From 23e2f43d338462c95ca274dfb4ffde7cb7f3743d Mon Sep 17 00:00:00 2001 From: Kevin Lyda Date: Mon, 14 Oct 2024 12:51:01 +0100 Subject: [PATCH] Attempt to address remaining errors --- pkg/service/model_build_target_group.go | 27 +++----- pkg/service/model_builder_test.go | 92 ++++++++++++++++++++----- 2 files changed, 83 insertions(+), 36 deletions(-) diff --git a/pkg/service/model_build_target_group.go b/pkg/service/model_build_target_group.go index 8cac0be5e..09a910294 100644 --- a/pkg/service/model_build_target_group.go +++ b/pkg/service/model_build_target_group.go @@ -477,6 +477,8 @@ func (t *defaultModelBuildTask) buildTargetGroupBindingNetworking(_ context.Cont Protocol: &protocolTCP, Port: &tgPort, }) + case corev1.Protocol("TCP_UDP"): + fallthrough case corev1.ProtocolUDP: ports = append(ports, elbv2api.NetworkingPort{ Protocol: &protocolUDP, @@ -560,18 +562,19 @@ func (t *defaultModelBuildTask) buildTargetGroupBindingNetworkingLegacy(ctx cont trafficSource := loadBalancerSubnetCIDRs defaultRangeUsed := false var trafficPorts []elbv2api.NetworkingPort - switch networkingProtocol { - case elbv2api.NetworkingProtocolTCP_UDP: - tcpProtocol := elbv2api.NetworkingProtocolTCP - udpProtocol := elbv2api.NetworkingProtocolUDP + if networkingProtocol == elbv2api.NetworkingProtocolUDP || t.preserveClientIP { trafficSource = t.getLoadBalancerSourceRanges(ctx) if len(trafficSource) == 0 { - trafficSource, err = t.getDefaultIPSourceRanges(ctx, targetGroupIPAddressType, port.Protocol, scheme) + trafficSource, err = t.getDefaultIPSourceRanges(ctx, targetGroupIPAddressType, tgProtocol, scheme) if err != nil { return nil, err } defaultRangeUsed = true } + } + if networkingProtocol == elbv2api.NetworkingProtocolTCP_UDP { + tcpProtocol := elbv2api.NetworkingProtocolTCP + udpProtocol := elbv2api.NetworkingProtocolUDP trafficPorts = []elbv2api.NetworkingPort{ { Port: &tgPort, @@ -582,17 +585,7 @@ func (t *defaultModelBuildTask) buildTargetGroupBindingNetworkingLegacy(ctx cont Protocol: &udpProtocol, }, } - default: - if networkingProtocol == elbv2api.NetworkingProtocolUDP || t.preserveClientIP { - trafficSource = t.getLoadBalancerSourceRanges(ctx) - if len(trafficSource) == 0 { - trafficSource, err = t.getDefaultIPSourceRanges(ctx, targetGroupIPAddressType, port.Protocol, scheme) - if err != nil { - return nil, err - } - defaultRangeUsed = true - } - } + } else { trafficPorts = []elbv2api.NetworkingPort{ { Port: &tgPort, @@ -633,7 +626,7 @@ func (t *defaultModelBuildTask) getDefaultIPSourceRanges(ctx context.Context, ta if targetGroupIPAddressType == elbv2model.TargetGroupIPAddressTypeIPv6 { defaultSourceRanges = t.defaultIPv6SourceRanges } - if (protocol == corev1.ProtocolUDP || t.preserveClientIP) && scheme == elbv2model.LoadBalancerSchemeInternal { + if (protocol == corev1.Protocol("TCP_UDP") || protocol == corev1.ProtocolUDP || t.preserveClientIP) && scheme == elbv2model.LoadBalancerSchemeInternal { vpcInfo, err := t.vpcInfoProvider.FetchVPCInfo(ctx, t.vpcID, networking.FetchVPCInfoWithoutCache()) if err != nil { return nil, err diff --git a/pkg/service/model_builder_test.go b/pkg/service/model_builder_test.go index 7af94f721..fa2a9acfc 100644 --- a/pkg/service/model_builder_test.go +++ b/pkg/service/model_builder_test.go @@ -2,11 +2,12 @@ package service import ( "context" - ec2types "github.com/aws/aws-sdk-go-v2/service/ec2/types" - elbv2types "github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2/types" "testing" "time" + ec2types "github.com/aws/aws-sdk-go-v2/service/ec2/types" + elbv2types "github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2/types" + awssdk "github.com/aws/aws-sdk-go-v2/aws" "github.com/go-logr/logr" "github.com/golang/mock/gomock" @@ -2289,6 +2290,46 @@ func Test_defaultModelBuilderTask_Build(t *testing.T) { { "id":"app/tcpudp-protocol", "resources":{ + "AWS::EC2::SecurityGroup":{ + "ManagedLBSecurityGroup":{ + "spec":{ + "description":"[k8s] Managed SecurityGroup for LoadBalancer", + "groupName":"k8s-app-tcpudppr-06a9156bf8", + "ingress":[ + { + "fromPort":80, + "ipProtocol":"tcp", + "ipRanges":[ + { + "cidrIP":"0.0.0.0/0" + } + ], + "toPort":80 + }, + { + "fromPort":80, + "ipProtocol":"udp", + "ipRanges":[ + { + "cidrIP":"0.0.0.0/0" + } + ], + "toPort":80 + }, + { + "fromPort":83, + "ipProtocol":"tcp", + "ipRanges":[ + { + "cidrIP":"0.0.0.0/0" + } + ], + "toPort":83 + } + ] + } + } + }, "AWS::ElasticLoadBalancingV2::Listener":{ "80":{ "spec":{ @@ -2343,6 +2384,11 @@ func Test_defaultModelBuilderTask_Build(t *testing.T) { "name":"k8s-app-tcpudppr-2af705447d", "type":"network", "scheme":"internet-facing", + "securityGroups":[ + { + "$ref":"#/resources/AWS::EC2::SecurityGroup/ManagedLBSecurityGroup/status/groupID" + } + ], "ipAddressType":"ipv4", "subnetMapping":[ { @@ -2369,6 +2415,7 @@ func Test_defaultModelBuilderTask_Build(t *testing.T) { "healthCheckConfig":{ "port":"traffic-port", "protocol":"TCP", + "timeoutSeconds":10, "unhealthyThresholdCount":3, "healthyThresholdCount":3, "intervalSeconds":10 @@ -2391,6 +2438,7 @@ func Test_defaultModelBuilderTask_Build(t *testing.T) { "healthCheckConfig":{ "port":"traffic-port", "protocol":"TCP", + "timeoutSeconds":10, "unhealthyThresholdCount":3, "healthyThresholdCount":3, "intervalSeconds":10 @@ -2418,6 +2466,7 @@ func Test_defaultModelBuilderTask_Build(t *testing.T) { "$ref":"#/resources/AWS::ElasticLoadBalancingV2::TargetGroup/app/tcpudp-protocol:80/status/targetGroupARN" }, "targetType":"instance", + "vpcID":"vpc-xxx", "serviceRef":{ "name":"tcpudp-protocol", "port":80 @@ -2428,18 +2477,20 @@ func Test_defaultModelBuilderTask_Build(t *testing.T) { { "from":[ { - "ipBlock":{ - "cidr":"0.0.0.0/0" + "securityGroup": { + "groupID": { + "$ref": "#/resources/AWS::EC2::SecurityGroup/ManagedLBSecurityGroup/status/groupID" + } } } ], "ports":[ { - "protocol":"TCP", + "protocol":"UDP", "port":31223 }, { - "protocol":"UDP", + "protocol":"TCP", "port":31223 } ] @@ -2463,6 +2514,7 @@ func Test_defaultModelBuilderTask_Build(t *testing.T) { "$ref":"#/resources/AWS::ElasticLoadBalancingV2::TargetGroup/app/tcpudp-protocol:83/status/targetGroupARN" }, "targetType":"instance", + "vpcID":"vpc-xxx", "serviceRef":{ "name":"tcpudp-protocol", "port":83 @@ -2473,8 +2525,10 @@ func Test_defaultModelBuilderTask_Build(t *testing.T) { { "from":[ { - "ipBlock":{ - "cidr":"0.0.0.0/0" + "securityGroup": { + "groupID": { + "$ref": "#/resources/AWS::EC2::SecurityGroup/ManagedLBSecurityGroup/status/groupID" + } } } ], @@ -2495,7 +2549,7 @@ func Test_defaultModelBuilderTask_Build(t *testing.T) { } } `, - wantNumResources: 7, + wantNumResources: 8, }, { testName: "list load balancers error", @@ -3628,7 +3682,7 @@ func Test_defaultModelBuilderTask_Build(t *testing.T) { ], "ports":[ { - "port": 80, + "port": 80, "protocol":"TCP" } ] @@ -3881,12 +3935,12 @@ func Test_defaultModelBuilderTask_Build(t *testing.T) { } ], "ports":[ - { - "port": 80, + { + "port": 80, "protocol":"TCP" }, - { - "port": 8888, + { + "port": 8888, "protocol":"TCP" } ] @@ -4520,9 +4574,9 @@ func Test_defaultModelBuilderTask_Build(t *testing.T) { "from":[ { "securityGroup":{ - "groupID": { - "$ref": "#/resources/AWS::EC2::SecurityGroup/ManagedLBSecurityGroup/status/groupID" - } + "groupID": { + "$ref": "#/resources/AWS::EC2::SecurityGroup/ManagedLBSecurityGroup/status/groupID" + } } } ], @@ -4564,8 +4618,8 @@ func Test_defaultModelBuilderTask_Build(t *testing.T) { { "securityGroup":{ "groupID": { - "$ref": "#/resources/AWS::EC2::SecurityGroup/ManagedLBSecurityGroup/status/groupID" - } + "$ref": "#/resources/AWS::EC2::SecurityGroup/ManagedLBSecurityGroup/status/groupID" + } } } ],