Sort CIDRs.

metal-stack · Sep 9, 2024 · 920033e · 920033e
1 parent ef22b35
commit 920033e
Show file tree

Hide file tree

Showing 2 changed files with 99 additions and 0 deletions.
diff --git a/controllers/set/infrastructure_status.go b/controllers/set/infrastructure_status.go
@@ -5,6 +5,7 @@ import (
 	"fmt"
 	"net/netip"
 	"slices"
+	"sort"
 	"strings"
 
 	v2 "github.com/metal-stack/firewall-controller-manager/api/v2"
@@ -99,6 +100,9 @@ func (c *controller) updateInfrastructureStatus(r *controllers.Ctx[*v2.FirewallS
 		}
 	}
 
+	sortUntypedStringSlice(egressCIDRs)
+	sortUntypedStringSlice(typedInfra.Status.EgressCIDRs)
+
 	// check if an update is required or not
 	if slices.Equal(egressCIDRs, typedInfra.Status.EgressCIDRs) {
 		c.log.Info("found gardener infrastructure resource, egress cidrs already up-to-date", "infrastructure-name", infraObj.GetName(), "egress-cidrs", egressCIDRs)
@@ -138,3 +142,14 @@ func extractInfrastructureNameFromSeedNamespace(namespace string) (string, bool)
 
 	return strings.Join(parts[2:], "--"), true
 }
+
+func sortUntypedStringSlice(s []any) {
+	sort.Slice(s, func(i, j int) bool {
+		a, aok := s[i].(string)
+		b, bok := s[j].(string)
+		if aok && bok {
+			return a < b
+		}
+		return false
+	})
+}
diff --git a/controllers/set/infrastructure_status_test.go b/controllers/set/infrastructure_status_test.go
@@ -328,6 +328,90 @@ func Test_controller_updateInfrastructureStatus(t *testing.T) {
 			},
 			wantErr: nil,
 		},
+		{
+			name: "skip update on different order of ip elements in slice",
+			objs: func() []client.Object {
+				return []client.Object{
+					&unstructured.Unstructured{
+						Object: map[string]any{
+							"apiVersion": "extensions.gardener.cloud/v1alpha1",
+							"kind":       "Infrastructure",
+							"metadata": map[string]any{
+								"name":            "mycluster1",
+								"namespace":       testNamespace,
+								"resourceVersion": "999",
+							},
+							"spec": map[string]any{
+								"providerConfig": map[string]any{
+									"apiVersion": "metal.provider.extensions.gardener.cloud/v1alpha1",
+									"firewall": map[string]any{
+										"controllerVersion": "auto",
+									},
+								},
+							},
+							"status": map[string]any{
+								"phase":       "foo",
+								"egressCIDRs": []any{"1.1.1.2/32", "1.1.1.1/32"},
+							},
+						},
+					},
+				}
+			},
+			ownedFirewalls: []*v2.Firewall{
+				{
+					Status: v2.FirewallStatus{
+						FirewallNetworks: []v2.FirewallNetwork{
+							{
+								NetworkType: pointer.Pointer("external"),
+								IPs:         []string{"1.1.1.1"},
+							},
+							{
+								NetworkType: pointer.Pointer("underlay"),
+								IPs:         []string{"10.8.0.4"},
+							},
+						},
+					},
+				},
+				{
+					Status: v2.FirewallStatus{
+						FirewallNetworks: []v2.FirewallNetwork{
+							{
+								NetworkType: pointer.Pointer("external"),
+								IPs:         []string{"1.1.1.2"},
+							},
+							{
+								NetworkType: pointer.Pointer("underlay"),
+								IPs:         []string{"10.8.0.5"},
+							},
+						},
+					},
+				},
+			},
+			want: &unstructured.Unstructured{
+				Object: map[string]any{
+					"apiVersion": "extensions.gardener.cloud/v1alpha1",
+					"kind":       "Infrastructure",
+					"metadata": map[string]any{
+						"name":            "mycluster1",
+						"namespace":       testNamespace,
+						"resourceVersion": "999",
+					},
+					"spec": map[string]any{
+						"providerConfig": map[string]any{
+							"apiVersion": "metal.provider.extensions.gardener.cloud/v1alpha1",
+							"firewall": map[string]any{
+								"controllerVersion": "auto",
+							},
+						},
+					},
+					"status": map[string]any{
+						"phase":       "foo",
+						"egressCIDRs": []any{"1.1.1.2/32", "1.1.1.1/32"},
+					},
+				},
+			},
+			wantErr: nil,
+		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {