Add worker reading extra_records_path from file (#2271)

* consolidate scheduled tasks into one goroutine Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * rename Tailcfg dns struct Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * add dns.extra_records_path option Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * prettier lint Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * go-fmt Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> --------- Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2024-12-13 07:52:40 +00:00 · 2024-12-13 07:52:40 +00:00 · 380fcdba17
commit 380fcdba17
parent 89a648c7dd
22 changed files with 388 additions and 81 deletions
--- a/integration/auth_oidc_test.go
+++ b/integration/auth_oidc_test.go
@ -154,7 +154,7 @@ func TestOIDCAuthenticationPingAll(t *testing.T) {
 	}

 	sort.Slice(listUsers, func(i, j int) bool {
-		return listUsers[i].Id < listUsers[j].Id
+		return listUsers[i].GetId() < listUsers[j].GetId()
 	})

 	if diff := cmp.Diff(want, listUsers, cmpopts.IgnoreUnexported(v1.User{}), cmpopts.IgnoreFields(v1.User{}, "CreatedAt")); diff != "" {
@ -514,7 +514,7 @@ func TestOIDC024UserCreation(t *testing.T) {
 			assertNoErr(t, err)

 			sort.Slice(listUsers, func(i, j int) bool {
-				return listUsers[i].Id < listUsers[j].Id
+				return listUsers[i].GetId() < listUsers[j].GetId()
 			})

 			if diff := cmp.Diff(want, listUsers, cmpopts.IgnoreUnexported(v1.User{}), cmpopts.IgnoreFields(v1.User{}, "CreatedAt")); diff != "" {
--- a/integration/dns_test.go
+++ b/integration/dns_test.go
@ -1,6 +1,7 @@
 package integration

 import (
+	"encoding/json"
 	"fmt"
 	"strings"
 	"testing"
@ -9,6 +10,7 @@ import (
 	"github.com/juanfont/headscale/integration/hsic"
 	"github.com/juanfont/headscale/integration/tsic"
 	"github.com/stretchr/testify/assert"
+	"tailscale.com/tailcfg"
 )

 func TestResolveMagicDNS(t *testing.T) {
@ -81,6 +83,93 @@ func TestResolveMagicDNS(t *testing.T) {
 	}
 }

+func TestResolveMagicDNSExtraRecordsPath(t *testing.T) {
+	IntegrationSkip(t)
+	t.Parallel()
+
+	scenario, err := NewScenario(dockertestMaxWait())
+	assertNoErr(t, err)
+	defer scenario.ShutdownAssertNoPanics(t)
+
+	spec := map[string]int{
+		"magicdns1": 1,
+		"magicdns2": 1,
+	}
+
+	const erPath = "/tmp/extra_records.json"
+
+	extraRecords := []tailcfg.DNSRecord{
+		{
+			Name:  "test.myvpn.example.com",
+			Type:  "A",
+			Value: "6.6.6.6",
+		},
+	}
+	b, _ := json.Marshal(extraRecords)
+
+	err = scenario.CreateHeadscaleEnv(spec, []tsic.Option{
+		tsic.WithDockerEntrypoint([]string{
+			"/bin/sh",
+			"-c",
+			"/bin/sleep 3 ; apk add python3 curl bind-tools ; update-ca-certificates ; tailscaled --tun=tsdev",
+		}),
+	},
+		hsic.WithTestName("extrarecords"),
+		hsic.WithConfigEnv(map[string]string{
+			// Disable global nameservers to make the test run offline.
+			"HEADSCALE_DNS_NAMESERVERS_GLOBAL": "",
+			"HEADSCALE_DNS_EXTRA_RECORDS_PATH": erPath,
+		}),
+		hsic.WithFileInContainer(erPath, b),
+		hsic.WithEmbeddedDERPServerOnly(),
+		hsic.WithTLS(),
+		hsic.WithHostnameAsServerURL(),
+	)
+	assertNoErrHeadscaleEnv(t, err)
+
+	allClients, err := scenario.ListTailscaleClients()
+	assertNoErrListClients(t, err)
+
+	err = scenario.WaitForTailscaleSync()
+	assertNoErrSync(t, err)
+
+	// assertClientsState(t, allClients)
+
+	// Poor mans cache
+	_, err = scenario.ListTailscaleClientsFQDNs()
+	assertNoErrListFQDN(t, err)
+
+	_, err = scenario.ListTailscaleClientsIPs()
+	assertNoErrListClientIPs(t, err)
+
+	for _, client := range allClients {
+		assertCommandOutputContains(t, client, []string{"dig", "test.myvpn.example.com"}, "6.6.6.6")
+	}
+
+	extraRecords = append(extraRecords, tailcfg.DNSRecord{
+		Name:  "otherrecord.myvpn.example.com",
+		Type:  "A",
+		Value: "7.7.7.7",
+	})
+	b2, _ := json.Marshal(extraRecords)
+
+	hs, err := scenario.Headscale()
+	assertNoErr(t, err)
+
+	// Write it to a separate file to ensure Docker's API doesnt
+	// do anything unexpected and rather move it into place to trigger
+	// a reload.
+	err = hs.WriteFile(erPath+"2", b2)
+	assertNoErr(t, err)
+	_, err = hs.Execute([]string{"mv", erPath + "2", erPath})
+	assertNoErr(t, err)
+
+	for _, client := range allClients {
+		assertCommandOutputContains(t, client, []string{"dig", "test.myvpn.example.com"}, "6.6.6.6")
+		assertCommandOutputContains(t, client, []string{"dig", "otherrecord.myvpn.example.com"}, "7.7.7.7")
+	}
+}
+
 // TestValidateResolvConf validates that the resolv.conf file
 // ends up as expected in our Tailscale containers.
 // All the containers are based on Alpine, meaning Tailscale
--- a/integration/utils.go
+++ b/integration/utils.go
@ -3,6 +3,7 @@ package integration
 import (
 	"bufio"
 	"bytes"
+	"fmt"
 	"io"
 	"os"
 	"strings"
@ -10,6 +11,7 @@ import (
 	"testing"
 	"time"

+	"github.com/cenkalti/backoff/v4"
 	"github.com/juanfont/headscale/hscontrol/util"
 	"github.com/juanfont/headscale/integration/tsic"
 	"github.com/stretchr/testify/assert"
@ -302,6 +304,30 @@ func assertValidNetcheck(t *testing.T, client TailscaleClient) {
 	assert.NotEqualf(t, 0, report.PreferredDERP, "%q does not have a DERP relay", client.Hostname())
 }

+// assertCommandOutputContains executes a command for a set time and asserts that the output
+// reaches a desired state.
+// It should be used instead of sleeping before executing.
+func assertCommandOutputContains(t *testing.T, c TailscaleClient, command []string, contains string) {
+	t.Helper()
+
+	err := backoff.Retry(func() error {
+		stdout, stderr, err := c.Execute(command)
+		if err != nil {
+			return fmt.Errorf("executing command, stdout: %q stderr: %q, err: %w", stdout, stderr, err)
+		}
+
+		if !strings.Contains(stdout, contains) {
+			return fmt.Errorf("executing command, expected string %q not found in %q", contains, stdout)
+		}
+
+		return nil
+	}, backoff.NewExponentialBackOff(
+		backoff.WithMaxElapsedTime(10*time.Second)),
+	)
+
+	assert.NoError(t, err)
+}
+
 func isSelfClient(client TailscaleClient, addr string) bool {
 	if addr == client.Hostname() {
 		return true