diff options
| author | James O'Doherty <james@theodohertyfamily.com> | 2026-06-13 13:50:25 -0400 |
|---|---|---|
| committer | James O'Doherty <james@theodohertyfamily.com> | 2026-06-13 13:50:25 -0400 |
| commit | 5646eca119f80f8f45ebec9fcbe666ca614ebf5d (patch) | |
| tree | a785cb7f30b5a6444e208ae6717a73a758644998 /internal/wireguard | |
| parent | 29621ecbd1e77e6e1a70b6b3ea8fbe3a56e47df3 (diff) | |
feat: implement system preflight checks and health diagnostics
Introduced a tiered system verification mechanism to improve reliability
and provide actionable feedback to users, avoiding false positives in
the critical execution path.
Key changes:
- Implement `CheckSystemRequirements` for critical, non-ambiguous
requirements (e.g., TUN device availability) to ensure fatal
environment issues are caught immediately during bootstrap.
- Implement a user-facing `healthcheck` command that provides
comprehensive diagnostics and actionable configuration hints for
common misconfigurations (e.g., unprivileged user namespaces,
subuid/subgid mappings, and kernel sysctls).
- Refactor the `FileSystem` interface to support full mockability,
allowing for exhaustive unit testing of diagnostic logic.
- Add comprehensive unit tests in `internal/namespace/preflight_test.go`
covering various Linux distributions, privilege levels, and
hardware availability scenarios.
- Ensure code quality through formatting, static analysis (golangci-lint),
and validation of all existing unit, integration, and E2E tests.
Diffstat (limited to 'internal/wireguard')
| -rw-r--r-- | internal/wireguard/wireguard_unit_test.go | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/internal/wireguard/wireguard_unit_test.go b/internal/wireguard/wireguard_unit_test.go index 1ad7f65..9fbe6b0 100644 --- a/internal/wireguard/wireguard_unit_test.go +++ b/internal/wireguard/wireguard_unit_test.go @@ -71,6 +71,14 @@ func (m *mockFS) MkdirTemp(dir, pattern string) (string, error) { return res, nil } +func (m *mockFS) ReadFile(name string) ([]byte, error) { + return os.ReadFile(m.fullPath(name)) +} + +func (m *mockFS) Open(name string) (*os.File, error) { + return os.Open(m.fullPath(name)) +} + func (m *mockFS) Remove(name string) error { // If the path is absolute and starts with our root, we can remove it directly. // Otherwise, we use fullPath to ensure it's within root. |