Skip to content

Commit 07690ae

Browse files
rayaisaiahrayaisaiah
committed
updated engress policy check with egress allow all policy and added a helper to test functions
1 parent 079e7c0 commit 07690ae

File tree

1 file changed

+52
-67
lines changed

1 file changed

+52
-67
lines changed

tools/azure-npm-to-cilium-validator/azure-npm-to-cilium-validator_test.go

Lines changed: 52 additions & 67 deletions
Original file line numberDiff line numberDiff line change
@@ -112,30 +112,7 @@ func TestCheckEndportNetworkPolicies(t *testing.T) {
112112
},
113113
}
114114

115-
for _, tt := range tests {
116-
t.Run(tt.name, func(t *testing.T) {
117-
// Capture the logs
118-
var buf bytes.Buffer
119-
120-
// Replace the default logger with our custom logger
121-
originalLogger := log.Default()
122-
log.SetOutput(&buf)
123-
defer log.SetOutput(originalLogger.Writer())
124-
125-
result := checkEndportNetworkPolicies(tt.policiesByNamespace)
126-
if result != tt.expectedResult {
127-
t.Errorf("Expected %v, got %v", tt.expectedResult, result)
128-
}
129-
130-
// Verify logs
131-
logOutput := buf.String()
132-
for _, expectedLog := range tt.expectedLogs {
133-
if !strings.Contains(logOutput, expectedLog) {
134-
t.Errorf("Expected log containing %q, but not found", expectedLog)
135-
}
136-
}
137-
})
138-
}
115+
runTestWithLogs(t, tests, checkEndportNetworkPolicies)
139116
}
140117

141118
// Test function for checkCIDRNetworkPolicies
@@ -243,27 +220,7 @@ func TestCheckCIDRNetworkPolicies(t *testing.T) {
243220
},
244221
}
245222

246-
for _, tt := range tests {
247-
t.Run(tt.name, func(t *testing.T) {
248-
// Capture the logs
249-
var buf bytes.Buffer
250-
log.SetOutput(&buf)
251-
defer log.SetOutput(nil)
252-
253-
result := checkCIDRNetworkPolicies(tt.policiesByNamespace)
254-
if result != tt.expectedResult {
255-
t.Errorf("Expected %v, got %v", tt.expectedResult, result)
256-
}
257-
258-
// Verify logs
259-
logOutput := buf.String()
260-
for _, expectedLog := range tt.expectedLogs {
261-
if !strings.Contains(logOutput, expectedLog) {
262-
t.Errorf("Expected log containing %q, but not found", expectedLog)
263-
}
264-
}
265-
})
266-
}
223+
runTestWithLogs(t, tests, checkCIDRNetworkPolicies)
267224
}
268225

269226
// Test function for checkForEgressPolicies
@@ -304,11 +261,29 @@ func TestCheckForEgressPolicies(t *testing.T) {
304261
},
305262
},
306263
{
307-
name: "No egress policy present",
264+
name: "Allow all egress policy present",
308265
policiesByNamespace: map[string][]networkingv1.NetworkPolicy{
309266
"default": {
310267
{
311268
ObjectMeta: metav1.ObjectMeta{Name: "policy2"},
269+
Spec: networkingv1.NetworkPolicySpec{
270+
Egress: []networkingv1.NetworkPolicyEgressRule{},
271+
},
272+
},
273+
},
274+
},
275+
expectedResult: false,
276+
expectedLogs: []string{
277+
"NetworkPolicy with egress",
278+
"✅",
279+
},
280+
},
281+
{
282+
name: "No egress policy present",
283+
policiesByNamespace: map[string][]networkingv1.NetworkPolicy{
284+
"default": {
285+
{
286+
ObjectMeta: metav1.ObjectMeta{Name: "policy3"},
312287
Spec: networkingv1.NetworkPolicySpec{
313288
Ingress: []networkingv1.NetworkPolicyIngressRule{
314289
{
@@ -344,27 +319,7 @@ func TestCheckForEgressPolicies(t *testing.T) {
344319
},
345320
}
346321

347-
for _, tt := range tests {
348-
t.Run(tt.name, func(t *testing.T) {
349-
// Capture the logs
350-
var buf bytes.Buffer
351-
log.SetOutput(&buf)
352-
defer log.SetOutput(nil)
353-
354-
result := checkForEgressPolicies(tt.policiesByNamespace)
355-
if result != tt.expectedResult {
356-
t.Errorf("Expected %v, got %v", tt.expectedResult, result)
357-
}
358-
359-
// Verify logs
360-
logOutput := buf.String()
361-
for _, expectedLog := range tt.expectedLogs {
362-
if !strings.Contains(logOutput, expectedLog) {
363-
t.Errorf("Expected log containing %q, but not found", expectedLog)
364-
}
365-
}
366-
})
367-
}
322+
runTestWithLogs(t, tests, checkForEgressPolicies)
368323
}
369324

370325
// Test function for checkExternalTrafficPolicyServices
@@ -399,6 +354,36 @@ func TestCheckExternalTrafficPolicyServices(t *testing.T) {
399354
// }
400355
}
401356

357+
// Helper function to run tests and verify logs
358+
func runTestWithLogs(t *testing.T, tests []struct {
359+
name string
360+
policiesByNamespace map[string][]networkingv1.NetworkPolicy
361+
expectedResult bool
362+
expectedLogs []string
363+
}, testFunc func(map[string][]networkingv1.NetworkPolicy) bool) {
364+
for _, tt := range tests {
365+
t.Run(tt.name, func(t *testing.T) {
366+
// Capture the logs
367+
var buf bytes.Buffer
368+
log.SetOutput(&buf)
369+
defer log.SetOutput(nil)
370+
371+
result := testFunc(tt.policiesByNamespace)
372+
if result != tt.expectedResult {
373+
t.Errorf("Expected %v, got %v", tt.expectedResult, result)
374+
}
375+
376+
// Verify logs
377+
logOutput := buf.String()
378+
for _, expectedLog := range tt.expectedLogs {
379+
if !strings.Contains(logOutput, expectedLog) {
380+
t.Errorf("Expected log containing %q, but not found", expectedLog)
381+
}
382+
}
383+
})
384+
}
385+
}
386+
402387
// Helper function to create a pointer to an int32
403388
func int32Ptr(i int32) *int32 {
404389
return &i

0 commit comments

Comments
 (0)