| Age | Commit message (Collapse) | Author |
|---|
|
- Introduce `namespace.Ops` interface to decouple `Manager` from system-level namespace operations, enabling easier unit testing via mocks.
- Add unit tests for `internal/paths` to verify path resolution logic across different environment configurations.
- Implement `EnsureBinary` helper in E2E tests to gracefully skip tests when `WG_WRAP_BIN` is not set, allowing `go test ./...` to pass in non-build environments.
- Apply project-wide formatting and fix linting issues.
|
|
- Extract orchestration logic from `internal/cli` into a new `internal/manager` package for better composability.
- Migrate technical implementation details from README.md to package-level godoc strings.
- Rewrite README.md to be more user-centric, focusing on quick start and usage.
- Add comprehensive documentation for exported structs and fields across the project.
- Verify all changes with `go fmt`, `go vet`, `golangci-lint`, and full E2E test suite.
|
|
Fix an architectural shortfall where concurrent sessions failed to share
the target network and mount namespaces. Because the Go runtime is
multi-threaded, calling unix.Setns with CLONE_NEWNS from Go always returned
EINVAL, silently forcing concurrent runs to fall back to bootstrapping separate
isolated namespaces and separate WireGuard connections.
This commit resolves the issue by extending the embedded single-threaded C
launcher to handle namespace joining, and introducing a host-to-isolated path
propagation pattern:
1. Launcher setns Support: The C launcher now checks for WG_WRAP_JOIN_PID in
the environment. If present, it joins the User, Mount, and Network
namespaces of the active PID in single-threaded mode before executing the Go
binary.
2. BootstrapJoin Integration: Implemented namespace.BootstrapJoin to
transition joining sessions via the launcher.
3. Path Preservation: Export WG_WRAP_HOST_RUNTIME_BASE_DIR from the host to ensure
the isolated instance maps the profile and PID directories to the exact
same location.
4. Redundant Tunnel Bypass: Detect joined sessions via WG_WRAP_JOINED=1 in the CLI
and bypass starting a duplicate WireGuard tunnel on the occupied tun0.
5. Testing: Added tests/e2e/sharing_test.go to assert namespace ID equality,
which now passes successfully.
6. Git Tracking: Fixed .gitignore overmatch to stop ignoring cmd/wg-wrap/.
|
|
- Create internal/paths package for unified config and runtime directory resolution
- Implement robust WireGuard config parsing in pkg/wgconf
- Implement profile management subcommands: list, import, configure, delete, stop
- Fix namespace pinning path collisions (separating .ns files from pids directories)
- Implement and verify namespace unpinning logic
- Fix linting errors and improve error handling across the project
|
