Fix CCM Bug in Sec List Rule Management when ipPReserveSource is set to true for NLBs

Author: l-technicore

pkg/cloudprovider/providers/oci/load_balancer.go

@@ -1242,6 +1242,7 @@ func (clb *CloudLoadBalancerProvider) updateBackendSet(ctx context.Context, lbID
 		// For NLB, due to source IP preservation we need to ensure ingress rules from sourceCIDRs are added to
 		// the backends subnet's seclist as well
 		sc.actualPorts = action.OldPorts
+		sc.sourceCIDRs = spec.SourceCIDRs
 		if err = secListManager.Update(ctx, sc); err != nil {
 			return err
 		}

pkg/cloudprovider/providers/oci/load_balancer_security_lists_test.go

@@ -741,12 +741,13 @@ func TestGetNodeIngressRules_NLB(t *testing.T) {
 				HealthCheckerPort: k8sports.ProxyHealthzPort + 1,
 			},
 			services:         []*v1.Service{},
-			isPreserveSource: false,
+			isPreserveSource: true,
 			sourceCIDRs:      []string{"0.0.0.0/0"},
 			expected: []core.IngressSecurityRule{
 				core.IngressSecurityRule{Source: common.String("0.0.0.0/0")},
 				makeIngressSecurityRule("10.0.50.0/24", 8081),
 				makeIngressSecurityRule("10.0.51.0/24", 8081),
+				makeIngressSecurityRule("0.0.0.0/0", 8081),
 				makeIngressSecurityRule("10.0.50.0/24", k8sports.ProxyHealthzPort+1),
 				makeIngressSecurityRule("10.0.51.0/24", k8sports.ProxyHealthzPort+1),
 			},