Github Actions: Smoke test

This change adds a new Github Action, a 3 node smoke test. It starts
three docker containers (one lighthouse and two standard nodes) and
tests that they can all ping each other. This should hopefully detect
any basic runtime failures in PRs.

.github/workflows/smoke.yml

@@ -0,0 +1,34 @@
+name: smoke
+on:
+  push:
+    branches:
+      - master
+  pull_request:
+jobs:
+
+  smoke:
+    name: Run 3 node smoke test
+    runs-on: ubuntu-latest
+    steps:
+
+    - name: Set up Go 1.13
+      uses: actions/setup-go@v1
+      with:
+        go-version: 1.13
+      id: go
+
+    - name: Check out code into the Go module directory
+      uses: actions/checkout@v1
+
+    - name: build
+      run: make
+
+    - name: setup docker image
+      working-directory: ./.github/workflows/smoke
+      run: ./build.sh
+
+    - name: run smoke
+      working-directory: ./.github/workflows/smoke
+      run: ./smoke.sh
+
+    timeout-minutes: 10

.github/workflows/smoke/.gitignore

@@ -0,0 +1 @@
+/build

.github/workflows/smoke/Dockerfile

@@ -0,0 +1,5 @@
+FROM debian:buster
+
+ADD ./build /
+
+ENTRYPOINT ["/nebula"]

.github/workflows/smoke/build.sh

@@ -0,0 +1,21 @@
+#!/bin/sh
+
+set -e -x
+
+rm -rf ./build
+mkdir ./build
+
+(
+    cd build
+
+    cp ../../../../nebula .
+    cp ../../../../nebula-cert .
+    cp ../*.yml .
+
+    ./nebula-cert ca -name "Smoke Test"
+    ./nebula-cert sign -name "lighthouse1" -ip "192.168.100.1/24"
+    ./nebula-cert sign -name "host2" -ip "192.168.100.2/24"
+    ./nebula-cert sign -name "host3" -ip "192.168.100.3/24"
+)
+
+docker build -t nebula:smoke .

.github/workflows/smoke/host2.yml

@@ -0,0 +1,31 @@
+pki:
+  ca: /ca.crt
+  cert: /host2.crt
+  key: /host2.key
+
+static_host_map:
+  "192.168.100.1": ["172.17.0.2:4242"]
+
+lighthouse:
+  am_lighthouse: false
+  interval: 60
+  hosts:
+    - "192.168.100.1"
+
+listen:
+  host: 0.0.0.0
+  port: 4242
+
+tun:
+  dev: nebula1
+
+firewall:
+  outbound:
+    - port: any
+      proto: any
+      host: any
+
+  inbound:
+    - port: any
+      proto: any
+      host: any

.github/workflows/smoke/host3.yml

@@ -0,0 +1,31 @@
+pki:
+  ca: /ca.crt
+  cert: /host3.crt
+  key: /host3.key
+
+static_host_map:
+  "192.168.100.1": ["172.17.0.2:4242"]
+
+lighthouse:
+  am_lighthouse: false
+  interval: 60
+  hosts:
+    - "192.168.100.1"
+
+listen:
+  host: 0.0.0.0
+  port: 4242
+
+tun:
+  dev: nebula1
+
+firewall:
+  outbound:
+    - port: any
+      proto: any
+      host: any
+
+  inbound:
+    - port: any
+      proto: any
+      host: any

.github/workflows/smoke/lighthouse1.yml

@@ -0,0 +1,25 @@
+pki:
+  ca: /ca.crt
+  cert: /lighthouse1.crt
+  key: /lighthouse1.key
+
+lighthouse:
+  am_lighthouse: true
+
+listen:
+  host: 0.0.0.0
+  port: 4242
+
+tun:
+  dev: nebula1
+
+firewall:
+  outbound:
+    - port: any
+      proto: any
+      host: any
+
+  inbound:
+    - port: any
+      proto: any
+      host: any

.github/workflows/smoke/smoke.sh

@@ -0,0 +1,34 @@
+#!/bin/sh
+
+set -e -x
+
+docker run --name lighthouse1 --device /dev/net/tun:/dev/net/tun --cap-add NET_ADMIN --rm nebula:smoke -config lighthouse1.yml &
+sleep 1
+docker run --name host2 --device /dev/net/tun:/dev/net/tun --cap-add NET_ADMIN --rm nebula:smoke -config host2.yml &
+sleep 1
+docker run --name host3 --device /dev/net/tun:/dev/net/tun --cap-add NET_ADMIN --rm nebula:smoke -config host3.yml &
+sleep 1
+
+set +x
+echo
+echo " *** Testing ping from lighthouse1"
+echo
+set -x
+docker exec lighthouse1 ping -c1 192.168.100.2
+docker exec lighthouse1 ping -c1 192.168.100.3
+
+set +x
+echo
+echo " *** Testing ping from host2"
+echo
+set -x
+docker exec host2 ping -c1 192.168.100.1
+docker exec host2 ping -c1 192.168.100.3
+
+set +x
+echo
+echo " *** Testing ping from host3"
+echo
+set -x
+docker exec host3 ping -c1 192.168.100.1
+docker exec host3 ping -c1 192.168.100.2