllowUserDst-postgres.yaml new file mode 100644 index 0000000..a9c04f5 --- /dev/null +++ b/.github/workflows/test-integration-v2-TestACLAllowUserDst-postgres.yaml @@ -0,0 +1,68 @@ +# DO NOT EDIT, generated with cmd/gh-action-integration-generator/main.go +# To regenerate, run "go generate" in cmd/gh-action-integration-generator/ + +name: Integration Test v2 - TestACLAllowUserDst-postgres + +on: [pull_request] + +concurrency: + group: ${{ github.workflow }}-$${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + TestACLAllowUserDst-postgres: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 2 + + - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main + - uses: satackey/action-docker-layer-caching@main + continue-on-error: true + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v34 + with: + files: | + *.nix + go.* + **/*.go + integration_test/ + config-example.yaml + + - name: Run TestACLAllowUserDst-postgres + uses: Wandalen/wretry.action@master + if: steps.changed-files.outputs.any_changed == 'true' + with: + attempt_limit: 5 + command: | + nix develop --command -- docker run \ + --tty --rm \ + --volume ~/.cache/hs-integration-go:/go \ + --name headscale-test-suite \ + --volume $PWD:$PWD -w $PWD/integration \ + --volume /var/run/docker.sock:/var/run/docker.sock \ + --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=1 \ + golang:1 \ + go run gotest.tools/gotestsum@latest -- ./... \ + -failfast \ + -timeout 120m \ + -parallel 1 \ + -run "^TestACLAllowUserDst$" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: logs + path: "control_logs/*.log" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: pprof + path: "control_logs/*.pprof.tar" diff --git a/.github/workflows/test-integration-v2-TestACLAllowUserDst.yaml b/.github/workflows/test-integration-v2-TestACLAllowUserDst.yaml index dc328ed..483179a 100644 --- a/.github/workflows/test-integration-v2-TestACLAllowUserDst.yaml +++ b/.github/workflows/test-integration-v2-TestACLAllowUserDst.yaml @@ -47,6 +47,7 @@ jobs: --volume $PWD:$PWD -w $PWD/integration \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=0 \ golang:1 \ go run gotest.tools/gotestsum@latest -- ./... \ -failfast \ diff --git a/.github/workflows/test-integration-v2-TestACLDenyAllPort80-postgres.yaml b/.github/workflows/test-integration-v2-TestACLDenyAllPort80-postgres.yaml new file mode 100644 index 0000000..948215d --- /dev/null +++ b/.github/workflows/test-integration-v2-TestACLDenyAllPort80-postgres.yaml @@ -0,0 +1,68 @@ +# DO NOT EDIT, generated with cmd/gh-action-integration-generator/main.go +# To regenerate, run "go generate" in cmd/gh-action-integration-generator/ + +name: Integration Test v2 - TestACLDenyAllPort80-postgres + +on: [pull_request] + +concurrency: + group: ${{ github.workflow }}-$${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + TestACLDenyAllPort80-postgres: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 2 + + - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main + - uses: satackey/action-docker-layer-caching@main + continue-on-error: true + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v34 + with: + files: | + *.nix + go.* + **/*.go + integration_test/ + config-example.yaml + + - name: Run TestACLDenyAllPort80-postgres + uses: Wandalen/wretry.action@master + if: steps.changed-files.outputs.any_changed == 'true' + with: + attempt_limit: 5 + command: | + nix develop --command -- docker run \ + --tty --rm \ + --volume ~/.cache/hs-integration-go:/go \ + --name headscale-test-suite \ + --volume $PWD:$PWD -w $PWD/integration \ + --volume /var/run/docker.sock:/var/run/docker.sock \ + --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=1 \ + golang:1 \ + go run gotest.tools/gotestsum@latest -- ./... \ + -failfast \ + -timeout 120m \ + -parallel 1 \ + -run "^TestACLDenyAllPort80$" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: logs + path: "control_logs/*.log" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: pprof + path: "control_logs/*.pprof.tar" diff --git a/.github/workflows/test-integration-v2-TestACLDenyAllPort80.yaml b/.github/workflows/test-integration-v2-TestACLDenyAllPort80.yaml index 396994a..aa9e0de 100644 --- a/.github/workflows/test-integration-v2-TestACLDenyAllPort80.yaml +++ b/.github/workflows/test-integration-v2-TestACLDenyAllPort80.yaml @@ -47,6 +47,7 @@ jobs: --volume $PWD:$PWD -w $PWD/integration \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=0 \ golang:1 \ go run gotest.tools/gotestsum@latest -- ./... \ -failfast \ diff --git a/.github/workflows/test-integration-v2-TestACLDevice1CanAccessDevice2-postgres.yaml b/.github/workflows/test-integration-v2-TestACLDevice1CanAccessDevice2-postgres.yaml new file mode 100644 index 0000000..a8a9a3c --- /dev/null +++ b/.github/workflows/test-integration-v2-TestACLDevice1CanAccessDevice2-postgres.yaml @@ -0,0 +1,68 @@ +# DO NOT EDIT, generated with cmd/gh-action-integration-generator/main.go +# To regenerate, run "go generate" in cmd/gh-action-integration-generator/ + +name: Integration Test v2 - TestACLDevice1CanAccessDevice2-postgres + +on: [pull_request] + +concurrency: + group: ${{ github.workflow }}-$${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + TestACLDevice1CanAccessDevice2-postgres: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 2 + + - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main + - uses: satackey/action-docker-layer-caching@main + continue-on-error: true + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v34 + with: + files: | + *.nix + go.* + **/*.go + integration_test/ + config-example.yaml + + - name: Run TestACLDevice1CanAccessDevice2-postgres + uses: Wandalen/wretry.action@master + if: steps.changed-files.outputs.any_changed == 'true' + with: + attempt_limit: 5 + command: | + nix develop --command -- docker run \ + --tty --rm \ + --volume ~/.cache/hs-integration-go:/go \ + --name headscale-test-suite \ + --volume $PWD:$PWD -w $PWD/integration \ + --volume /var/run/docker.sock:/var/run/docker.sock \ + --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=1 \ + golang:1 \ + go run gotest.tools/gotestsum@latest -- ./... \ + -failfast \ + -timeout 120m \ + -parallel 1 \ + -run "^TestACLDevice1CanAccessDevice2$" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: logs + path: "control_logs/*.log" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: pprof + path: "control_logs/*.pprof.tar" diff --git a/.github/workflows/test-integration-v2-TestACLDevice1CanAccessDevice2.yaml b/.github/workflows/test-integration-v2-TestACLDevice1CanAccessDevice2.yaml index 9af861f..4b60815 100644 --- a/.github/workflows/test-integration-v2-TestACLDevice1CanAccessDevice2.yaml +++ b/.github/workflows/test-integration-v2-TestACLDevice1CanAccessDevice2.yaml @@ -47,6 +47,7 @@ jobs: --volume $PWD:$PWD -w $PWD/integration \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=0 \ golang:1 \ go run gotest.tools/gotestsum@latest -- ./... \ -failfast \ diff --git a/.github/workflows/test-integration-v2-TestACLHostsInNetMapTable-postgres.yaml b/.github/workflows/test-integration-v2-TestACLHostsInNetMapTable-postgres.yaml new file mode 100644 index 0000000..73237bb --- /dev/null +++ b/.github/workflows/test-integration-v2-TestACLHostsInNetMapTable-postgres.yaml @@ -0,0 +1,68 @@ +# DO NOT EDIT, generated with cmd/gh-action-integration-generator/main.go +# To regenerate, run "go generate" in cmd/gh-action-integration-generator/ + +name: Integration Test v2 - TestACLHostsInNetMapTable-postgres + +on: [pull_request] + +concurrency: + group: ${{ github.workflow }}-$${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + TestACLHostsInNetMapTable-postgres: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 2 + + - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main + - uses: satackey/action-docker-layer-caching@main + continue-on-error: true + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v34 + with: + files: | + *.nix + go.* + **/*.go + integration_test/ + config-example.yaml + + - name: Run TestACLHostsInNetMapTable-postgres + uses: Wandalen/wretry.action@master + if: steps.changed-files.outputs.any_changed == 'true' + with: + attempt_limit: 5 + command: | + nix develop --command -- docker run \ + --tty --rm \ + --volume ~/.cache/hs-integration-go:/go \ + --name headscale-test-suite \ + --volume $PWD:$PWD -w $PWD/integration \ + --volume /var/run/docker.sock:/var/run/docker.sock \ + --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=1 \ + golang:1 \ + go run gotest.tools/gotestsum@latest -- ./... \ + -failfast \ + -timeout 120m \ + -parallel 1 \ + -run "^TestACLHostsInNetMapTable$" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: logs + path: "control_logs/*.log" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: pprof + path: "control_logs/*.pprof.tar" diff --git a/.github/workflows/test-integration-v2-TestACLHostsInNetMapTable.yaml b/.github/workflows/test-integration-v2-TestACLHostsInNetMapTable.yaml index cac45ba..e9cfeb2 100644 --- a/.github/workflows/test-integration-v2-TestACLHostsInNetMapTable.yaml +++ b/.github/workflows/test-integration-v2-TestACLHostsInNetMapTable.yaml @@ -47,6 +47,7 @@ jobs: --volume $PWD:$PWD -w $PWD/integration \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=0 \ golang:1 \ go run gotest.tools/gotestsum@latest -- ./... \ -failfast \ diff --git a/.github/workflows/test-integration-v2-TestACLNamedHostsCanReach-postgres.yaml b/.github/workflows/test-integration-v2-TestACLNamedHostsCanReach-postgres.yaml new file mode 100644 index 0000000..f387141 --- /dev/null +++ b/.github/workflows/test-integration-v2-TestACLNamedHostsCanReach-postgres.yaml @@ -0,0 +1,68 @@ +# DO NOT EDIT, generated with cmd/gh-action-integration-generator/main.go +# To regenerate, run "go generate" in cmd/gh-action-integration-generator/ + +name: Integration Test v2 - TestACLNamedHostsCanReach-postgres + +on: [pull_request] + +concurrency: + group: ${{ github.workflow }}-$${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + TestACLNamedHostsCanReach-postgres: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 2 + + - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main + - uses: satackey/action-docker-layer-caching@main + continue-on-error: true + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v34 + with: + files: | + *.nix + go.* + **/*.go + integration_test/ + config-example.yaml + + - name: Run TestACLNamedHostsCanReach-postgres + uses: Wandalen/wretry.action@master + if: steps.changed-files.outputs.any_changed == 'true' + with: + attempt_limit: 5 + command: | + nix develop --command -- docker run \ + --tty --rm \ + --volume ~/.cache/hs-integration-go:/go \ + --name headscale-test-suite \ + --volume $PWD:$PWD -w $PWD/integration \ + --volume /var/run/docker.sock:/var/run/docker.sock \ + --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=1 \ + golang:1 \ + go run gotest.tools/gotestsum@latest -- ./... \ + -failfast \ + -timeout 120m \ + -parallel 1 \ + -run "^TestACLNamedHostsCanReach$" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: logs + path: "control_logs/*.log" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: pprof + path: "control_logs/*.pprof.tar" diff --git a/.github/workflows/test-integration-v2-TestACLNamedHostsCanReach.yaml b/.github/workflows/test-integration-v2-TestACLNamedHostsCanReach.yaml index f098522..1b99fc2 100644 --- a/.github/workflows/test-integration-v2-TestACLNamedHostsCanReach.yaml +++ b/.github/workflows/test-integration-v2-TestACLNamedHostsCanReach.yaml @@ -47,6 +47,7 @@ jobs: --volume $PWD:$PWD -w $PWD/integration \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=0 \ golang:1 \ go run gotest.tools/gotestsum@latest -- ./... \ -failfast \ diff --git a/.github/workflows/test-integration-v2-TestACLNamedHostsCanReachBySubnet-postgres.yaml b/.github/workflows/test-integration-v2-TestACLNamedHostsCanReachBySubnet-postgres.yaml new file mode 100644 index 0000000..0343b0b --- /dev/null +++ b/.github/workflows/test-integration-v2-TestACLNamedHostsCanReachBySubnet-postgres.yaml @@ -0,0 +1,68 @@ +# DO NOT EDIT, generated with cmd/gh-action-integration-generator/main.go +# To regenerate, run "go generate" in cmd/gh-action-integration-generator/ + +name: Integration Test v2 - TestACLNamedHostsCanReachBySubnet-postgres + +on: [pull_request] + +concurrency: + group: ${{ github.workflow }}-$${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + TestACLNamedHostsCanReachBySubnet-postgres: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 2 + + - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main + - uses: satackey/action-docker-layer-caching@main + continue-on-error: true + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v34 + with: + files: | + *.nix + go.* + **/*.go + integration_test/ + config-example.yaml + + - name: Run TestACLNamedHostsCanReachBySubnet-postgres + uses: Wandalen/wretry.action@master + if: steps.changed-files.outputs.any_changed == 'true' + with: + attempt_limit: 5 + command: | + nix develop --command -- docker run \ + --tty --rm \ + --volume ~/.cache/hs-integration-go:/go \ + --name headscale-test-suite \ + --volume $PWD:$PWD -w $PWD/integration \ + --volume /var/run/docker.sock:/var/run/docker.sock \ + --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=1 \ + golang:1 \ + go run gotest.tools/gotestsum@latest -- ./... \ + -failfast \ + -timeout 120m \ + -parallel 1 \ + -run "^TestACLNamedHostsCanReachBySubnet$" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: logs + path: "control_logs/*.log" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: pprof + path: "control_logs/*.pprof.tar" diff --git a/.github/workflows/test-integration-v2-TestACLNamedHostsCanReachBySubnet.yaml b/.github/workflows/test-integration-v2-TestACLNamedHostsCanReachBySubnet.yaml index cee0e35..e323110 100644 --- a/.github/workflows/test-integration-v2-TestACLNamedHostsCanReachBySubnet.yaml +++ b/.github/workflows/test-integration-v2-TestACLNamedHostsCanReachBySubnet.yaml @@ -47,6 +47,7 @@ jobs: --volume $PWD:$PWD -w $PWD/integration \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=0 \ golang:1 \ go run gotest.tools/gotestsum@latest -- ./... \ -failfast \ diff --git a/.github/workflows/test-integration-v2-TestApiKeyCommand-postgres.yaml b/.github/workflows/test-integration-v2-TestApiKeyCommand-postgres.yaml new file mode 100644 index 0000000..48e6db8 --- /dev/null +++ b/.github/workflows/test-integration-v2-TestApiKeyCommand-postgres.yaml @@ -0,0 +1,68 @@ +# DO NOT EDIT, generated with cmd/gh-action-integration-generator/main.go +# To regenerate, run "go generate" in cmd/gh-action-integration-generator/ + +name: Integration Test v2 - TestApiKeyCommand-postgres + +on: [pull_request] + +concurrency: + group: ${{ github.workflow }}-$${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + TestApiKeyCommand-postgres: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 2 + + - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main + - uses: satackey/action-docker-layer-caching@main + continue-on-error: true + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v34 + with: + files: | + *.nix + go.* + **/*.go + integration_test/ + config-example.yaml + + - name: Run TestApiKeyCommand-postgres + uses: Wandalen/wretry.action@master + if: steps.changed-files.outputs.any_changed == 'true' + with: + attempt_limit: 5 + command: | + nix develop --command -- docker run \ + --tty --rm \ + --volume ~/.cache/hs-integration-go:/go \ + --name headscale-test-suite \ + --volume $PWD:$PWD -w $PWD/integration \ + --volume /var/run/docker.sock:/var/run/docker.sock \ + --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=1 \ + golang:1 \ + go run gotest.tools/gotestsum@latest -- ./... \ + -failfast \ + -timeout 120m \ + -parallel 1 \ + -run "^TestApiKeyCommand$" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: logs + path: "control_logs/*.log" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: pprof + path: "control_logs/*.pprof.tar" diff --git a/.github/workflows/test-integration-v2-TestApiKeyCommand.yaml b/.github/workflows/test-integration-v2-TestApiKeyCommand.yaml index b495b9b..edf5052 100644 --- a/.github/workflows/test-integration-v2-TestApiKeyCommand.yaml +++ b/.github/workflows/test-integration-v2-TestApiKeyCommand.yaml @@ -47,6 +47,7 @@ jobs: --volume $PWD:$PWD -w $PWD/integration \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=0 \ golang:1 \ go run gotest.tools/gotestsum@latest -- ./... \ -failfast \ diff --git a/.github/workflows/test-integration-v2-TestAuthKeyLogoutAndRelogin-postgres.yaml b/.github/workflows/test-integration-v2-TestAuthKeyLogoutAndRelogin-postgres.yaml new file mode 100644 index 0000000..670acb5 --- /dev/null +++ b/.github/workflows/test-integration-v2-TestAuthKeyLogoutAndRelogin-postgres.yaml @@ -0,0 +1,68 @@ +# DO NOT EDIT, generated with cmd/gh-action-integration-generator/main.go +# To regenerate, run "go generate" in cmd/gh-action-integration-generator/ + +name: Integration Test v2 - TestAuthKeyLogoutAndRelogin-postgres + +on: [pull_request] + +concurrency: + group: ${{ github.workflow }}-$${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + TestAuthKeyLogoutAndRelogin-postgres: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 2 + + - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main + - uses: satackey/action-docker-layer-caching@main + continue-on-error: true + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v34 + with: + files: | + *.nix + go.* + **/*.go + integration_test/ + config-example.yaml + + - name: Run TestAuthKeyLogoutAndRelogin-postgres + uses: Wandalen/wretry.action@master + if: steps.changed-files.outputs.any_changed == 'true' + with: + attempt_limit: 5 + command: | + nix develop --command -- docker run \ + --tty --rm \ + --volume ~/.cache/hs-integration-go:/go \ + --name headscale-test-suite \ + --volume $PWD:$PWD -w $PWD/integration \ + --volume /var/run/docker.sock:/var/run/docker.sock \ + --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=1 \ + golang:1 \ + go run gotest.tools/gotestsum@latest -- ./... \ + -failfast \ + -timeout 120m \ + -parallel 1 \ + -run "^TestAuthKeyLogoutAndRelogin$" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: logs + path: "control_logs/*.log" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: pprof + path: "control_logs/*.pprof.tar" diff --git a/.github/workflows/test-integration-v2-TestAuthKeyLogoutAndRelogin.yaml b/.github/workflows/test-integration-v2-TestAuthKeyLogoutAndRelogin.yaml index fcdceeb..17bb803 100644 --- a/.github/workflows/test-integration-v2-TestAuthKeyLogoutAndRelogin.yaml +++ b/.github/workflows/test-integration-v2-TestAuthKeyLogoutAndRelogin.yaml @@ -47,6 +47,7 @@ jobs: --volume $PWD:$PWD -w $PWD/integration \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=0 \ golang:1 \ go run gotest.tools/gotestsum@latest -- ./... \ -failfast \ diff --git a/.github/workflows/test-integration-v2-TestAuthWebFlowAuthenticationPingAll-postgres.yaml b/.github/workflows/test-integration-v2-TestAuthWebFlowAuthenticationPingAll-postgres.yaml new file mode 100644 index 0000000..d2a5416 --- /dev/null +++ b/.github/workflows/test-integration-v2-TestAuthWebFlowAuthenticationPingAll-postgres.yaml @@ -0,0 +1,68 @@ +# DO NOT EDIT, generated with cmd/gh-action-integration-generator/main.go +# To regenerate, run "go generate" in cmd/gh-action-integration-generator/ + +name: Integration Test v2 - TestAuthWebFlowAuthenticationPingAll-postgres + +on: [pull_request] + +concurrency: + group: ${{ github.workflow }}-$${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + TestAuthWebFlowAuthenticationPingAll-postgres: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 2 + + - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main + - uses: satackey/action-docker-layer-caching@main + continue-on-error: true + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v34 + with: + files: | + *.nix + go.* + **/*.go + integration_test/ + config-example.yaml + + - name: Run TestAuthWebFlowAuthenticationPingAll-postgres + uses: Wandalen/wretry.action@master + if: steps.changed-files.outputs.any_changed == 'true' + with: + attempt_limit: 5 + command: | + nix develop --command -- docker run \ + --tty --rm \ + --volume ~/.cache/hs-integration-go:/go \ + --name headscale-test-suite \ + --volume $PWD:$PWD -w $PWD/integration \ + --volume /var/run/docker.sock:/var/run/docker.sock \ + --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=1 \ + golang:1 \ + go run gotest.tools/gotestsum@latest -- ./... \ + -failfast \ + -timeout 120m \ + -parallel 1 \ + -run "^TestAuthWebFlowAuthenticationPingAll$" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: logs + path: "control_logs/*.log" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: pprof + path: "control_logs/*.pprof.tar" diff --git a/.github/workflows/test-integration-v2-TestAuthWebFlowAuthenticationPingAll.yaml b/.github/workflows/test-integration-v2-TestAuthWebFlowAuthenticationPingAll.yaml index 9e24a7d..0bd94ff 100644 --- a/.github/workflows/test-integration-v2-TestAuthWebFlowAuthenticationPingAll.yaml +++ b/.github/workflows/test-integration-v2-TestAuthWebFlowAuthenticationPingAll.yaml @@ -47,6 +47,7 @@ jobs: --volume $PWD:$PWD -w $PWD/integration \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=0 \ golang:1 \ go run gotest.tools/gotestsum@latest -- ./... \ -failfast \ diff --git a/.github/workflows/test-integration-v2-TestAuthWebFlowLogoutAndRelogin-postgres.yaml b/.github/workflows/test-integration-v2-TestAuthWebFlowLogoutAndRelogin-postgres.yaml new file mode 100644 index 0000000..50a4da8 --- /dev/null +++ b/.github/workflows/test-integration-v2-TestAuthWebFlowLogoutAndRelogin-postgres.yaml @@ -0,0 +1,68 @@ +# DO NOT EDIT, generated with cmd/gh-action-integration-generator/main.go +# To regenerate, run "go generate" in cmd/gh-action-integration-generator/ + +name: Integration Test v2 - TestAuthWebFlowLogoutAndRelogin-postgres + +on: [pull_request] + +concurrency: + group: ${{ github.workflow }}-$${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + TestAuthWebFlowLogoutAndRelogin-postgres: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 2 + + - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main + - uses: satackey/action-docker-layer-caching@main + continue-on-error: true + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v34 + with: + files: | + *.nix + go.* + **/*.go + integration_test/ + config-example.yaml + + - name: Run TestAuthWebFlowLogoutAndRelogin-postgres + uses: Wandalen/wretry.action@master + if: steps.changed-files.outputs.any_changed == 'true' + with: + attempt_limit: 5 + command: | + nix develop --command -- docker run \ + --tty --rm \ + --volume ~/.cache/hs-integration-go:/go \ + --name headscale-test-suite \ + --volume $PWD:$PWD -w $PWD/integration \ + --volume /var/run/docker.sock:/var/run/docker.sock \ + --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=1 \ + golang:1 \ + go run gotest.tools/gotestsum@latest -- ./... \ + -failfast \ + -timeout 120m \ + -parallel 1 \ + -run "^TestAuthWebFlowLogoutAndRelogin$" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: logs + path: "control_logs/*.log" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: pprof + path: "control_logs/*.pprof.tar" diff --git a/.github/workflows/test-integration-v2-TestAuthWebFlowLogoutAndRelogin.yaml b/.github/workflows/test-integration-v2-TestAuthWebFlowLogoutAndRelogin.yaml index e1ff6c3..f0077e7 100644 --- a/.github/workflows/test-integration-v2-TestAuthWebFlowLogoutAndRelogin.yaml +++ b/.github/workflows/test-integration-v2-TestAuthWebFlowLogoutAndRelogin.yaml @@ -47,6 +47,7 @@ jobs: --volume $PWD:$PWD -w $PWD/integration \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=0 \ golang:1 \ go run gotest.tools/gotestsum@latest -- ./... \ -failfast \ diff --git a/.github/workflows/test-integration-v2-TestCreateTailscale-postgres.yaml b/.github/workflows/test-integration-v2-TestCreateTailscale-postgres.yaml new file mode 100644 index 0000000..d80ec30 --- /dev/null +++ b/.github/workflows/test-integration-v2-TestCreateTailscale-postgres.yaml @@ -0,0 +1,68 @@ +# DO NOT EDIT, generated with cmd/gh-action-integration-generator/main.go +# To regenerate, run "go generate" in cmd/gh-action-integration-generator/ + +name: Integration Test v2 - TestCreateTailscale-postgres + +on: [pull_request] + +concurrency: + group: ${{ github.workflow }}-$${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + TestCreateTailscale-postgres: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 2 + + - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main + - uses: satackey/action-docker-layer-caching@main + continue-on-error: true + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v34 + with: + files: | + *.nix + go.* + **/*.go + integration_test/ + config-example.yaml + + - name: Run TestCreateTailscale-postgres + uses: Wandalen/wretry.action@master + if: steps.changed-files.outputs.any_changed == 'true' + with: + attempt_limit: 5 + command: | + nix develop --command -- docker run \ + --tty --rm \ + --volume ~/.cache/hs-integration-go:/go \ + --name headscale-test-suite \ + --volume $PWD:$PWD -w $PWD/integration \ + --volume /var/run/docker.sock:/var/run/docker.sock \ + --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=1 \ + golang:1 \ + go run gotest.tools/gotestsum@latest -- ./... \ + -failfast \ + -timeout 120m \ + -parallel 1 \ + -run "^TestCreateTailscale$" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: logs + path: "control_logs/*.log" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: pprof + path: "control_logs/*.pprof.tar" diff --git a/.github/workflows/test-integration-v2-TestCreateTailscale.yaml b/.github/workflows/test-integration-v2-TestCreateTailscale.yaml index eaf829c..181d47a 100644 --- a/.github/workflows/test-integration-v2-TestCreateTailscale.yaml +++ b/.github/workflows/test-integration-v2-TestCreateTailscale.yaml @@ -47,6 +47,7 @@ jobs: --volume $PWD:$PWD -w $PWD/integration \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=0 \ golang:1 \ go run gotest.tools/gotestsum@latest -- ./... \ -failfast \ diff --git a/.github/workflows/test-integration-v2-TestDERPServerScenario-postgres.yaml b/.github/workflows/test-integration-v2-TestDERPServerScenario-postgres.yaml new file mode 100644 index 0000000..4f60a31 --- /dev/null +++ b/.github/workflows/test-integration-v2-TestDERPServerScenario-postgres.yaml @@ -0,0 +1,68 @@ +# DO NOT EDIT, generated with cmd/gh-action-integration-generator/main.go +# To regenerate, run "go generate" in cmd/gh-action-integration-generator/ + +name: Integration Test v2 - TestDERPServerScenario-postgres + +on: [pull_request] + +concurrency: + group: ${{ github.workflow }}-$${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + TestDERPServerScenario-postgres: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 2 + + - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main + - uses: satackey/action-docker-layer-caching@main + continue-on-error: true + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v34 + with: + files: | + *.nix + go.* + **/*.go + integration_test/ + config-example.yaml + + - name: Run TestDERPServerScenario-postgres + uses: Wandalen/wretry.action@master + if: steps.changed-files.outputs.any_changed == 'true' + with: + attempt_limit: 5 + command: | + nix develop --command -- docker run \ + --tty --rm \ + --volume ~/.cache/hs-integration-go:/go \ + --name headscale-test-suite \ + --volume $PWD:$PWD -w $PWD/integration \ + --volume /var/run/docker.sock:/var/run/docker.sock \ + --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=1 \ + golang:1 \ + go run gotest.tools/gotestsum@latest -- ./... \ + -failfast \ + -timeout 120m \ + -parallel 1 \ + -run "^TestDERPServerScenario$" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: logs + path: "control_logs/*.log" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: pprof + path: "control_logs/*.pprof.tar" diff --git a/.github/workflows/test-integration-v2-TestDERPServerScenario.yaml b/.github/workflows/test-integration-v2-TestDERPServerScenario.yaml index 41c7db5..a1fe484 100644 --- a/.github/workflows/test-integration-v2-TestDERPServerScenario.yaml +++ b/.github/workflows/test-integration-v2-TestDERPServerScenario.yaml @@ -47,6 +47,7 @@ jobs: --volume $PWD:$PWD -w $PWD/integration \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=0 \ golang:1 \ go run gotest.tools/gotestsum@latest -- ./... \ -failfast \ diff --git a/.github/workflows/test-integration-v2-TestEnableDisableAutoApprovedRoute-postgres.yaml b/.github/workflows/test-integration-v2-TestEnableDisableAutoApprovedRoute-postgres.yaml new file mode 100644 index 0000000..17da75c --- /dev/null +++ b/.github/workflows/test-integration-v2-TestEnableDisableAutoApprovedRoute-postgres.yaml @@ -0,0 +1,68 @@ +# DO NOT EDIT, generated with cmd/gh-action-integration-generator/main.go +# To regenerate, run "go generate" in cmd/gh-action-integration-generator/ + +name: Integration Test v2 - TestEnableDisableAutoApprovedRoute-postgres + +on: [pull_request] + +concurrency: + group: ${{ github.workflow }}-$${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + TestEnableDisableAutoApprovedRoute-postgres: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 2 + + - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main + - uses: satackey/action-docker-layer-caching@main + continue-on-error: true + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v34 + with: + files: | + *.nix + go.* + **/*.go + integration_test/ + config-example.yaml + + - name: Run TestEnableDisableAutoApprovedRoute-postgres + uses: Wandalen/wretry.action@master + if: steps.changed-files.outputs.any_changed == 'true' + with: + attempt_limit: 5 + command: | + nix develop --command -- docker run \ + --tty --rm \ + --volume ~/.cache/hs-integration-go:/go \ + --name headscale-test-suite \ + --volume $PWD:$PWD -w $PWD/integration \ + --volume /var/run/docker.sock:/var/run/docker.sock \ + --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=1 \ + golang:1 \ + go run gotest.tools/gotestsum@latest -- ./... \ + -failfast \ + -timeout 120m \ + -parallel 1 \ + -run "^TestEnableDisableAutoApprovedRoute$" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: logs + path: "control_logs/*.log" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: pprof + path: "control_logs/*.pprof.tar" diff --git a/.github/workflows/test-integration-v2-TestEnableDisableAutoApprovedRoute.yaml b/.github/workflows/test-integration-v2-TestEnableDisableAutoApprovedRoute.yaml index def07cc..0236cee 100644 --- a/.github/workflows/test-integration-v2-TestEnableDisableAutoApprovedRoute.yaml +++ b/.github/workflows/test-integration-v2-TestEnableDisableAutoApprovedRoute.yaml @@ -47,6 +47,7 @@ jobs: --volume $PWD:$PWD -w $PWD/integration \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=0 \ golang:1 \ go run gotest.tools/gotestsum@latest -- ./... \ -failfast \ diff --git a/.github/workflows/test-integration-v2-TestEnablingRoutes-postgres.yaml b/.github/workflows/test-integration-v2-TestEnablingRoutes-postgres.yaml new file mode 100644 index 0000000..d8e9058 --- /dev/null +++ b/.github/workflows/test-integration-v2-TestEnablingRoutes-postgres.yaml @@ -0,0 +1,68 @@ +# DO NOT EDIT, generated with cmd/gh-action-integration-generator/main.go +# To regenerate, run "go generate" in cmd/gh-action-integration-generator/ + +name: Integration Test v2 - TestEnablingRoutes-postgres + +on: [pull_request] + +concurrency: + group: ${{ github.workflow }}-$${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + TestEnablingRoutes-postgres: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 2 + + - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main + - uses: satackey/action-docker-layer-caching@main + continue-on-error: true + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v34 + with: + files: | + *.nix + go.* + **/*.go + integration_test/ + config-example.yaml + + - name: Run TestEnablingRoutes-postgres + uses: Wandalen/wretry.action@master + if: steps.changed-files.outputs.any_changed == 'true' + with: + attempt_limit: 5 + command: | + nix develop --command -- docker run \ + --tty --rm \ + --volume ~/.cache/hs-integration-go:/go \ + --name headscale-test-suite \ + --volume $PWD:$PWD -w $PWD/integration \ + --volume /var/run/docker.sock:/var/run/docker.sock \ + --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=1 \ + golang:1 \ + go run gotest.tools/gotestsum@latest -- ./... \ + -failfast \ + -timeout 120m \ + -parallel 1 \ + -run "^TestEnablingRoutes$" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: logs + path: "control_logs/*.log" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: pprof + path: "control_logs/*.pprof.tar" diff --git a/.github/workflows/test-integration-v2-TestEnablingRoutes.yaml b/.github/workflows/test-integration-v2-TestEnablingRoutes.yaml index 750ea9f..6dbc36d 100644 --- a/.github/workflows/test-integration-v2-TestEnablingRoutes.yaml +++ b/.github/workflows/test-integration-v2-TestEnablingRoutes.yaml @@ -47,6 +47,7 @@ jobs: --volume $PWD:$PWD -w $PWD/integration \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=0 \ golang:1 \ go run gotest.tools/gotestsum@latest -- ./... \ -failfast \ diff --git a/.github/workflows/test-integration-v2-TestEphemeral-postgres.yaml b/.github/workflows/test-integration-v2-TestEphemeral-postgres.yaml new file mode 100644 index 0000000..2f3f3a1 --- /dev/null +++ b/.github/workflows/test-integration-v2-TestEphemeral-postgres.yaml @@ -0,0 +1,68 @@ +# DO NOT EDIT, generated with cmd/gh-action-integration-generator/main.go +# To regenerate, run "go generate" in cmd/gh-action-integration-generator/ + +name: Integration Test v2 - TestEphemeral-postgres + +on: [pull_request] + +concurrency: + group: ${{ github.workflow }}-$${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + TestEphemeral-postgres: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 2 + + - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main + - uses: satackey/action-docker-layer-caching@main + continue-on-error: true + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v34 + with: + files: | + *.nix + go.* + **/*.go + integration_test/ + config-example.yaml + + - name: Run TestEphemeral-postgres + uses: Wandalen/wretry.action@master + if: steps.changed-files.outputs.any_changed == 'true' + with: + attempt_limit: 5 + command: | + nix develop --command -- docker run \ + --tty --rm \ + --volume ~/.cache/hs-integration-go:/go \ + --name headscale-test-suite \ + --volume $PWD:$PWD -w $PWD/integration \ + --volume /var/run/docker.sock:/var/run/docker.sock \ + --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=1 \ + golang:1 \ + go run gotest.tools/gotestsum@latest -- ./... \ + -failfast \ + -timeout 120m \ + -parallel 1 \ + -run "^TestEphemeral$" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: logs + path: "control_logs/*.log" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: pprof + path: "control_logs/*.pprof.tar" diff --git a/.github/workflows/test-integration-v2-TestEphemeral.yaml b/.github/workflows/test-integration-v2-TestEphemeral.yaml index df037ee..fbcdf09 100644 --- a/.github/workflows/test-integration-v2-TestEphemeral.yaml +++ b/.github/workflows/test-integration-v2-TestEphemeral.yaml @@ -47,6 +47,7 @@ jobs: --volume $PWD:$PWD -w $PWD/integration \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=0 \ golang:1 \ go run gotest.tools/gotestsum@latest -- ./... \ -failfast \ diff --git a/.github/workflows/test-integration-v2-TestExpireNode-postgres.yaml b/.github/workflows/test-integration-v2-TestExpireNode-postgres.yaml new file mode 100644 index 0000000..bc82cab --- /dev/null +++ b/.github/workflows/test-integration-v2-TestExpireNode-postgres.yaml @@ -0,0 +1,68 @@ +# DO NOT EDIT, generated with cmd/gh-action-integration-generator/main.go +# To regenerate, run "go generate" in cmd/gh-action-integration-generator/ + +name: Integration Test v2 - TestExpireNode-postgres + +on: [pull_request] + +concurrency: + group: ${{ github.workflow }}-$${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + TestExpireNode-postgres: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 2 + + - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main + - uses: satackey/action-docker-layer-caching@main + continue-on-error: true + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v34 + with: + files: | + *.nix + go.* + **/*.go + integration_test/ + config-example.yaml + + - name: Run TestExpireNode-postgres + uses: Wandalen/wretry.action@master + if: steps.changed-files.outputs.any_changed == 'true' + with: + attempt_limit: 5 + command: | + nix develop --command -- docker run \ + --tty --rm \ + --volume ~/.cache/hs-integration-go:/go \ + --name headscale-test-suite \ + --volume $PWD:$PWD -w $PWD/integration \ + --volume /var/run/docker.sock:/var/run/docker.sock \ + --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=1 \ + golang:1 \ + go run gotest.tools/gotestsum@latest -- ./... \ + -failfast \ + -timeout 120m \ + -parallel 1 \ + -run "^TestExpireNode$" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: logs + path: "control_logs/*.log" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: pprof + path: "control_logs/*.pprof.tar" diff --git a/.github/workflows/test-integration-v2-TestExpireNode.yaml b/.github/workflows/test-integration-v2-TestExpireNode.yaml index 48e5e36..50d721b 100644 --- a/.github/workflows/test-integration-v2-TestExpireNode.yaml +++ b/.github/workflows/test-integration-v2-TestExpireNode.yaml @@ -47,6 +47,7 @@ jobs: --volume $PWD:$PWD -w $PWD/integration \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=0 \ golang:1 \ go run gotest.tools/gotestsum@latest -- ./... \ -failfast \ diff --git a/.github/workflows/test-integration-v2-TestHASubnetRouterFailover-postgres.yaml b/.github/workflows/test-integration-v2-TestHASubnetRouterFailover-postgres.yaml new file mode 100644 index 0000000..d63ee62 --- /dev/null +++ b/.github/workflows/test-integration-v2-TestHASubnetRouterFailover-postgres.yaml @@ -0,0 +1,68 @@ +# DO NOT EDIT, generated with cmd/gh-action-integration-generator/main.go +# To regenerate, run "go generate" in cmd/gh-action-integration-generator/ + +name: Integration Test v2 - TestHASubnetRouterFailover-postgres + +on: [pull_request] + +concurrency: + group: ${{ github.workflow }}-$${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + TestHASubnetRouterFailover-postgres: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 2 + + - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main + - uses: satackey/action-docker-layer-caching@main + continue-on-error: true + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v34 + with: + files: | + *.nix + go.* + **/*.go + integration_test/ + config-example.yaml + + - name: Run TestHASubnetRouterFailover-postgres + uses: Wandalen/wretry.action@master + if: steps.changed-files.outputs.any_changed == 'true' + with: + attempt_limit: 5 + command: | + nix develop --command -- docker run \ + --tty --rm \ + --volume ~/.cache/hs-integration-go:/go \ + --name headscale-test-suite \ + --volume $PWD:$PWD -w $PWD/integration \ + --volume /var/run/docker.sock:/var/run/docker.sock \ + --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=1 \ + golang:1 \ + go run gotest.tools/gotestsum@latest -- ./... \ + -failfast \ + -timeout 120m \ + -parallel 1 \ + -run "^TestHASubnetRouterFailover$" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: logs + path: "control_logs/*.log" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: pprof + path: "control_logs/*.pprof.tar" diff --git a/.github/workflows/test-integration-v2-TestHASubnetRouterFailover.yaml b/.github/workflows/test-integration-v2-TestHASubnetRouterFailover.yaml index 4ffe464..b926bb4 100644 --- a/.github/workflows/test-integration-v2-TestHASubnetRouterFailover.yaml +++ b/.github/workflows/test-integration-v2-TestHASubnetRouterFailover.yaml @@ -47,6 +47,7 @@ jobs: --volume $PWD:$PWD -w $PWD/integration \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=0 \ golang:1 \ go run gotest.tools/gotestsum@latest -- ./... \ -failfast \ diff --git a/.github/workflows/test-integration-v2-TestHeadscale-postgres.yaml b/.github/workflows/test-integration-v2-TestHeadscale-postgres.yaml new file mode 100644 index 0000000..f652a2a --- /dev/null +++ b/.github/workflows/test-integration-v2-TestHeadscale-postgres.yaml @@ -0,0 +1,68 @@ +# DO NOT EDIT, generated with cmd/gh-action-integration-generator/main.go +# To regenerate, run "go generate" in cmd/gh-action-integration-generator/ + +name: Integration Test v2 - TestHeadscale-postgres + +on: [pull_request] + +concurrency: + group: ${{ github.workflow }}-$${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + TestHeadscale-postgres: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 2 + + - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main + - uses: satackey/action-docker-layer-caching@main + continue-on-error: true + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v34 + with: + files: | + *.nix + go.* + **/*.go + integration_test/ + config-example.yaml + + - name: Run TestHeadscale-postgres + uses: Wandalen/wretry.action@master + if: steps.changed-files.outputs.any_changed == 'true' + with: + attempt_limit: 5 + command: | + nix develop --command -- docker run \ + --tty --rm \ + --volume ~/.cache/hs-integration-go:/go \ + --name headscale-test-suite \ + --volume $PWD:$PWD -w $PWD/integration \ + --volume /var/run/docker.sock:/var/run/docker.sock \ + --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=1 \ + golang:1 \ + go run gotest.tools/gotestsum@latest -- ./... \ + -failfast \ + -timeout 120m \ + -parallel 1 \ + -run "^TestHeadscale$" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: logs + path: "control_logs/*.log" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: pprof + path: "control_logs/*.pprof.tar" diff --git a/.github/workflows/test-integration-v2-TestHeadscale.yaml b/.github/workflows/test-integration-v2-TestHeadscale.yaml index ff7dbb1..59e6d65 100644 --- a/.github/workflows/test-integration-v2-TestHeadscale.yaml +++ b/.github/workflows/test-integration-v2-TestHeadscale.yaml @@ -47,6 +47,7 @@ jobs: --volume $PWD:$PWD -w $PWD/integration \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=0 \ golang:1 \ go run gotest.tools/gotestsum@latest -- ./... \ -failfast \ diff --git a/.github/workflows/test-integration-v2-TestNodeAdvertiseTagNoACLCommand-postgres.yaml b/.github/workflows/test-integration-v2-TestNodeAdvertiseTagNoACLCommand-postgres.yaml new file mode 100644 index 0000000..68a8a13 --- /dev/null +++ b/.github/workflows/test-integration-v2-TestNodeAdvertiseTagNoACLCommand-postgres.yaml @@ -0,0 +1,68 @@ +# DO NOT EDIT, generated with cmd/gh-action-integration-generator/main.go +# To regenerate, run "go generate" in cmd/gh-action-integration-generator/ + +name: Integration Test v2 - TestNodeAdvertiseTagNoACLCommand-postgres + +on: [pull_request] + +concurrency: + group: ${{ github.workflow }}-$${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + TestNodeAdvertiseTagNoACLCommand-postgres: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 2 + + - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main + - uses: satackey/action-docker-layer-caching@main + continue-on-error: true + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v34 + with: + files: | + *.nix + go.* + **/*.go + integration_test/ + config-example.yaml + + - name: Run TestNodeAdvertiseTagNoACLCommand-postgres + uses: Wandalen/wretry.action@master + if: steps.changed-files.outputs.any_changed == 'true' + with: + attempt_limit: 5 + command: | + nix develop --command -- docker run \ + --tty --rm \ + --volume ~/.cache/hs-integration-go:/go \ + --name headscale-test-suite \ + --volume $PWD:$PWD -w $PWD/integration \ + --volume /var/run/docker.sock:/var/run/docker.sock \ + --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=1 \ + golang:1 \ + go run gotest.tools/gotestsum@latest -- ./... \ + -failfast \ + -timeout 120m \ + -parallel 1 \ + -run "^TestNodeAdvertiseTagNoACLCommand$" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: logs + path: "control_logs/*.log" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: pprof + path: "control_logs/*.pprof.tar" diff --git a/.github/workflows/test-integration-v2-TestNodeAdvertiseTagNoACLCommand.yaml b/.github/workflows/test-integration-v2-TestNodeAdvertiseTagNoACLCommand.yaml index f51fa61..3ce3fb3 100644 --- a/.github/workflows/test-integration-v2-TestNodeAdvertiseTagNoACLCommand.yaml +++ b/.github/workflows/test-integration-v2-TestNodeAdvertiseTagNoACLCommand.yaml @@ -47,6 +47,7 @@ jobs: --volume $PWD:$PWD -w $PWD/integration \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=0 \ golang:1 \ go run gotest.tools/gotestsum@latest -- ./... \ -failfast \ diff --git a/.github/workflows/test-integration-v2-TestNodeAdvertiseTagWithACLCommand-postgres.yaml b/.github/workflows/test-integration-v2-TestNodeAdvertiseTagWithACLCommand-postgres.yaml new file mode 100644 index 0000000..d496abd --- /dev/null +++ b/.github/workflows/test-integration-v2-TestNodeAdvertiseTagWithACLCommand-postgres.yaml @@ -0,0 +1,68 @@ +# DO NOT EDIT, generated with cmd/gh-action-integration-generator/main.go +# To regenerate, run "go generate" in cmd/gh-action-integration-generator/ + +name: Integration Test v2 - TestNodeAdvertiseTagWithACLCommand-postgres + +on: [pull_request] + +concurrency: + group: ${{ github.workflow }}-$${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + TestNodeAdvertiseTagWithACLCommand-postgres: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 2 + + - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main + - uses: satackey/action-docker-layer-caching@main + continue-on-error: true + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v34 + with: + files: | + *.nix + go.* + **/*.go + integration_test/ + config-example.yaml + + - name: Run TestNodeAdvertiseTagWithACLCommand-postgres + uses: Wandalen/wretry.action@master + if: steps.changed-files.outputs.any_changed == 'true' + with: + attempt_limit: 5 + command: | + nix develop --command -- docker run \ + --tty --rm \ + --volume ~/.cache/hs-integration-go:/go \ + --name headscale-test-suite \ + --volume $PWD:$PWD -w $PWD/integration \ + --volume /var/run/docker.sock:/var/run/docker.sock \ + --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=1 \ + golang:1 \ + go run gotest.tools/gotestsum@latest -- ./... \ + -failfast \ + -timeout 120m \ + -parallel 1 \ + -run "^TestNodeAdvertiseTagWithACLCommand$" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: logs + path: "control_logs/*.log" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: pprof + path: "control_logs/*.pprof.tar" diff --git a/.github/workflows/test-integration-v2-TestNodeAdvertiseTagWithACLCommand.yaml b/.github/workflows/test-integration-v2-TestNodeAdvertiseTagWithACLCommand.yaml index 9e0fcd2..2b26dbd 100644 --- a/.github/workflows/test-integration-v2-TestNodeAdvertiseTagWithACLCommand.yaml +++ b/.github/workflows/test-integration-v2-TestNodeAdvertiseTagWithACLCommand.yaml @@ -47,6 +47,7 @@ jobs: --volume $PWD:$PWD -w $PWD/integration \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=0 \ golang:1 \ go run gotest.tools/gotestsum@latest -- ./... \ -failfast \ diff --git a/.github/workflows/test-integration-v2-TestNodeCommand-postgres.yaml b/.github/workflows/test-integration-v2-TestNodeCommand-postgres.yaml new file mode 100644 index 0000000..8e6c1e1 --- /dev/null +++ b/.github/workflows/test-integration-v2-TestNodeCommand-postgres.yaml @@ -0,0 +1,68 @@ +# DO NOT EDIT, generated with cmd/gh-action-integration-generator/main.go +# To regenerate, run "go generate" in cmd/gh-action-integration-generator/ + +name: Integration Test v2 - TestNodeCommand-postgres + +on: [pull_request] + +concurrency: + group: ${{ github.workflow }}-$${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + TestNodeCommand-postgres: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 2 + + - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main + - uses: satackey/action-docker-layer-caching@main + continue-on-error: true + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v34 + with: + files: | + *.nix + go.* + **/*.go + integration_test/ + config-example.yaml + + - name: Run TestNodeCommand-postgres + uses: Wandalen/wretry.action@master + if: steps.changed-files.outputs.any_changed == 'true' + with: + attempt_limit: 5 + command: | + nix develop --command -- docker run \ + --tty --rm \ + --volume ~/.cache/hs-integration-go:/go \ + --name headscale-test-suite \ + --volume $PWD:$PWD -w $PWD/integration \ + --volume /var/run/docker.sock:/var/run/docker.sock \ + --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=1 \ + golang:1 \ + go run gotest.tools/gotestsum@latest -- ./... \ + -failfast \ + -timeout 120m \ + -parallel 1 \ + -run "^TestNodeCommand$" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: logs + path: "control_logs/*.log" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: pprof + path: "control_logs/*.pprof.tar" diff --git a/.github/workflows/test-integration-v2-TestNodeCommand.yaml b/.github/workflows/test-integration-v2-TestNodeCommand.yaml index 4398672..4c0f5fc 100644 --- a/.github/workflows/test-integration-v2-TestNodeCommand.yaml +++ b/.github/workflows/test-integration-v2-TestNodeCommand.yaml @@ -47,6 +47,7 @@ jobs: --volume $PWD:$PWD -w $PWD/integration \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=0 \ golang:1 \ go run gotest.tools/gotestsum@latest -- ./... \ -failfast \ diff --git a/.github/workflows/test-integration-v2-TestNodeExpireCommand-postgres.yaml b/.github/workflows/test-integration-v2-TestNodeExpireCommand-postgres.yaml new file mode 100644 index 0000000..3bb62cc --- /dev/null +++ b/.github/workflows/test-integration-v2-TestNodeExpireCommand-postgres.yaml @@ -0,0 +1,68 @@ +# DO NOT EDIT, generated with cmd/gh-action-integration-generator/main.go +# To regenerate, run "go generate" in cmd/gh-action-integration-generator/ + +name: Integration Test v2 - TestNodeExpireCommand-postgres + +on: [pull_request] + +concurrency: + group: ${{ github.workflow }}-$${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + TestNodeExpireCommand-postgres: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 2 + + - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main + - uses: satackey/action-docker-layer-caching@main + continue-on-error: true + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v34 + with: + files: | + *.nix + go.* + **/*.go + integration_test/ + config-example.yaml + + - name: Run TestNodeExpireCommand-postgres + uses: Wandalen/wretry.action@master + if: steps.changed-files.outputs.any_changed == 'true' + with: + attempt_limit: 5 + command: | + nix develop --command -- docker run \ + --tty --rm \ + --volume ~/.cache/hs-integration-go:/go \ + --name headscale-test-suite \ + --volume $PWD:$PWD -w $PWD/integration \ + --volume /var/run/docker.sock:/var/run/docker.sock \ + --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=1 \ + golang:1 \ + go run gotest.tools/gotestsum@latest -- ./... \ + -failfast \ + -timeout 120m \ + -parallel 1 \ + -run "^TestNodeExpireCommand$" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: logs + path: "control_logs/*.log" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: pprof + path: "control_logs/*.pprof.tar" diff --git a/.github/workflows/test-integration-v2-TestNodeExpireCommand.yaml b/.github/workflows/test-integration-v2-TestNodeExpireCommand.yaml index f953a1c..5654a7a 100644 --- a/.github/workflows/test-integration-v2-TestNodeExpireCommand.yaml +++ b/.github/workflows/test-integration-v2-TestNodeExpireCommand.yaml @@ -47,6 +47,7 @@ jobs: --volume $PWD:$PWD -w $PWD/integration \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=0 \ golang:1 \ go run gotest.tools/gotestsum@latest -- ./... \ -failfast \ diff --git a/.github/workflows/test-integration-v2-TestNodeMoveCommand-postgres.yaml b/.github/workflows/test-integration-v2-TestNodeMoveCommand-postgres.yaml new file mode 100644 index 0000000..8c947d7 --- /dev/null +++ b/.github/workflows/test-integration-v2-TestNodeMoveCommand-postgres.yaml @@ -0,0 +1,68 @@ +# DO NOT EDIT, generated with cmd/gh-action-integration-generator/main.go +# To regenerate, run "go generate" in cmd/gh-action-integration-generator/ + +name: Integration Test v2 - TestNodeMoveCommand-postgres + +on: [pull_request] + +concurrency: + group: ${{ github.workflow }}-$${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + TestNodeMoveCommand-postgres: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 2 + + - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main + - uses: satackey/action-docker-layer-caching@main + continue-on-error: true + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v34 + with: + files: | + *.nix + go.* + **/*.go + integration_test/ + config-example.yaml + + - name: Run TestNodeMoveCommand-postgres + uses: Wandalen/wretry.action@master + if: steps.changed-files.outputs.any_changed == 'true' + with: + attempt_limit: 5 + command: | + nix develop --command -- docker run \ + --tty --rm \ + --volume ~/.cache/hs-integration-go:/go \ + --name headscale-test-suite \ + --volume $PWD:$PWD -w $PWD/integration \ + --volume /var/run/docker.sock:/var/run/docker.sock \ + --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=1 \ + golang:1 \ + go run gotest.tools/gotestsum@latest -- ./... \ + -failfast \ + -timeout 120m \ + -parallel 1 \ + -run "^TestNodeMoveCommand$" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: logs + path: "control_logs/*.log" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: pprof + path: "control_logs/*.pprof.tar" diff --git a/.github/workflows/test-integration-v2-TestNodeMoveCommand.yaml b/.github/workflows/test-integration-v2-TestNodeMoveCommand.yaml index ce5f5b9..e5af441 100644 --- a/.github/workflows/test-integration-v2-TestNodeMoveCommand.yaml +++ b/.github/workflows/test-integration-v2-TestNodeMoveCommand.yaml @@ -47,6 +47,7 @@ jobs: --volume $PWD:$PWD -w $PWD/integration \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=0 \ golang:1 \ go run gotest.tools/gotestsum@latest -- ./... \ -failfast \ diff --git a/.github/workflows/test-integration-v2-TestNodeOnlineLastSeenStatus-postgres.yaml b/.github/workflows/test-integration-v2-TestNodeOnlineLastSeenStatus-postgres.yaml new file mode 100644 index 0000000..7197f8a --- /dev/null +++ b/.github/workflows/test-integration-v2-TestNodeOnlineLastSeenStatus-postgres.yaml @@ -0,0 +1,68 @@ +# DO NOT EDIT, generated with cmd/gh-action-integration-generator/main.go +# To regenerate, run "go generate" in cmd/gh-action-integration-generator/ + +name: Integration Test v2 - TestNodeOnlineLastSeenStatus-postgres + +on: [pull_request] + +concurrency: + group: ${{ github.workflow }}-$${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + TestNodeOnlineLastSeenStatus-postgres: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 2 + + - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main + - uses: satackey/action-docker-layer-caching@main + continue-on-error: true + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v34 + with: + files: | + *.nix + go.* + **/*.go + integration_test/ + config-example.yaml + + - name: Run TestNodeOnlineLastSeenStatus-postgres + uses: Wandalen/wretry.action@master + if: steps.changed-files.outputs.any_changed == 'true' + with: + attempt_limit: 5 + command: | + nix develop --command -- docker run \ + --tty --rm \ + --volume ~/.cache/hs-integration-go:/go \ + --name headscale-test-suite \ + --volume $PWD:$PWD -w $PWD/integration \ + --volume /var/run/docker.sock:/var/run/docker.sock \ + --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=1 \ + golang:1 \ + go run gotest.tools/gotestsum@latest -- ./... \ + -failfast \ + -timeout 120m \ + -parallel 1 \ + -run "^TestNodeOnlineLastSeenStatus$" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: logs + path: "control_logs/*.log" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: pprof + path: "control_logs/*.pprof.tar" diff --git a/.github/workflows/test-integration-v2-TestNodeOnlineLastSeenStatus.yaml b/.github/workflows/test-integration-v2-TestNodeOnlineLastSeenStatus.yaml index e3a30f8..fc38e0d 100644 --- a/.github/workflows/test-integration-v2-TestNodeOnlineLastSeenStatus.yaml +++ b/.github/workflows/test-integration-v2-TestNodeOnlineLastSeenStatus.yaml @@ -47,6 +47,7 @@ jobs: --volume $PWD:$PWD -w $PWD/integration \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=0 \ golang:1 \ go run gotest.tools/gotestsum@latest -- ./... \ -failfast \ diff --git a/.github/workflows/test-integration-v2-TestNodeRenameCommand-postgres.yaml b/.github/workflows/test-integration-v2-TestNodeRenameCommand-postgres.yaml new file mode 100644 index 0000000..0ba311c --- /dev/null +++ b/.github/workflows/test-integration-v2-TestNodeRenameCommand-postgres.yaml @@ -0,0 +1,68 @@ +# DO NOT EDIT, generated with cmd/gh-action-integration-generator/main.go +# To regenerate, run "go generate" in cmd/gh-action-integration-generator/ + +name: Integration Test v2 - TestNodeRenameCommand-postgres + +on: [pull_request] + +concurrency: + group: ${{ github.workflow }}-$${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + TestNodeRenameCommand-postgres: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 2 + + - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main + - uses: satackey/action-docker-layer-caching@main + continue-on-error: true + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v34 + with: + files: | + *.nix + go.* + **/*.go + integration_test/ + config-example.yaml + + - name: Run TestNodeRenameCommand-postgres + uses: Wandalen/wretry.action@master + if: steps.changed-files.outputs.any_changed == 'true' + with: + attempt_limit: 5 + command: | + nix develop --command -- docker run \ + --tty --rm \ + --volume ~/.cache/hs-integration-go:/go \ + --name headscale-test-suite \ + --volume $PWD:$PWD -w $PWD/integration \ + --volume /var/run/docker.sock:/var/run/docker.sock \ + --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=1 \ + golang:1 \ + go run gotest.tools/gotestsum@latest -- ./... \ + -failfast \ + -timeout 120m \ + -parallel 1 \ + -run "^TestNodeRenameCommand$" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: logs + path: "control_logs/*.log" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: pprof + path: "control_logs/*.pprof.tar" diff --git a/.github/workflows/test-integration-v2-TestNodeRenameCommand.yaml b/.github/workflows/test-integration-v2-TestNodeRenameCommand.yaml index e3ac56a..a6f7729 100644 --- a/.github/workflows/test-integration-v2-TestNodeRenameCommand.yaml +++ b/.github/workflows/test-integration-v2-TestNodeRenameCommand.yaml @@ -47,6 +47,7 @@ jobs: --volume $PWD:$PWD -w $PWD/integration \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=0 \ golang:1 \ go run gotest.tools/gotestsum@latest -- ./... \ -failfast \ diff --git a/.github/workflows/test-integration-v2-TestNodeTagCommand-postgres.yaml b/.github/workflows/test-integration-v2-TestNodeTagCommand-postgres.yaml new file mode 100644 index 0000000..c18fd64 --- /dev/null +++ b/.github/workflows/test-integration-v2-TestNodeTagCommand-postgres.yaml @@ -0,0 +1,68 @@ +# DO NOT EDIT, generated with cmd/gh-action-integration-generator/main.go +# To regenerate, run "go generate" in cmd/gh-action-integration-generator/ + +name: Integration Test v2 - TestNodeTagCommand-postgres + +on: [pull_request] + +concurrency: + group: ${{ github.workflow }}-$${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + TestNodeTagCommand-postgres: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 2 + + - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main + - uses: satackey/action-docker-layer-caching@main + continue-on-error: true + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v34 + with: + files: | + *.nix + go.* + **/*.go + integration_test/ + config-example.yaml + + - name: Run TestNodeTagCommand-postgres + uses: Wandalen/wretry.action@master + if: steps.changed-files.outputs.any_changed == 'true' + with: + attempt_limit: 5 + command: | + nix develop --command -- docker run \ + --tty --rm \ + --volume ~/.cache/hs-integration-go:/go \ + --name headscale-test-suite \ + --volume $PWD:$PWD -w $PWD/integration \ + --volume /var/run/docker.sock:/var/run/docker.sock \ + --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=1 \ + golang:1 \ + go run gotest.tools/gotestsum@latest -- ./... \ + -failfast \ + -timeout 120m \ + -parallel 1 \ + -run "^TestNodeTagCommand$" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: logs + path: "control_logs/*.log" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: pprof + path: "control_logs/*.pprof.tar" diff --git a/.github/workflows/test-integration-v2-TestNodeTagCommand.yaml b/.github/workflows/test-integration-v2-TestNodeTagCommand.yaml index 5e1e578..d3f1b74 100644 --- a/.github/workflows/test-integration-v2-TestNodeTagCommand.yaml +++ b/.github/workflows/test-integration-v2-TestNodeTagCommand.yaml @@ -47,6 +47,7 @@ jobs: --volume $PWD:$PWD -w $PWD/integration \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=0 \ golang:1 \ go run gotest.tools/gotestsum@latest -- ./... \ -failfast \ diff --git a/.github/workflows/test-integration-v2-TestOIDCAuthenticationPingAll-postgres.yaml b/.github/workflows/test-integration-v2-TestOIDCAuthenticationPingAll-postgres.yaml new file mode 100644 index 0000000..25b3c82 --- /dev/null +++ b/.github/workflows/test-integration-v2-TestOIDCAuthenticationPingAll-postgres.yaml @@ -0,0 +1,68 @@ +# DO NOT EDIT, generated with cmd/gh-action-integration-generator/main.go +# To regenerate, run "go generate" in cmd/gh-action-integration-generator/ + +name: Integration Test v2 - TestOIDCAuthenticationPingAll-postgres + +on: [pull_request] + +concurrency: + group: ${{ github.workflow }}-$${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + TestOIDCAuthenticationPingAll-postgres: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 2 + + - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main + - uses: satackey/action-docker-layer-caching@main + continue-on-error: true + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v34 + with: + files: | + *.nix + go.* + **/*.go + integration_test/ + config-example.yaml + + - name: Run TestOIDCAuthenticationPingAll-postgres + uses: Wandalen/wretry.action@master + if: steps.changed-files.outputs.any_changed == 'true' + with: + attempt_limit: 5 + command: | + nix develop --command -- docker run \ + --tty --rm \ + --volume ~/.cache/hs-integration-go:/go \ + --name headscale-test-suite \ + --volume $PWD:$PWD -w $PWD/integration \ + --volume /var/run/docker.sock:/var/run/docker.sock \ + --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=1 \ + golang:1 \ + go run gotest.tools/gotestsum@latest -- ./... \ + -failfast \ + -timeout 120m \ + -parallel 1 \ + -run "^TestOIDCAuthenticationPingAll$" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: logs + path: "control_logs/*.log" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: pprof + path: "control_logs/*.pprof.tar" diff --git a/.github/workflows/test-integration-v2-TestOIDCAuthenticationPingAll.yaml b/.github/workflows/test-integration-v2-TestOIDCAuthenticationPingAll.yaml index e333be2..7da113e 100644 --- a/.github/workflows/test-integration-v2-TestOIDCAuthenticationPingAll.yaml +++ b/.github/workflows/test-integration-v2-TestOIDCAuthenticationPingAll.yaml @@ -47,6 +47,7 @@ jobs: --volume $PWD:$PWD -w $PWD/integration \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=0 \ golang:1 \ go run gotest.tools/gotestsum@latest -- ./... \ -failfast \ diff --git a/.github/workflows/test-integration-v2-TestOIDCExpireNodesBasedOnTokenExpiry-postgres.yaml b/.github/workflows/test-integration-v2-TestOIDCExpireNodesBasedOnTokenExpiry-postgres.yaml new file mode 100644 index 0000000..b755720 --- /dev/null +++ b/.github/workflows/test-integration-v2-TestOIDCExpireNodesBasedOnTokenExpiry-postgres.yaml @@ -0,0 +1,68 @@ +# DO NOT EDIT, generated with cmd/gh-action-integration-generator/main.go +# To regenerate, run "go generate" in cmd/gh-action-integration-generator/ + +name: Integration Test v2 - TestOIDCExpireNodesBasedOnTokenExpiry-postgres + +on: [pull_request] + +concurrency: + group: ${{ github.workflow }}-$${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + TestOIDCExpireNodesBasedOnTokenExpiry-postgres: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 2 + + - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main + - uses: satackey/action-docker-layer-caching@main + continue-on-error: true + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v34 + with: + files: | + *.nix + go.* + **/*.go + integration_test/ + config-example.yaml + + - name: Run TestOIDCExpireNodesBasedOnTokenExpiry-postgres + uses: Wandalen/wretry.action@master + if: steps.changed-files.outputs.any_changed == 'true' + with: + attempt_limit: 5 + command: | + nix develop --command -- docker run \ + --tty --rm \ + --volume ~/.cache/hs-integration-go:/go \ + --name headscale-test-suite \ + --volume $PWD:$PWD -w $PWD/integration \ + --volume /var/run/docker.sock:/var/run/docker.sock \ + --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=1 \ + golang:1 \ + go run gotest.tools/gotestsum@latest -- ./... \ + -failfast \ + -timeout 120m \ + -parallel 1 \ + -run "^TestOIDCExpireNodesBasedOnTokenExpiry$" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: logs + path: "control_logs/*.log" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: pprof + path: "control_logs/*.pprof.tar" diff --git a/.github/workflows/test-integration-v2-TestOIDCExpireNodesBasedOnTokenExpiry.yaml b/.github/workflows/test-integration-v2-TestOIDCExpireNodesBasedOnTokenExpiry.yaml index 1f148c7..8b3a5a8 100644 --- a/.github/workflows/test-integration-v2-TestOIDCExpireNodesBasedOnTokenExpiry.yaml +++ b/.github/workflows/test-integration-v2-TestOIDCExpireNodesBasedOnTokenExpiry.yaml @@ -47,6 +47,7 @@ jobs: --volume $PWD:$PWD -w $PWD/integration \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=0 \ golang:1 \ go run gotest.tools/gotestsum@latest -- ./... \ -failfast \ diff --git a/.github/workflows/test-integration-v2-TestPingAllByHostname-postgres.yaml b/.github/workflows/test-integration-v2-TestPingAllByHostname-postgres.yaml new file mode 100644 index 0000000..869d18b --- /dev/null +++ b/.github/workflows/test-integration-v2-TestPingAllByHostname-postgres.yaml @@ -0,0 +1,68 @@ +# DO NOT EDIT, generated with cmd/gh-action-integration-generator/main.go +# To regenerate, run "go generate" in cmd/gh-action-integration-generator/ + +name: Integration Test v2 - TestPingAllByHostname-postgres + +on: [pull_request] + +concurrency: + group: ${{ github.workflow }}-$${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + TestPingAllByHostname-postgres: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 2 + + - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main + - uses: satackey/action-docker-layer-caching@main + continue-on-error: true + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v34 + with: + files: | + *.nix + go.* + **/*.go + integration_test/ + config-example.yaml + + - name: Run TestPingAllByHostname-postgres + uses: Wandalen/wretry.action@master + if: steps.changed-files.outputs.any_changed == 'true' + with: + attempt_limit: 5 + command: | + nix develop --command -- docker run \ + --tty --rm \ + --volume ~/.cache/hs-integration-go:/go \ + --name headscale-test-suite \ + --volume $PWD:$PWD -w $PWD/integration \ + --volume /var/run/docker.sock:/var/run/docker.sock \ + --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=1 \ + golang:1 \ + go run gotest.tools/gotestsum@latest -- ./... \ + -failfast \ + -timeout 120m \ + -parallel 1 \ + -run "^TestPingAllByHostname$" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: logs + path: "control_logs/*.log" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: pprof + path: "control_logs/*.pprof.tar" diff --git a/.github/workflows/test-integration-v2-TestPingAllByHostname.yaml b/.github/workflows/test-integration-v2-TestPingAllByHostname.yaml index fe9ad76..cbed2dc 100644 --- a/.github/workflows/test-integration-v2-TestPingAllByHostname.yaml +++ b/.github/workflows/test-integration-v2-TestPingAllByHostname.yaml @@ -47,6 +47,7 @@ jobs: --volume $PWD:$PWD -w $PWD/integration \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=0 \ golang:1 \ go run gotest.tools/gotestsum@latest -- ./... \ -failfast \ diff --git a/.github/workflows/test-integration-v2-TestPingAllByIP-postgres.yaml b/.github/workflows/test-integration-v2-TestPingAllByIP-postgres.yaml new file mode 100644 index 0000000..e924304 --- /dev/null +++ b/.github/workflows/test-integration-v2-TestPingAllByIP-postgres.yaml @@ -0,0 +1,68 @@ +# DO NOT EDIT, generated with cmd/gh-action-integration-generator/main.go +# To regenerate, run "go generate" in cmd/gh-action-integration-generator/ + +name: Integration Test v2 - TestPingAllByIP-postgres + +on: [pull_request] + +concurrency: + group: ${{ github.workflow }}-$${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + TestPingAllByIP-postgres: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 2 + + - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main + - uses: satackey/action-docker-layer-caching@main + continue-on-error: true + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v34 + with: + files: | + *.nix + go.* + **/*.go + integration_test/ + config-example.yaml + + - name: Run TestPingAllByIP-postgres + uses: Wandalen/wretry.action@master + if: steps.changed-files.outputs.any_changed == 'true' + with: + attempt_limit: 5 + command: | + nix develop --command -- docker run \ + --tty --rm \ + --volume ~/.cache/hs-integration-go:/go \ + --name headscale-test-suite \ + --volume $PWD:$PWD -w $PWD/integration \ + --volume /var/run/docker.sock:/var/run/docker.sock \ + --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=1 \ + golang:1 \ + go run gotest.tools/gotestsum@latest -- ./... \ + -failfast \ + -timeout 120m \ + -parallel 1 \ + -run "^TestPingAllByIP$" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: logs + path: "control_logs/*.log" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: pprof + path: "control_logs/*.pprof.tar" diff --git a/.github/workflows/test-integration-v2-TestPingAllByIP.yaml b/.github/workflows/test-integration-v2-TestPingAllByIP.yaml index 156ef73..0dd5c7e 100644 --- a/.github/workflows/test-integration-v2-TestPingAllByIP.yaml +++ b/.github/workflows/test-integration-v2-TestPingAllByIP.yaml @@ -47,6 +47,7 @@ jobs: --volume $PWD:$PWD -w $PWD/integration \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=0 \ golang:1 \ go run gotest.tools/gotestsum@latest -- ./... \ -failfast \ diff --git a/.github/workflows/test-integration-v2-TestPingAllByIPPublicDERP-postgres.yaml b/.github/workflows/test-integration-v2-TestPingAllByIPPublicDERP-postgres.yaml new file mode 100644 index 0000000..fe9d3d6 --- /dev/null +++ b/.github/workflows/test-integration-v2-TestPingAllByIPPublicDERP-postgres.yaml @@ -0,0 +1,68 @@ +# DO NOT EDIT, generated with cmd/gh-action-integration-generator/main.go +# To regenerate, run "go generate" in cmd/gh-action-integration-generator/ + +name: Integration Test v2 - TestPingAllByIPPublicDERP-postgres + +on: [pull_request] + +concurrency: + group: ${{ github.workflow }}-$${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + TestPingAllByIPPublicDERP-postgres: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 2 + + - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main + - uses: satackey/action-docker-layer-caching@main + continue-on-error: true + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v34 + with: + files: | + *.nix + go.* + **/*.go + integration_test/ + config-example.yaml + + - name: Run TestPingAllByIPPublicDERP-postgres + uses: Wandalen/wretry.action@master + if: steps.changed-files.outputs.any_changed == 'true' + with: + attempt_limit: 5 + command: | + nix develop --command -- docker run \ + --tty --rm \ + --volume ~/.cache/hs-integration-go:/go \ + --name headscale-test-suite \ + --volume $PWD:$PWD -w $PWD/integration \ + --volume /var/run/docker.sock:/var/run/docker.sock \ + --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=1 \ + golang:1 \ + go run gotest.tools/gotestsum@latest -- ./... \ + -failfast \ + -timeout 120m \ + -parallel 1 \ + -run "^TestPingAllByIPPublicDERP$" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: logs + path: "control_logs/*.log" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: pprof + path: "control_logs/*.pprof.tar" diff --git a/.github/workflows/test-integration-v2-TestPingAllByIPPublicDERP.yaml b/.github/workflows/test-integration-v2-TestPingAllByIPPublicDERP.yaml index 18fd341..8418f76 100644 --- a/.github/workflows/test-integration-v2-TestPingAllByIPPublicDERP.yaml +++ b/.github/workflows/test-integration-v2-TestPingAllByIPPublicDERP.yaml @@ -47,6 +47,7 @@ jobs: --volume $PWD:$PWD -w $PWD/integration \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=0 \ golang:1 \ go run gotest.tools/gotestsum@latest -- ./... \ -failfast \ diff --git a/.github/workflows/test-integration-v2-TestPreAuthKeyCommand-postgres.yaml b/.github/workflows/test-integration-v2-TestPreAuthKeyCommand-postgres.yaml new file mode 100644 index 0000000..7618e5e --- /dev/null +++ b/.github/workflows/test-integration-v2-TestPreAuthKeyCommand-postgres.yaml @@ -0,0 +1,68 @@ +# DO NOT EDIT, generated with cmd/gh-action-integration-generator/main.go +# To regenerate, run "go generate" in cmd/gh-action-integration-generator/ + +name: Integration Test v2 - TestPreAuthKeyCommand-postgres + +on: [pull_request] + +concurrency: + group: ${{ github.workflow }}-$${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + TestPreAuthKeyCommand-postgres: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 2 + + - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main + - uses: satackey/action-docker-layer-caching@main + continue-on-error: true + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v34 + with: + files: | + *.nix + go.* + **/*.go + integration_test/ + config-example.yaml + + - name: Run TestPreAuthKeyCommand-postgres + uses: Wandalen/wretry.action@master + if: steps.changed-files.outputs.any_changed == 'true' + with: + attempt_limit: 5 + command: | + nix develop --command -- docker run \ + --tty --rm \ + --volume ~/.cache/hs-integration-go:/go \ + --name headscale-test-suite \ + --volume $PWD:$PWD -w $PWD/integration \ + --volume /var/run/docker.sock:/var/run/docker.sock \ + --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=1 \ + golang:1 \ + go run gotest.tools/gotestsum@latest -- ./... \ + -failfast \ + -timeout 120m \ + -parallel 1 \ + -run "^TestPreAuthKeyCommand$" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: logs + path: "control_logs/*.log" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: pprof + path: "control_logs/*.pprof.tar" diff --git a/.github/workflows/test-integration-v2-TestPreAuthKeyCommand.yaml b/.github/workflows/test-integration-v2-TestPreAuthKeyCommand.yaml index 11f10b0..472def3 100644 --- a/.github/workflows/test-integration-v2-TestPreAuthKeyCommand.yaml +++ b/.github/workflows/test-integration-v2-TestPreAuthKeyCommand.yaml @@ -47,6 +47,7 @@ jobs: --volume $PWD:$PWD -w $PWD/integration \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=0 \ golang:1 \ go run gotest.tools/gotestsum@latest -- ./... \ -failfast \ diff --git a/.github/workflows/test-integration-v2-TestPreAuthKeyCommandReusableEphemeral-postgres.yaml b/.github/workflows/test-integration-v2-TestPreAuthKeyCommandReusableEphemeral-postgres.yaml new file mode 100644 index 0000000..363c094 --- /dev/null +++ b/.github/workflows/test-integration-v2-TestPreAuthKeyCommandReusableEphemeral-postgres.yaml @@ -0,0 +1,68 @@ +# DO NOT EDIT, generated with cmd/gh-action-integration-generator/main.go +# To regenerate, run "go generate" in cmd/gh-action-integration-generator/ + +name: Integration Test v2 - TestPreAuthKeyCommandReusableEphemeral-postgres + +on: [pull_request] + +concurrency: + group: ${{ github.workflow }}-$${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + TestPreAuthKeyCommandReusableEphemeral-postgres: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 2 + + - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main + - uses: satackey/action-docker-layer-caching@main + continue-on-error: true + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v34 + with: + files: | + *.nix + go.* + **/*.go + integration_test/ + config-example.yaml + + - name: Run TestPreAuthKeyCommandReusableEphemeral-postgres + uses: Wandalen/wretry.action@master + if: steps.changed-files.outputs.any_changed == 'true' + with: + attempt_limit: 5 + command: | + nix develop --command -- docker run \ + --tty --rm \ + --volume ~/.cache/hs-integration-go:/go \ + --name headscale-test-suite \ + --volume $PWD:$PWD -w $PWD/integration \ + --volume /var/run/docker.sock:/var/run/docker.sock \ + --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=1 \ + golang:1 \ + go run gotest.tools/gotestsum@latest -- ./... \ + -failfast \ + -timeout 120m \ + -parallel 1 \ + -run "^TestPreAuthKeyCommandReusableEphemeral$" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: logs + path: "control_logs/*.log" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: pprof + path: "control_logs/*.pprof.tar" diff --git a/.github/workflows/test-integration-v2-TestPreAuthKeyCommandReusableEphemeral.yaml b/.github/workflows/test-integration-v2-TestPreAuthKeyCommandReusableEphemeral.yaml index 1be71ac..1c8b943 100644 --- a/.github/workflows/test-integration-v2-TestPreAuthKeyCommandReusableEphemeral.yaml +++ b/.github/workflows/test-integration-v2-TestPreAuthKeyCommandReusableEphemeral.yaml @@ -47,6 +47,7 @@ jobs: --volume $PWD:$PWD -w $PWD/integration \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=0 \ golang:1 \ go run gotest.tools/gotestsum@latest -- ./... \ -failfast \ diff --git a/.github/workflows/test-integration-v2-TestPreAuthKeyCommandWithoutExpiry-postgres.yaml b/.github/workflows/test-integration-v2-TestPreAuthKeyCommandWithoutExpiry-postgres.yaml new file mode 100644 index 0000000..5bfa959 --- /dev/null +++ b/.github/workflows/test-integration-v2-TestPreAuthKeyCommandWithoutExpiry-postgres.yaml @@ -0,0 +1,68 @@ +# DO NOT EDIT, generated with cmd/gh-action-integration-generator/main.go +# To regenerate, run "go generate" in cmd/gh-action-integration-generator/ + +name: Integration Test v2 - TestPreAuthKeyCommandWithoutExpiry-postgres + +on: [pull_request] + +concurrency: + group: ${{ github.workflow }}-$${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + TestPreAuthKeyCommandWithoutExpiry-postgres: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 2 + + - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main + - uses: satackey/action-docker-layer-caching@main + continue-on-error: true + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v34 + with: + files: | + *.nix + go.* + **/*.go + integration_test/ + config-example.yaml + + - name: Run TestPreAuthKeyCommandWithoutExpiry-postgres + uses: Wandalen/wretry.action@master + if: steps.changed-files.outputs.any_changed == 'true' + with: + attempt_limit: 5 + command: | + nix develop --command -- docker run \ + --tty --rm \ + --volume ~/.cache/hs-integration-go:/go \ + --name headscale-test-suite \ + --volume $PWD:$PWD -w $PWD/integration \ + --volume /var/run/docker.sock:/var/run/docker.sock \ + --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=1 \ + golang:1 \ + go run gotest.tools/gotestsum@latest -- ./... \ + -failfast \ + -timeout 120m \ + -parallel 1 \ + -run "^TestPreAuthKeyCommandWithoutExpiry$" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: logs + path: "control_logs/*.log" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: pprof + path: "control_logs/*.pprof.tar" diff --git a/.github/workflows/test-integration-v2-TestPreAuthKeyCommandWithoutExpiry.yaml b/.github/workflows/test-integration-v2-TestPreAuthKeyCommandWithoutExpiry.yaml index 7d290cd..d44f9ca 100644 --- a/.github/workflows/test-integration-v2-TestPreAuthKeyCommandWithoutExpiry.yaml +++ b/.github/workflows/test-integration-v2-TestPreAuthKeyCommandWithoutExpiry.yaml @@ -47,6 +47,7 @@ jobs: --volume $PWD:$PWD -w $PWD/integration \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=0 \ golang:1 \ go run gotest.tools/gotestsum@latest -- ./... \ -failfast \ diff --git a/.github/workflows/test-integration-v2-TestResolveMagicDNS-postgres.yaml b/.github/workflows/test-integration-v2-TestResolveMagicDNS-postgres.yaml new file mode 100644 index 0000000..a10d6ef --- /dev/null +++ b/.github/workflows/test-integration-v2-TestResolveMagicDNS-postgres.yaml @@ -0,0 +1,68 @@ +# DO NOT EDIT, generated with cmd/gh-action-integration-generator/main.go +# To regenerate, run "go generate" in cmd/gh-action-integration-generator/ + +name: Integration Test v2 - TestResolveMagicDNS-postgres + +on: [pull_request] + +concurrency: + group: ${{ github.workflow }}-$${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + TestResolveMagicDNS-postgres: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 2 + + - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main + - uses: satackey/action-docker-layer-caching@main + continue-on-error: true + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v34 + with: + files: | + *.nix + go.* + **/*.go + integration_test/ + config-example.yaml + + - name: Run TestResolveMagicDNS-postgres + uses: Wandalen/wretry.action@master + if: steps.changed-files.outputs.any_changed == 'true' + with: + attempt_limit: 5 + command: | + nix develop --command -- docker run \ + --tty --rm \ + --volume ~/.cache/hs-integration-go:/go \ + --name headscale-test-suite \ + --volume $PWD:$PWD -w $PWD/integration \ + --volume /var/run/docker.sock:/var/run/docker.sock \ + --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=1 \ + golang:1 \ + go run gotest.tools/gotestsum@latest -- ./... \ + -failfast \ + -timeout 120m \ + -parallel 1 \ + -run "^TestResolveMagicDNS$" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: logs + path: "control_logs/*.log" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: pprof + path: "control_logs/*.pprof.tar" diff --git a/.github/workflows/test-integration-v2-TestResolveMagicDNS.yaml b/.github/workflows/test-integration-v2-TestResolveMagicDNS.yaml index fbcf808..1ebb59e 100644 --- a/.github/workflows/test-integration-v2-TestResolveMagicDNS.yaml +++ b/.github/workflows/test-integration-v2-TestResolveMagicDNS.yaml @@ -47,6 +47,7 @@ jobs: --volume $PWD:$PWD -w $PWD/integration \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=0 \ golang:1 \ go run gotest.tools/gotestsum@latest -- ./... \ -failfast \ diff --git a/.github/workflows/test-integration-v2-TestSSHIsBlockedInACL-postgres.yaml b/.github/workflows/test-integration-v2-TestSSHIsBlockedInACL-postgres.yaml new file mode 100644 index 0000000..da60d36 --- /dev/null +++ b/.github/workflows/test-integration-v2-TestSSHIsBlockedInACL-postgres.yaml @@ -0,0 +1,68 @@ +# DO NOT EDIT, generated with cmd/gh-action-integration-generator/main.go +# To regenerate, run "go generate" in cmd/gh-action-integration-generator/ + +name: Integration Test v2 - TestSSHIsBlockedInACL-postgres + +on: [pull_request] + +concurrency: + group: ${{ github.workflow }}-$${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + TestSSHIsBlockedInACL-postgres: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 2 + + - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main + - uses: satackey/action-docker-layer-caching@main + continue-on-error: true + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v34 + with: + files: | + *.nix + go.* + **/*.go + integration_test/ + config-example.yaml + + - name: Run TestSSHIsBlockedInACL-postgres + uses: Wandalen/wretry.action@master + if: steps.changed-files.outputs.any_changed == 'true' + with: + attempt_limit: 5 + command: | + nix develop --command -- docker run \ + --tty --rm \ + --volume ~/.cache/hs-integration-go:/go \ + --name headscale-test-suite \ + --volume $PWD:$PWD -w $PWD/integration \ + --volume /var/run/docker.sock:/var/run/docker.sock \ + --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=1 \ + golang:1 \ + go run gotest.tools/gotestsum@latest -- ./... \ + -failfast \ + -timeout 120m \ + -parallel 1 \ + -run "^TestSSHIsBlockedInACL$" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: logs + path: "control_logs/*.log" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: pprof + path: "control_logs/*.pprof.tar" diff --git a/.github/workflows/test-integration-v2-TestSSHIsBlockedInACL.yaml b/.github/workflows/test-integration-v2-TestSSHIsBlockedInACL.yaml index bd19c8d..8098efc 100644 --- a/.github/workflows/test-integration-v2-TestSSHIsBlockedInACL.yaml +++ b/.github/workflows/test-integration-v2-TestSSHIsBlockedInACL.yaml @@ -47,6 +47,7 @@ jobs: --volume $PWD:$PWD -w $PWD/integration \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=0 \ golang:1 \ go run gotest.tools/gotestsum@latest -- ./... \ -failfast \ diff --git a/.github/workflows/test-integration-v2-TestSSHMultipleUsersAllToAll-postgres.yaml b/.github/workflows/test-integration-v2-TestSSHMultipleUsersAllToAll-postgres.yaml new file mode 100644 index 0000000..944990a --- /dev/null +++ b/.github/workflows/test-integration-v2-TestSSHMultipleUsersAllToAll-postgres.yaml @@ -0,0 +1,68 @@ +# DO NOT EDIT, generated with cmd/gh-action-integration-generator/main.go +# To regenerate, run "go generate" in cmd/gh-action-integration-generator/ + +name: Integration Test v2 - TestSSHMultipleUsersAllToAll-postgres + +on: [pull_request] + +concurrency: + group: ${{ github.workflow }}-$${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + TestSSHMultipleUsersAllToAll-postgres: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 2 + + - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main + - uses: satackey/action-docker-layer-caching@main + continue-on-error: true + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v34 + with: + files: | + *.nix + go.* + **/*.go + integration_test/ + config-example.yaml + + - name: Run TestSSHMultipleUsersAllToAll-postgres + uses: Wandalen/wretry.action@master + if: steps.changed-files.outputs.any_changed == 'true' + with: + attempt_limit: 5 + command: | + nix develop --command -- docker run \ + --tty --rm \ + --volume ~/.cache/hs-integration-go:/go \ + --name headscale-test-suite \ + --volume $PWD:$PWD -w $PWD/integration \ + --volume /var/run/docker.sock:/var/run/docker.sock \ + --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=1 \ + golang:1 \ + go run gotest.tools/gotestsum@latest -- ./... \ + -failfast \ + -timeout 120m \ + -parallel 1 \ + -run "^TestSSHMultipleUsersAllToAll$" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: logs + path: "control_logs/*.log" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: pprof + path: "control_logs/*.pprof.tar" diff --git a/.github/workflows/test-integration-v2-TestSSHMultipleUsersAllToAll.yaml b/.github/workflows/test-integration-v2-TestSSHMultipleUsersAllToAll.yaml index 00748aa..5356fa9 100644 --- a/.github/workflows/test-integration-v2-TestSSHMultipleUsersAllToAll.yaml +++ b/.github/workflows/test-integration-v2-TestSSHMultipleUsersAllToAll.yaml @@ -47,6 +47,7 @@ jobs: --volume $PWD:$PWD -w $PWD/integration \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=0 \ golang:1 \ go run gotest.tools/gotestsum@latest -- ./... \ -failfast \ diff --git a/.github/workflows/test-integration-v2-TestSSHNoSSHConfigured-postgres.yaml b/.github/workflows/test-integration-v2-TestSSHNoSSHConfigured-postgres.yaml new file mode 100644 index 0000000..77633c2 --- /dev/null +++ b/.github/workflows/test-integration-v2-TestSSHNoSSHConfigured-postgres.yaml @@ -0,0 +1,68 @@ +# DO NOT EDIT, generated with cmd/gh-action-integration-generator/main.go +# To regenerate, run "go generate" in cmd/gh-action-integration-generator/ + +name: Integration Test v2 - TestSSHNoSSHConfigured-postgres + +on: [pull_request] + +concurrency: + group: ${{ github.workflow }}-$${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + TestSSHNoSSHConfigured-postgres: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 2 + + - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main + - uses: satackey/action-docker-layer-caching@main + continue-on-error: true + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v34 + with: + files: | + *.nix + go.* + **/*.go + integration_test/ + config-example.yaml + + - name: Run TestSSHNoSSHConfigured-postgres + uses: Wandalen/wretry.action@master + if: steps.changed-files.outputs.any_changed == 'true' + with: + attempt_limit: 5 + command: | + nix develop --command -- docker run \ + --tty --rm \ + --volume ~/.cache/hs-integration-go:/go \ + --name headscale-test-suite \ + --volume $PWD:$PWD -w $PWD/integration \ + --volume /var/run/docker.sock:/var/run/docker.sock \ + --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=1 \ + golang:1 \ + go run gotest.tools/gotestsum@latest -- ./... \ + -failfast \ + -timeout 120m \ + -parallel 1 \ + -run "^TestSSHNoSSHConfigured$" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: logs + path: "control_logs/*.log" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: pprof + path: "control_logs/*.pprof.tar" diff --git a/.github/workflows/test-integration-v2-TestSSHNoSSHConfigured.yaml b/.github/workflows/test-integration-v2-TestSSHNoSSHConfigured.yaml index be8f38a..346d69d 100644 --- a/.github/workflows/test-integration-v2-TestSSHNoSSHConfigured.yaml +++ b/.github/workflows/test-integration-v2-TestSSHNoSSHConfigured.yaml @@ -47,6 +47,7 @@ jobs: --volume $PWD:$PWD -w $PWD/integration \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=0 \ golang:1 \ go run gotest.tools/gotestsum@latest -- ./... \ -failfast \ diff --git a/.github/workflows/test-integration-v2-TestSSHOneUserToAll-postgres.yaml b/.github/workflows/test-integration-v2-TestSSHOneUserToAll-postgres.yaml new file mode 100644 index 0000000..10a1334 --- /dev/null +++ b/.github/workflows/test-integration-v2-TestSSHOneUserToAll-postgres.yaml @@ -0,0 +1,68 @@ +# DO NOT EDIT, generated with cmd/gh-action-integration-generator/main.go +# To regenerate, run "go generate" in cmd/gh-action-integration-generator/ + +name: Integration Test v2 - TestSSHOneUserToAll-postgres + +on: [pull_request] + +concurrency: + group: ${{ github.workflow }}-$${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + TestSSHOneUserToAll-postgres: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 2 + + - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main + - uses: satackey/action-docker-layer-caching@main + continue-on-error: true + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v34 + with: + files: | + *.nix + go.* + **/*.go + integration_test/ + config-example.yaml + + - name: Run TestSSHOneUserToAll-postgres + uses: Wandalen/wretry.action@master + if: steps.changed-files.outputs.any_changed == 'true' + with: + attempt_limit: 5 + command: | + nix develop --command -- docker run \ + --tty --rm \ + --volume ~/.cache/hs-integration-go:/go \ + --name headscale-test-suite \ + --volume $PWD:$PWD -w $PWD/integration \ + --volume /var/run/docker.sock:/var/run/docker.sock \ + --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=1 \ + golang:1 \ + go run gotest.tools/gotestsum@latest -- ./... \ + -failfast \ + -timeout 120m \ + -parallel 1 \ + -run "^TestSSHOneUserToAll$" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: logs + path: "control_logs/*.log" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: pprof + path: "control_logs/*.pprof.tar" diff --git a/.github/workflows/test-integration-v2-TestSSHOneUserToAll.yaml b/.github/workflows/test-integration-v2-TestSSHOneUserToAll.yaml index 62ab49b..b696409 100644 --- a/.github/workflows/test-integration-v2-TestSSHOneUserToAll.yaml +++ b/.github/workflows/test-integration-v2-TestSSHOneUserToAll.yaml @@ -47,6 +47,7 @@ jobs: --volume $PWD:$PWD -w $PWD/integration \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=0 \ golang:1 \ go run gotest.tools/gotestsum@latest -- ./... \ -failfast \ diff --git a/.github/workflows/test-integration-v2-TestSSHUserOnlyIsolation-postgres.yaml b/.github/workflows/test-integration-v2-TestSSHUserOnlyIsolation-postgres.yaml new file mode 100644 index 0000000..d4acf63 --- /dev/null +++ b/.github/workflows/test-integration-v2-TestSSHUserOnlyIsolation-postgres.yaml @@ -0,0 +1,68 @@ +# DO NOT EDIT, generated with cmd/gh-action-integration-generator/main.go +# To regenerate, run "go generate" in cmd/gh-action-integration-generator/ + +name: Integration Test v2 - TestSSHUserOnlyIsolation-postgres + +on: [pull_request] + +concurrency: + group: ${{ github.workflow }}-$${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + TestSSHUserOnlyIsolation-postgres: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 2 + + - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main + - uses: satackey/action-docker-layer-caching@main + continue-on-error: true + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v34 + with: + files: | + *.nix + go.* + **/*.go + integration_test/ + config-example.yaml + + - name: Run TestSSHUserOnlyIsolation-postgres + uses: Wandalen/wretry.action@master + if: steps.changed-files.outputs.any_changed == 'true' + with: + attempt_limit: 5 + command: | + nix develop --command -- docker run \ + --tty --rm \ + --volume ~/.cache/hs-integration-go:/go \ + --name headscale-test-suite \ + --volume $PWD:$PWD -w $PWD/integration \ + --volume /var/run/docker.sock:/var/run/docker.sock \ + --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=1 \ + golang:1 \ + go run gotest.tools/gotestsum@latest -- ./... \ + -failfast \ + -timeout 120m \ + -parallel 1 \ + -run "^TestSSHUserOnlyIsolation$" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: logs + path: "control_logs/*.log" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: pprof + path: "control_logs/*.pprof.tar" diff --git a/.github/workflows/test-integration-v2-TestSSHUserOnlyIsolation.yaml b/.github/workflows/test-integration-v2-TestSSHUserOnlyIsolation.yaml index 8626453..7a2dcad 100644 --- a/.github/workflows/test-integration-v2-TestSSHUserOnlyIsolation.yaml +++ b/.github/workflows/test-integration-v2-TestSSHUserOnlyIsolation.yaml @@ -47,6 +47,7 @@ jobs: --volume $PWD:$PWD -w $PWD/integration \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=0 \ golang:1 \ go run gotest.tools/gotestsum@latest -- ./... \ -failfast \ diff --git a/.github/workflows/test-integration-v2-TestSubnetRouteACL-postgres.yaml b/.github/workflows/test-integration-v2-TestSubnetRouteACL-postgres.yaml new file mode 100644 index 0000000..1bfbbd0 --- /dev/null +++ b/.github/workflows/test-integration-v2-TestSubnetRouteACL-postgres.yaml @@ -0,0 +1,68 @@ +# DO NOT EDIT, generated with cmd/gh-action-integration-generator/main.go +# To regenerate, run "go generate" in cmd/gh-action-integration-generator/ + +name: Integration Test v2 - TestSubnetRouteACL-postgres + +on: [pull_request] + +concurrency: + group: ${{ github.workflow }}-$${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + TestSubnetRouteACL-postgres: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 2 + + - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main + - uses: satackey/action-docker-layer-caching@main + continue-on-error: true + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v34 + with: + files: | + *.nix + go.* + **/*.go + integration_test/ + config-example.yaml + + - name: Run TestSubnetRouteACL-postgres + uses: Wandalen/wretry.action@master + if: steps.changed-files.outputs.any_changed == 'true' + with: + attempt_limit: 5 + command: | + nix develop --command -- docker run \ + --tty --rm \ + --volume ~/.cache/hs-integration-go:/go \ + --name headscale-test-suite \ + --volume $PWD:$PWD -w $PWD/integration \ + --volume /var/run/docker.sock:/var/run/docker.sock \ + --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=1 \ + golang:1 \ + go run gotest.tools/gotestsum@latest -- ./... \ + -failfast \ + -timeout 120m \ + -parallel 1 \ + -run "^TestSubnetRouteACL$" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: logs + path: "control_logs/*.log" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: pprof + path: "control_logs/*.pprof.tar" diff --git a/.github/workflows/test-integration-v2-TestSubnetRouteACL.yaml b/.github/workflows/test-integration-v2-TestSubnetRouteACL.yaml index 3cb3f11..ce116c5 100644 --- a/.github/workflows/test-integration-v2-TestSubnetRouteACL.yaml +++ b/.github/workflows/test-integration-v2-TestSubnetRouteACL.yaml @@ -47,6 +47,7 @@ jobs: --volume $PWD:$PWD -w $PWD/integration \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=0 \ golang:1 \ go run gotest.tools/gotestsum@latest -- ./... \ -failfast \ diff --git a/.github/workflows/test-integration-v2-TestTaildrop-postgres.yaml b/.github/workflows/test-integration-v2-TestTaildrop-postgres.yaml new file mode 100644 index 0000000..7be2e14 --- /dev/null +++ b/.github/workflows/test-integration-v2-TestTaildrop-postgres.yaml @@ -0,0 +1,68 @@ +# DO NOT EDIT, generated with cmd/gh-action-integration-generator/main.go +# To regenerate, run "go generate" in cmd/gh-action-integration-generator/ + +name: Integration Test v2 - TestTaildrop-postgres + +on: [pull_request] + +concurrency: + group: ${{ github.workflow }}-$${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + TestTaildrop-postgres: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 2 + + - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main + - uses: satackey/action-docker-layer-caching@main + continue-on-error: true + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v34 + with: + files: | + *.nix + go.* + **/*.go + integration_test/ + config-example.yaml + + - name: Run TestTaildrop-postgres + uses: Wandalen/wretry.action@master + if: steps.changed-files.outputs.any_changed == 'true' + with: + attempt_limit: 5 + command: | + nix develop --command -- docker run \ + --tty --rm \ + --volume ~/.cache/hs-integration-go:/go \ + --name headscale-test-suite \ + --volume $PWD:$PWD -w $PWD/integration \ + --volume /var/run/docker.sock:/var/run/docker.sock \ + --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=1 \ + golang:1 \ + go run gotest.tools/gotestsum@latest -- ./... \ + -failfast \ + -timeout 120m \ + -parallel 1 \ + -run "^TestTaildrop$" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: logs + path: "control_logs/*.log" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: pprof + path: "control_logs/*.pprof.tar" diff --git a/.github/workflows/test-integration-v2-TestTaildrop.yaml b/.github/workflows/test-integration-v2-TestTaildrop.yaml index e64eede..71feba5 100644 --- a/.github/workflows/test-integration-v2-TestTaildrop.yaml +++ b/.github/workflows/test-integration-v2-TestTaildrop.yaml @@ -47,6 +47,7 @@ jobs: --volume $PWD:$PWD -w $PWD/integration \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=0 \ golang:1 \ go run gotest.tools/gotestsum@latest -- ./... \ -failfast \ diff --git a/.github/workflows/test-integration-v2-TestTailscaleNodesJoiningHeadcale-postgres.yaml b/.github/workflows/test-integration-v2-TestTailscaleNodesJoiningHeadcale-postgres.yaml new file mode 100644 index 0000000..a42767b --- /dev/null +++ b/.github/workflows/test-integration-v2-TestTailscaleNodesJoiningHeadcale-postgres.yaml @@ -0,0 +1,68 @@ +# DO NOT EDIT, generated with cmd/gh-action-integration-generator/main.go +# To regenerate, run "go generate" in cmd/gh-action-integration-generator/ + +name: Integration Test v2 - TestTailscaleNodesJoiningHeadcale-postgres + +on: [pull_request] + +concurrency: + group: ${{ github.workflow }}-$${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + TestTailscaleNodesJoiningHeadcale-postgres: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 2 + + - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main + - uses: satackey/action-docker-layer-caching@main + continue-on-error: true + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v34 + with: + files: | + *.nix + go.* + **/*.go + integration_test/ + config-example.yaml + + - name: Run TestTailscaleNodesJoiningHeadcale-postgres + uses: Wandalen/wretry.action@master + if: steps.changed-files.outputs.any_changed == 'true' + with: + attempt_limit: 5 + command: | + nix develop --command -- docker run \ + --tty --rm \ + --volume ~/.cache/hs-integration-go:/go \ + --name headscale-test-suite \ + --volume $PWD:$PWD -w $PWD/integration \ + --volume /var/run/docker.sock:/var/run/docker.sock \ + --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=1 \ + golang:1 \ + go run gotest.tools/gotestsum@latest -- ./... \ + -failfast \ + -timeout 120m \ + -parallel 1 \ + -run "^TestTailscaleNodesJoiningHeadcale$" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: logs + path: "control_logs/*.log" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: pprof + path: "control_logs/*.pprof.tar" diff --git a/.github/workflows/test-integration-v2-TestTailscaleNodesJoiningHeadcale.yaml b/.github/workflows/test-integration-v2-TestTailscaleNodesJoiningHeadcale.yaml index c406b2b..63aff7a 100644 --- a/.github/workflows/test-integration-v2-TestTailscaleNodesJoiningHeadcale.yaml +++ b/.github/workflows/test-integration-v2-TestTailscaleNodesJoiningHeadcale.yaml @@ -47,6 +47,7 @@ jobs: --volume $PWD:$PWD -w $PWD/integration \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=0 \ golang:1 \ go run gotest.tools/gotestsum@latest -- ./... \ -failfast \ diff --git a/.github/workflows/test-integration-v2-TestUserCommand-postgres.yaml b/.github/workflows/test-integration-v2-TestUserCommand-postgres.yaml new file mode 100644 index 0000000..5087190 --- /dev/null +++ b/.github/workflows/test-integration-v2-TestUserCommand-postgres.yaml @@ -0,0 +1,68 @@ +# DO NOT EDIT, generated with cmd/gh-action-integration-generator/main.go +# To regenerate, run "go generate" in cmd/gh-action-integration-generator/ + +name: Integration Test v2 - TestUserCommand-postgres + +on: [pull_request] + +concurrency: + group: ${{ github.workflow }}-$${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + TestUserCommand-postgres: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 2 + + - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main + - uses: satackey/action-docker-layer-caching@main + continue-on-error: true + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v34 + with: + files: | + *.nix + go.* + **/*.go + integration_test/ + config-example.yaml + + - name: Run TestUserCommand-postgres + uses: Wandalen/wretry.action@master + if: steps.changed-files.outputs.any_changed == 'true' + with: + attempt_limit: 5 + command: | + nix develop --command -- docker run \ + --tty --rm \ + --volume ~/.cache/hs-integration-go:/go \ + --name headscale-test-suite \ + --volume $PWD:$PWD -w $PWD/integration \ + --volume /var/run/docker.sock:/var/run/docker.sock \ + --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=1 \ + golang:1 \ + go run gotest.tools/gotestsum@latest -- ./... \ + -failfast \ + -timeout 120m \ + -parallel 1 \ + -run "^TestUserCommand$" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: logs + path: "control_logs/*.log" + + - uses: actions/upload-artifact@v3 + if: always() && steps.changed-files.outputs.any_changed == 'true' + with: + name: pprof + path: "control_logs/*.pprof.tar" diff --git a/.github/workflows/test-integration-v2-TestUserCommand.yaml b/.github/workflows/test-integration-v2-TestUserCommand.yaml index 667ad43..1e91b4e 100644 --- a/.github/workflows/test-integration-v2-TestUserCommand.yaml +++ b/.github/workflows/test-integration-v2-TestUserCommand.yaml @@ -47,6 +47,7 @@ jobs: --volume $PWD:$PWD -w $PWD/integration \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES=0 \ golang:1 \ go run gotest.tools/gotestsum@latest -- ./... \ -failfast \ diff --git a/CHANGELOG.md b/CHANGELOG.md index c6a8949..c018696 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -37,6 +37,8 @@ after improving the test harness as part of adopting [#1460](https://github.com/ - Docker images are now built with goreleaser (ko) [#1716](https://github.com/juanfont/headscale/pull/1716) [#1763](https://github.com/juanfont/headscale/pull/1763) - Entrypoint of container image has changed from shell to headscale, require change from `headscale serve` to `serve` - `/var/lib/headscale` and `/var/run/headscale` is no longer created automatically, see [container docs](./docs/running-headscale-container.md) +- Prefixes are now defined per v4 and v6 range. [#1756](https://github.com/juanfont/headscale/pull/1756) + - `ip_prefixes` option is now `prefixes.v4` and `prefixes.v6` ### Changes diff --git a/cmd/gh-action-integration-generator/main.go b/cmd/gh-action-integration-generator/main.go index d5798a9..d71be8a 100644 --- a/cmd/gh-action-integration-generator/main.go +++ b/cmd/gh-action-integration-generator/main.go @@ -68,12 +68,13 @@ jobs: --volume $PWD:$PWD -w $PWD/integration \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume $PWD/control_logs:/tmp/control \ + --env HEADSCALE_INTEGRATION_POSTGRES={{ if .Postgres }}1{{ else }}0{{ end }} \ golang:1 \ go run gotest.tools/gotestsum@latest -- ./... \ -failfast \ -timeout 120m \ -parallel 1 \ - -run "^{{.Name}}$" + -run "^{{.Test}}$" - uses: actions/upload-artifact@v3 if: always() && steps.changed-files.outputs.any_changed == 'true' @@ -145,7 +146,9 @@ func findTests() []string { func main() { type testConfig struct { - Name string + Name string + Test string + Postgres bool } tests := findTests() @@ -153,21 +156,30 @@ func main() { removeTests() for _, test := range tests { - log.Printf("generating workflow for %s", test) + for _, postgres := range []bool{false, true} { + log.Printf("generating workflow for %s", test) - var content bytes.Buffer + name := test + if postgres { + name = test + "-postgres" + } - if err := jobTemplate.Execute(&content, testConfig{ - Name: test, - }); err != nil { - log.Fatalf("failed to render template: %s", err) - } + var content bytes.Buffer - testPath := path.Join(githubWorkflowPath, fmt.Sprintf(jobFileNameTemplate, test)) + if err := jobTemplate.Execute(&content, testConfig{ + Name: name, + Test: test, + Postgres: postgres, + }); err != nil { + log.Fatalf("failed to render template: %s", err) + } - err := os.WriteFile(testPath, content.Bytes(), workflowFilePerm) - if err != nil { - log.Fatalf("failed to write github job: %s", err) + testPath := path.Join(githubWorkflowPath, fmt.Sprintf(jobFileNameTemplate, name)) + + err := os.WriteFile(testPath, content.Bytes(), workflowFilePerm) + if err != nil { + log.Fatalf("failed to write github job: %s", err) + } } } } diff --git a/cmd/headscale/cli/api_key.go b/cmd/headscale/cli/api_key.go index ef94c60..372ec39 100644 --- a/cmd/headscale/cli/api_key.go +++ b/cmd/headscale/cli/api_key.go @@ -5,14 +5,13 @@ import ( "strconv" "time" + v1 "github.com/juanfont/headscale/gen/go/headscale/v1" + "github.com/juanfont/headscale/hscontrol/util" "github.com/prometheus/common/model" "github.com/pterm/pterm" "github.com/rs/zerolog/log" "github.com/spf13/cobra" "google.golang.org/protobuf/types/known/timestamppb" - - v1 "github.com/juanfont/headscale/gen/go/headscale/v1" - "github.com/juanfont/headscale/hscontrol/util" ) const ( diff --git a/config-example.yaml b/config-example.yaml index 80c2af1..ba81ba5 100644 --- a/config-example.yaml +++ b/config-example.yaml @@ -57,9 +57,9 @@ noise: # IPv6: https://github.com/tailscale/tailscale/blob/22ebb25e833264f58d7c3f534a8b166894a89536/net/tsaddr/tsaddr.go#LL81C52-L81C71 # IPv4: https://github.com/tailscale/tailscale/blob/22ebb25e833264f58d7c3f534a8b166894a89536/net/tsaddr/tsaddr.go#L33 # Any other range is NOT supported, and it will cause unexpected issues. -ip_prefixes: - - fd7a:115c:a1e0::/48 - - 100.64.0.0/10 +prefixes: + v6: fd7a:115c:a1e0::/48 + v4: 100.64.0.0/10 # DERP is a relay system that Tailscale uses when a direct # connection cannot be established. diff --git a/flake.nix b/flake.nix index ae8d8ac..79f4ca8 100644 --- a/flake.nix +++ b/flake.nix @@ -31,7 +31,7 @@ # When updating go.mod or go.sum, a new sha will need to be calculated, # update this if you have a mismatch after doing a change to thos files. - vendorHash = "sha256-Ko47U0nOJIacXTbw3rpUGlnmDvr3CWM8LttIoG5Pppk="; + vendorHash = "sha256-Yb5WaN0abPLZ4mPnuJGZoj6EMfoZjaZZ0f344KWva3o="; subPackages = ["cmd/headscale"]; diff --git a/go.mod b/go.mod index 00304c6..be7be53 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/juanfont/headscale -go 1.21.1 +go 1.22 toolchain go1.22.0 diff --git a/hscontrol/app.go b/hscontrol/app.go index 0075eb4..a29e53d 100644 --- a/hscontrol/app.go +++ b/hscontrol/app.go @@ -9,6 +9,7 @@ import ( "net" "net/http" _ "net/http/pprof" //nolint + "net/netip" "os" "os/signal" "path/filepath" @@ -80,6 +81,7 @@ const ( type Headscale struct { cfg *types.Config db *db.HSDatabase + ipAlloc *db.IPAllocator noisePrivateKey *key.MachinePrivate DERPMap *tailcfg.DERPMap @@ -106,6 +108,7 @@ var ( ) func NewHeadscale(cfg *types.Config) (*Headscale, error) { + var err error if profilingEnabled { runtime.SetBlockProfileRate(1) } @@ -128,16 +131,17 @@ func NewHeadscale(cfg *types.Config) (*Headscale, error) { nodeNotifier: notifier.NewNotifier(), } - database, err := db.NewHeadscaleDatabase( + app.db, err = db.NewHeadscaleDatabase( cfg.Database, - app.nodeNotifier, - cfg.IPPrefixes, cfg.BaseDomain) if err != nil { return nil, err } - app.db = database + app.ipAlloc, err = db.NewIPAllocator(app.db, *cfg.PrefixV4, *cfg.PrefixV6) + if err != nil { + return nil, err + } if cfg.OIDC.Issuer != "" { err = app.initOIDC() @@ -151,7 +155,8 @@ func NewHeadscale(cfg *types.Config) (*Headscale, error) { } if app.cfg.DNSConfig != nil && app.cfg.DNSConfig.Proxied { // if MagicDNS - magicDNSDomains := util.GenerateMagicDNSRootDomains(app.cfg.IPPrefixes) + // TODO(kradalby): revisit why this takes a list. + magicDNSDomains := util.GenerateMagicDNSRootDomains([]netip.Prefix{*cfg.PrefixV4, *cfg.PrefixV6}) // we might have routes already from Split DNS if app.cfg.DNSConfig.Routes == nil { app.cfg.DNSConfig.Routes = make(map[string][]*dnstype.Resolver) diff --git a/hscontrol/auth.go b/hscontrol/auth.go index ff858dc..b199fa5 100644 --- a/hscontrol/auth.go +++ b/hscontrol/auth.go @@ -388,8 +388,21 @@ func (h *Headscale) handleAuthKey( ForcedTags: pak.Proto().GetAclTags(), } + addrs, err := h.ipAlloc.Next() + if err != nil { + log.Error(). + Caller(). + Str("func", "RegistrationHandler"). + Str("hostinfo.name", registerRequest.Hostinfo.Hostname). + Err(err). + Msg("failed to allocate IP ") + + return + } + node, err = h.db.RegisterNode( nodeToRegister, + addrs, ) if err != nil { log.Error(). diff --git a/hscontrol/db/addresses.go b/hscontrol/db/addresses.go deleted file mode 100644 index 5857870..0000000 --- a/hscontrol/db/addresses.go +++ /dev/null @@ -1,106 +0,0 @@ -// Codehere is mostly taken from github.com/tailscale/tailscale -// Copyright (c) 2020 Tailscale Inc & AUTHORS All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package db - -import ( - "errors" - "fmt" - "net/netip" - - "github.com/juanfont/headscale/hscontrol/types" - "github.com/juanfont/headscale/hscontrol/util" - "go4.org/netipx" - "gorm.io/gorm" -) - -var ErrCouldNotAllocateIP = errors.New("could not find any suitable IP") - -func (hsdb *HSDatabase) getAvailableIPs() (types.NodeAddresses, error) { - return Read(hsdb.DB, func(rx *gorm.DB) (types.NodeAddresses, error) { - return getAvailableIPs(rx, hsdb.ipPrefixes) - }) -} - -func getAvailableIPs(rx *gorm.DB, ipPrefixes []netip.Prefix) (types.NodeAddresses, error) { - var ips types.NodeAddresses - var err error - for _, ipPrefix := range ipPrefixes { - var ip *netip.Addr - ip, err = getAvailableIP(rx, ipPrefix) - if err != nil { - return ips, err - } - ips = append(ips, *ip) - } - - return ips, err -} - -func getAvailableIP(rx *gorm.DB, ipPrefix netip.Prefix) (*netip.Addr, error) { - usedIps, err := getUsedIPs(rx) - if err != nil { - return nil, err - } - - ipPrefixNetworkAddress, ipPrefixBroadcastAddress := util.GetIPPrefixEndpoints(ipPrefix) - - // Get the first IP in our prefix - ip := ipPrefixNetworkAddress.Next() - - for { - if !ipPrefix.Contains(ip) { - return nil, ErrCouldNotAllocateIP - } - - switch { - case ip.Compare(ipPrefixBroadcastAddress) == 0: - fallthrough - case usedIps.Contains(ip): - fallthrough - case ip == netip.Addr{} || ip.IsLoopback(): - ip = ip.Next() - - continue - - default: - return &ip, nil - } - } -} - -func getUsedIPs(rx *gorm.DB) (*netipx.IPSet, error) { - // FIXME: This really deserves a better data model, - // but this was quick to get running and it should be enough - // to begin experimenting with a dual stack tailnet. - var addressesSlices []string - rx.Model(&types.Node{}).Pluck("ip_addresses", &addressesSlices) - - var ips netipx.IPSetBuilder - for _, slice := range addressesSlices { - var machineAddresses types.NodeAddresses - err := machineAddresses.Scan(slice) - if err != nil { - return &netipx.IPSet{}, fmt.Errorf( - "failed to read ip from database: %w", - err, - ) - } - - for _, ip := range machineAddresses { - ips.Add(ip) - } - } - - ipSet, err := ips.IPSet() - if err != nil { - return &netipx.IPSet{}, fmt.Errorf( - "failed to build IP Set: %w", - err, - ) - } - - return ipSet, nil -} diff --git a/hscontrol/db/addresses_test.go b/hscontrol/db/addresses_test.go deleted file mode 100644 index ef33659..0000000 --- a/hscontrol/db/addresses_test.go +++ /dev/null @@ -1,196 +0,0 @@ -package db - -import ( - "net/netip" - - "github.com/juanfont/headscale/hscontrol/types" - "github.com/juanfont/headscale/hscontrol/util" - "go4.org/netipx" - "gopkg.in/check.v1" - "gorm.io/gorm" -) - -func (s *Suite) TestGetAvailableIp(c *check.C) { - tx := db.DB.Begin() - defer tx.Rollback() - - ips, err := getAvailableIPs(tx, []netip.Prefix{ - netip.MustParsePrefix("10.27.0.0/23"), - }) - - c.Assert(err, check.IsNil) - - expected := netip.MustParseAddr("10.27.0.1") - - c.Assert(len(ips), check.Equals, 1) - c.Assert(ips[0].String(), check.Equals, expected.String()) -} - -func (s *Suite) TestGetUsedIps(c *check.C) { - ips, err := db.getAvailableIPs() - c.Assert(err, check.IsNil) - - user, err := db.CreateUser("test-ip") - c.Assert(err, check.IsNil) - - pak, err := db.CreatePreAuthKey(user.Name, false, false, nil, nil) - c.Assert(err, check.IsNil) - - _, err = db.getNode("test", "testnode") - c.Assert(err, check.NotNil) - - node := types.Node{ - ID: 0, - Hostname: "testnode", - UserID: user.ID, - RegisterMethod: util.RegisterMethodAuthKey, - AuthKeyID: uint(pak.ID), - IPAddresses: ips, - } - db.Write(func(tx *gorm.DB) error { - return tx.Save(&node).Error - }) - - usedIps, err := Read(db.DB, func(rx *gorm.DB) (*netipx.IPSet, error) { - return getUsedIPs(rx) - }) - c.Assert(err, check.IsNil) - - expected := netip.MustParseAddr("10.27.0.1") - expectedIPSetBuilder := netipx.IPSetBuilder{} - expectedIPSetBuilder.Add(expected) - expectedIPSet, _ := expectedIPSetBuilder.IPSet() - - c.Assert(usedIps.Equal(expectedIPSet), check.Equals, true) - c.Assert(usedIps.Contains(expected), check.Equals, true) - - node1, err := db.GetNodeByID(0) - c.Assert(err, check.IsNil) - - c.Assert(len(node1.IPAddresses), check.Equals, 1) - c.Assert(node1.IPAddresses[0], check.Equals, expected) -} - -func (s *Suite) TestGetMultiIp(c *check.C) { - user, err := db.CreateUser("test-ip") - c.Assert(err, check.IsNil) - - ipPrefixes := []netip.Prefix{ - netip.MustParsePrefix("10.27.0.0/23"), - } - - for index := 1; index <= 350; index++ { - tx := db.DB.Begin() - - ips, err := getAvailableIPs(tx, ipPrefixes) - c.Assert(err, check.IsNil) - - pak, err := CreatePreAuthKey(tx, user.Name, false, false, nil, nil) - c.Assert(err, check.IsNil) - - _, err = getNode(tx, "test", "testnode") - c.Assert(err, check.NotNil) - - node := types.Node{ - ID: uint64(index), - Hostname: "testnode", - UserID: user.ID, - RegisterMethod: util.RegisterMethodAuthKey, - AuthKeyID: uint(pak.ID), - IPAddresses: ips, - } - tx.Save(&node) - c.Assert(tx.Commit().Error, check.IsNil) - } - - usedIps, err := Read(db.DB, func(rx *gorm.DB) (*netipx.IPSet, error) { - return getUsedIPs(rx) - }) - c.Assert(err, check.IsNil) - - expected0 := netip.MustParseAddr("10.27.0.1") - expected9 := netip.MustParseAddr("10.27.0.10") - expected300 := netip.MustParseAddr("10.27.0.45") - - notExpectedIPSetBuilder := netipx.IPSetBuilder{} - notExpectedIPSetBuilder.Add(expected0) - notExpectedIPSetBuilder.Add(expected9) - notExpectedIPSetBuilder.Add(expected300) - notExpectedIPSet, err := notExpectedIPSetBuilder.IPSet() - c.Assert(err, check.IsNil) - - // We actually expect it to be a lot larger - c.Assert(usedIps.Equal(notExpectedIPSet), check.Equals, false) - - c.Assert(usedIps.Contains(expected0), check.Equals, true) - c.Assert(usedIps.Contains(expected9), check.Equals, true) - c.Assert(usedIps.Contains(expected300), check.Equals, true) - - // Check that we can read back the IPs - node1, err := db.GetNodeByID(1) - c.Assert(err, check.IsNil) - c.Assert(len(node1.IPAddresses), check.Equals, 1) - c.Assert( - node1.IPAddresses[0], - check.Equals, - netip.MustParseAddr("10.27.0.1"), - ) - - node50, err := db.GetNodeByID(50) - c.Assert(err, check.IsNil) - c.Assert(len(node50.IPAddresses), check.Equals, 1) - c.Assert( - node50.IPAddresses[0], - check.Equals, - netip.MustParseAddr("10.27.0.50"), - ) - - expectedNextIP := netip.MustParseAddr("10.27.1.95") - nextIP, err := db.getAvailableIPs() - c.Assert(err, check.IsNil) - - c.Assert(len(nextIP), check.Equals, 1) - c.Assert(nextIP[0].String(), check.Equals, expectedNextIP.String()) - - // If we call get Available again, we should receive - // the same IP, as it has not been reserved. - nextIP2, err := db.getAvailableIPs() - c.Assert(err, check.IsNil) - - c.Assert(len(nextIP2), check.Equals, 1) - c.Assert(nextIP2[0].String(), check.Equals, expectedNextIP.String()) -} - -func (s *Suite) TestGetAvailableIpNodeWithoutIP(c *check.C) { - ips, err := db.getAvailableIPs() - c.Assert(err, check.IsNil) - - expected := netip.MustParseAddr("10.27.0.1") - - c.Assert(len(ips), check.Equals, 1) - c.Assert(ips[0].String(), check.Equals, expected.String()) - - user, err := db.CreateUser("test-ip") - c.Assert(err, check.IsNil) - - pak, err := db.CreatePreAuthKey(user.Name, false, false, nil, nil) - c.Assert(err, check.IsNil) - - _, err = db.getNode("test", "testnode") - c.Assert(err, check.NotNil) - - node := types.Node{ - ID: 0, - Hostname: "testnode", - UserID: user.ID, - RegisterMethod: util.RegisterMethodAuthKey, - AuthKeyID: uint(pak.ID), - } - db.DB.Save(&node) - - ips2, err := db.getAvailableIPs() - c.Assert(err, check.IsNil) - - c.Assert(len(ips2), check.Equals, 1) - c.Assert(ips2[0].String(), check.Equals, expected.String()) -} diff --git a/hscontrol/db/db.go b/hscontrol/db/db.go index ff9e5f2..10fdb46 100644 --- a/hscontrol/db/db.go +++ b/hscontrol/db/db.go @@ -5,7 +5,6 @@ import ( "database/sql" "errors" "fmt" - "net/netip" "path/filepath" "strconv" "strings" @@ -18,7 +17,6 @@ import ( "gorm.io/gorm" "gorm.io/gorm/logger" - "github.com/juanfont/headscale/hscontrol/notifier" "github.com/juanfont/headscale/hscontrol/types" "github.com/juanfont/headscale/hscontrol/util" ) @@ -35,7 +33,6 @@ type KV struct { type HSDatabase struct { DB *gorm.DB - ipPrefixes []netip.Prefix baseDomain string } @@ -43,8 +40,6 @@ type HSDatabase struct { // rather than arguments. func NewHeadscaleDatabase( cfg types.DatabaseConfig, - notifier *notifier.Notifier, - ipPrefixes []netip.Prefix, baseDomain string, ) (*HSDatabase, error) { dbConn, err := openDB(cfg) @@ -327,7 +322,6 @@ func NewHeadscaleDatabase( db := HSDatabase{ DB: dbConn, - ipPrefixes: ipPrefixes, baseDomain: baseDomain, } @@ -351,6 +345,11 @@ func openDB(cfg types.DatabaseConfig) (*gorm.DB, error) { return nil, fmt.Errorf("creating directory for sqlite: %w", err) } + log.Info(). + Str("database", types.DatabaseSqlite). + Str("path", cfg.Sqlite.Path). + Msg("Opening database") + db, err := gorm.Open( sqlite.Open(cfg.Sqlite.Path+"?_synchronous=1&_journal_mode=WAL"), &gorm.Config{ @@ -379,6 +378,11 @@ func openDB(cfg types.DatabaseConfig) (*gorm.DB, error) { cfg.Postgres.User, ) + log.Info(). + Str("database", types.DatabasePostgres). + Str("path", dbString). + Msg("Opening database") + if sslEnabled, err := strconv.ParseBool(cfg.Postgres.Ssl); err == nil { if !sslEnabled { dbString += " sslmode=disable" diff --git a/hscontrol/db/ip.go b/hscontrol/db/ip.go new file mode 100644 index 0000000..dc49f8a --- /dev/null +++ b/hscontrol/db/ip.go @@ -0,0 +1,148 @@ +package db + +import ( + "errors" + "fmt" + "net/netip" + "sync" + + "github.com/juanfont/headscale/hscontrol/types" + "github.com/juanfont/headscale/hscontrol/util" + "go4.org/netipx" + "gorm.io/gorm" +) + +// IPAllocator is a singleton responsible for allocating +// IP addresses for nodes and making sure the same +// address is not handed out twice. There can only be one +// and it needs to be created before any other database +// writes occur. +type IPAllocator struct { + mu sync.Mutex + + prefix4 netip.Prefix + prefix6 netip.Prefix + + // Previous IPs handed out + prev4 netip.Addr + prev6 netip.Addr + + // Set of all IPs handed out. + // This might not be in sync with the database, + // but it is more conservative. If saves to the + // database fails, the IP will be allocated here + // until the next restart of Headscale. + usedIPs netipx.IPSetBuilder +} + +// NewIPAllocator returns a new IPAllocator singleton which +// can be used to hand out unique IP addresses within the +// provided IPv4 and IPv6 prefix. It needs to be created +// when headscale starts and needs to finish its read +// transaction before any writes to the database occur. +func NewIPAllocator(db *HSDatabase, prefix4, prefix6 netip.Prefix) (*IPAllocator, error) { + var addressesSlices []string + + if db != nil { + db.Read(func(rx *gorm.DB) error { + return rx.Model(&types.Node{}).Pluck("ip_addresses", &addressesSlices).Error + }) + } + + var ips netipx.IPSetBuilder + + // Add network and broadcast addrs to used pool so they + // are not handed out to nodes. + network4, broadcast4 := util.GetIPPrefixEndpoints(prefix4) + network6, broadcast6 := util.GetIPPrefixEndpoints(prefix6) + ips.Add(network4) + ips.Add(broadcast4) + ips.Add(network6) + ips.Add(broadcast6) + + // Fetch all the IP Addresses currently handed out from the Database + // and add them to the used IP set. + for _, slice := range addressesSlices { + var machineAddresses types.NodeAddresses + err := machineAddresses.Scan(slice) + if err != nil { + return nil, fmt.Errorf( + "parsing IPs from database %v: %w", machineAddresses, + err, + ) + } + + for _, ip := range machineAddresses { + ips.Add(ip) + } + } + + // Build the initial IPSet to validate that we can use it. + _, err := ips.IPSet() + if err != nil { + return nil, fmt.Errorf( + "building initial IP Set: %w", + err, + ) + } + + return &IPAllocator{ + usedIPs: ips, + + prefix4: prefix4, + prefix6: prefix6, + + // Use network as starting point, it will be used to call .Next() + // TODO(kradalby): Could potentially take all the IPs loaded from + // the database into account to start at a more "educated" location. + prev4: network4, + prev6: network6, + }, nil +} + +func (i *IPAllocator) Next() (types.NodeAddresses, error) { + i.mu.Lock() + defer i.mu.Unlock() + + v4, err := i.next(i.prev4, i.prefix4) + if err != nil { + return nil, fmt.Errorf("allocating IPv4 address: %w", err) + } + + v6, err := i.next(i.prev6, i.prefix6) + if err != nil { + return nil, fmt.Errorf("allocating IPv6 address: %w", err) + } + + return types.NodeAddresses{*v4, *v6}, nil +} + +var ErrCouldNotAllocateIP = errors.New("failed to allocate IP") + +func (i *IPAllocator) next(prev netip.Addr, prefix netip.Prefix) (*netip.Addr, error) { + // Get the first IP in our prefix + ip := prev.Next() + + // TODO(kradalby): maybe this can be done less often. + set, err := i.usedIPs.IPSet() + if err != nil { + return nil, err + } + + for { + if !prefix.Contains(ip) { + return nil, ErrCouldNotAllocateIP + } + + // Check if the IP has already been allocated. + if set.Contains(ip) { + ip = ip.Next() + + continue + } + + i.usedIPs.Add(ip) + + return &ip, nil + } +} diff --git a/hscontrol/db/ip_test.go b/hscontrol/db/ip_test.go new file mode 100644 index 0000000..17f39c8 --- /dev/null +++ b/hscontrol/db/ip_test.go @@ -0,0 +1,151 @@ +package db + +import ( + "net/netip" + "os" + "testing" + + "github.com/davecgh/go-spew/spew" + "github.com/google/go-cmp/cmp" + "github.com/juanfont/headscale/hscontrol/types" + "github.com/juanfont/headscale/hscontrol/util" +) + +func TestIPAllocator(t *testing.T) { + mpp := func(pref string) netip.Prefix { + return netip.MustParsePrefix(pref) + } + na := func(pref string) netip.Addr { + return netip.MustParseAddr(pref) + } + newDb := func() *HSDatabase { + tmpDir, err := os.MkdirTemp("", "headscale-db-test-*") + if err != nil { + t.Fatalf("creating temp dir: %s", err) + } + db, _ = NewHeadscaleDatabase( + types.DatabaseConfig{ + Type: "sqlite3", + Sqlite: types.SqliteConfig{ + Path: tmpDir + "/headscale_test.db", + }, + }, + "", + ) + + return db + } + + tests := []struct { + name string + dbFunc func() *HSDatabase + + prefix4 netip.Prefix + prefix6 netip.Prefix + getCount int + want []types.NodeAddresses + }{ + { + name: "simple", + dbFunc: func() *HSDatabase { + return nil + }, + + prefix4: mpp("100.64.0.0/10"), + prefix6: mpp("fd7a:115c:a1e0::/48"), + + getCount: 1, + + want: []types.NodeAddresses{ + { + na("100.64.0.1"), + na("fd7a:115c:a1e0::1"), + }, + }, + }, + { + name: "simple-with-db", + dbFunc: func() *HSDatabase { + db := newDb() + + db.DB.Save(&types.Node{ + IPAddresses: types.NodeAddresses{ + na("100.64.0.1"), + na("fd7a:115c:a1e0::1"), + }, + }) + + return db + }, + + prefix4: mpp("100.64.0.0/10"), + prefix6: mpp("fd7a:115c:a1e0::/48"), + + getCount: 1, + + want: []types.NodeAddresses{ + { + na("100.64.0.2"), + na("fd7a:115c:a1e0::2"), + }, + }, + }, + { + name: "before-after-free-middle-in-db", + dbFunc: func() *HSDatabase { + db := newDb() + + db.DB.Save(&types.Node{ + IPAddresses: types.NodeAddresses{ + na("100.64.0.2"), + na("fd7a:115c:a1e0::2"), + }, + }) + + return db + }, + + prefix4: mpp("100.64.0.0/10"), + prefix6: mpp("fd7a:115c:a1e0::/48"), + + getCount: 2, + + want: []types.NodeAddresses{ + { + na("100.64.0.1"), + na("fd7a:115c:a1e0::1"), + }, + { + na("100.64.0.3"), + na("fd7a:115c:a1e0::3"), + }, + }, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + db := tt.dbFunc() + + alloc, _ := NewIPAllocator(db, tt.prefix4, tt.prefix6) + + spew.Dump(alloc) + + t.Logf("prefixes: %q, %q", tt.prefix4.String(), tt.prefix6.String()) + + var got []types.NodeAddresses + + for range tt.getCount { + gotSet, err := alloc.Next() + if err != nil { + t.Fatalf("allocating next IP: %s", err) + } + + got = append(got, gotSet) + } + if diff := cmp.Diff(tt.want, got, util.Comparers...); diff != "" { + t.Errorf("IPAllocator unexpected result (-want +got):\n%s", diff) + } + }) + } +} diff --git a/hscontrol/db/node.go b/hscontrol/db/node.go index a747429..d02c2d3 100644 --- a/hscontrol/db/node.go +++ b/hscontrol/db/node.go @@ -307,7 +307,7 @@ func RegisterNodeFromAuthCallback( userName string, nodeExpiry *time.Time, registrationMethod string, - ipPrefixes []netip.Prefix, + addrs types.NodeAddresses, ) (*types.Node, error) { log.Debug(). Str("machine_key", mkey.ShortString()). @@ -343,7 +343,7 @@ func RegisterNodeFromAuthCallback( node, err := RegisterNode( tx, registrationNode, - ipPrefixes, + addrs, ) if err == nil { @@ -359,14 +359,14 @@ func RegisterNodeFromAuthCallback( return nil, ErrNodeNotFoundRegistrationCache } -func (hsdb *HSDatabase) RegisterNode(node types.Node) (*types.Node, error) { +func (hsdb *HSDatabase) RegisterNode(node types.Node, addrs types.NodeAddresses) (*types.Node, error) { return Write(hsdb.DB, func(tx *gorm.DB) (*types.Node, error) { - return RegisterNode(tx, node, hsdb.ipPrefixes) + return RegisterNode(tx, node, addrs) }) } // RegisterNode is executed from the CLI to register a new Node using its MachineKey. -func RegisterNode(tx *gorm.DB, node types.Node, ipPrefixes []netip.Prefix) (*types.Node, error) { +func RegisterNode(tx *gorm.DB, node types.Node, addrs types.NodeAddresses) (*types.Node, error) { log.Debug(). Str("node", node.Hostname). Str("machine_key", node.MachineKey.ShortString()). @@ -393,18 +393,7 @@ func RegisterNode(tx *gorm.DB, node types.Node, ipPrefixes []netip.Prefix) (*typ return &node, nil } - ips, err := getAvailableIPs(tx, ipPrefixes) - if err != nil { - log.Error(). - Caller(). - Err(err). - Str("node", node.Hostname). - Msg("Could not find IP for the new node") - - return nil, err - } - - node.IPAddresses = ips + node.IPAddresses = addrs if err := tx.Save(&node).Error; err != nil { return nil, fmt.Errorf("failed register(save) node in the database: %w", err) @@ -413,7 +402,7 @@ func RegisterNode(tx *gorm.DB, node types.Node, ipPrefixes []netip.Prefix) (*typ log.Trace(). Caller(). Str("node", node.Hostname). - Str("ip", strings.Join(ips.StringSlice(), ",")). + Str("ip", strings.Join(addrs.StringSlice(), ",")). Msg("Node registered with the database") return &node, nil diff --git a/hscontrol/db/routes_test.go b/hscontrol/db/routes_test.go index 5d6281e..f3357e2 100644 --- a/hscontrol/db/routes_test.go +++ b/hscontrol/db/routes_test.go @@ -7,7 +7,6 @@ import ( "time" "github.com/google/go-cmp/cmp" - "github.com/juanfont/headscale/hscontrol/notifier" "github.com/juanfont/headscale/hscontrol/types" "github.com/juanfont/headscale/hscontrol/util" "github.com/stretchr/testify/assert" @@ -661,10 +660,6 @@ func TestFailoverRoute(t *testing.T) { Path: tmpDir + "/headscale_test.db", }, }, - notifier.NewNotifier(), - []netip.Prefix{ - netip.MustParsePrefix("10.27.0.0/23"), - }, "", ) assert.NoError(t, err) diff --git a/hscontrol/db/suite_test.go b/hscontrol/db/suite_test.go index e176e4b..1b97ce0 100644 --- a/hscontrol/db/suite_test.go +++ b/hscontrol/db/suite_test.go @@ -2,11 +2,9 @@ package db import ( "log" - "net/netip" "os" "testing" - "github.com/juanfont/headscale/hscontrol/notifier" "github.com/juanfont/headscale/hscontrol/types" "gopkg.in/check.v1" ) @@ -52,10 +50,6 @@ func (s *Suite) ResetDB(c *check.C) { Path: tmpDir + "/headscale_test.db", }, }, - notifier.NewNotifier(), - []netip.Prefix{ - netip.MustParsePrefix("10.27.0.0/23"), - }, "", ) if err != nil { diff --git a/hscontrol/grpcv1.go b/hscontrol/grpcv1.go index 912f245..379502c 100644 --- a/hscontrol/grpcv1.go +++ b/hscontrol/grpcv1.go @@ -4,6 +4,7 @@ package hscontrol import ( "context" "fmt" + "sort" "strings" "time" @@ -98,6 +99,10 @@ func (api headscaleV1APIServer) ListUsers( response[index] = user.Proto() } + sort.Slice(response, func(i, j int) bool { + return response[i].Id < response[j].Id + }) + log.Trace().Caller().Interface("users", response).Msg("") return &v1.ListUsersResponse{Users: response}, nil @@ -168,6 +173,10 @@ func (api headscaleV1APIServer) ListPreAuthKeys( response[index] = key.Proto() } + sort.Slice(response, func(i, j int) bool { + return response[i].Id < response[j].Id + }) + return &v1.ListPreAuthKeysResponse{PreAuthKeys: response}, nil } @@ -186,6 +195,11 @@ func (api headscaleV1APIServer) RegisterNode( return nil, err } + addrs, err := api.h.ipAlloc.Next() + if err != nil { + return nil, err + } + node, err := db.Write(api.h.db.DB, func(tx *gorm.DB) (*types.Node, error) { return db.RegisterNodeFromAuthCallback( tx, @@ -194,7 +208,7 @@ func (api headscaleV1APIServer) RegisterNode( request.GetUser(), nil, util.RegisterMethodCLI, - api.h.cfg.IPPrefixes, + addrs, ) }) if err != nil { @@ -422,6 +436,10 @@ func (api headscaleV1APIServer) ListNodes( return nil, err } + sort.Slice(nodes, func(i, j int) bool { + return nodes[i].ID < nodes[j].ID + }) + response := make([]*v1.Node, len(nodes)) for index, node := range nodes { resp := node.Proto() @@ -606,6 +624,10 @@ func (api headscaleV1APIServer) ListApiKeys( response[index] = key.Proto() } + sort.Slice(response, func(i, j int) bool { + return response[i].Id < response[j].Id + }) + return &v1.ListApiKeysResponse{ApiKeys: response}, nil } diff --git a/hscontrol/oidc.go b/hscontrol/oidc.go index a0fc931..318aada 100644 --- a/hscontrol/oidc.go +++ b/hscontrol/oidc.go @@ -620,6 +620,11 @@ func (h *Headscale) registerNodeForOIDCCallback( machineKey *key.MachinePublic, expiry time.Time, ) error { + addrs, err := h.ipAlloc.Next() + if err != nil { + return err + } + if err := h.db.DB.Transaction(func(tx *gorm.DB) error { if _, err := db.RegisterNodeFromAuthCallback( // TODO(kradalby): find a better way to use the cache across modules @@ -629,7 +634,7 @@ func (h *Headscale) registerNodeForOIDCCallback( user.Name, &expiry, util.RegisterMethodOIDC, - h.cfg.IPPrefixes, + addrs, ); err != nil { return err } diff --git a/hscontrol/suite_test.go b/hscontrol/suite_test.go index 3f0cc42..b03e5c9 100644 --- a/hscontrol/suite_test.go +++ b/hscontrol/suite_test.go @@ -1,7 +1,6 @@ package hscontrol import ( - "net/netip" "os" "testing" @@ -47,9 +46,6 @@ func (s *Suite) ResetDB(c *check.C) { Path: tmpDir + "/headscale_test.db", }, }, - IPPrefixes: []netip.Prefix{ - netip.MustParsePrefix("10.27.0.0/23"), - }, OIDC: types.OIDCConfig{ StripEmaildomain: false, }, diff --git a/hscontrol/types/config.go b/hscontrol/types/config.go index 77732e8..022d127 100644 --- a/hscontrol/types/config.go +++ b/hscontrol/types/config.go @@ -11,6 +11,7 @@ import ( "time" "github.com/coreos/go-oidc/v3/oidc" + "github.com/juanfont/headscale/hscontrol/util" "github.com/prometheus/common/model" "github.com/rs/zerolog" "github.com/rs/zerolog/log" @@ -19,8 +20,6 @@ import ( "tailscale.com/net/tsaddr" "tailscale.com/tailcfg" "tailscale.com/types/dnstype" - - "github.com/juanfont/headscale/hscontrol/util" ) const ( @@ -41,7 +40,8 @@ type Config struct { GRPCAllowInsecure bool EphemeralNodeInactivityTimeout time.Duration NodeUpdateCheckInterval time.Duration - IPPrefixes []netip.Prefix + PrefixV4 *netip.Prefix + PrefixV6 *netip.Prefix NoisePrivateKeyPath string BaseDomain string Log LogConfig @@ -569,6 +569,39 @@ func GetDNSConfig() (*tailcfg.DNSConfig, string) { return nil, "" } +func Prefixes() (*netip.Prefix, *netip.Prefix, error) { + prefixV4Str := viper.GetString("prefixes.v4") + prefixV6Str := viper.GetString("prefixes.v6") + + prefixV4, err := netip.ParsePrefix(prefixV4Str) + if err != nil { + return nil, nil, err + } + + prefixV6, err := netip.ParsePrefix(prefixV6Str) + if err != nil { + return nil, nil, err + } + + builder := netipx.IPSetBuilder{} + builder.AddPrefix(tsaddr.CGNATRange()) + builder.AddPrefix(tsaddr.TailscaleULARange()) + ipSet, _ := builder.IPSet() + if !ipSet.ContainsPrefix(prefixV4) { + log.Warn(). + Msgf("Prefix %s is not in the %s range. This is an unsupported configuration.", + prefixV4Str, tsaddr.CGNATRange()) + } + + if !ipSet.ContainsPrefix(prefixV6) { + log.Warn(). + Msgf("Prefix %s is not in the %s range. This is an unsupported configuration.", + prefixV6Str, tsaddr.TailscaleULARange()) + } + + return &prefixV4, &prefixV6, nil +} + func GetHeadscaleConfig() (*Config, error) { if IsCLIConfigured() { return &Config{ @@ -581,66 +614,16 @@ func GetHeadscaleConfig() (*Config, error) { }, nil } + prefix4, prefix6, err := Prefixes() + if err != nil { + return nil, err + } + dnsConfig, baseDomain := GetDNSConfig() derpConfig := GetDERPConfig() logConfig := GetLogTailConfig() randomizeClientPort := viper.GetBool("randomize_client_port") - configuredPrefixes := viper.GetStringSlice("ip_prefixes") - parsedPrefixes := make([]netip.Prefix, 0, len(configuredPrefixes)+1) - - for i, prefixInConfig := range configuredPrefixes { - prefix, err := netip.ParsePrefix(prefixInConfig) - if err != nil { - panic(fmt.Errorf("failed to parse ip_prefixes[%d]: %w", i, err)) - } - - if prefix.Addr().Is4() { - builder := netipx.IPSetBuilder{} - builder.AddPrefix(tsaddr.CGNATRange()) - ipSet, _ := builder.IPSet() - if !ipSet.ContainsPrefix(prefix) { - log.Warn(). - Msgf("Prefix %s is not in the %s range. This is an unsupported configuration.", - prefixInConfig, tsaddr.CGNATRange()) - } - } - - if prefix.Addr().Is6() { - builder := netipx.IPSetBuilder{} - builder.AddPrefix(tsaddr.TailscaleULARange()) - ipSet, _ := builder.IPSet() - if !ipSet.ContainsPrefix(prefix) { - log.Warn(). - Msgf("Prefix %s is not in the %s range. This is an unsupported configuration.", - prefixInConfig, tsaddr.TailscaleULARange()) - } - } - - parsedPrefixes = append(parsedPrefixes, prefix) - } - - prefixes := make([]netip.Prefix, 0, len(parsedPrefixes)) - { - // dedup - normalizedPrefixes := make(map[string]int, len(parsedPrefixes)) - for i, p := range parsedPrefixes { - normalized, _ := netipx.RangeOfPrefix(p).Prefix() - normalizedPrefixes[normalized.String()] = i - } - - // convert back to list - for _, i := range normalizedPrefixes { - prefixes = append(prefixes, parsedPrefixes[i]) - } - } - - if len(prefixes) < 1 { - prefixes = append(prefixes, netip.MustParsePrefix("100.64.0.0/10")) - log.Warn(). - Msgf("'ip_prefixes' not configured, falling back to default: %v", prefixes) - } - oidcClientSecret := viper.GetString("oidc.client_secret") oidcClientSecretPath := viper.GetString("oidc.client_secret_path") if oidcClientSecretPath != "" && oidcClientSecret != "" { @@ -662,7 +645,9 @@ func GetHeadscaleConfig() (*Config, error) { GRPCAllowInsecure: viper.GetBool("grpc_allow_insecure"), DisableUpdateCheck: viper.GetBool("disable_check_updates"), - IPPrefixes: prefixes, + PrefixV4: prefix4, + PrefixV6: prefix6, + NoisePrivateKeyPath: util.AbsolutePathFromConfigPath( viper.GetString("noise.private_key_path"), ), diff --git a/hscontrol/types/node.go b/hscontrol/types/node.go index a8662ba..69004bf 100644 --- a/hscontrol/types/node.go +++ b/hscontrol/types/node.go @@ -208,7 +208,6 @@ func (node *Node) IsEphemeral() bool { } func (node *Node) CanAccess(filter []tailcfg.FilterRule, node2 *Node) bool { - allowedIPs := append([]netip.Addr{}, node2.IPAddresses...) for _, route := range node2.Routes { diff --git a/integration/acl_test.go b/integration/acl_test.go index 9a415ab..517e2df 100644 --- a/integration/acl_test.go +++ b/integration/acl_test.go @@ -415,7 +415,7 @@ func TestACLAllowUserDst(t *testing.T) { }, 2, ) - defer scenario.Shutdown() + // defer scenario.Shutdown() user1Clients, err := scenario.ListTailscaleClients("user1") assertNoErr(t, err) diff --git a/integration/cli_test.go b/integration/cli_test.go index e8ba3a7..af7b073 100644 --- a/integration/cli_test.go +++ b/integration/cli_test.go @@ -7,12 +7,11 @@ import ( "testing" "time" - "github.com/stretchr/testify/assert" - v1 "github.com/juanfont/headscale/gen/go/headscale/v1" "github.com/juanfont/headscale/hscontrol/policy" "github.com/juanfont/headscale/integration/hsic" "github.com/juanfont/headscale/integration/tsic" + "github.com/stretchr/testify/assert" ) func executeAndUnmarshal[T any](headscale ControlServer, command []string, result T) error { diff --git a/integration/hsic/config.go b/integration/hsic/config.go index f7d8b9f..606718c 100644 --- a/integration/hsic/config.go +++ b/integration/hsic/config.go @@ -72,9 +72,9 @@ database: sqlite.path: /tmp/integration_test_db.sqlite3 ephemeral_node_inactivity_timeout: 30m node_update_check_interval: 10s -ip_prefixes: - - fd7a:115c:a1e0::/48 - - 100.64.0.0/10 +prefixes: + v6: fd7a:115c:a1e0::/48 + v4: 100.64.0.0/10 dns_config: base_domain: headscale.net magic_dns: true @@ -115,7 +115,8 @@ func DefaultConfigEnv() map[string]string { "HEADSCALE_DATABASE_SQLITE_PATH": "/tmp/integration_test_db.sqlite3", "HEADSCALE_EPHEMERAL_NODE_INACTIVITY_TIMEOUT": "30m", "HEADSCALE_NODE_UPDATE_CHECK_INTERVAL": "10s", - "HEADSCALE_IP_PREFIXES": "fd7a:115c:a1e0::/48 100.64.0.0/10", + "HEADSCALE_PREFIXES_V4": "100.64.0.0/10", + "HEADSCALE_PREFIXES_V6": "fd7a:115c:a1e0::/48", "HEADSCALE_DNS_CONFIG_BASE_DOMAIN": "headscale.net", "HEADSCALE_DNS_CONFIG_MAGIC_DNS": "true", "HEADSCALE_DNS_CONFIG_DOMAINS": "", diff --git a/integration/hsic/hsic.go b/integration/hsic/hsic.go index 5019895..b61827a 100644 --- a/integration/hsic/hsic.go +++ b/integration/hsic/hsic.go @@ -56,6 +56,8 @@ type HeadscaleInContainer struct { container *dockertest.Resource network *dockertest.Network + pgContainer *dockertest.Resource + // optional config port int extraPorts []string @@ -65,6 +67,7 @@ type HeadscaleInContainer struct { tlsCert []byte tlsKey []byte filesInContainer []fileInContainer + postgres bool } // Option represent optional settings that can be given to a @@ -162,6 +165,14 @@ func WithFileInContainer(path string, contents []byte) Option { } } +// WithPostgres spins up a Postgres container and +// sets it as the main database. +func WithPostgres() Option { + return func(hsic *HeadscaleInContainer) { + hsic.postgres = true + } +} + // New returns a new HeadscaleInContainer instance. func New( pool *dockertest.Pool, @@ -209,6 +220,33 @@ func New( ContextDir: dockerContextPath, } + if hsic.postgres { + hsic.env["HEADSCALE_DATABASE_TYPE"] = "postgres" + hsic.env["HEADSCALE_DATABASE_POSTGRES_HOST"] = fmt.Sprintf("postgres-%s", hash) + hsic.env["HEADSCALE_DATABASE_POSTGRES_USER"] = "headscale" + hsic.env["HEADSCALE_DATABASE_POSTGRES_PASS"] = "headscale" + hsic.env["HEADSCALE_DATABASE_POSTGRES_NAME"] = "headscale" + delete(hsic.env, "HEADSCALE_DATABASE_SQLITE_PATH") + + pg, err := pool.RunWithOptions( + &dockertest.RunOptions{ + Name: fmt.Sprintf("postgres-%s", hash), + Repository: "postgres", + Tag: "latest", + Networks: []*dockertest.Network{network}, + Env: []string{ + "POSTGRES_USER=headscale", + "POSTGRES_PASSWORD=headscale", + "POSTGRES_DB=headscale", + }, + }) + if err != nil { + return nil, fmt.Errorf("starting postgres container: %w", err) + } + + hsic.pgContainer = pg + } + env := []string{ "HEADSCALE_PROFILING_ENABLED=1", "HEADSCALE_PROFILING_PATH=/tmp/profile", @@ -348,12 +386,20 @@ func (t *HeadscaleInContainer) Shutdown() error { ) } - err = t.SaveDatabase("/tmp/control") - if err != nil { - log.Printf( - "Failed to save database from control: %s", - fmt.Errorf("failed to save database from control: %w", err), - ) + // We dont have a database to save if we use postgres + if !t.postgres { + err = t.SaveDatabase("/tmp/control") + if err != nil { + log.Printf( + "Failed to save database from control: %s", + fmt.Errorf("failed to save database from control: %w", err), + ) + } + } + + // Cleanup postgres container if enabled. + if t.postgres { + t.pool.Purge(t.pgContainer) } return t.pool.Purge(t.container) diff --git a/integration/scenario.go b/integration/scenario.go index 16ec6f4..a2c63e6 100644 --- a/integration/scenario.go +++ b/integration/scenario.go @@ -18,12 +18,15 @@ import ( "github.com/puzpuzpuz/xsync/v3" "github.com/samber/lo" "golang.org/x/sync/errgroup" + "tailscale.com/envknob" ) const ( scenarioHashLength = 6 ) +var usePostgresForTest = envknob.Bool("HEADSCALE_INTEGRATION_POSTGRES") + func enabledVersions(vs map[string]bool) []string { var ret []string for version, enabled := range vs { @@ -452,6 +455,10 @@ func (s *Scenario) CreateHeadscaleEnv( tsOpts []tsic.Option, opts ...hsic.Option, ) error { + if usePostgresForTest { + opts = append(opts, hsic.WithPostgres()) + } + headscale, err := s.Headscale(opts...) if err != nil { return err diff --git a/integration/utils.go b/integration/utils.go index ae4441b..43ec024 100644 --- a/integration/utils.go +++ b/integration/utils.go @@ -181,7 +181,6 @@ func assertValidNetmap(t *testing.T, client TailscaleClient) { if ni := hi.NetInfo(); ni.Valid() { assert.NotEqualf(t, 0, ni.PreferredDERP(), "peer (%s) has no home DERP in %q's netmap, got: %s", peer.ComputedName(), client.Hostname(), peer.Hostinfo().NetInfo().PreferredDERP()) } - } assert.NotEmptyf(t, peer.Endpoints(), "peer (%s) of %q does not have any endpoints", peer.ComputedName(), client.Hostname())