Remove database from Mapper
This commit changes the internals of the mapper to track all the changes to peers over its lifetime. This means that it no longer depends on the database and this should hopefully help with locks and timing issues. When the mapper is created, it needs the current list of peers, the world view, when the polling session was started. Then as update changes are called, it tracks the changes and generates responses based on its internal list. As a side, the types.Machines and types.MachinesP, as well as types.Machine being passed as a full struct and pointer has been changed to always be pointers, everywhere. Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
This commit is contained in:
Kristoffer Dalby
Kristoffer Dalby
parent
3b0749a320
commit
387aa03adb
15 changed files with 251 additions and 236 deletions
|
|
@ -157,7 +157,7 @@ func (pol *ACLPolicy) generateFilterRules(
|
|||
peers types.Machines,
|
||||
) ([]tailcfg.FilterRule, error) {
|
||||
rules := []tailcfg.FilterRule{}
|
||||
machines := append(peers, *machine)
|
||||
machines := append(peers, machine)
|
||||
|
||||
for index, acl := range pol.ACLs {
|
||||
if acl.Action != "accept" {
|
||||
|
|
@ -293,7 +293,7 @@ func (pol *ACLPolicy) generateSSHRules(
|
|||
for index, sshACL := range pol.SSHs {
|
||||
var dest netipx.IPSetBuilder
|
||||
for _, src := range sshACL.Destinations {
|
||||
expanded, err := pol.ExpandAlias(append(peers, *machine), src)
|
||||
expanded, err := pol.ExpandAlias(append(peers, machine), src)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -875,7 +875,7 @@ func isTag(str string) bool {
|
|||
// Invalid tags are tags added by a user on a node, and that user doesn't have authority to add this tag.
|
||||
// Valid tags are tags added by a user that is allowed in the ACL policy to add this tag.
|
||||
func (pol *ACLPolicy) TagsOfMachine(
|
||||
machine types.Machine,
|
||||
machine *types.Machine,
|
||||
) ([]string, []string) {
|
||||
validTags := make([]string, 0)
|
||||
invalidTags := make([]string, 0)
|
||||
|
|
@ -935,7 +935,7 @@ func FilterMachinesByACL(
|
|||
continue
|
||||
}
|
||||
|
||||
if machine.CanAccess(filter, &machines[index]) || peer.CanAccess(filter, machine) {
|
||||
if machine.CanAccess(filter, machines[index]) || peer.CanAccess(filter, machine) {
|
||||
result = append(result, peer)
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue