bcmmbaga
a3fe7bea38
Merge branch 'main' into feature/mysql-support
2025-01-02 14:54:14 +03:00
Pascal Fischer
18316be09a
[management] add selfhosted metrics for networks ( #3118 )
2024-12-30 12:53:51 +01:00
bcmmbaga
214b863e40
Merge branch 'main' into feature/mysql-support
...
# Conflicts:
# management/server/account.go
# management/server/store/sql_store.go
# management/server/store/store.go
2024-12-24 14:43:54 +03:00
Pascal Fischer
e670068cab
[management] Run test sequential ( #3101 )
2024-12-23 14:37:09 +01:00
İsmail
215c9047ba
MySQL Support ( #2837 )
...
* Update store.go
* Update sql_store.go
* Update store.go
* Update golang-test-linux.yml
* Update store.go
* Update go.mod
* Update go.mod
* Update go.sum
* Update store.go
* Update sql_store.go
* TestContainer
* Update go.sum
* Update store.go
* TestUtil Duplicate
* dsn fix
* go mod tidy
* NETBIRD_STORE_ENGINE_MYSQL_DSN
* Skip Test
* Update test-infrastructure-files.yml
* Update test-infrastructure-files.yml
* MYSQL_ROOT_PASSWORD added
* Update test-infrastructure-files.yml
* Update store.go
* Debug + Mysql JSON Query
* swicth/case convert
* Update store.go
* Update store.go
* Debug
* MySQL Test Version Change
* Root Test
* Ignore other sql tests.
* MySQL Connection Fix
* enable other tests
* The word "key" is a reserved word in MySQL.
* Remove Debugs
* Update sql_store.go
* Added default null value for datetime.
* Added default null value for datetime.
* MySQL Hooks
* MySQL Config File
* remove default values
* test timeout change
* MySQL max lifetime change
* WithConfigFile
* disable other tests
* Update mysql.cnf
* Update golang-test-linux.yml
* Delete sql_hooks.go
* enable other tests
* test timeout change
* update packets
* Fix the Inactivity Expiration problem
* Update sql_store.go
* Update mysql.cnf
* Update sql_store.go
* Update sql_store.go
* timeout change
* MySQL Connection LifeTime Change
* TestContainers have been optimized.
* Update store_ios.go
* Update sql_store.go
* timeout fix
* fix migration (setup keys)
* Update event.go
* Add disable option for event activities.
* Revert "Update event.go"
* Update event.go
* Fix Gorm Mysql Bug
* update go-jose module
* containerd module update
* containerd downgrade
* Revert commits
* Revert "Revert commits"
This reverts commit 62b3eac799
.
* Revert "containerd downgrade"
This reverts commit 4e46108915
.
* Revert "containerd module update"
This reverts commit e8cfa87d16
.
* Revert "update go-jose module"
This reverts commit 1fabdc7606
.
2024-12-23 13:06:13 +03:00
Viktor Liu
ddc365f7a0
[client, management] Add new network concept ( #3047 )
...
---------
Co-authored-by: Pascal Fischer <32096965+pascal-fischer@users.noreply.github.com>
Co-authored-by: bcmmbaga <bethuelmbaga12@gmail.com>
Co-authored-by: Maycon Santos <mlsmaycon@gmail.com>
Co-authored-by: Zoltan Papp <zoltan.pmail@gmail.com>
2024-12-20 11:30:28 +01:00
Maycon Santos
287ae81195
[misc] split tests with management and rest ( #3051 )
...
optimize go cache for tests
2024-12-14 21:18:46 +01:00
Pascal Fischer
c6641be94b
[tests] Enable benchmark tests on github actions ( #2961 )
2024-11-28 19:22:01 +01:00
Maycon Santos
78fab877c0
[misc] Update signing pipeline version ( #2900 )
2024-11-18 15:31:53 +01:00
Maycon Santos
5b46cc8e9c
Avoid failing all other matrix tests if one fails ( #2839 )
2024-11-05 13:28:42 +01:00
Zoltan Papp
4e918e55ba
[client] Fix controller re-connection ( #2758 )
...
Rethink the peer reconnection implementation
2024-10-24 11:43:14 +02:00
Bethuel Mmbaga
7bda385e1b
[management] Optimize network map updates ( #2718 )
...
* Skip peer update on unchanged network map (#2236 )
* Enhance network updates by skipping unchanged messages
Optimizes the network update process
by skipping updates where no changes in the peer update message received.
* Add unit tests
* add locks
* Improve concurrency and update peer message handling
* Refactor account manager network update tests
* fix test
* Fix inverted network map update condition
* Add default group and policy to test data
* Run peer updates in a separate goroutine
* Refactor
* Refactor lock
* Fix peers update by including NetworkMap and posture Checks
* go mod tidy
* fix merge
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* fix merge
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* [management] Skip account peers update if no changes affect peers (#2310 )
* Remove incrementing network serial and updating peers after group deletion
* Update account peer if posture check is linked to policy
* Remove account peers update on saving setup key
* Refactor group link checking into re-usable functions
* Add HasPeers function to group
* Refactor group management
* Optimize group change effects on account peers
* Update account peers if ns group has peers
* Refactor group changes
* Optimize account peers update in DNS settings
* Optimize update of account peers on jwt groups sync
* Refactor peer account updates for efficiency
* Optimize peer update on user deletion and changes
* Remove condition check for network serial update
* Optimize account peers updates on route changes
* Remove UpdatePeerSSHKey method
* Remove unused isPolicyRuleGroupsEmpty
* Add tests for peer update behavior on posture check changes
* Add tests for peer update behavior on policy changes
* Add tests for peer update behavior on group changes
* Add tests for peer update behavior on dns settings changes
* Refactor
* Add tests for peer update behavior on name server changes
* Add tests for peer update behavior on user changes
* Add tests for peer update behavior on route changes
* fix tests
* Add tests for peer update behavior on setup key changes
* Add tests for peer update behavior on peers changes
* fix merge
* Fix tests
* go mod tidy
* Add NameServer and Route comparators
* Update network map diff logic with custom comparators
* Add tests
* Refactor duplicate diff handling logic
* fix linter
* fix tests
* Refactor policy group handling and update logic.
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* Update route check by checking if group has peers
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* Refactor posture check policy linking logic
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* Simplify peer update condition in DNS management
Refactor the condition for updating account peers to remove redundant checks
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* fix tests
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* fix merge
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* add policy tests
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* add posture checks tests
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* fix user and setup key tests
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* fix account and route tests
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* fix typo
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* fix nameserver tests
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* fix routes tests
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* fix group tests
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* upgrade diff package
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* fix nameserver tests
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* use generic differ for netip.Addr and netip.Prefix
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* go mod tidy
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* add peer tests
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* fix merge
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* fix management suite tests
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* fix postgres tests
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* enable diff nil structs comparison
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* skip the update only last sent the serial is larger
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* refactor peer and user
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* skip spell check for groupD
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* Refactor group, ns group, policy and posture checks
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* skip spell check for GroupD
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* update account policy check before verifying policy status
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* Update management/server/route_test.go
Co-authored-by: Maycon Santos <mlsmaycon@gmail.com>
* Update management/server/route_test.go
Co-authored-by: Maycon Santos <mlsmaycon@gmail.com>
* Update management/server/route_test.go
Co-authored-by: Maycon Santos <mlsmaycon@gmail.com>
* Update management/server/route_test.go
Co-authored-by: Maycon Santos <mlsmaycon@gmail.com>
* Update management/server/route_test.go
Co-authored-by: Maycon Santos <mlsmaycon@gmail.com>
* add tests missing tests for dns setting groups
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* add tests for posture checks changes
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* add ns group and policy tests
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* add route and group tests
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* increase Linux test timeout to 10 minutes
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* Run diff for client posture checks only
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* add panic recovery and detailed logging in peer update comparison
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* Fix tests
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
---------
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
Co-authored-by: Maycon Santos <mlsmaycon@gmail.com>
---------
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
Co-authored-by: Maycon Santos <mlsmaycon@gmail.com>
2024-10-23 13:05:02 +03:00
Maycon Santos
c8d8748dcf
Update sign workflow version ( #2756 )
2024-10-18 17:28:58 +02:00
Maycon Santos
cee95461d1
[client] Add universal bin build and update sign workflow version ( #2738 )
...
* Add universal binaries build for macOS
* update sign pipeline version
* handle info.plist in sign workflow
2024-10-15 15:03:17 +02:00
pascal-fischer
8284ae959c
[management] Move testdata to sql files ( #2693 )
2024-10-10 12:35:03 +02:00
pascal-fischer
b79c1d64cc
[management] Make max open db conns configurable ( #2713 )
2024-10-09 20:17:25 +02:00
Zoltan Papp
fd67892cb4
[client] Refactor/iface pkg ( #2646 )
...
Refactor the flat code structure
2024-10-02 18:24:22 +02:00
Bethuel Mmbaga
ff7863785f
[management, client] Add access control support to network routes ( #2100 )
2024-10-02 13:41:00 +02:00
Maycon Santos
a3a479429e
Use the pkgs to get the latest version ( #2682 )
...
* Use the pkgs to get the latest version
* disable fail fast
2024-10-02 11:48:42 +02:00
Maycon Santos
e27f85b317
Update docker creds ( #2677 )
2024-09-30 20:07:21 +02:00
Gianluca Boiano
2fd60b2cb4
Specify goreleaser version and update to 2 ( #2673 )
2024-09-30 16:43:34 +02:00
pascal-fischer
6c50b0c84b
[management] Add transaction to addPeer ( #2469 )
...
This PR removes the GetAccount and SaveAccount operations from the AddPeer and instead makes use of gorm.Transaction to add the new peer.
2024-09-16 15:47:03 +02:00
Maycon Santos
4c130a0291
Update Go version to 1.23 ( #2588 )
2024-09-12 13:46:28 +02:00
Maycon Santos
afb9673bc4
[misc] Update core github actions ( #2584 )
2024-09-11 21:49:05 +02:00
Maycon Santos
47adb976f8
Remove pre-release step from workflow ( #2583 )
2024-09-11 18:59:19 +02:00
benniekiss
12c36312b5
[management] Auto update geolite ( #2297 )
...
introduces helper functions to fetch and verify database versions, downloads new files if outdated, and deletes old ones. It also refactors filename handling to improve clarity and consistency, adding options to disable auto-updating via a flag. The changes aim to simplify GeoLite database management for admins.
2024-09-09 18:27:42 +02:00
Zoltan Papp
0c039274a4
[relay] Feature/relay integration ( #2244 )
...
This update adds new relay integration for NetBird clients. The new relay is based on web sockets and listens on a single port.
- Adds new relay implementation with websocket with single port relaying mechanism
- refactor peer connection logic, allowing upgrade and downgrade from/to P2P connection
- peer connections are faster since it connects first to relay and then upgrades to P2P
- maintains compatibility with old clients by not using the new relay
- updates infrastructure scripts with new relay service
2024-09-08 12:06:14 +02:00
Maycon Santos
880b81154f
Use new sign pipeline ( #2490 )
2024-08-28 14:46:35 +02:00
Maycon Santos
63a75d72fc
[misc] Test infrastructure files generation with postgres store ( #2478 )
2024-08-27 16:38:42 +02:00
Maycon Santos
be6bc46bcd
Update sign pipeline version to 0.0.13 ( #2477 )
2024-08-23 19:37:20 +02:00
Maycon Santos
1802e51213
Fix windows binary version ( #2390 )
2024-08-05 11:03:14 +02:00
Maycon Santos
059fc7c3a2
Use docker compose command ( #2382 )
...
replace calls to docker-compose with docker compose
2024-08-03 20:15:19 +02:00
Maycon Santos
e6f7222034
Fix Windows file version ( #2380 )
...
Systems that validates the binary version didn't like the build number as we set
This fixes the versioning and will use a static build number
2024-08-02 18:07:57 +02:00
Evgenii
02f3105e48
Freebsd test all root component ( #2361 )
...
* chore(tests): add all root component into FreeBSD check
* change timeout for each component
* add client tests execution measure
* revert -p1 for client tests and explain why
* measure duration of all test run
2024-08-01 11:56:18 +02:00
Evgenii
9d2047a08a
Fix freebsd tests ( #2346 )
2024-07-31 09:58:04 +02:00
Maycon Santos
f74646a3ac
Add release version to windows binaries and update sign pipeline version ( #2256 )
2024-07-11 19:06:55 +02:00
Robert Neumann
17874771cc
Feature/Use Zitadel Postgres Integration by default ( #2181 )
...
replaces cockroachDB as default DB for Zitadel in the getting started script to deploy script. Users can switch back to cockroachDB by setting the environment variable ZITADEL_DATABASE to cockroach.
2024-06-25 11:10:11 +02:00
Maycon Santos
aca054e51e
Using macOS-latest to build GUI ( #2189 )
2024-06-25 09:34:02 +02:00
Maycon Santos
1609b21b5b
Add freebsd test workflow ( #2127 )
2024-06-14 11:17:55 +02:00
Maycon Santos
4fec709bb1
Release 0.28.0 ( #2092 )
...
* compile client under freebsd (#1620 )
Compile netbird client under freebsd and now support netstack and userspace modes.
Refactoring linux specific code to share same code with FreeBSD, move to *_unix.go files.
Not implemented yet:
Kernel mode not supported
DNS probably does not work yet
Routing also probably does not work yet
SSH support did not tested yet
Lack of test environment for freebsd (dedicated VM for github runners under FreeBSD required)
Lack of tests for freebsd specific code
info reporting need to review and also implement, for example OS reported as GENERIC instead of FreeBSD (lack of FreeBSD icon in management interface)
Lack of proper client setup under FreeBSD
Lack of FreeBSD port/package
* Add DNS routes (#1943 )
Given domains are resolved periodically and resolved IPs are replaced with the new ones. Unless the flag keep_route is set to true, then only new ones are added.
This option is helpful if there are long-running connections that might still point to old IP addresses from changed DNS records.
* Add process posture check (#1693 )
Introduces a process posture check to validate the existence and active status of specific binaries on peer systems. The check ensures that files are present at specified paths, and that corresponding processes are running. This check supports Linux, Windows, and macOS systems.
Co-authored-by: Evgenii <mail@skillcoder.com>
Co-authored-by: Pascal Fischer <pascal@netbird.io>
Co-authored-by: Zoltan Papp <zoltan.pmail@gmail.com>
Co-authored-by: Viktor Liu <17948409+lixmal@users.noreply.github.com>
Co-authored-by: Bethuel Mmbaga <bethuelmbaga12@gmail.com>
2024-06-13 13:24:24 +02:00
Bethuel Mmbaga
95299be52d
Deprecate FileStore engine support ( #2119 )
...
* Removejsonfile' from test matrix in workflows
* Remove sqlite to json migration command
* Refactor store engine implementation to remove JSON file store support
The codebase has been refactored to remove support for JSON file store storage engine, with SQLite serving as the default store engine. New functions have been added to handle unsupported store engines and to migrate data from file store to SQLite.
* Remove 'downCmd' from migration commands
* Refactoring
* Add sqlite cleanup
* Remove comment
2024-06-13 13:39:19 +03:00
Bethuel Mmbaga
a5811a2d7d
Implement experimental PostgreSQL store ( #1939 )
...
* migrate sqlite store to
generic sql store
* fix conflicts
* init postgres store
* Add postgres store tests
* Refactor postgres store engine name
* fix tests
* Run postgres store tests on linux only
* fix tests
* Refactor
* cascade policy rules on policy deletion
* fix tests
* run postgres cases in new db
* close store connection after tests
* refactor
* using testcontainers
* sync go sum
* remove postgres service
* remove store cleanup
* go mod tidy
* remove env
* use postgres as engine and initialize test store with testcontainer
---------
Co-authored-by: Maycon Santos <mlsmaycon@gmail.com>
2024-05-16 19:28:37 +03:00
Bethuel Mmbaga
263abe4862
Fix windows route exec path ( #1946 )
...
* Enable release workflow on PR and upload binaries
add GetSystem32Command to validate if a command is in the path
it will fall back to the full system32, assuming the OS driver is C
---------
Co-authored-by: Maycon Santos <mlsmaycon@gmail.com>
2024-05-09 13:48:15 +02:00
pascal-fischer
8f3a0f2c38
Add retry to IdP cache lookup ( #1882 )
2024-04-23 19:23:43 +02:00
Maycon Santos
012e624296
Fix DNS not found query response ( #1877 )
...
for local queries, we should return NXDOMAIN instead of NOERROR
Also, updated gomobile for Android and iOS builds
2024-04-23 10:20:09 +02:00
Viktor Liu
e0de86d6c9
Use fixed activity codes ( #1846 )
...
* Add duplicate constants check
2024-04-15 14:15:46 +02:00
Maycon Santos
3875c29f6b
Revert "Rollback new routing functionality ( #1805 )" ( #1813 )
...
This reverts commit 9f32ccd453
.
2024-04-08 18:56:52 +02:00
Viktor Liu
9f32ccd453
Rollback new routing functionality ( #1805 )
2024-04-05 20:38:49 +02:00
Viktor Liu
7938295190
Feature/exit nodes - Windows and macOS support ( #1726 )
2024-04-03 11:11:46 +02:00
Viktor Liu
2475473227
Support client default routes for Linux ( #1667 )
...
All routes are now installed in a custom netbird routing table.
Management and wireguard traffic is now marked with a custom fwmark.
When the mark is present the traffic is routed via the main routing table, bypassing the VPN.
When the mark is absent the traffic is routed via the netbird routing table, if:
- there's no match in the main routing table
- it would match the default route in the routing table
IPv6 traffic is blocked when a default route IPv4 route is configured to avoid leakage.
2024-03-21 16:49:28 +01:00