-
Notifications
You must be signed in to change notification settings - Fork 51
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Read VpcAssociationPolicy value in the model_build_servicenetwork #407
Read VpcAssociationPolicy value in the model_build_servicenetwork #407
Conversation
efd824e
to
062f883
Compare
Pull Request Test Coverage Report for Build 6264742445
💛 - Coveralls |
062f883
to
bc3607c
Compare
Name string `json:"name"` | ||
Namespace string `json:"namespace"` | ||
Account string `json:"account"` | ||
SecurityGroupIds []*string `json:"securityGroupIds"` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
aws vpc lattice go sdk use the []*string
type to pass the security group ids, keep it in the same type here
bc3607c
to
8893809
Compare
mesh *latticemodel.ServiceNetwork | ||
gateway *gateway_api.Gateway | ||
vpcAssociationPolicy *v1alpha1.VpcAssociationPolicy | ||
mesh *latticemodel.ServiceNetwork |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
can you rename mesh
here?
} else { | ||
spec.AssociateToVPC = false | ||
associateToVPC = false |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: can be associateToVPC = value == "true"
} | ||
|
||
if t.vpcAssociationPolicy.Spec.SecurityGroupIds != nil { | ||
spec.SecurityGroupIds = securityGroupIdsToStringPointersSlice(t.vpcAssociationPolicy.Spec.SecurityGroupIds) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
you can use aws.StringSlice
or aws.StringValueSlice
here to convert from []string
to []*string
and vice versa
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I found the aws.StringSlice(src []string)
can only accept []string
input param, but the t.vpcAssociationPolicy.Spec.SecurityGroupIds is actually []SecurityGroupId
cannot use that method
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
Just to be safe, can you rebase/merge with |
// by default it is true | ||
spec.AssociateToVPC = true | ||
// default associateToVPC is true | ||
associateToVPC := true | ||
if len(t.gateway.ObjectMeta.Annotations) > 0 { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I believe there's no need to check this here
|
||
if t.vpcAssociationPolicy != nil { | ||
if t.vpcAssociationPolicy.Spec.AssociateWithVpc != nil { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
did you set default value as true in the new CRD?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No, In CRD, by default it's empty
aws-application-networking-k8s/pkg/apis/applicationnetworking/v1alpha1/vpcassociationpolicy_types.go
Line 58 in 5204483
AssociateWithVpc *bool `json:"associateWithVpc,omitempty"` |
In the controller for both old and new logic, by default it is true
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
have you considered setting default value via kubebuilder annotation?
} | ||
func (b *serviceNetworkModelBuilder) Build(ctx context.Context, gw *gateway_api.Gateway) (core.Stack, *latticemodel.ServiceNetwork, error) { | ||
stack := core.NewDefaultStack(core.StackID(k8s.NamespacedName(gw))) | ||
|
||
vpcAssociationPolicy, err := GetAttachedPolicy(ctx, b.client, k8s.NamespacedName(gw), &v1alpha1.VpcAssociationPolicy{}) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
what happens if the policy is not found?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If policy not found, GetAttachedPolicy() retrun nil, nil, it will go ahead to execute the rest of logic. Unit test covered that
assert.Nil(t, err) |
New e2etest also pass
|
What type of PR is this? feature
Which issue does this PR fix: #199 part of security group api support, this PR don't include targets_synthesizer.go changes, so this PR will not pass security groups ids to the aws vpc lattice sdk, will do that in a next seperate PR
If an issue # is not available please add repro steps and logs from aws-gateway-controller showing the issue:
Testing done on this change:
Will this PR introduce any new dependencies?: No
Will this break upgrades or downgrades. Has updating a running cluster been tested?: No
Does this PR introduce any user-facing change?:
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.