feat: initial implementation of SideroLink

This contains gRPC API, some shared code to manage userspace Wireguard tunnel and a test server which lacks actual database to store connection information. Test implementation can be used with Talos to test SideroLink. Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
siderolabs · Nov 19, 2021 · 0755b24 · 0755b24
1 parent ee73ea9
commit 0755b24
Show file tree

Hide file tree

Showing 20 changed files with 1,796 additions and 639 deletions.
diff --git a/.dockerignore b/.dockerignore
@@ -1,10 +1,11 @@
 # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT.
 #
-# Generated on 2021-11-18T14:01:40Z by kres 8d6311a-dirty.
+# Generated on 2021-11-19T13:16:55Z by kres c4d092b.
 
 **
 !api
 !cmd
+!internal
 !pkg
 !go.mod
 !go.sum

diff --git a/.drone.yml b/.drone.yml
@@ -1,7 +1,7 @@
 ---
 # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT.
 #
-# Generated on 2021-11-18T18:01:00Z by kres 8d6311a-dirty.
+# Generated on 2021-11-19T13:50:19Z by kres c4d092b.
 
 kind: pipeline
 type: kubernetes
@@ -105,11 +105,11 @@ steps:
   depends_on:
   - unit-tests
 
-- name: event-sink
+- name: siderolink-agent
   pull: always
   image: autonomy/build-container:latest
   commands:
-  - make event-sink
+  - make siderolink-agent
   volumes:
   - name: outer-docker-socket
     path: /var/outer-run
@@ -139,83 +139,6 @@ steps:
   depends_on:
   - base
 
-- name: image-event-sink
-  pull: always
-  image: autonomy/build-container:latest
-  commands:
-  - make image-event-sink
-  volumes:
-  - name: outer-docker-socket
-    path: /var/outer-run
-  - name: docker-socket
-    path: /var/run
-  - name: buildx
-    path: /root/.docker/buildx
-  - name: ssh
-    path: /root/.ssh
-  depends_on:
-  - event-sink
-  - lint
-  - unit-tests
-
-- name: push-event-sink
-  pull: always
-  image: autonomy/build-container:latest
-  commands:
-  - docker login ghcr.io --username "$${GHCR_USERNAME}" --password "$${GHCR_PASSWORD}"
-  - make image-event-sink
-  environment:
-    GHCR_PASSWORD:
-      from_secret: ghcr_token
-    GHCR_USERNAME:
-      from_secret: ghcr_username
-    PUSH: true
-  volumes:
-  - name: outer-docker-socket
-    path: /var/outer-run
-  - name: docker-socket
-    path: /var/run
-  - name: buildx
-    path: /root/.docker/buildx
-  - name: ssh
-    path: /root/.ssh
-  when:
-    event:
-      exclude:
-      - pull_request
-  depends_on:
-  - image-event-sink
-
-- name: push-event-sink-latest
-  pull: always
-  image: autonomy/build-container:latest
-  commands:
-  - docker login ghcr.io --username "$${GHCR_USERNAME}" --password "$${GHCR_PASSWORD}"
-  - make image-event-sink TAG=latest
-  environment:
-    GHCR_PASSWORD:
-      from_secret: ghcr_token
-    GHCR_USERNAME:
-      from_secret: ghcr_username
-    PUSH: true
-  volumes:
-  - name: outer-docker-socket
-    path: /var/outer-run
-  - name: docker-socket
-    path: /var/run
-  - name: buildx
-    path: /root/.docker/buildx
-  - name: ssh
-    path: /root/.ssh
-  when:
-    branch:
-    - master
-    event:
-      exclude:
-      - pull_request
-  depends_on:
-  - push-event-sink
-
 - name: release-notes
   pull: always
   image: autonomy/build-container:latest
@@ -236,8 +159,7 @@ steps:
   depends_on:
   - unit-tests
   - coverage
-  - event-sink
-  - image-event-sink
+  - siderolink-agent
   - lint
 
 - name: release

diff --git a/.kres.yaml b/.kres.yaml
@@ -5,8 +5,10 @@ spec:
   specs:
     - source: api/events/events.proto
       subdirectory: events/
+    - source: api/siderolink/provision.proto
+      subdirectory: siderolink/
 ---
 kind: auto.CommandConfig
-name: events-sink
+name: siderolink-agent
 spec:
   disableImage: true
diff --git a/Dockerfile b/Dockerfile
@@ -2,14 +2,10 @@
 
 # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT.
 #
-# Generated on 2021-11-18T20:56:10Z by kres latest.
+# Generated on 2021-11-19T13:50:19Z by kres c4d092b.
 
 ARG TOOLCHAIN
 
-FROM ghcr.io/talos-systems/ca-certificates:v0.3.0-12-g90722c3 AS image-ca-certificates
-
-FROM ghcr.io/talos-systems/fhs:v0.3.0-12-g90722c3 AS image-fhs
-
 # runs markdownlint
 FROM node:14.8.0-alpine AS lint-markdown
 RUN npm i -g markdownlint-cli@0.23.2
@@ -22,6 +18,7 @@ RUN markdownlint --ignore "CHANGELOG.md" --ignore "**/node_modules/**" --ignore
 # collects proto specs
 FROM scratch AS proto-specs
 ADD api/events/events.proto /api/events/
+ADD api/siderolink/provision.proto /api/siderolink/
 
 # base toolchain image
 FROM ${TOOLCHAIN} AS toolchain
@@ -58,14 +55,17 @@ RUN --mount=type=cache,target=/go/pkg go mod download
 RUN --mount=type=cache,target=/go/pkg go mod verify
 COPY ./api ./api
 COPY ./cmd ./cmd
+COPY ./internal ./internal
 COPY ./pkg ./pkg
 RUN --mount=type=cache,target=/go/pkg go list -mod=readonly all >/dev/null
 
 # runs protobuf compiler
 FROM tools AS proto-compile
 COPY --from=proto-specs / /
 RUN protoc -I/api --go_out=paths=source_relative:/api --go-grpc_out=paths=source_relative:/api --go-vtproto_out=paths=source_relative:/api --go-vtproto_opt=features=marshal+unmarshal+size /api/events/events.proto
+RUN protoc -I/api --go_out=paths=source_relative:/api --go-grpc_out=paths=source_relative:/api --go-vtproto_out=paths=source_relative:/api --go-vtproto_opt=features=marshal+unmarshal+size /api/siderolink/provision.proto
 RUN rm /api/events/events.proto
+RUN rm /api/siderolink/provision.proto
 
 # runs gofumpt
 FROM base AS lint-gofumpt
@@ -96,22 +96,14 @@ COPY --from=proto-compile /api/ /api/
 FROM scratch AS unit-tests
 COPY --from=unit-tests-run /src/coverage.txt /coverage.txt
 
-# builds event-sink-linux-amd64
-FROM base AS event-sink-linux-amd64-build
+# builds siderolink-agent-linux-amd64
+FROM base AS siderolink-agent-linux-amd64-build
 COPY --from=generate / /
-WORKDIR /src/cmd/event-sink
-RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/go/pkg go build -ldflags "-s -w" -o /event-sink-linux-amd64
-
-FROM scratch AS event-sink-linux-amd64
-COPY --from=event-sink-linux-amd64-build /event-sink-linux-amd64 /event-sink-linux-amd64
+WORKDIR /src/cmd/siderolink-agent
+RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/go/pkg go build -ldflags "-s -w" -o /siderolink-agent-linux-amd64
 
-FROM event-sink-linux-${TARGETARCH} AS event-sink
+FROM scratch AS siderolink-agent-linux-amd64
+COPY --from=siderolink-agent-linux-amd64-build /siderolink-agent-linux-amd64 /siderolink-agent-linux-amd64
 
-FROM scratch AS image-event-sink
-ARG TARGETARCH
-COPY --from=event-sink event-sink-linux-${TARGETARCH} /event-sink
-COPY --from=image-fhs / /
-COPY --from=image-ca-certificates / /
-LABEL org.opencontainers.image.source https://github.com/talos-systems/siderolink
-ENTRYPOINT ["/event-sink"]
+FROM siderolink-agent-linux-${TARGETARCH} AS siderolink-agent
 
diff --git a/Makefile b/Makefile
@@ -1,6 +1,6 @@
 # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT.
 #
-# Generated on 2021-11-18T20:56:10Z by kres latest.
+# Generated on 2021-11-19T13:50:19Z by kres c4d092b.
 
 # common variables
 
@@ -77,7 +77,7 @@ respectively.
 
 endef
 
-all: unit-tests event-sink image-event-sink lint
+all: unit-tests siderolink-agent lint
 
 .PHONY: clean
 clean:  ## Cleans up all artifacts.
@@ -121,15 +121,15 @@ unit-tests-race:  ## Performs unit tests with race detection enabled.
 coverage:  ## Upload coverage data to codecov.io.
 	bash -c "bash <(curl -s https://codecov.io/bash) -f $(ARTIFACTS)/coverage.txt -X fix"
 
-.PHONY: $(ARTIFACTS)/event-sink-linux-amd64
-$(ARTIFACTS)/event-sink-linux-amd64:
-	@$(MAKE) local-event-sink-linux-amd64 DEST=$(ARTIFACTS)
+.PHONY: $(ARTIFACTS)/siderolink-agent-linux-amd64
+$(ARTIFACTS)/siderolink-agent-linux-amd64:
+	@$(MAKE) local-siderolink-agent-linux-amd64 DEST=$(ARTIFACTS)
 
-.PHONY: event-sink-linux-amd64
-event-sink-linux-amd64: $(ARTIFACTS)/event-sink-linux-amd64  ## Builds executable for event-sink-linux-amd64.
+.PHONY: siderolink-agent-linux-amd64
+siderolink-agent-linux-amd64: $(ARTIFACTS)/siderolink-agent-linux-amd64  ## Builds executable for siderolink-agent-linux-amd64.
 
-.PHONY: event-sink
-event-sink: event-sink-linux-amd64  ## Builds executables for event-sink.
+.PHONY: siderolink-agent
+siderolink-agent: siderolink-agent-linux-amd64  ## Builds executables for siderolink-agent.
 
 .PHONY: lint-markdown
 lint-markdown:  ## Runs markdownlint.
@@ -138,10 +138,6 @@ lint-markdown:  ## Runs markdownlint.
 .PHONY: lint
 lint: lint-golangci-lint lint-gofumpt lint-markdown  ## Run all linters for the project.
 
-.PHONY: image-event-sink
-image-event-sink:  ## Builds image for event-sink.
-	@$(MAKE) target-$@ TARGET_ARGS="--tag=$(REGISTRY)/$(USERNAME)/event-sink:$(TAG)"
-
 .PHONY: rekres
 rekres:
 	@docker pull $(KRES_IMAGE)