fix: [NPM] adding fixes to windows DP after first run #1100
Conversation
…er for nested sets
| assert.Equal(t, util.GetHashedName(setMetadata.GetPrefixName()), set.HashedName) | ||
|
|
||
| err := iMgr.applyIPSets() | ||
| require.NoError(t, err) |
There was a problem hiding this comment.
Eventually change each test to have this:
toAddOrUpdateSetNames := []string{}
assertEqualContentsTestHelper(t, toAddOrUpdateSetNames, iMgr.toAddOrUpdateCache)
toDeleteSetNames := []string{}
assertEqualContentsTestHelper(t, toAddOrUpdateSetNames, iMgr.toAddOrUpdateCache)
calls := GetApplyIPSetTestCalls(toAdd, toDelete)
ioshim := common.NewMockIOShim(calls)
defer ioshim.VerifyCalls(t, calls)
iMgr := NewIPSetManager(ioshim)
...
iMgr.ApplyIPSets()
| return nil | ||
| } | ||
|
|
||
| type PolicyManagerCfg struct { |
There was a problem hiding this comment.
note to add this in Constructor for pMgr in another PR (will touch code in dataplane.go, dataplane_test.go though)
| } | ||
|
|
||
| func printAndWait() { | ||
| func printAndWait(wait bool) { |
There was a problem hiding this comment.
if wait is false, function name could be simplified
| } | ||
| } | ||
|
|
||
| func NewMockIOShimWithFakeHNS(hns *hnswrapper.Hnsv2wrapperFake) *IOShim { |
There was a problem hiding this comment.
should probably omit these fakes from coverage metrics
JungukCho
left a comment
JungukCho
left a comment
There was a problem hiding this comment.
You can resolve it in your next PR if they make sense.
|
|
||
| const networkName = "azure" | ||
|
|
||
| var errorFakeHNS = errors.New("errorFakeHNS Error") |
There was a problem hiding this comment.
nitpick: seems Error is unnecessary for newErrorFakeHNS since errorFakeHNS has error context already, but it is ok as is.
|
|
||
| type Hnsv2wrapperFake struct { | ||
| Cache FakeHNSCache | ||
| *sync.Mutex |
There was a problem hiding this comment.
curious: special reason for pointer for sync.Mutex?
There was a problem hiding this comment.
Lint was not happy that i was passing a value and not reference.
There was a problem hiding this comment.
Interesting.. good to know why.
There was a problem hiding this comment.
I haven't looked at the usage, but probably because you should never copy a sync.Mutex. In a fake this might be okay, but I would really discourage references to mutexes because any copy (like if you pass the struct by val in to parallel goroutines) of the object can lock all of them
| if err != nil { | ||
| return newErrorFakeHNS(err.Error()) | ||
| } | ||
| for _, setPolSetting := range setPolSettings.Policies { |
There was a problem hiding this comment.
nitpick: seem better HNSNetPol instead of setPolSetting
| if err != nil { | ||
| return newErrorFakeHNS(err.Error()) | ||
| } | ||
| for _, newPolicy := range setPolSettings.Policies { |
There was a problem hiding this comment.
May be better to use consistent variables for newPolicy if there is no special contexts. Line 69 in this file uses a different name.
| return newErrorFakeHNS(err.Error()) | ||
| } | ||
| if _, ok := networkCache.Policies[setpol.Id]; !ok { | ||
| return newErrorFakeHNS(fmt.Sprintf("[FakeHNS] could not find %s ipset", setpol.Name)) |
There was a problem hiding this comment.
nitpick: not sure sometime it has [FakeHNS] or not.
It looks overlapped with
var errorFakeHNS = errors.New("errorFakeHNS Error")| func (fCache FakeHNSCache) ACLPolicies(epList map[string]string, policyID string) (map[string][]*FakeEndpointPolicy, error) { | ||
| aclPols := make(map[string][]*FakeEndpointPolicy) | ||
| for ip, epID := range epList { | ||
| epCache, ok := fCache.endpoints[epID] |
There was a problem hiding this comment.
nitpick: epCache -> cachedEP or just ep since I checked whether fCache.endpoints[epID] return another map ?
| func (fEndpoint *FakeHostComputeEndpoint) RemovePolicy(toRemovePol *FakeEndpointPolicy) error { | ||
| for i, policy := range fEndpoint.Policies { | ||
| if reflect.DeepEqual(policy, toRemovePol) { | ||
| fEndpoint.Policies = append(fEndpoint.Policies[:i], fEndpoint.Policies[i+1:]...) |
There was a problem hiding this comment.
nitpick: may do swap if ordering is not issue.
For example,
if i != len(fEndpoint.Policies) {
// replace it with last one
fEndpoint.Policies[i] = fEndpoint.Policies[len(fEndpoint.Policies)-1]
}
// remove last element.
fEndpoint.Policies = fEndpoint.Policies[:i-1]
return nil
}| ) | ||
|
|
||
| const ( | ||
| blockRulePriotity = 3000 |
There was a problem hiding this comment.
May be beneficial to put comments why they are 3000 and 222 for code maintenance.
| policySettings.LocalAddresses = srcListStr | ||
| policySettings.RemoteAddresses = dstListStr | ||
| policySettings.RemotePorts = dstPortStr | ||
| policySettings.LocalPorts = "" |
There was a problem hiding this comment.
It looks unnecessary. policySettings has default value (empty string) for string.
There was a problem hiding this comment.
Just a preventive measure, can remove it.
| if policySettings.Direction == hcn.DirectionTypeOut { | ||
| policySettings.LocalAddresses = dstListStr | ||
| policySettings.LocalPorts = dstPortStr | ||
| policySettings.RemotePorts = "" |
There was a problem hiding this comment.
It looks unnecessary. policySettings has default value (empty string) for string.
There was a problem hiding this comment.
This is needed unlike the previous comment because the we are first setting the policy remote ports for In and then changing to out, so to override the previous assignment we are re-assigning this value to empty string.
There was a problem hiding this comment.
I guess it will be easier to understand to have if else based on hcn.DirectionTypeOut
if policySettings.Direction == hcn.DirectionTypeOut {
policySettings.LocalAddresses = dstListStr
policySettings.RemoteAddresses = srcListStr
policySettings.LocalPorts = dstPortStr
}else { // maybe In?
policySettings.LocalAddresses = srcListStr
policySettings.RemoteAddresses = dstListStr
policySettings.RemotePorts = dstPortStr
}If I missed something, stay with current code, but slightly adjust order in if condition to have the same order above assignment since it helps understand what wat changed.
policySettings.LocalAddresses = srcListStr
policySettings.RemoteAddresses = dstListStr
policySettings.RemotePorts = dstPortStr
policySettings.LocalPorts = ""
if policySettings.Direction == hcn.DirectionTypeOut {
policySettings.LocalAddresses = dstListStr
policySettings.RemoteAddresses = srcListStr
policySettings.RemotePorts = ""
policySettings.LocalPorts = dstPortStr
}There was a problem hiding this comment.
But do you see a huge readability issue with the way it is currently ? I feel like by explicitly assigning to "" it is clear what to expect from a ACL policy in a given direction and removes any assumptions ? wdyt ?
Reason for Change:
Issue Fixed:
Requirements:
Notes: