Skip to content

Commit

Permalink
Add same-labels e2e testcase
Browse files Browse the repository at this point in the history 
Signed-off-by: Dyanngg <[email protected]>
  • Loading branch information
@Dyanngg
Dyanngg committed Jan 11, 2023
1 parent cdf7892 commit e18f8c6
Show file tree
Hide file tree
Showing 6 changed files with 294 additions and 38 deletions.
96 changes: 80 additions & 16 deletions multicluster/build/yamls/antrea-multicluster-leader-global.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -935,9 +935,17 @@ spec:
ingress/egress rules. Cannot be set with NamespaceSelector.'
properties:
match:
description: NamespaceMatchType describes Namespace
matching strategy.
description: Selects from the same Namespace of
the appliedTo workloads.
type: string
sameLabels:
description: Selects Namespaces that share the
same values for the given set of label keys
with the appliedTo Namespace. Namespaces must
have all the label keys.
items:
type: string
type: array
type: object
nodeSelector:
description: Select certain Nodes which match the
Expand Down Expand Up @@ -1315,9 +1323,17 @@ spec:
ingress/egress rules. Cannot be set with NamespaceSelector.'
properties:
match:
description: NamespaceMatchType describes Namespace
matching strategy.
description: Selects from the same Namespace of
the appliedTo workloads.
type: string
sameLabels:
description: Selects Namespaces that share the
same values for the given set of label keys
with the appliedTo Namespace. Namespaces must
have all the label keys.
items:
type: string
type: array
type: object
nodeSelector:
description: Select certain Nodes which match the
Expand Down Expand Up @@ -1823,9 +1839,17 @@ spec:
ingress/egress rules. Cannot be set with NamespaceSelector.'
properties:
match:
description: NamespaceMatchType describes Namespace
matching strategy.
description: Selects from the same Namespace of
the appliedTo workloads.
type: string
sameLabels:
description: Selects Namespaces that share the
same values for the given set of label keys
with the appliedTo Namespace. Namespaces must
have all the label keys.
items:
type: string
type: array
type: object
nodeSelector:
description: Select certain Nodes which match the
Expand Down Expand Up @@ -2203,9 +2227,17 @@ spec:
ingress/egress rules. Cannot be set with NamespaceSelector.'
properties:
match:
description: NamespaceMatchType describes Namespace
matching strategy.
description: Selects from the same Namespace of
the appliedTo workloads.
type: string
sameLabels:
description: Selects Namespaces that share the
same values for the given set of label keys
with the appliedTo Namespace. Namespaces must
have all the label keys.
items:
type: string
type: array
type: object
nodeSelector:
description: Select certain Nodes which match the
Expand Down Expand Up @@ -3627,9 +3659,17 @@ spec:
ingress/egress rules. Cannot be set with NamespaceSelector.'
properties:
match:
description: NamespaceMatchType describes Namespace
matching strategy.
description: Selects from the same Namespace of
the appliedTo workloads.
type: string
sameLabels:
description: Selects Namespaces that share the
same values for the given set of label keys
with the appliedTo Namespace. Namespaces must
have all the label keys.
items:
type: string
type: array
type: object
nodeSelector:
description: Select certain Nodes which match the
Expand Down Expand Up @@ -4007,9 +4047,17 @@ spec:
ingress/egress rules. Cannot be set with NamespaceSelector.'
properties:
match:
description: NamespaceMatchType describes Namespace
matching strategy.
description: Selects from the same Namespace of
the appliedTo workloads.
type: string
sameLabels:
description: Selects Namespaces that share the
same values for the given set of label keys
with the appliedTo Namespace. Namespaces must
have all the label keys.
items:
type: string
type: array
type: object
nodeSelector:
description: Select certain Nodes which match the
Expand Down Expand Up @@ -4515,9 +4563,17 @@ spec:
ingress/egress rules. Cannot be set with NamespaceSelector.'
properties:
match:
description: NamespaceMatchType describes Namespace
matching strategy.
description: Selects from the same Namespace of
the appliedTo workloads.
type: string
sameLabels:
description: Selects Namespaces that share the
same values for the given set of label keys
with the appliedTo Namespace. Namespaces must
have all the label keys.
items:
type: string
type: array
type: object
nodeSelector:
description: Select certain Nodes which match the
Expand Down Expand Up @@ -4895,9 +4951,17 @@ spec:
ingress/egress rules. Cannot be set with NamespaceSelector.'
properties:
match:
description: NamespaceMatchType describes Namespace
matching strategy.
description: Selects from the same Namespace of
the appliedTo workloads.
type: string
sameLabels:
description: Selects Namespaces that share the
same values for the given set of label keys
with the appliedTo Namespace. Namespaces must
have all the label keys.
items:
type: string
type: array
type: object
nodeSelector:
description: Select certain Nodes which match the
Expand Down
48 changes: 40 additions & 8 deletions multicluster/config/crd/bases/multicluster.crd.antrea.io_resourceexports.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -630,9 +630,17 @@ spec:
ingress/egress rules. Cannot be set with NamespaceSelector.'
properties:
match:
description: NamespaceMatchType describes Namespace
matching strategy.
description: Selects from the same Namespace of
the appliedTo workloads.
type: string
sameLabels:
description: Selects Namespaces that share the
same values for the given set of label keys
with the appliedTo Namespace. Namespaces must
have all the label keys.
items:
type: string
type: array
type: object
nodeSelector:
description: Select certain Nodes which match the
Expand Down Expand Up @@ -1010,9 +1018,17 @@ spec:
ingress/egress rules. Cannot be set with NamespaceSelector.'
properties:
match:
description: NamespaceMatchType describes Namespace
matching strategy.
description: Selects from the same Namespace of
the appliedTo workloads.
type: string
sameLabels:
description: Selects Namespaces that share the
same values for the given set of label keys
with the appliedTo Namespace. Namespaces must
have all the label keys.
items:
type: string
type: array
type: object
nodeSelector:
description: Select certain Nodes which match the
Expand Down Expand Up @@ -1518,9 +1534,17 @@ spec:
ingress/egress rules. Cannot be set with NamespaceSelector.'
properties:
match:
description: NamespaceMatchType describes Namespace
matching strategy.
description: Selects from the same Namespace of
the appliedTo workloads.
type: string
sameLabels:
description: Selects Namespaces that share the
same values for the given set of label keys
with the appliedTo Namespace. Namespaces must
have all the label keys.
items:
type: string
type: array
type: object
nodeSelector:
description: Select certain Nodes which match the
Expand Down Expand Up @@ -1898,9 +1922,17 @@ spec:
ingress/egress rules. Cannot be set with NamespaceSelector.'
properties:
match:
description: NamespaceMatchType describes Namespace
matching strategy.
description: Selects from the same Namespace of
the appliedTo workloads.
type: string
sameLabels:
description: Selects Namespaces that share the
same values for the given set of label keys
with the appliedTo Namespace. Namespaces must
have all the label keys.
items:
type: string
type: array
type: object
nodeSelector:
description: Select certain Nodes which match the
Expand Down
48 changes: 40 additions & 8 deletions multicluster/config/crd/bases/multicluster.crd.antrea.io_resourceimports.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -628,9 +628,17 @@ spec:
ingress/egress rules. Cannot be set with NamespaceSelector.'
properties:
match:
description: NamespaceMatchType describes Namespace
matching strategy.
description: Selects from the same Namespace of
the appliedTo workloads.
type: string
sameLabels:
description: Selects Namespaces that share the
same values for the given set of label keys
with the appliedTo Namespace. Namespaces must
have all the label keys.
items:
type: string
type: array
type: object
nodeSelector:
description: Select certain Nodes which match the
Expand Down Expand Up @@ -1008,9 +1016,17 @@ spec:
ingress/egress rules. Cannot be set with NamespaceSelector.'
properties:
match:
description: NamespaceMatchType describes Namespace
matching strategy.
description: Selects from the same Namespace of
the appliedTo workloads.
type: string
sameLabels:
description: Selects Namespaces that share the
same values for the given set of label keys
with the appliedTo Namespace. Namespaces must
have all the label keys.
items:
type: string
type: array
type: object
nodeSelector:
description: Select certain Nodes which match the
Expand Down Expand Up @@ -1516,9 +1532,17 @@ spec:
ingress/egress rules. Cannot be set with NamespaceSelector.'
properties:
match:
description: NamespaceMatchType describes Namespace
matching strategy.
description: Selects from the same Namespace of
the appliedTo workloads.
type: string
sameLabels:
description: Selects Namespaces that share the
same values for the given set of label keys
with the appliedTo Namespace. Namespaces must
have all the label keys.
items:
type: string
type: array
type: object
nodeSelector:
description: Select certain Nodes which match the
Expand Down Expand Up @@ -1896,9 +1920,17 @@ spec:
ingress/egress rules. Cannot be set with NamespaceSelector.'
properties:
match:
description: NamespaceMatchType describes Namespace
matching strategy.
description: Selects from the same Namespace of
the appliedTo workloads.
type: string
sameLabels:
description: Selects Namespaces that share the
same values for the given set of label keys
with the appliedTo Namespace. Namespaces must
have all the label keys.
items:
type: string
type: array
type: object
nodeSelector:
description: Select certain Nodes which match the
Expand Down
3 changes: 3 additions & 0 deletions pkg/controller/networkpolicy/validate.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -561,6 +561,9 @@ func (v *antreaPolicyValidator) validatePeers(ingress, egress []crdv1alpha1.Rule
if peer.NamespaceSelector != nil && peer.Namespaces != nil {
return "namespaces and namespaceSelector cannot be set at the same time for a single NetworkPolicyPeer", false
}
if peer.Namespaces != nil && numFieldsSetInStruct(*peer.Namespaces) > 1 {
return "only one matching criteria can be specified in a single peer namespaces field", false
}
peerFieldsNum := numFieldsSetInStruct(peer)
if peer.Group != "" && peerFieldsNum > 1 {
return "group cannot be set with other peers in rules", false
Expand Down
Loading

0 comments on commit e18f8c6

Please sign in to comment.