Browse Source

Fix iteration over remote_ip_prefixes field

The remote_ip_prefixes filed of a KuryrNetPolicy has the
format: {'remote_ip_prefixes': {'pod_ip': 'np-namespace'}}.
Right now, we're iterating over each remote_ip_prefixes
dicts and retrieving its keys and values without fetching the
dict items causing a ValueError. This commit fixes the
issue by iterating over the dict items.

Closes-bug: 1858301

Change-Id: Ic40878a830bcc32da06c0ab2763f593595e81bf2
changes/00/701100/4
Maysa Macedo 1 year ago
committed by Luis Tomas Bolivar
parent
commit
674344b182
1 changed files with 3 additions and 3 deletions
  1. +3
    -3
      kuryr_kubernetes/controller/drivers/network_policy_security_groups.py

+ 3
- 3
kuryr_kubernetes/controller/drivers/network_policy_security_groups.py View File

@ -380,12 +380,12 @@ def _parse_rules_on_delete_namespace(rule_list, direction, ns_name):
LOG.debug('Parsing %(dir)s Rule %(r)s', {'dir': direction,
'r': rule})
rule_namespace = rule.get('namespace', None)
remote_ip_prefixes = rule.get('remote_ip_prefixes', [])
remote_ip_prefixes = rule.get('remote_ip_prefixes', {})
if rule_namespace and rule_namespace == ns_name:
matched = True
driver_utils.delete_security_group_rule(
rule['security_group_rule']['id'])
for remote_ip, namespace in remote_ip_prefixes:
for remote_ip, namespace in list(remote_ip_prefixes.items()):
if namespace == ns_name:
matched = True
remote_ip_prefixes.pop(remote_ip)
@ -405,7 +405,7 @@ def _parse_rules_on_delete_pod(rule_list, direction, pod_ip):
'r': rule})
remote_ip_prefix = rule['security_group_rule'].get(
'remote_ip_prefix')
remote_ip_prefixes = rule.get('remote_ip_prefixes', [])
remote_ip_prefixes = rule.get('remote_ip_prefixes', {})
if remote_ip_prefix and remote_ip_prefix == pod_ip:
matched = True
driver_utils.delete_security_group_rule(


Loading…
Cancel
Save