Skip to content

Commit 98900d8

Browse files
committed
refactored get default deny acl function
1 parent 5d3874c commit 98900d8

File tree

3 files changed

+9
-6
lines changed

3 files changed

+9
-6
lines changed

cns/middlewares/k8sSwiftV2.go

Lines changed: 6 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -82,11 +82,14 @@ func (k *K8sSWIFTv2Middleware) IPConfigsRequestHandlerWrapper(defaultHandler, fa
8282
// Set routes for the pod
8383
for i := range ipConfigsResp.PodIPInfo {
8484
ipInfo := &ipConfigsResp.PodIPInfo[i]
85+
if defaultDenyACLbool {
86+
err := addDefaultDenyACL(ipInfo)
87+
if err != nil {
88+
errors.Wrapf(err, "failed to add default deny acl's for pod %s", podInfo.Name())
89+
}
90+
}
8591
// Backend nics doesn't need routes to be set
8692
if ipInfo.NICType != cns.BackendNIC {
87-
if defaultDenyACLbool {
88-
k.addDefaultDenyAcl(ipInfo)
89-
}
9093
err = k.setRoutes(ipInfo)
9194
if err != nil {
9295
return &cns.IPConfigsResponse{

cns/middlewares/k8sSwiftV2_linux.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -104,6 +104,6 @@ func (k *K8sSWIFTv2Middleware) assignSubnetPrefixLengthFields(_ *cns.PodIpInfo,
104104

105105
func (k *K8sSWIFTv2Middleware) addDefaultRoute(*cns.PodIpInfo, string) {}
106106

107-
func (k *K8sSWIFTv2Middleware) addDefaultDenyAcl(podIPInfo *cns.PodIpInfo) error {
107+
func addDefaultDenyACL(podIPInfo *cns.PodIpInfo) error {
108108
return nil
109109
}

cns/middlewares/k8sSwiftV2_windows.go

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -64,7 +64,7 @@ func (k *K8sSWIFTv2Middleware) addDefaultRoute(podIPInfo *cns.PodIpInfo, gwIP st
6464
podIPInfo.Routes = append(podIPInfo.Routes, route)
6565
}
6666

67-
func (k *K8sSWIFTv2Middleware) addDefaultDenyAcl(podIPInfo *cns.PodIpInfo) error {
67+
func addDefaultDenyACL(podIPInfo *cns.PodIpInfo) error {
6868
additionalArgs := []cni.KVPair{
6969
{
7070
Name: "EndpointPolicy",
@@ -75,7 +75,7 @@ func (k *K8sSWIFTv2Middleware) addDefaultDenyAcl(podIPInfo *cns.PodIpInfo) error
7575
Value: getDefaultDenyACLPolicy(hcn.DirectionTypeIn),
7676
},
7777
}
78-
podIPInfo.DefaultDenyACL = append(podIPInfo.DefaultDenyACL, additionalArgs...) //insert acl here
78+
podIPInfo.DefaultDenyACL = append(podIPInfo.DefaultDenyACL, additionalArgs...)
7979
return nil
8080
}
8181

0 commit comments

Comments
 (0)