mirrors/kube-router
1
0
Fork 0
mirror of https://github.com/cloudnativelabs/kube-router.git synced 2025-11-20 12:31:04 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #981 from cloudnativelabs/lint-errors

Browse Source 
fix build break due to go linter errros
This commit is contained in:
Aaron U'Ren 2020-09-03 13:52:28 -05:00 committed by GitHub
commit cebe8b7352
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 9 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
pkg/controllers/netpol/network_policy_controller.go
View File

@ -201,7 +201,7 @@ func (npc *NetworkPolicyController) ensureTopLevelChains() {
glog.Fatalf("Failed to initialize iptables executor due to %s", err.Error()) glog.Fatalf("Failed to initialize iptables executor due to %s", err.Error())
} }
addUuidForRuleSpec := func(chain string, ruleSpec *[]string) (string, error) { addUUIDForRuleSpec := func(chain string, ruleSpec *[]string) (string, error) {
hash := sha256.Sum256([]byte(chain + strings.Join(*ruleSpec, ""))) hash := sha256.Sum256([]byte(chain + strings.Join(*ruleSpec, "")))
encoded := base32.StdEncoding.EncodeToString(hash[:])[:16] encoded := base32.StdEncoding.EncodeToString(hash[:])[:16]
for idx, part := range *ruleSpec { for idx, part := range *ruleSpec {
@ -236,7 +236,7 @@ func (npc *NetworkPolicyController) ensureTopLevelChains() {
if strings.HasPrefix(rule, "-P") || strings.HasPrefix(rule, "-N") { if strings.HasPrefix(rule, "-P") || strings.HasPrefix(rule, "-N") {
// if this chain has a default policy, then it will show as rule #1 from iptablesCmdHandler.List so we // if this chain has a default policy, then it will show as rule #1 from iptablesCmdHandler.List so we
// need to account for this offset // need to account for this offset
ruleIndexOffset += 1 ruleIndexOffset++
continue continue
} }
if strings.Contains(rule, uuid) { if strings.Contains(rule, uuid) {
@ -265,7 +265,7 @@ func (npc *NetworkPolicyController) ensureTopLevelChains() {
glog.Fatalf("Failed to run iptables command to create %s chain due to %s", customChain, err.Error()) glog.Fatalf("Failed to run iptables command to create %s chain due to %s", customChain, err.Error())
} }
args := []string{"-m", "comment", "--comment", "kube-router netpol", "-j", customChain} args := []string{"-m", "comment", "--comment", "kube-router netpol", "-j", customChain}
uuid, err := addUuidForRuleSpec(builtinChain, &args) uuid, err := addUUIDForRuleSpec(builtinChain, &args)
if err != nil { if err != nil {
glog.Fatalf("Failed to get uuid for rule: %s", err.Error()) glog.Fatalf("Failed to get uuid for rule: %s", err.Error())
} }
@ -273,7 +273,7 @@ func (npc *NetworkPolicyController) ensureTopLevelChains() {
} }
whitelistServiceVips := []string{"-m", "comment", "--comment", "allow traffic to cluster IP", "-d", npc.serviceClusterIPRange.String(), "-j", "RETURN"} whitelistServiceVips := []string{"-m", "comment", "--comment", "allow traffic to cluster IP", "-d", npc.serviceClusterIPRange.String(), "-j", "RETURN"}
uuid, err := addUuidForRuleSpec(kubeInputChainName, &whitelistServiceVips) uuid, err := addUUIDForRuleSpec(kubeInputChainName, &whitelistServiceVips)
if err != nil { if err != nil {
glog.Fatalf("Failed to get uuid for rule: %s", err.Error()) glog.Fatalf("Failed to get uuid for rule: %s", err.Error())
} }
@ -281,7 +281,7 @@ func (npc *NetworkPolicyController) ensureTopLevelChains() {
whitelistTCPNodeports := []string{"-p", "tcp", "-m", "comment", "--comment", "allow LOCAL TCP traffic to node ports", "-m", "addrtype", "--dst-type", "LOCAL", whitelistTCPNodeports := []string{"-p", "tcp", "-m", "comment", "--comment", "allow LOCAL TCP traffic to node ports", "-m", "addrtype", "--dst-type", "LOCAL",
"-m", "multiport", "--dports", npc.serviceNodePortRange, "-j", "RETURN"} "-m", "multiport", "--dports", npc.serviceNodePortRange, "-j", "RETURN"}
uuid, err = addUuidForRuleSpec(kubeInputChainName, &whitelistTCPNodeports) uuid, err = addUUIDForRuleSpec(kubeInputChainName, &whitelistTCPNodeports)
if err != nil { if err != nil {
glog.Fatalf("Failed to get uuid for rule: %s", err.Error()) glog.Fatalf("Failed to get uuid for rule: %s", err.Error())
} }
@ -289,7 +289,7 @@ func (npc *NetworkPolicyController) ensureTopLevelChains() {
whitelistUDPNodeports := []string{"-p", "udp", "-m", "comment", "--comment", "allow LOCAL UDP traffic to node ports", "-m", "addrtype", "--dst-type", "LOCAL", whitelistUDPNodeports := []string{"-p", "udp", "-m", "comment", "--comment", "allow LOCAL UDP traffic to node ports", "-m", "addrtype", "--dst-type", "LOCAL",
"-m", "multiport", "--dports", npc.serviceNodePortRange, "-j", "RETURN"} "-m", "multiport", "--dports", npc.serviceNodePortRange, "-j", "RETURN"}
uuid, err = addUuidForRuleSpec(kubeInputChainName, &whitelistUDPNodeports) uuid, err = addUUIDForRuleSpec(kubeInputChainName, &whitelistUDPNodeports)
if err != nil { if err != nil {
glog.Fatalf("Failed to get uuid for rule: %s", err.Error()) glog.Fatalf("Failed to get uuid for rule: %s", err.Error())
} }
@ -297,7 +297,7 @@ func (npc *NetworkPolicyController) ensureTopLevelChains() {
for externalIPIndex, externalIPRange := range npc.serviceExternalIPRanges { for externalIPIndex, externalIPRange := range npc.serviceExternalIPRanges {
whitelistServiceVips := []string{"-m", "comment", "--comment", "allow traffic to external IP range: " + externalIPRange.String(), "-d", externalIPRange.String(), "-j", "RETURN"} whitelistServiceVips := []string{"-m", "comment", "--comment", "allow traffic to external IP range: " + externalIPRange.String(), "-d", externalIPRange.String(), "-j", "RETURN"}
uuid, err = addUuidForRuleSpec(kubeInputChainName, &whitelistServiceVips) uuid, err = addUUIDForRuleSpec(kubeInputChainName, &whitelistServiceVips)
if err != nil { if err != nil {
glog.Fatalf("Failed to get uuid for rule: %s", err.Error()) glog.Fatalf("Failed to get uuid for rule: %s", err.Error())
} }

3
pkg/controllers/netpol/network_policy_controller_test.go
View File

@ -2,7 +2,6 @@ package netpol
import ( import (
"context" "context"
"github.com/cloudnativelabs/kube-router/pkg/options"
"net" "net"
"strings" "strings"
"testing" "testing"
@ -18,6 +17,8 @@ import (
"k8s.io/client-go/informers" "k8s.io/client-go/informers"
clientset "k8s.io/client-go/kubernetes" clientset "k8s.io/client-go/kubernetes"
"k8s.io/client-go/kubernetes/fake" "k8s.io/client-go/kubernetes/fake"
"github.com/cloudnativelabs/kube-router/pkg/options"
) )
// newFakeInformersFromClient creates the different informers used in the uneventful network policy controller // newFakeInformersFromClient creates the different informers used in the uneventful network policy controller