kubernetes-sigs
diff --git a/‎cloud/scope/powervs_cluster.go
Lines changed: 8 additions & 8 deletions b/‎cloud/scope/powervs_cluster.go
Lines changed: 8 additions & 8 deletions
@@ -1259,7 +1259,7 @@ func (s *PowerVSClusterScope) ReconcileVPCSecurityGroups() error {
 		if securityGroup.Name != nil {
 			securityGroupID, securityGroupRuleIDs, _ = s.GetVPCSecurityGroupByName(*securityGroup.Name)
 		} else {
-			_, securityGroupRuleIDs, _ = s.GetVPCSecurityGroupByID(*securityGroup.ID)
+			securityGroupID, securityGroupRuleIDs, _ = s.GetVPCSecurityGroupByID(*securityGroup.ID)
 		}
 
 		if securityGroupID != nil && securityGroupRuleIDs != nil {
@@ -1333,7 +1333,7 @@ func (s *PowerVSClusterScope) createVPCSecurityGroupRule(securityGroupID, direct
 			if err != nil {
 				return fmt.Errorf("failed to find VPC security group by name '%s', err: %w", *remote.SecurityGroupName, err)
 			}
-			if sg.Name != nil {
+			if sg == nil {
 				return fmt.Errorf("VPC security group by name '%s' does not exist", *remote.SecurityGroupName)
 			}
 			s.V(3).Info("Creating VPC security group rule", "securityGroupID", *securityGroupID, "direction", *direction, "protocol", *protocol, "securityGroup", *remote.SecurityGroupName, "securityGroupCRN", *sg.CRN)
@@ -1511,10 +1511,6 @@ func (s *PowerVSClusterScope) validateSecurityGroupRule(originalSecurityGroupRul
 	}
 
 	protocol := string(rule.Protocol)
-	portMin := rule.PortRange.MinimumPort
-	portMax := rule.PortRange.MaximumPort
-	icmpCode := rule.ICMPCode
-	icmpType := rule.ICMPType
 
 	for _, ogRuleIntf := range originalSecurityGroupRules {
 		switch reflect.TypeOf(ogRuleIntf).String() {
@@ -1531,6 +1527,8 @@ func (s *PowerVSClusterScope) validateSecurityGroupRule(originalSecurityGroupRul
 				}
 			}
 		case "*vpcv1.SecurityGroupRuleSecurityGroupRuleProtocolTcpudp":
+			portMin := rule.PortRange.MinimumPort
+			portMax := rule.PortRange.MaximumPort
 			ogRule := ogRuleIntf.(*vpcv1.SecurityGroupRuleSecurityGroupRuleProtocolTcpudp)
 			ruleID = ogRule.ID
 
@@ -1543,6 +1541,8 @@ func (s *PowerVSClusterScope) validateSecurityGroupRule(originalSecurityGroupRul
 				}
 			}
 		case "*vpcv1.SecurityGroupRuleSecurityGroupRuleProtocolIcmp":
+			icmpCode := rule.ICMPCode
+			icmpType := rule.ICMPType
 			ogRule := ogRuleIntf.(*vpcv1.SecurityGroupRuleSecurityGroupRuleProtocolIcmp)
 			ruleID = ogRule.ID
 
@@ -1624,7 +1624,7 @@ func (s *PowerVSClusterScope) validateVPCSecurityGroup(securityGroup infrav1beta
 			return nil, nil, nil
 		}
 	}
-	if securityGroupDet != nil && *securityGroupDet.VPC.ID != *s.GetVPCID() {
+	if securityGroupDet.VPC == nil || securityGroupDet.VPC.ID == nil || *securityGroupDet.VPC.ID != *s.GetVPCID() {
 		return nil, nil, fmt.Errorf("VPC security group by name exists but is not attached to VPC")
 	}
 
@@ -1633,7 +1633,7 @@ func (s *PowerVSClusterScope) validateVPCSecurityGroup(securityGroup infrav1beta
 		return nil, nil, fmt.Errorf("failed to validate VPC security group rules: %v", err)
 	}
 	if !ok {
-		if _, _, controllerCreated := s.GetVPCSecurityGroupByName(*securityGroup.Name); !*controllerCreated {
+		if _, _, controllerCreated := s.GetVPCSecurityGroupByName(*securityGroup.Name); controllerCreated != nil && !*controllerCreated {
 			return nil, nil, fmt.Errorf("VPC security group by name exists but rules are not matching")
 		}
 		return nil, nil, s.createVPCSecurityGroupRulesAndSetStatus(securityGroup.Rules, securityGroupDet.ID, securityGroupDet.Name)
Original file line number	Diff line number	Diff line change
`@@ -1259,7 +1259,7 @@ func (s *PowerVSClusterScope) ReconcileVPCSecurityGroups() error {`
`1259`	`1259`	`if securityGroup.Name != nil {`
`1260`	`1260`	`securityGroupID, securityGroupRuleIDs, _ = s.GetVPCSecurityGroupByName(*securityGroup.Name)`
`1261`	`1261`	`} else {`
`1262`		`- _, securityGroupRuleIDs, _ = s.GetVPCSecurityGroupByID(*securityGroup.ID)`
	`1262`	`+ securityGroupID, securityGroupRuleIDs, _ = s.GetVPCSecurityGroupByID(*securityGroup.ID)`
`1263`	`1263`	`}`
`1264`	`1264`
`1265`	`1265`	`if securityGroupID != nil && securityGroupRuleIDs != nil {`
`@@ -1333,7 +1333,7 @@ func (s *PowerVSClusterScope) createVPCSecurityGroupRule(securityGroupID, direct`
`1333`	`1333`	`if err != nil {`
`1334`	`1334`	`return fmt.Errorf("failed to find VPC security group by name '%s', err: %w", *remote.SecurityGroupName, err)`
`1335`	`1335`	`}`
`1336`		`- if sg.Name != nil {`
	`1336`	`+ if sg == nil {`
`1337`	`1337`	`return fmt.Errorf("VPC security group by name '%s' does not exist", *remote.SecurityGroupName)`
`1338`	`1338`	`}`
`1339`	`1339`	`s.V(3).Info("Creating VPC security group rule", "securityGroupID", securityGroupID, "direction", direction, "protocol", protocol, "securityGroup", remote.SecurityGroupName, "securityGroupCRN", *sg.CRN)`
`@@ -1511,10 +1511,6 @@ func (s *PowerVSClusterScope) validateSecurityGroupRule(originalSecurityGroupRul`
`1511`	`1511`	`}`
`1512`	`1512`
`1513`	`1513`	`protocol := string(rule.Protocol)`
`1514`		`- portMin := rule.PortRange.MinimumPort`
`1515`		`- portMax := rule.PortRange.MaximumPort`
`1516`		`- icmpCode := rule.ICMPCode`
`1517`		`- icmpType := rule.ICMPType`
`1518`	`1514`
`1519`	`1515`	`for _, ogRuleIntf := range originalSecurityGroupRules {`
`1520`	`1516`	`switch reflect.TypeOf(ogRuleIntf).String() {`
`@@ -1531,6 +1527,8 @@ func (s *PowerVSClusterScope) validateSecurityGroupRule(originalSecurityGroupRul`
`1531`	`1527`	`}`
`1532`	`1528`	`}`
`1533`	`1529`	`case "*vpcv1.SecurityGroupRuleSecurityGroupRuleProtocolTcpudp":`
	`1530`	`+ portMin := rule.PortRange.MinimumPort`
	`1531`	`+ portMax := rule.PortRange.MaximumPort`
`1534`	`1532`	`ogRule := ogRuleIntf.(*vpcv1.SecurityGroupRuleSecurityGroupRuleProtocolTcpudp)`
`1535`	`1533`	`ruleID = ogRule.ID`
`1536`	`1534`
`@@ -1543,6 +1541,8 @@ func (s *PowerVSClusterScope) validateSecurityGroupRule(originalSecurityGroupRul`
`1543`	`1541`	`}`
`1544`	`1542`	`}`
`1545`	`1543`	`case "*vpcv1.SecurityGroupRuleSecurityGroupRuleProtocolIcmp":`
	`1544`	`+ icmpCode := rule.ICMPCode`
	`1545`	`+ icmpType := rule.ICMPType`
`1546`	`1546`	`ogRule := ogRuleIntf.(*vpcv1.SecurityGroupRuleSecurityGroupRuleProtocolIcmp)`
`1547`	`1547`	`ruleID = ogRule.ID`
`1548`	`1548`
`@@ -1624,7 +1624,7 @@ func (s *PowerVSClusterScope) validateVPCSecurityGroup(securityGroup infrav1beta`
`1624`	`1624`	`return nil, nil, nil`
`1625`	`1625`	`}`
`1626`	`1626`	`}`
`1627`		`- if securityGroupDet != nil && securityGroupDet.VPC.ID != s.GetVPCID() {`
	`1627`	`+ if securityGroupDet.VPC == nil \|\| securityGroupDet.VPC.ID == nil \|\| securityGroupDet.VPC.ID != s.GetVPCID() {`
`1628`	`1628`	`return nil, nil, fmt.Errorf("VPC security group by name exists but is not attached to VPC")`
`1629`	`1629`	`}`
`1630`	`1630`
`@@ -1633,7 +1633,7 @@ func (s *PowerVSClusterScope) validateVPCSecurityGroup(securityGroup infrav1beta`
`1633`	`1633`	`return nil, nil, fmt.Errorf("failed to validate VPC security group rules: %v", err)`
`1634`	`1634`	`}`
`1635`	`1635`	`if !ok {`
`1636`		`- if _, _, controllerCreated := s.GetVPCSecurityGroupByName(securityGroup.Name); !controllerCreated {`
	`1636`	`+ if _, _, controllerCreated := s.GetVPCSecurityGroupByName(securityGroup.Name); controllerCreated != nil && !controllerCreated {`
`1637`	`1637`	`return nil, nil, fmt.Errorf("VPC security group by name exists but rules are not matching")`
`1638`	`1638`	`}`
`1639`	`1639`	`return nil, nil, s.createVPCSecurityGroupRulesAndSetStatus(securityGroup.Rules, securityGroupDet.ID, securityGroupDet.Name)`