diff options
author | Andreas Eriksen <andreer@yahooinc.com> | 2023-01-17 14:10:23 +0100 |
---|---|---|
committer | Andreas Eriksen <andreer@yahooinc.com> | 2023-01-17 14:10:23 +0100 |
commit | 14cbd6a6ca945e524b611a725039b0efd0496696 (patch) | |
tree | 3cdc5dad9597d57c02190d23dd71f56e86a19a36 /node-repository | |
parent | 64509b9652e06dacc85d090a1d1a812f285403af (diff) |
wireguard port unit test
Diffstat (limited to 'node-repository')
2 files changed, 9 insertions, 5 deletions
diff --git a/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/node/NodeAcl.java b/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/node/NodeAcl.java index 1baa8086772..fe0c55e0618 100644 --- a/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/node/NodeAcl.java +++ b/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/node/NodeAcl.java @@ -32,11 +32,12 @@ public record NodeAcl(Node node, private static final Set<Integer> RPC_PORTS = Set.of(19070); private static final int WIREGUARD_PORT = 51820; - public NodeAcl { - Objects.requireNonNull(node, "node must be non-null"); - ImmutableSet.copyOf(Objects.requireNonNull(trustedNodes, "trustedNodes must be non-null")); - ImmutableSet.copyOf(Objects.requireNonNull(trustedNetworks, "trustedNetworks must be non-null")); - ImmutableSet.copyOf(Objects.requireNonNull(trustedPorts, "trustedPorts must be non-null")); + public NodeAcl(Node node, Set<TrustedNode> trustedNodes, Set<String> trustedNetworks, Set<Integer> trustedPorts, Set<Integer> trustedUdpPorts) { + this.node = Objects.requireNonNull(node, "node must be non-null"); + this.trustedNodes = ImmutableSet.copyOf(Objects.requireNonNull(trustedNodes, "trustedNodes must be non-null")); + this.trustedNetworks = ImmutableSet.copyOf(Objects.requireNonNull(trustedNetworks, "trustedNetworks must be non-null")); + this.trustedPorts = ImmutableSet.copyOf(Objects.requireNonNull(trustedPorts, "trustedPorts must be non-null")); + this.trustedUdpPorts = ImmutableSet.copyOf(Objects.requireNonNull(trustedUdpPorts, "trustedUdpPorts must be non-null")); } public static NodeAcl from(Node node, NodeList allNodes, LoadBalancers loadBalancers) { diff --git a/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/provisioning/AclProvisioningTest.java b/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/provisioning/AclProvisioningTest.java index 30a49a89e12..47fcde1c96e 100644 --- a/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/provisioning/AclProvisioningTest.java +++ b/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/provisioning/AclProvisioningTest.java @@ -110,6 +110,7 @@ public class AclProvisioningTest { Set.of("10.2.3.0/24", "10.4.5.0/24"), List.of(nodeAcl)); assertEquals(Set.of(22, 4443), nodeAcl.trustedPorts()); + assertEquals(Set.of(51820), nodeAcl.trustedUdpPorts()); } @Test @@ -132,6 +133,7 @@ public class AclProvisioningTest { // Trusted nodes is all config servers and all proxy nodes assertAcls(trustedNodesOf(List.of(proxyNodes.asList(), configServers.asList())), List.of(nodeAcl)); assertEquals(Set.of(22, 443, 4443), nodeAcl.trustedPorts()); + assertEquals(Set.of(), nodeAcl.trustedUdpPorts()); } @Test @@ -171,6 +173,7 @@ public class AclProvisioningTest { NodeAcl controllerAcl = controllers.get(0).acl(tester.nodeRepository().nodes().list(), tester.nodeRepository().loadBalancers()); assertAcls(trustedNodesOf(List.of(controllers)), Set.of("10.2.3.0/24", "10.4.5.0/24"), List.of(controllerAcl)); assertEquals(Set.of(22, 4443, 443), controllerAcl.trustedPorts()); + assertEquals(Set.of(), controllerAcl.trustedUdpPorts()); } @Test |