TheArchive/headscale
1
0
Fork 0
mirror of https://github.com/juanfont/headscale.git synced 2024-11-25 02:55:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

update dependency path for integration

Browse Source 
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
This commit is contained in:
Kristoffer Dalby 2023-05-10 10:26:28 +02:00 committed by Juan Font
parent d2413d0a2f
commit 52ad138c32
7 changed files with 76 additions and 76 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

88
integration/acl_test.go
View File

@ -6,7 +6,7 @@ import (
"strings" "strings"
"testing" "testing"
"github.com/juanfont/headscale" "github.com/juanfont/headscale/hscontrol"
"github.com/juanfont/headscale/integration/hsic" "github.com/juanfont/headscale/integration/hsic"
"github.com/juanfont/headscale/integration/tsic" "github.com/juanfont/headscale/integration/tsic"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
@ -45,7 +45,7 @@ var veryLargeDestination = []string{
"208.0.0.0/4:*", "208.0.0.0/4:*",
} }
func aclScenario(t *testing.T, policy *headscale.ACLPolicy, clientsPerUser int) *Scenario { func aclScenario(t *testing.T, policy *hscontrol.ACLPolicy, clientsPerUser int) *Scenario {
t.Helper() t.Helper()
scenario, err := NewScenario() scenario, err := NewScenario()
assert.NoError(t, err) assert.NoError(t, err)
@ -92,7 +92,7 @@ func TestACLHostsInNetMapTable(t *testing.T) {
// they can access minus one (them self). // they can access minus one (them self).
tests := map[string]struct { tests := map[string]struct {
users map[string]int users map[string]int
policy headscale.ACLPolicy policy hscontrol.ACLPolicy
want map[string]int want map[string]int
}{ }{
// Test that when we have no ACL, each client netmap has // Test that when we have no ACL, each client netmap has
@ -102,8 +102,8 @@ func TestACLHostsInNetMapTable(t *testing.T) {
"user1": 2, "user1": 2,
"user2": 2, "user2": 2,
}, },
policy: headscale.ACLPolicy{ policy: hscontrol.ACLPolicy{
ACLs: []headscale.ACL{ ACLs: []hscontrol.ACL{
{ {
Action: "accept", Action: "accept",
Sources: []string{"*"}, Sources: []string{"*"},
@ -123,8 +123,8 @@ func TestACLHostsInNetMapTable(t *testing.T) {
"user1": 2, "user1": 2,
"user2": 2, "user2": 2,
}, },
policy: headscale.ACLPolicy{ policy: hscontrol.ACLPolicy{
ACLs: []headscale.ACL{ ACLs: []hscontrol.ACL{
{ {
Action: "accept", Action: "accept",
Sources: []string{"user1"}, Sources: []string{"user1"},
@ -149,8 +149,8 @@ func TestACLHostsInNetMapTable(t *testing.T) {
"user1": 2, "user1": 2,
"user2": 2, "user2": 2,
}, },
policy: headscale.ACLPolicy{ policy: hscontrol.ACLPolicy{
ACLs: []headscale.ACL{ ACLs: []hscontrol.ACL{
{ {
Action: "accept", Action: "accept",
Sources: []string{"user1"}, Sources: []string{"user1"},
@ -186,8 +186,8 @@ func TestACLHostsInNetMapTable(t *testing.T) {
"user1": 2, "user1": 2,
"user2": 2, "user2": 2,
}, },
policy: headscale.ACLPolicy{ policy: hscontrol.ACLPolicy{
ACLs: []headscale.ACL{ ACLs: []hscontrol.ACL{
{ {
Action: "accept", Action: "accept",
Sources: []string{"user1"}, Sources: []string{"user1"},
@ -214,8 +214,8 @@ func TestACLHostsInNetMapTable(t *testing.T) {
"user1": 2, "user1": 2,
"user2": 2, "user2": 2,
}, },
policy: headscale.ACLPolicy{ policy: hscontrol.ACLPolicy{
ACLs: []headscale.ACL{ ACLs: []hscontrol.ACL{
{ {
Action: "accept", Action: "accept",
Sources: []string{"user1"}, Sources: []string{"user1"},
@ -282,8 +282,8 @@ func TestACLAllowUser80Dst(t *testing.T) {
IntegrationSkip(t) IntegrationSkip(t)
scenario := aclScenario(t, scenario := aclScenario(t,
&headscale.ACLPolicy{ &hscontrol.ACLPolicy{
ACLs: []headscale.ACL{ ACLs: []hscontrol.ACL{
{ {
Action: "accept", Action: "accept",
Sources: []string{"user1"}, Sources: []string{"user1"},
@ -338,11 +338,11 @@ func TestACLDenyAllPort80(t *testing.T) {
IntegrationSkip(t) IntegrationSkip(t)
scenario := aclScenario(t, scenario := aclScenario(t,
&headscale.ACLPolicy{ &hscontrol.ACLPolicy{
Groups: map[string][]string{ Groups: map[string][]string{
"group:integration-acl-test": {"user1", "user2"}, "group:integration-acl-test": {"user1", "user2"},
}, },
ACLs: []headscale.ACL{ ACLs: []hscontrol.ACL{
{ {
Action: "accept", Action: "accept",
Sources: []string{"group:integration-acl-test"}, Sources: []string{"group:integration-acl-test"},
@ -387,8 +387,8 @@ func TestACLAllowUserDst(t *testing.T) {
IntegrationSkip(t) IntegrationSkip(t)
scenario := aclScenario(t, scenario := aclScenario(t,
&headscale.ACLPolicy{ &hscontrol.ACLPolicy{
ACLs: []headscale.ACL{ ACLs: []hscontrol.ACL{
{ {
Action: "accept", Action: "accept",
Sources: []string{"user1"}, Sources: []string{"user1"},
@ -445,8 +445,8 @@ func TestACLAllowStarDst(t *testing.T) {
IntegrationSkip(t) IntegrationSkip(t)
scenario := aclScenario(t, scenario := aclScenario(t,
&headscale.ACLPolicy{ &hscontrol.ACLPolicy{
ACLs: []headscale.ACL{ ACLs: []hscontrol.ACL{
{ {
Action: "accept", Action: "accept",
Sources: []string{"user1"}, Sources: []string{"user1"},
@ -504,11 +504,11 @@ func TestACLNamedHostsCanReachBySubnet(t *testing.T) {
IntegrationSkip(t) IntegrationSkip(t)
scenario := aclScenario(t, scenario := aclScenario(t,
&headscale.ACLPolicy{ &hscontrol.ACLPolicy{
Hosts: headscale.Hosts{ Hosts: hscontrol.Hosts{
"all": netip.MustParsePrefix("100.64.0.0/24"), "all": netip.MustParsePrefix("100.64.0.0/24"),
}, },
ACLs: []headscale.ACL{ ACLs: []hscontrol.ACL{
// Everyone can curl test3 // Everyone can curl test3
{ {
Action: "accept", Action: "accept",
@ -603,16 +603,16 @@ func TestACLNamedHostsCanReach(t *testing.T) {
IntegrationSkip(t) IntegrationSkip(t)
tests := map[string]struct { tests := map[string]struct {
policy headscale.ACLPolicy policy hscontrol.ACLPolicy
}{ }{
"ipv4": { "ipv4": {
policy: headscale.ACLPolicy{ policy: hscontrol.ACLPolicy{
Hosts: headscale.Hosts{ Hosts: hscontrol.Hosts{
"test1": netip.MustParsePrefix("100.64.0.1/32"), "test1": netip.MustParsePrefix("100.64.0.1/32"),
"test2": netip.MustParsePrefix("100.64.0.2/32"), "test2": netip.MustParsePrefix("100.64.0.2/32"),
"test3": netip.MustParsePrefix("100.64.0.3/32"), "test3": netip.MustParsePrefix("100.64.0.3/32"),
}, },
ACLs: []headscale.ACL{ ACLs: []hscontrol.ACL{
// Everyone can curl test3 // Everyone can curl test3
{ {
Action: "accept", Action: "accept",
@ -629,13 +629,13 @@ func TestACLNamedHostsCanReach(t *testing.T) {
}, },
}, },
"ipv6": { "ipv6": {
policy: headscale.ACLPolicy{ policy: hscontrol.ACLPolicy{
Hosts: headscale.Hosts{ Hosts: hscontrol.Hosts{
"test1": netip.MustParsePrefix("fd7a:115c:a1e0::1/128"), "test1": netip.MustParsePrefix("fd7a:115c:a1e0::1/128"),
"test2": netip.MustParsePrefix("fd7a:115c:a1e0::2/128"), "test2": netip.MustParsePrefix("fd7a:115c:a1e0::2/128"),
"test3": netip.MustParsePrefix("fd7a:115c:a1e0::3/128"), "test3": netip.MustParsePrefix("fd7a:115c:a1e0::3/128"),
}, },
ACLs: []headscale.ACL{ ACLs: []hscontrol.ACL{
// Everyone can curl test3 // Everyone can curl test3
{ {
Action: "accept", Action: "accept",
@ -854,11 +854,11 @@ func TestACLDevice1CanAccessDevice2(t *testing.T) {
IntegrationSkip(t) IntegrationSkip(t)
tests := map[string]struct { tests := map[string]struct {
policy headscale.ACLPolicy policy hscontrol.ACLPolicy
}{ }{
"ipv4": { "ipv4": {
policy: headscale.ACLPolicy{ policy: hscontrol.ACLPolicy{
ACLs: []headscale.ACL{ ACLs: []hscontrol.ACL{
{ {
Action: "accept", Action: "accept",
Sources: []string{"100.64.0.1"}, Sources: []string{"100.64.0.1"},
@ -868,8 +868,8 @@ func TestACLDevice1CanAccessDevice2(t *testing.T) {
}, },
}, },
"ipv6": { "ipv6": {
policy: headscale.ACLPolicy{ policy: hscontrol.ACLPolicy{
ACLs: []headscale.ACL{ ACLs: []hscontrol.ACL{
{ {
Action: "accept", Action: "accept",
Sources: []string{"fd7a:115c:a1e0::1"}, Sources: []string{"fd7a:115c:a1e0::1"},
@ -879,12 +879,12 @@ func TestACLDevice1CanAccessDevice2(t *testing.T) {
}, },
}, },
"hostv4cidr": { "hostv4cidr": {
policy: headscale.ACLPolicy{ policy: hscontrol.ACLPolicy{
Hosts: headscale.Hosts{ Hosts: hscontrol.Hosts{
"test1": netip.MustParsePrefix("100.64.0.1/32"), "test1": netip.MustParsePrefix("100.64.0.1/32"),
"test2": netip.MustParsePrefix("100.64.0.2/32"), "test2": netip.MustParsePrefix("100.64.0.2/32"),
}, },
ACLs: []headscale.ACL{ ACLs: []hscontrol.ACL{
{ {
Action: "accept", Action: "accept",
Sources: []string{"test1"}, Sources: []string{"test1"},
@ -894,12 +894,12 @@ func TestACLDevice1CanAccessDevice2(t *testing.T) {
}, },
}, },
"hostv6cidr": { "hostv6cidr": {
policy: headscale.ACLPolicy{ policy: hscontrol.ACLPolicy{
Hosts: headscale.Hosts{ Hosts: hscontrol.Hosts{
"test1": netip.MustParsePrefix("fd7a:115c:a1e0::1/128"), "test1": netip.MustParsePrefix("fd7a:115c:a1e0::1/128"),
"test2": netip.MustParsePrefix("fd7a:115c:a1e0::2/128"), "test2": netip.MustParsePrefix("fd7a:115c:a1e0::2/128"),
}, },
ACLs: []headscale.ACL{ ACLs: []hscontrol.ACL{
{ {
Action: "accept", Action: "accept",
Sources: []string{"test1"}, Sources: []string{"test1"},
@ -909,12 +909,12 @@ func TestACLDevice1CanAccessDevice2(t *testing.T) {
}, },
}, },
"group": { "group": {
policy: headscale.ACLPolicy{ policy: hscontrol.ACLPolicy{
Groups: map[string][]string{ Groups: map[string][]string{
"group:one": {"user1"}, "group:one": {"user1"},
"group:two": {"user2"}, "group:two": {"user2"},
}, },
ACLs: []headscale.ACL{ ACLs: []hscontrol.ACL{
{ {
Action: "accept", Action: "accept",
Sources: []string{"group:one"}, Sources: []string{"group:one"},

8
integration/auth_oidc_test.go
View File

@ -14,7 +14,7 @@ import (
"testing" "testing"
"time" "time"
"github.com/juanfont/headscale" "github.com/juanfont/headscale/hscontrol"
"github.com/juanfont/headscale/integration/dockertestutil" "github.com/juanfont/headscale/integration/dockertestutil"
"github.com/juanfont/headscale/integration/hsic" "github.com/juanfont/headscale/integration/hsic"
"github.com/ory/dockertest/v3" "github.com/ory/dockertest/v3"
@ -213,14 +213,14 @@ func (s *AuthOIDCScenario) CreateHeadscaleEnv(
return nil return nil
} }
func (s *AuthOIDCScenario) runMockOIDC(accessTTL time.Duration) (*headscale.OIDCConfig, error) { func (s *AuthOIDCScenario) runMockOIDC(accessTTL time.Duration) (*hscontrol.OIDCConfig, error) {
port, err := dockertestutil.RandomFreeHostPort() port, err := dockertestutil.RandomFreeHostPort()
if err != nil { if err != nil {
log.Fatalf("could not find an open port: %s", err) log.Fatalf("could not find an open port: %s", err)
} }
portNotation := fmt.Sprintf("%d/tcp", port) portNotation := fmt.Sprintf("%d/tcp", port)
hash, _ := headscale.GenerateRandomStringDNSSafe(hsicOIDCMockHashLength) hash, _ := hscontrol.GenerateRandomStringDNSSafe(hsicOIDCMockHashLength)
hostname := fmt.Sprintf("hs-oidcmock-%s", hash) hostname := fmt.Sprintf("hs-oidcmock-%s", hash)
@ -287,7 +287,7 @@ func (s *AuthOIDCScenario) runMockOIDC(accessTTL time.Duration) (*headscale.OIDC
log.Printf("headscale mock oidc is ready for tests at %s", hostEndpoint) log.Printf("headscale mock oidc is ready for tests at %s", hostEndpoint)
return &headscale.OIDCConfig{ return &hscontrol.OIDCConfig{
Issuer: fmt.Sprintf( Issuer: fmt.Sprintf(
"http://%s/oidc", "http://%s/oidc",
net.JoinHostPort(s.mockOIDC.GetIPInNetwork(s.network), strconv.Itoa(port)), net.JoinHostPort(s.mockOIDC.GetIPInNetwork(s.network), strconv.Itoa(port)),

4
integration/embedded_derp_test.go
View File

@ -6,7 +6,7 @@ import (
"net/url" "net/url"
"testing" "testing"
"github.com/juanfont/headscale" "github.com/juanfont/headscale/hscontrol"
"github.com/juanfont/headscale/integration/dockertestutil" "github.com/juanfont/headscale/integration/dockertestutil"
"github.com/juanfont/headscale/integration/hsic" "github.com/juanfont/headscale/integration/hsic"
"github.com/juanfont/headscale/integration/tsic" "github.com/juanfont/headscale/integration/tsic"
@ -110,7 +110,7 @@ func (s *EmbeddedDERPServerScenario) CreateHeadscaleEnv(
return err return err
} }
hash, err := headscale.GenerateRandomStringDNSSafe(scenarioHashLength) hash, err := hscontrol.GenerateRandomStringDNSSafe(scenarioHashLength)
if err != nil { if err != nil {
return err return err
} }

12
integration/hsic/hsic.go
View File

@ -22,8 +22,8 @@ import (
"time" "time"
"github.com/davecgh/go-spew/spew" "github.com/davecgh/go-spew/spew"
"github.com/juanfont/headscale"
v1 "github.com/juanfont/headscale/gen/go/headscale/v1" v1 "github.com/juanfont/headscale/gen/go/headscale/v1"
"github.com/juanfont/headscale/hscontrol"
"github.com/juanfont/headscale/integration/dockertestutil" "github.com/juanfont/headscale/integration/dockertestutil"
"github.com/juanfont/headscale/integration/integrationutil" "github.com/juanfont/headscale/integration/integrationutil"
"github.com/ory/dockertest/v3" "github.com/ory/dockertest/v3"
@ -59,7 +59,7 @@ type HeadscaleInContainer struct {
port int port int
extraPorts []string extraPorts []string
hostPortBindings map[string][]string hostPortBindings map[string][]string
aclPolicy *headscale.ACLPolicy aclPolicy *hscontrol.ACLPolicy
env map[string]string env map[string]string
tlsCert []byte tlsCert []byte
tlsKey []byte tlsKey []byte
@ -70,9 +70,9 @@ type HeadscaleInContainer struct {
// Headscale instance. // Headscale instance.
type Option = func(c *HeadscaleInContainer) type Option = func(c *HeadscaleInContainer)
// WithACLPolicy adds a headscale.ACLPolicy policy to the // WithACLPolicy adds a hscontrol.ACLPolicy policy to the
// HeadscaleInContainer instance. // HeadscaleInContainer instance.
func WithACLPolicy(acl *headscale.ACLPolicy) Option { func WithACLPolicy(acl *hscontrol.ACLPolicy) Option {
return func(hsic *HeadscaleInContainer) { return func(hsic *HeadscaleInContainer) {
// TODO(kradalby): Move somewhere appropriate // TODO(kradalby): Move somewhere appropriate
hsic.env["HEADSCALE_ACL_POLICY_PATH"] = aclPolicyPath hsic.env["HEADSCALE_ACL_POLICY_PATH"] = aclPolicyPath
@ -132,7 +132,7 @@ func WithHostPortBindings(bindings map[string][]string) Option {
// in the Docker container name. // in the Docker container name.
func WithTestName(testName string) Option { func WithTestName(testName string) Option {
return func(hsic *HeadscaleInContainer) { return func(hsic *HeadscaleInContainer) {
hash, _ := headscale.GenerateRandomStringDNSSafe(hsicHashLength) hash, _ := hscontrol.GenerateRandomStringDNSSafe(hsicHashLength)
hostname := fmt.Sprintf("hs-%s-%s", testName, hash) hostname := fmt.Sprintf("hs-%s-%s", testName, hash)
hsic.hostname = hostname hsic.hostname = hostname
@ -167,7 +167,7 @@ func New(
network *dockertest.Network, network *dockertest.Network,
opts ...Option, opts ...Option,
) (*HeadscaleInContainer, error) { ) (*HeadscaleInContainer, error) {
hash, err := headscale.GenerateRandomStringDNSSafe(hsicHashLength) hash, err := hscontrol.GenerateRandomStringDNSSafe(hsicHashLength)
if err != nil { if err != nil {
return nil, err return nil, err
} }

4
integration/scenario.go
View File

@ -9,8 +9,8 @@ import (
"sync" "sync"
"time" "time"
"github.com/juanfont/headscale"
v1 "github.com/juanfont/headscale/gen/go/headscale/v1" v1 "github.com/juanfont/headscale/gen/go/headscale/v1"
"github.com/juanfont/headscale/hscontrol"
"github.com/juanfont/headscale/integration/dockertestutil" "github.com/juanfont/headscale/integration/dockertestutil"
"github.com/juanfont/headscale/integration/hsic" "github.com/juanfont/headscale/integration/hsic"
"github.com/juanfont/headscale/integration/tsic" "github.com/juanfont/headscale/integration/tsic"
@ -105,7 +105,7 @@ type Scenario struct {
// NewScenario creates a test Scenario which can be used to bootstraps a ControlServer with // NewScenario creates a test Scenario which can be used to bootstraps a ControlServer with
// a set of Users and TailscaleClients. // a set of Users and TailscaleClients.
func NewScenario() (*Scenario, error) { func NewScenario() (*Scenario, error) {
hash, err := headscale.GenerateRandomStringDNSSafe(scenarioHashLength) hash, err := hscontrol.GenerateRandomStringDNSSafe(scenarioHashLength)
if err != nil { if err != nil {
return nil, err return nil, err
} }

32
integration/ssh_test.go
View File

@ -6,7 +6,7 @@ import (
"testing" "testing"
"time" "time"
"github.com/juanfont/headscale" "github.com/juanfont/headscale/hscontrol"
"github.com/juanfont/headscale/integration/hsic" "github.com/juanfont/headscale/integration/hsic"
"github.com/juanfont/headscale/integration/tsic" "github.com/juanfont/headscale/integration/tsic"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
@ -57,18 +57,18 @@ func TestSSHOneUserAllToAll(t *testing.T) {
err = scenario.CreateHeadscaleEnv(spec, err = scenario.CreateHeadscaleEnv(spec,
[]tsic.Option{tsic.WithSSH()}, []tsic.Option{tsic.WithSSH()},
hsic.WithACLPolicy( hsic.WithACLPolicy(
&headscale.ACLPolicy{ &hscontrol.ACLPolicy{
Groups: map[string][]string{ Groups: map[string][]string{
"group:integration-test": {"user1"}, "group:integration-test": {"user1"},
}, },
ACLs: []headscale.ACL{ ACLs: []hscontrol.ACL{
{ {
Action: "accept", Action: "accept",
Sources: []string{"*"}, Sources: []string{"*"},
Destinations: []string{"*:*"}, Destinations: []string{"*:*"},
}, },
}, },
SSHs: []headscale.SSH{ SSHs: []hscontrol.SSH{
{ {
Action: "accept", Action: "accept",
Sources: []string{"group:integration-test"}, Sources: []string{"group:integration-test"},
@ -134,18 +134,18 @@ func TestSSHMultipleUsersAllToAll(t *testing.T) {
err = scenario.CreateHeadscaleEnv(spec, err = scenario.CreateHeadscaleEnv(spec,
[]tsic.Option{tsic.WithSSH()}, []tsic.Option{tsic.WithSSH()},
hsic.WithACLPolicy( hsic.WithACLPolicy(
&headscale.ACLPolicy{ &hscontrol.ACLPolicy{
Groups: map[string][]string{ Groups: map[string][]string{
"group:integration-test": {"user1", "user2"}, "group:integration-test": {"user1", "user2"},
}, },
ACLs: []headscale.ACL{ ACLs: []hscontrol.ACL{
{ {
Action: "accept", Action: "accept",
Sources: []string{"*"}, Sources: []string{"*"},
Destinations: []string{"*:*"}, Destinations: []string{"*:*"},
}, },
}, },
SSHs: []headscale.SSH{ SSHs: []hscontrol.SSH{
{ {
Action: "accept", Action: "accept",
Sources: []string{"group:integration-test"}, Sources: []string{"group:integration-test"},
@ -216,18 +216,18 @@ func TestSSHNoSSHConfigured(t *testing.T) {
err = scenario.CreateHeadscaleEnv(spec, err = scenario.CreateHeadscaleEnv(spec,
[]tsic.Option{tsic.WithSSH()}, []tsic.Option{tsic.WithSSH()},
hsic.WithACLPolicy( hsic.WithACLPolicy(
&headscale.ACLPolicy{ &hscontrol.ACLPolicy{
Groups: map[string][]string{ Groups: map[string][]string{
"group:integration-test": {"user1"}, "group:integration-test": {"user1"},
}, },
ACLs: []headscale.ACL{ ACLs: []hscontrol.ACL{
{ {
Action: "accept", Action: "accept",
Sources: []string{"*"}, Sources: []string{"*"},
Destinations: []string{"*:*"}, Destinations: []string{"*:*"},
}, },
}, },
SSHs: []headscale.SSH{}, SSHs: []hscontrol.SSH{},
}, },
), ),
hsic.WithTestName("sshnoneconfigured"), hsic.WithTestName("sshnoneconfigured"),
@ -286,18 +286,18 @@ func TestSSHIsBlockedInACL(t *testing.T) {
err = scenario.CreateHeadscaleEnv(spec, err = scenario.CreateHeadscaleEnv(spec,
[]tsic.Option{tsic.WithSSH()}, []tsic.Option{tsic.WithSSH()},
hsic.WithACLPolicy( hsic.WithACLPolicy(
&headscale.ACLPolicy{ &hscontrol.ACLPolicy{
Groups: map[string][]string{ Groups: map[string][]string{
"group:integration-test": {"user1"}, "group:integration-test": {"user1"},
}, },
ACLs: []headscale.ACL{ ACLs: []hscontrol.ACL{
{ {
Action: "accept", Action: "accept",
Sources: []string{"*"}, Sources: []string{"*"},
Destinations: []string{"*:80"}, Destinations: []string{"*:80"},
}, },
}, },
SSHs: []headscale.SSH{ SSHs: []hscontrol.SSH{
{ {
Action: "accept", Action: "accept",
Sources: []string{"group:integration-test"}, Sources: []string{"group:integration-test"},
@ -364,19 +364,19 @@ func TestSSUserOnlyIsolation(t *testing.T) {
err = scenario.CreateHeadscaleEnv(spec, err = scenario.CreateHeadscaleEnv(spec,
[]tsic.Option{tsic.WithSSH()}, []tsic.Option{tsic.WithSSH()},
hsic.WithACLPolicy( hsic.WithACLPolicy(
&headscale.ACLPolicy{ &hscontrol.ACLPolicy{
Groups: map[string][]string{ Groups: map[string][]string{
"group:ssh1": {"useracl1"}, "group:ssh1": {"useracl1"},
"group:ssh2": {"useracl2"}, "group:ssh2": {"useracl2"},
}, },
ACLs: []headscale.ACL{ ACLs: []hscontrol.ACL{
{ {
Action: "accept", Action: "accept",
Sources: []string{"*"}, Sources: []string{"*"},
Destinations: []string{"*:*"}, Destinations: []string{"*:*"},
}, },
}, },
SSHs: []headscale.SSH{ SSHs: []hscontrol.SSH{
{ {
Action: "accept", Action: "accept",
Sources: []string{"group:ssh1"}, Sources: []string{"group:ssh1"},

4
integration/tsic/tsic.go
View File

@ -12,7 +12,7 @@ import (
"time" "time"
"github.com/cenkalti/backoff/v4" "github.com/cenkalti/backoff/v4"
"github.com/juanfont/headscale" "github.com/juanfont/headscale/hscontrol"
"github.com/juanfont/headscale/integration/dockertestutil" "github.com/juanfont/headscale/integration/dockertestutil"
"github.com/juanfont/headscale/integration/integrationutil" "github.com/juanfont/headscale/integration/integrationutil"
"github.com/ory/dockertest/v3" "github.com/ory/dockertest/v3"
@ -150,7 +150,7 @@ func New(
network *dockertest.Network, network *dockertest.Network,
opts ...Option, opts ...Option,
) (*TailscaleInContainer, error) { ) (*TailscaleInContainer, error) {
hash, err := headscale.GenerateRandomStringDNSSafe(tsicHashLength) hash, err := hscontrol.GenerateRandomStringDNSSafe(tsicHashLength)
if err != nil { if err != nil {
return nil, err return nil, err
} }