Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
OCPBUGS-1765: Apply noAllowedAddressPairs on intended subnets only
Before this change, setting `noAllowedAddressPairs` on a machine-pool network could have effect on a different network. Given this example configuration: ```yaml networks: - filter: {} noAllowedAddressPairs: false subnets: - filter: {} uuid: primary-subnet-uuid - filter: {} noAllowedAddressPairs: true subnets: - filter: {} uuid: other-subnet-uuid primarySubnet: primary-subnet-uuid ``` The filter of the second network the array is empty. This means that its `subnet` filter has to be applied without restrictions as to which network it's sitting on. However, the absence of a network filter also meant that the setting `noAllowedAddressPairs` would apply to all networks. With this change, `noAllowedAddressPairs` is applied on a subnet basis, meaning that only ports created in the subnets resulting from the further `subnet` filter actually have their allowed address pairs removed.
- Loading branch information