mirror of
https://github.com/tailscale/tailscale.git
synced 2025-01-10 10:03:43 +00:00
e815ae0ec4
Some checks are pending
checklocks / checklocks (push) Waiting to run
CodeQL / Analyze (go) (push) Waiting to run
Dockerfile build / deploy (push) Waiting to run
CI / licenses (push) Waiting to run
CI / check_mergeability (push) Blocked by required conditions
CI / staticcheck (386, windows) (push) Waiting to run
CI / staticcheck (amd64, darwin) (push) Waiting to run
CI / staticcheck (amd64, linux) (push) Waiting to run
CI / staticcheck (amd64, windows) (push) Waiting to run
CI / cross (386, linux) (push) Waiting to run
CI / notify_slack (push) Blocked by required conditions
CI / cross (arm, 5, linux) (push) Waiting to run
CI / race-root-integration (1/4) (push) Waiting to run
CI / race-root-integration (2/4) (push) Waiting to run
CI / race-root-integration (3/4) (push) Waiting to run
CI / race-root-integration (4/4) (push) Waiting to run
CI / test (-coverprofile=/tmp/coverage.out, amd64) (push) Waiting to run
CI / cross (arm, 7, linux) (push) Waiting to run
CI / test (-race, amd64, 1/3) (push) Waiting to run
CI / test (-race, amd64, 2/3) (push) Waiting to run
CI / test (-race, amd64, 3/3) (push) Waiting to run
CI / test (386) (push) Waiting to run
CI / windows (push) Waiting to run
CI / privileged (push) Waiting to run
CI / ios (push) Waiting to run
CI / vm (push) Waiting to run
CI / race-build (push) Waiting to run
CI / fuzz (push) Waiting to run
CI / depaware (push) Waiting to run
CI / go_generate (push) Waiting to run
CI / cross (amd64, darwin) (push) Waiting to run
CI / cross (amd64, freebsd) (push) Waiting to run
CI / cross (amd64, openbsd) (push) Waiting to run
CI / cross (amd64, windows) (push) Waiting to run
CI / cross (arm64, darwin) (push) Waiting to run
CI / cross (arm64, linux) (push) Waiting to run
CI / cross (arm64, windows) (push) Waiting to run
CI / cross (loong64, linux) (push) Waiting to run
CI / crossmin (amd64, plan9) (push) Waiting to run
CI / crossmin (ppc64, aix) (push) Waiting to run
CI / android (push) Waiting to run
CI / wasm (push) Waiting to run
CI / tailscale_go (push) Waiting to run
CI / go_mod_tidy (push) Waiting to run
In this PR, we update the syspolicy package to utilize syspolicy/rsop under the hood, and remove syspolicy.CachingHandler, syspolicy.windowsHandler and related code which is no longer used. We mark the syspolicy.Handler interface and RegisterHandler/SetHandlerForTest functions as deprecated, but keep them temporarily until they are no longer used in other repos. We also update the package to register setting definitions for all existing policy settings and to register the Registry-based, Windows-specific policy stores when running on Windows. Finally, we update existing internal and external tests to use the new API and add a few more tests and benchmarks. Updates #12687 Signed-off-by: Nick Khyl <nickk@tailscale.com>
96 lines
2.0 KiB
Go
96 lines
2.0 KiB
Go
// Copyright (c) Tailscale Inc & AUTHORS
|
|
// SPDX-License-Identifier: BSD-3-Clause
|
|
|
|
package syspolicy
|
|
|
|
import (
|
|
"fmt"
|
|
"go/ast"
|
|
"go/parser"
|
|
"go/token"
|
|
"go/types"
|
|
"os"
|
|
"reflect"
|
|
"strconv"
|
|
"testing"
|
|
|
|
"tailscale.com/util/syspolicy/setting"
|
|
)
|
|
|
|
func TestKnownKeysRegistered(t *testing.T) {
|
|
keyConsts, err := listStringConsts[Key]("policy_keys.go")
|
|
if err != nil {
|
|
t.Fatalf("listStringConsts failed: %v", err)
|
|
}
|
|
|
|
m, err := setting.DefinitionMapOf(implicitDefinitions)
|
|
if err != nil {
|
|
t.Fatalf("definitionMapOf failed: %v", err)
|
|
}
|
|
|
|
for _, key := range keyConsts {
|
|
t.Run(string(key), func(t *testing.T) {
|
|
d := m[key]
|
|
if d == nil {
|
|
t.Fatalf("%q was not registered", key)
|
|
}
|
|
if d.Key() != key {
|
|
t.Fatalf("d.Key got: %s, want %s", d.Key(), key)
|
|
}
|
|
})
|
|
}
|
|
}
|
|
|
|
func TestNotAWellKnownSetting(t *testing.T) {
|
|
d, err := WellKnownSettingDefinition("TestSettingDoesNotExist")
|
|
if d != nil || err == nil {
|
|
t.Fatalf("got %v, %v; want nil, %v", d, err, ErrNoSuchKey)
|
|
}
|
|
}
|
|
|
|
func listStringConsts[T ~string](filename string) (map[string]T, error) {
|
|
fset := token.NewFileSet()
|
|
src, err := os.ReadFile(filename)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
f, err := parser.ParseFile(fset, filename, src, 0)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
consts := make(map[string]T)
|
|
typeName := reflect.TypeFor[T]().Name()
|
|
for _, d := range f.Decls {
|
|
g, ok := d.(*ast.GenDecl)
|
|
if !ok || g.Tok != token.CONST {
|
|
continue
|
|
}
|
|
|
|
for _, s := range g.Specs {
|
|
vs, ok := s.(*ast.ValueSpec)
|
|
if !ok || len(vs.Names) != len(vs.Values) {
|
|
continue
|
|
}
|
|
if typ, ok := vs.Type.(*ast.Ident); !ok || typ.Name != typeName {
|
|
continue
|
|
}
|
|
|
|
for i, n := range vs.Names {
|
|
lit, ok := vs.Values[i].(*ast.BasicLit)
|
|
if !ok {
|
|
return nil, fmt.Errorf("unexpected string literal: %v = %v", n.Name, types.ExprString(vs.Values[i]))
|
|
}
|
|
val, err := strconv.Unquote(lit.Value)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("unexpected string literal: %v = %v", n.Name, lit.Value)
|
|
}
|
|
consts[n.Name] = T(val)
|
|
}
|
|
}
|
|
}
|
|
|
|
return consts, nil
|
|
}
|