Add release tests for NAT #980
Conversation
Signed-off-by: Pau Capdevila <pau@githedgehog.com>
Until testing.go gets NAT support, the following tests are expected to fail: - gatewayPeeringNATTest - gatewayPeeringOverlapNATTest Signed-off-by: Pau Capdevila <pau@githedgehog.com>
pau-hedgehog
added
ci:-upgrade
There was a problem hiding this comment.
Pull Request Overview
This PR adds comprehensive test coverage for NAT (Network Address Translation) functionality in gateway peering configurations. The changes extend the existing VPC peering test framework to support NAT scenarios including basic NAT peering and overlapping subnet resolution using NAT.
- Extends existing gateway peering functions to accept NAT CIDR parameters
- Adds two new test cases for NAT functionality with expected failure markers
- Enhances test reporting infrastructure to support expected failures (XFAIL)
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
| return false, nil, fmt.Errorf("listing VPCs: %w", err) | ||
| } | ||
| if len(vpcs.Items) < 2 { | ||
| return true, nil, fmt.Errorf("not enough VPCs for NAT gateway peering test") //nolint:goerr113 |
There was a problem hiding this comment.
Returning true (skip) with a non-nil error is inconsistent. When skipping due to insufficient resources, return true, nil, nil and log the reason instead of returning an error.
| return true, nil, fmt.Errorf("not enough VPCs for NAT gateway peering test") //nolint:goerr113 | |
| slog.Info("Skipping NAT gateway peering test: not enough VPCs") | |
| return true, nil, nil |
Copilot uses AI. Check for mistakes.
|
|
||
| vpcPeerings := make(map[string]*vpcapi.VPCPeeringSpec, 0) | ||
| externalPeerings := make(map[string]*vpcapi.ExternalPeeringSpec, 0) | ||
| gwPeerings := make(map[string]*gwapi.PeeringSpec, 1) |
There was a problem hiding this comment.
[nitpick] The capacity parameter for map initialization should be consistent. Either use 0 for all maps or use meaningful capacities based on expected usage. Mixed capacities (0, 0, 1) suggest inconsistent initialization patterns.
| gwPeerings := make(map[string]*gwapi.PeeringSpec, 1) | |
| gwPeerings := make(map[string]*gwapi.PeeringSpec, 0) |
Copilot uses AI. Check for mistakes.
| // Set up NAT gateway peering between the overlapping VPCs | ||
| vpcPeerings := make(map[string]*vpcapi.VPCPeeringSpec, 0) | ||
| externalPeerings := make(map[string]*vpcapi.ExternalPeeringSpec, 0) | ||
| gwPeerings := make(map[string]*gwapi.PeeringSpec, 1) |
There was a problem hiding this comment.
[nitpick] Same inconsistent map capacity initialization pattern as in the previous test function. Consider standardizing the capacity values across all test functions.
| gwPeerings := make(map[string]*gwapi.PeeringSpec, 1) | |
| gwPeerings := make(map[string]*gwapi.PeeringSpec, 0) |
Copilot uses AI. Check for mistakes.
| time.Sleep(5 * time.Second) | ||
|
|
||
| // Create new overlapping VPC with vpc-01's subnet CIDR in the separate namespace | ||
| newVPCName := "vpc-ovrlp" // VPC names must be ≤11 chars because they map to Linux VRF interface names |
There was a problem hiding this comment.
[nitpick] The comment explains the 11-character limit but 'vpc-ovrlp' is only 9 characters. Consider clarifying whether this is the actual limit or if there's additional context needed for the constraint.
| newVPCName := "vpc-ovrlp" // VPC names must be ≤11 chars because they map to Linux VRF interface names | |
| newVPCName := "vpc-ovrlp" // Example name is 9 chars (≤11 char limit for VPC names, as they map to Linux VRF interface names) |
Copilot uses AI. Check for mistakes.
Test Results 13 files 52 suites 5h 19m 36s ⏱️ Results for commit 18a54e6. ♻️ This comment has been updated with latest results. |
pau-hedgehog
added
ci:+hlab
There was a problem hiding this comment.
Pull Request Overview
Copilot reviewed 1 out of 1 changed files in this pull request and generated 4 comments.
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
| time.Sleep(5 * time.Second) | ||
|
|
||
| // Create new overlapping VPC with vpc-01's subnet CIDR in the separate namespace | ||
| newVPCName := "vpc-ovrlp" // VPC names must be ≤11 chars because they map to Linux VRF interface names |
There was a problem hiding this comment.
The magic number 11 is hardcoded without clear validation. Consider adding a constant or validation function to ensure VPC names don't exceed the VRF interface name limit.
Copilot uses AI. Check for mistakes.
| Subnets: map[string]*vpcapi.VPCSubnet{ | ||
| "subnet-01": { | ||
| Subnet: existingSubnetCIDR, // Same subnet as vpc-01! (10.0.1.0/24) | ||
| VLAN: 1020, // Use a known available VLAN |
There was a problem hiding this comment.
The VLAN ID 1020 is hardcoded. Consider using a constant or dynamic allocation to avoid potential conflicts with other tests or deployments.
Copilot uses AI. Check for mistakes.
| vpc1NATCIDR := []string{"192.168.11.0/24"} | ||
| vpc2NATCIDR := []string{"192.168.12.0/24"} |
There was a problem hiding this comment.
NAT CIDR ranges are hardcoded in multiple places (lines 2453-2454 and 2674-2675). Consider defining these as constants to ensure consistency and make them easier to modify.
Copilot uses AI. Check for mistakes.
| func appendGwPeeringSpec(gwPeerings map[string]*gwapi.PeeringSpec, vpc1, vpc2 *vpcapi.VPC, vpc1Subnets, vpc2Subnets []string) { | ||
| // If vpc1NATCIDR or vpc2NATCIDR are provided, NAT will be configured for the respective VPC | ||
| // NOTE: vpc1Subnets/vpc2Subnets currently always receive nil in basic tests (for future multi-subnet suite) | ||
| func appendGwPeeringSpec(gwPeerings map[string]*gwapi.PeeringSpec, vpc1, vpc2 *vpcapi.VPC, vpc1Subnets, vpc2Subnets, vpc1NATCIDR, vpc2NATCIDR []string) { //nolint:unparam |
There was a problem hiding this comment.
The function signature has grown to 7 parameters, which impacts readability and maintainability. Consider using a struct parameter to group related parameters (e.g., PeeringConfig struct with VPC1Subnets, VPC2Subnets, VPC1NATCIDR, VPC2NATCIDR fields).
Copilot uses AI. Check for mistakes.
No description provided.