Attempt to address remaining errors

Author: lyda

pkg/service/model_build_target_group.go

@@ -477,6 +477,8 @@ func (t *defaultModelBuildTask) buildTargetGroupBindingNetworking(_ context.Cont
 				Protocol: &protocolTCP,
 				Port:     &tgPort,
 			})
+		case corev1.Protocol("TCP_UDP"):
+			fallthrough
 		case corev1.ProtocolUDP:
 			ports = append(ports, elbv2api.NetworkingPort{
 				Protocol: &protocolUDP,
@@ -560,18 +562,19 @@ func (t *defaultModelBuildTask) buildTargetGroupBindingNetworkingLegacy(ctx cont
 	trafficSource := loadBalancerSubnetCIDRs
 	defaultRangeUsed := false
 	var trafficPorts []elbv2api.NetworkingPort
-	switch networkingProtocol {
-	case elbv2api.NetworkingProtocolTCP_UDP:
-		tcpProtocol := elbv2api.NetworkingProtocolTCP
-		udpProtocol := elbv2api.NetworkingProtocolUDP
+	if networkingProtocol == elbv2api.NetworkingProtocolUDP || t.preserveClientIP {
 		trafficSource = t.getLoadBalancerSourceRanges(ctx)
 		if len(trafficSource) == 0 {
-			trafficSource, err = t.getDefaultIPSourceRanges(ctx, targetGroupIPAddressType, port.Protocol, scheme)
+			trafficSource, err = t.getDefaultIPSourceRanges(ctx, targetGroupIPAddressType, tgProtocol, scheme)
 			if err != nil {
 				return nil, err
 			}
 			defaultRangeUsed = true
 		}
+	}
+	if networkingProtocol == elbv2api.NetworkingProtocolTCP_UDP {
+		tcpProtocol := elbv2api.NetworkingProtocolTCP
+		udpProtocol := elbv2api.NetworkingProtocolUDP
 		trafficPorts = []elbv2api.NetworkingPort{
 			{
 				Port:     &tgPort,
@@ -582,17 +585,7 @@ func (t *defaultModelBuildTask) buildTargetGroupBindingNetworkingLegacy(ctx cont
 				Protocol: &udpProtocol,
 			},
 		}
-	default:
-		if networkingProtocol == elbv2api.NetworkingProtocolUDP || t.preserveClientIP {
-			trafficSource = t.getLoadBalancerSourceRanges(ctx)
-			if len(trafficSource) == 0 {
-				trafficSource, err = t.getDefaultIPSourceRanges(ctx, targetGroupIPAddressType, port.Protocol, scheme)
-				if err != nil {
-					return nil, err
-				}
-				defaultRangeUsed = true
-			}
-		}
+	} else {
 		trafficPorts = []elbv2api.NetworkingPort{
 			{
 				Port:     &tgPort,
@@ -633,7 +626,7 @@ func (t *defaultModelBuildTask) getDefaultIPSourceRanges(ctx context.Context, ta
 	if targetGroupIPAddressType == elbv2model.TargetGroupIPAddressTypeIPv6 {
 		defaultSourceRanges = t.defaultIPv6SourceRanges
 	}
-	if (protocol == corev1.ProtocolUDP || t.preserveClientIP) && scheme == elbv2model.LoadBalancerSchemeInternal {
+	if (protocol == corev1.Protocol("TCP_UDP") || protocol == corev1.ProtocolUDP || t.preserveClientIP) && scheme == elbv2model.LoadBalancerSchemeInternal {
 		vpcInfo, err := t.vpcInfoProvider.FetchVPCInfo(ctx, t.vpcID, networking.FetchVPCInfoWithoutCache())
 		if err != nil {
 			return nil, err

pkg/service/model_builder_test.go

@@ -2,11 +2,12 @@ package service
 
 import (
 	"context"
-	ec2types "github.com/aws/aws-sdk-go-v2/service/ec2/types"
-	elbv2types "github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2/types"
 	"testing"
 	"time"
 
+	ec2types "github.com/aws/aws-sdk-go-v2/service/ec2/types"
+	elbv2types "github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2/types"
+
 	awssdk "github.com/aws/aws-sdk-go-v2/aws"
 	"github.com/go-logr/logr"
 	"github.com/golang/mock/gomock"
@@ -2289,6 +2290,46 @@ func Test_defaultModelBuilderTask_Build(t *testing.T) {
 {
  "id":"app/tcpudp-protocol",
  "resources":{
+		"AWS::EC2::SecurityGroup":{
+			 "ManagedLBSecurityGroup":{
+					"spec":{
+						 "description":"[k8s] Managed SecurityGroup for LoadBalancer",
+						 "groupName":"k8s-app-tcpudppr-06a9156bf8",
+						 "ingress":[
+						    {
+								   "fromPort":80,
+									 "ipProtocol":"tcp",
+									 "ipRanges":[
+									    {
+											   "cidrIP":"0.0.0.0/0"
+											}
+									 ],
+									 "toPort":80
+								},
+						    {
+								   "fromPort":80,
+									 "ipProtocol":"udp",
+									 "ipRanges":[
+									    {
+											   "cidrIP":"0.0.0.0/0"
+											}
+									 ],
+									 "toPort":80
+								},
+						    {
+								   "fromPort":83,
+									 "ipProtocol":"tcp",
+									 "ipRanges":[
+									    {
+											   "cidrIP":"0.0.0.0/0"
+											}
+									 ],
+									 "toPort":83
+								}
+						 ]
+					}
+			 }
+		},
     "AWS::ElasticLoadBalancingV2::Listener":{
        "80":{
           "spec":{
@@ -2343,6 +2384,11 @@ func Test_defaultModelBuilderTask_Build(t *testing.T) {
              "name":"k8s-app-tcpudppr-2af705447d",
              "type":"network",
              "scheme":"internet-facing",
+						 "securityGroups":[
+								{
+									"$ref":"#/resources/AWS::EC2::SecurityGroup/ManagedLBSecurityGroup/status/groupID"
+								}
+						 ],
              "ipAddressType":"ipv4",
              "subnetMapping":[
                 {
@@ -2369,6 +2415,7 @@ func Test_defaultModelBuilderTask_Build(t *testing.T) {
              "healthCheckConfig":{
                 "port":"traffic-port",
                 "protocol":"TCP",
+								"timeoutSeconds":10,
                 "unhealthyThresholdCount":3,
                 "healthyThresholdCount":3,
                 "intervalSeconds":10
@@ -2391,6 +2438,7 @@ func Test_defaultModelBuilderTask_Build(t *testing.T) {
              "healthCheckConfig":{
                 "port":"traffic-port",
                 "protocol":"TCP",
+								"timeoutSeconds":10,
                 "unhealthyThresholdCount":3,
                 "healthyThresholdCount":3,
                 "intervalSeconds":10
@@ -2418,6 +2466,7 @@ func Test_defaultModelBuilderTask_Build(t *testing.T) {
                       "$ref":"#/resources/AWS::ElasticLoadBalancingV2::TargetGroup/app/tcpudp-protocol:80/status/targetGroupARN"
                    },
                    "targetType":"instance",
+									 "vpcID":"vpc-xxx",
                    "serviceRef":{
                       "name":"tcpudp-protocol",
                       "port":80
@@ -2428,18 +2477,20 @@ func Test_defaultModelBuilderTask_Build(t *testing.T) {
                          {
                             "from":[
                                {
-                                  "ipBlock":{
-                                     "cidr":"0.0.0.0/0"
+																	"securityGroup": {
+																		"groupID": {
+																			"$ref": "#/resources/AWS::EC2::SecurityGroup/ManagedLBSecurityGroup/status/groupID"
+																		}
                                   }
                                }
                             ],
                             "ports":[
                                {
-                                  "protocol":"TCP",
+                                  "protocol":"UDP",
                                   "port":31223
                                },
                                {
-                                  "protocol":"UDP",
+                                  "protocol":"TCP",
                                   "port":31223
                                }
                             ]
@@ -2463,6 +2514,7 @@ func Test_defaultModelBuilderTask_Build(t *testing.T) {
                       "$ref":"#/resources/AWS::ElasticLoadBalancingV2::TargetGroup/app/tcpudp-protocol:83/status/targetGroupARN"
                    },
                    "targetType":"instance",
+									 "vpcID":"vpc-xxx",
                    "serviceRef":{
                       "name":"tcpudp-protocol",
                       "port":83
@@ -2473,8 +2525,10 @@ func Test_defaultModelBuilderTask_Build(t *testing.T) {
                          {
                             "from":[
                                {
-                                  "ipBlock":{
-                                     "cidr":"0.0.0.0/0"
+																	"securityGroup": {
+																		"groupID": {
+																			"$ref": "#/resources/AWS::EC2::SecurityGroup/ManagedLBSecurityGroup/status/groupID"
+																		}
                                   }
                                }
                             ],
@@ -2495,7 +2549,7 @@ func Test_defaultModelBuilderTask_Build(t *testing.T) {
  }
 }
 `,
-			wantNumResources: 7,
+			wantNumResources: 8,
 		},
 		{
 			testName: "list load balancers error",
@@ -3628,7 +3682,7 @@ func Test_defaultModelBuilderTask_Build(t *testing.T) {
                             ],
                             "ports":[
                                {
-								  "port": 80,
+																	"port": 80,
                                   "protocol":"TCP"
                                }
                             ]
@@ -3881,12 +3935,12 @@ func Test_defaultModelBuilderTask_Build(t *testing.T) {
                                }
                             ],
                             "ports":[
-							   {
-							      "port": 80,
+															 {
+																	"port": 80,
                                   "protocol":"TCP"
                                },
-							   {
-							      "port": 8888,
+															 {
+																	"port": 8888,
                                   "protocol":"TCP"
                                }
                             ]
@@ -4520,9 +4574,9 @@ func Test_defaultModelBuilderTask_Build(t *testing.T) {
                             "from":[
                                {
                                   "securityGroup":{
-									"groupID": {
-										"$ref": "#/resources/AWS::EC2::SecurityGroup/ManagedLBSecurityGroup/status/groupID"
-									}
+																		 "groupID": {
+																						 "$ref": "#/resources/AWS::EC2::SecurityGroup/ManagedLBSecurityGroup/status/groupID"
+																		}
                                   }
                                }
                             ],
@@ -4564,8 +4618,8 @@ func Test_defaultModelBuilderTask_Build(t *testing.T) {
                                {
                                   "securityGroup":{
                                      "groupID": {
-									"$ref": "#/resources/AWS::EC2::SecurityGroup/ManagedLBSecurityGroup/status/groupID"
-								 }
+                                       "$ref": "#/resources/AWS::EC2::SecurityGroup/ManagedLBSecurityGroup/status/groupID"
+																		 }
                                   }
                                }
                             ],