Add subnet filtering to the CLI tool (#8)

lyft · Dec 14, 2017 · da746f9 · da746f9
1 parent f2c53d4
commit da746f9
Show file tree

Hide file tree

Showing 3 changed files with 79 additions and 3 deletions.
diff --git a/Makefile b/Makefile
@@ -28,7 +28,7 @@ lint:
 .PHONY: test
 test: dep cache lint
 ifndef GOOS
-	go test -v ./aws ./nl
+	go test -v ./aws ./nl ./cmd/cni-ipvlan-vpc-k8s-tool
 else
 	@echo Tests not available when cross-compiling
 endif

diff --git a/cmd/cni-ipvlan-vpc-k8s-tool/cni-ipvlan-vpc-k8s-tool.go b/cmd/cni-ipvlan-vpc-k8s-tool/cni-ipvlan-vpc-k8s-tool.go
@@ -4,6 +4,7 @@ import (
 	"fmt"
 	"net"
 	"os"
+	"strings"
 	"text/tabwriter"
 
 	"github.com/urfave/cli"
@@ -15,15 +16,45 @@ import (
 
 var version string
 
+// Build a filter from input
+func filterBuild(input string) (map[string]string, error) {
+	if input == "" {
+		return nil, nil
+	}
+
+	ret := make(map[string]string, 0)
+	tuples := strings.Split(input, ",")
+	for _, t := range tuples {
+		kv := strings.Split(t, "=")
+		if len(kv) != 2 {
+			return nil, fmt.Errorf("Invalid filter specified %v", t)
+		}
+		if len(kv[0]) <= 0 || len(kv[1]) <= 0 {
+			return nil, fmt.Errorf("Zero length filter specified: %v", t)
+		}
+
+		ret[kv[0]] = kv[1]
+	}
+
+	return ret, nil
+}
+
 func actionNewInterface(c *cli.Context) error {
 	return cniipvlanvpck8s.LockfileRun(func() error {
+		filtersRaw := c.String("subnet_filter")
+		filters, err := filterBuild(filtersRaw)
+		if err != nil {
+			fmt.Printf("Invalid filter specification %v", err)
+			return err
+		}
+
 		secGrps := c.Args()
 
 		if len(secGrps) <= 0 {
 			fmt.Println("please specify security groups")
 			return fmt.Errorf("need security groups")
 		}
-		newIf, err := aws.NewInterface(secGrps, nil)
+		newIf, err := aws.NewInterface(secGrps, filters)
 		if err != nil {
 			fmt.Println(err)
 			return err
@@ -203,7 +234,13 @@ func main() {
 			Name:      "new-interface",
 			Usage:     "Create a new interface",
 			Action:    actionNewInterface,
-			ArgsUsage: "[security_group_ids...]",
+			ArgsUsage: "[--subnet_filter=k,v] [security_group_ids...]",
+			Flags: []cli.Flag{
+				cli.StringFlag{
+					Name:  "subnet_filter",
+					Usage: "Comma separated key=value filters to restrict subnets",
+				},
+			},
 		},
 		{
 			Name:      "remove-interface",

diff --git a/cmd/cni-ipvlan-vpc-k8s-tool/cni-ipvlan-vpc-k8s-tool_test.go b/cmd/cni-ipvlan-vpc-k8s-tool/cni-ipvlan-vpc-k8s-tool_test.go
@@ -0,0 +1,39 @@
+package main
+
+import (
+	"testing"
+)
+
+// TestFilterBuildNil checks the empty string input
+func TestFilterBuildNil(t *testing.T) {
+	ret, err := filterBuild("")
+	if ret != nil && err != nil {
+		t.Errorf("Nil input wasn't nil")
+	}
+}
+
+// TestFilterBuildSingle tests a single filter
+func TestFilterBuildSingle(t *testing.T) {
+	ret, err := filterBuild("foo=bar")
+	if err != nil {
+		t.Errorf("Error returned")
+	}
+	if v, ok := ret["foo"]; !ok || v != "bar" {
+		t.Errorf("Invalid return from filter")
+	}
+}
+
+// TestFilterBuildMulti tests multiple filters
+func TestFilterBuildMulti(t *testing.T) {
+	ret, err := filterBuild("foo=bar,err=frr")
+	if err != nil {
+		t.Errorf("Error returned")
+	}
+	if v, ok := ret["foo"]; !ok || v != "bar" {
+		t.Errorf("Invalid return from filter - no foo")
+	}
+	if v, ok := ret["err"]; !ok || v != "frr" {
+		t.Errorf("Invalid return from filter - no frr")
+	}
+
+}