From 14cbd6a6ca945e524b611a725039b0efd0496696 Mon Sep 17 00:00:00 2001 From: Andreas Eriksen Date: Tue, 17 Jan 2023 14:10:23 +0100 Subject: wireguard port unit test --- .../java/com/yahoo/vespa/hosted/provision/node/NodeAcl.java | 11 ++++++----- .../hosted/provision/provisioning/AclProvisioningTest.java | 3 +++ 2 files changed, 9 insertions(+), 5 deletions(-) (limited to 'node-repository') diff --git a/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/node/NodeAcl.java b/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/node/NodeAcl.java index 1baa8086772..fe0c55e0618 100644 --- a/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/node/NodeAcl.java +++ b/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/node/NodeAcl.java @@ -32,11 +32,12 @@ public record NodeAcl(Node node, private static final Set RPC_PORTS = Set.of(19070); private static final int WIREGUARD_PORT = 51820; - public NodeAcl { - Objects.requireNonNull(node, "node must be non-null"); - ImmutableSet.copyOf(Objects.requireNonNull(trustedNodes, "trustedNodes must be non-null")); - ImmutableSet.copyOf(Objects.requireNonNull(trustedNetworks, "trustedNetworks must be non-null")); - ImmutableSet.copyOf(Objects.requireNonNull(trustedPorts, "trustedPorts must be non-null")); + public NodeAcl(Node node, Set trustedNodes, Set trustedNetworks, Set trustedPorts, Set trustedUdpPorts) { + this.node = Objects.requireNonNull(node, "node must be non-null"); + this.trustedNodes = ImmutableSet.copyOf(Objects.requireNonNull(trustedNodes, "trustedNodes must be non-null")); + this.trustedNetworks = ImmutableSet.copyOf(Objects.requireNonNull(trustedNetworks, "trustedNetworks must be non-null")); + this.trustedPorts = ImmutableSet.copyOf(Objects.requireNonNull(trustedPorts, "trustedPorts must be non-null")); + this.trustedUdpPorts = ImmutableSet.copyOf(Objects.requireNonNull(trustedUdpPorts, "trustedUdpPorts must be non-null")); } public static NodeAcl from(Node node, NodeList allNodes, LoadBalancers loadBalancers) { diff --git a/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/provisioning/AclProvisioningTest.java b/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/provisioning/AclProvisioningTest.java index 30a49a89e12..47fcde1c96e 100644 --- a/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/provisioning/AclProvisioningTest.java +++ b/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/provisioning/AclProvisioningTest.java @@ -110,6 +110,7 @@ public class AclProvisioningTest { Set.of("10.2.3.0/24", "10.4.5.0/24"), List.of(nodeAcl)); assertEquals(Set.of(22, 4443), nodeAcl.trustedPorts()); + assertEquals(Set.of(51820), nodeAcl.trustedUdpPorts()); } @Test @@ -132,6 +133,7 @@ public class AclProvisioningTest { // Trusted nodes is all config servers and all proxy nodes assertAcls(trustedNodesOf(List.of(proxyNodes.asList(), configServers.asList())), List.of(nodeAcl)); assertEquals(Set.of(22, 443, 4443), nodeAcl.trustedPorts()); + assertEquals(Set.of(), nodeAcl.trustedUdpPorts()); } @Test @@ -171,6 +173,7 @@ public class AclProvisioningTest { NodeAcl controllerAcl = controllers.get(0).acl(tester.nodeRepository().nodes().list(), tester.nodeRepository().loadBalancers()); assertAcls(trustedNodesOf(List.of(controllers)), Set.of("10.2.3.0/24", "10.4.5.0/24"), List.of(controllerAcl)); assertEquals(Set.of(22, 4443, 443), controllerAcl.trustedPorts()); + assertEquals(Set.of(), controllerAcl.trustedUdpPorts()); } @Test -- cgit v1.2.3