Assert CNI version greater than equal to 1.0.0

Author: arkadeepsen

go.mod

@@ -29,6 +29,7 @@ require (
 	github.com/apparentlymart/go-cidr v1.1.0
 	github.com/aws/aws-sdk-go v1.50.25
 	github.com/blang/semver/v4 v4.0.0
+	github.com/containernetworking/cni v1.3.0
 	github.com/coreos/stream-metadata-go v0.4.9
 	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc
 	github.com/distribution/distribution/v3 v3.0.0-20230530204932-ba46c769b3d1

go.sum

@@ -266,6 +266,8 @@ github.com/containerd/ttrpc v1.2.6 h1:zG+Kn5EZ6MUYCS1t2Hmt2J4tMVaLSFEJVOraDQwNPC
 github.com/containerd/ttrpc v1.2.6/go.mod h1:YCXHsb32f+Sq5/72xHubdiJRQY9inL4a4ZQrAbN1q9o=
 github.com/containerd/typeurl/v2 v2.2.2 h1:3jN/k2ysKuPCsln5Qv8bzR9cxal8XjkxPogJfSNO31k=
 github.com/containerd/typeurl/v2 v2.2.2/go.mod h1:95ljDnPfD3bAbDJRugOiShd/DlAAsxGtUBhJxIn7SCk=
+github.com/containernetworking/cni v1.3.0 h1:v6EpN8RznAZj9765HhXQrtXgX+ECGebEYEmnuFjskwo=
+github.com/containernetworking/cni v1.3.0/go.mod h1:Bs8glZjjFfGPHMw6hQu82RUgEPNGEaBb9KS5KtNMnJ4=
 github.com/coreos/go-oidc v2.3.0+incompatible h1:+5vEsrgprdLjjQ9FzIKAzQz1wwPD+83hQRfUIPh7rO0=
 github.com/coreos/go-oidc v2.3.0+incompatible/go.mod h1:CgnwVTmzoESiwO9qyAFEMiHoZ1nMCKZlZ9V6mm3/LKc=
 github.com/coreos/go-semver v0.3.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk=

test/extended/networking/network_segmentation.go

@@ -17,8 +17,10 @@ import (
 	"k8s.io/apimachinery/pkg/runtime/schema"
 	"k8s.io/client-go/dynamic"
 
+	cniversion "github.com/containernetworking/cni/pkg/version"
 	nadapi "github.com/k8snetworkplumbingwg/network-attachment-definition-client/pkg/apis/k8s.cni.cncf.io/v1"
 	nadclient "github.com/k8snetworkplumbingwg/network-attachment-definition-client/pkg/client/clientset/versioned/typed/k8s.cni.cncf.io/v1"
+	ovncnitypes "github.com/ovn-org/ovn-kubernetes/go-controller/pkg/cni/types"
 
 	kubeauthorizationv1 "k8s.io/api/authorization/v1"
 	v1 "k8s.io/api/core/v1"
@@ -1524,6 +1526,32 @@ spec:
 `
 }
 
+func assertNADConfig(nad *nadapi.NetworkAttachmentDefinition, expectedLegacyNetworkName, expectedNetworkName, expectedNadName string) {
+	cniConfig := ovncnitypes.NetConf{}
+	err := json.Unmarshal([]byte(nad.Spec.Config), &cniConfig)
+	Expect(err).NotTo(HaveOccurred())
+
+	Expect(cniversion.GreaterThanOrEqualTo(cniConfig.CNIVersion, "1.0.0")).To(BeTrue())
+
+	jsonTemplate := `{
+		"cniVersion":"%s",
+		"type": "ovn-k8s-cni-overlay",
+		"name": "%s",
+		"netAttachDefName": "%s",
+		"topology": "layer2",
+		"role": "secondary",
+		"subnets": "10.100.0.0/16"
+	}`
+
+	nadJSONLegacy := fmt.Sprintf(jsonTemplate, cniConfig.CNIVersion, expectedLegacyNetworkName, expectedNadName)
+	nadJSON := fmt.Sprintf(jsonTemplate, cniConfig.CNIVersion, expectedNetworkName, expectedNadName)
+
+	ExpectWithOffset(1, nad.Spec.Config).To(SatisfyAny(
+		MatchJSON(nadJSONLegacy),
+		MatchJSON(nadJSON),
+	))
+}
+
 func assertNetAttachDefManifest(nadClient nadclient.K8sCniCncfIoV1Interface, namespace, udnName, udnUID string) {
 	nad, err := nadClient.NetworkAttachmentDefinitions(namespace).Get(context.Background(), udnName, metav1.GetOptions{})
 	Expect(err).NotTo(HaveOccurred())
@@ -1539,28 +1567,12 @@ func assertNetAttachDefManifest(nadClient nadclient.K8sCniCncfIoV1Interface, nam
 		Controller:         pointer.Bool(true),
 	}}))
 
-	jsonTemplate := `{
-		"cniVersion":"1.0.0",
-		"type": "ovn-k8s-cni-overlay",
-		"name": "%s",
-		"netAttachDefName": "%s",
-		"topology": "layer2",
-		"role": "secondary",
-		"subnets": "10.100.0.0/16"
-	}`
-
 	// REMOVEME(trozet): after network name has been updated to use underscores in OVNK
 	expectedLegacyNetworkName := namespace + "." + udnName
 	expectedNetworkName := namespace + "_" + udnName
 	expectedNadName := namespace + "/" + udnName
 
-	nadJSONLegacy := fmt.Sprintf(jsonTemplate, expectedLegacyNetworkName, expectedNadName)
-	nadJSON := fmt.Sprintf(jsonTemplate, expectedNetworkName, expectedNadName)
-
-	ExpectWithOffset(1, nad.Spec.Config).To(SatisfyAny(
-		MatchJSON(nadJSONLegacy),
-		MatchJSON(nadJSON),
-	))
+	assertNADConfig(nad, expectedLegacyNetworkName, expectedNetworkName, expectedNadName)
 }
 
 func validateUDNStatusReportsConsumers(client dynamic.Interface, udnNamesapce, udnName, expectedPodName string) error {
@@ -1626,23 +1638,7 @@ func assertClusterNADManifest(nadClient nadclient.K8sCniCncfIoV1Interface, names
 	expectedNetworkName := "cluster_udn_" + udnName
 	expectedNadName := namespace + "/" + udnName
 
-	jsonTemplate := `{
-		"cniVersion":"1.0.0",
-		"type": "ovn-k8s-cni-overlay",
-		"name": "%s",
-		"netAttachDefName": "%s",
-		"topology": "layer2",
-		"role": "secondary",
-		"subnets": "10.100.0.0/16"
-	}`
-
-	nadJSONLegacy := fmt.Sprintf(jsonTemplate, expectedLegacyNetworkName, expectedNadName)
-	nadJSON := fmt.Sprintf(jsonTemplate, expectedNetworkName, expectedNadName)
-
-	ExpectWithOffset(1, nad.Spec.Config).To(SatisfyAny(
-		MatchJSON(nadJSONLegacy),
-		MatchJSON(nadJSON),
-	))
+	assertNADConfig(nad, expectedLegacyNetworkName, expectedNetworkName, expectedNadName)
 }
 
 func validateClusterUDNStatusReportsActiveNamespacesFunc(client dynamic.Interface, cUDNName string, expectedActiveNsNames ...string) func() error {