33ccedc66f
Create IPAM files with 0600 permissions
...
Conform to CIS Benchmarks "1.1.9 Ensure that the Container Network Interface file permissions are set to 600 or more restrictive"
https://www.tenable.com/audits/items/CIS_Kubernetes_v1.20_v1.0.1_Level_1_Master.audit:f1717a5dd65d498074dd41c4a639e47d
Signed-off-by: Riccardo Ravaioli <rravaiol@redhat.com >
2023-10-02 11:59:31 +02:00
deec68747e
Merge pull request #853 from mmorel-35/ginkgolinter
...
enable ginkgolinter linter
2023-04-04 15:24:20 +02:00
6c0d73ecc0
Fix wastedassign linter errors
...
Signed-off-by: Marcelo Guerrero Viveros <marguerr@redhat.com >
2023-03-27 18:42:49 +02:00
d71d0f2da1
Fix revive linter errors
...
Golangci-lint is now running version 1.52.1. This introduced some errors.
Signed-off-by: Marcelo Guerrero Viveros <marguerr@redhat.com >
2023-03-24 21:04:39 +01:00
09f36a295d
enable ginkgolinter linter
...
Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com >
2023-03-13 22:27:21 +00:00
a02bf4b463
enable revive linter
...
Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com >
2023-03-13 17:59:41 +01:00
79f524689c
enable gocritic linter
...
Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com >
2023-03-13 17:59:33 +01:00
177e0bf2d9
enable staticcheck linter
...
Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com >
2023-03-02 11:06:22 +01:00
d12b81dec5
ci(lint): setup golangci-lint
...
Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com >
2023-03-01 06:55:40 +00:00
2d1005ec02
Update tests to utilize ginkgo/v2
...
This commit updates the import of ginkgo to v2 in
all of the tests.
Signed-off-by: liornoy <lnoy@redhat.com >
Co-authored-by: Sascha Grunert <sgrunert@redhat.com >
2023-02-13 21:15:18 +02:00
1a6f478913
Remove references to io/ioutil package
...
Signed-off-by: Austin Vazquez <macedonv@amazon.com >
2022-12-01 22:27:05 +00:00
87c3643d3c
host-local: remove unused Release(ip) from type Store interface
...
Signed-off-by: Jingyuan Liang <jingyuanliang@google.com >
2022-09-06 21:39:54 +00:00
af26bab500
host-local: support ip/prefix in env args and CNI args
...
Signed-off-by: Bruce Ma <brucema19901024@gmail.com >
2021-05-17 21:12:45 +08:00
028fc2f219
host-local: support custom IPs allocation through runtime configuration
...
Signed-off-by: Bruce Ma <brucema19901024@gmail.com >
2021-04-13 17:53:43 +08:00
b811967444
remove redundant startRange in RangeIter due to overlap check on multi ranges
...
Signed-off-by: Bruce Ma <brucema19901024@gmail.com >
2021-03-04 11:50:54 +08:00
7d8c767622
plugins: update to spec version 1.0.0
...
Signed-off-by: Dan Williams <dcbw@redhat.com >
2021-02-11 23:27:08 -06:00
e2984e7840
host-local: return error if duplicate allocation is requested for a given ID
...
Signed-off-by: Bruce Ma <brucema19901024@gmail.com >
2019-07-06 10:05:18 +08:00
eb1ff18c4c
host-local: add some testcases for allocation idempotency
...
Signed-off-by: Bruce Ma <brucema19901024@gmail.com >
2019-07-06 09:39:56 +08:00
e8771b36a2
host-local: make allocation idempotent to multiple requests with same id
...
Signed-off-by: Bruce Ma <brucema19901024@gmail.com >
2019-07-06 09:39:56 +08:00
7f8ea631e5
host-local: make Store interface support to get ip list by id
...
Signed-off-by: Bruce Ma <brucema19901024@gmail.com >
2019-07-06 09:39:56 +08:00
72f2a1ffd4
plugins: correctly output build version, cosmetic cleanups
...
Now that libcni has the ability to print a version message, plumb it
through correctly.
While we're at it,
- fix import paths
- run gofmt
- add some more comments to sample
- add container runtime swappability for release
2019-04-15 16:52:07 +02:00
74a2596573
Add check support for: bridge, ipvlan, macvlan, p2p, vlan and host-device main plugins
...
host-local and static ipam plugins
tuning, bandwidth and portmap meta plugins
Utility functions created for common PrevResult checking
Fix windows build
2019-04-03 13:08:07 -04:00
4bca3e76bf
Fix redundant import alias
...
Because these package names are short and they are unique, it can not conflict. So the import aliases that can be omitted and we should remove them.
2019-02-20 16:58:45 +07:00
59a746bd52
remove gateway check
...
Signed-off-by: bingshen.wbs <bingshen.wbs@alibaba-inc.com >
2018-11-29 12:59:38 +08:00
37715a0f87
Moved directory walk, compare file code to it's own function
2018-10-09 13:13:36 -04:00
a17cadda88
Handle the case of a Delete for a reservation stored with just ContainerID without the interface
2018-10-09 13:13:36 -04:00
1e8f9525a6
Obtain ifname from CmdArgs and pass to backend Add ifname to second line of file tracking the IP address used by ContainerID
...
Update host-local tests to use ifname along with ContainerID
in store file
Signed-off-by: Michael Cambria <mcambria@redhat.com >
2018-10-09 13:13:36 -04:00
b2fc336833
plugins/host-local: ensure subnet is a network address
...
Allocation code assumes the specified subnet is a clean network address
prefix, so check that is the case and throw an error otherwise
Fixes #161
2018-06-18 10:13:34 +01:00
aade7b93ee
build: some small improvements; bump to go1.10
...
- bump to go 1.10
- Add a linker tag with the build version
- Remove fastbuild, go builds are cached now
- Use better ginkgo suite names
2018-04-12 16:59:51 +02:00
b03d23a4fa
ipam/host-local: Accept ip ranges as a runtime argument
...
This allows for the runtime to dynamically request IP ranges.
Fixes: #95
2017-12-11 13:51:01 +01:00
47668f6d64
host-local: Update host-local IPAM to support Windows
2017-11-11 15:17:45 -08:00
99f6be0319
Enable Windows CI (Appveyor)
...
- start list of linux_only plugins; ignore them when testing on Windows
- Isolate linux-only code by filename suffix
- Remove stub (NotImplemented) functions
- other misc. fixes for Windows compatibility
2017-11-10 08:09:29 -08:00
2f957864ea
host-local disk backend store uses FileLock by reference
...
- this change fixes go vet warnings for the package
2017-08-30 06:52:29 -07:00
27d027a6d3
ipam/host-local: support sets of disjoint ranges
...
In real-world address allocations, disjoint address ranges are common.
Therefore, the host-local allocator should support them.
This change still allows for multiple IPs in a single configuration, but
also allows for a "set of subnets."
Fixes: #45
2017-08-09 19:02:08 +02:00
2e9e87732f
ipam/host-local: support multiple IP ranges
...
This change allows the host-local allocator to allocate multiple IPs.
This is intended to enable dual-stack, but is not limited to only two
subnets or separate address families.
2017-06-12 21:14:44 +02:00
3c436520be
move most of cni/pkg to plugins/pkg: delete code staying in cni/pkg
...
This moves the following packages to this repository:
* ip
* ipam
* ns
* testutils
* utils
2017-05-23 16:12:49 +02:00
d2792f264e
plugins: add plugins from containernetworking/cni
...
Plugins prepared from the containernetworking/cni repo as follows:
1) git reset --hard 1a9288c3c0
2017-05-14 23:12:45 -05:00
21d96393ea
Merge pull request #391 from tangle329/master
...
Validate rangeStart and rangeEnd specified in conf
2017-04-24 22:00:07 -05:00
1b65890795
Validate rangeStart and rangeEnd specified in conf
...
Signed-off-by: Tang Le <tangle3@wanda.cn >
2017-03-10 12:51:05 +08:00
4ce9b019aa
Merge pull request #366 from ehazlett/ipam-host-local-initial-reserved-ip
...
Do not error if last reserved not found after initial creation
2017-03-06 07:13:06 -08:00
474ba16901
do not error if last_reserved_ip is missing for host local ipam
...
Signed-off-by: Evan Hazlett <ejhazlett@gmail.com >
2017-03-02 13:59:21 -05:00
1003822e53
Check n.IPAM before use it in LoadIPAMConfig function
...
Signed-off-by: Tang Le <tangle3@wanda.cn >
2017-03-02 10:25:19 +08:00
d5acb127b8
spec/plugins: return interface details and multiple IP addresses to runtime
...
Updates the spec and plugins to return an array of interfaces and IP details
to the runtime including:
- interface names and MAC addresses configured by the plugin
- whether the interfaces are sandboxed (container/VM) or host (bridge, veth, etc)
- multiple IP addresses configured by IPAM and which interface they
have been assigned to
Returning interface details is useful for runtimes, as well as allowing
more flexible chaining of CNI plugins themselves. For example, some
meta plugins may need to know the host-side interface to be able to
apply firewall or traffic shaping rules to the container.
2017-01-25 11:31:18 -06:00
befb95977c
types: make Result an interface and move existing Result to separate package
2017-01-25 11:31:18 -06:00
5cde14cd7b
ipam/host-local: add ResolvConf argument for DNS configuration
...
This adds the option `resolvConf` to the host-local IPAM configuration.
If specified, the plugin will try to parse the file as a resolv.conf(5)
type file and return it in the DNS response.
2017-01-11 18:48:35 +01:00
f60111b093
ipam/host-local: Move allocator and config to backend
...
Signed-off-by: André Martins <aanm90@gmail.com >
2016-12-21 04:43:21 +00:00
1c1cf2faf7
Merge branch 'master' into interface-checks
2016-12-15 18:20:34 -08:00
5852c60bc4
all: assert internal objects implement interfaces
2016-12-14 17:09:01 -06:00
76028d7f8c
host-local: trim whitespace from container IDs and disk file contents
...
It doesn't seem like container IDs should really have whitespace or
newlines in them. As a complete edge-case, manipulating the host-local
store's IP reservations with 'echo' puts a newline at the end, which
caused matching to fail in ReleaseByID(). Don't ask...
2016-12-09 18:16:38 -06:00
e085226f82
host-local: add DataDir IPAM conf option and use it for testcases
...
Add an e2e host-local plugin testcase, which requires being able
to pass the datadir into the plugin so we can erase it later.
We're not always guaranteed to have access to the default data
dir location, plus it should probably be configurable anyway.
2016-11-10 12:12:16 -06:00
