chore(machines): apply lint
This commit is contained in:
parent
5ab62378ae
commit
4bbe0051f6
2 changed files with 16 additions and 38 deletions
15
machine.go
15
machine.go
|
@ -142,13 +142,13 @@ func containsAddresses(inputs []string, addrs []string) bool {
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
|
|
||||||
// matchSourceAndDestinationWithRule
|
// matchSourceAndDestinationWithRule.
|
||||||
func matchSourceAndDestinationWithRule(ruleSources []string, ruleDestinations []string, source []string, destination []string) bool {
|
func matchSourceAndDestinationWithRule(ruleSources []string, ruleDestinations []string, source []string, destination []string) bool {
|
||||||
return containsAddresses(ruleSources, source) && containsAddresses(ruleDestinations, destination)
|
return containsAddresses(ruleSources, source) && containsAddresses(ruleDestinations, destination)
|
||||||
}
|
}
|
||||||
|
|
||||||
// getFilteredByACLPeerss should return the list of peers authorized to be accessed from machine.
|
// getFilteredByACLPeerss should return the list of peers authorized to be accessed from machine.
|
||||||
func getFilteredByACLPeers(machines []Machine, rules []tailcfg.FilterRule, machine *Machine) (Machines, error) {
|
func getFilteredByACLPeers(machines []Machine, rules []tailcfg.FilterRule, machine *Machine) Machines {
|
||||||
log.Trace().
|
log.Trace().
|
||||||
Caller().
|
Caller().
|
||||||
Str("machine", machine.Name).
|
Str("machine", machine.Name).
|
||||||
|
@ -203,7 +203,7 @@ func getFilteredByACLPeers(machines []Machine, rules []tailcfg.FilterRule, machi
|
||||||
Str("machine", machine.Name).
|
Str("machine", machine.Name).
|
||||||
Msgf("Found some machines: %v", machines)
|
Msgf("Found some machines: %v", machines)
|
||||||
|
|
||||||
return authorizedPeers, nil
|
return authorizedPeers
|
||||||
}
|
}
|
||||||
|
|
||||||
func (h *Headscale) getDirectPeers(machine *Machine) (Machines, error) {
|
func (h *Headscale) getDirectPeers(machine *Machine) (Machines, error) {
|
||||||
|
@ -303,17 +303,10 @@ func (h *Headscale) getPeers(machine *Machine) (Machines, error) {
|
||||||
machines, err = h.ListAllMachines()
|
machines, err = h.ListAllMachines()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Error().Err(err).Msg("Error retrieving list of machines")
|
log.Error().Err(err).Msg("Error retrieving list of machines")
|
||||||
return Machines{}, err
|
|
||||||
}
|
|
||||||
peers, err = getFilteredByACLPeers(machines, h.aclRules, machine)
|
|
||||||
if err != nil {
|
|
||||||
log.Error().
|
|
||||||
Caller().
|
|
||||||
Err(err).
|
|
||||||
Msg("Cannot fetch peers")
|
|
||||||
|
|
||||||
return Machines{}, err
|
return Machines{}, err
|
||||||
}
|
}
|
||||||
|
peers = getFilteredByACLPeers(machines, h.aclRules, machine)
|
||||||
} else {
|
} else {
|
||||||
direct, err := h.getDirectPeers(machine)
|
direct, err := h.getDirectPeers(machine)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
|
@ -225,11 +225,8 @@ func (s *Suite) TestGetACLFilteredPeers(c *check.C) {
|
||||||
machines, err := app.ListAllMachines()
|
machines, err := app.ListAllMachines()
|
||||||
c.Assert(err, check.IsNil)
|
c.Assert(err, check.IsNil)
|
||||||
|
|
||||||
peersOfTestMachine, err := getFilteredByACLPeers(machines, app.aclRules, testMachine)
|
peersOfTestMachine := getFilteredByACLPeers(machines, app.aclRules, testMachine)
|
||||||
c.Assert(err, check.IsNil)
|
peersOfAdminMachine := getFilteredByACLPeers(machines, app.aclRules, adminMachine)
|
||||||
|
|
||||||
peersOfAdminMachine, err := getFilteredByACLPeers(machines, app.aclRules, adminMachine)
|
|
||||||
c.Assert(err, check.IsNil)
|
|
||||||
|
|
||||||
c.Log(peersOfTestMachine)
|
c.Log(peersOfTestMachine)
|
||||||
c.Assert(len(peersOfTestMachine), check.Equals, 4)
|
c.Assert(len(peersOfTestMachine), check.Equals, 4)
|
||||||
|
@ -306,10 +303,9 @@ func Test_getFilteredByACLPeers(t *testing.T) {
|
||||||
machine *Machine
|
machine *Machine
|
||||||
}
|
}
|
||||||
tests := []struct {
|
tests := []struct {
|
||||||
name string
|
name string
|
||||||
args args
|
args args
|
||||||
want Machines
|
want Machines
|
||||||
wantErr bool
|
|
||||||
}{
|
}{
|
||||||
{
|
{
|
||||||
name: "all hosts can talk to each other",
|
name: "all hosts can talk to each other",
|
||||||
|
@ -332,7 +328,8 @@ func Test_getFilteredByACLPeers(t *testing.T) {
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
rules: []tailcfg.FilterRule{ // list of all ACLRules registered
|
rules: []tailcfg.FilterRule{ // list of all ACLRules registered
|
||||||
{SrcIPs: []string{"100.64.0.1", "100.64.0.2", "100.64.0.3"},
|
{
|
||||||
|
SrcIPs: []string{"100.64.0.1", "100.64.0.2", "100.64.0.3"},
|
||||||
DstPorts: []tailcfg.NetPortRange{
|
DstPorts: []tailcfg.NetPortRange{
|
||||||
{IP: "*"},
|
{IP: "*"},
|
||||||
},
|
},
|
||||||
|
@ -356,7 +353,6 @@ func Test_getFilteredByACLPeers(t *testing.T) {
|
||||||
Namespace: Namespace{Name: "mickael"},
|
Namespace: Namespace{Name: "mickael"},
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
wantErr: false,
|
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
name: "One host can talk to another, but not all hosts",
|
name: "One host can talk to another, but not all hosts",
|
||||||
|
@ -379,7 +375,8 @@ func Test_getFilteredByACLPeers(t *testing.T) {
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
rules: []tailcfg.FilterRule{ // list of all ACLRules registered
|
rules: []tailcfg.FilterRule{ // list of all ACLRules registered
|
||||||
{SrcIPs: []string{"100.64.0.1", "100.64.0.2", "100.64.0.3"},
|
{
|
||||||
|
SrcIPs: []string{"100.64.0.1", "100.64.0.2", "100.64.0.3"},
|
||||||
DstPorts: []tailcfg.NetPortRange{
|
DstPorts: []tailcfg.NetPortRange{
|
||||||
{IP: "100.64.0.2"},
|
{IP: "100.64.0.2"},
|
||||||
},
|
},
|
||||||
|
@ -398,7 +395,6 @@ func Test_getFilteredByACLPeers(t *testing.T) {
|
||||||
Namespace: Namespace{Name: "marc"},
|
Namespace: Namespace{Name: "marc"},
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
wantErr: false,
|
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
name: "host cannot directly talk to destination, but return path is authorized",
|
name: "host cannot directly talk to destination, but return path is authorized",
|
||||||
|
@ -421,7 +417,8 @@ func Test_getFilteredByACLPeers(t *testing.T) {
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
rules: []tailcfg.FilterRule{ // list of all ACLRules registered
|
rules: []tailcfg.FilterRule{ // list of all ACLRules registered
|
||||||
{SrcIPs: []string{"100.64.0.3"},
|
{
|
||||||
|
SrcIPs: []string{"100.64.0.3"},
|
||||||
DstPorts: []tailcfg.NetPortRange{
|
DstPorts: []tailcfg.NetPortRange{
|
||||||
{IP: "100.64.0.2"},
|
{IP: "100.64.0.2"},
|
||||||
},
|
},
|
||||||
|
@ -440,26 +437,14 @@ func Test_getFilteredByACLPeers(t *testing.T) {
|
||||||
Namespace: Namespace{Name: "mickael"},
|
Namespace: Namespace{Name: "mickael"},
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
wantErr: false,
|
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
for _, tt := range tests {
|
for _, tt := range tests {
|
||||||
t.Run(tt.name, func(t *testing.T) {
|
t.Run(tt.name, func(t *testing.T) {
|
||||||
got, err := getFilteredByACLPeers(tt.args.machines, tt.args.rules, tt.args.machine)
|
got := getFilteredByACLPeers(tt.args.machines, tt.args.rules, tt.args.machine)
|
||||||
if (err != nil) != tt.wantErr {
|
|
||||||
t.Errorf("getFilteredByACLPeers() error = %v, wantErr %v", err, tt.wantErr)
|
|
||||||
return
|
|
||||||
}
|
|
||||||
if !reflect.DeepEqual(got, tt.want) {
|
if !reflect.DeepEqual(got, tt.want) {
|
||||||
t.Errorf("getFilteredByACLPeers() = %v, want %v", got, tt.want)
|
t.Errorf("getFilteredByACLPeers() = %v, want %v", got, tt.want)
|
||||||
}
|
}
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
var getFilteredByACLPeersTestRules = []tailcfg.FilterRule{
|
|
||||||
{
|
|
||||||
SrcIPs: []string{"100.64.0.1"},
|
|
||||||
DstPorts: []tailcfg.NetPortRange{{IP: "*"}},
|
|
||||||
},
|
|
||||||
}
|
|
||||||
|
|
Loading…
Reference in a new issue