Merge b85931184da1c5f2f8a96163f74e899b2a0a2275 into fbee2c07dc128c22064ceaaed7863003b4cb2ff6

[openvpn] Transferring routes from rotated certs (#382 )
Signed-off-by: Paramoshka <parfenov_ivan_42a@mail.ru>
2026-02-04 01:10:22 -08:00 · 2025-07-22 13:04:32 +07:00 · 2025-07-22 13:04:15 +07:00 · 2025-07-22 13:01:32 +07:00 · 2025-07-21 11:39:26 +07:00 · 2025-07-21 11:33:06 +07:00
6 changed files with 415 additions and 530 deletions
--- a/Dockerfile.ovpn-admin
+++ b/Dockerfile.ovpn-admin
@ -2,7 +2,7 @@ FROM node:16-alpine3.15 AS frontend-builder
 COPY ../frontend /app
 RUN apk add --update python3 make g++ && cd /app && npm install && npm run build

-FROM golang:1.24.4-bullseye AS backend-builder
+FROM golang:1.24.5-bullseye AS backend-builder
 RUN go install github.com/gobuffalo/packr/v2/packr2@latest
 COPY --from=frontend-builder /app/static /app/frontend/static
 COPY .. /app
--- a/frontend/package-lock.json
+++ b/frontend/package-lock.json
--- a/frontend/package.json
+++ b/frontend/package.json
@ -36,8 +36,8 @@
    "cross-env": "^7.0.3",
    "css-loader": "^6.5.1",
    "file-loader": "^6.2.0",
-    "node-sass": "^7.0.1",
-    "sass-loader": "^12.4.0",
+    "node-sass": "^9.0.0",
+    "sass-loader": "^16.0.5",
    "terser-webpack-plugin": "^5.3.0",
    "vue-loader": "^17.0.0",
    "vue-template-compiler": "^2.6.14",
--- a/go.mod
+++ b/go.mod
@ -8,9 +8,9 @@ require (
 	github.com/prometheus/client_golang v1.22.0
 	github.com/sirupsen/logrus v1.9.3
 	gopkg.in/alecthomas/kingpin.v2 v2.2.6
-	k8s.io/api v0.33.1
-	k8s.io/apimachinery v0.33.1
-	k8s.io/client-go v0.33.1
+	k8s.io/api v0.33.3
+	k8s.io/apimachinery v0.33.3
+	k8s.io/client-go v0.33.3
 )

 require (
--- a/go.sum
+++ b/go.sum
@ -703,12 +703,12 @@ honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWh
 honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg=
 honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
 honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
-k8s.io/api v0.33.1 h1:tA6Cf3bHnLIrUK4IqEgb2v++/GYUtqiu9sRVk3iBXyw=
-k8s.io/api v0.33.1/go.mod h1:87esjTn9DRSRTD4fWMXamiXxJhpOIREjWOSjsW1kEHw=
-k8s.io/apimachinery v0.33.1 h1:mzqXWV8tW9Rw4VeW9rEkqvnxj59k1ezDUl20tFK/oM4=
-k8s.io/apimachinery v0.33.1/go.mod h1:BHW0YOu7n22fFv/JkYOEfkUYNRN0fj0BlvMFWA7b+SM=
-k8s.io/client-go v0.33.1 h1:ZZV/Ks2g92cyxWkRRnfUDsnhNn28eFpt26aGc8KbXF4=
-k8s.io/client-go v0.33.1/go.mod h1:JAsUrl1ArO7uRVFWfcj6kOomSlCv+JpvIsp6usAGefA=
+k8s.io/api v0.33.3 h1:SRd5t//hhkI1buzxb288fy2xvjubstenEKL9K51KBI8=
+k8s.io/api v0.33.3/go.mod h1:01Y/iLUjNBM3TAvypct7DIj0M0NIZc+PzAHCIo0CYGE=
+k8s.io/apimachinery v0.33.3 h1:4ZSrmNa0c/ZpZJhAgRdcsFcZOw1PQU1bALVQ0B3I5LA=
+k8s.io/apimachinery v0.33.3/go.mod h1:BHW0YOu7n22fFv/JkYOEfkUYNRN0fj0BlvMFWA7b+SM=
+k8s.io/client-go v0.33.3 h1:M5AfDnKfYmVJif92ngN532gFqakcGi6RvaOF16efrpA=
+k8s.io/client-go v0.33.3/go.mod h1:luqKBQggEf3shbxHY4uVENAxrDISLOarxpTKMiUuujg=
 k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk=
 k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE=
 k8s.io/kube-openapi v0.0.0-20250318190949-c8a335a9a2ff h1:/usPimJzUKKu+m+TE36gUyGcf03XZEP0ZIKgKj35LS4=
--- a/kubernetes.go
+++ b/kubernetes.go
@ -480,6 +480,11 @@ func (openVPNPKI *OpenVPNPKI) easyrsaRotate(commonName, newPassword string) (err
 		return
 	}

+	err = openVPNPKI.transferRoutes(secret, commonName)
+	if err != nil {
+		return
+	}
+
 	err = openVPNPKI.indexTxtUpdate()
 	if err != nil {
 		return
@ -784,3 +789,16 @@ func (openVPNPKI *OpenVPNPKI) secretCheckExists(name string) (bool, string) {
 	}
 	return true, secret.ResourceVersion
 }
+
+// transferRoutes transfers configured routes from revoked certs to a new one
+func (openVPNPKI *OpenVPNPKI) transferRoutes(revokedSecret *v1.Secret, newNameCert string) error {
+	ccd, ok := revokedSecret.Data["ccd"]
+	if !ok || len(ccd) == 0 {
+		log.Infof("No CCD data found in secret %s", revokedSecret.Name)
+		return nil
+	}
+
+	openVPNPKI.secretUpdateCcd(newNameCert, ccd)
+
+	return nil
+}
Author	SHA1	Message	Date
Parfenov Ivan	669c888e14	Merge b85931184da1c5f2f8a96163f74e899b2a0a2275 into fbee2c07dc128c22064ceaaed7863003b4cb2ff6	2025-07-22 13:04:32 +07:00
Parfenov Ivan	fbee2c07dc	[openvpn] Transferring routes from rotated certs (#382 ) Signed-off-by: Paramoshka <parfenov_ivan_42a@mail.ru>	2025-07-22 13:04:15 +07:00
dependabot[bot]	10e961ca0f	Bump form-data, node-sass and sass-loader in /frontend (#383 ) --- updated-dependencies: - dependency-name: form-data dependency-version: 4.0.4 dependency-type: indirect - dependency-name: node-sass dependency-version: 9.0.0 dependency-type: direct:development - dependency-name: sass-loader dependency-version: 16.0.5 dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-07-22 13:01:32 +07:00
dependabot[bot]	a6fc3294b6	Bump k8s.io/client-go from 0.33.2 to 0.33.3 (#380 ) --- updated-dependencies: - dependency-name: k8s.io/client-go dependency-version: 0.33.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-07-21 11:39:26 +07:00
dependabot[bot]	c926fba345	Bump on-headers and compression in /frontend (#378 ) Bumps [on-headers](https://github.com/jshttp/on-headers) and [compression](https://github.com/expressjs/compression). These dependencies needed to be updated together. Updates `on-headers` from 1.0.2 to 1.1.0 - [Release notes](https://github.com/jshttp/on-headers/releases) - [Changelog](https://github.com/jshttp/on-headers/blob/master/HISTORY.md) - [Commits](https://github.com/jshttp/on-headers/compare/v1.0.2...v1.1.0) Updates `compression` from 1.7.4 to 1.8.1 - [Release notes](https://github.com/expressjs/compression/releases) - [Changelog](https://github.com/expressjs/compression/blob/master/HISTORY.md) - [Commits](https://github.com/expressjs/compression/compare/1.7.4...v1.8.1) --- updated-dependencies: - dependency-name: on-headers dependency-version: 1.1.0 dependency-type: indirect - dependency-name: compression dependency-version: 1.8.1 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-07-21 11:33:06 +07:00
dependabot[bot]	f3802a153a	Bump k8s.io/api from 0.33.2 to 0.33.3 (#381 ) --- updated-dependencies: - dependency-name: k8s.io/api dependency-version: 0.33.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-07-21 11:32:38 +07:00
Dmitry Shurupov	2edd30798d	Merge pull request #377 from palark/dependabot/docker/golang-1.24.5-bullseye Bump golang from 1.24.4-bullseye to 1.24.5-bullseye	2025-07-14 11:10:39 +07:00
dependabot[bot]	6d679b3ec1	Bump golang from 1.24.4-bullseye to 1.24.5-bullseye Bumps golang from 1.24.4-bullseye to 1.24.5-bullseye. --- updated-dependencies: - dependency-name: golang dependency-version: 1.24.5-bullseye dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2025-07-14 02:36:08 +00:00
Dmitry Shurupov	efca43410c	Merge pull request #374 from palark/dependabot/go_modules/k8s.io/client-go-0.33.2 Bump k8s.io/client-go from 0.33.1 to 0.33.2	2025-07-08 16:48:40 +07:00
dependabot[bot]	cb864f5420	Bump k8s.io/client-go from 0.33.1 to 0.33.2 Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.33.1 to 0.33.2. - [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md) - [Commits](https://github.com/kubernetes/client-go/compare/v0.33.1...v0.33.2) --- updated-dependencies: - dependency-name: k8s.io/client-go dependency-version: 0.33.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2025-06-23 02:39:52 +00:00