refactored get default deny acl function

rejain789 · rejain789 · commit 98900d87cd54 · 2024-12-03T15:44:33.000-08:00
diff --git a/cns/middlewares/k8sSwiftV2.go b/cns/middlewares/k8sSwiftV2.go
@@ -82,11 +82,14 @@ func (k *K8sSWIFTv2Middleware) IPConfigsRequestHandlerWrapper(defaultHandler, fa
 		// Set routes for the pod
 		for i := range ipConfigsResp.PodIPInfo {
 			ipInfo := &ipConfigsResp.PodIPInfo[i]
+			if defaultDenyACLbool {
+				err := addDefaultDenyACL(ipInfo)
+				if err != nil {
+					errors.Wrapf(err, "failed to add default deny acl's for pod %s", podInfo.Name())
+				}
+			}
 			// Backend nics doesn't need routes to be set
 			if ipInfo.NICType != cns.BackendNIC {
-				if defaultDenyACLbool {
-					k.addDefaultDenyAcl(ipInfo)
-				}
 				err = k.setRoutes(ipInfo)
 				if err != nil {
 					return &cns.IPConfigsResponse{
diff --git a/cns/middlewares/k8sSwiftV2_linux.go b/cns/middlewares/k8sSwiftV2_linux.go
@@ -104,6 +104,6 @@ func (k *K8sSWIFTv2Middleware) assignSubnetPrefixLengthFields(_ *cns.PodIpInfo,
 
 func (k *K8sSWIFTv2Middleware) addDefaultRoute(*cns.PodIpInfo, string) {}
 
-func (k *K8sSWIFTv2Middleware) addDefaultDenyAcl(podIPInfo *cns.PodIpInfo) error {
+func addDefaultDenyACL(podIPInfo *cns.PodIpInfo) error {
 	return nil
 }
diff --git a/cns/middlewares/k8sSwiftV2_windows.go b/cns/middlewares/k8sSwiftV2_windows.go
@@ -64,7 +64,7 @@ func (k *K8sSWIFTv2Middleware) addDefaultRoute(podIPInfo *cns.PodIpInfo, gwIP st
 	podIPInfo.Routes = append(podIPInfo.Routes, route)
 }
 
-func (k *K8sSWIFTv2Middleware) addDefaultDenyAcl(podIPInfo *cns.PodIpInfo) error {
+func addDefaultDenyACL(podIPInfo *cns.PodIpInfo) error {
 	additionalArgs := []cni.KVPair{
 		{
 			Name:  "EndpointPolicy",
@@ -75,7 +75,7 @@ func (k *K8sSWIFTv2Middleware) addDefaultDenyAcl(podIPInfo *cns.PodIpInfo) error
 			Value: getDefaultDenyACLPolicy(hcn.DirectionTypeIn),
 		},
 	}
-	podIPInfo.DefaultDenyACL = append(podIPInfo.DefaultDenyACL, additionalArgs...) //insert acl here
+	podIPInfo.DefaultDenyACL = append(podIPInfo.DefaultDenyACL, additionalArgs...)
 	return nil
 }
 

Original file line number	Diff line number	Diff line change
`@@ -104,6 +104,6 @@ func (k K8sSWIFTv2Middleware) assignSubnetPrefixLengthFields(_ cns.PodIpInfo,`
`104`	`104`
`105`	`105`	`func (k K8sSWIFTv2Middleware) addDefaultRoute(cns.PodIpInfo, string) {}`
`106`	`106`
`107`		`-func (k K8sSWIFTv2Middleware) addDefaultDenyAcl(podIPInfo cns.PodIpInfo) error {`
	`107`	`+func addDefaultDenyACL(podIPInfo *cns.PodIpInfo) error {`
`108`	`108`	`return nil`
`109`	`109`	`}`
Original file line number	Diff line number	Diff line change
`@@ -64,7 +64,7 @@ func (k K8sSWIFTv2Middleware) addDefaultRoute(podIPInfo cns.PodIpInfo, gwIP st`
`64`	`64`	`podIPInfo.Routes = append(podIPInfo.Routes, route)`
`65`	`65`	`}`
`66`	`66`
`67`		`-func (k K8sSWIFTv2Middleware) addDefaultDenyAcl(podIPInfo cns.PodIpInfo) error {`
	`67`	`+func addDefaultDenyACL(podIPInfo *cns.PodIpInfo) error {`
`68`	`68`	`additionalArgs := []cni.KVPair{`
`69`	`69`	`{`
`70`	`70`	`Name: "EndpointPolicy",`
`@@ -75,7 +75,7 @@ func (k K8sSWIFTv2Middleware) addDefaultDenyAcl(podIPInfo cns.PodIpInfo) error`
`75`	`75`	`Value: getDefaultDenyACLPolicy(hcn.DirectionTypeIn),`
`76`	`76`	`},`
`77`	`77`	`}`
`78`		`- podIPInfo.DefaultDenyACL = append(podIPInfo.DefaultDenyACL, additionalArgs...) //insert acl here`
	`78`	`+ podIPInfo.DefaultDenyACL = append(podIPInfo.DefaultDenyACL, additionalArgs...)`
`79`	`79`	`return nil`
`80`	`80`	`}`
`81`	`81`