ITQC/containernetworking-plugins
24
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 34 Wiki Activity
1,708 Commits 6 Branches 48 Tags
Commit Graph

53 Commits

Author SHA1 Message Date
Riccardo Ravaioli
33ccedc66f Create IPAM files with 0600 permissions 
Conform to CIS Benchmarks "1.1.9 Ensure that the Container Network Interface file permissions are set to 600 or more restrictive"
https://www.tenable.com/audits/items/CIS_Kubernetes_v1.20_v1.0.1_Level_1_Master.audit:f1717a5dd65d498074dd41c4a639e47d

Signed-off-by: Riccardo Ravaioli <rravaiol@redhat.com>
 2023-10-02 11:59:31 +02:00
Casey Callendrello
deec68747e
Merge pull request #853 from mmorel-35/ginkgolinter 
enable ginkgolinter linter
 2023-04-04 15:24:20 +02:00
Marcelo Guerrero Viveros
6c0d73ecc0 Fix wastedassign linter errors 
Signed-off-by: Marcelo Guerrero Viveros <marguerr@redhat.com>
 2023-03-27 18:42:49 +02:00
Marcelo Guerrero Viveros
d71d0f2da1 Fix revive linter errors 
Golangci-lint is now running version 1.52.1. This introduced some errors.

Signed-off-by: Marcelo Guerrero Viveros <marguerr@redhat.com>
 2023-03-24 21:04:39 +01:00
Matthieu MOREL
09f36a295d enable ginkgolinter linter 
Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>
 2023-03-13 22:27:21 +00:00
Matthieu MOREL
a02bf4b463 enable revive linter 
Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>
 2023-03-13 17:59:41 +01:00
Matthieu MOREL
79f524689c enable gocritic linter 
Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>
 2023-03-13 17:59:33 +01:00
Matthieu MOREL
177e0bf2d9
enable staticcheck linter 
Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>
 2023-03-02 11:06:22 +01:00
Matthieu MOREL
d12b81dec5 ci(lint): setup golangci-lint 
Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>
 2023-03-01 06:55:40 +00:00
liornoy
2d1005ec02
Update tests to utilize ginkgo/v2 
This commit updates the import of ginkgo to v2 in
all of the tests.

Signed-off-by: liornoy <lnoy@redhat.com>
Co-authored-by: Sascha Grunert <sgrunert@redhat.com>
 2023-02-13 21:15:18 +02:00
Austin Vazquez
1a6f478913 Remove references to io/ioutil package 
Signed-off-by: Austin Vazquez <macedonv@amazon.com>
 2022-12-01 22:27:05 +00:00
Jingyuan Liang
87c3643d3c host-local: remove unused Release(ip) from type Store interface 
Signed-off-by: Jingyuan Liang <jingyuanliang@google.com>
 2022-09-06 21:39:54 +00:00
Bruce Ma
af26bab500 host-local: support ip/prefix in env args and CNI args 
Signed-off-by: Bruce Ma <brucema19901024@gmail.com>
 2021-05-17 21:12:45 +08:00
Bruce Ma
028fc2f219 host-local: support custom IPs allocation through runtime configuration 
Signed-off-by: Bruce Ma <brucema19901024@gmail.com>
 2021-04-13 17:53:43 +08:00
Bruce Ma
b811967444 remove redundant startRange in RangeIter due to overlap check on multi ranges 
Signed-off-by: Bruce Ma <brucema19901024@gmail.com>
 2021-03-04 11:50:54 +08:00
Dan Williams
7d8c767622 plugins: update to spec version 1.0.0 
Signed-off-by: Dan Williams <dcbw@redhat.com>
 2021-02-11 23:27:08 -06:00
Bruce Ma
e2984e7840 host-local: return error if duplicate allocation is requested for a given ID 
Signed-off-by: Bruce Ma <brucema19901024@gmail.com>
 2019-07-06 10:05:18 +08:00
Bruce Ma
eb1ff18c4c host-local: add some testcases for allocation idempotency 
Signed-off-by: Bruce Ma <brucema19901024@gmail.com>
 2019-07-06 09:39:56 +08:00
Bruce Ma
e8771b36a2 host-local: make allocation idempotent to multiple requests with same id 
Signed-off-by: Bruce Ma <brucema19901024@gmail.com>
 2019-07-06 09:39:56 +08:00
Bruce Ma
7f8ea631e5 host-local: make Store interface support to get ip list by id 
Signed-off-by: Bruce Ma <brucema19901024@gmail.com>
 2019-07-06 09:39:56 +08:00
Casey Callendrello
72f2a1ffd4 plugins: correctly output build version, cosmetic cleanups 
Now that libcni has the ability to print a version message, plumb it
through correctly.

While we're at it,
- fix import paths
- run gofmt
- add some more comments to sample
- add container runtime swappability for release
 2019-04-15 16:52:07 +02:00
Michael Cambria
74a2596573 Add check support for: bridge, ipvlan, macvlan, p2p, vlan and host-device main plugins 
host-local and static ipam plugins
  tuning, bandwidth and portmap meta plugins

  Utility functions created for common PrevResult checking

  Fix windows build
 2019-04-03 13:08:07 -04:00
Nguyen Quang Huy
4bca3e76bf Fix redundant import alias 
Because these package names are short and they are unique, it can not conflict. So the import aliases that can be omitted and we should remove them.
 2019-02-20 16:58:45 +07:00
bingshen.wbs
59a746bd52 remove gateway check 
Signed-off-by: bingshen.wbs <bingshen.wbs@alibaba-inc.com>
 2018-11-29 12:59:38 +08:00
Michael Cambria
37715a0f87 Moved directory walk, compare file code to it's own function 2018-10-09 13:13:36 -04:00
Michael Cambria
a17cadda88 Handle the case of a Delete for a reservation stored with just ContainerID without the interface 2018-10-09 13:13:36 -04:00
Michael Cambria
1e8f9525a6 Obtain ifname from CmdArgs and pass to backend Add ifname to second line of file tracking the IP address used by ContainerID 
Update host-local tests to use ifname along with ContainerID
in store file

Signed-off-by: Michael Cambria <mcambria@redhat.com>
 2018-10-09 13:13:36 -04:00
Neil Wilson
b2fc336833 plugins/host-local: ensure subnet is a network address 
Allocation code assumes the specified subnet is a clean network address
prefix, so check that is the case and throw an error otherwise

Fixes #161
 2018-06-18 10:13:34 +01:00
Casey Callendrello
aade7b93ee build: some small improvements; bump to go1.10 
- bump to go 1.10
- Add a linker tag with the build version
- Remove fastbuild, go builds are cached now
- Use better ginkgo suite names
 2018-04-12 16:59:51 +02:00
Casey Callendrello
b03d23a4fa ipam/host-local: Accept ip ranges as a runtime argument 
This allows for the runtime to dynamically request IP ranges.

Fixes: #95
 2017-12-11 13:51:01 +01:00
Rakesh Kelkar
47668f6d64 host-local: Update host-local IPAM to support Windows 2017-11-11 15:17:45 -08:00
Gabriel Rosenhouse
99f6be0319 Enable Windows CI (Appveyor) 
- start list of linux_only plugins; ignore them when testing on Windows
- Isolate linux-only code by filename suffix
- Remove stub (NotImplemented) functions
- other misc. fixes for Windows compatibility
 2017-11-10 08:09:29 -08:00
Gabe Rosenhouse
2f957864ea host-local disk backend store uses FileLock by reference 
- this change fixes go vet warnings for the package
 2017-08-30 06:52:29 -07:00
Casey Callendrello
27d027a6d3 ipam/host-local: support sets of disjoint ranges 
In real-world address allocations, disjoint address ranges are common.
Therefore, the host-local allocator should support them.

This change still allows for multiple IPs in a single configuration, but
also allows for a "set of subnets."

Fixes: #45
 2017-08-09 19:02:08 +02:00
Casey Callendrello
2e9e87732f ipam/host-local: support multiple IP ranges 
This change allows the host-local allocator to allocate multiple IPs.
This is intended to enable dual-stack, but is not limited to only two
subnets or separate address families.
 2017-06-12 21:14:44 +02:00
Casey Callendrello
3c436520be move most of cni/pkg to plugins/pkg: delete code staying in cni/pkg 
This moves the following packages to this repository:
* ip
* ipam
* ns
* testutils
* utils
 2017-05-23 16:12:49 +02:00
Dan Williams
d2792f264e plugins: add plugins from containernetworking/cni 
Plugins prepared from the containernetworking/cni repo as follows:

1) git reset --hard 1a9288c3c09cea4e580fdb1a636f1c5e185a391f
2) git remove everything not in plugins/
3) git remove plugins/test
4) git merge into containernetworking/plugins repo
5) adjust import paths for containernetworking/cni -> containernetworking/plugins
 2017-05-14 23:12:45 -05:00
Dan Williams
21d96393ea Merge pull request #391 from tangle329/master 
Validate rangeStart and rangeEnd specified in conf
 2017-04-24 22:00:07 -05:00
Tang Le
1b65890795 Validate rangeStart and rangeEnd specified in conf 
Signed-off-by: Tang Le <tangle3@wanda.cn>
 2017-03-10 12:51:05 +08:00
Gabe Rosenhouse
4ce9b019aa Merge pull request #366 from ehazlett/ipam-host-local-initial-reserved-ip 
Do not error if last reserved not found after initial creation
 2017-03-06 07:13:06 -08:00
Evan Hazlett
474ba16901 do not error if last_reserved_ip is missing for host local ipam 
Signed-off-by: Evan Hazlett <ejhazlett@gmail.com>
 2017-03-02 13:59:21 -05:00
Tang Le
1003822e53 Check n.IPAM before use it in LoadIPAMConfig function 
Signed-off-by: Tang Le <tangle3@wanda.cn>
 2017-03-02 10:25:19 +08:00
Dan Williams
d5acb127b8 spec/plugins: return interface details and multiple IP addresses to runtime 
Updates the spec and plugins to return an array of interfaces and IP details
to the runtime including:

- interface names and MAC addresses configured by the plugin
- whether the interfaces are sandboxed (container/VM) or host (bridge, veth, etc)
- multiple IP addresses configured by IPAM and which interface they
have been assigned to

Returning interface details is useful for runtimes, as well as allowing
more flexible chaining of CNI plugins themselves.  For example, some
meta plugins may need to know the host-side interface to be able to
apply firewall or traffic shaping rules to the container.
 2017-01-25 11:31:18 -06:00
Dan Williams
befb95977c types: make Result an interface and move existing Result to separate package 2017-01-25 11:31:18 -06:00
Casey Callendrello
5cde14cd7b ipam/host-local: add ResolvConf argument for DNS configuration 
This adds the option `resolvConf` to the host-local IPAM configuration.
If specified, the plugin will try to parse the file as a resolv.conf(5)
type file and return it in the DNS response.
 2017-01-11 18:48:35 +01:00
André Martins
f60111b093 ipam/host-local: Move allocator and config to backend 
Signed-off-by: André Martins <aanm90@gmail.com>
 2016-12-21 04:43:21 +00:00
Gabe Rosenhouse
1c1cf2faf7 Merge branch 'master' into interface-checks 2016-12-15 18:20:34 -08:00
Dan Williams
5852c60bc4 all: assert internal objects implement interfaces 2016-12-14 17:09:01 -06:00
Dan Williams
76028d7f8c host-local: trim whitespace from container IDs and disk file contents 
It doesn't seem like container IDs should really have whitespace or
newlines in them.  As a complete edge-case, manipulating the host-local
store's IP reservations with 'echo' puts a newline at the end, which
caused matching to fail in ReleaseByID().  Don't ask...
 2016-12-09 18:16:38 -06:00
Dan Williams
e085226f82 host-local: add DataDir IPAM conf option and use it for testcases 
Add an e2e host-local plugin testcase, which requires being able
to pass the datadir into the plugin so we can erase it later.
We're not always guaranteed to have access to the default data
dir location, plus it should probably be configurable anyway.
 2016-11-10 12:12:16 -06:00