-
Notifications
You must be signed in to change notification settings - Fork 230
/
testutils_linux.go
81 lines (70 loc) · 3.42 KB
/
testutils_linux.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
package policies
import (
"strings"
"github.com/Azure/azure-container-networking/npm/util"
testutils "github.com/Azure/azure-container-networking/test/utils"
)
var (
fakeIPTablesRestoreCommand = testutils.TestCmd{Cmd: []string{"iptables-restore", "-T", "filter", "--noflush"}}
fakeIPTablesRestoreFailureCommand = testutils.TestCmd{Cmd: []string{"iptables-restore", "-T", "filter", "--noflush"}, ExitCode: 1}
listLineNumbersCommandStrings = []string{"iptables", "-w", "60", "-t", "filter", "-n", "-L", "FORWARD", "--line-numbers"}
listPolicyChainNamesCommandStrings = []string{"iptables", "-w", "60", "-t", "filter", "-n", "-L"}
)
func GetAddPolicyTestCalls(_ *NPMNetworkPolicy) []testutils.TestCmd {
return []testutils.TestCmd{fakeIPTablesRestoreCommand}
}
func GetRemovePolicyTestCalls(policy *NPMNetworkPolicy) []testutils.TestCmd {
calls := []testutils.TestCmd{}
hasIngress, hasEgress := policy.hasIngressAndEgress()
if hasIngress {
deleteIngressJumpSpecs := []string{"iptables", "-w", "60", "-D", util.IptablesAzureIngressChain}
deleteIngressJumpSpecs = append(deleteIngressJumpSpecs, getIngressJumpSpecs(policy)...)
calls = append(calls, testutils.TestCmd{Cmd: deleteIngressJumpSpecs})
}
if hasEgress {
deleteEgressJumpSpecs := []string{"iptables", "-w", "60", "-D", util.IptablesAzureEgressChain}
deleteEgressJumpSpecs = append(deleteEgressJumpSpecs, getEgressJumpSpecs(policy)...)
calls = append(calls, testutils.TestCmd{Cmd: deleteEgressJumpSpecs})
}
calls = append(calls, fakeIPTablesRestoreCommand)
return calls
}
func GetInitializeTestCalls() []testutils.TestCmd {
return []testutils.TestCmd{
fakeIPTablesRestoreCommand, // gives correct exit code
{
Cmd: listLineNumbersCommandStrings,
ExitCode: 1, // grep call gets this exit code (exit code 1 means grep found nothing)
},
// NOTE: after the StdOut pipe used for grep, MockIOShim gets confused and each command's ExitCode and Stdout are applied to the ensuing command
{
Cmd: []string{"grep", "KUBE-SERVICES"},
Stdout: "iptables: No chain/target/match by that name.", // this Stdout and ExitCode are for the iptables check command below
ExitCode: 1,
},
{Cmd: []string{"iptables", "-w", "60", "-C", "FORWARD", "-j", "AZURE-NPM", "-m", "conntrack", "--ctstate", "NEW"}},
{Cmd: []string{"iptables", "-w", "60", "-I", "FORWARD", "1", "-j", "AZURE-NPM", "-m", "conntrack", "--ctstate", "NEW"}},
}
}
func GetResetTestCalls() []testutils.TestCmd {
return []testutils.TestCmd{
{Cmd: []string{"iptables", "-w", "60", "-D", "FORWARD", "-j", "AZURE-NPM", "-m", "conntrack", "--ctstate", "NEW"}},
{
Cmd: listPolicyChainNamesCommandStrings,
Stdout: "Chain AZURE-NPM-INGRESS-123456\nChain AZURE-NPM-EGRESS-123456",
},
// NOTE: after the StdOut pipe used for grep, MockIOShim gets confused and each command's ExitCode and Stdout are applied to the ensuing command
{Cmd: []string{"grep", ingressOrEgressPolicyChainPattern}}, // ExitCode 0 for the iptables restore command
fakeIPTablesRestoreCommand,
}
}
func getFakeDeleteJumpCommand(chainName, jumpRule string) testutils.TestCmd {
args := []string{"iptables", "-w", "60", "-D", chainName}
args = append(args, strings.Split(jumpRule, " ")...)
return testutils.TestCmd{Cmd: args}
}
func getFakeDeleteJumpCommandWithCode(chainName, jumpRule string, exitCode int) testutils.TestCmd {
command := getFakeDeleteJumpCommand(chainName, jumpRule)
command.ExitCode = exitCode
return command
}