func()

in pkg/config/config.go [211:236]

• 26 lines of code
• 11 McCabe index (conditional complexity)

func (r IPTablesRuleConfig) Ensure(enabled bool) error {
	var err error
	if err = r.Spec.ensure(enabled); err != nil {
		return err
	}
	if enabled {
		for _, rs := range r.RuleSpecs {
			err = r.IPT.AppendUnique(r.Spec.TableName, r.Spec.ChainName, rs...)
			if err != nil {
				glog.Errorf("failed to append rule %v in table %s chain %s: %v", rs, r.Spec.TableName, r.Spec.ChainName, err)
				return err
			}
		}
	} else if r.Spec.IsDefaultChain {
		for _, rs := range r.RuleSpecs {
			if err := r.IPT.Delete(r.Spec.TableName, r.Spec.ChainName, rs...); err != nil {
				if eerr, eok := err.(*iptables.Error); !eok || eerr.ExitStatus() != 2 {
					if !strings.Contains(eerr.Error(), "No chain/target/match") {
						return err
					}
				}
			}
		}
	}
	return nil
}