@@ -95,10 +95,22 @@ func TestReconcileNCStatePrimaryIPChangeShouldFail(t *testing.T) {
9595 },
9696 }
9797
98- // now try to reconcile the state where the NC primary IP has changed
99- resp := svc .ReconcileIPAMStateForSwift (ncReqs , map [string ]cns.PodInfo {}, & v1alpha.NodeNetworkConfig {})
98+ // Create dummy CNS state file
99+ stateFile := "/var/lib/azure-network/azure-cns.json"
100+ _ = os .WriteFile (stateFile , []byte ("dummy" ), 0644 )
101+ defer os .Remove (stateFile )
102+
103+ defer func () {
104+ if r := recover (); r == nil {
105+ t .Errorf ("Expected panic on PrimaryCA mismatch, but did not panic" )
106+ }
107+ if _ , err := os .Stat (stateFile ); ! os .IsNotExist (err ) {
108+ t .Errorf ("Expected CNS state file to be deleted, but it still exists" )
109+ }
110+ }()
100111
101- assert .Equal (t , types .PrimaryCANotSame , resp )
112+ // now try to reconcile the state where the NC primary IP has changed
113+ _ = svc .ReconcileIPAMStateForSwift (ncReqs , map [string ]cns.PodInfo {}, & v1alpha.NodeNetworkConfig {})
102114}
103115
104116// TestReconcileNCStateGatewayChange tests that NC state gets updated when reconciled
@@ -1680,3 +1692,49 @@ func setupIMDSMockAPIsWithCustomIDs(svc *HTTPRestService, interfaceIDs []string)
16801692 // Return cleanup function
16811693 return func () { svc .imdsClient = originalIMDS }
16821694}
1695+
1696+ func TestCreateOrUpdateNCInternal_PrimaryCAMismatchShouldPanicAndDeleteStateFile (t * testing.T ) {
1697+ restartService ()
1698+ setEnv (t )
1699+ setOrchestratorTypeInternal (cns .KubernetesCRD )
1700+
1701+ // Step 1: Create initial NC with PrimaryCA "10.0.0.5/24"
1702+ secondaryIPConfigs := make (map [string ]cns.SecondaryIPConfig )
1703+ ipaddress := "10.0.0.6"
1704+ secIpConfig := newSecondaryIPConfig (ipaddress , - 1 )
1705+ ipId := uuid .New ()
1706+ secondaryIPConfigs [ipId .String ()] = secIpConfig
1707+
1708+ ncId := "test-nc"
1709+ ncVersion := "-1"
1710+ req := generateNetworkContainerRequest (secondaryIPConfigs , ncId , ncVersion )
1711+ req .IPConfiguration .IPSubnet .IPAddress = "10.0.0.5"
1712+ req .IPConfiguration .IPSubnet .PrefixLength = 24
1713+ returnCode := svc .CreateOrUpdateNetworkContainerInternal (req )
1714+ if returnCode != 0 {
1715+ t .Fatalf ("Failed to createNetworkContainerRequest, req: %+v, err: %d" , req , returnCode )
1716+ }
1717+ validateNetworkRequest (t , * req )
1718+
1719+ // Step 2: Prepare a request with a different PrimaryCA
1720+ reqMismatch := generateNetworkContainerRequest (secondaryIPConfigs , ncId , ncVersion )
1721+ reqMismatch .IPConfiguration .IPSubnet .IPAddress = "10.0.0.7" // different IP
1722+ reqMismatch .IPConfiguration .IPSubnet .PrefixLength = 24
1723+
1724+ // Step 3: Create dummy CNS state file
1725+ stateFile := "/var/lib/azure-network/azure-cns.json"
1726+ _ = os .WriteFile (stateFile , []byte ("dummy" ), 0644 )
1727+ defer os .Remove (stateFile )
1728+
1729+ defer func () {
1730+ if r := recover (); r == nil {
1731+ t .Errorf ("Expected panic on PrimaryCA mismatch, but did not panic" )
1732+ }
1733+ if _ , err := os .Stat (stateFile ); ! os .IsNotExist (err ) {
1734+ t .Errorf ("Expected CNS state file to be deleted, but it still exists" )
1735+ }
1736+ }()
1737+
1738+ // Step 4: Should panic and delete state file
1739+ svc .CreateOrUpdateNetworkContainerInternal (reqMismatch )
1740+ }
0 commit comments