From 6f03821ede719f6be93c224a98d96fe966cb3c6a Mon Sep 17 00:00:00 2001 From: nxtcoder17 Date: Thu, 26 Sep 2024 16:44:23 +0530 Subject: [PATCH 1/2] fix: updates global vpn gateway allowed IPs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - apparently, cluster gateway's allowed IP could easily have been 100.64.0.0/10, but idk why i had all possible 256 combinations in there 😂 --- apps/infra/internal/domain/global-vpn-cluster-connection.go | 2 +- apps/infra/internal/domain/global-vpn-devices.go | 5 ++++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/apps/infra/internal/domain/global-vpn-cluster-connection.go b/apps/infra/internal/domain/global-vpn-cluster-connection.go index 78ee7b644..26faf8602 100644 --- a/apps/infra/internal/domain/global-vpn-cluster-connection.go +++ b/apps/infra/internal/domain/global-vpn-cluster-connection.go @@ -96,7 +96,7 @@ func (d *domain) listGlobalVPNConnections(ctx InfraContext, vpnName string) ([]* func hashPeer(peer networkingv1.Peer) string { sort.Strings(peer.AllowedIPs) - return fmt.Sprintf("%x", md5.Sum([]byte(fmt.Sprintf("%s:%s:%s:%s:%s", peer.IP, peer.PublicKey, fn.DefaultIfNil(peer.PublicEndpoint), fn.DefaultIfNil(peer.DNSSuffix), strings.Join(peer.AllowedIPs, ","))))) + return fmt.Sprintf("%x", md5.Sum([]byte(fmt.Sprintf("%s:%s:%s:%s:%s", fn.DefaultIfNil(peer.IP, ""), peer.PublicKey, fn.DefaultIfNil(peer.PublicEndpoint), fn.DefaultIfNil(peer.DNSSuffix), strings.Join(peer.AllowedIPs, ","))))) } func hashPeers(peers []networkingv1.Peer) string { diff --git a/apps/infra/internal/domain/global-vpn-devices.go b/apps/infra/internal/domain/global-vpn-devices.go index 8719c8b74..736233aa4 100644 --- a/apps/infra/internal/domain/global-vpn-devices.go +++ b/apps/infra/internal/domain/global-vpn-devices.go @@ -237,7 +237,10 @@ func (d *domain) buildPeerFromGlobalVPNDevice(_ InfraContext, gvpn *entities.Glo if device.IPAddr == gvpn.KloudliteGatewayDevice.IPAddr { // FIXME: this should not be used - allowedIPs = append(allowedIPs, gvpn.NonClusterUseAllowedIPs...) + // allowedIPs = append(allowedIPs, gvpn.NonClusterUseAllowedIPs...) + + // NOTE: i don't even remember what is the use case of non-cluster-use allowed IPs + allowedIPs = append(allowedIPs, "100.64.0.0/10") // allowedIPs = append(allowedIPs, privateCIDRs...) } From c8d11c601f3853b7bca3d7c18cd241ad60157e0f Mon Sep 17 00:00:00 2001 From: nxtcoder17 Date: Thu, 26 Sep 2024 16:46:45 +0530 Subject: [PATCH 2/2] feat(console): getDNSHostSuffix method --- .../internal/app/graph/generated/generated.go | 77 +++++++++++++++++++ .../internal/app/graph/schema.graphqls | 2 + .../internal/app/graph/schema.resolvers.go | 5 ++ 3 files changed, 84 insertions(+) diff --git a/apps/console/internal/app/graph/generated/generated.go b/apps/console/internal/app/graph/generated/generated.go index 7806f949c..5f70958c9 100644 --- a/apps/console/internal/app/graph/generated/generated.go +++ b/apps/console/internal/app/graph/generated/generated.go @@ -800,6 +800,7 @@ type ComplexityRoot struct { CoreGetApp func(childComplexity int, envName string, name string) int CoreGetConfig func(childComplexity int, envName string, name string) int CoreGetConfigValues func(childComplexity int, envName string, queries []*domain.ConfigKeyRef) int + CoreGetDNSHostSuffix func(childComplexity int) int CoreGetEnvironment func(childComplexity int, name string) int CoreGetExternalApp func(childComplexity int, envName string, name string) int CoreGetImagePullSecret func(childComplexity int, name string) int @@ -1106,6 +1107,7 @@ type MutationResolver interface { } type QueryResolver interface { CoreCheckNameAvailability(ctx context.Context, envName *string, msvcName *string, resType entities.ResourceType, name string) (*domain.CheckNameAvailabilityOutput, error) + CoreGetDNSHostSuffix(ctx context.Context) (string, error) CoreListEnvironments(ctx context.Context, search *model.SearchEnvironments, pq *repos.CursorPagination) (*model.EnvironmentPaginatedRecords, error) CoreGetEnvironment(ctx context.Context, name string) (*entities.Environment, error) CoreResyncEnvironment(ctx context.Context, name string) (bool, error) @@ -4650,6 +4652,13 @@ func (e *executableSchema) Complexity(typeName, field string, childComplexity in return e.complexity.Query.CoreGetConfigValues(childComplexity, args["envName"].(string), args["queries"].([]*domain.ConfigKeyRef)), true + case "Query.core_getDNSHostSuffix": + if e.complexity.Query.CoreGetDNSHostSuffix == nil { + break + } + + return e.complexity.Query.CoreGetDNSHostSuffix(childComplexity), true + case "Query.core_getEnvironment": if e.complexity.Query.CoreGetEnvironment == nil { break @@ -5928,6 +5937,8 @@ input CoreSearchVPNDevices { type Query { core_checkNameAvailability(envName: String, msvcName: String ,resType: ConsoleResType!, name: String!): ConsoleCheckNameAvailabilityOutput! @isLoggedIn @hasAccount + core_getDNSHostSuffix: String! + core_listEnvironments(search: SearchEnvironments, pq: CursorPaginationIn): EnvironmentPaginatedRecords @isLoggedInAndVerified @hasAccount core_getEnvironment(name: String!): Environment @isLoggedInAndVerified @hasAccount core_resyncEnvironment(name: String!): Boolean! @isLoggedInAndVerified @hasAccount @@ -32320,6 +32331,50 @@ func (ec *executionContext) fieldContext_Query_core_checkNameAvailability(ctx co return fc, nil } +func (ec *executionContext) _Query_core_getDNSHostSuffix(ctx context.Context, field graphql.CollectedField) (ret graphql.Marshaler) { + fc, err := ec.fieldContext_Query_core_getDNSHostSuffix(ctx, field) + if err != nil { + return graphql.Null + } + ctx = graphql.WithFieldContext(ctx, fc) + defer func() { + if r := recover(); r != nil { + ec.Error(ctx, ec.Recover(ctx, r)) + ret = graphql.Null + } + }() + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + ctx = rctx // use context from middleware stack in children + return ec.resolvers.Query().CoreGetDNSHostSuffix(rctx) + }) + if err != nil { + ec.Error(ctx, err) + return graphql.Null + } + if resTmp == nil { + if !graphql.HasFieldError(ctx, fc) { + ec.Errorf(ctx, "must not be null") + } + return graphql.Null + } + res := resTmp.(string) + fc.Result = res + return ec.marshalNString2string(ctx, field.Selections, res) +} + +func (ec *executionContext) fieldContext_Query_core_getDNSHostSuffix(_ context.Context, field graphql.CollectedField) (fc *graphql.FieldContext, err error) { + fc = &graphql.FieldContext{ + Object: "Query", + Field: field, + IsMethod: true, + IsResolver: true, + Child: func(ctx context.Context, field graphql.CollectedField) (*graphql.FieldContext, error) { + return nil, errors.New("field of type String does not have child fields") + }, + } + return fc, nil +} + func (ec *executionContext) _Query_core_listEnvironments(ctx context.Context, field graphql.CollectedField) (ret graphql.Marshaler) { fc, err := ec.fieldContext_Query_core_listEnvironments(ctx, field) if err != nil { @@ -51601,6 +51656,28 @@ func (ec *executionContext) _Query(ctx context.Context, sel ast.SelectionSet) gr func(ctx context.Context) graphql.Marshaler { return innerFunc(ctx, out) }) } + out.Concurrently(i, func(ctx context.Context) graphql.Marshaler { return rrm(innerCtx) }) + case "core_getDNSHostSuffix": + field := field + + innerFunc := func(ctx context.Context, fs *graphql.FieldSet) (res graphql.Marshaler) { + defer func() { + if r := recover(); r != nil { + ec.Error(ctx, ec.Recover(ctx, r)) + } + }() + res = ec._Query_core_getDNSHostSuffix(ctx, field) + if res == graphql.Null { + atomic.AddUint32(&fs.Invalids, 1) + } + return res + } + + rrm := func(ctx context.Context) graphql.Marshaler { + return ec.OperationContext.RootResolverMiddleware(ctx, + func(ctx context.Context) graphql.Marshaler { return innerFunc(ctx, out) }) + } + out.Concurrently(i, func(ctx context.Context) graphql.Marshaler { return rrm(innerCtx) }) case "core_listEnvironments": field := field diff --git a/apps/console/internal/app/graph/schema.graphqls b/apps/console/internal/app/graph/schema.graphqls index d95c85a68..1574c875b 100644 --- a/apps/console/internal/app/graph/schema.graphqls +++ b/apps/console/internal/app/graph/schema.graphqls @@ -107,6 +107,8 @@ input CoreSearchVPNDevices { type Query { core_checkNameAvailability(envName: String, msvcName: String ,resType: ConsoleResType!, name: String!): ConsoleCheckNameAvailabilityOutput! @isLoggedIn @hasAccount + core_getDNSHostSuffix: String! + core_listEnvironments(search: SearchEnvironments, pq: CursorPaginationIn): EnvironmentPaginatedRecords @isLoggedInAndVerified @hasAccount core_getEnvironment(name: String!): Environment @isLoggedInAndVerified @hasAccount core_resyncEnvironment(name: String!): Boolean! @isLoggedInAndVerified @hasAccount diff --git a/apps/console/internal/app/graph/schema.resolvers.go b/apps/console/internal/app/graph/schema.resolvers.go index 5f8491f05..fa37b21a7 100644 --- a/apps/console/internal/app/graph/schema.resolvers.go +++ b/apps/console/internal/app/graph/schema.resolvers.go @@ -453,6 +453,11 @@ func (r *queryResolver) CoreCheckNameAvailability(ctx context.Context, envName * return r.Domain.CheckNameAvailability(ctx, cc.AccountName, envName, msvcName, resType, name) } +// CoreGetDNSHostSuffix is the resolver for the core_getDNSHostSuffix field. +func (r *queryResolver) CoreGetDNSHostSuffix(ctx context.Context) (string, error) { + return r.EnvVars.KloudliteDNSSuffix, nil +} + // CoreListEnvironments is the resolver for the core_listEnvironments field. func (r *queryResolver) CoreListEnvironments(ctx context.Context, search *model.SearchEnvironments, pq *repos.CursorPagination) (*model.EnvironmentPaginatedRecords, error) { cc, err := toConsoleContext(ctx)