diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 64fdaf367..ee7c61df1 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -203,7 +203,7 @@ jobs: - name: Seed database run: docker compose run elixir /bin/sh -c 'cd apps/domain && mix ecto.seed' - name: Start docker compose in the background - run: docker compose up -d api web client relay gateway + run: docker compose up -d api web client relay gateway dns.httpbin httpbin - run: ./scripts/tests/${{ matrix.test }}.sh diff --git a/docker-compose.yml b/docker-compose.yml index 4808a2956..5c2f207bf 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -130,12 +130,6 @@ services: depends_on: gateway: condition: "service_healthy" - httpbin: - condition: "service_healthy" - test.httpbin.docker.local: - condition: "service_healthy" - iperf3: - condition: "service_healthy" api: condition: "service_healthy" networks: @@ -185,7 +179,8 @@ services: resources: ipv4_address: 172.20.0.100 - test.httpbin.docker.local: + + dns.httpbin: image: kennethreitz/httpbin healthcheck: test: ["CMD-SHELL", "ps -C gunicorn"] diff --git a/elixir/apps/domain/priv/repo/seeds.exs b/elixir/apps/domain/priv/repo/seeds.exs index 04cd35a83..619534e5f 100644 --- a/elixir/apps/domain/priv/repo/seeds.exs +++ b/elixir/apps/domain/priv/repo/seeds.exs @@ -683,9 +683,9 @@ IO.puts("") Resources.create_resource( %{ type: :dns, - name: "?.httpbin.docker.local", - address: "?.httpbin.docker.local", - address_description: "http://test.httpbin.docker.local/", + name: "?.httpbin", + address: "?.httpbin", + address_description: "http://httpbin/", connections: [%{gateway_group_id: gateway_group.id}], filters: [ %{ports: ["80", "433"], protocol: :tcp}, @@ -696,19 +696,6 @@ IO.puts("") admin_subject ) -{:ok, dns_docker_resource} = - Resources.create_resource( - %{ - type: :dns, - name: "*.docker.local", - address: "*.docker.local", - address_description: "*.docker.local/", - connections: [%{gateway_group_id: gateway_group.id}], - filters: [%{protocol: :all}] - }, - admin_subject - ) - IO.puts("Created resources:") IO.puts(" #{dns_google_resource.address} - DNS - gateways: #{gateway_name}") IO.puts(" #{dns_gitlab_resource.address} - DNS - gateways: #{gateway_name}") @@ -718,7 +705,6 @@ IO.puts(" #{example_dns.address} - DNS - gateways: #{gateway_name}") IO.puts(" #{ip_resource.address} - IP - gateways: #{gateway_name}") IO.puts(" #{cidr_resource.address} - CIDR - gateways: #{gateway_name}") IO.puts(" #{dns_httpbin_resource.address} - DNS - gateways: #{gateway_name}") -IO.puts(" #{dns_docker_resource.address} - DNS - gateways: #{gateway_name}") IO.puts("") {:ok, _} = @@ -794,23 +780,13 @@ IO.puts("") {:ok, _} = Policies.create_policy( %{ - name: "All Access To httpbin.docker.local", + name: "All Access To dns.httpbin", actor_group_id: everyone_group.id, resource_id: dns_httpbin_resource.id }, admin_subject ) -{:ok, _} = - Policies.create_policy( - %{ - name: "All Access To httpbin.docker.local", - actor_group_id: everyone_group.id, - resource_id: dns_docker_resource.id - }, - admin_subject - ) - IO.puts("Policies Created") IO.puts("") diff --git a/scripts/tests/direct-ping-portal-down.sh b/scripts/tests/direct-ping-portal-down.sh index c467e6f9d..9ec6913d2 100755 --- a/scripts/tests/direct-ping-portal-down.sh +++ b/scripts/tests/direct-ping-portal-down.sh @@ -4,10 +4,10 @@ set -e source "./scripts/tests/lib.sh" -client_ping_gateway +client_ping_resource docker compose stop api relay # Stop portal & relay sleep 5 # Wait for client to disconnect -client_ping_gateway +client_ping_resource diff --git a/scripts/tests/direct-ping-portal-relay-down.sh b/scripts/tests/direct-ping-portal-relay-down.sh index 59e22e207..070368d2d 100755 --- a/scripts/tests/direct-ping-portal-relay-down.sh +++ b/scripts/tests/direct-ping-portal-relay-down.sh @@ -4,10 +4,10 @@ set -e source "./scripts/tests/lib.sh" -client_ping_gateway +client_ping_resource docker compose stop api # Stop portal sleep 5 # Wait for client to disconnect -client_ping_gateway +client_ping_resource diff --git a/scripts/tests/direct-ping-portal-restart.sh b/scripts/tests/direct-ping-portal-restart.sh index 52ef40d4c..195be3552 100755 --- a/scripts/tests/direct-ping-portal-restart.sh +++ b/scripts/tests/direct-ping-portal-restart.sh @@ -4,10 +4,10 @@ set -e source "./scripts/tests/lib.sh" -client_ping_gateway +client_ping_resource docker compose restart api # Restart portal sleep 5 # Wait for client to reconnect -client_ping_gateway +client_ping_resource diff --git a/scripts/tests/dns-etc-resolvconf.sh b/scripts/tests/dns-etc-resolvconf.sh index ca392a467..a4a91c069 100755 --- a/scripts/tests/dns-etc-resolvconf.sh +++ b/scripts/tests/dns-etc-resolvconf.sh @@ -5,7 +5,7 @@ set -euo pipefail -HTTPBIN=test.httpbin.docker.local +HTTPBIN=dns.httpbin function client() { docker compose exec -it client "$@" @@ -21,9 +21,6 @@ function gateway() { docker compose exec -it gateway "$@" } -# Wait for client to ping httpbin (CIDR) resource through the gateway -client timeout 60 sh -c "until ping -W 1 -c 10 172.20.0.100 &>/dev/null; do true; done" - echo "# check original resolv.conf" client sh -c "cat /etc/resolv.conf.firezone-backup" diff --git a/scripts/tests/lib.sh b/scripts/tests/lib.sh index 305eb96d1..e5d99d7c1 100755 --- a/scripts/tests/lib.sh +++ b/scripts/tests/lib.sh @@ -10,6 +10,6 @@ function remove_iptables_drop_rules() { sudo iptables -D FORWARD -s 172.28.0.105 -d 172.28.0.100 -j DROP } -function client_ping_gateway() { +function client_ping_resource() { docker compose exec -it client timeout 60 sh -c 'until ping -W 1 -c 10 172.20.0.100 &>/dev/null; do true; done' } diff --git a/scripts/tests/relayed-ping-portal-down.sh b/scripts/tests/relayed-ping-portal-down.sh index 8a5a246f8..9e2d0a42b 100755 --- a/scripts/tests/relayed-ping-portal-down.sh +++ b/scripts/tests/relayed-ping-portal-down.sh @@ -7,10 +7,10 @@ source "./scripts/tests/lib.sh" install_iptables_drop_rules trap remove_iptables_drop_rules EXIT # Cleanup after us -client_ping_gateway +client_ping_resource docker compose stop api # Stop portal sleep 5 # Wait for client to disconnect -client_ping_gateway +client_ping_resource diff --git a/scripts/tests/relayed-ping-portal-restart.sh b/scripts/tests/relayed-ping-portal-restart.sh index 9e2765d77..f9d171e3f 100755 --- a/scripts/tests/relayed-ping-portal-restart.sh +++ b/scripts/tests/relayed-ping-portal-restart.sh @@ -7,10 +7,10 @@ source "./scripts/tests/lib.sh" install_iptables_drop_rules trap remove_iptables_drop_rules EXIT # Cleanup after us -client_ping_gateway +client_ping_resource docker compose restart api # Restart portal sleep 5 # Wait for client to reconnect -client_ping_gateway +client_ping_resource