diff --git a/README.md b/README.md index a3ec647cdf..8151abef07 100644 --- a/README.md +++ b/README.md @@ -42,10 +42,10 @@ binary releases. ## Releases -| Release | Release Date | Maintained | Supported Cilium Versions | -|------------------------------------------------------------------------|--------------|------------|---------------------------| -| [v0.12.13](https://github.com/cilium/cilium-cli/releases/tag/v0.12.13) | 2023-02-15 | Yes | Cilium 1.11 and newer | -| [v0.10.7](https://github.com/cilium/cilium-cli/releases/tag/v0.10.7) | 2022-05-31 | No | Cilium 1.10 | +| Release | Release Date | Maintained | Supported Cilium Versions | +|----------------------------------------------------------------------|--------------|------------|---------------------------| +| [v0.13.0](https://github.com/cilium/cilium-cli/releases/tag/v0.13.0) | 2023-02-24 | Yes | Cilium 1.11 and newer | +| [v0.10.7](https://github.com/cilium/cilium-cli/releases/tag/v0.10.7) | 2022-05-31 | No | Cilium 1.10 | ## Capabilities diff --git a/connectivity/check/deployment.go b/connectivity/check/deployment.go index f83433beb9..c9ad297a73 100644 --- a/connectivity/check/deployment.go +++ b/connectivity/check/deployment.go @@ -1061,7 +1061,7 @@ func (ct *ConnectivityTest) waitForPodDNS(ctx context.Context, srcPod, dstPod Po // See https://coredns.io/plugins/local/ for more info. target := "localhost" stdout, err := srcPod.K8sClient.ExecInPod(ctx, srcPod.Pod.Namespace, srcPod.Pod.Name, - "", []string{"nslookup", target, dstPod.Address(IPFamilyV4)}) + "", []string{"nslookup", target, dstPod.Address(IPFamilyAny)}) if err == nil { return nil diff --git a/connectivity/check/peer.go b/connectivity/check/peer.go index 646253ae83..352526bea3 100644 --- a/connectivity/check/peer.go +++ b/connectivity/check/peer.go @@ -83,10 +83,10 @@ func (p Pod) Path() string { func (p Pod) Address(family IPFamily) string { for _, addr := range p.Pod.Status.PodIPs { ip := net.ParseIP(addr.IP) - if (family == IPFamilyV4 || family == IPFamilyNone) && ip.To4() != nil { + if (family == IPFamilyV4 || family == IPFamilyAny) && ip.To4() != nil { return addr.IP } - if family == IPFamilyV6 && ip.To4() == nil && ip.To16() != nil { + if (family == IPFamilyV6 || family == IPFamilyAny) && ip.To4() == nil && ip.To16() != nil { return addr.IP } } diff --git a/connectivity/check/utils.go b/connectivity/check/utils.go index dd64a40899..791c802540 100644 --- a/connectivity/check/utils.go +++ b/connectivity/check/utils.go @@ -8,16 +8,17 @@ import "net" type IPFamily int const ( - // IPFamilyNone is used for non-IP based endpoints (e.g., HTTP URL) - IPFamilyNone IPFamily = iota + // IPFamilyAny is used for non-IP based endpoints (e.g., HTTP URL), + // and when any IP family could be used. + IPFamilyAny IPFamily = iota IPFamilyV4 IPFamilyV6 ) func (f IPFamily) String() string { switch f { - case IPFamilyNone: - return "none" + case IPFamilyAny: + return "any" case IPFamilyV4: return "ipv4" case IPFamilyV6: @@ -37,5 +38,5 @@ func GetIPFamily(addr string) IPFamily { return IPFamilyV6 } - return IPFamilyNone + return IPFamilyAny } diff --git a/connectivity/suite.go b/connectivity/suite.go index d7e5bbf4e0..76ed9ebc62 100644 --- a/connectivity/suite.go +++ b/connectivity/suite.go @@ -716,7 +716,7 @@ func Run(ctx context.Context, ct *check.ConnectivityTest) error { tests.PodToWorld2(), // resolves cilium.io ). WithExpectations(func(a *check.Action) (egress, ingress check.Result) { - if a.Destination().Address(check.IPFamilyNone) == "cilium.io" { + if a.Destination().Address(check.IPFamilyAny) == "cilium.io" { if a.Destination().Path() == "/" || a.Destination().Path() == "" { egress = check.ResultDNSOK egress.HTTP = check.HTTP{ diff --git a/connectivity/tests/cidr.go b/connectivity/tests/cidr.go index 49ac63dbe1..71f1f04681 100644 --- a/connectivity/tests/cidr.go +++ b/connectivity/tests/cidr.go @@ -35,8 +35,8 @@ func (s *podToCIDR) Run(ctx context.Context, t *check.Test) { for _, src := range ct.ClientPods() { src := src // copy to avoid memory aliasing when using reference - t.NewAction(s, fmt.Sprintf("%s-%d", ep.Name(), i), &src, ep, check.IPFamilyNone).Run(func(a *check.Action) { - a.ExecInPod(ctx, ct.CurlCommand(ep, check.IPFamilyNone)) + t.NewAction(s, fmt.Sprintf("%s-%d", ep.Name(), i), &src, ep, check.IPFamilyAny).Run(func(a *check.Action) { + a.ExecInPod(ctx, ct.CurlCommand(ep, check.IPFamilyAny)) a.ValidateFlows(ctx, src, a.GetEgressRequirements(check.FlowParameters{ RSTAllowed: true, diff --git a/connectivity/tests/dummy.go b/connectivity/tests/dummy.go index bfad4488a3..edf840a4f3 100644 --- a/connectivity/tests/dummy.go +++ b/connectivity/tests/dummy.go @@ -27,13 +27,13 @@ func (s *dummy) Name() string { } func (s *dummy) Run(ctx context.Context, t *check.Test) { - t.NewAction(s, "action-1", nil, nil, check.IPFamilyNone).Run(func(a *check.Action) { + t.NewAction(s, "action-1", nil, nil, check.IPFamilyAny).Run(func(a *check.Action) { a.Log("logging") a.Debug("debugging") a.Info("informing") }) - t.NewAction(s, "action-2", nil, nil, check.IPFamilyNone).Run(func(a *check.Action) { + t.NewAction(s, "action-2", nil, nil, check.IPFamilyAny).Run(func(a *check.Action) { a.Log("logging") a.Fatal("killing :(") a.Fail("failing (this should not be printed)") diff --git a/connectivity/tests/health.go b/connectivity/tests/health.go index fcafc8062c..d4100e12c4 100644 --- a/connectivity/tests/health.go +++ b/connectivity/tests/health.go @@ -30,7 +30,7 @@ func (s *ciliumHealth) Name() string { func (s *ciliumHealth) Run(ctx context.Context, t *check.Test) { for name, pod := range t.Context().CiliumPods() { pod := pod - t.NewAction(s, name, &pod, nil, check.IPFamilyNone).Run(func(a *check.Action) { + t.NewAction(s, name, &pod, nil, check.IPFamilyAny).Run(func(a *check.Action) { runHealthProbe(ctx, t.Context(), &pod) }) } diff --git a/connectivity/tests/host.go b/connectivity/tests/host.go index 5f321ee67b..53ae39db71 100644 --- a/connectivity/tests/host.go +++ b/connectivity/tests/host.go @@ -90,14 +90,14 @@ func (s *podToHostPort) Run(ctx context.Context, t *check.Test) { baseURL := fmt.Sprintf("%s://%s:%d%s", echo.Scheme(), echo.Pod.Status.HostIP, check.EchoServerHostPort, echo.Path()) ep := check.HTTPEndpoint(echo.Name(), baseURL) - t.NewAction(s, fmt.Sprintf("curl-%d", i), &client, ep, check.IPFamilyNone).Run(func(a *check.Action) { - a.ExecInPod(ctx, ct.CurlCommand(ep, check.IPFamilyNone)) + t.NewAction(s, fmt.Sprintf("curl-%d", i), &client, ep, check.IPFamilyAny).Run(func(a *check.Action) { + a.ExecInPod(ctx, ct.CurlCommand(ep, check.IPFamilyAny)) a.ValidateFlows(ctx, client, a.GetEgressRequirements(check.FlowParameters{ // Because the HostPort request is NATed, we might only // observe flows after DNAT has been applied (e.g. by // HostReachableServices), - AltDstIP: echo.Address(check.IPFamilyNone), + AltDstIP: echo.Address(check.IPFamilyAny), AltDstPort: echo.Port(), })) }) diff --git a/connectivity/tests/service.go b/connectivity/tests/service.go index 4ef26f4518..56441ea492 100644 --- a/connectivity/tests/service.go +++ b/connectivity/tests/service.go @@ -49,8 +49,8 @@ func (s *podToService) Run(ctx context.Context, t *check.Test) { continue } - t.NewAction(s, fmt.Sprintf("curl-%d", i), &pod, svc, check.IPFamilyNone).Run(func(a *check.Action) { - a.ExecInPod(ctx, ct.CurlCommand(svc, check.IPFamilyNone)) + t.NewAction(s, fmt.Sprintf("curl-%d", i), &pod, svc, check.IPFamilyAny).Run(func(a *check.Action) { + a.ExecInPod(ctx, ct.CurlCommand(svc, check.IPFamilyAny)) a.ValidateFlows(ctx, pod, a.GetEgressRequirements(check.FlowParameters{ DNSRequired: true, @@ -179,8 +179,8 @@ func curlNodePort(ctx context.Context, s check.Scenario, t *check.Test, // Create the Action with the original svc as this will influence what the // flow matcher looks for in the flow logs. - t.NewAction(s, name, pod, svc, check.IPFamilyNone).Run(func(a *check.Action) { - a.ExecInPod(ctx, t.Context().CurlCommand(ep, check.IPFamilyNone)) + t.NewAction(s, name, pod, svc, check.IPFamilyAny).Run(func(a *check.Action) { + a.ExecInPod(ctx, t.Context().CurlCommand(ep, check.IPFamilyAny)) a.ValidateFlows(ctx, pod, a.GetEgressRequirements(check.FlowParameters{ // The fact that curl is hitting the NodePort instead of the diff --git a/connectivity/tests/world.go b/connectivity/tests/world.go index 3751a7f0d0..8ee3c7b700 100644 --- a/connectivity/tests/world.go +++ b/connectivity/tests/world.go @@ -42,20 +42,20 @@ func (s *podToWorld) Run(ctx context.Context, t *check.Test) { client := client // copy to avoid memory aliasing when using reference // With http, over port 80. - t.NewAction(s, fmt.Sprintf("http-to-%s-%d", extTarget, i), &client, http, check.IPFamilyNone).Run(func(a *check.Action) { - a.ExecInPod(ctx, ct.CurlCommand(http, check.IPFamilyNone)) + t.NewAction(s, fmt.Sprintf("http-to-%s-%d", extTarget, i), &client, http, check.IPFamilyAny).Run(func(a *check.Action) { + a.ExecInPod(ctx, ct.CurlCommand(http, check.IPFamilyAny)) a.ValidateFlows(ctx, client, a.GetEgressRequirements(fp)) }) // With https, over port 443. - t.NewAction(s, fmt.Sprintf("https-to-%s-%d", extTarget, i), &client, https, check.IPFamilyNone).Run(func(a *check.Action) { - a.ExecInPod(ctx, ct.CurlCommand(https, check.IPFamilyNone)) + t.NewAction(s, fmt.Sprintf("https-to-%s-%d", extTarget, i), &client, https, check.IPFamilyAny).Run(func(a *check.Action) { + a.ExecInPod(ctx, ct.CurlCommand(https, check.IPFamilyAny)) a.ValidateFlows(ctx, client, a.GetEgressRequirements(fp)) }) // With https, over port 443, index.html. - t.NewAction(s, fmt.Sprintf("https-to-%s-index-%d", extTarget, i), &client, httpsindex, check.IPFamilyNone).Run(func(a *check.Action) { - a.ExecInPod(ctx, ct.CurlCommand(httpsindex, check.IPFamilyNone)) + t.NewAction(s, fmt.Sprintf("https-to-%s-index-%d", extTarget, i), &client, httpsindex, check.IPFamilyAny).Run(func(a *check.Action) { + a.ExecInPod(ctx, ct.CurlCommand(httpsindex, check.IPFamilyAny)) a.ValidateFlows(ctx, client, a.GetEgressRequirements(fp)) }) @@ -91,8 +91,8 @@ func (s *podToWorld2) Run(ctx context.Context, t *check.Test) { client := client // copy to avoid memory aliasing when using reference // With https, over port 443. - t.NewAction(s, fmt.Sprintf("https-cilium-io-%d", i), &client, https, check.IPFamilyNone).Run(func(a *check.Action) { - a.ExecInPod(ctx, ct.CurlCommand(https, check.IPFamilyNone)) + t.NewAction(s, fmt.Sprintf("https-cilium-io-%d", i), &client, https, check.IPFamilyAny).Run(func(a *check.Action) { + a.ExecInPod(ctx, ct.CurlCommand(https, check.IPFamilyAny)) a.ValidateFlows(ctx, client, a.GetEgressRequirements(fp)) }) diff --git a/go.mod b/go.mod index 3261b3f328..c09fa2d75b 100644 --- a/go.mod +++ b/go.mod @@ -191,7 +191,7 @@ require ( github.com/spf13/cast v1.5.0 // indirect github.com/spf13/jwalterweatherman v1.1.0 // indirect github.com/spf13/viper v1.14.0 // indirect - github.com/stretchr/testify v1.8.1 + github.com/stretchr/testify v1.8.2 github.com/subosito/gotenv v1.4.1 // indirect github.com/tmc/grpc-websocket-proxy v0.0.0-20201229170055-e5319fda7802 // indirect github.com/ulikunitz/xz v0.5.10 // indirect diff --git a/go.sum b/go.sum index 86520fd48e..638119dc3d 100644 --- a/go.sum +++ b/go.sum @@ -1093,8 +1093,9 @@ github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= -github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= +github.com/stretchr/testify v1.8.2 h1:+h33VjcLVPDHtOdpUCuF+7gSuG3yGIftsP1YvFihtJ8= +github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw= github.com/subosito/gotenv v1.4.1 h1:jyEFiXpy21Wm81FBN71l9VoMMV8H8jG+qIK3GCpY6Qs= github.com/subosito/gotenv v1.4.1/go.mod h1:ayKnFf/c6rvx/2iiLrJUk1e6plDbT3edrFNGqEflhK0= diff --git a/vendor/github.com/stretchr/testify/assert/assertions.go b/vendor/github.com/stretchr/testify/assert/assertions.go index fa1245b189..2924cf3a14 100644 --- a/vendor/github.com/stretchr/testify/assert/assertions.go +++ b/vendor/github.com/stretchr/testify/assert/assertions.go @@ -8,7 +8,6 @@ import ( "fmt" "math" "os" - "path/filepath" "reflect" "regexp" "runtime" @@ -141,12 +140,11 @@ func CallerInfo() []string { } parts := strings.Split(file, "/") - file = parts[len(parts)-1] if len(parts) > 1 { + filename := parts[len(parts)-1] dir := parts[len(parts)-2] - if (dir != "assert" && dir != "mock" && dir != "require") || file == "mock_test.go" { - path, _ := filepath.Abs(file) - callers = append(callers, fmt.Sprintf("%s:%d", path, line)) + if (dir != "assert" && dir != "mock" && dir != "require") || filename == "mock_test.go" { + callers = append(callers, fmt.Sprintf("%s:%d", file, line)) } } @@ -530,7 +528,7 @@ func isNil(object interface{}) bool { []reflect.Kind{ reflect.Chan, reflect.Func, reflect.Interface, reflect.Map, - reflect.Ptr, reflect.Slice}, + reflect.Ptr, reflect.Slice, reflect.UnsafePointer}, kind) if isNilableKind && value.IsNil() { @@ -818,49 +816,44 @@ func Subset(t TestingT, list, subset interface{}, msgAndArgs ...interface{}) (ok return true // we consider nil to be equal to the nil set } - defer func() { - if e := recover(); e != nil { - ok = false - } - }() - listKind := reflect.TypeOf(list).Kind() - subsetKind := reflect.TypeOf(subset).Kind() - if listKind != reflect.Array && listKind != reflect.Slice && listKind != reflect.Map { return Fail(t, fmt.Sprintf("%q has an unsupported type %s", list, listKind), msgAndArgs...) } + subsetKind := reflect.TypeOf(subset).Kind() if subsetKind != reflect.Array && subsetKind != reflect.Slice && listKind != reflect.Map { return Fail(t, fmt.Sprintf("%q has an unsupported type %s", subset, subsetKind), msgAndArgs...) } - subsetValue := reflect.ValueOf(subset) if subsetKind == reflect.Map && listKind == reflect.Map { - listValue := reflect.ValueOf(list) - subsetKeys := subsetValue.MapKeys() + subsetMap := reflect.ValueOf(subset) + actualMap := reflect.ValueOf(list) - for i := 0; i < len(subsetKeys); i++ { - subsetKey := subsetKeys[i] - subsetElement := subsetValue.MapIndex(subsetKey).Interface() - listElement := listValue.MapIndex(subsetKey).Interface() + for _, k := range subsetMap.MapKeys() { + ev := subsetMap.MapIndex(k) + av := actualMap.MapIndex(k) - if !ObjectsAreEqual(subsetElement, listElement) { - return Fail(t, fmt.Sprintf("\"%s\" does not contain \"%s\"", list, subsetElement), msgAndArgs...) + if !av.IsValid() { + return Fail(t, fmt.Sprintf("%#v does not contain %#v", list, subset), msgAndArgs...) + } + if !ObjectsAreEqual(ev.Interface(), av.Interface()) { + return Fail(t, fmt.Sprintf("%#v does not contain %#v", list, subset), msgAndArgs...) } } return true } - for i := 0; i < subsetValue.Len(); i++ { - element := subsetValue.Index(i).Interface() + subsetList := reflect.ValueOf(subset) + for i := 0; i < subsetList.Len(); i++ { + element := subsetList.Index(i).Interface() ok, found := containsElement(list, element) if !ok { - return Fail(t, fmt.Sprintf("\"%s\" could not be applied builtin len()", list), msgAndArgs...) + return Fail(t, fmt.Sprintf("%#v could not be applied builtin len()", list), msgAndArgs...) } if !found { - return Fail(t, fmt.Sprintf("\"%s\" does not contain \"%s\"", list, element), msgAndArgs...) + return Fail(t, fmt.Sprintf("%#v does not contain %#v", list, element), msgAndArgs...) } } @@ -879,34 +872,28 @@ func NotSubset(t TestingT, list, subset interface{}, msgAndArgs ...interface{}) return Fail(t, "nil is the empty set which is a subset of every set", msgAndArgs...) } - defer func() { - if e := recover(); e != nil { - ok = false - } - }() - listKind := reflect.TypeOf(list).Kind() - subsetKind := reflect.TypeOf(subset).Kind() - if listKind != reflect.Array && listKind != reflect.Slice && listKind != reflect.Map { return Fail(t, fmt.Sprintf("%q has an unsupported type %s", list, listKind), msgAndArgs...) } + subsetKind := reflect.TypeOf(subset).Kind() if subsetKind != reflect.Array && subsetKind != reflect.Slice && listKind != reflect.Map { return Fail(t, fmt.Sprintf("%q has an unsupported type %s", subset, subsetKind), msgAndArgs...) } - subsetValue := reflect.ValueOf(subset) if subsetKind == reflect.Map && listKind == reflect.Map { - listValue := reflect.ValueOf(list) - subsetKeys := subsetValue.MapKeys() + subsetMap := reflect.ValueOf(subset) + actualMap := reflect.ValueOf(list) - for i := 0; i < len(subsetKeys); i++ { - subsetKey := subsetKeys[i] - subsetElement := subsetValue.MapIndex(subsetKey).Interface() - listElement := listValue.MapIndex(subsetKey).Interface() + for _, k := range subsetMap.MapKeys() { + ev := subsetMap.MapIndex(k) + av := actualMap.MapIndex(k) - if !ObjectsAreEqual(subsetElement, listElement) { + if !av.IsValid() { + return true + } + if !ObjectsAreEqual(ev.Interface(), av.Interface()) { return true } } @@ -914,8 +901,9 @@ func NotSubset(t TestingT, list, subset interface{}, msgAndArgs ...interface{}) return Fail(t, fmt.Sprintf("%q is a subset of %q", subset, list), msgAndArgs...) } - for i := 0; i < subsetValue.Len(); i++ { - element := subsetValue.Index(i).Interface() + subsetList := reflect.ValueOf(subset) + for i := 0; i < subsetList.Len(); i++ { + element := subsetList.Index(i).Interface() ok, found := containsElement(list, element) if !ok { return Fail(t, fmt.Sprintf("\"%s\" could not be applied builtin len()", list), msgAndArgs...) diff --git a/vendor/modules.txt b/vendor/modules.txt index 65634fd21b..e8fa359bfd 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -816,7 +816,7 @@ github.com/spf13/viper/internal/encoding/javaproperties github.com/spf13/viper/internal/encoding/json github.com/spf13/viper/internal/encoding/toml github.com/spf13/viper/internal/encoding/yaml -# github.com/stretchr/testify v1.8.1 +# github.com/stretchr/testify v1.8.2 ## explicit; go 1.13 github.com/stretchr/testify/assert # github.com/subosito/gotenv v1.4.1