plugin/kubernetes: Don't panic with metadata enabled and pods mode not verified (#3869)

* prevent panic in podWithIP Signed-off-by: Chris O'Haver <cohaver@infoblox.com> * add unit test, correct existing unit test Signed-off-by: Chris O'Haver <cohaver@infoblox.com> * unit tests make more sense this way Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
2020-05-04 04:17:26 -04:00 · 2020-05-04 04:17:26 -04:00 · a5e286ac4e
commit a5e286ac4e
parent 5347bc38e7
2 changed files with 37 additions and 4 deletions
--- a/plugin/kubernetes/autopath.go
+++ b/plugin/kubernetes/autopath.go
@ -51,6 +51,9 @@ func (k *Kubernetes) AutoPath(state request.Request) []string {

 // podWithIP return the api.Pod for source IP. It returns nil if nothing can be found.
 func (k *Kubernetes) podWithIP(ip string) *object.Pod {
+	if k.podMode != podModeVerified {
+		return nil
+	}
 	ps := k.APIConn.PodIndex(ip)
 	if len(ps) == 0 {
 		return nil
--- a/plugin/kubernetes/metadata_test.go
+++ b/plugin/kubernetes/metadata_test.go
@ -32,8 +32,6 @@ var metadataCases = []struct {
 			"kubernetes/port-name":        "*",
 			"kubernetes/protocol":         "*",
 			"kubernetes/service":          "10-240-0-1",
-			"kubernetes/client-namespace": "podns",
-			"kubernetes/client-pod-name":  "foo",
 		},
 	},
 	{
@ -45,8 +43,6 @@ var metadataCases = []struct {
 			"kubernetes/port-name":        "*",
 			"kubernetes/protocol":         "*",
 			"kubernetes/service":          "s",
-			"kubernetes/client-namespace": "podns",
-			"kubernetes/client-pod-name":  "foo",
 		},
 	},
 	{
@ -124,3 +120,37 @@ func TestMetadata(t *testing.T) {
 		}
 	}
 }
+
+func TestMetadataPodsVerified(t *testing.T) {
+	k := New([]string{"cluster.local."})
+	k.podMode = podModeVerified
+	k.APIConn = &APIConnServeTest{}
+
+	ctx := metadata.ContextWithMetadata(context.Background())
+	state := request.Request{
+		Req:  &dns.Msg{Question: []dns.Question{{Name: "s.ns.svc.cluster.local.", Qtype: dns.TypeA}}},
+		Zone: ".",
+		W:    &test.ResponseWriter{},
+	}
+
+	k.Metadata(ctx, state)
+
+	expect := map[string]string{
+		"kubernetes/endpoint":  "",
+		"kubernetes/kind":      "svc",
+		"kubernetes/namespace": "ns",
+		"kubernetes/port-name": "*",
+		"kubernetes/protocol":  "*",
+		"kubernetes/service":   "s",
+		"kubernetes/client-namespace": "podns",
+		"kubernetes/client-pod-name":  "foo",
+	}
+
+	md := make(map[string]string)
+	for _, l := range metadata.Labels(ctx) {
+		md[l] = metadata.ValueFunc(ctx, l)()
+	}
+	if mapsDiffer(expect, md) {
+		t.Errorf("Expected metadata %v and got %v", expect, md)
+	}
+}