networkservicemesh · denis-tingaikin · Oct 17, 2024 · Oct 11, 2024 · Oct 11, 2024 · Oct 11, 2024
diff --git a/.golangci.yml b/.golangci.yml
@@ -37,7 +37,7 @@ linters-settings:
     threshold: 150
   funlen:
     Lines: 175
-    Statements: 90
+    Statements: 100
   goconst:
     min-len: 2
     min-occurrences: 2

diff --git a/internal/pkg/imports/imports_linux.go b/internal/pkg/imports/imports_linux.go
@@ -25,7 +25,6 @@ import (
 	_ "github.com/networkservicemesh/sdk/pkg/networkservice/common/policyroute"
 	_ "github.com/networkservicemesh/sdk/pkg/networkservice/connectioncontext/dnscontext"
 	_ "github.com/networkservicemesh/sdk/pkg/networkservice/ipam/groupipam"
-	_ "github.com/networkservicemesh/sdk/pkg/networkservice/ipam/point2pointipam"
 	_ "github.com/networkservicemesh/sdk/pkg/networkservice/ipam/strictipam"
 	_ "github.com/networkservicemesh/sdk/pkg/registry/chains/client"
 	_ "github.com/networkservicemesh/sdk/pkg/registry/common/authorize"
@@ -71,7 +70,6 @@ import (
 	_ "os"
 	_ "os/signal"
 	_ "path/filepath"
-	_ "strings"
 	_ "sync/atomic"
 	_ "syscall"
 	_ "testing"

diff --git a/main.go b/main.go
@@ -34,7 +34,6 @@ import (
 	"os"
 	"os/signal"
 	"path/filepath"
-	"strings"
 	"sync/atomic"
 	"syscall"
 	"time"
@@ -67,7 +66,6 @@ import (
 	"github.com/networkservicemesh/sdk/pkg/networkservice/common/policyroute"
 	"github.com/networkservicemesh/sdk/pkg/networkservice/connectioncontext/dnscontext"
 	"github.com/networkservicemesh/sdk/pkg/networkservice/ipam/groupipam"
-	"github.com/networkservicemesh/sdk/pkg/networkservice/ipam/point2pointipam"
 	"github.com/networkservicemesh/sdk/pkg/networkservice/ipam/strictipam"
 	registryclient "github.com/networkservicemesh/sdk/pkg/registry/chains/client"
 	registryauthorize "github.com/networkservicemesh/sdk/pkg/registry/common/authorize"
@@ -94,7 +92,7 @@ type Config struct {
 	ConnectTo              url.URL           `default:"unix:///var/lib/networkservicemesh/nsm.io.sock" desc:"url to connect to" split_words:"true"`
 	MaxTokenLifetime       time.Duration     `default:"10m" desc:"maximum lifetime of tokens" split_words:"true"`
 	RegistryClientPolicies []string          `default:"etc/nsm/opa/common/.*.rego,etc/nsm/opa/registry/.*.rego,etc/nsm/opa/client/.*.rego" desc:"paths to files and directories that contain registry client policies" split_words:"true"`
-	IPAMPolicy             ipamPolicyFunc    `default:"polite" desc:"defines NSE's IPAM Policy. Possible values: polite, strict. Polite policy accepts any addresses sent by client. Strict policy resets ip_context if any of the client's addresses doesn't match endpoint's CIDR." split_words:"true"`
+	IPAMPolicy             string            `default:"polite" desc:"defines NSE's IPAM Policy. Possible values: polite, strict. Polite policy accepts any addresses sent by client. Strict policy resets ip_context if any of the client's addresses doesn't match endpoint's CIDR." split_words:"true"`
-	IPAMPolicy             string            `default:"polite" desc:"defines NSE's IPAM Policy. Possible values: polite, strict. Polite policy accepts any addresses sent by client. Strict policy resets ip_context if any of the client's addresses doesn't match endpoint's CIDR." split_words:"true"`
+	IPAMPolicy             newIPAMFunc            `default:"polite" desc:"defines NSE's IPAM Policy. Possible values: polite, strict. Polite policy accepts any addresses sent by client. Strict policy resets ip_context if any of the client's addresses doesn't match endpoint's CIDR." split_words:"true"`
-	IPAMPolicy             string            `default:"polite" desc:"defines NSE's IPAM Policy. Possible values: polite, strict. Polite policy accepts any addresses sent by client. Strict policy resets ip_context if any of the client's addresses doesn't match endpoint's CIDR." split_words:"true"`
+	IPAMPolicy             newIPAMFunc            `default:"polite" desc:"defines NSE's IPAM Policy. Possible values: polite, strict. Polite policy accepts any addresses sent by client. Strict policy resets ip_context if any of the client's addresses doesn't match endpoint's CIDR." split_words:"true"`
 	ServiceNames           []string          `default:"icmp-responder" desc:"Name of provided services" split_words:"true"`
 	Payload                string            `default:"ETHERNET" desc:"Name of provided service payload" split_words:"true"`
 	Labels                 map[string]string `default:"" desc:"Endpoint labels"`
@@ -111,23 +109,6 @@ type Config struct {
 	PprofListenOn          string            `default:"localhost:6060" desc:"pprof URL to ListenAndServe" split_words:"true"`
 }
 
-
+type newIPAMFunc func(...*net.IPNet) networkservice.NetworkServiceServer
+
+// Decode takes a string IPAM Policy and returns the IPAM Policy func
+func (f *newIPAMFunc) Decode(policy string) error {
+
+	switch config.IPAMPolicy {
+	case "strict":
+	   *f = func(cidrPrefix [][]*net.IPNet) {
+	  var  ipnetList []*net.IPNet
+	for _, group := range cidrPrefix {
+		ipnetList = append(ipnetList, group...)
+	}
+		return strictipam.NewServer(func(i ...*net.IPNet) networkservice.NetworkServiceServer {
+			return groupipam.NewServer(cidrPrefix)
+		}, ipnetList...)
+	case "polite":
+			   *f = func(cidrPrefix [][]*net.IPNet) { 
+			   return groupipam.NewServer(cidrPrefix)
+			  }
+	default:
+		logrus.Fatalf("not a valid IPAM Policy: %s", config.IPAMPolicy)
+	}
+}
-
+type newIPAMFunc func(...*net.IPNet) networkservice.NetworkServiceServer
+
+// Decode takes a string IPAM Policy and returns the IPAM Policy func
+func (f *newIPAMFunc) Decode(policy string) error {
+
+	switch config.IPAMPolicy {
+	case "strict":
+	   *f = func(cidrPrefix [][]*net.IPNet) {
+	  var  ipnetList []*net.IPNet
+	for _, group := range cidrPrefix {
+		ipnetList = append(ipnetList, group...)
+	}
+		return strictipam.NewServer(func(i ...*net.IPNet) networkservice.NetworkServiceServer {
+			return groupipam.NewServer(cidrPrefix)
+		}, ipnetList...)
+	case "polite":
+			   *f = func(cidrPrefix [][]*net.IPNet) { 
+			   return groupipam.NewServer(cidrPrefix)
+			  }
+	default:
+		logrus.Fatalf("not a valid IPAM Policy: %s", config.IPAMPolicy)
+	}
+}
-type ipamPolicyFunc func(...*net.IPNet) networkservice.NetworkServiceServer
-
-// Decode takes a string IPAM Policy and returns the IPAM Policy func
-func (f *ipamPolicyFunc) Decode(policy string) error {
-	switch strings.ToLower(policy) {
-	case "strict":
-		*f = func(prefixes ...*net.IPNet) networkservice.NetworkServiceServer {
-			return strictipam.NewServer(point2pointipam.NewServer, prefixes...)
-		}
-		return nil
-	case "polite":
-		*f = point2pointipam.NewServer
-		return nil
-	}
-	return errors.Errorf("not a valid IPAM Policy: %s", policy)
-}
-
 // Process prints and processes env to config
 func (c *Config) Process() error {
 	if err := envconfig.Usage("nsm", c); err != nil {
@@ -239,13 +220,30 @@ func main() {
 
 	tokenServer := getSriovTokenServerChainElement(ctx)
 
+	ipnetList := []*net.IPNet{}
+	for _, group := range config.CidrPrefix {
+		ipnetList = append(ipnetList, group...)
+	}
+	var IPAMServer networkservice.NetworkServiceServer
+
+	switch config.IPAMPolicy {
+	case "strict":
+		IPAMServer = strictipam.NewServer(func(i ...*net.IPNet) networkservice.NetworkServiceServer {
+			return groupipam.NewServer(config.CidrPrefix)
+		}, ipnetList...)
+	case "polite":
+		IPAMServer = groupipam.NewServer(config.CidrPrefix)
+	default:
+		logrus.Fatalf("not a valid IPAM Policy: %s", config.IPAMPolicy)
+	}
-	ipnetList := []*net.IPNet{}
-	for _, group := range config.CidrPrefix {
-		ipnetList = append(ipnetList, group...)
-	}
-	var IPAMServer networkservice.NetworkServiceServer
-
-	switch config.IPAMPolicy {
-	case "strict":
-		IPAMServer = strictipam.NewServer(func(i ...*net.IPNet) networkservice.NetworkServiceServer {
-			return groupipam.NewServer(config.CidrPrefix)
-		}, ipnetList...)
-	case "polite":
-		IPAMServer = groupipam.NewServer(config.CidrPrefix)
-	default:
-		logrus.Fatalf("not a valid IPAM Policy: %s", config.IPAMPolicy)
-	}
-	ipnetList := []*net.IPNet{}
-	for _, group := range config.CidrPrefix {
-		ipnetList = append(ipnetList, group...)
-	}
-	var IPAMServer networkservice.NetworkServiceServer
-
-	switch config.IPAMPolicy {
-	case "strict":
-		IPAMServer = strictipam.NewServer(func(i ...*net.IPNet) networkservice.NetworkServiceServer {
-			return groupipam.NewServer(config.CidrPrefix)
-		}, ipnetList...)
-	case "polite":
-		IPAMServer = groupipam.NewServer(config.CidrPrefix)
-	default:
-		logrus.Fatalf("not a valid IPAM Policy: %s", config.IPAMPolicy)
-	}
+
 	responderEndpoint := endpoint.NewServer(ctx,
 		spiffejwt.TokenGeneratorFunc(source, config.MaxTokenLifetime),
 		endpoint.WithName(config.Name),
 		endpoint.WithAuthorizeServer(authorize.NewServer()),
 		endpoint.WithAdditionalFunctionality(
 			onidle.NewServer(ctx, cancel, config.IdleTimeout),
-			groupipam.NewServer(config.CidrPrefix, groupipam.WithCustomIPAMServer(config.IPAMPolicy)),
+			IPAMServer,
-			IPAMServer,
+			config.newIPAMFunc(config.CidrPrefix),
-			IPAMServer,
+			config.newIPAMFunc(config.CidrPrefix),
 			policyroute.NewServer(newPolicyRoutesGetter(ctx, config.PBRConfigPath).Get),
 			mechanisms.NewServer(map[string]networkservice.NetworkServiceServer{
 				kernelmech.MECHANISM: kernel.NewServer(),