Skip to content

Commit

Permalink
Merge pull request #3261 from gravitl/release-v0.30.0
Browse files Browse the repository at this point in the history
v0.30.0
  • Loading branch information
abhishek9686 authored Dec 17, 2024
2 parents 39d0c0e + b1d813a commit ac3afaa
Show file tree
Hide file tree
Showing 65 changed files with 2,339 additions and 432 deletions.
1 change: 1 addition & 0 deletions .github/ISSUE_TEMPLATE/bug-report.yml
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,7 @@ body:
label: Version
description: What version are you running?
options:
- v0.30.0
- v0.26.0
- v0.25.0
- v0.24.3
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/deletedroplets.yml
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ jobs:
if: ${{ github.event.workflow_run.conclusion == 'success' }}
steps:
- name: get logs
uses: dawidd6/action-download-artifact@v6
uses: dawidd6/action-download-artifact@v7
with:
run_id: ${{ github.event.workflow_run.id}}
if_no_artifact_found: warn
Expand Down Expand Up @@ -75,7 +75,7 @@ jobs:
if: ${{ github.event.workflow_run.conclusion == 'failure' }}
steps:
- name: get logs
uses: dawidd6/action-download-artifact@v6
uses: dawidd6/action-download-artifact@v7
with:
run_id: ${{ github.event.workflow_run.id}}
if_no_artifact_found: warn
Expand Down
2 changes: 2 additions & 0 deletions .swaggo
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
// Replace all time.Duration with int64
replace time.Duration int64
2 changes: 1 addition & 1 deletion Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ COPY . .

RUN GOOS=linux CGO_ENABLED=1 go build -ldflags="-s -w " -tags ${tags} .
# RUN go build -tags=ee . -o netmaker main.go
FROM alpine:3.20.3
FROM alpine:3.21.0

# add a c lib
# set the working directory
Expand Down
2 changes: 1 addition & 1 deletion Dockerfile-quick
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
#first stage - builder
FROM alpine:3.20.3
FROM alpine:3.21.0
ARG version
WORKDIR /app
COPY ./netmaker /root/netmaker
Expand Down
2 changes: 1 addition & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@

<p align="center">
<a href="https://github.com/gravitl/netmaker/releases">
<img src="https://img.shields.io/badge/Version-0.26.0-informational?style=flat-square" />
<img src="https://img.shields.io/badge/Version-0.30.0-informational?style=flat-square" />
</a>
<a href="https://hub.docker.com/r/gravitl/netmaker/tags">
<img src="https://img.shields.io/docker/pulls/gravitl/netmaker?label=downloads" />
Expand Down
4 changes: 2 additions & 2 deletions auth/host_session.go
Original file line number Diff line number Diff line change
Expand Up @@ -257,7 +257,7 @@ func CheckNetRegAndHostUpdate(networks []string, h *models.Host, relayNodeId uui
if relayNodeId != uuid.Nil && !newNode.IsRelayed {
// check if relay node exists and acting as relay
relaynode, err := logic.GetNodeByID(relayNodeId.String())
if err == nil && relaynode.IsRelay {
if err == nil && relaynode.IsRelay && relaynode.Network == newNode.Network {
slog.Info(fmt.Sprintf("adding relayed node %s to relay %s on network %s", newNode.ID.String(), relayNodeId.String(), network))
newNode.IsRelayed = true
newNode.RelayedBy = relayNodeId.String()
Expand All @@ -271,7 +271,7 @@ func CheckNetRegAndHostUpdate(networks []string, h *models.Host, relayNodeId uui
slog.Error("failed to update node", "nodeid", relayNodeId.String())
}
} else {
slog.Error("failed to relay node. maybe specified relay node is actually not a relay?", "err", err)
slog.Error("failed to relay node. maybe specified relay node is actually not a relay? Or the relayed node is not in the same network with relay?", "err", err)
}
}
logger.Log(1, "added new node", newNode.ID.String(), "to host", h.Name)
Expand Down
3 changes: 2 additions & 1 deletion compose/docker-compose-emqx.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ version: "3.4"
services:
mq:
container_name: mq
image: emqx/emqx:5.0.9
image: emqx/emqx:5.8.2
env_file: ./netmaker.env
restart: unless-stopped
environment:
Expand All @@ -20,6 +20,7 @@ services:
- emqx_data:/opt/emqx/data
- emqx_etc:/opt/emqx/etc
- emqx_logs:/opt/emqx/log
- ./emqx.conf:/opt/emqx/data/configs/cluster.hocon
volumes:
emqx_data: { } # storage for emqx data
emqx_etc: { } # storage for emqx etc
Expand Down
2 changes: 1 addition & 1 deletion compose/docker-compose.netclient.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ version: "3.4"
services:
netclient:
container_name: netclient
image: 'gravitl/netclient:v0.26.0'
image: 'gravitl/netclient:v0.30.0'
hostname: netmaker-1
network_mode: host
restart: on-failure
Expand Down
6 changes: 3 additions & 3 deletions compose/docker-compose.yml
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ services:
- sqldata:/root/data
environment:
# config-dependant vars
- STUN_LIST=stun1.netmaker.io:3478,stun2.netmaker.io:3478,stun1.l.google.com:19302,stun2.l.google.com:19302
- STUN_SERVERS=stun1.netmaker.io:3478,stun2.netmaker.io:3478,stun1.l.google.com:19302,stun2.l.google.com:19302
# The domain/host IP indicating the mq broker address
- BROKER_ENDPOINT=wss://broker.${NM_DOMAIN} # For EMQX broker use `BROKER_ENDPOINT=wss://broker.${NM_DOMAIN}/mqtt`
# For EMQX broker (uncomment the two lines below)
Expand Down Expand Up @@ -52,8 +52,8 @@ services:
- caddy_data:/data
- caddy_conf:/config
ports:
- "80:80"
- "443:443"
- "$SERVER_HOST:80:80"
- "$SERVER_HOST:443:443"

coredns:
#network_mode: host
Expand Down
5 changes: 4 additions & 1 deletion config/config.go
Original file line number Diff line number Diff line change
Expand Up @@ -89,7 +89,7 @@ type ServerConfig struct {
EgressesLimit int `yaml:"egresses_limit"`
DeployedByOperator bool `yaml:"deployed_by_operator"`
Environment string `yaml:"environment"`
JwtValidityDuration time.Duration `yaml:"jwt_validity_duration"`
JwtValidityDuration time.Duration `yaml:"jwt_validity_duration" swaggertype:"primitive,integer" format:"int64"`
RacAutoDisable bool `yaml:"rac_auto_disable"`
CacheEnabled string `yaml:"caching_enabled"`
EndpointDetection bool `json:"endpoint_detection"`
Expand All @@ -101,7 +101,10 @@ type ServerConfig struct {
SmtpPort int `json:"smtp_port"`
MetricInterval string `yaml:"metric_interval"`
ManageDNS bool `yaml:"manage_dns"`
Stun bool `yaml:"stun"`
StunServers string `yaml:"stun_servers"`
DefaultDomain string `yaml:"default_domain"`
PublicIp string `yaml:"public_ip"`
}

// SQLConfig - Generic SQL Config
Expand Down
92 changes: 83 additions & 9 deletions controllers/acls.go
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,81 @@ func aclPolicyTypes(w http.ResponseWriter, r *http.Request) {
// models.NetmakerIPAclID,
// models.NetmakerSubNetRangeAClID,
},
ProtocolTypes: []models.ProtocolType{
{
Name: models.Any,
AllowedProtocols: []models.Protocol{
models.ALL,
},
PortRange: "All ports",
AllowPortSetting: false,
},
{
Name: models.Http,
AllowedProtocols: []models.Protocol{
models.TCP,
},
PortRange: "80",
},
{
Name: models.Https,
AllowedProtocols: []models.Protocol{
models.TCP,
},
PortRange: "443",
},
// {
// Name: "MySQL",
// AllowedProtocols: []models.Protocol{
// models.TCP,
// },
// PortRange: "3306",
// },
// {
// Name: "DNS TCP",
// AllowedProtocols: []models.Protocol{
// models.TCP,
// },
// PortRange: "53",
// },
// {
// Name: "DNS UDP",
// AllowedProtocols: []models.Protocol{
// models.UDP,
// },
// PortRange: "53",
// },
{
Name: models.AllTCP,
AllowedProtocols: []models.Protocol{
models.TCP,
},
PortRange: "All ports",
},
{
Name: models.AllUDP,
AllowedProtocols: []models.Protocol{
models.UDP,
},
PortRange: "All ports",
},
{
Name: models.ICMPService,
AllowedProtocols: []models.Protocol{
models.ICMP,
},
PortRange: "",
},
{
Name: models.Custom,
AllowedProtocols: []models.Protocol{
models.UDP,
models.TCP,
},
PortRange: "All ports",
AllowPortSetting: true,
},
},
}
logic.ReturnSuccessResponseWithJson(w, r, resp, "fetched acls types")
}
Expand All @@ -69,7 +144,7 @@ func aclDebug(w http.ResponseWriter, r *http.Request) {
logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
return
}
allowed := logic.IsNodeAllowedToCommunicate(node, peer)
allowed, _ := logic.IsNodeAllowedToCommunicate(node, peer, true)
logic.ReturnSuccessResponseWithJson(w, r, allowed, "fetched all acls in the network ")
}

Expand All @@ -91,7 +166,7 @@ func getAcls(w http.ResponseWriter, r *http.Request) {
logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
return
}
acls, err := logic.ListAcls(models.NetworkID(netID))
acls, err := logic.ListAclsByNetwork(models.NetworkID(netID))
if err != nil {
logger.Log(0, r.Header.Get("user"), "failed to get all network acl entries: ", err.Error())
logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
Expand Down Expand Up @@ -132,10 +207,9 @@ func createAcl(w http.ResponseWriter, r *http.Request) {
acl.CreatedBy = user.UserName
acl.CreatedAt = time.Now().UTC()
acl.Default = false
if acl.RuleType == models.DevicePolicy {
acl.AllowedDirection = models.TrafficDirectionBi
} else {
acl.AllowedDirection = models.TrafficDirectionUni
if acl.ServiceType == models.Any {
acl.Port = []string{}
acl.Proto = models.ALL
}
// validate create acl policy
if !logic.IsAclPolicyValid(acl) {
Expand All @@ -152,7 +226,7 @@ func createAcl(w http.ResponseWriter, r *http.Request) {
logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
return
}
go mq.PublishPeerUpdate(false)
go mq.PublishPeerUpdate(true)
logic.ReturnSuccessResponseWithJson(w, r, acl, "created acl successfully")
}

Expand Down Expand Up @@ -194,7 +268,7 @@ func updateAcl(w http.ResponseWriter, r *http.Request) {
logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
return
}
go mq.PublishPeerUpdate(false)
go mq.PublishPeerUpdate(true)
logic.ReturnSuccessResponse(w, r, "updated acl "+acl.Name)
}

Expand Down Expand Up @@ -225,6 +299,6 @@ func deleteAcl(w http.ResponseWriter, r *http.Request) {
logic.FormatError(errors.New("cannot delete default policy"), "internal"))
return
}
go mq.PublishPeerUpdate(false)
go mq.PublishPeerUpdate(true)
logic.ReturnSuccessResponse(w, r, "deleted acl "+acl.Name)
}
6 changes: 5 additions & 1 deletion controllers/dns.go
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ import (
"errors"
"fmt"
"net/http"
"strings"

"github.com/gorilla/mux"
"github.com/gravitl/netmaker/database"
Expand Down Expand Up @@ -162,7 +163,10 @@ func createDNS(w http.ResponseWriter, r *http.Request) {
logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
return
}

// check if default domain is appended if not append
if !strings.HasSuffix(entry.Name, servercfg.GetDefaultDomain()) {
entry.Name += "." + servercfg.GetDefaultDomain()
}
entry, err = logic.CreateDNS(entry)
if err != nil {
logger.Log(0, r.Header.Get("user"),
Expand Down
6 changes: 3 additions & 3 deletions controllers/dns_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -391,7 +391,7 @@ func TestValidateDNSCreate(t *testing.T) {
entry := models.DNSEntry{Address: "10.0.0.2", Network: "skynet"}
err := logic.ValidateDNSCreate(entry)
assert.NotNil(t, err)
assert.Contains(t, err.Error(), "Field validation for 'Name' failed on the 'required' tag")
assert.Contains(t, err.Error(), "invalid input")
})
t.Run("NameTooLong", func(t *testing.T) {
name := ""
Expand All @@ -414,13 +414,13 @@ func TestValidateDNSCreate(t *testing.T) {
entry := models.DNSEntry{Address: "10.10.10.5", Name: "white space", Network: "skynet"}
err := logic.ValidateDNSCreate(entry)
assert.NotNil(t, err)
assert.Contains(t, err.Error(), "Field validation for 'Name' failed on the 'whitespace' tag")
assert.Contains(t, err.Error(), "invalid input")
})
t.Run("AllSpaces", func(t *testing.T) {
entry := models.DNSEntry{Address: "10.10.10.5", Name: " ", Network: "skynet"}
err := logic.ValidateDNSCreate(entry)
assert.NotNil(t, err)
assert.Contains(t, err.Error(), "Field validation for 'Name' failed on the 'whitespace' tag")
assert.Contains(t, err.Error(), "invalid input")
})

}
Expand Down
7 changes: 7 additions & 0 deletions controllers/ext_client.go
Original file line number Diff line number Diff line change
Expand Up @@ -490,6 +490,13 @@ func createExtClient(w http.ResponseWriter, r *http.Request) {
if err == nil { // check if parent network default ACL is enabled (yes) or not (no)
extclient.Enabled = parentNetwork.DefaultACL == "yes"
}
extclient.Os = customExtClient.Os
extclient.DeviceName = customExtClient.DeviceName
if customExtClient.IsAlreadyConnectedToInetGw {
slog.Warn("RAC/Client is already connected to internet gateway. this may mask their real IP address", "client IP", customExtClient.PublicEndpoint)
}
extclient.PublicEndpoint = customExtClient.PublicEndpoint
extclient.Country = customExtClient.Country

if err = logic.CreateExtClient(&extclient); err != nil {
slog.Error(
Expand Down
9 changes: 8 additions & 1 deletion controllers/node.go
Original file line number Diff line number Diff line change
Expand Up @@ -326,8 +326,9 @@ func getNetworkNodes(w http.ResponseWriter, r *http.Request) {
if len(filteredNodes) > 0 {
nodes = filteredNodes
}
nodes = logic.AddStaticNodestoList(nodes)

nodes = logic.AddStaticNodestoList(nodes)
nodes = logic.AddStatusToNodes(nodes)
// returns all the nodes in JSON/API format
apiNodes := logic.GetAllNodesAPI(nodes[:])
logger.Log(2, r.Header.Get("user"), "fetched nodes on network", networkName)
Expand Down Expand Up @@ -367,6 +368,7 @@ func getAllNodes(w http.ResponseWriter, r *http.Request) {

}
nodes = logic.AddStaticNodestoList(nodes)
nodes = logic.AddStatusToNodes(nodes)
// return all the nodes in JSON/API format
apiNodes := logic.GetAllNodesAPI(nodes[:])
logger.Log(3, r.Header.Get("user"), "fetched all nodes they have access to")
Expand Down Expand Up @@ -679,6 +681,11 @@ func updateNode(w http.ResponseWriter, r *http.Request) {
logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
return
}
err = logic.ValidateNodeIp(&currentNode, &newData)
if err != nil {
logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
return
}
if !servercfg.IsPro {
newData.AdditionalRagIps = []string{}
}
Expand Down
6 changes: 6 additions & 0 deletions controllers/server.go
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,8 @@ func serverHandlers(r *mux.Router) {
Methods(http.MethodGet)
r.HandleFunc("/api/server/cpu_profile", logic.SecurityCheck(false, http.HandlerFunc(cpuProfile))).
Methods(http.MethodPost)
r.HandleFunc("/api/server/mem_profile", logic.SecurityCheck(false, http.HandlerFunc(memProfile))).
Methods(http.MethodPost)
}

func cpuProfile(w http.ResponseWriter, r *http.Request) {
Expand All @@ -62,6 +64,10 @@ func cpuProfile(w http.ResponseWriter, r *http.Request) {
}
}
}
func memProfile(w http.ResponseWriter, r *http.Request) {
os.Remove("/root/data/mem.prof")
logic.StartMemProfiling()
}

func getUsage(w http.ResponseWriter, _ *http.Request) {
type usage struct {
Expand Down
2 changes: 1 addition & 1 deletion controllers/user.go
Original file line number Diff line number Diff line change
Expand Up @@ -722,7 +722,7 @@ func socketHandler(w http.ResponseWriter, r *http.Request) {
// @Summary lists all user roles.
// @Router /api/v1/user/roles [get]
// @Tags Users
// @Param role_id param string true "roleid required to get the role details"
// @Param role_id query string true "roleid required to get the role details"
// @Success 200 {object} []models.UserRolePermissionTemplate
// @Failure 500 {object} models.ErrorResponse
func listRoles(w http.ResponseWriter, r *http.Request) {
Expand Down
Loading

0 comments on commit ac3afaa

Please sign in to comment.