Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Read VpcAssociationPolicy value in the model_build_servicenetwork #407

Merged

Conversation

zijun726911
Copy link
Contributor

@zijun726911 zijun726911 commented Sep 20, 2023

What type of PR is this? feature

Which issue does this PR fix: #199 part of security group api support, this PR don't include targets_synthesizer.go changes, so this PR will not pass security groups ids to the aws vpc lattice sdk, will do that in a next seperate PR

If an issue # is not available please add repro steps and logs from aws-gateway-controller showing the issue:

Testing done on this change:

  • Add extra unit tests
  • e2etest all pass
Ran 31 of 31 Specs in 2239.955 seconds
SUCCESS! -- 31 Passed | 0 Failed | 0 Pending | 0 Skipped
--- PASS: TestIntegration (2240.27s)
PASS

Will this PR introduce any new dependencies?: No

Will this break upgrades or downgrades. Has updating a running cluster been tested?: No

Does this PR introduce any user-facing change?:


By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@zijun726911 zijun726911 force-pushed the sg_api_model_build_servicenetwork_changes branch 2 times, most recently from efd824e to 062f883 Compare September 20, 2023 20:49
@coveralls
Copy link

coveralls commented Sep 20, 2023

Pull Request Test Coverage Report for Build 6264742445

  • 30 of 33 (90.91%) changed or added relevant lines in 2 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage increased (+0.07%) to 39.353%

Changes Missing Coverage Covered Lines Changed/Added Lines %
controllers/gateway_controller.go 0 1 0.0%
pkg/gateway/model_build_servicenetwork.go 30 32 93.75%
Totals Coverage Status
Change from base Build 6253500649: 0.07%
Covered Lines: 4075
Relevant Lines: 10355

💛 - Coveralls

@zijun726911 zijun726911 force-pushed the sg_api_model_build_servicenetwork_changes branch from 062f883 to bc3607c Compare September 20, 2023 20:53
Name string `json:"name"`
Namespace string `json:"namespace"`
Account string `json:"account"`
SecurityGroupIds []*string `json:"securityGroupIds"`
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

aws vpc lattice go sdk use the []*string type to pass the security group ids, keep it in the same type here

@zijun726911 zijun726911 force-pushed the sg_api_model_build_servicenetwork_changes branch from bc3607c to 8893809 Compare September 20, 2023 20:59
@zijun726911 zijun726911 requested a review from solmonk September 20, 2023 23:15
mesh *latticemodel.ServiceNetwork
gateway *gateway_api.Gateway
vpcAssociationPolicy *v1alpha1.VpcAssociationPolicy
mesh *latticemodel.ServiceNetwork
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can you rename mesh here?

} else {
spec.AssociateToVPC = false
associateToVPC = false
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: can be associateToVPC = value == "true"

}

if t.vpcAssociationPolicy.Spec.SecurityGroupIds != nil {
spec.SecurityGroupIds = securityGroupIdsToStringPointersSlice(t.vpcAssociationPolicy.Spec.SecurityGroupIds)
Copy link
Contributor

@scottlaiaws scottlaiaws Sep 21, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

you can use aws.StringSlice or aws.StringValueSlice here to convert from []string to []*string and vice versa

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I found the aws.StringSlice(src []string) can only accept []string input param, but the t.vpcAssociationPolicy.Spec.SecurityGroupIds is actually []SecurityGroupId cannot use that method

Copy link
Contributor

@scottlaiaws scottlaiaws left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@scottlaiaws
Copy link
Contributor

Just to be safe, can you rebase/merge with upsteram/main and run the e2e tests again? I added a test case in my previous PR #406

// by default it is true
spec.AssociateToVPC = true
// default associateToVPC is true
associateToVPC := true
if len(t.gateway.ObjectMeta.Annotations) > 0 {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I believe there's no need to check this here


if t.vpcAssociationPolicy != nil {
if t.vpcAssociationPolicy.Spec.AssociateWithVpc != nil {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

did you set default value as true in the new CRD?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No, In CRD, by default it's empty

AssociateWithVpc *bool `json:"associateWithVpc,omitempty"`

In the controller for both old and new logic, by default it is true

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

have you considered setting default value via kubebuilder annotation?

}
func (b *serviceNetworkModelBuilder) Build(ctx context.Context, gw *gateway_api.Gateway) (core.Stack, *latticemodel.ServiceNetwork, error) {
stack := core.NewDefaultStack(core.StackID(k8s.NamespacedName(gw)))

vpcAssociationPolicy, err := GetAttachedPolicy(ctx, b.client, k8s.NamespacedName(gw), &v1alpha1.VpcAssociationPolicy{})
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

what happens if the policy is not found?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If policy not found, GetAttachedPolicy() retrun nil, nil, it will go ahead to execute the rest of logic. Unit test covered that

@zijun726911
Copy link
Contributor Author

New e2etest also pass

Ran 32 of 32 Specs in 2112.850 seconds
SUCCESS! -- 32 Passed | 0 Failed | 0 Pending | 0 Skipped
--- PASS: TestIntegration (2113.15s)
PASS

@zijun726911 zijun726911 merged commit d716a0f into aws:main Sep 21, 2023
5 checks passed
@zijun726911 zijun726911 deleted the sg_api_model_build_servicenetwork_changes branch October 3, 2023 19:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants