Ruakij/RoutingTableToWg
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: Ruakij:main
Branches Tags
Ruakij:main
Ruakij:dev
Ruakij:release-0.2
Ruakij:feat_periodicSync
Ruakij:release-0.1
Ruakij:0.2.1
Ruakij:0.2
Ruakij:0.1.2
Ruakij:0.1.1
Ruakij:0.1
..
compare: Ruakij:0.2
Branches Tags
Ruakij:main
Ruakij:dev
Ruakij:release-0.2
Ruakij:feat_periodicSync
Ruakij:release-0.1
Ruakij:0.2.1
Ruakij:0.2
Ruakij:0.1.2
Ruakij:0.1.1
Ruakij:0.1

No commits in common. "main" and "0.2" have entirely different histories.
main ... 0.2

4 changed files with 19 additions and 121 deletions
Show Stats Expand all files Collapse all files

102
Jenkinsfile vendored
View File

@ -1,102 +0,0 @@
def IMAGE_TAG = ""
pipeline {
agent {
kubernetes {
yaml """
apiVersion: v1
kind: Pod
metadata:
name: kaniko
spec:
containers:
- name: kaniko
image: gcr.io/kaniko-project/executor:debug
imagePullPolicy: Always
command:
- /busybox/cat
tty: true
volumeMounts:
- name: jenkins-docker-cfg
mountPath: /kaniko/.docker
volumes:
- name: jenkins-docker-cfg
projected:
sources:
- secret:
name: docker-credentials
items:
- key: data
path: config.json
"""
}
}
environment {
IMAGE_PUSH_DESTINATION="ghcr.io/ruakij/routingtabletowg"
}
stages {
stage("Pre-build") {
steps {
script{
//checkout scm
checkout([
$class: 'GitSCM',
branches: scm.branches,
doGenerateSubmoduleConfigurations: scm.doGenerateSubmoduleConfigurations,
extensions: scm.extensions + [[$class: 'CloneOption', noTags: false, reference: '', shallow: true]],
submoduleCfg: [],
userRemoteConfigs: scm.userRemoteConfigs
])
def version = sh (returnStdout: true, script: "git describe --tags --long --always $GIT_COMMIT").trim()
def gitCommit = sh (returnStdout: true, script: "git rev-parse --short $GIT_COMMIT").trim()
echo "Version: $version"
echo "Git Commit: $gitCommit"
IMAGE_TAG = "--destination $IMAGE_PUSH_DESTINATION:$gitCommit "
if (GIT_BRANCH == "main") {
IMAGE_TAG += "--destination $IMAGE_PUSH_DESTINATION:latest "
if(version != gitCommit){
def parts = version.split('.')
if(parts.size() > 0){
for (int i = 0; i < parts.size(); i++) {
def versionTag = parts[0..i].join(".")
IMAGE_TAG += "--destination $IMAGE_PUSH_DESTINATION:$versionTag "
}
}
}
} else {
IMAGE_TAG += "--destination $IMAGE_PUSH_DESTINATION:$GIT_BRANCH "
if(version != gitCommit){
def parts = version.split('.')
if(parts.size() > 0){
for (int i = 0; i < parts.size(); i++) {
def versionTag = parts[0..i].join(".")
IMAGE_TAG += "--destination $IMAGE_PUSH_DESTINATION:$GIT_BRANCH-$versionTag "
}
}
}
}
echo "Image-Tags: $IMAGE_TAG"
}
}
}
stage('Build with Kaniko') {
steps {
container(name: 'kaniko', shell: '/busybox/sh') {
withEnv(['PATH+EXTRA=/busybox', "IMAGE_TAG=$IMAGE_TAG"]) {
// Use the image tag variable as part of the image name when you build and push the image with kaniko
sh '''#!/busybox/sh
/kaniko/executor --context `pwd` --force $IMAGE_TAG
'''
}
}
}
}
}
}

6
cmd/app/main.go
View File

@ -201,13 +201,13 @@ func handleRouteEvents(routeSubChan <-chan netlink.RouteUpdate, filterOptions Fi
} }
// Check if other peer already has exact same dst // Check if other peer already has exact same dst
if peer, err := wgChecks.PeerByIPNet(&wgDevice.Peers, route.Dst); err == nil { if peer, err := wgChecks.PeerByIPNet(wgDevice.Peers, *route.Dst); err == nil {
logger.Warn.Printf("dst-IPNet already set for Peer '%s', ignoring", peer.PublicKey) logger.Warn.Printf("dst-IPNet already set for Peer '%s', ignoring", peer.PublicKey)
continue continue
} }
// Get peer containing gateway-addr // Get peer containing gateway-addr
peer, err := wgChecks.PeerByIP(&wgDevice.Peers, &route.Gw) peer, err := wgChecks.PeerByIP(wgDevice.Peers, route.Gw)
if(err != nil){ if(err != nil){
logger.Warn.Printf("No peer found containing gw-IP '%s', ignoring", route.Gw) logger.Warn.Printf("No peer found containing gw-IP '%s', ignoring", route.Gw)
continue continue
@ -223,7 +223,7 @@ func handleRouteEvents(routeSubChan <-chan netlink.RouteUpdate, filterOptions Fi
case unix.RTM_DELROUTE: case unix.RTM_DELROUTE:
// Get peer containing dst-NetIP // Get peer containing dst-NetIP
peerIndex, ipNetIndex, err := wgChecks.PeerIndexByIPNet(&wgDevice.Peers, route.Dst) peerIndex, ipNetIndex, err := wgChecks.PeerIndexByIPNet(wgDevice.Peers, *route.Dst)
if(err != nil){ if(err != nil){
logger.Warn.Printf("No peer found having dst-IPNet '%s', ignoring", route.Dst) logger.Warn.Printf("No peer found having dst-IPNet '%s', ignoring", route.Dst)
continue continue

12
lib/wgchecks/netchecks/netchecks.go
View File

@ -6,18 +6,18 @@ import (
"reflect" "reflect"
) )
func IPNetIndexByIP(list *[]net.IPNet, ip *net.IP) (int, error) { func IPNetIndexByIP(list []net.IPNet, ip net.IP) (int, error) {
for index, ipNetEntry := range *list { for index, ipNetEntry := range list {
if ipNetEntry.Contains(*ip) { if ipNetEntry.Contains(ip) {
return index, nil return index, nil
} }
} }
return -1, fmt.Errorf("ip not in ipNet-list") return -1, fmt.Errorf("ip not in ipNet-list")
} }
func IPNetIndexByIPNet(list *[]net.IPNet, ipNet *net.IPNet) (int, error) { func IPNetIndexByIPNet(list []net.IPNet, ipNet net.IPNet) (int, error) {
for index, ipNetEntry := range *list { for index, ipNetEntry := range list {
if reflect.DeepEqual(ipNetEntry, *ipNet) { if reflect.DeepEqual(ipNetEntry, ipNet) {
return index, nil return index, nil
} }
} }

20
lib/wgchecks/wgchecks.go
View File

@ -9,34 +9,34 @@ import (
"golang.zx2c4.com/wireguard/wgctrl/wgtypes" "golang.zx2c4.com/wireguard/wgctrl/wgtypes"
) )
func PeerIndexByIP(peers *[]wgtypes.Peer, ip *net.IP) (int, int, error) { func PeerIndexByIP(peers []wgtypes.Peer, ip net.IP) (int, int, error) {
for index, peer := range *peers { for index, peer := range peers {
if ipIndex, err := netchecks.IPNetIndexByIP(&peer.AllowedIPs, ip); err == nil { if ipIndex, err := netchecks.IPNetIndexByIP(peer.AllowedIPs, ip); err == nil {
return index, ipIndex, nil return index, ipIndex, nil
} }
} }
return -1, -1, fmt.Errorf("no peer by ip in list") return -1, -1, fmt.Errorf("no peer by ip in list")
} }
func PeerByIP(peers *[]wgtypes.Peer, ip *net.IP) (*wgtypes.Peer, error) { func PeerByIP(peers []wgtypes.Peer, ip net.IP) (*wgtypes.Peer, error) {
index, _, err := PeerIndexByIP(peers, ip) index, _, err := PeerIndexByIP(peers, ip)
if(err != nil) { if(err != nil) {
return nil, err return nil, err
} }
return &(*peers)[index], nil return &peers[index], nil
} }
func PeerIndexByIPNet(peers *[]wgtypes.Peer, ipNet *net.IPNet) (int, int, error) { func PeerIndexByIPNet(peers []wgtypes.Peer, ipNet net.IPNet) (int, int, error) {
for index, peer := range *peers { for index, peer := range peers {
if ipNetIndex, err := netchecks.IPNetIndexByIPNet(&peer.AllowedIPs, ipNet); err == nil { if ipNetIndex, err := netchecks.IPNetIndexByIPNet(peer.AllowedIPs, ipNet); err == nil {
return index, ipNetIndex, nil return index, ipNetIndex, nil
} }
} }
return -1, -1, fmt.Errorf("no peer by ipNet in list") return -1, -1, fmt.Errorf("no peer by ipNet in list")
} }
func PeerByIPNet(peers *[]wgtypes.Peer, ipNet *net.IPNet) (*wgtypes.Peer, error) { func PeerByIPNet(peers []wgtypes.Peer, ipNet net.IPNet) (*wgtypes.Peer, error) {
index, _, err := PeerIndexByIPNet(peers, ipNet) index, _, err := PeerIndexByIPNet(peers, ipNet)
if(err != nil) { if(err != nil) {
return nil, err return nil, err
} }
return &(*peers)[index], nil return &peers[index], nil
} }