diff --git a/src/proxy/inbound.rs b/src/proxy/inbound.rs index 2a375d329..03ae2c10f 100644 --- a/src/proxy/inbound.rs +++ b/src/proxy/inbound.rs @@ -623,19 +623,13 @@ mod test { }; let from_gw_conn = Connection { src_identity: Some(gateawy_id), - src: SocketAddr::V4(SocketAddrV4::new( - IpAddr::V4(mock_default_gateway_ipaddr()), - 9999, - )), + src: SocketAddr::V4(SocketAddrV4::new(mock_default_gateway_ipaddr(), 9999)), dst_network: "default".to_string(), dst: SocketAddr::V4(SocketAddrV4::new(Ipv4Addr::new(127, 0, 0, 10), 80)), }; let not_from_gw_conn = Connection { src_identity: Some(Identity::default()), - src: SocketAddr::V4(SocketAddrV4::new( - IpAddr::V4(Ipv4Addr::new(127, 0, 0, 1)), - 9999, - )), + src: SocketAddr::V4(SocketAddrV4::new(Ipv4Addr::new(127, 0, 0, 1), 9999)), dst_network: "default".to_string(), dst: SocketAddr::V4(SocketAddrV4::new(Ipv4Addr::new(127, 0, 0, 10), 80)), }; @@ -741,7 +735,7 @@ mod test { hostname: "gateway".to_string(), vips, ports, - waypoints, + waypoints: Default::default(), endpoints, subject_alt_names: vec![], } diff --git a/src/rbac.rs b/src/rbac.rs index c086337f8..3997ef1ca 100644 --- a/src/rbac.rs +++ b/src/rbac.rs @@ -405,6 +405,7 @@ impl From<&XdsStringMatch> for Option { #[cfg(test)] mod tests { use test_case::test_case; + use std::net::IpAddr; use super::*; @@ -440,7 +441,7 @@ mod tests { fn plaintext_conn() -> Connection { Connection { src_identity: None, - src: IpAddr::from([127, 0, 0, 1]), + src: SocketAddr::new(IpAddr::from([127, 0, 0, 1]), 9999), dst_network: "".to_string(), dst: "127.0.0.2:8080".parse().unwrap(), } @@ -453,7 +454,7 @@ mod tests { namespace: "namespace".to_string(), service_account: "account".to_string(), }), - src: IpAddr::from([127, 0, 0, 1]), + src: SocketAddr::new(IpAddr::from([127, 0, 0, 1]), 9999), dst_network: "".to_string(), dst: "127.0.0.2:8080".parse().unwrap(), } @@ -466,7 +467,7 @@ mod tests { namespace: "ns-alt".to_string(), service_account: "sa=alt".to_string(), }), - src: IpAddr::from([127, 0, 0, 3]), + src: SocketAddr::new(IpAddr::from([127, 0, 0, 3]), 9999), dst_network: "".to_string(), dst: "127.0.0.4:9090".parse().unwrap(), } @@ -514,7 +515,7 @@ mod tests { namespace: "a".to_string(), service_account: "account".to_string(), }), - src: IpAddr::from([127, 0, 0, 1]), + src: SocketAddr::new(IpAddr::from([127, 0, 0, 1]), 9999), dst_network: "".to_string(), dst: "127.0.0.2:80".parse().unwrap(), })); @@ -524,7 +525,7 @@ mod tests { namespace: "b".to_string(), service_account: "account".to_string(), }), - src: IpAddr::from([127, 0, 0, 1]), + src: SocketAddr::new(IpAddr::from([127, 0, 0, 1]), 9999), dst_network: "".to_string(), dst: "127.0.0.2:80".parse().unwrap(), })); @@ -535,7 +536,7 @@ mod tests { namespace: "b".to_string(), service_account: "account".to_string(), }), - src: IpAddr::from([127, 0, 0, 1]), + src: SocketAddr::new(IpAddr::from([127, 0, 0, 1]), 9999), dst_network: "remote".to_string(), dst: "127.0.0.2:80".parse().unwrap(), })); @@ -546,7 +547,7 @@ mod tests { namespace: "bad".to_string(), service_account: "account".to_string(), }), - src: IpAddr::from([127, 0, 0, 1]), + src: SocketAddr::new(IpAddr::from([127, 0, 0, 1]), 9999), dst_network: "".to_string(), dst: "127.0.0.2:80".parse().unwrap(), })); @@ -557,7 +558,7 @@ mod tests { namespace: "b".to_string(), service_account: "account".to_string(), }), - src: IpAddr::from([127, 0, 0, 1]), + src: SocketAddr::new(IpAddr::from([127, 0, 0, 1]), 9999), dst_network: "".to_string(), dst: "127.0.0.2:12345".parse().unwrap(), })); @@ -585,7 +586,7 @@ mod tests { namespace: "a".to_string(), service_account: "account".to_string(), }), - src: IpAddr::from([127, 0, 0, 1]), + src: SocketAddr::new(IpAddr::from([127, 0, 0, 1]), 9999), dst_network: "".to_string(), dst: "127.0.0.2:80".parse().unwrap(), })); @@ -595,7 +596,7 @@ mod tests { namespace: "b".to_string(), service_account: "account".to_string(), }), - src: IpAddr::from([127, 0, 0, 1]), + src: SocketAddr::new(IpAddr::from([127, 0, 0, 1]), 9999), dst_network: "".to_string(), dst: "127.0.0.2:80".parse().unwrap(), })); @@ -606,7 +607,7 @@ mod tests { namespace: "bad".to_string(), service_account: "account".to_string(), }), - src: IpAddr::from([127, 0, 0, 1]), + src: SocketAddr::new(IpAddr::from([127, 0, 0, 1]), 9999), dst_network: "".to_string(), dst: "127.0.0.2:80".parse().unwrap(), })); diff --git a/src/test_helpers.rs b/src/test_helpers.rs index e5b1166cf..a1ded3939 100644 --- a/src/test_helpers.rs +++ b/src/test_helpers.rs @@ -177,14 +177,14 @@ pub fn mock_default_service() -> Service { let vips = vec![vip1]; let mut ports = HashMap::new(); ports.insert(8080, 80); - let endpoints = HashMap::new(); Service { name: "".to_string(), namespace: "default".to_string(), hostname: "defaulthost".to_string(), vips, ports, - endpoints, + endpoints: Default::default(), + waypoints: Default:: default(), subject_alt_names: vec![], } } @@ -287,6 +287,7 @@ fn test_custom_svc( port: HashMap::from([(80u16, echo_port)]), }, )]), + waypoints: Default::default(), subject_alt_names: vec!["spiffe://cluster.local/ns/default/sa/default".to_string()], }) } diff --git a/src/test_helpers/linux.rs b/src/test_helpers/linux.rs index 371bab74a..ed4d7fd4f 100644 --- a/src/test_helpers/linux.rs +++ b/src/test_helpers/linux.rs @@ -206,6 +206,7 @@ impl<'a> TestServiceBuilder<'a> { vips: vec![], ports: Default::default(), endpoints: Default::default(), // populated later when workloads are added + waypoints: Default::default(), // populated later when workloads are added subject_alt_names: vec![], }, manager, @@ -345,6 +346,7 @@ impl<'a> TestWorkloadBuilder<'a> { let mut svc = self.manager.services.get(&service_name).unwrap().clone(); let ep_uid = endpoint_uid(&self.w.workload.uid, Some(&ep_network_addr)); svc.endpoints.insert(ep_uid, ep.clone()); + svc.insert_waypoint(&self.w.workload); } } diff --git a/src/xds/client.rs b/src/xds/client.rs index e39364860..6d5e4c9e9 100644 --- a/src/xds/client.rs +++ b/src/xds/client.rs @@ -908,7 +908,7 @@ mod tests { let conn = crate::rbac::Connection{ dst: std::net::SocketAddr::new(std::net::Ipv4Addr::new(1, 2, 3, 4).into(), 80), src_identity: None, - src: std::net::Ipv4Addr::new(1, 2,3, 5).into(), + src: std::net::SocketAddr::new(std::net::Ipv4Addr::new(1, 2,3, 5).into(), 9999), dst_network: "".to_string(), }; // rbac should reject port 80