Skip to content

Commit

Permalink
Adds generated egress rules by simple array.
Browse files Browse the repository at this point in the history 
It is easy to maintain

Signed-off-by: Petr "Stone" Hracek <[email protected]>
  • Loading branch information
@phracek
phracek committed Oct 23, 2024
1 parent dd09123 commit a48dc25
Show file tree
Hide file tree
Showing 3 changed files with 25 additions and 76 deletions.
3 changes: 2 additions & 1 deletion container_ci_suite/helm.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -261,14 +261,15 @@ def check_test_output(self, output, expected_str: List[str]):
print("Function expects list of strings to check.")
return False
check_list.extend(expected_str)
print(f"Strings to check in helm output log: {check_list}")
result_list = [x in ''.join(output) for x in check_list]
if False in result_list:
return False
return True

def test_helm_chart(self, expected_str: List[str]) -> bool:
for count in range(60):
time.sleep(1)
time.sleep(2)
try:
output = HelmChartsAPI.run_helm_command(
f"test {self.package_name} --logs", json_output=False
Expand Down
1 change: 1 addition & 0 deletions container_ci_suite/openshift.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -61,6 +61,7 @@ def __init__(
self.shared_random_name = ""
self.config_tenant_name = "core-services-ocp--config"
self.openshift_ops = OpenShiftOperations(pod_name_prefix=pod_name_prefix)
print(f"Namespace is: {namespace}")
if namespace == "default":
self.create_project()
else:
Expand Down
97 changes: 22 additions & 75 deletions container_ci_suite/utils.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -280,7 +280,27 @@ def save_tenant_namespace_yaml(project_name: str) -> str:
return temp_file.name


def save_tenant_egress_yaml(project_name: str) -> str:
def save_tenant_egress_yaml(project_name: str, rules: List[str] = []) -> str:
if not rules:
rules = [
"github.com", "api.github.com", "codeload.github.com", "pypi.org", "www.cpan.org",
"backpan.perl.org", "www.metacpan.org", "files.pythonhosted.org", "getcomposer.org",
]
generated_yaml = []
for rule in rules:
generated_yaml.append({
"to": {
"dnsName": f"{rule}"
},
"type": "Allow"
})
for rule in ["172.0.0.0/8", "10.0.0.0/9", "52.218.128.0/17", "52.92.128.0/17", "52.216.0.0/15"]:
generated_yaml.append({
"to": {
"cidrSelector": f"{rule}"
},
"type": "Allow"
})
tenant_egress_yaml = {
"apiVersion": "tenant.paas.redhat.com/v1alpha1",
"kind": "TenantEgress",
Expand All @@ -289,80 +309,7 @@ def save_tenant_egress_yaml(project_name: str) -> str:
"namespace": f"core-services-ocp--{project_name}"
},
"spec": {
"egress": [
{
"to": {
"dnsName": "github.com"
},
"type": "Allow"
},
{
"to": {
"dnsName": "pypi.org"
},
"type": "Allow"
},
{
"to": {
"dnsName": "www.cpan.org"
},
"type": "Allow"
},
{
"to": {
"dnsName": "backpan.perl.org"
},
"type": "Allow"
},
{
"to": {
"dnsName": "www.metacpan.org"
},
"type": "Allow"
},
{
"to": {
"dnsName": "files.pythonhosted.org"
},
"type": "Allow"
},
{
"to": {
"cidrSelector": "172.0.0.0/8"
},
"type": "Allow"
},
{
"to": {
"cidrSelector": "172.0.0.0/8"
},
"type": "Allow"
},
{
"to": {
"cidrSelector": "10.0.0.0/9"
},
"type": "Allow"
},
{
"to": {
"cidrSelector": "52.218.128.0/17"
},
"type": "Allow"
},
{
"to": {
"cidrSelector": "52.92.128.0/17"
},
"type": "Allow"
},
{
"to": {
"cidrSelector": "52.216.0.0/15"
},
"type": "Allow"
}
]
"egress": generated_yaml
}
}
temp_file = tempfile.NamedTemporaryFile(prefix="tenant-egress-yml", delete=False)
Expand Down

0 comments on commit a48dc25

Please sign in to comment.