github.com/elfadel/cilium@v1.6.12/pkg/fqdn/util_test.go (about) 1 // Copyright 2018 Authors of Cilium 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 15 // +build !privileged_tests 16 17 package fqdn 18 19 import ( 20 "encoding/json" 21 "fmt" 22 "net" 23 "strings" 24 25 "github.com/cilium/cilium/pkg/policy/api" 26 "github.com/miekg/dns" 27 ) 28 29 var ( 30 // cilium.io dns target, no rule name => no rule labels 31 rule1 = makeRule("", "cilium.io") 32 33 // cilium.io dns target, no rule name => no rule labels 34 rule2 = makeRule("", "cilium.io") 35 36 // cilium.io, github.com dns targets 37 rule3 = makeRule("rule3", "cilium.io", "github.com") 38 39 // github.com dns target 40 rule4 = makeRule("rule4", "github.com") 41 42 ipLookups = map[string]*DNSIPRecords{ 43 dns.Fqdn("cilium.io"): { 44 TTL: 60, 45 IPs: []net.IP{ 46 net.ParseIP("172.217.18.174"), 47 net.ParseIP("2a00:1450:4001:811::200e")}}, 48 dns.Fqdn("github.com"): { 49 TTL: 60, 50 IPs: []net.IP{ 51 net.ParseIP("98.138.219.231"), 52 net.ParseIP("72.30.35.10"), 53 net.ParseIP("001:4998:c:1023::4"), 54 net.ParseIP("001:4998:58:1836::10")}}, 55 } 56 ) 57 58 func makeRule(key string, dnsNames ...string) *api.Rule { 59 matchNames := []string{} 60 for _, name := range dnsNames { 61 matchNames = append(matchNames, 62 fmt.Sprintf(`{"matchName": "%s"}`, dns.Fqdn(name))) 63 } 64 65 rule := `{` 66 if key != "" { 67 rule += fmt.Sprintf(`"labels": [{ "key": "%s" }],`, key) 68 } 69 rule += fmt.Sprintf(`"endpointSelector": { 70 "matchLabels": { 71 "class": "xwing" 72 } 73 }, 74 "egress": [ 75 { 76 "toFQDNs": [ 77 %s 78 ] 79 } 80 ] 81 }`, strings.Join(matchNames, ",\n")) 82 //fmt.Print(rule) 83 return mustParseRule(rule) 84 } 85 86 func parseRule(rule string) (parsedRule *api.Rule, err error) { 87 if err := json.Unmarshal([]byte(rule), &parsedRule); err != nil { 88 return nil, err 89 } 90 91 if err := parsedRule.Sanitize(); err != nil { 92 return nil, err 93 } 94 95 return parsedRule, nil 96 } 97 98 func mustParseRule(rule string) (parsedRule *api.Rule) { 99 parsedRule, err := parseRule(rule) 100 if err != nil { 101 panic(fmt.Sprintf("Error parsing FQDN test rules: %s", err)) 102 } 103 return parsedRule 104 } 105 106 // LookupDNSNames is a wrappable dummy used by the tests. It counts the number 107 // of times a name is looked up in lookups, and uses ipData as a source for the 108 // "response" 109 func lookupDNSNames(ipData map[string]*DNSIPRecords, lookups map[string]int, dnsNames []string) (DNSIPs map[string]*DNSIPRecords) { 110 DNSIPs = make(map[string]*DNSIPRecords) 111 for _, dnsName := range dnsNames { 112 lookups[dnsName] += 1 113 DNSIPs[dnsName] = ipData[dnsName] 114 } 115 return DNSIPs 116 }