Skip to content

Commit ee584b4

Browse files
abhishek-pandey-1abhishek-pandey-1
committed
Fix tests
Signed-off-by: Abhishek Pandey <abhpandey@microsoft.com>
1 parent 88a54c6 commit ee584b4

File tree

2 files changed

+51
-51
lines changed

2 files changed

+51
-51
lines changed

pkg/controller/security_group_test.go

Lines changed: 36 additions & 36 deletions
Original file line numberDiff line numberDiff line change
@@ -84,8 +84,8 @@ func Test_validateSgRule(t *testing.T) {
8484
return &kubeovnv1.SecurityGroup{
8585
ObjectMeta: metav1.ObjectMeta{Name: "test-sg"},
8686
Spec: kubeovnv1.SecurityGroupSpec{
87-
SecurityGroupTier: util.SecurityGroupTierMinimum,
88-
IngressRules: rules,
87+
Tier: util.SecurityGroupAPITierMinimum,
88+
IngressRules: rules,
8989
},
9090
}
9191
}
@@ -158,17 +158,17 @@ func Test_validateSgRule(t *testing.T) {
158158
t.Parallel()
159159

160160
sg := baseSG(kubeovnv1.SecurityGroupRule{
161-
IPVersion: "ipv4",
162-
Priority: 1,
163-
RemoteType: kubeovnv1.SgRemoteTypeAddress,
164-
RemoteAddress: "10.0.0.1",
165-
LocalAddress: "192.168.1.100",
166-
Protocol: "tcp",
167-
Policy: kubeovnv1.SgPolicy(ovnnb.ACLActionAllow),
168-
PortRangeMin: 80,
169-
PortRangeMax: 443,
170-
LocalPortRangeMin: 1024,
171-
LocalPortRangeMax: 65535,
161+
IPVersion: "ipv4",
162+
Priority: 1,
163+
RemoteType: kubeovnv1.SgRemoteTypeAddress,
164+
RemoteAddress: "10.0.0.1",
165+
LocalAddress: "192.168.1.100",
166+
Protocol: "tcp",
167+
Policy: kubeovnv1.SgPolicy(ovnnb.ACLActionAllow),
168+
PortRangeMin: 80,
169+
PortRangeMax: 443,
170+
SourcePortRangeMin: 1024,
171+
SourcePortRangeMax: 65535,
172172
})
173173
err := ctrl.validateSgRule(sg)
174174
require.NoError(t, err)
@@ -178,37 +178,37 @@ func Test_validateSgRule(t *testing.T) {
178178
t.Parallel()
179179

180180
sg := baseSG(kubeovnv1.SecurityGroupRule{
181-
IPVersion: "ipv4",
182-
Priority: 1,
183-
RemoteType: kubeovnv1.SgRemoteTypeAddress,
184-
RemoteAddress: "10.0.0.1",
185-
LocalAddress: "192.168.1.100",
186-
Protocol: "tcp",
187-
Policy: kubeovnv1.SgPolicy(ovnnb.ACLActionAllow),
188-
PortRangeMin: 80,
189-
PortRangeMax: 443,
190-
LocalPortRangeMin: 0,
191-
LocalPortRangeMax: 65535,
181+
IPVersion: "ipv4",
182+
Priority: 1,
183+
RemoteType: kubeovnv1.SgRemoteTypeAddress,
184+
RemoteAddress: "10.0.0.1",
185+
LocalAddress: "192.168.1.100",
186+
Protocol: "tcp",
187+
Policy: kubeovnv1.SgPolicy(ovnnb.ACLActionAllow),
188+
PortRangeMin: 80,
189+
PortRangeMax: 443,
190+
SourcePortRangeMin: 0,
191+
SourcePortRangeMax: 65535,
192192
})
193193
err := ctrl.validateSgRule(sg)
194-
require.ErrorContains(t, err, "portRange is out of range")
194+
require.ErrorContains(t, err, "sourcePortRange is out of range")
195195
})
196196

197197
t.Run("invalid local port range min greater than max", func(t *testing.T) {
198198
t.Parallel()
199199

200200
sg := baseSG(kubeovnv1.SecurityGroupRule{
201-
IPVersion: "ipv4",
202-
Priority: 1,
203-
RemoteType: kubeovnv1.SgRemoteTypeAddress,
204-
RemoteAddress: "10.0.0.1",
205-
LocalAddress: "192.168.1.100",
206-
Protocol: "udp",
207-
Policy: kubeovnv1.SgPolicy(ovnnb.ACLActionAllow),
208-
PortRangeMin: 80,
209-
PortRangeMax: 443,
210-
LocalPortRangeMin: 9000,
211-
LocalPortRangeMax: 8000,
201+
IPVersion: "ipv4",
202+
Priority: 1,
203+
RemoteType: kubeovnv1.SgRemoteTypeAddress,
204+
RemoteAddress: "10.0.0.1",
205+
LocalAddress: "192.168.1.100",
206+
Protocol: "udp",
207+
Policy: kubeovnv1.SgPolicy(ovnnb.ACLActionAllow),
208+
PortRangeMin: 80,
209+
PortRangeMax: 443,
210+
SourcePortRangeMin: 9000,
211+
SourcePortRangeMax: 8000,
212212
})
213213
err := ctrl.validateSgRule(sg)
214214
require.ErrorContains(t, err, "range Minimum value greater than maximum value")

pkg/ovs/ovn-nb-acl_test.go

Lines changed: 15 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -1446,7 +1446,7 @@ func (suite *OvnClientTestSuite) testNewSgRuleACL() {
14461446
}
14471447
priority := strconv.Itoa(highestPriority - sgRule.Priority)
14481448

1449-
acl, err := nbClient.newSgRuleACL(sgName, ovnnb.ACLDirectionToLport, sgRule, util.SecurityGroupTierMinimum)
1449+
acl, err := nbClient.newSgRuleACL(sgName, ovnnb.ACLDirectionToLport, sgRule, util.NetpolACLTier)
14501450
require.NoError(t, err)
14511451

14521452
match := fmt.Sprintf("outport == @%s && ip4 && ip4.src == %s && ip4.dst == %s", pgName, sgRule.RemoteAddress, sgRule.LocalAddress)
@@ -1459,25 +1459,25 @@ func (suite *OvnClientTestSuite) testNewSgRuleACL() {
14591459
t.Parallel()
14601460

14611461
sgRule := kubeovnv1.SecurityGroupRule{
1462-
IPVersion: "ipv4",
1463-
RemoteType: kubeovnv1.SgRemoteTypeAddress,
1464-
RemoteAddress: "10.10.10.0/24",
1465-
LocalAddress: "192.168.1.100",
1466-
Protocol: "tcp",
1467-
Priority: 8,
1468-
Policy: "allow",
1469-
PortRangeMin: 80,
1470-
PortRangeMax: 443,
1471-
LocalPortRangeMin: 1024,
1472-
LocalPortRangeMax: 65535,
1462+
IPVersion: "ipv4",
1463+
RemoteType: kubeovnv1.SgRemoteTypeAddress,
1464+
RemoteAddress: "10.10.10.0/24",
1465+
LocalAddress: "192.168.1.100",
1466+
Protocol: "tcp",
1467+
Priority: 8,
1468+
Policy: "allow",
1469+
PortRangeMin: 80,
1470+
PortRangeMax: 443,
1471+
SourcePortRangeMin: 1024,
1472+
SourcePortRangeMax: 65535,
14731473
}
14741474
priority := strconv.Itoa(highestPriority - sgRule.Priority)
14751475

1476-
acl, err := nbClient.newSgRuleACL(sgName, ovnnb.ACLDirectionToLport, sgRule, util.SecurityGroupTierMinimum)
1476+
acl, err := nbClient.newSgRuleACL(sgName, ovnnb.ACLDirectionToLport, sgRule, util.NetpolACLTier)
14771477
require.NoError(t, err)
14781478

14791479
match := fmt.Sprintf("outport == @%s && ip4 && ip4.src == %s && ip4.dst == %s && %d <= tcp.dst <= %d && %d <= tcp.src <= %d",
1480-
pgName, sgRule.RemoteAddress, sgRule.LocalAddress, sgRule.PortRangeMin, sgRule.PortRangeMax, sgRule.LocalPortRangeMin, sgRule.LocalPortRangeMax)
1480+
pgName, sgRule.RemoteAddress, sgRule.LocalAddress, sgRule.PortRangeMin, sgRule.PortRangeMax, sgRule.SourcePortRangeMin, sgRule.SourcePortRangeMax)
14811481
expect := newACL(pgName, ovnnb.ACLDirectionToLport, priority, match, ovnnb.ACLActionAllowRelated, util.NetpolACLTier)
14821482
expect.UUID = acl.UUID
14831483
require.Equal(t, expect, acl)
@@ -1496,7 +1496,7 @@ func (suite *OvnClientTestSuite) testNewSgRuleACL() {
14961496
}
14971497
priority := strconv.Itoa(highestPriority - sgRule.Priority)
14981498

1499-
acl, err := nbClient.newSgRuleACL(sgName, ovnnb.ACLDirectionToLport, sgRule, util.SecurityGroupTierMinimum)
1499+
acl, err := nbClient.newSgRuleACL(sgName, ovnnb.ACLDirectionToLport, sgRule, util.NetpolACLTier)
15001500
require.NoError(t, err)
15011501

15021502
match := fmt.Sprintf("outport == @%s && ip4 && ip4.src == %s && icmp4", pgName, sgRule.RemoteAddress)

0 commit comments

Comments
 (0)