Merge branch 'dev'

Jenkinsfile

@@ -0,0 +1,102 @@
+def IMAGE_TAG = ""
+pipeline {
+    agent {
+        kubernetes {
+            yaml """
+apiVersion: v1
+kind: Pod
+metadata:
+  name: kaniko
+spec:
+  containers:
+  - name: kaniko
+    image: gcr.io/kaniko-project/executor:debug
+    imagePullPolicy: Always
+    command:
+    - /busybox/cat
+    tty: true
+    volumeMounts:
+      - name: jenkins-docker-cfg
+        mountPath: /kaniko/.docker
+  volumes:
+  - name: jenkins-docker-cfg
+    projected:
+      sources:
+      - secret:
+          name: docker-credentials
+          items:
+            - key: data
+              path: config.json
+"""
+        }
+    }
+    environment {
+        IMAGE_PUSH_DESTINATION="ghcr.io/ruakij/routingtabletowg"
+    }
+    stages {
+        stage("Pre-build") {
+            steps {
+
+                script{
+                    //checkout scm
+                    checkout([
+                        $class: 'GitSCM',
+                        branches: scm.branches,
+                        doGenerateSubmoduleConfigurations: scm.doGenerateSubmoduleConfigurations,
+                        extensions: scm.extensions + [[$class: 'CloneOption', noTags: false, reference: '', shallow: true]],
+                        submoduleCfg: [],
+                        userRemoteConfigs: scm.userRemoteConfigs
+                    ])
+
+                    def version = sh (returnStdout: true, script: "git describe --tags --long --always $GIT_COMMIT").trim()
+                    def gitCommit = sh (returnStdout: true, script: "git rev-parse --short $GIT_COMMIT").trim()
+                    echo "Version: $version"
+                    echo "Git Commit: $gitCommit"
+
+                    IMAGE_TAG = "--destination $IMAGE_PUSH_DESTINATION:$gitCommit "
+                    
+                    if (GIT_BRANCH == "main") {
+                        IMAGE_TAG += "--destination $IMAGE_PUSH_DESTINATION:latest "
+
+                        if(version != gitCommit){
+                            def parts = version.split('.')
+                            if(parts.size() > 0){
+                                for (int i = 0; i < parts.size(); i++) {
+                                    def versionTag = parts[0..i].join(".")
+                                    IMAGE_TAG += "--destination $IMAGE_PUSH_DESTINATION:$versionTag "
+                                }
+                            }
+                        }
+                    } else {
+                        IMAGE_TAG += "--destination $IMAGE_PUSH_DESTINATION:$GIT_BRANCH "
+
+                        if(version != gitCommit){
+                            def parts = version.split('.')
+                            if(parts.size() > 0){
+                                for (int i = 0; i < parts.size(); i++) {
+                                    def versionTag = parts[0..i].join(".")
+                                    IMAGE_TAG += "--destination $IMAGE_PUSH_DESTINATION:$GIT_BRANCH-$versionTag "
+                                }
+                            }
+                        }
+                    }
+                    
+                    echo "Image-Tags: $IMAGE_TAG"
+                }
+            }
+        }
+        
+        stage('Build with Kaniko') {
+            steps {
+                container(name: 'kaniko', shell: '/busybox/sh') {
+                    withEnv(['PATH+EXTRA=/busybox', "IMAGE_TAG=$IMAGE_TAG"]) {
+                        // Use the image tag variable as part of the image name when you build and push the image with kaniko
+                        sh '''#!/busybox/sh
+                            /kaniko/executor --context `pwd` --force $IMAGE_TAG
+                        '''
+                    }
+                }
+            }
+        }
+    }
+}

cmd/app/main.go

@@ -201,13 +201,13 @@ func handleRouteEvents(routeSubChan <-chan netlink.RouteUpdate, filterOptions Fi
 			}
 
 			// Check if other peer already has exact same dst
-			if peer, err := wgChecks.PeerByIPNet(wgDevice.Peers, *route.Dst); err == nil {
+			if peer, err := wgChecks.PeerByIPNet(&wgDevice.Peers, route.Dst); err == nil {
 				logger.Warn.Printf("dst-IPNet already set for Peer '%s', ignoring", peer.PublicKey)
 				continue
 			}
 
 			// Get peer containing gateway-addr
-			peer, err := wgChecks.PeerByIP(wgDevice.Peers, route.Gw)
+			peer, err := wgChecks.PeerByIP(&wgDevice.Peers, &route.Gw)
 			if(err != nil){
 				logger.Warn.Printf("No peer found containing gw-IP '%s', ignoring", route.Gw)
 				continue
@@ -223,7 +223,7 @@ func handleRouteEvents(routeSubChan <-chan netlink.RouteUpdate, filterOptions Fi
 
 		case unix.RTM_DELROUTE:
 			// Get peer containing dst-NetIP
-			peerIndex, ipNetIndex, err := wgChecks.PeerIndexByIPNet(wgDevice.Peers, *route.Dst)
+			peerIndex, ipNetIndex, err := wgChecks.PeerIndexByIPNet(&wgDevice.Peers, route.Dst)
 			if(err != nil){
 				logger.Warn.Printf("No peer found having dst-IPNet '%s', ignoring", route.Dst)
 				continue

lib/wgchecks/netchecks/netchecks.go

@@ -6,18 +6,18 @@ import (
 	"reflect"
 )
 
-func IPNetIndexByIP(list []net.IPNet, ip net.IP) (int, error) {
+func IPNetIndexByIP(list *[]net.IPNet, ip *net.IP) (int, error) {
-	for index, ipNetEntry := range list {
+	for index, ipNetEntry := range *list {
-		if ipNetEntry.Contains(ip) {
+		if ipNetEntry.Contains(*ip) {
 			return index, nil
 		}
 	}
 	return -1, fmt.Errorf("ip not in ipNet-list")
 }
 
-func IPNetIndexByIPNet(list []net.IPNet, ipNet net.IPNet) (int, error) {
+func IPNetIndexByIPNet(list *[]net.IPNet, ipNet *net.IPNet) (int, error) {
-	for index, ipNetEntry := range list {
+	for index, ipNetEntry := range *list {
-		if reflect.DeepEqual(ipNetEntry, ipNet) {
+		if reflect.DeepEqual(ipNetEntry, *ipNet) {
 			return index, nil
 		}
 	}

lib/wgchecks/wgchecks.go

@@ -9,34 +9,34 @@ import (
 	"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
 )
 
-func PeerIndexByIP(peers []wgtypes.Peer, ip net.IP) (int, int, error) {
+func PeerIndexByIP(peers *[]wgtypes.Peer, ip *net.IP) (int, int, error) {
-	for index, peer := range peers {
+	for index, peer := range *peers {
-		if ipIndex, err := netchecks.IPNetIndexByIP(peer.AllowedIPs, ip); err == nil {
+		if ipIndex, err := netchecks.IPNetIndexByIP(&peer.AllowedIPs, ip); err == nil {
 			return index, ipIndex, nil
 		}
 	}
 	return -1, -1, fmt.Errorf("no peer by ip in list")
 }
-func PeerByIP(peers []wgtypes.Peer, ip net.IP) (*wgtypes.Peer, error) {
+func PeerByIP(peers *[]wgtypes.Peer, ip *net.IP) (*wgtypes.Peer, error) {
 	index, _, err := PeerIndexByIP(peers, ip)
 	if(err != nil) {
 		return nil, err
 	}
-	return &peers[index], nil
+	return &(*peers)[index], nil
 }
 
-func PeerIndexByIPNet(peers []wgtypes.Peer, ipNet net.IPNet) (int, int, error) {
+func PeerIndexByIPNet(peers *[]wgtypes.Peer, ipNet *net.IPNet) (int, int, error) {
-	for index, peer := range peers {
+	for index, peer := range *peers {
-		if ipNetIndex, err := netchecks.IPNetIndexByIPNet(peer.AllowedIPs, ipNet); err == nil {
+		if ipNetIndex, err := netchecks.IPNetIndexByIPNet(&peer.AllowedIPs, ipNet); err == nil {
 			return index, ipNetIndex, nil
 		}
 	}
 	return -1, -1, fmt.Errorf("no peer by ipNet in list")
 }
-func PeerByIPNet(peers []wgtypes.Peer, ipNet net.IPNet) (*wgtypes.Peer, error) {
+func PeerByIPNet(peers *[]wgtypes.Peer, ipNet *net.IPNet) (*wgtypes.Peer, error) {
 	index, _, err := PeerIndexByIPNet(peers, ipNet)
 	if(err != nil) {
 		return nil, err
 	}
-	return &peers[index], nil
+	return &(*peers)[index], nil
 }