Skip to content

Commit

Permalink
OCM-7481 | test: package addtional security groups preparation func a…
Browse files Browse the repository at this point in the history
…nd add vpc test suite

remove the testing code
  • Loading branch information
xueli181114 committed Apr 18, 2024
1 parent 3b462e2 commit 6db6d30
Show file tree
Hide file tree
Showing 4 changed files with 51 additions and 24 deletions.
2 changes: 1 addition & 1 deletion pkg/aws/aws_client/vpc.go
Original file line number Diff line number Diff line change
Expand Up @@ -91,7 +91,7 @@ func (client *AWSClient) ModifyVpcDnsAttribute(vpcID string, dnsAttribute string
log.LogError("Modify vpc dns attribute failed " + err.Error())
return nil, err
}
log.LogInfo("Modify vpc dns attribute success" + vpcID + dnsAttribute)
log.LogInfo("Modify vpc dns attribute %s success for %s", dnsAttribute, vpcID)
return resp, err
}

Expand Down
7 changes: 4 additions & 3 deletions pkg/aws/consts/consts.go
Original file line number Diff line number Diff line change
Expand Up @@ -41,9 +41,10 @@ const (
TCPProtocol = "tcp"
UDPProtocol = "udp"

ProxySecurityGroupName = "proxy-sg"
AdditionalSecurityGroupName = "ocm-additional-sg"
ProxySecurityGroupDescription = "security group for proxy"
ProxySecurityGroupName = "proxy-sg"
AdditionalSecurityGroupName = "ocm-additional-sg"
ProxySecurityGroupDescription = "security group for proxy"
DefaultAdditionalSecurityGroupDescription = "This security group is created for OCM testing"

QEFlagKey = "ocm_ci_flag"

Expand Down
59 changes: 40 additions & 19 deletions pkg/test/vpc_client/security_group.go
Original file line number Diff line number Diff line change
@@ -1,8 +1,10 @@
package vpc_client

import (
"fmt"

"github.com/aws/aws-sdk-go-v2/service/ec2/types"
CON "github.com/openshift-online/ocm-common/pkg/aws/consts"
con "github.com/openshift-online/ocm-common/pkg/aws/consts"
"github.com/openshift-online/ocm-common/pkg/log"
)

Expand All @@ -12,7 +14,7 @@ func (vpc *VPC) DeleteVPCSecurityGroups(customizedOnly bool) error {
if customizedOnly {
for _, sg := range securityGroups {
for _, tag := range sg.Tags {
if *tag.Key == "Name" && (*tag.Value == CON.ProxySecurityGroupName || *tag.Value == CON.AdditionalSecurityGroupName) {
if *tag.Key == "Name" && (*tag.Value == con.ProxySecurityGroupName || *tag.Value == con.AdditionalSecurityGroupName) {
needCleanGroups = append(needCleanGroups, sg)
}
}
Expand All @@ -32,30 +34,49 @@ func (vpc *VPC) DeleteVPCSecurityGroups(customizedOnly bool) error {
return nil
}

// CreateAndAuthorizeDefaultSecurityGroupForProxy can prepare a security group for the proxy launch
func (vpc *VPC) CreateAndAuthorizeDefaultSecurityGroupForProxy() (string, error) {
var groupID string
var err error
protocol := CON.TCPProtocol
resp, err := vpc.AWSClient.CreateSecurityGroup(vpc.VpcID, CON.ProxySecurityGroupName, CON.ProxySecurityGroupDescription)
sgIDs, err := vpc.CreateAdditionalSecurityGroups(1, con.ProxySecurityGroupName, con.ProxySecurityGroupDescription)
if err != nil {
log.LogError("Create proxy security group failed for vpc %s: %s", vpc.VpcID, err)
return "", err
log.LogError("Security group prepare for proxy failed")
} else {
groupID = sgIDs[0]
log.LogInfo("Authorize SG %s prepared successfully for proxy.", groupID)
}
groupID = *resp.GroupId
log.LogInfo("SG %s created for vpc %s", groupID, vpc.VpcID)
cidrPortsMap := map[string]int32{
vpc.CIDRValue: 8080,
"0.0.0.0/0": 22,
return groupID, err
}

// CreateAdditionalSecurityGroups can prepare <count> additional security groups
// description can be empty which will be set to default value
// namePrefix is required, otherwise if there is same security group existing the creation will fail
func (vpc *VPC) CreateAdditionalSecurityGroups(count int, namePrefix string, description string) ([]string, error) {
preparedSGs := []string{}
createdsgNum := 0
if description == "" {
description = con.DefaultAdditionalSecurityGroupDescription
}
for cidr, port := range cidrPortsMap {
_, err = vpc.AWSClient.AuthorizeSecurityGroupIngress(groupID, cidr, protocol, port, port)
for createdsgNum < count {
sgName := fmt.Sprintf("%s-%d", namePrefix, createdsgNum)
sg, err := vpc.AWSClient.CreateSecurityGroup(vpc.VpcID, sgName, description)
if err != nil {
log.LogError("Authorize CIDR %s with port %v failed to SG %s of vpc %s: %s",
cidr, port, groupID, vpc.VpcID, err)
return groupID, err
panic(err)
}
groupID := *sg.GroupId
cidrPortsMap := map[string]int32{
vpc.CIDRValue: 8080,
con.RouteDestinationCidrBlock: 22,
}
for cidr, port := range cidrPortsMap {
_, err = vpc.AWSClient.AuthorizeSecurityGroupIngress(groupID, cidr, con.TCPProtocol, port, port)
if err != nil {
return preparedSGs, err
}
}
}
log.LogInfo("Authorize SG %s successfully for proxy.", groupID)

return groupID, err
preparedSGs = append(preparedSGs, *sg.GroupId)
createdsgNum++
}
return preparedSGs, nil
}
7 changes: 6 additions & 1 deletion pkg/test/vpc_client/vpc.go
Original file line number Diff line number Diff line change
Expand Up @@ -153,8 +153,13 @@ func PrepareVPC(vpcName string, region string, vpcCIDR string, checkExisting boo
if vpcCIDR == "" {
vpcCIDR = CON.DefaultVPCCIDR
}
log.LogInfo("Going to prepare a vpc with name %s, on region %s, with cidr %s and subnets on zones %s",
logMessage := fmt.Sprintf("Going to prepare a vpc with name %s, on region %s, with cidr %s and subnets on zones %s",
vpcName, region, vpcCIDR, strings.Join(zones, ","))
if len(zones) == 0 {
logMessage = fmt.Sprintf("Going to prepare a vpc with name %s, on region %s, with cidr %s ",
vpcName, region, vpcCIDR)
}
log.LogInfo(logMessage)
awsclient, err := aws_client.CreateAWSClient("", region)
if err != nil {
log.LogError("Create AWS Client due to error: %s", err.Error())
Expand Down

0 comments on commit 6db6d30

Please sign in to comment.