make Scenario.networks a list

Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>

integration/auth_oidc_test.go

@@ -743,7 +743,7 @@ func (s *AuthOIDCScenario) runMockOIDC(accessTTL time.Duration, users []mockoidc
 		PortBindings: map[docker.Port][]docker.PortBinding{
 			docker.Port(portNotation): {{HostPort: strconv.Itoa(port)}},
 		},
-		Networks: []*dockertest.Network{s.Scenario.network},
+		Networks: s.Scenario.networks,
 		Env: []string{
 			fmt.Sprintf("MOCKOIDC_ADDR=%s", hostname),
 			fmt.Sprintf("MOCKOIDC_PORT=%d", port),
@@ -774,7 +774,7 @@ func (s *AuthOIDCScenario) runMockOIDC(accessTTL time.Duration, users []mockoidc
 	}
 
 	log.Println("Waiting for headscale mock oidc to be ready for tests")
-	hostEndpoint := fmt.Sprintf("%s:%d", s.mockOIDC.GetIPInNetwork(s.network), port)
+	hostEndpoint := fmt.Sprintf("%s:%d", hostname, port)
 
 	if err := s.pool.Retry(func() error {
 		oidcConfigURL := fmt.Sprintf("http://%s/oidc/.well-known/openid-configuration", hostEndpoint)
@@ -803,7 +803,7 @@ func (s *AuthOIDCScenario) runMockOIDC(accessTTL time.Duration, users []mockoidc
 	return &types.OIDCConfig{
 		Issuer: fmt.Sprintf(
 			"http://%s/oidc",
-			net.JoinHostPort(s.mockOIDC.GetIPInNetwork(s.network), strconv.Itoa(port)),
+			net.JoinHostPort(hostname, strconv.Itoa(port)),
 		),
 		ClientID:                   "superclient",
 		ClientSecret:               "supersecret",

integration/control.go

@@ -24,5 +24,4 @@ type ControlServer interface {
 	ApproveRoutes(uint64, []netip.Prefix) (*v1.Node, error)
 	GetCert() []byte
 	GetHostname() string
-	GetIP() string
 }

integration/dsic/dsic.go

@@ -35,7 +35,7 @@ type DERPServerInContainer struct {
 
 	pool      *dockertest.Pool
 	container *dockertest.Resource
-	network   *dockertest.Network
+	networks  []*dockertest.Network
 
 	stunPort            int
 	derpPort            int
@@ -63,22 +63,22 @@ func WithCACert(cert []byte) Option {
 // isolating the DERPer, will be created. If a network is
 // passed, the DERPer instance will join the given network.
 func WithOrCreateNetwork(network *dockertest.Network) Option {
-	return func(tsic *DERPServerInContainer) {
+	return func(dsic *DERPServerInContainer) {
 		if network != nil {
-			tsic.network = network
+			dsic.networks = append(dsic.networks, network)
 
 			return
 		}
 
 		network, err := dockertestutil.GetFirstOrCreateNetwork(
-			tsic.pool,
-			tsic.hostname+"-network",
+			dsic.pool,
+			dsic.hostname+"-network",
 		)
 		if err != nil {
 			log.Fatalf("failed to create network: %s", err)
 		}
 
-		tsic.network = network
+		dsic.networks = append(dsic.networks, network)
 	}
 }
 
@@ -107,7 +107,7 @@ func WithExtraHosts(hosts []string) Option {
 func New(
 	pool *dockertest.Pool,
 	version string,
-	network *dockertest.Network,
+	networks []*dockertest.Network,
 	opts ...Option,
 ) (*DERPServerInContainer, error) {
 	hash, err := util.GenerateRandomStringDNSSafe(dsicHashLength)
@@ -124,7 +124,7 @@ func New(
 		version:  version,
 		hostname: hostname,
 		pool:     pool,
-		network:  network,
+		networks: networks,
 		tlsCert:  tlsCert,
 		tlsKey:   tlsKey,
 		stunPort: 3478, //nolint
@@ -148,7 +148,7 @@ func New(
 
 	runOptions := &dockertest.RunOptions{
 		Name:       hostname,
-		Networks:   []*dockertest.Network{dsic.network},
+		Networks:   dsic.networks,
 		ExtraHosts: dsic.withExtraHosts,
 		// we currently need to give us some time to inject the certificate further down.
 		Entrypoint: []string{"/bin/sh", "-c", "/bin/sleep 3 ; update-ca-certificates ; derper " + cmdArgs.String()},

integration/embedded_derp_test.go

@@ -210,7 +210,6 @@ func (s *EmbeddedDERPServerScenario) CreateHeadscaleEnv(
 	if err != nil {
 		return err
 	}
-	log.Printf("headscale server ip address: %s", hsServer.GetIP())
 
 	hash, err := util.GenerateRandomStringDNSSafe(scenarioHashLength)
 	if err != nil {

integration/hsic/hsic.go

@@ -56,7 +56,7 @@ type HeadscaleInContainer struct {
 
 	pool      *dockertest.Pool
 	container *dockertest.Resource
-	network   *dockertest.Network
+	networks  []*dockertest.Network
 
 	pgContainer *dockertest.Resource
 
@@ -268,7 +268,7 @@ func WithTimezone(timezone string) Option {
 // New returns a new HeadscaleInContainer instance.
 func New(
 	pool *dockertest.Pool,
-	network *dockertest.Network,
+	networks []*dockertest.Network,
 	opts ...Option,
 ) (*HeadscaleInContainer, error) {
 	hash, err := util.GenerateRandomStringDNSSafe(hsicHashLength)
@@ -283,7 +283,7 @@ func New(
 		port:     headscaleDefaultPort,
 
 		pool:     pool,
-		network: network,
+		networks: networks,
 
 		env:              DefaultConfigEnv(),
 		filesInContainer: []fileInContainer{},
@@ -315,7 +315,7 @@ func New(
 				Name:       fmt.Sprintf("postgres-%s", hash),
 				Repository: "postgres",
 				Tag:        "latest",
-				Networks:   []*dockertest.Network{network},
+				Networks:   networks,
 				Env: []string{
 					"POSTGRES_USER=headscale",
 					"POSTGRES_PASSWORD=headscale",
@@ -357,7 +357,7 @@ func New(
 	runOptions := &dockertest.RunOptions{
 		Name:         hsic.hostname,
 		ExposedPorts: append([]string{portProto, "9090/tcp"}, hsic.extraPorts...),
-		Networks:     []*dockertest.Network{network},
+		Networks:     networks,
 		// Cmd:          []string{"headscale", "serve"},
 		// TODO(kradalby): Get rid of this hack, we currently need to give us some
 		// to inject the headscale configuration further down.
@@ -630,11 +630,6 @@ func (t *HeadscaleInContainer) Execute(
 	return stdout, nil
 }
 
-// GetIP returns the docker container IP as a string.
-func (t *HeadscaleInContainer) GetIP() string {
-	return t.container.GetIPInNetwork(t.network)
-}
-
 // GetPort returns the docker container port as a string.
 func (t *HeadscaleInContainer) GetPort() string {
 	return fmt.Sprintf("%d", t.port)

integration/scenario.go

@@ -87,7 +87,7 @@ type Scenario struct {
 	users map[string]*User
 
 	pool     *dockertest.Pool
-	network *dockertest.Network
+	networks []*dockertest.Network
 
 	mu sync.Mutex
 }
@@ -130,7 +130,7 @@ func NewScenario(maxWait time.Duration) (*Scenario, error) {
 		users:          make(map[string]*User),
 
 		pool:     pool,
-		network: network,
+		networks: []*dockertest.Network{network},
 	}, nil
 }
 
@@ -184,14 +184,11 @@ func (s *Scenario) ShutdownAssertNoPanics(t *testing.T) {
 		}
 	}
 
-	if err := s.pool.RemoveNetwork(s.network); err != nil {
-		log.Printf("failed to remove network: %s", err)
+	for _, network := range s.networks {
+		if err := network.Close(); err != nil {
+			log.Printf("failed to tear down network: %s", err)
+		}
 	}
-
-	// TODO(kradalby): This seem redundant to the previous call
-	// if err := s.network.Close(); err != nil {
-	// 	return fmt.Errorf("failed to tear down network: %w", err)
-	// }
 }
 
 // Shutdown shuts down and cleans up all the containers (ControlServer, TailscaleClient)
@@ -235,7 +232,7 @@ func (s *Scenario) Headscale(opts ...hsic.Option) (ControlServer, error) {
 		opts = append(opts, hsic.WithPolicyV2())
 	}
 
-	headscale, err := hsic.New(s.pool, s.network, opts...)
+	headscale, err := hsic.New(s.pool, s.networks, opts...)
 	if err != nil {
 		return nil, fmt.Errorf("failed to create headscale container: %w", err)
 	}
@@ -312,7 +309,7 @@ func (s *Scenario) CreateTailscaleNode(
 	tsClient, err := tsic.New(
 		s.pool,
 		version,
-		s.network,
+		s.networks[0],
 		opts...,
 	)
 	if err != nil {
@@ -372,7 +369,7 @@ func (s *Scenario) CreateTailscaleNodesInUser(
 				tsClient, err := tsic.New(
 					s.pool,
 					version,
-					s.network,
+					s.networks[0],
 					opts...,
 				)
 				s.mu.Unlock()
@@ -670,7 +667,7 @@ func (s *Scenario) WaitForTailscaleLogout() error {
 
 // CreateDERPServer creates a new DERP server in a container.
 func (s *Scenario) CreateDERPServer(version string, opts ...dsic.Option) (*dsic.DERPServerInContainer, error) {
-	derp, err := dsic.New(s.pool, version, s.network, opts...)
+	derp, err := dsic.New(s.pool, version, s.networks, opts...)
 	if err != nil {
 		return nil, fmt.Errorf("failed to create DERP server: %w", err)
 	}