def test_IPv6(self): api_server_authorized_ip_ranges = "3ffe:1900:4545:3:200:f8ff:fe21:67cf" namespace = Namespace(api_server_authorized_ip_ranges) err = "--api-server-authorized-ip-ranges cannot be IPv6 addresses" with self.assertRaises(CLIError) as cm: validators.validate_ip_ranges(namespace) self.assertEqual(str(cm.exception), err)
def test_invalid_ip(self): api_server_authorized_ip_ranges = "193.168.0" namespace = Namespace(api_server_authorized_ip_ranges) err = "--api-server-authorized-ip-ranges should be a list of IPv4 addresses or CIDRs" with self.assertRaises(CLIError) as cm: validators.validate_ip_ranges(namespace) self.assertEqual(str(cm.exception), err)
def test_local_ip_address(self): api_server_authorized_ip_ranges = "192.168.0.0,192.168.0.0/16" namespace = Namespace(api_server_authorized_ip_ranges) err = "--api-server-authorized-ip-ranges must be global non-reserved addresses or CIDRs" with self.assertRaises(CLIError) as cm: validators.validate_ip_ranges(namespace) self.assertEqual(str(cm.exception), err)
def test_simultaneous_enable_and_disable_with_spaces(self): # an entry of "", 129.1.1.1.1 from command line is translated into " , 129.1.1.1.1" api_server_authorized_ip_ranges = " , 129.1.1.1.1" namespace = Namespace(api_server_authorized_ip_ranges) err = "--api-server-authorized-ip-ranges cannot be disabled and simultaneously enabled" with self.assertRaises(CLIError) as cm: validators.validate_ip_ranges(namespace) self.assertEqual(str(cm.exception), err)
def test_simultaneous_allow_and_disallow_with_spaces(self): api_server_authorized_ip_ranges = " 0.0.0.0/32 , 129.1.1.1.1 " namespace = Namespace(api_server_authorized_ip_ranges) err = ("Setting --api-server-authorized-ip-ranges to 0.0.0.0/32 is not allowed with other IP ranges." "Refer to https://aka.ms/aks/whitelist for more details") with self.assertRaises(CLIError) as cm: validators.validate_ip_ranges(namespace) self.assertEqual(str(cm.exception), err)
def test_disable_authorized_ip_ranges(self): api_server_authorized_ip_ranges = '' namespace = Namespace(api_server_authorized_ip_ranges) validators.validate_ip_ranges(namespace)