Skip to content

Commit d036ef2

Browse files
squeedsqueed
committed
pkg/policy: convert rule_test.go to use Lookup
This PR transitions the tests away from the SearchContext (which doesn't actually test the production policy engine), and to the real policy resolution functions. The tests themselves are unchanged, with one major exception: SearchContext handled L7 overlapping selectors differently than production. So, the expected results had to be adjusted. Again, this is how the policy engine *actually* works, so this is ultimately the correct result. Signed-off-by: Casey Callendrello <[email protected]>
1 parent bb8582c commit d036ef2

File tree

2 files changed

+725
-1033
lines changed

2 files changed

+725
-1033
lines changed

Diff for: pkg/policy/l4_filter_test.go

+19-2
Original file line numberDiff line numberDiff line change
@@ -44,6 +44,7 @@ type testData struct {
4444
testPolicyContext *testPolicyContextType
4545

4646
cachedSelectorA CachedSelector
47+
cachedSelectorB CachedSelector
4748
cachedSelectorC CachedSelector
4849
cachedSelectorHost CachedSelector
4950
wildcardCachedSelector CachedSelector
@@ -67,6 +68,7 @@ func newTestData() *testData {
6768
td.wildcardCachedSelector, _ = td.sc.AddIdentitySelector(dummySelectorCacheUser, nil, api.WildcardEndpointSelector)
6869

6970
td.cachedSelectorA, _ = td.sc.AddIdentitySelector(dummySelectorCacheUser, nil, endpointSelectorA)
71+
td.cachedSelectorB, _ = td.sc.AddIdentitySelector(dummySelectorCacheUser, nil, endpointSelectorB)
7072
td.cachedSelectorC, _ = td.sc.AddIdentitySelector(dummySelectorCacheUser, nil, endpointSelectorC)
7173
td.cachedSelectorHost, _ = td.sc.AddIdentitySelector(dummySelectorCacheUser, nil, hostSelector)
7274

@@ -79,11 +81,26 @@ func newTestData() *testData {
7981
return td
8082
}
8183

84+
// withIDs loads the set of IDs in to the SelectorCache. Returns
85+
// the same testData for easy chaining.
86+
func (td *testData) withIDs(initIDs ...identity.IdentityMap) *testData {
87+
initial := identity.IdentityMap{}
88+
for _, im := range initIDs {
89+
for id, lbls := range im {
90+
initial[id] = lbls
91+
}
92+
}
93+
wg := &sync.WaitGroup{}
94+
td.sc.UpdateIdentities(initial, nil, wg)
95+
wg.Wait()
96+
return td
97+
}
98+
8299
// resetRepo clears only the policy repository.
83100
// Some tests rely on the accumulated state, but a clean repo.
84101
func (td *testData) resetRepo() *Repository {
85-
td.repo = NewPolicyRepository(nil, nil, nil, nil, api.NewPolicyMetricsNoop())
86-
td.repo.selectorCache = td.sc
102+
103+
td.repo.ReplaceByLabels(nil, []labels.LabelArray{{}})
87104
return td.repo
88105
}
89106

0 commit comments

Comments
 (0)