github.com/imran-kn/cilium-fork@v1.6.9/pkg/policy/api/ingress_test.go (about) 1 // Copyright 2019 Authors of Cilium 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 15 // +build !privileged_tests 16 17 package api 18 19 import ( 20 "github.com/cilium/cilium/pkg/checker" 21 22 . "gopkg.in/check.v1" 23 metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 24 ) 25 26 func (s *PolicyAPITestSuite) TestIsLabelBasedIngress(c *C) { 27 type args struct { 28 eg *IngressRule 29 } 30 type wanted struct { 31 isLabelBased bool 32 } 33 34 tests := []struct { 35 name string 36 setupArgs func() args 37 setupWanted func() wanted 38 }{ 39 { 40 name: "label-based-rule", 41 setupArgs: func() args { 42 return args{ 43 eg: &IngressRule{ 44 FromEndpoints: []EndpointSelector{ 45 { 46 LabelSelector: &metav1.LabelSelector{MatchLabels: map[string]string{ 47 "test": "true", 48 }, 49 }, 50 }, 51 }, 52 }, 53 } 54 }, 55 setupWanted: func() wanted { 56 return wanted{ 57 isLabelBased: true, 58 } 59 }, 60 }, 61 { 62 name: "cidr-based-rule", 63 setupArgs: func() args { 64 return args{ 65 &IngressRule{ 66 FromCIDR: CIDRSlice{"192.0.0.0/3"}, 67 }, 68 } 69 }, 70 setupWanted: func() wanted { 71 return wanted{ 72 isLabelBased: true, 73 } 74 }, 75 }, 76 { 77 name: "cidrset-based-rule", 78 setupArgs: func() args { 79 return args{ 80 &IngressRule{ 81 FromCIDRSet: CIDRRuleSlice{ 82 { 83 Cidr: "192.0.0.0/3", 84 }, 85 }, 86 }, 87 } 88 }, 89 setupWanted: func() wanted { 90 return wanted{ 91 isLabelBased: true, 92 } 93 }, 94 }, 95 { 96 name: "rule-with-requirements", 97 setupArgs: func() args { 98 return args{ 99 &IngressRule{ 100 FromRequires: []EndpointSelector{ 101 { 102 LabelSelector: &metav1.LabelSelector{MatchLabels: map[string]string{ 103 "test": "true", 104 }, 105 }, 106 }, 107 }, 108 }, 109 } 110 }, 111 setupWanted: func() wanted { 112 return wanted{ 113 isLabelBased: false, 114 } 115 }, 116 }, 117 { 118 name: "rule-with-entities", 119 setupArgs: func() args { 120 return args{ 121 &IngressRule{ 122 FromEntities: EntitySlice{ 123 EntityHost, 124 }, 125 }, 126 } 127 }, 128 setupWanted: func() wanted { 129 return wanted{ 130 isLabelBased: true, 131 } 132 }, 133 }, 134 { 135 name: "rule-with-no-l3-specification", 136 setupArgs: func() args { 137 return args{ 138 &IngressRule{ 139 ToPorts: []PortRule{ 140 { 141 Ports: []PortProtocol{ 142 { 143 Port: "80", 144 Protocol: ProtoTCP, 145 }, 146 }, 147 }, 148 }, 149 }, 150 } 151 }, 152 setupWanted: func() wanted { 153 return wanted{ 154 isLabelBased: true, 155 } 156 }, 157 }, 158 } 159 160 for _, tt := range tests { 161 args := tt.setupArgs() 162 want := tt.setupWanted() 163 c.Assert(args.eg.sanitize(), Equals, nil, Commentf("Test name: %q", tt.name)) 164 isLabelBased := args.eg.IsLabelBased() 165 c.Assert(isLabelBased, checker.DeepEquals, want.isLabelBased, Commentf("Test name: %q", tt.name)) 166 } 167 }