Fix default garage ports not being used in 'storage add'
This commit is contained in:
parent
7076801091
commit
d5323964c6
@ -97,9 +97,7 @@ func (h *runHarness) runAssertErrorContains(
|
|||||||
t *testing.T, want string, args ...string,
|
t *testing.T, want string, args ...string,
|
||||||
) {
|
) {
|
||||||
err := h.run(t, args...)
|
err := h.run(t, args...)
|
||||||
if assert.Error(t, err) {
|
assert.ErrorContains(t, err, want)
|
||||||
assert.Contains(t, err.Error(), want)
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func (h *runHarness) assertChangeStaged(
|
func (h *runHarness) assertChangeStaged(
|
||||||
|
@ -28,6 +28,9 @@ func TestStorageAllocationAdd(t *testing.T) {
|
|||||||
DataPath: "foo",
|
DataPath: "foo",
|
||||||
MetaPath: "bar",
|
MetaPath: "bar",
|
||||||
Capacity: 1,
|
Capacity: 1,
|
||||||
|
S3APIPort: 3901,
|
||||||
|
RPCPort: 3900,
|
||||||
|
AdminPort: 3902,
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
|
@ -101,7 +101,7 @@ func TestVPNFirewallAdd(t *testing.T) {
|
|||||||
t.Run(test.name, func(t *testing.T) {
|
t.Run(test.name, func(t *testing.T) {
|
||||||
var (
|
var (
|
||||||
h = newRunHarness(t)
|
h = newRunHarness(t)
|
||||||
config daecommon.NetworkConfig
|
config = daecommon.NewNetworkConfig(nil)
|
||||||
)
|
)
|
||||||
|
|
||||||
args := append([]string{"vpn", "firewall", "add"}, test.flags...)
|
args := append([]string{"vpn", "firewall", "add"}, test.flags...)
|
||||||
@ -193,7 +193,7 @@ func TestVPNFirewallCommit(t *testing.T) {
|
|||||||
t.Run(test.name, func(t *testing.T) {
|
t.Run(test.name, func(t *testing.T) {
|
||||||
var (
|
var (
|
||||||
h = newRunHarness(t)
|
h = newRunHarness(t)
|
||||||
config daecommon.NetworkConfig
|
config = daecommon.NewNetworkConfig(nil)
|
||||||
)
|
)
|
||||||
|
|
||||||
args := []string{"vpn", "firewall", "commit"}
|
args := []string{"vpn", "firewall", "commit"}
|
||||||
|
@ -2,6 +2,7 @@ package daecommon
|
|||||||
|
|
||||||
import (
|
import (
|
||||||
"bytes"
|
"bytes"
|
||||||
|
"encoding/json"
|
||||||
"fmt"
|
"fmt"
|
||||||
"io"
|
"io"
|
||||||
"isle/bootstrap"
|
"isle/bootstrap"
|
||||||
@ -70,11 +71,7 @@ type ConfigFirewallRule struct {
|
|||||||
Code string `yaml:"code,omitempty"`
|
Code string `yaml:"code,omitempty"`
|
||||||
Proto string `yaml:"proto,omitempty"`
|
Proto string `yaml:"proto,omitempty"`
|
||||||
Host string `yaml:"host,omitempty"`
|
Host string `yaml:"host,omitempty"`
|
||||||
Group string `yaml:"group,omitempty"`
|
|
||||||
Groups []string `yaml:"groups,omitempty"`
|
Groups []string `yaml:"groups,omitempty"`
|
||||||
CIDR string `yaml:"cidr,omitempty"`
|
|
||||||
CASha string `yaml:"ca_sha,omitempty"`
|
|
||||||
CAName string `yaml:"ca_name,omitempty"`
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// ConfigStorageAllocation describes the structure of each storage allocation
|
// ConfigStorageAllocation describes the structure of each storage allocation
|
||||||
@ -186,7 +183,19 @@ func (c NetworkConfig) Validate() error {
|
|||||||
func (c *NetworkConfig) UnmarshalYAML(n *yaml.Node) error {
|
func (c *NetworkConfig) UnmarshalYAML(n *yaml.Node) error {
|
||||||
type wrap NetworkConfig
|
type wrap NetworkConfig
|
||||||
if err := n.Decode((*wrap)(c)); err != nil {
|
if err := n.Decode((*wrap)(c)); err != nil {
|
||||||
return fmt.Errorf("decoding into %T: %w", c, err)
|
return fmt.Errorf("yaml decoding into %T: %w", c, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
c.fillDefaults()
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// UnmarshalJSON implements the json.Unmarshaler interface. It will attempt to
|
||||||
|
// fill in default values where it can.
|
||||||
|
func (c *NetworkConfig) UnmarshalJSON(b []byte) error {
|
||||||
|
type wrap NetworkConfig
|
||||||
|
if err := json.Unmarshal(b, (*wrap)(c)); err != nil {
|
||||||
|
return fmt.Errorf("json decoding into %T: %w", c, err)
|
||||||
}
|
}
|
||||||
|
|
||||||
c.fillDefaults()
|
c.fillDefaults()
|
||||||
@ -263,7 +272,18 @@ func (c *Config) UnmarshalYAML(n *yaml.Node) error {
|
|||||||
|
|
||||||
type wrap Config
|
type wrap Config
|
||||||
if err := n.Decode((*wrap)(c)); err != nil {
|
if err := n.Decode((*wrap)(c)); err != nil {
|
||||||
return fmt.Errorf("yaml unmarshaling back into Config struct: %w", err)
|
return fmt.Errorf("yaml decoding into %T: %w", c, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
return c.Validate()
|
||||||
|
}
|
||||||
|
|
||||||
|
// UnmarshalJSON implements the json.Unmarshaler interface. It will attempt to
|
||||||
|
// fill in default values where it can.
|
||||||
|
func (c *Config) UnmarshalJSON(b []byte) error {
|
||||||
|
type wrap Config
|
||||||
|
if err := json.Unmarshal(b, (*wrap)(c)); err != nil {
|
||||||
|
return fmt.Errorf("json decoding into %T: %w", c, err)
|
||||||
}
|
}
|
||||||
|
|
||||||
return c.Validate()
|
return c.Validate()
|
||||||
|
8
tasks/bugs/set-config-dont-commit-new-config-on-err.md
Normal file
8
tasks/bugs/set-config-dont-commit-new-config-on-err.md
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
---
|
||||||
|
type: task
|
||||||
|
---
|
||||||
|
|
||||||
|
When SetConfig is called, but ends up erroring, the new config should not end up
|
||||||
|
getting stored in the state directory.
|
||||||
|
|
||||||
|
This could be tricky if the reload call succeeds but the postInit fails.
|
12
tasks/soon/docs/clarify-firewalls.md
Normal file
12
tasks/soon/docs/clarify-firewalls.md
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
---
|
||||||
|
type: task
|
||||||
|
---
|
||||||
|
|
||||||
|
The Firewalls doc page should be extra clear that adding the line
|
||||||
|
|
||||||
|
```
|
||||||
|
-A INPUT --source <network CIDR> --jump ACCEPT
|
||||||
|
```
|
||||||
|
|
||||||
|
will not expose the host to the network entirely, as the nebula firewall will
|
||||||
|
still block all traffic by default.
|
Loading…
Reference in New Issue
Block a user