-
Notifications
You must be signed in to change notification settings - Fork 241
/
testutils_linux.go
78 lines (66 loc) · 3.1 KB
/
testutils_linux.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
package policies
import (
"strings"
"github.com/Azure/azure-container-networking/npm/util"
testutils "github.com/Azure/azure-container-networking/test/utils"
)
var (
fakeIPTablesRestoreCommand = testutils.TestCmd{Cmd: []string{"iptables-restore", "-w", "60", "-T", "filter", "--noflush"}}
fakeIPTablesRestoreFailureCommand = testutils.TestCmd{Cmd: []string{"iptables-restore", "-w", "60", "-T", "filter", "--noflush"}, ExitCode: 1}
listLineNumbersCommandStrings = []string{"iptables", "-w", "60", "-t", "filter", "-n", "-L", "FORWARD", "--line-numbers"}
listAllCommandStrings = []string{"iptables", "-w", "60", "-t", "filter", "-n", "-L"}
)
func GetAddPolicyTestCalls(_ *NPMNetworkPolicy) []testutils.TestCmd {
return []testutils.TestCmd{fakeIPTablesRestoreCommand}
}
func GetAddPolicyFailureTestCalls(_ *NPMNetworkPolicy) []testutils.TestCmd {
return []testutils.TestCmd{fakeIPTablesRestoreFailureCommand, fakeIPTablesRestoreFailureCommand}
}
func GetRemovePolicyTestCalls(policy *NPMNetworkPolicy) []testutils.TestCmd {
calls := []testutils.TestCmd{}
hasIngress, hasEgress := policy.hasIngressAndEgress()
if hasIngress {
deleteIngressJumpSpecs := []string{"iptables", "-w", "60", "-D", util.IptablesAzureIngressChain}
deleteIngressJumpSpecs = append(deleteIngressJumpSpecs, ingressJumpSpecs(policy)...)
calls = append(calls, testutils.TestCmd{Cmd: deleteIngressJumpSpecs})
}
if hasEgress {
deleteEgressJumpSpecs := []string{"iptables", "-w", "60", "-D", util.IptablesAzureEgressChain}
deleteEgressJumpSpecs = append(deleteEgressJumpSpecs, egressJumpSpecs(policy)...)
calls = append(calls, testutils.TestCmd{Cmd: deleteEgressJumpSpecs})
}
calls = append(calls, fakeIPTablesRestoreCommand)
return calls
}
// GetRemovePolicyFailureTestCalls fails on the restore
func GetRemovePolicyFailureTestCalls(policy *NPMNetworkPolicy) []testutils.TestCmd {
calls := GetRemovePolicyTestCalls(policy)
// replace the restore success with a failure
calls[len(calls)-1] = fakeIPTablesRestoreFailureCommand
// add another failure
return append(calls, fakeIPTablesRestoreFailureCommand)
}
func GetBootupTestCalls() []testutils.TestCmd {
return []testutils.TestCmd{
{Cmd: []string{"iptables", "-w", "60", "-D", "FORWARD", "-j", "AZURE-NPM"}, ExitCode: 2}, //nolint // AZURE-NPM chain didn't exist
{Cmd: listAllCommandStrings, PipedToCommand: true},
{
Cmd: []string{"grep", "Chain AZURE-NPM"},
ExitCode: 1,
},
fakeIPTablesRestoreCommand,
{Cmd: listLineNumbersCommandStrings, PipedToCommand: true},
{Cmd: []string{"grep", "AZURE-NPM"}, ExitCode: 1},
{Cmd: []string{"iptables", "-w", "60", "-I", "FORWARD", "-j", "AZURE-NPM", "-m", "conntrack", "--ctstate", "NEW"}},
}
}
func getFakeDeleteJumpCommand(chainName, jumpRule string) testutils.TestCmd {
args := []string{"iptables", "-w", "60", "-D", chainName}
args = append(args, strings.Split(jumpRule, " ")...)
return testutils.TestCmd{Cmd: args}
}
func getFakeDeleteJumpCommandWithCode(chainName, jumpRule string, exitCode int) testutils.TestCmd {
command := getFakeDeleteJumpCommand(chainName, jumpRule)
command.ExitCode = exitCode
return command
}