diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index cacd9fb..57af122 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1 +1 @@ -@networkop \ No newline at end of file +@gcleroux diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ab220c2..7d08f12 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -2,9 +2,9 @@ name: CI on: push: - branches: [ master ] + branches: [master] pull_request: - branches: [ master ] + branches: [master] jobs: # Linting is in a separate job because golangci-lint is quite slow when @@ -14,7 +14,7 @@ jobs: steps: - uses: actions/setup-go@v4 with: - go-version: 1.21.x + go-version: 1.22.x - name: Checkout code uses: actions/checkout@v3 - name: golangci-lint @@ -28,6 +28,6 @@ jobs: steps: - uses: actions/setup-go@v2 with: - go-version: 1.21.x + go-version: 1.22.x - uses: actions/checkout@v2 - run: make test diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index ab39971..f30bc1a 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -2,30 +2,33 @@ name: docker on: push: - branches: [ master ] - + branches: [master] + jobs: docker: runs-on: ubuntu-latest + + permissions: + contents: read + packages: write + steps: - - - name: Checkout code + - name: Checkout code uses: actions/checkout@v2 - name: Setup Go uses: actions/setup-go@v2 with: - go-version: 1.21.x - - - name: Set up Docker Buildx + go-version: 1.22.x + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v1 - - - name: Login to Container Registry - uses: docker/login-action@v1 + + - name: Log in to the Container registry + uses: docker/login-action@v3 with: - registry: quay.io - username: ${{ secrets.DOCKER_LOGIN }} - password: ${{ secrets.DOCKER_PASSWORD }} - - - name: Build and Push container images + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and Push container images run: | make docker diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 5509487..8585bd8 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -3,24 +3,21 @@ name: release on: push: tags: - - '*' + - "*" jobs: go-release: runs-on: ubuntu-latest steps: - - - name: Checkout + - name: Checkout uses: actions/checkout@v2 with: fetch-depth: 0 - - - name: Set up Go + - name: Set up Go uses: actions/setup-go@v2 with: go-version: 1.21 - - - name: Run GoReleaser + - name: Run GoReleaser uses: goreleaser/goreleaser-action@v2 with: version: latest @@ -29,27 +26,62 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} docker-release: runs-on: ubuntu-latest + + permissions: + contents: read + packages: write + steps: - - - name: Checkout + - name: Checkout uses: actions/checkout@v2 with: fetch-depth: 0 + - name: Setup Go uses: actions/setup-go@v2 with: - go-version: 1.21.x - - - name: Set up Docker Buildx + go-version: 1.22.x + + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v1 - - - name: Login to Container Registry - uses: docker/login-action@v1 + + - name: Log in to the Container registry + uses: docker/login-action@v3 with: - registry: quay.io - username: ${{ secrets.DOCKER_LOGIN }} - password: ${{ secrets.DOCKER_PASSWORD }} - - - name: Build and Push container images + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and Push container images run: | - make release \ No newline at end of file + make release + + helm-oci-release: + runs-on: ubuntu-latest + permissions: + contents: write + id-token: write + packages: write + outputs: + chart-digest: ${{ steps.helm_publish.outputs.digest }} + steps: + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - name: "Extract Version" + id: extract_version + run: | + GIT_TAG=${GITHUB_REF##*/} + VERSION=${GIT_TAG##*v} + echo "version=$(echo $VERSION)" >> $GITHUB_OUTPUT + - name: Helm | Publish + id: helm_publish + uses: peak-scale/github-actions/helm-oci-chart@38322faabccd75abfa581c435e367d446b6d2c3b # v0.1.0 + with: + registry: ghcr.io + repository: ${{ github.repository_owner }}/charts + name: "k8s-gateway" + version: ${{ steps.extract_version.outputs.version }} + app-version: ${{ steps.extract_version.outputs.version }} + registry-username: ${{ github.actor }} + registry-password: ${{ secrets.GITHUB_TOKEN }} + update-dependencies: "true" # Defaults to false + diff --git a/Dockerfile b/Dockerfile index 37af6b3..eddc21e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM --platform=${BUILDPLATFORM} docker.io/library/golang:1.21.5 as builder +FROM --platform=${BUILDPLATFORM} docker.io/library/golang:1.22.7 AS builder ARG LDFLAGS diff --git a/Makefile b/Makefile index 0f71014..c264155 100644 --- a/Makefile +++ b/Makefile @@ -6,7 +6,7 @@ LDFLAGS := "-s -w -X github.com/coredns/coredns/coremain.GitCommit=$(COMMIT)" ARCHS := "linux/amd64,linux/arm64,linux/mips64" # Where to push the docker image. -REGISTRY ?= quay.io/oriedge +REGISTRY ?= ghcr.io/pinax-network # Image URL to use all building/pushing image targets diff --git a/apex_dual_test.go b/apex_dual_test.go index 20388fc..fcf6fe0 100644 --- a/apex_dual_test.go +++ b/apex_dual_test.go @@ -14,19 +14,54 @@ import ( func setupEmptyLookupFuncs() { if resource := lookupResource("HTTPRoute"); resource != nil { - resource.lookup = func(_ []string) []netip.Addr { return []netip.Addr{} } + resource.lookup = func(_ []string) []interface{} { + addrs := []netip.Addr{} + result := make([]interface{}, len(addrs)) + for i, addr := range addrs { + result[i] = addr + } + return result + } } if resource := lookupResource("TLSRoute"); resource != nil { - resource.lookup = func(_ []string) []netip.Addr { return []netip.Addr{} } + resource.lookup = func(_ []string) []interface{} { + addrs := []netip.Addr{} + result := make([]interface{}, len(addrs)) + for i, addr := range addrs { + result[i] = addr + } + return result + } } if resource := lookupResource("GRPCRoute"); resource != nil { - resource.lookup = func(_ []string) []netip.Addr { return []netip.Addr{} } + resource.lookup = func(_ []string) []interface{} { + addrs := []netip.Addr{} + result := make([]interface{}, len(addrs)) + for i, addr := range addrs { + result[i] = addr + } + return result + } } if resource := lookupResource("Ingress"); resource != nil { - resource.lookup = func(_ []string) []netip.Addr { return []netip.Addr{} } + resource.lookup = func(_ []string) []interface{} { + addrs := []netip.Addr{} + result := make([]interface{}, len(addrs)) + for i, addr := range addrs { + result[i] = addr + } + return result + } } if resource := lookupResource("Service"); resource != nil { - resource.lookup = func(_ []string) []netip.Addr { return []netip.Addr{} } + resource.lookup = func(_ []string) []interface{} { + addrs := []netip.Addr{} + result := make([]interface{}, len(addrs)) + for i, addr := range addrs { + result[i] = addr + } + return result + } } } @@ -69,7 +104,9 @@ var testsDualNS = []test.Case{ Qname: "example.com.", Qtype: dns.TypeSOA, Rcode: dns.RcodeSuccess, Answer: []dns.RR{ - test.SOA("example.com. 60 IN SOA dns1.kube-system.example.com. hostmaster.example.com. 1499347823 7200 1800 86400 5"), + test.SOA( + "example.com. 60 IN SOA dns1.kube-system.example.com. hostmaster.example.com. 1499347823 7200 1800 86400 5", + ), }, }, { @@ -88,42 +125,54 @@ var testsDualNS = []test.Case{ Qname: "example.com.", Qtype: dns.TypeSRV, Rcode: dns.RcodeSuccess, Ns: []dns.RR{ - test.SOA("example.com. 60 IN SOA dns1.kube-system.example.com. hostmaster.example.com. 1499347823 7200 1800 86400 5"), + test.SOA( + "example.com. 60 IN SOA dns1.kube-system.example.com. hostmaster.example.com. 1499347823 7200 1800 86400 5", + ), }, }, { Qname: "example.com.", Qtype: dns.TypeA, Rcode: dns.RcodeSuccess, Ns: []dns.RR{ - test.SOA("example.com. 60 IN SOA dns1.kube-system.example.com. hostmaster.example.com. 1499347823 7200 1800 86400 5"), + test.SOA( + "example.com. 60 IN SOA dns1.kube-system.example.com. hostmaster.example.com. 1499347823 7200 1800 86400 5", + ), }, }, { Qname: "dns1.kube-system.example.com.", Qtype: dns.TypeSRV, Rcode: dns.RcodeSuccess, Ns: []dns.RR{ - test.SOA("example.com. 60 IN SOA dns1.kube-system.example.com. hostmaster.example.com. 1499347823 7200 1800 86400 5"), + test.SOA( + "example.com. 60 IN SOA dns1.kube-system.example.com. hostmaster.example.com. 1499347823 7200 1800 86400 5", + ), }, }, { Qname: "dns1.kube-system.example.com.", Qtype: dns.TypeNS, Rcode: dns.RcodeSuccess, Ns: []dns.RR{ - test.SOA("example.com. 60 IN SOA dns1.kube-system.example.com. hostmaster.example.com. 1499347823 7200 1800 86400 5"), + test.SOA( + "example.com. 60 IN SOA dns1.kube-system.example.com. hostmaster.example.com. 1499347823 7200 1800 86400 5", + ), }, }, { Qname: "dns1.kube-system.example.com.", Qtype: dns.TypeSOA, Rcode: dns.RcodeSuccess, Ns: []dns.RR{ - test.SOA("example.com. 60 IN SOA dns1.kube-system.example.com. hostmaster.example.com. 1499347823 7200 1800 86400 5"), + test.SOA( + "example.com. 60 IN SOA dns1.kube-system.example.com. hostmaster.example.com. 1499347823 7200 1800 86400 5", + ), }, }, { Qname: "dns1.kube-system.example.com.", Qtype: dns.TypeAAAA, Rcode: dns.RcodeSuccess, Ns: []dns.RR{ - test.SOA("example.com. 60 IN SOA dns1.kube-system.example.com. hostmaster.example.com. 1499347823 7200 1800 86400 5"), + test.SOA( + "example.com. 60 IN SOA dns1.kube-system.example.com. hostmaster.example.com. 1499347823 7200 1800 86400 5", + ), }, }, { @@ -137,7 +186,9 @@ var testsDualNS = []test.Case{ Qname: "foo.dns1.kube-system.example.com.", Qtype: dns.TypeA, Rcode: dns.RcodeNameError, Ns: []dns.RR{ - test.SOA("example.com. 60 IN SOA dns1.kube-system.example.com. hostmaster.example.com. 1499347823 7200 1800 86400 5"), + test.SOA( + "example.com. 60 IN SOA dns1.kube-system.example.com. hostmaster.example.com. 1499347823 7200 1800 86400 5", + ), }, }, } diff --git a/cmd/coredns.go b/cmd/coredns.go index 0a89e15..b65b040 100644 --- a/cmd/coredns.go +++ b/cmd/coredns.go @@ -4,7 +4,7 @@ import ( "fmt" _ "github.com/coredns/coredns/core/plugin" - _ "github.com/ori-edge/k8s_gateway" + _ "github.com/pinax-network/k8s_gateway" "github.com/coredns/caddy" "github.com/coredns/coredns/core/dnsserver" @@ -16,7 +16,7 @@ var dropPlugins = map[string]bool{ "k8s_external": true, } -const pluginVersion = "0.4.0" +const pluginVersion = "0.5.0" func init() { var directives []string @@ -35,7 +35,6 @@ func init() { } dnsserver.Directives = directives - } func main() { diff --git a/gateway_test.go b/gateway_test.go index 797b0be..be2e9b6 100644 --- a/gateway_test.go +++ b/gateway_test.go @@ -43,7 +43,6 @@ func TestLookup(t *testing.T) { } func TestPlugin(t *testing.T) { - ctrl := &KubeController{hasSynced: true} gw := newGateway() @@ -79,7 +78,6 @@ func TestPlugin(t *testing.T) { } func TestPluginFallthrough(t *testing.T) { - ctrl := &KubeController{hasSynced: true} gw := newGateway() gw.Zones = []string{"example.com."} @@ -97,10 +95,16 @@ func TestPluginFallthrough(t *testing.T) { _, err := gw.ServeDNS(ctx, w, r) if errors.As(err, &Fallen{}) && !tc.FallthroughExpected { - t.Fatalf("Test %d query resulted unexpectedly in a fall through instead of a response", i) + t.Fatalf( + "Test %d query resulted unexpectedly in a fall through instead of a response", + i, + ) } if err == nil && tc.FallthroughExpected { - t.Fatalf("Test %d query resulted unexpectedly in a response instead of a fall through", i) + t.Fatalf( + "Test %d query resulted unexpectedly in a response instead of a fall through", + i, + ) } } } @@ -131,35 +135,45 @@ var tests = []test.Case{ { Qname: "svcX.ns1.example.com.", Qtype: dns.TypeA, Rcode: dns.RcodeNameError, Ns: []dns.RR{ - test.SOA("example.com. 60 IN SOA dns1.kube-system.example.com. hostmaster.example.com. 1499347823 7200 1800 86400 5"), + test.SOA( + "example.com. 60 IN SOA dns1.kube-system.example.com. hostmaster.example.com. 1499347823 7200 1800 86400 5", + ), }, }, // Non-existing Ingress | Test 4 { Qname: "d0main.example.com.", Qtype: dns.TypeA, Rcode: dns.RcodeNameError, Ns: []dns.RR{ - test.SOA("example.com. 60 IN SOA dns1.kube-system.example.com. hostmaster.example.com. 1499347823 7200 1800 86400 5"), + test.SOA( + "example.com. 60 IN SOA dns1.kube-system.example.com. hostmaster.example.com. 1499347823 7200 1800 86400 5", + ), }, }, // SOA for the existing domain | Test 5 { Qname: "domain.example.com.", Qtype: dns.TypeSOA, Rcode: dns.RcodeSuccess, Answer: []dns.RR{ - test.SOA("example.com. 60 IN SOA dns1.kube-system.example.com. hostmaster.example.com. 1499347823 7200 1800 86400 5"), + test.SOA( + "example.com. 60 IN SOA dns1.kube-system.example.com. hostmaster.example.com. 1499347823 7200 1800 86400 5", + ), }, }, // Service with no public addresses | Test 6 { Qname: "svc3.ns1.example.com.", Qtype: dns.TypeA, Rcode: dns.RcodeNameError, Ns: []dns.RR{ - test.SOA("example.com. 60 IN SOA dns1.kube-system.example.com. hostmaster.example.com. 1499347823 7200 1800 86400 5"), + test.SOA( + "example.com. 60 IN SOA dns1.kube-system.example.com. hostmaster.example.com. 1499347823 7200 1800 86400 5", + ), }, }, // Real service, wrong query type | Test 7 { Qname: "svc3.ns1.example.com.", Qtype: dns.TypeCNAME, Rcode: dns.RcodeSuccess, Ns: []dns.RR{ - test.SOA("example.com. 60 IN SOA dns1.kube-system.example.com. hostmaster.example.com. 1499347823 7200 1800 86400 5"), + test.SOA( + "example.com. 60 IN SOA dns1.kube-system.example.com. hostmaster.example.com. 1499347823 7200 1800 86400 5", + ), }, }, // Ingress FQDN == zone | Test 8 @@ -215,7 +229,9 @@ var tests = []test.Case{ { Qname: "svc2.ns1.example.com.", Qtype: dns.TypeAAAA, Rcode: dns.RcodeSuccess, Ns: []dns.RR{ - test.SOA("example.com. 60 IN SOA dns1.kube-system.example.com. hostmaster.example.com. 1499347823 7200 1800 86400 5"), + test.SOA( + "example.com. 60 IN SOA dns1.kube-system.example.com. hostmaster.example.com. 1499347823 7200 1800 86400 5", + ), }, }, // Existing Service IPv6 | Test 16 @@ -266,15 +282,24 @@ var testsFallthrough = []FallthroughCase{ } var testServiceIndexes = map[string][]netip.Addr{ - "svc1.ns1": {netip.MustParseAddr("192.0.1.1"), netip.MustParseAddr("fd12:3456:789a:1::")}, + "svc1.ns1": { + netip.MustParseAddr("192.0.1.1"), + netip.MustParseAddr("fd12:3456:789a:1::"), + }, "svc2.ns1": {netip.MustParseAddr("192.0.1.2")}, "svc3.ns1": {}, "dns1.kube-system": {netip.MustParseAddr("192.0.1.53")}, } -func testServiceLookup(keys []string) (results []netip.Addr) { +func testServiceLookup(keys []string) (results []interface{}) { + var addrs []netip.Addr for _, key := range keys { - results = append(results, testServiceIndexes[strings.ToLower(key)]...) + addrs = append(addrs, testServiceIndexes[strings.ToLower(key)]...) + } + + results = make([]interface{}, len(addrs)) + for i, addr := range addrs { + results[i] = addr } return results } @@ -287,9 +312,15 @@ var testIngressIndexes = map[string][]netip.Addr{ "shadow-vs.example.com": {netip.MustParseAddr("192.0.0.5")}, } -func testIngressLookup(keys []string) (results []netip.Addr) { +func testIngressLookup(keys []string) (results []interface{}) { + var addrs []netip.Addr for _, key := range keys { - results = append(results, testIngressIndexes[strings.ToLower(key)]...) + addrs = append(addrs, testIngressIndexes[strings.ToLower(key)]...) + } + + results = make([]interface{}, len(addrs)) + for i, addr := range addrs { + results[i] = addr } return results } @@ -300,9 +331,16 @@ var testVirtualServerIndexes = map[string][]netip.Addr{ "shadow-vs.example.com": {netip.MustParseAddr("192.0.3.5")}, } -func testVirtualServerLookup(keys []string) (results []netip.Addr) { +func testVirtualServerLookup(keys []string) (results []interface{}) { + var addrs []netip.Addr + for _, key := range keys { - results = append(results, testVirtualServerIndexes[strings.ToLower(key)]...) + addrs = append(addrs, testVirtualServerIndexes[strings.ToLower(key)]...) + } + + results = make([]interface{}, len(addrs)) + for i, addr := range addrs { + results[i] = addr } return results } @@ -312,9 +350,15 @@ var testRouteIndexes = map[string][]netip.Addr{ "shadow.example.com": {netip.MustParseAddr("192.0.2.4")}, } -func testRouteLookup(keys []string) (results []netip.Addr) { +func testRouteLookup(keys []string) (results []interface{}) { + var addrs []netip.Addr for _, key := range keys { - results = append(results, testRouteIndexes[strings.ToLower(key)]...) + addrs = append(addrs, testRouteIndexes[strings.ToLower(key)]...) + } + + results = make([]interface{}, len(addrs)) + for i, addr := range addrs { + results[i] = addr } return results } diff --git a/go.mod b/go.mod index a59a78b..2a6d093 100644 --- a/go.mod +++ b/go.mod @@ -1,9 +1,7 @@ -module github.com/ori-edge/k8s_gateway +module github.com/pinax-network/k8s_gateway go 1.22.0 -toolchain go1.22.5 - require ( github.com/cert-manager/cert-manager v1.15.3 github.com/coredns/caddy v1.1.1 diff --git a/kubernetes.go b/kubernetes.go index 47915f0..20dbcbc 100644 --- a/kubernetes.go +++ b/kubernetes.go @@ -8,6 +8,8 @@ import ( "regexp" "strings" + cm_v1 "github.com/cert-manager/cert-manager/pkg/apis/acme/v1" + k8s_cm "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned" "github.com/miekg/dns" nginx_v1 "github.com/nginxinc/kubernetes-ingress/pkg/apis/configuration/v1" k8s_nginx "github.com/nginxinc/kubernetes-ingress/pkg/client/clientset/versioned" @@ -25,9 +27,6 @@ import ( gatewayapi_v1 "sigs.k8s.io/gateway-api/apis/v1" gatewayapi_v1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" gatewayClient "sigs.k8s.io/gateway-api/pkg/client/clientset/versioned" - - cm_v1 "github.com/cert-manager/cert-manager/pkg/apis/acme/v1" - k8s_cm "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned" ) const ( diff --git a/kubernetes_test.go b/kubernetes_test.go index cc225b3..29c8a3f 100644 --- a/kubernetes_test.go +++ b/kubernetes_test.go @@ -140,7 +140,9 @@ func addIngresses(client kubernetes.Interface) { func addVirtualServers(client k8s_nginx.Interface) { ctx := context.TODO() for _, virtualServer := range testVirtualServers { - _, err := client.K8sV1().VirtualServers("ns1").Create(ctx, virtualServer, meta.CreateOptions{}) + _, err := client.K8sV1(). + VirtualServers("ns1"). + Create(ctx, virtualServer, meta.CreateOptions{}) if err != nil { log.Warningf("Failed to Create VirtualServer Objects :%s", err) } @@ -327,7 +329,7 @@ var testHTTPRoutes = map[string]*gatewayapi_v1.HTTPRoute{ Namespace: "ns1", }, Spec: gatewayapi_v1.HTTPRouteSpec{ - //ParentRefs: []gatewayapi_v1.ParentRef{}, + // ParentRefs: []gatewayapi_v1.ParentRef{}, Hostnames: []gatewayapi_v1.Hostname{"route-1.gw-1.example.com"}, }, }, @@ -340,7 +342,7 @@ var testTLSRoutes = map[string]*gatewayapi_v1alpha2.TLSRoute{ Namespace: "ns1", }, Spec: gatewayapi_v1alpha2.TLSRouteSpec{ - //ParentRefs: []gatewayapi_v1.ParentRef{}, + // ParentRefs: []gatewayapi_v1.ParentRef{}, Hostnames: []gatewayapi_v1alpha2.Hostname{ "route-1.gw-1.example.com", }, @@ -354,8 +356,8 @@ var testGRPCRoutes = map[string]*gatewayapi_v1alpha2.GRPCRoute{ Name: "route-1", Namespace: "ns1", }, - Spec: gatewayapi_v1alpha2.GRPCRouteSpec{ - //ParentRefs: []gatewayapi_v1.ParentRef{}, + Spec: gatewayapi_v1.GRPCRouteSpec{ + // ParentRefs: []gatewayapi_v1.ParentRef{}, Hostnames: []gatewayapi_v1alpha2.Hostname{"route-1.gw-1.example.com"}, }, },