From 7d001b81a75d9dedeab1fb82f3fc25d5ae8ca6ff Mon Sep 17 00:00:00 2001 From: Christopher Blaha Date: Mon, 17 Jun 2024 21:53:20 -0400 Subject: [PATCH 01/17] update develop to v0.24.3 (#2977) --- .github/ISSUE_TEMPLATE/bug-report.yml | 1 + README.md | 2 +- compose/docker-compose.netclient.yml | 2 +- controllers/docs.go | 2 +- k8s/client/netclient-daemonset.yaml | 2 +- k8s/client/netclient.yaml | 2 +- k8s/server/netmaker-ui.yaml | 2 +- main.go | 2 +- release.md | 2 +- swagger.yml | 2 +- 10 files changed, 10 insertions(+), 9 deletions(-) diff --git a/.github/ISSUE_TEMPLATE/bug-report.yml b/.github/ISSUE_TEMPLATE/bug-report.yml index 24a5b3429..81e79895a 100644 --- a/.github/ISSUE_TEMPLATE/bug-report.yml +++ b/.github/ISSUE_TEMPLATE/bug-report.yml @@ -31,6 +31,7 @@ body: label: Version description: What version are you running? options: + - v0.24.3 - v0.24.2 - v0.24.1 - v0.24.0 diff --git a/README.md b/README.md index 8e09b8530..6fb0fc6a3 100644 --- a/README.md +++ b/README.md @@ -16,7 +16,7 @@

- + diff --git a/compose/docker-compose.netclient.yml b/compose/docker-compose.netclient.yml index 4d42c5952..50af717a0 100644 --- a/compose/docker-compose.netclient.yml +++ b/compose/docker-compose.netclient.yml @@ -3,7 +3,7 @@ version: "3.4" services: netclient: container_name: netclient - image: 'gravitl/netclient:v0.24.2' + image: 'gravitl/netclient:v0.24.3' hostname: netmaker-1 network_mode: host restart: on-failure diff --git a/controllers/docs.go b/controllers/docs.go index 05c769e47..9b5985b98 100644 --- a/controllers/docs.go +++ b/controllers/docs.go @@ -10,7 +10,7 @@ // // Schemes: https // BasePath: / -// Version: 0.24.2 +// Version: 0.24.3 // Host: api.demo.netmaker.io // // Consumes: diff --git a/k8s/client/netclient-daemonset.yaml b/k8s/client/netclient-daemonset.yaml index 2f39ce113..d75e1c19c 100644 --- a/k8s/client/netclient-daemonset.yaml +++ b/k8s/client/netclient-daemonset.yaml @@ -16,7 +16,7 @@ spec: hostNetwork: true containers: - name: netclient - image: gravitl/netclient:v0.24.2 + image: gravitl/netclient:v0.24.3 env: - name: TOKEN value: "TOKEN_VALUE" diff --git a/k8s/client/netclient.yaml b/k8s/client/netclient.yaml index 19c381697..8fa800731 100644 --- a/k8s/client/netclient.yaml +++ b/k8s/client/netclient.yaml @@ -28,7 +28,7 @@ spec: # - "" containers: - name: netclient - image: gravitl/netclient:v0.24.2 + image: gravitl/netclient:v0.24.3 env: - name: TOKEN value: "TOKEN_VALUE" diff --git a/k8s/server/netmaker-ui.yaml b/k8s/server/netmaker-ui.yaml index e137d3448..e1e60b547 100644 --- a/k8s/server/netmaker-ui.yaml +++ b/k8s/server/netmaker-ui.yaml @@ -15,7 +15,7 @@ spec: spec: containers: - name: netmaker-ui - image: gravitl/netmaker-ui:v0.24.2 + image: gravitl/netmaker-ui:v0.24.3 ports: - containerPort: 443 env: diff --git a/main.go b/main.go index 9b8f5eea6..0103cf349 100644 --- a/main.go +++ b/main.go @@ -27,7 +27,7 @@ import ( "golang.org/x/exp/slog" ) -var version = "v0.24.2" +var version = "v0.24.3" // Start DB Connection and start API Request Handler func main() { diff --git a/release.md b/release.md index 09e6d7e32..2385ca528 100644 --- a/release.md +++ b/release.md @@ -1,4 +1,4 @@ -# Netmaker v0.24.2 +# Netmaker v0.24.3 ## Whats New ✨ - Static Host Functionality With Separate Settings For Port and endpoint IP diff --git a/swagger.yml b/swagger.yml index f443861f0..4de02610f 100644 --- a/swagger.yml +++ b/swagger.yml @@ -1472,7 +1472,7 @@ info: API calls must be authenticated via a header of the format -H “Authorization: Bearer ” There are two methods to obtain YOUR_SECRET_KEY: 1. Using the masterkey. By default, this value is “secret key,” but you should change this on your instance and keep it secure. This value can be set via env var at startup or in a config file (config/environments/< env >.yaml). See the [Netmaker](https://docs.netmaker.org/index.html) documentation for more details. 2. Using a JWT received for a node. This can be retrieved by calling the /api/nodes//authenticate endpoint, as documented below. title: Netmaker - version: 0.24.2 + version: 0.24.3 paths: /api/dns: get: From d18d60ff43eb85b002a88fa282046a0566a8ab7d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 18 Jun 2024 07:32:01 +0530 Subject: [PATCH 02/17] Bump docker/build-push-action from 5 to 6 (#2985) Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 5 to 6. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/v5...v6) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/docker-builder.yml | 2 +- .github/workflows/publish-docker.yml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/docker-builder.yml b/.github/workflows/docker-builder.yml index 69373f882..fe2cd4aae 100644 --- a/.github/workflows/docker-builder.yml +++ b/.github/workflows/docker-builder.yml @@ -20,7 +20,7 @@ jobs: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Build and push to docker hub - uses: docker/build-push-action@v5 + uses: docker/build-push-action@v6 with: context: . push: true diff --git a/.github/workflows/publish-docker.yml b/.github/workflows/publish-docker.yml index 889bcd8a3..61f42da9a 100644 --- a/.github/workflows/publish-docker.yml +++ b/.github/workflows/publish-docker.yml @@ -44,7 +44,7 @@ jobs: password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Build and push - uses: docker/build-push-action@v5 + uses: docker/build-push-action@v6 with: context: . platforms: linux/amd64, linux/arm64, linux/arm/v7 @@ -84,7 +84,7 @@ jobs: password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Build and push - uses: docker/build-push-action@v5 + uses: docker/build-push-action@v6 with: context: . platforms: linux/amd64, linux/arm64 From 079f1176e12b16b2b6229a166edf461d69f53b1a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 18 Jun 2024 07:32:20 +0530 Subject: [PATCH 03/17] Bump dawidd6/action-download-artifact from 3 to 6 (#2984) Bumps [dawidd6/action-download-artifact](https://github.com/dawidd6/action-download-artifact) from 3 to 6. - [Release notes](https://github.com/dawidd6/action-download-artifact/releases) - [Commits](https://github.com/dawidd6/action-download-artifact/compare/v3...v6) --- updated-dependencies: - dependency-name: dawidd6/action-download-artifact dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/deletedroplets.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/deletedroplets.yml b/.github/workflows/deletedroplets.yml index d2fc1253b..040190384 100644 --- a/.github/workflows/deletedroplets.yml +++ b/.github/workflows/deletedroplets.yml @@ -12,7 +12,7 @@ jobs: if: ${{ github.event.workflow_run.conclusion == 'success' }} steps: - name: get logs - uses: dawidd6/action-download-artifact@v3 + uses: dawidd6/action-download-artifact@v6 with: run_id: ${{ github.event.workflow_run.id}} if_no_artifact_found: warn @@ -60,7 +60,7 @@ jobs: if: ${{ github.event.workflow_run.conclusion == 'failure' }} steps: - name: get logs - uses: dawidd6/action-download-artifact@v3 + uses: dawidd6/action-download-artifact@v6 with: run_id: ${{ github.event.workflow_run.id}} if_no_artifact_found: warn From 5be4ea2148b7170f6890857e4d3b8c3d0712c77f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 18 Jun 2024 07:32:39 +0530 Subject: [PATCH 04/17] Bump github.com/spf13/cobra from 1.8.0 to 1.8.1 (#2983) Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.8.0 to 1.8.1. - [Release notes](https://github.com/spf13/cobra/releases) - [Commits](https://github.com/spf13/cobra/compare/v1.8.0...v1.8.1) --- updated-dependencies: - dependency-name: github.com/spf13/cobra dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/go.mod b/go.mod index 6587dcacb..c94b19109 100644 --- a/go.mod +++ b/go.mod @@ -41,7 +41,7 @@ require ( github.com/guumaster/tablewriter v0.0.10 github.com/matryer/is v1.4.1 github.com/olekukonko/tablewriter v0.0.5 - github.com/spf13/cobra v1.8.0 + github.com/spf13/cobra v1.8.1 ) require ( diff --git a/go.sum b/go.sum index 1ec3a8eb1..bae204d7c 100644 --- a/go.sum +++ b/go.sum @@ -8,7 +8,7 @@ github.com/c-robinson/iplib v1.0.8/go.mod h1:i3LuuFL1hRT5gFpBRnEydzw8R6yhGkF4szN github.com/coreos/go-oidc/v3 v3.9.0 h1:0J/ogVOd4y8P0f0xUh8l9t07xRP/d8tccvjHl2dcsSo= github.com/coreos/go-oidc/v3 v3.9.0/go.mod h1:rTKz2PYwftcrtoCzV5g5kvfJoWcm0Mk8AF8y1iAQro4= github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= -github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= +github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= @@ -73,8 +73,8 @@ github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQD github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e h1:MRM5ITcdelLK2j1vwZ3Je0FKVCfqOLp5zO6trqMLYs0= github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e/go.mod h1:XV66xRDqSt+GTGFMVlhk3ULuV0y9ZmzeVGR4mloJI3M= -github.com/spf13/cobra v1.8.0 h1:7aJaZx1B85qltLMc546zn58BxxfZdR/W22ej9CFoEf0= -github.com/spf13/cobra v1.8.0/go.mod h1:WXLWApfZ71AjXPya3WOlMsY9yMs7YeiHhFVlvLyhcho= +github.com/spf13/cobra v1.8.1 h1:e5/vxKd/rZsfSJMUX1agtjeTDf+qv1/JdBF8gg5k9ZM= +github.com/spf13/cobra v1.8.1/go.mod h1:wHxEcudfqmLYa8iTfL+OuZPbBZkmvliBWKIezN3kD9Y= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= From 4e0889669ba85d76d5763339f9668c6bfe97db6e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 18 Jun 2024 07:32:59 +0530 Subject: [PATCH 05/17] Bump github.com/gorilla/websocket from 1.5.1 to 1.5.3 (#2982) Bumps [github.com/gorilla/websocket](https://github.com/gorilla/websocket) from 1.5.1 to 1.5.3. - [Release notes](https://github.com/gorilla/websocket/releases) - [Commits](https://github.com/gorilla/websocket/compare/v1.5.1...v1.5.3) --- updated-dependencies: - dependency-name: github.com/gorilla/websocket dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index c94b19109..d124bbeb2 100644 --- a/go.mod +++ b/go.mod @@ -32,7 +32,7 @@ require ( require ( github.com/coreos/go-oidc/v3 v3.9.0 - github.com/gorilla/websocket v1.5.1 + github.com/gorilla/websocket v1.5.3 golang.org/x/exp v0.0.0-20230522175609-2e198f4a06a1 ) diff --git a/go.sum b/go.sum index bae204d7c..294356b54 100644 --- a/go.sum +++ b/go.sum @@ -37,8 +37,8 @@ github.com/gorilla/handlers v1.5.2 h1:cLTUSsNkgcwhgRqvCNmdbRWG0A3N4F+M2nWKdScwyE github.com/gorilla/handlers v1.5.2/go.mod h1:dX+xVpaxdSw+q0Qek8SSsl3dfMk3jNddUkMzo0GtH0w= github.com/gorilla/mux v1.8.1 h1:TuBL49tXwgrFYWhqrNgrUNEY92u81SPhu7sTdzQEiWY= github.com/gorilla/mux v1.8.1/go.mod h1:AKf9I4AEqPTmMytcMc0KkNouC66V3BtZ4qD5fmWSiMQ= -github.com/gorilla/websocket v1.5.1 h1:gmztn0JnHVt9JZquRuzLw3g4wouNVzKL15iLr/zn/QY= -github.com/gorilla/websocket v1.5.1/go.mod h1:x3kM2JMyaluk02fnUJpQuwD2dCS5NDG2ZHL0uE0tcaY= +github.com/gorilla/websocket v1.5.3 h1:saDtZ6Pbx/0u+bgYQ3q96pZgCzfhKXGPqt7kZ72aNNg= +github.com/gorilla/websocket v1.5.3/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= github.com/guumaster/tablewriter v0.0.10 h1:A0HD94yMdt4usgxBjoEceNeE0XMJ027euoHAzsPqBQs= github.com/guumaster/tablewriter v0.0.10/go.mod h1:p4FRFhyfo0UD9ZLmMRbbJooTUsxo6b80qZTERVDWrH8= github.com/hashicorp/go-version v1.7.0 h1:5tqGy27NaOTB8yJKUZELlFAS/LTKJkrmONwQKeRZfjY= From 3e9436b78d613cc0215219ceb939dd62294e4de6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 18 Jun 2024 07:33:16 +0530 Subject: [PATCH 06/17] Bump github.com/go-playground/validator/v10 from 10.20.0 to 10.22.0 (#2981) Bumps [github.com/go-playground/validator/v10](https://github.com/go-playground/validator) from 10.20.0 to 10.22.0. - [Release notes](https://github.com/go-playground/validator/releases) - [Commits](https://github.com/go-playground/validator/compare/v10.20.0...v10.22.0) --- updated-dependencies: - dependency-name: github.com/go-playground/validator/v10 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index d124bbeb2..fe5836c66 100644 --- a/go.mod +++ b/go.mod @@ -4,7 +4,7 @@ go 1.19 require ( github.com/eclipse/paho.mqtt.golang v1.4.3 - github.com/go-playground/validator/v10 v10.20.0 + github.com/go-playground/validator/v10 v10.22.0 github.com/golang-jwt/jwt/v4 v4.5.0 github.com/google/uuid v1.6.0 github.com/gorilla/handlers v1.5.2 diff --git a/go.sum b/go.sum index 294356b54..80c1b075b 100644 --- a/go.sum +++ b/go.sum @@ -25,8 +25,8 @@ github.com/go-playground/locales v0.14.1 h1:EWaQ/wswjilfKLTECiXz7Rh+3BjFhfDFKv/o github.com/go-playground/locales v0.14.1/go.mod h1:hxrqLVvrK65+Rwrd5Fc6F2O76J/NuW9t0sjnWqG1slY= github.com/go-playground/universal-translator v0.18.1 h1:Bcnm0ZwsGyWbCzImXv+pAJnYK9S473LQFuzCbDbfSFY= github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91TpwSH2VMlDf28Uj24BCp08ZFTUY= -github.com/go-playground/validator/v10 v10.20.0 h1:K9ISHbSaI0lyB2eWMPJo+kOS/FBExVwjEviJTixqxL8= -github.com/go-playground/validator/v10 v10.20.0/go.mod h1:dbuPbCMFw/DrkbEynArYaCwl3amGuJotoKCe95atGMM= +github.com/go-playground/validator/v10 v10.22.0 h1:k6HsTZ0sTnROkhS//R0O+55JgM8C4Bx7ia+JlgcnOao= +github.com/go-playground/validator/v10 v10.22.0/go.mod h1:dbuPbCMFw/DrkbEynArYaCwl3amGuJotoKCe95atGMM= github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg= github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= From 24f8edcfde1d9206fe8826c39fa4eb29e35effca Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 18 Jun 2024 07:33:37 +0530 Subject: [PATCH 07/17] Bump golang.org/x/crypto from 0.23.0 to 0.24.0 (#2969) Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.23.0 to 0.24.0. - [Commits](https://github.com/golang/crypto/compare/v0.23.0...v0.24.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 8 ++++---- go.sum | 15 ++++++++------- 2 files changed, 12 insertions(+), 11 deletions(-) diff --git a/go.mod b/go.mod index fe5836c66..efe989a33 100644 --- a/go.mod +++ b/go.mod @@ -15,11 +15,11 @@ require ( github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e github.com/stretchr/testify v1.9.0 github.com/txn2/txeh v1.5.5 - golang.org/x/crypto v0.23.0 + golang.org/x/crypto v0.24.0 golang.org/x/net v0.22.0 // indirect golang.org/x/oauth2 v0.20.0 - golang.org/x/sys v0.20.0 // indirect - golang.org/x/text v0.15.0 // indirect + golang.org/x/sys v0.21.0 // indirect + golang.org/x/text v0.16.0 // indirect golang.zx2c4.com/wireguard/wgctrl v0.0.0-20221104135756-97bc4ad4a1cb gopkg.in/yaml.v3 v3.0.1 ) @@ -62,5 +62,5 @@ require ( github.com/mattn/go-runewidth v0.0.13 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect github.com/xtgo/uuid v0.0.0-20140804021211-a0b114877d4c // indirect - golang.org/x/sync v0.1.0 // indirect + golang.org/x/sync v0.7.0 // indirect ) diff --git a/go.sum b/go.sum index 80c1b075b..9b542ba5e 100644 --- a/go.sum +++ b/go.sum @@ -90,8 +90,8 @@ github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5t golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU= -golang.org/x/crypto v0.23.0 h1:dIJU/v2J8Mdglj/8rJ6UUOM3Zc9zLZxVZwwxMooUSAI= -golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8= +golang.org/x/crypto v0.24.0 h1:mnl8DM0o513X8fdIkmyFE/5hTYxbwYOjDS/+rK6qpRI= +golang.org/x/crypto v0.24.0/go.mod h1:Z1PMYSOR5nyMcyAVAIQSKCDwalqy85Aqn1x3Ws4L5DM= golang.org/x/exp v0.0.0-20230522175609-2e198f4a06a1 h1:k/i9J1pBpvlfR+9QsetwPyERsqu1GIbi967PQMq3Ivc= golang.org/x/exp v0.0.0-20230522175609-2e198f4a06a1/go.mod h1:V1LtkGg67GoY2N1AnLN78QLrzxkLyJw7RJb1gzOOz9w= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= @@ -107,8 +107,9 @@ golang.org/x/oauth2 v0.20.0 h1:4mQdhULixXKP1rwYBW0vAijoXnkTG0BLCDRzfe1idMo= golang.org/x/oauth2 v0.20.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.1.0 h1:wsuoTGHzEhffawBOhz5CYhcrV4IdKZbEyZjBMuTp12o= golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.7.0 h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M= +golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= @@ -117,8 +118,8 @@ golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.20.0 h1:Od9JTbYCk261bKm4M/mw7AklTlFYIa0bIp9BgSm1S8Y= -golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.21.0 h1:rF+pYz3DAGSQAxAu1CbC7catZg4ebC4UIeIhKxBZvws= +golang.org/x/sys v0.21.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= @@ -130,8 +131,8 @@ golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= -golang.org/x/text v0.15.0 h1:h1V/4gjBv8v9cjcR6+AR5+/cIYK5N/WAgiv4xlsEtAk= -golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= +golang.org/x/text v0.16.0 h1:a94ExnEXNtEwYLGJSIUxnWoxoRz/ZcCsV63ROupILh4= +golang.org/x/text v0.16.0/go.mod h1:GhwF1Be+LQoKShO3cGOHzqOgRrGaYc9AvblQOmPVHnI= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= From 2ca7bf7481bb141a4739c26bc3db076b74fe68bf Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 18 Jun 2024 08:08:39 +0530 Subject: [PATCH 08/17] Bump golang.org/x/oauth2 from 0.20.0 to 0.21.0 (#2968) Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.20.0 to 0.21.0. - [Commits](https://github.com/golang/oauth2/compare/v0.20.0...v0.21.0) --- updated-dependencies: - dependency-name: golang.org/x/oauth2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index efe989a33..13894896a 100644 --- a/go.mod +++ b/go.mod @@ -17,7 +17,7 @@ require ( github.com/txn2/txeh v1.5.5 golang.org/x/crypto v0.24.0 golang.org/x/net v0.22.0 // indirect - golang.org/x/oauth2 v0.20.0 + golang.org/x/oauth2 v0.21.0 golang.org/x/sys v0.21.0 // indirect golang.org/x/text v0.16.0 // indirect golang.zx2c4.com/wireguard/wgctrl v0.0.0-20221104135756-97bc4ad4a1cb diff --git a/go.sum b/go.sum index 9b542ba5e..fae142244 100644 --- a/go.sum +++ b/go.sum @@ -103,8 +103,8 @@ golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= golang.org/x/net v0.22.0 h1:9sGLhx7iRIHEiX0oAJ3MRZMUCElJgy7Br1nO+AMN3Tc= golang.org/x/net v0.22.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= -golang.org/x/oauth2 v0.20.0 h1:4mQdhULixXKP1rwYBW0vAijoXnkTG0BLCDRzfe1idMo= -golang.org/x/oauth2 v0.20.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= +golang.org/x/oauth2 v0.21.0 h1:tsimM75w1tF/uws5rbeHzIWxEqElMehnc+iW793zsZs= +golang.org/x/oauth2 v0.21.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= From 97140b3dd5d52c1ed17ca018a178585531ce73ce Mon Sep 17 00:00:00 2001 From: abhishek9686 Date: Tue, 18 Jun 2024 15:58:03 +0530 Subject: [PATCH 09/17] revert crypto version --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 13894896a..83774b4b1 100644 --- a/go.mod +++ b/go.mod @@ -15,7 +15,7 @@ require ( github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e github.com/stretchr/testify v1.9.0 github.com/txn2/txeh v1.5.5 - golang.org/x/crypto v0.24.0 + golang.org/x/crypto v0.23.0 golang.org/x/net v0.22.0 // indirect golang.org/x/oauth2 v0.21.0 golang.org/x/sys v0.21.0 // indirect diff --git a/go.sum b/go.sum index fae142244..1a869dd8c 100644 --- a/go.sum +++ b/go.sum @@ -90,8 +90,8 @@ github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5t golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU= -golang.org/x/crypto v0.24.0 h1:mnl8DM0o513X8fdIkmyFE/5hTYxbwYOjDS/+rK6qpRI= -golang.org/x/crypto v0.24.0/go.mod h1:Z1PMYSOR5nyMcyAVAIQSKCDwalqy85Aqn1x3Ws4L5DM= +golang.org/x/crypto v0.23.0 h1:dIJU/v2J8Mdglj/8rJ6UUOM3Zc9zLZxVZwwxMooUSAI= +golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8= golang.org/x/exp v0.0.0-20230522175609-2e198f4a06a1 h1:k/i9J1pBpvlfR+9QsetwPyERsqu1GIbi967PQMq3Ivc= golang.org/x/exp v0.0.0-20230522175609-2e198f4a06a1/go.mod h1:V1LtkGg67GoY2N1AnLN78QLrzxkLyJw7RJb1gzOOz9w= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= From 7254fd850ab54b5a915d2b4f34b6bfe7788d89b6 Mon Sep 17 00:00:00 2001 From: Max Ma Date: Fri, 5 Jul 2024 12:23:14 +0200 Subject: [PATCH 10/17] NET-1308:return error if relayed node is an InetClient (#2980) * return error if relayed node is an InetClient * add relayed InetGW/Relay check * add relayedby check when adding InetClient --- pro/logic/nodes.go | 2 +- pro/logic/relays.go | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/pro/logic/nodes.go b/pro/logic/nodes.go index 9fbc49e9a..ca8ca94af 100644 --- a/pro/logic/nodes.go +++ b/pro/logic/nodes.go @@ -59,7 +59,7 @@ func ValidateInetGwReq(inetNode models.Node, req models.InetNodeReq, update bool ResetFailedOverPeer(&clientNode) } - if clientNode.IsRelayed { + if clientNode.IsRelayed && clientNode.RelayedBy != inetNode.ID.String() { return fmt.Errorf("node %s is being relayed", clientHost.Name) } diff --git a/pro/logic/relays.go b/pro/logic/relays.go index bc581def3..adb9bc6b4 100644 --- a/pro/logic/relays.go +++ b/pro/logic/relays.go @@ -123,6 +123,9 @@ func ValidateRelay(relay models.RelayRequest, update bool) error { if relayedNode.IsInternetGateway { return errors.New("cannot relay an internet gateway (" + relayedNodeID + ")") } + if relayedNode.InternetGwID != "" && relayedNode.InternetGwID != relay.NodeID { + return errors.New("cannot relay an internet client (" + relayedNodeID + ")") + } if relayedNode.IsFailOver { return errors.New("cannot relay a failOver (" + relayedNodeID + ")") } From f63dfaf4b5963b048e9287e32ac1fbc0ea84cb5b Mon Sep 17 00:00:00 2001 From: Max Ma Date: Fri, 5 Jul 2024 12:23:46 +0200 Subject: [PATCH 11/17] NET-1288:add egress range check with netmaker network address (#2978) * add egress range check with netmaker network address * add egerssrange check for delete egressGW and extClientGW * remove egress range check for delete --- controllers/ext_client.go | 22 ++++++++++++++++++++++ controllers/node.go | 7 ++++++- go.mod | 2 ++ go.sum | 4 ++++ logic/nodes.go | 34 ++++++++++++++++++++++++++++++++++ logic/nodes_test.go | 33 +++++++++++++++++++++++++++++++++ 6 files changed, 101 insertions(+), 1 deletion(-) create mode 100644 logic/nodes_test.go diff --git a/controllers/ext_client.go b/controllers/ext_client.go index eb5308bba..1b1ec3dc7 100644 --- a/controllers/ext_client.go +++ b/controllers/ext_client.go @@ -386,6 +386,17 @@ func createExtClient(w http.ResponseWriter, r *http.Request) { logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest")) return } + + var gateway models.EgressGatewayRequest + gateway.NetID = params["network"] + gateway.Ranges = customExtClient.ExtraAllowedIPs + err := logic.ValidateEgressRange(gateway) + if err != nil { + logger.Log(0, r.Header.Get("user"), "error validating egress range: ", err.Error()) + logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest")) + return + } + node, err := logic.GetNodeByID(nodeid) if err != nil { logger.Log(0, r.Header.Get("user"), @@ -530,6 +541,17 @@ func updateExtClient(w http.ResponseWriter, r *http.Request) { return } } + + var gateway models.EgressGatewayRequest + gateway.NetID = params["network"] + gateway.Ranges = update.ExtraAllowedIPs + err = logic.ValidateEgressRange(gateway) + if err != nil { + logger.Log(0, r.Header.Get("user"), "error validating egress range: ", err.Error()) + logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest")) + return + } + var changedID = update.ClientID != oldExtClient.ClientID if !reflect.DeepEqual(update.DeniedACLs, oldExtClient.DeniedACLs) { diff --git a/controllers/node.go b/controllers/node.go index ed104b354..adc631057 100644 --- a/controllers/node.go +++ b/controllers/node.go @@ -414,7 +414,12 @@ func createEgressGateway(w http.ResponseWriter, r *http.Request) { return } gateway.NetID = params["network"] - gateway.NodeID = params["nodeid"] + err = logic.ValidateEgressRange(gateway) + if err != nil { + logger.Log(0, r.Header.Get("user"), "error validating egress range: ", err.Error()) + logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest")) + return + } node, err = logic.CreateEgressGateway(gateway) if err != nil { logger.Log(0, r.Header.Get("user"), diff --git a/go.mod b/go.mod index 83774b4b1..0dafb218f 100644 --- a/go.mod +++ b/go.mod @@ -12,6 +12,7 @@ require ( github.com/lib/pq v1.10.9 github.com/mattn/go-sqlite3 v1.14.22 github.com/rqlite/gorqlite v0.0.0-20240122221808-a8a425b1a6aa + github.com/seancfoley/ipaddress-go v1.6.0 github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e github.com/stretchr/testify v1.9.0 github.com/txn2/txeh v1.5.5 @@ -49,6 +50,7 @@ require ( github.com/gabriel-vasile/mimetype v1.4.3 // indirect github.com/inconshreveable/mousetrap v1.1.0 // indirect github.com/rivo/uniseg v0.2.0 // indirect + github.com/seancfoley/bintree v1.3.1 // indirect github.com/spf13/pflag v1.0.5 // indirect ) diff --git a/go.sum b/go.sum index 1a869dd8c..cb78d0be7 100644 --- a/go.sum +++ b/go.sum @@ -70,6 +70,10 @@ github.com/rqlite/gorqlite v0.0.0-20240122221808-a8a425b1a6aa h1:hxMLFbj+F444JAS github.com/rqlite/gorqlite v0.0.0-20240122221808-a8a425b1a6aa/go.mod h1:xF/KoXmrRyahPfo5L7Szb5cAAUl53dMWBh9cMruGEZg= github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= +github.com/seancfoley/bintree v1.3.1 h1:cqmmQK7Jm4aw8gna0bP+huu5leVOgHGSJBEpUx3EXGI= +github.com/seancfoley/bintree v1.3.1/go.mod h1:hIUabL8OFYyFVTQ6azeajbopogQc2l5C/hiXMcemWNU= +github.com/seancfoley/ipaddress-go v1.6.0 h1:9z7yGmOnV4P2ML/dlR/kCJiv5tp8iHOOetJvxJh/R5w= +github.com/seancfoley/ipaddress-go v1.6.0/go.mod h1:TQRZgv+9jdvzHmKoPGBMxyiaVmoI0rYpfEk8Q/sL/Iw= github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e h1:MRM5ITcdelLK2j1vwZ3Je0FKVCfqOLp5zO6trqMLYs0= github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e/go.mod h1:XV66xRDqSt+GTGFMVlhk3ULuV0y9ZmzeVGR4mloJI3M= diff --git a/logic/nodes.go b/logic/nodes.go index 72f07836d..62f49557c 100644 --- a/logic/nodes.go +++ b/logic/nodes.go @@ -19,6 +19,7 @@ import ( "github.com/gravitl/netmaker/models" "github.com/gravitl/netmaker/servercfg" "github.com/gravitl/netmaker/validation" + "github.com/seancfoley/ipaddress-go/ipaddr" "golang.org/x/exp/slog" ) @@ -626,6 +627,39 @@ func ValidateParams(nodeid, netid string) (models.Node, error) { return node, nil } +func ValidateEgressRange(gateway models.EgressGatewayRequest) error { + network, err := GetNetworkSettings(gateway.NetID) + if err != nil { + slog.Error("error getting network with netid", "error", gateway.NetID, err.Error) + return errors.New("error getting network with netid: " + gateway.NetID + " " + err.Error()) + } + ipv4Net := network.AddressRange + ipv6Net := network.AddressRange6 + + for _, v := range gateway.Ranges { + if ipv4Net != "" { + if ContainsCIDR(ipv4Net, v) { + slog.Error("egress range should not be the same as or contained in the netmaker network address", "error", v, ipv4Net) + return errors.New("egress range should not be the same as or contained in the netmaker network address" + v + " " + ipv4Net) + } + } + if ipv6Net != "" { + if ContainsCIDR(ipv6Net, v) { + slog.Error("egress range should not be the same as or contained in the netmaker network address", "error", v, ipv6Net) + return errors.New("egress range should not be the same as or contained in the netmaker network address" + v + " " + ipv6Net) + } + } + } + + return nil +} + +func ContainsCIDR(net1, net2 string) bool { + one, two := ipaddr.NewIPAddressString(net1), + ipaddr.NewIPAddressString(net2) + return one.Contains(two) || two.Contains(one) +} + // GetAllFailOvers - gets all the nodes that are failovers func GetAllFailOvers() ([]models.Node, error) { nodes, err := GetAllNodes() diff --git a/logic/nodes_test.go b/logic/nodes_test.go new file mode 100644 index 000000000..e3331a6fd --- /dev/null +++ b/logic/nodes_test.go @@ -0,0 +1,33 @@ +package logic + +import ( + "testing" +) + +func TestContainsCIDR(t *testing.T) { + + b := ContainsCIDR("10.1.1.2/32", "10.1.1.0/24") + if !b { + t.Errorf("expected true, returned %v", b) + } + + b = ContainsCIDR("10.1.1.2/32", "10.5.1.0/24") + if b { + t.Errorf("expected false, returned %v", b) + } + + b = ContainsCIDR("fd52:65f5:d685:d11d::1/64", "fd52:65f5:d685:d11d::/64") + if !b { + t.Errorf("expected true, returned %v", b) + } + + b1 := ContainsCIDR("fd10:10::/64", "fd10::/16") + if !b1 { + t.Errorf("expected true, returned %v", b1) + } + + b1 = ContainsCIDR("fd10:10::/64", "fd10::/64") + if b1 { + t.Errorf("expected false, returned %v", b1) + } +} From 2de3fde872e850a73a0e9d1477fd3cacb49e6d9b Mon Sep 17 00:00:00 2001 From: Aceix Date: Fri, 5 Jul 2024 10:24:05 +0000 Subject: [PATCH 12/17] fix(NET-1280): remove RAG metadata length restriction (#2990) --- controllers/node.go | 4 ---- models/api_node.go | 2 +- 2 files changed, 1 insertion(+), 5 deletions(-) diff --git a/controllers/node.go b/controllers/node.go index adc631057..73522689c 100644 --- a/controllers/node.go +++ b/controllers/node.go @@ -636,10 +636,6 @@ func updateNode(w http.ResponseWriter, r *http.Request) { logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest")) return } - if len(newData.Metadata) > 255 { - logic.ReturnErrorResponse(w, r, logic.FormatError(fmt.Errorf("metadata cannot be longer than 255 characters"), "badrequest")) - return - } if !servercfg.IsPro { newData.AdditionalRagIps = []string{} } diff --git a/models/api_node.go b/models/api_node.go index 6015f4e86..e7005f327 100644 --- a/models/api_node.go +++ b/models/api_node.go @@ -36,7 +36,7 @@ type ApiNode struct { Server string `json:"server"` Connected bool `json:"connected"` PendingDelete bool `json:"pendingdelete"` - Metadata string `json:"metadata" validate:"max=256"` + Metadata string `json:"metadata"` // == PRO == DefaultACL string `json:"defaultacl,omitempty" validate:"checkyesornoorunset"` IsFailOver bool `json:"is_fail_over"` From 5b9ccb74a9e364d2ed1cc26bc9dfda846a3aa81f Mon Sep 17 00:00:00 2001 From: Max Ma Date: Tue, 9 Jul 2024 15:26:36 +0200 Subject: [PATCH 13/17] improve message for create egressGW (#3001) --- logic/gateway.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/logic/gateway.go b/logic/gateway.go index 154a2a8d8..0d99af88e 100644 --- a/logic/gateway.go +++ b/logic/gateway.go @@ -74,7 +74,7 @@ func CreateEgressGateway(gateway models.EgressGatewayRequest) (models.Node, erro return models.Node{}, errors.New(host.OS + " is unsupported for egress gateways") } if host.FirewallInUse == models.FIREWALL_NONE { - return models.Node{}, errors.New("firewall is not supported for egress gateways") + return models.Node{}, errors.New("firewall is not supported for egress gateways. please install iptables or nftables on the device in order to use this feature") } for i := len(gateway.Ranges) - 1; i >= 0; i-- { // check if internet gateway IPv4 From 65faf73fe98dfb58ec9991f5d7840c741cff7af9 Mon Sep 17 00:00:00 2001 From: Max Ma Date: Tue, 9 Jul 2024 15:26:55 +0200 Subject: [PATCH 14/17] NET-1226: Scalability Improvements (#2987) * add api to check if failover node existed * remove 5 minute peerUpdate * update peerUpdate to trigger pull * update Action name to SignalPull * revert the peerUpdate from SignalPull * fix getfailover error issue * rm acls creation for on-prem emqx * remove use of acls * add additional broker status field on status api * NET-1165: Remove creation of acls on emqx (#2996) * rm acls creation for on-prem emqx * remove use of acls * add additional broker status field on status api * comment out mq reconnect logic * configure mq conn params * add metric_interval in ENV for publishing metrics * add metric_interval in ENV for publishing metrics * update PUBLISH_METRIC_INTERVAL env name * revert the mq setttings back * fix error nil issue --------- Co-authored-by: abhishek9686 Co-authored-by: Abhishek K <32607604+abhishek9686@users.noreply.github.com> --- Dockerfile | 2 +- auth/host_session.go | 4 - config/config.go | 1 + controllers/enrollmentkeys.go | 4 - controllers/hosts.go | 15 +--- controllers/server.go | 2 + models/host.go | 2 + models/structs.go | 27 +++--- mq/emqx.go | 5 +- mq/emqx_cloud.go | 13 +-- mq/emqx_on_prem.go | 156 +--------------------------------- mq/handlers.go | 6 -- mq/mq.go | 7 +- mq/publishers.go | 19 +---- pro/controllers/failover.go | 32 +++++++ servercfg/serverconf.go | 13 ++- 16 files changed, 77 insertions(+), 231 deletions(-) diff --git a/Dockerfile b/Dockerfile index 4be29ea6d..c7c6369c9 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,5 @@ #first stage - builder -FROM gravitl/go-builder as builder +FROM gravitl/go-builder AS builder ARG tags WORKDIR /app COPY . . diff --git a/auth/host_session.go b/auth/host_session.go index 0113351a3..d6869ed0c 100644 --- a/auth/host_session.go +++ b/auth/host_session.go @@ -164,10 +164,6 @@ func SessionHandler(conn *websocket.Conn) { logger.Log(0, "failed to create host credentials for EMQX: ", err.Error()) return } - if err := mq.GetEmqxHandler().CreateHostACL(result.Host.ID.String(), servercfg.GetServerInfo().Server); err != nil { - logger.Log(0, "failed to add host ACL rules to EMQX: ", err.Error()) - return - } } logic.CheckHostPorts(&result.Host) if err := logic.CreateHost(&result.Host); err != nil { diff --git a/config/config.go b/config/config.go index 522372eff..591c8e3df 100644 --- a/config/config.go +++ b/config/config.go @@ -94,6 +94,7 @@ type ServerConfig struct { CacheEnabled string `yaml:"caching_enabled"` EndpointDetection bool `json:"endpoint_detection"` AllowedEmailDomains string `yaml:"allowed_email_domains"` + MetricInterval string `yaml:"metric_interval"` } // SQLConfig - Generic SQL Config diff --git a/controllers/enrollmentkeys.go b/controllers/enrollmentkeys.go index 2cfb13637..87a189a4a 100644 --- a/controllers/enrollmentkeys.go +++ b/controllers/enrollmentkeys.go @@ -315,10 +315,6 @@ func handleHostRegister(w http.ResponseWriter, r *http.Request) { logger.Log(0, "failed to create host credentials for EMQX: ", err.Error()) return } - if err := mq.GetEmqxHandler().CreateHostACL(newHost.ID.String(), servercfg.GetServerInfo().Server); err != nil { - logger.Log(0, "failed to add host ACL rules to EMQX: ", err.Error()) - return - } } if err = logic.CreateHost(&newHost); err != nil { logger.Log( diff --git a/controllers/hosts.go b/controllers/hosts.go index f6a88aa42..faf56411d 100644 --- a/controllers/hosts.go +++ b/controllers/hosts.go @@ -555,23 +555,10 @@ func authenticateHost(response http.ResponseWriter, request *http.Request) { return } go func() { - // Create EMQX creds and ACLs if not found + // Create EMQX creds if servercfg.GetBrokerType() == servercfg.EmqxBrokerType { if err := mq.GetEmqxHandler().CreateEmqxUser(host.ID.String(), authRequest.Password); err != nil { slog.Error("failed to create host credentials for EMQX: ", err.Error()) - } else { - if err := mq.GetEmqxHandler().CreateHostACL(host.ID.String(), servercfg.GetServerInfo().Server); err != nil { - slog.Error("failed to add host ACL rules to EMQX: ", err.Error()) - } - for _, nodeID := range host.Nodes { - if node, err := logic.GetNodeByID(nodeID); err == nil { - if err = mq.GetEmqxHandler().AppendNodeUpdateACL(host.ID.String(), node.Network, node.ID.String(), servercfg.GetServer()); err != nil { - slog.Error("failed to add ACLs for EMQX node", "error", err) - } - } else { - slog.Error("failed to get node", "nodeid", nodeID, "error", err) - } - } } } }() diff --git a/controllers/server.go b/controllers/server.go index 6e96688c4..6c8c121e0 100644 --- a/controllers/server.go +++ b/controllers/server.go @@ -117,6 +117,7 @@ func getStatus(w http.ResponseWriter, r *http.Request) { type status struct { DB bool `json:"db_connected"` Broker bool `json:"broker_connected"` + IsBrokerConnOpen bool `json:"is_broker_conn_open"` LicenseError string `json:"license_error"` IsPro bool `json:"is_pro"` TrialEndDate time.Time `json:"trial_end_date"` @@ -141,6 +142,7 @@ func getStatus(w http.ResponseWriter, r *http.Request) { currentServerStatus := status{ DB: database.IsConnected(), Broker: mq.IsConnected(), + IsBrokerConnOpen: mq.IsConnectionOpen(), LicenseError: licenseErr, IsPro: servercfg.IsPro, TrialEndDate: trialEndDate, diff --git a/models/host.go b/models/host.go index 684cc7d1e..2781dee0e 100644 --- a/models/host.go +++ b/models/host.go @@ -116,6 +116,8 @@ const ( UpdateKeys HostMqAction = "UPDATE_KEYS" // RequestPull - request a pull from a host RequestPull HostMqAction = "REQ_PULL" + // SignalPull - request a pull from a host without restart + SignalPull HostMqAction = "SIGNAL_PULL" // UpdateMetrics - updates metrics data UpdateMetrics HostMqAction = "UPDATE_METRICS" ) diff --git a/models/structs.go b/models/structs.go index d4ea11711..594275333 100644 --- a/models/structs.go +++ b/models/structs.go @@ -273,19 +273,20 @@ type NodeJoinResponse struct { // ServerConfig - struct for dealing with the server information for a netclient type ServerConfig struct { - CoreDNSAddr string `yaml:"corednsaddr"` - API string `yaml:"api"` - APIPort string `yaml:"apiport"` - DNSMode string `yaml:"dnsmode"` - Version string `yaml:"version"` - MQPort string `yaml:"mqport"` - MQUserName string `yaml:"mq_username"` - MQPassword string `yaml:"mq_password"` - BrokerType string `yaml:"broker_type"` - Server string `yaml:"server"` - Broker string `yaml:"broker"` - IsPro bool `yaml:"isee" json:"Is_EE"` - TrafficKey []byte `yaml:"traffickey"` + CoreDNSAddr string `yaml:"corednsaddr"` + API string `yaml:"api"` + APIPort string `yaml:"apiport"` + DNSMode string `yaml:"dnsmode"` + Version string `yaml:"version"` + MQPort string `yaml:"mqport"` + MQUserName string `yaml:"mq_username"` + MQPassword string `yaml:"mq_password"` + BrokerType string `yaml:"broker_type"` + Server string `yaml:"server"` + Broker string `yaml:"broker"` + IsPro bool `yaml:"isee" json:"Is_EE"` + TrafficKey []byte `yaml:"traffickey"` + MetricInterval string `yaml:"metric_interval"` } // User.NameInCharset - returns if name is in charset below or not diff --git a/mq/emqx.go b/mq/emqx.go index 8b9b9f09f..43b8390b8 100644 --- a/mq/emqx.go +++ b/mq/emqx.go @@ -10,10 +10,7 @@ type Emqx interface { CreateEmqxUserforServer() error CreateEmqxDefaultAuthenticator() error CreateEmqxDefaultAuthorizer() error - CreateDefaultDenyRule() error - CreateHostACL(hostID, serverName string) error - AppendNodeUpdateACL(hostID, nodeNetwork, nodeID, serverName string) error - GetUserACL(username string) (*aclObject, error) + CreateDefaultAllowRule() error DeleteEmqxUser(username string) error } diff --git a/mq/emqx_cloud.go b/mq/emqx_cloud.go index 23bfb2448..aabac0dbd 100644 --- a/mq/emqx_cloud.go +++ b/mq/emqx_cloud.go @@ -89,21 +89,10 @@ func (e *EmqxCloud) CreateEmqxDefaultAuthenticator() error { return nil } // ign func (e *EmqxCloud) CreateEmqxDefaultAuthorizer() error { return nil } // ignore -func (e *EmqxCloud) CreateDefaultDenyRule() error { +func (e *EmqxCloud) CreateDefaultAllowRule() error { return nil } -func (e *EmqxCloud) CreateHostACL(hostID, serverName string) error { - return nil -} - -func (e *EmqxCloud) AppendNodeUpdateACL(hostID, nodeNetwork, nodeID, serverName string) error { - return nil - -} - -func (e *EmqxCloud) GetUserACL(username string) (*aclObject, error) { return nil, nil } // ununsed on cloud since it doesn't overwrite acls list - func (e *EmqxCloud) DeleteEmqxUser(username string) error { client := &http.Client{} diff --git a/mq/emqx_on_prem.go b/mq/emqx_on_prem.go index f116f0a86..d69067f3c 100644 --- a/mq/emqx_on_prem.go +++ b/mq/emqx_on_prem.go @@ -7,7 +7,6 @@ import ( "io" "net/http" "strings" - "sync" "github.com/gravitl/netmaker/servercfg" ) @@ -246,45 +245,14 @@ func (e *EmqxOnPrem) CreateEmqxDefaultAuthorizer() error { return nil } -// GetUserACL - returns ACL rules by username -func (e *EmqxOnPrem) GetUserACL(username string) (*aclObject, error) { - token, err := getEmqxAuthToken() - if err != nil { - return nil, err - } - req, err := http.NewRequest(http.MethodGet, servercfg.GetEmqxRestEndpoint()+"/api/v5/authorization/sources/built_in_database/username/"+username, nil) - if err != nil { - return nil, err - } - req.Header.Add("content-type", "application/json") - req.Header.Add("authorization", "Bearer "+token) - resp, err := (&http.Client{}).Do(req) - if err != nil { - return nil, err - } - defer resp.Body.Close() - response, err := io.ReadAll(resp.Body) - if err != nil { - return nil, err - } - if resp.StatusCode != http.StatusOK { - return nil, fmt.Errorf("error fetching ACL rules %v", string(response)) - } - body := new(aclObject) - if err := json.Unmarshal(response, body); err != nil { - return nil, err - } - return body, nil -} - -// CreateDefaultDenyRule - creates a rule to deny access to all topics for all users by default +// CreateDefaultAllowRule - creates a rule to deny access to all topics for all users by default // to allow user access to topics use the `mq.CreateUserAccessRule` function -func (e *EmqxOnPrem) CreateDefaultDenyRule() error { +func (e *EmqxOnPrem) CreateDefaultAllowRule() error { token, err := getEmqxAuthToken() if err != nil { return err } - payload, err := json.Marshal(&aclObject{Rules: []aclRule{{Topic: "#", Permission: "deny", Action: "all"}}}) + payload, err := json.Marshal(&aclObject{Rules: []aclRule{{Topic: "#", Permission: "allow", Action: "all"}}}) if err != nil { return err } @@ -308,121 +276,3 @@ func (e *EmqxOnPrem) CreateDefaultDenyRule() error { } return nil } - -// CreateHostACL - create host ACL rules -func (e *EmqxOnPrem) CreateHostACL(hostID, serverName string) error { - token, err := getEmqxAuthToken() - if err != nil { - return err - } - payload, err := json.Marshal(&aclObject{ - Username: hostID, - Rules: []aclRule{ - { - Topic: fmt.Sprintf("peers/host/%s/%s", hostID, serverName), - Permission: "allow", - Action: "all", - }, - { - Topic: fmt.Sprintf("host/update/%s/%s", hostID, serverName), - Permission: "allow", - Action: "all", - }, - { - Topic: fmt.Sprintf("host/serverupdate/%s/%s", serverName, hostID), - Permission: "allow", - Action: "all", - }, - }, - }) - if err != nil { - return err - } - req, err := http.NewRequest(http.MethodPut, servercfg.GetEmqxRestEndpoint()+"/api/v5/authorization/sources/built_in_database/username/"+hostID, bytes.NewReader(payload)) - if err != nil { - return err - } - req.Header.Add("content-type", "application/json") - req.Header.Add("authorization", "Bearer "+token) - resp, err := (&http.Client{}).Do(req) - if err != nil { - return err - } - defer resp.Body.Close() - if resp.StatusCode != http.StatusNoContent { - msg, err := io.ReadAll(resp.Body) - if err != nil { - return err - } - return fmt.Errorf("error adding ACL Rules for user %s Error: %v", hostID, string(msg)) - } - return nil -} - -// a lock required for preventing simultaneous updates to the same ACL object leading to overwriting each other -// might occur when multiple nodes belonging to the same host are created at the same time -var nodeAclMux sync.Mutex - -// AppendNodeUpdateACL - adds ACL rule for subscribing to node updates for a node ID -func (e *EmqxOnPrem) AppendNodeUpdateACL(hostID, nodeNetwork, nodeID, serverName string) error { - nodeAclMux.Lock() - defer nodeAclMux.Unlock() - token, err := getEmqxAuthToken() - if err != nil { - return err - } - aclObject, err := emqx.GetUserACL(hostID) - if err != nil { - return err - } - aclObject.Rules = append(aclObject.Rules, []aclRule{ - { - Topic: fmt.Sprintf("node/update/%s/%s", nodeNetwork, nodeID), - Permission: "allow", - Action: "subscribe", - }, - { - Topic: fmt.Sprintf("ping/%s/%s", serverName, nodeID), - Permission: "allow", - Action: "all", - }, - { - Topic: fmt.Sprintf("update/%s/%s", serverName, nodeID), - Permission: "allow", - Action: "all", - }, - { - Topic: fmt.Sprintf("signal/%s/%s", serverName, nodeID), - Permission: "allow", - Action: "all", - }, - { - Topic: fmt.Sprintf("metrics/%s/%s", serverName, nodeID), - Permission: "allow", - Action: "all", - }, - }...) - payload, err := json.Marshal(aclObject) - if err != nil { - return err - } - req, err := http.NewRequest(http.MethodPut, servercfg.GetEmqxRestEndpoint()+"/api/v5/authorization/sources/built_in_database/username/"+hostID, bytes.NewReader(payload)) - if err != nil { - return err - } - req.Header.Add("content-type", "application/json") - req.Header.Add("authorization", "Bearer "+token) - resp, err := (&http.Client{}).Do(req) - if err != nil { - return err - } - defer resp.Body.Close() - if resp.StatusCode != http.StatusNoContent { - msg, err := io.ReadAll(resp.Body) - if err != nil { - return err - } - return fmt.Errorf("error adding ACL Rules for user %s Error: %v", hostID, string(msg)) - } - return nil -} diff --git a/mq/handlers.go b/mq/handlers.go index 1c087393a..8adb0744f 100644 --- a/mq/handlers.go +++ b/mq/handlers.go @@ -113,12 +113,6 @@ func UpdateHost(client mqtt.Client, msg mqtt.Message) { slog.Error("failed to send new node to host", "name", hostUpdate.Host.Name, "id", currentHost.ID, "error", err) return } else { - if servercfg.GetBrokerType() == servercfg.EmqxBrokerType { - if err = emqx.AppendNodeUpdateACL(hu.Host.ID.String(), hu.Node.Network, hu.Node.ID.String(), servercfg.GetServer()); err != nil { - slog.Error("failed to add ACLs for EMQX node", "error", err) - return - } - } nodes, err := logic.GetAllNodes() if err != nil { return diff --git a/mq/mq.go b/mq/mq.go index 92a6200b5..a143b1abd 100644 --- a/mq/mq.go +++ b/mq/mq.go @@ -58,7 +58,7 @@ func SetupMQTT(fatal bool) { logger.Log(0, err.Error()) } // create a default deny ACL to all topics for all users - if err := emqx.CreateDefaultDenyRule(); err != nil { + if err := emqx.CreateDefaultAllowRule(); err != nil { log.Fatal(err) } } else { @@ -142,6 +142,11 @@ func Keepalive(ctx context.Context) { // IsConnected - function for determining if the mqclient is connected or not func IsConnected() bool { + return mqclient != nil && mqclient.IsConnected() +} + +// IsConnectionOpen - function for determining if the mqclient is connected or not +func IsConnectionOpen() bool { return mqclient != nil && mqclient.IsConnectionOpen() } diff --git a/mq/publishers.go b/mq/publishers.go index 6c231b01d..b3f3efda5 100644 --- a/mq/publishers.go +++ b/mq/publishers.go @@ -35,7 +35,6 @@ func PublishPeerUpdate(replacePeers bool) error { logger.Log(1, "failed to publish peer update to host", host.ID.String(), ": ", err.Error()) } }(host) - } return err } @@ -217,30 +216,14 @@ func sendPeers() { if err != nil && len(hosts) > 0 { logger.Log(1, "error retrieving networks for keepalive", err.Error()) } - nodes, err := logic.GetAllNodes() - if err != nil { - return - } - var force bool + peer_force_send++ if peer_force_send == 5 { servercfg.SetHost() - force = true peer_force_send = 0 err := logic.TimerCheckpoint() // run telemetry & log dumps if 24 hours has passed.. if err != nil { logger.Log(3, "error occurred on timer,", err.Error()) } - - //collectServerMetrics(networks[:]) - } - if force { - for _, host := range hosts { - host := host - logger.Log(2, "sending scheduled peer update (5 min)") - if err = PublishSingleHostPeerUpdate(&host, nodes, nil, nil, false); err != nil { - logger.Log(1, "error publishing peer updates for host: ", host.ID.String(), " Err: ", err.Error()) - } - } } } diff --git a/pro/controllers/failover.go b/pro/controllers/failover.go index 04262165d..42c027340 100644 --- a/pro/controllers/failover.go +++ b/pro/controllers/failover.go @@ -19,12 +19,44 @@ import ( // FailOverHandlers - handlers for FailOver func FailOverHandlers(r *mux.Router) { + r.HandleFunc("/api/v1/node/{nodeid}/failover", http.HandlerFunc(getfailOver)).Methods(http.MethodGet) r.HandleFunc("/api/v1/node/{nodeid}/failover", logic.SecurityCheck(true, http.HandlerFunc(createfailOver))).Methods(http.MethodPost) r.HandleFunc("/api/v1/node/{nodeid}/failover", logic.SecurityCheck(true, http.HandlerFunc(deletefailOver))).Methods(http.MethodDelete) r.HandleFunc("/api/v1/node/{network}/failover/reset", logic.SecurityCheck(true, http.HandlerFunc(resetFailOver))).Methods(http.MethodPost) r.HandleFunc("/api/v1/node/{nodeid}/failover_me", controller.Authorize(true, false, "host", http.HandlerFunc(failOverME))).Methods(http.MethodPost) } +// swagger:route GET /api/v1/node/failover node getfailOver +// +// get failover node. +// +// Schemes: https +// +// Security: +// oauth +// +// Responses: +// 200: nodeResponse +func getfailOver(w http.ResponseWriter, r *http.Request) { + var params = mux.Vars(r) + nodeid := params["nodeid"] + // confirm host exists + node, err := logic.GetNodeByID(nodeid) + if err != nil { + slog.Error("failed to get node:", "error", err.Error()) + logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest")) + return + } + + failOverNode, exists := proLogic.FailOverExists(node.Network) + if !exists { + logic.ReturnErrorResponse(w, r, logic.FormatError(errors.New("failover node not found"), "notfound")) + return + } + w.Header().Set("Content-Type", "application/json") + logic.ReturnSuccessResponseWithJson(w, r, failOverNode, "get failover node successfully") +} + // swagger:route POST /api/v1/node/failover node createfailOver // // Create a relay. diff --git a/servercfg/serverconf.go b/servercfg/serverconf.go index 56e00e340..1ab54b7fc 100644 --- a/servercfg/serverconf.go +++ b/servercfg/serverconf.go @@ -91,7 +91,7 @@ func GetServerConfig() config.ServerConfig { } cfg.JwtValidityDuration = GetJwtValidityDuration() cfg.RacAutoDisable = GetRacAutoDisable() - + cfg.MetricInterval = GetMetricInterval() return cfg } @@ -135,6 +135,7 @@ func GetServerInfo() models.ServerConfig { } cfg.Version = GetVersion() cfg.IsPro = IsPro + cfg.MetricInterval = GetMetricInterval() return cfg } @@ -586,6 +587,16 @@ func GetMqUserName() string { return password } +// GetMetricInterval - get the publish metric interval +func GetMetricInterval() string { + //default 15 minutes + mi := "15" + if os.Getenv("PUBLISH_METRIC_INTERVAL") != "" { + mi = os.Getenv("PUBLISH_METRIC_INTERVAL") + } + return mi +} + // GetEmqxRestEndpoint - returns the REST API Endpoint of EMQX func GetEmqxRestEndpoint() string { return os.Getenv("EMQX_REST_ENDPOINT") From 023956d361a44f8570c65d1ac0efea51d5e554f4 Mon Sep 17 00:00:00 2001 From: Max Ma Date: Wed, 10 Jul 2024 11:33:25 +0200 Subject: [PATCH 15/17] NET-1288:Fix egress node id issue (#3004) * add egress range check with netmaker network address * add egerssrange check for delete egressGW and extClientGW * remove egress range check for delete * fix egress nodeid issue --- controllers/node.go | 1 + 1 file changed, 1 insertion(+) diff --git a/controllers/node.go b/controllers/node.go index 73522689c..b7027f2c5 100644 --- a/controllers/node.go +++ b/controllers/node.go @@ -414,6 +414,7 @@ func createEgressGateway(w http.ResponseWriter, r *http.Request) { return } gateway.NetID = params["network"] + gateway.NodeID = params["nodeid"] err = logic.ValidateEgressRange(gateway) if err != nil { logger.Log(0, r.Header.Get("user"), "error validating egress range: ", err.Error()) From 3dce62a7b6e7de2df4b7abc1cbf2cdcbe8d52206 Mon Sep 17 00:00:00 2001 From: Max Ma Date: Wed, 17 Jul 2024 09:37:07 +0200 Subject: [PATCH 16/17] add peerUpdate when calling hostupdate api (#3005) --- controllers/hosts.go | 21 ++++++++++++++++----- 1 file changed, 16 insertions(+), 5 deletions(-) diff --git a/controllers/hosts.go b/controllers/hosts.go index faf56411d..440fd74e9 100644 --- a/controllers/hosts.go +++ b/controllers/hosts.go @@ -233,7 +233,8 @@ func hostUpdateFallback(w http.ResponseWriter, r *http.Request) { logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest")) return } - + var sendPeerUpdate bool + var replacePeers bool var hostUpdate models.HostUpdate err = json.NewDecoder(r.Body).Decode(&hostUpdate) if err != nil { @@ -244,22 +245,32 @@ func hostUpdateFallback(w http.ResponseWriter, r *http.Request) { slog.Info("recieved host update", "name", hostUpdate.Host.Name, "id", hostUpdate.Host.ID) switch hostUpdate.Action { case models.CheckIn: - _ = mq.HandleHostCheckin(&hostUpdate.Host, currentHost) + sendPeerUpdate = mq.HandleHostCheckin(&hostUpdate.Host, currentHost) case models.UpdateHost: - - _ = logic.UpdateHostFromClient(&hostUpdate.Host, currentHost) + if hostUpdate.Host.PublicKey != currentHost.PublicKey { + //remove old peer entry + replacePeers = true + } + sendPeerUpdate = logic.UpdateHostFromClient(&hostUpdate.Host, currentHost) err := logic.UpsertHost(currentHost) if err != nil { slog.Error("failed to update host", "id", currentHost.ID, "error", err) logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal")) return } + case models.UpdateMetrics: mq.UpdateMetricsFallBack(hostUpdate.Node.ID.String(), hostUpdate.NewMetrics) } - logic.ReturnSuccessResponse(w, r, "updated host data") + if sendPeerUpdate { + err := mq.PublishPeerUpdate(replacePeers) + if err != nil { + slog.Error("failed to publish peer update", "error", err) + } + } + logic.ReturnSuccessResponse(w, r, "updated host data") } // swagger:route DELETE /api/hosts/{hostid} hosts deleteHost From 0807bd0dd04366c115f04b6878060c63d3d2004a Mon Sep 17 00:00:00 2001 From: Abhishek K <32607604+abhishek9686@users.noreply.github.com> Date: Thu, 18 Jul 2024 22:11:14 +0530 Subject: [PATCH 17/17] v0.24.3 release notes (#3007) --- release.md | 22 +++++++++++++--------- 1 file changed, 13 insertions(+), 9 deletions(-) diff --git a/release.md b/release.md index 2385ca528..32d783df1 100644 --- a/release.md +++ b/release.md @@ -1,18 +1,22 @@ # Netmaker v0.24.3 ## Whats New ✨ -- Static Host Functionality With Separate Settings For Port and endpoint IP -- Network Info And Metadata Info Added To Remote-Access-Client +- Validation Checks For Egress Routes +- Network Change Detection System +- Removed Creation Of ACLs For EMQX ## What's Fixed/Improved 🛠 -- Improved FailOver Functionality -- Local Peer Routing In Dual-Stack Environment -- Stale Node Issue On Multinet With `netclient uninstall` -- IPv6 Internet Gateways Improvements -- Handled New Oauth User SignUp via Remote-Access-Client -- PeerUpdate Improvements Around Default Host and Multi-nets +- Removed RAG Metadata Length Restriction +- Scalability Improvements +- Optimised Traffic Flow Over MQ +- Improved Validation Checks For Internet GWS ## Known Issues 🐞 - Erratic Traffic Data In Metrics. -- Stale peer on the interface, when forced removed from multiple networks at once. +- Adding Custom Private/Public Key For Remote Access Gw Clients Doesn't Get Propagated To Other Peers. +- IPv6 DNS Entries Are Not Working. +- Stale Peer On The Interface, When Forced Removed From Multiple Networks At Once. +- Can Still Ping Domain Name Even When DNS Toggle Is Switched Off. +- WireGuard DNS issue on most flavors of Ubuntu 24.04 and some other newer Linux distributions. The issue is affecting the Remote Access Client (RAC) and the plain WireGuard external clients. Workaround can be found here https://help.netmaker.io/en/articles/9612016-extclient-rac-dns-issue-on-ubuntu-24-04. +