-
Notifications
You must be signed in to change notification settings - Fork 45
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Simplify byteorder transformation & remove magic number in Authz #407
Conversation
Codecov ReportAttention: Patch coverage is ❗ Your organization needs to install the Codecov GitHub app to enable full functionality.
Flags with carried forward coverage won't be shown. Click here to find out more.
|
069856b
to
39a6dce
Compare
/hold |
/unhold |
577fb0a
to
cee357d
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM. but should supplement test cases
Please add some unit tests |
return conn, err | ||
} | ||
// srcIp and dstIp are big endian, and dstPort is little endian, which is consistent with authorization policy flushed to Kmesh | ||
conn.srcIp = binary.BigEndian.AppendUint32(conn.srcIp, tupleV4.SrcAddr) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
we can use netip.AddrFromSlice
if we make srcIp as type netip.Addr
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
will be redesigned in the future if necessary
f9f810c
to
fd1bd5e
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
And please add ipv6 case
IPV4_TUPLE_LENGTH = 12 | ||
IPV4_TUPLE_LENGTH = int(unsafe.Sizeof(bpfSockTupleV4{})) | ||
// TUPLE_LEN is the fixed length of 4-tuple(source/dest IP/port) in a record from map of tuple | ||
TUPLE_LEN = int(unsafe.Sizeof(bpfSockTupleV6{})) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
:+1 For making it meaningful
Signed-off-by: talon <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/lgtm
Some nits can be fixed in a following pr
// Judge results | ||
found := val == 1 | ||
if found != tt.wantFound { | ||
t.Errorf("want %v, but got %v", tt.wantFound, found) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: we can use assert.Equal()
|
||
// Close maps | ||
mapOfTuple.Close() | ||
mapOfAuth.Close() |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: move just after map initiation, and use defer
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: hzxuzhonghu The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
What type of PR is this?
/kind enhancement
What this PR does / why we need it:
Which issue(s) this PR fixes:
Fixes Enhance authz #323
Special notes for your reviewer:
Does this PR introduce a user-facing change?: