github.com/imran-kn/cilium-fork@v1.6.9/pkg/policy/api/groups_test.go (about) 1 // Copyright 2018 Authors of Cilium 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 15 // +build !privileged_tests 16 17 package api 18 19 import ( 20 "fmt" 21 "net" 22 23 "github.com/cilium/cilium/pkg/checker" 24 25 . "gopkg.in/check.v1" 26 ) 27 28 func GetToGroupsRule() ToGroups { 29 return ToGroups{ 30 AWS: &AWSGroup{ 31 Labels: map[string]string{ 32 "test": "a", 33 }, 34 SecurityGroupsIds: []string{ 35 "a", "b", "c", 36 }, 37 SecurityGroupsNames: []string{ 38 "a", "b", "c", 39 }, 40 }, 41 } 42 } 43 func GetCallBackWithRule(ips ...string) GroupProviderFunc { 44 netIPs := []net.IP{} 45 for _, ip := range ips { 46 netIPs = append(netIPs, net.ParseIP(ip)) 47 } 48 49 cb := func(group *ToGroups) ([]net.IP, error) { 50 return netIPs, nil 51 } 52 53 return cb 54 } 55 56 func (s *PolicyAPITestSuite) TestGetCIDRSetWithValidValue(c *C) { 57 cb := GetCallBackWithRule("192.168.1.1") 58 RegisterToGroupsProvider(AWSProvider, cb) 59 60 expectedCidrRule := []CIDRRule{ 61 {Cidr: "192.168.1.1/32", ExceptCIDRs: []CIDR{}, Generated: true}} 62 group := GetToGroupsRule() 63 cidr, err := group.GetCidrSet() 64 c.Assert(cidr, checker.DeepEquals, expectedCidrRule) 65 c.Assert(err, IsNil) 66 } 67 68 func (s *PolicyAPITestSuite) TestGetCIDRSetWithMultipleSorted(c *C) { 69 cb := GetCallBackWithRule("192.168.1.1", "192.168.10.10", "192.168.10.3") 70 RegisterToGroupsProvider(AWSProvider, cb) 71 expectedCidrRule := []CIDRRule{ 72 {Cidr: "192.168.1.1/32", ExceptCIDRs: []CIDR{}, Generated: true}, 73 {Cidr: "192.168.10.3/32", ExceptCIDRs: []CIDR{}, Generated: true}, 74 {Cidr: "192.168.10.10/32", ExceptCIDRs: []CIDR{}, Generated: true}} 75 group := GetToGroupsRule() 76 cidr, err := group.GetCidrSet() 77 c.Assert(cidr, checker.DeepEquals, expectedCidrRule) 78 c.Assert(err, IsNil) 79 } 80 81 func (s *PolicyAPITestSuite) TestGetCIDRSetWithUniqueCIDRRule(c *C) { 82 cb := GetCallBackWithRule("192.168.1.1", "192.168.10.10", "192.168.1.1") 83 RegisterToGroupsProvider(AWSProvider, cb) 84 85 cidrRule := []CIDRRule{ 86 {Cidr: "192.168.1.1/32", ExceptCIDRs: []CIDR{}, Generated: true}, 87 {Cidr: "192.168.10.10/32", ExceptCIDRs: []CIDR{}, Generated: true}} 88 89 group := GetToGroupsRule() 90 cidr, err := group.GetCidrSet() 91 c.Assert(cidr, checker.DeepEquals, cidrRule) 92 c.Assert(err, IsNil) 93 } 94 95 func (s *PolicyAPITestSuite) TestGetCIDRSetWithError(c *C) { 96 97 cb := func(group *ToGroups) ([]net.IP, error) { 98 return []net.IP{}, fmt.Errorf("Invalid credentials") 99 } 100 RegisterToGroupsProvider(AWSProvider, cb) 101 group := GetToGroupsRule() 102 cidr, err := group.GetCidrSet() 103 c.Assert(cidr, IsNil) 104 c.Assert(err, NotNil) 105 106 } 107 108 func (s *PolicyAPITestSuite) TestWithoutProviderRegister(c *C) { 109 providers.Delete(AWSProvider) 110 group := GetToGroupsRule() 111 cidr, err := group.GetCidrSet() 112 c.Assert(cidr, IsNil) 113 c.Assert(err, NotNil) 114 }