Skip to content

Commit

Permalink
Merge pull request #1 from gjtempleton/Publish-Multi-Arch
Browse files Browse the repository at this point in the history
Publish multi arch
  • Loading branch information
gjtempleton authored Jan 4, 2024
2 parents 0674908 + b8995a8 commit c99e306
Show file tree
Hide file tree
Showing 5 changed files with 107 additions and 4 deletions.
58 changes: 58 additions & 0 deletions .github/workflows/publish.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,58 @@
name: Create and publish a Docker image

on:
push:
branches:
- 'main'
tags:
- '*'

env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}

jobs:
build-and-push-image:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write

steps:
- name: Checkout repository
uses: actions/checkout@v2

- name: Set up QEMU
uses: docker/setup-qemu-action@v3

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3

- name: Login to the Container registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
type=ref,event=branch
type=ref,event=pr
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=sha
- name: Build and push Docker image
uses: docker/build-push-action@v5
with:
context: .
platforms: linux/amd64,linux/arm64
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
4 changes: 2 additions & 2 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
FROM golang:1.16.0 AS BUILDER
FROM golang:1.21.0 AS BUILDER
WORKDIR /go/src/github.com/jtblin/kube2iam
ENV ARCH=linux
ENV CGO_ENABLED=0
COPY . ./
RUN make setup && make build

FROM alpine:3.12.1
FROM alpine:3.19.0
RUN apk --no-cache add \
ca-certificates \
iptables
Expand Down
1 change: 1 addition & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -146,6 +146,7 @@ different than `docker0` depending on which virtual network you use e.g.
* for kops (on kubenet), use `cbr0`
* for CNI, use `cni0`
* for [EKS](https://docs.aws.amazon.com/eks/latest/userguide/what-is-eks.html)/[amazon-vpc-cni-k8s](https://github.com/aws/amazon-vpc-cni-k8s), even with calico installed uses `eni+`. (Each pod gets an interface like `eni4c0e15dfb05`)
* If using security groups per pod however, you will need to instead use `!eth0` as pods making use of security groups per pod [will use](https://aws.amazon.com/blogs/containers/introducing-security-groups-for-pods/) `vlan` interfaces as well as the `eni+` interfaces used for other pods.
* for weave use `weave`
* for flannel use `cni0`
* for [kube-router](https://github.com/cloudnativelabs/kube-router) use `kube-bridge`
Expand Down
14 changes: 12 additions & 2 deletions iptables/iptables.go
Original file line number Diff line number Diff line change
Expand Up @@ -24,9 +24,15 @@ func AddRule(appPort, metadataAddress, hostInterface, hostIP string) error {
return err
}

ruleSpec := []string{"-p", "tcp", "-d", metadataAddress, "--dport", "80",
"-j", "DNAT", "--to-destination", hostIP + ":" + appPort,
}
if strings.HasPrefix(hostInterface, "!") {
ruleSpec = append(ruleSpec, "!")
}
ruleSpec = append(ruleSpec, "-i", strings.TrimPrefix(hostInterface, "!"))
return ipt.AppendUnique(
"nat", "PREROUTING", "-p", "tcp", "-d", metadataAddress, "--dport", "80",
"-j", "DNAT", "--to-destination", hostIP+":"+appPort, "-i", hostInterface,
"nat", "PREROUTING", ruleSpec...,
)
}

Expand All @@ -39,6 +45,10 @@ func checkInterfaceExists(hostInterface string) error {
return nil
}

if strings.HasPrefix(hostInterface, "!") {
hostInterface = strings.TrimPrefix(hostInterface, "!")
}

_, err := net.InterfaceByName(hostInterface)
return err
}
34 changes: 34 additions & 0 deletions iptables/iptables_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,40 @@ func TestCheckInterfaceExistsPassesWithPlus(t *testing.T) {
}
}

func TestCheckInterfaceExistsPassesWithNegated(t *testing.T) {
var ifc string
switch os := runtime.GOOS; os {
case "darwin":
ifc = "!lo0"
case "linux":
ifc = "!lo"
default:
// everything else that we don't know or care about...fail
ifc = "!unknown"
t.Fatalf("%s OS '%s'\n", ifc, os)
}
if err := checkInterfaceExists(ifc); err != nil {
t.Error("Should pass with negated interface(s). Interface received:", ifc)
}
}

func TestCheckInterfaceExistsFailsWithDoubleNegated(t *testing.T) {
var ifc string
switch os := runtime.GOOS; os {
case "darwin":
ifc = "!!lo0"
case "linux":
ifc = "!!lo"
default:
// everything else that we don't know or care about...fail
ifc = "!!unknown"
t.Fatalf("%s OS '%s'\n", ifc, os)
}
if err := checkInterfaceExists(ifc); err == nil {
t.Error("Should fail with invalid interface. Interface received:", ifc)
}
}

func TestAddRule(t *testing.T) {
t.Skip()
}

0 comments on commit c99e306

Please sign in to comment.