CCD not kept up to date and not easy to manage (which route for which user?)

[dduportal]

We have a set of CCD for valid users (such as kohsuke) which routes are not up to date with today's network.
Also, it is hard to select the proper route when approving a new user / changing user permission: which route is expected? For which user?

As such, we want a way to keep track of the available networks AND the user allowed networks.

• We need a way to specify the list of network and their CIDR (or IP + netmask) in a static file (config.yaml?) as a map
• We need to update easyvpn CLI so that it reads the routes for each user from a static file (config.yaml?) to allow:
  • Generating an up to date CCD (e.g. with the proper routes) when approving a user, allowing admin to specify either to use all routes (admin user) or an explicit list provided to the CLI
  • Allow to regenerate all CCDs at once in an idempotent way so we can tell updatecli to regenerate all on each network configuration change
• With a static map of networks in a file, we can keep them up to date with updatecli from reports.jenkins.io:
  • Network IP/netmasks (or CIDR) is easy
  • List of networks (Need to think about it to allow automatic selection using a tag/naming convention on the reports)
• Set up the Dockerfile as a multistage build:
  • One build stage would build easyvpn binary and generate the CC with ./utils/easyvpn/easyvpn --commit=false --push=false clientconfig --all
  • The current build stage would only copy the CC files from the other build stage instead of local repository
  • The we can remove the current CCs from source code

[dduportal]

Update: the multistage build is the last step, to avoid issues such as #491 (comment) and #493 (comment)