add dockerfile for cli and add to drone

.drone.yml

@@ -29,6 +29,28 @@ steps:
       - "git commit -m 'Drone CI deploy commit [CI SKIP]' || echo 'No changes'"
       - "GIT_SSH_COMMAND='ssh -i ./secrets/deploy_key -o IdentitiesOnly=yes' git push origin master"
 
+---
+kind: pipeline
+type: kubernetes
+name: build-cli
+
+steps:
+- name: Build image  
+  image: plugins/docker
+  settings:
+    username: "viktorbarzin"
+    password: 
+      from_secret: dockerhub_password
+    repo: viktorbarzin/infra
+    dockerfile: cli/Dockerfile
+    context: cli
+    auto_tag: true
+
+---
+kind: secret
+name: dockerhub_password
+data: 9Gn6YOfsRTMHP3oxQ06d6JsRaZSbUyEYZ256Iiem2ROPy8THs2gsDyL5cgC5gsOt
+
 ---
 kind: pipeline
 type: kubernetes

cli/Dockerfile

@@ -0,0 +1,8 @@
+FROM golang:alpine
+RUN mkdir /app 
+ADD . /app/
+WORKDIR /app 
+RUN go build -o main .
+RUN adduser -S -D -H -h /app appuser
+USER appuser
+CMD ["./main"]

cli/git.go

@@ -23,7 +23,7 @@ var (
 
 type GitFS struct {
 	repo *git.Repository
-	fs   billy.Filesystem
+	fs   *billy.Filesystem
 	auth *http.BasicAuth
 }
 
@@ -34,17 +34,19 @@ func NewGitFS(repoURL string) (*GitFS, error) {
 		Password: gitToken,
 	}
 	storer := memory.NewStorage()
+	fs := memfs.New()
 
-	r, err := git.Clone(storer, g.fs, &git.CloneOptions{
+	r, err := git.Clone(storer, fs, &git.CloneOptions{
 		URL:  repository,
 		Auth: auth,
 	})
 	if err != nil {
 		return nil, errors.Wrapf(err, "failed to clone repo from repo url '%s'", repoURL)
 	}
-	return &GitFS{repo: r, fs: memfs.New(), auth: auth}, nil
+	return &GitFS{repo: r, fs: &fs, auth: auth}, nil
 }
 
 func (g *GitFS) Push() error {
+	glog.Infof("Attemping to push with auth: %+v", g.auth)
 	return g.repo.Push(&git.PushOptions{Auth: g.auth})
 }

cli/vpn.go

@@ -15,8 +15,8 @@ const (
 	vpnUseCaseFlagName         = "vpn"
 	vpnClientNameFlagName      = "vpn-client-name"
 	vpnClientPubKeyFlagName    = "vpn-pub-key"
-	vpnClientsConfFileRelative = "modules/kubernetes/wireguard/extra/clients.conf"
+	vpnClientsConfFileRelative = "/modules/kubernetes/wireguard/extra/clients.conf"
-	vpnLastIPConfFileRelative  = "modules/kubernetes/wireguard/extra/last_ip.txt"
+	vpnLastIPConfFileRelative  = "/modules/kubernetes/wireguard/extra/last_ip.txt"
 )
 
 // addVPNClient inserts new client config
@@ -29,7 +29,7 @@ func addVPNClient(gitFs *GitFS, clientName, publicKey, clientsConfPath, ip strin
 	}
 	contents := "[Peer]\n# friendly_name = " + clientName + "\nPublicKey = " + publicKey + "\nAllowedIPs = " + ip + "\n\n"
 	glog.Infof("adding the following config: \n%s", contents)
-	f, err := gitFs.fs.OpenFile(clientsConfPath, os.O_APPEND|os.O_WRONLY|os.O_CREATE, 0644)
+	f, err := (*gitFs.fs).OpenFile(clientsConfPath, os.O_APPEND|os.O_WRONLY|os.O_CREATE, 0644)
 	if err != nil {
 		return errors.Wrapf(err, "failed to open client configs file to add new vpn client")
 	}
@@ -63,7 +63,8 @@ func incrementIP(origIP, cidr string) (string, error) {
 
 // getAndUpdateIP Reads `fileName`, tries to get the ip, increments it, tries to write it back and returns the new address
 func getAndUpdateIP(gitFs *GitFS, fileName string) (string, error) {
-	bytes, err := ioutil.ReadFile(fileName)
+	f, err := (*gitFs.fs).Open(fileName)
+	bytes, err := ioutil.ReadAll(f)
 	if err != nil {
 		return "", errors.Wrapf(err, "filed to read file %s", fileName)
 	}
@@ -87,7 +88,7 @@ func getAndUpdateIP(gitFs *GitFS, fileName string) (string, error) {
 
 	// Write back updated ip
 	fileContents := fmt.Sprintf("# DO NOT MANUALLY EDIT THIS LINE. Last IP: %s", incrementedIP+"/"+cidr)
-	f, err := gitFs.fs.OpenFile(fileName, os.O_WRONLY|os.O_CREATE, 0644)
+	f, err = (*gitFs.fs).OpenFile(fileName, os.O_WRONLY|os.O_CREATE, 0644)
 	if err != nil {
 		return "", errors.Wrapf(err, "failed to open file %s for writing", fileName)
 	}