def fin():
print("Clean up the JWT Secrets Application:")
delete_common_app(kube_apis, "simple", test_namespace)
delete_items_from_yaml(
kube_apis,
f"{TEST_DATA}/jwt-secrets/{request.param}/jwt-secrets-ingress.yaml",
test_namespace)
def fin():
print("Clean up HSTS Example:")
delete_common_app(kube_apis.v1, kube_apis.apps_v1_api, common_app,
test_namespace)
delete_items_from_yaml(
kube_apis, f"{TEST_DATA}/hsts/{request.param}/hsts-ingress.yaml",
test_namespace)
def fin():
print("Clean up:")
delete_ap_policy(kube_apis.custom_objects, pol_name, test_namespace)
delete_ap_logconf(kube_apis.custom_objects, log_name, test_namespace)
delete_common_app(kube_apis, "simple", test_namespace)
src_sec_yaml = f"{TEST_DATA}/appprotect/appprotect-secret.yaml"
delete_items_from_yaml(kube_apis, src_sec_yaml, test_namespace)
def fin():
print("Clean up Wildcard-Tls-Secret-Example:")
delete_items_from_yaml(
kube_apis,
f"{TEST_DATA}/wildcard-tls-secret/{ing_type}/wildcard-secret-ingress.yaml",
test_namespace)
delete_common_app(kube_apis, "simple", test_namespace)
def fin():
print("Clean up Virtual Server Example:")
delete_virtual_server(kube_apis.custom_objects, vs_name,
test_namespace)
if request.param['app_type']:
delete_common_app(kube_apis, request.param['app_type'],
test_namespace)
def fin():
print("Clean up the Smoke Application:")
delete_common_app(kube_apis, "simple", test_namespace)
delete_items_from_yaml(
kube_apis, f"{TEST_DATA}/smoke/{request.param}/smoke-ingress.yaml",
test_namespace)
delete_secret(kube_apis.v1, secret_name, test_namespace)
def fin():
print("Clean up simple app")
delete_common_app(kube_apis, "simple", test_namespace)
delete_items_from_yaml(
kube_apis, f"{TEST_DATA}/smoke/standard/smoke-ingress.yaml",
test_namespace)
delete_secret(kube_apis.v1, secret_name, test_namespace)
def fin():
print("Clean up:")
delete_ap_policy(kube_apis.custom_objects, pol_name, test_namespace)
delete_ap_logconf(kube_apis.custom_objects, log_name, test_namespace)
delete_common_app(kube_apis, "simple", test_namespace)
src_sec_yaml = f"{TEST_DATA}/appprotect/appprotect-secret.yaml"
delete_items_from_yaml(kube_apis, src_sec_yaml, test_namespace)
write_to_json(f"reload-{get_test_file_name(request.node.fspath)}.json", reload_times)
def fin():
print("Clean up the JWT Secrets Application:")
delete_common_app(kube_apis.v1, kube_apis.extensions_v1_beta1,
common_app, test_namespace)
delete_items_from_yaml(
kube_apis.extensions_v1_beta1,
f"{TEST_DATA}/jwt-secrets/{request.param}/jwt-secrets-ingress.yaml",
test_namespace)
def fin():
print("Clean up Wildcard-Tls-Secret-Example:")
delete_items_from_yaml(
kube_apis.extensions_v1_beta1,
f"{TEST_DATA}/wildcard-tls-secret/{ing_type}/wildcard-secret-ingress.yaml",
test_namespace)
delete_common_app(kube_apis.v1, kube_apis.extensions_v1_beta1,
common_app, test_namespace)
def fin():
print("Clean up:")
delete_items_from_yaml(kube_apis, src_sec_yaml, test_namespace)
replace_configmap_from_yaml(kube_apis.v1,
ingress_controller_prerequisites.config_map['metadata']['name'],
ingress_controller_prerequisites.namespace,
f"{DEPLOYMENTS}/common/nginx-config.yaml")
delete_common_app(kube_apis, app_name, test_namespace)
def fin():
print("Clean up the Smoke Application:")
delete_common_app(kube_apis, "simple", test_namespace)
delete_items_from_yaml(
kube_apis, f"{TEST_DATA}/smoke/{request.param}/smoke-ingress.yaml",
test_namespace)
delete_secret(kube_apis.v1, secret_name, test_namespace)
write_to_json(f"reload-{get_test_file_name(request.node.fspath)}.json",
reload_times)
def fin():
print("Clean up:")
delete_dos_policy(kube_apis.custom_objects, pol_name, test_namespace)
delete_dos_logconf(kube_apis.custom_objects, log_name, test_namespace)
delete_dos_protected(kube_apis.custom_objects, protected_name,
test_namespace)
delete_common_app(kube_apis, "dos", test_namespace)
delete_items_from_yaml(kube_apis, src_sec_yaml, test_namespace)
write_to_json(f"reload-{get_test_file_name(request.node.fspath)}.json",
reload_times)
def fin():
print("Clean up Annotations Example:")
replace_configmap_from_yaml(kube_apis.v1,
ingress_controller_prerequisites.config_map['metadata']['name'],
ingress_controller_prerequisites.namespace,
f"{DEPLOYMENTS}/common/nginx-config.yaml")
delete_common_app(kube_apis.v1, kube_apis.apps_v1_api, common_app, test_namespace)
delete_items_from_yaml(kube_apis,
f"{TEST_DATA}/annotations/{request.param}/annotations-ingress.yaml",
test_namespace)
def backend_setup(request, kube_apis, ingress_controller_prerequisites,
test_namespace):
"""
Replace the ConfigMap and deploy the secret.
:param request: pytest fixture
:param kube_apis: client apis
:param test_namespace:
"""
app_name = request.param.get("app_type")
try:
print(
"------------------------- Replace ConfigMap with HTTP2 -------------------------"
)
cm_source = f"{TEST_DATA}/virtual-server-grpc/nginx-config.yaml"
replace_configmap_from_yaml(
kube_apis.v1,
ingress_controller_prerequisites.config_map['metadata']['name'],
ingress_controller_prerequisites.namespace, cm_source)
print(
"------------------------- Deploy Secret -----------------------------"
)
src_sec_yaml = f"{TEST_DATA}/virtual-server-grpc/tls-secret.yaml"
create_secret_from_yaml(kube_apis.v1, test_namespace, src_sec_yaml)
print(
"------------------------- Deploy App -----------------------------"
)
app_name = request.param.get("app_type")
create_example_app(kube_apis, app_name, test_namespace)
wait_until_all_pods_are_ready(kube_apis.v1, test_namespace)
except Exception as ex:
print("Failed to complete setup, cleaning up..")
delete_items_from_yaml(kube_apis, src_sec_yaml, test_namespace)
replace_configmap_from_yaml(
kube_apis.v1,
ingress_controller_prerequisites.config_map['metadata']['name'],
ingress_controller_prerequisites.namespace,
f"{DEPLOYMENTS}/common/nginx-config.yaml")
delete_common_app(kube_apis, app_name, test_namespace)
pytest.fail(f"VS GRPC setup failed")
def fin():
print("Clean up:")
delete_items_from_yaml(kube_apis, src_sec_yaml, test_namespace)
replace_configmap_from_yaml(
kube_apis.v1,
ingress_controller_prerequisites.config_map['metadata']['name'],
ingress_controller_prerequisites.namespace,
f"{DEPLOYMENTS}/common/nginx-config.yaml")
delete_common_app(kube_apis, app_name, test_namespace)
request.addfinalizer(fin)
def fin():
print("Clean up:")
delete_ap_policy(kube_apis.custom_objects, pol_name, test_namespace)
delete_ap_logconf(kube_apis.custom_objects, log_name, test_namespace)
delete_common_app(kube_apis, "simple", test_namespace)
src_sec_yaml = f"{TEST_DATA}/appprotect/appprotect-secret.yaml"
delete_items_from_yaml(kube_apis, src_sec_yaml, test_namespace)
with open("reload_ap.json", "w+") as f:
json.dump(reload_ap, f, ensure_ascii=False, indent=4)
with open("reload_ap_path.json", "w+") as f:
json.dump(reload_ap_path, f, ensure_ascii=False, indent=4)
with open("reload_ap_with_ingress.json", "w+") as f:
json.dump(reload_ap_with_ingress, f, ensure_ascii=False, indent=4)
def fin():
print("Clean up:")
delete_items_from_yaml(kube_apis, src_syslog_yaml, test_namespace)
delete_items_from_yaml(kube_apis, src_ing_yaml, test_namespace)
delete_ap_policy(kube_apis.custom_objects, pol_name, test_namespace)
delete_ap_logconf(kube_apis.custom_objects, log_name, test_namespace)
delete_common_app(kube_apis, "grpc", test_namespace)
delete_items_from_yaml(kube_apis, src_sec_yaml, test_namespace)
replace_configmap_from_yaml(
kube_apis.v1,
ingress_controller_prerequisites.config_map['metadata']['name'],
ingress_controller_prerequisites.namespace,
f"{DEPLOYMENTS}/common/nginx-config.yaml")
def fin():
print("Delete Master Secret:")
if is_secret_present(kube_apis.v1, master_secret_name, test_namespace):
delete_secret(kube_apis.v1, master_secret_name, test_namespace)
print("Delete Minion Secret:")
if is_secret_present(kube_apis.v1, minion_secret_name, test_namespace):
delete_secret(kube_apis.v1, minion_secret_name, test_namespace)
print("Clean up the JWT Auth Mergeable Minions Application:")
delete_common_app(kube_apis.v1, kube_apis.extensions_v1_beta1, common_app, test_namespace)
delete_items_from_yaml(kube_apis.extensions_v1_beta1, f"{TEST_DATA}/jwt-auth-mergeable/mergeable/jwt-auth-ingress.yaml",
test_namespace)
def fin():
print("Delete Master Secret:")
if is_secret_present(kube_apis.v1, master_secret_name, test_namespace):
delete_secret(kube_apis.v1, master_secret_name, test_namespace)
print("Delete Minion Secret:")
if is_secret_present(kube_apis.v1, minion_secret_name, test_namespace):
delete_secret(kube_apis.v1, minion_secret_name, test_namespace)
print("Clean up the JWT Auth Mergeable Minions Application:")
delete_common_app(kube_apis, "simple", test_namespace)
delete_items_from_yaml(kube_apis, f"{TEST_DATA}/jwt-auth-mergeable/mergeable/jwt-auth-ingress.yaml",
test_namespace)
def cleanup(kube_apis, ingress_controller_prerequisites, src_pol_name,
test_namespace, vs_or_vsr, vs_name, vsr) -> None:
vsr_namespace = test_namespace if vs_or_vsr == "vs" else vsr.namespace
replace_configmap_from_yaml(
kube_apis.v1,
ingress_controller_prerequisites.config_map['metadata']['name'],
ingress_controller_prerequisites.namespace,
f"{DEPLOYMENTS}/common/nginx-config.yaml")
delete_ap_logconf(kube_apis.custom_objects, log_name, test_namespace)
delete_ap_policy(kube_apis.custom_objects, ap_pol_name, test_namespace)
delete_policy(kube_apis.custom_objects, src_pol_name, vsr_namespace)
delete_common_app(kube_apis, "grpc-vs", vsr_namespace)
delete_items_from_yaml(kube_apis, src_syslog_yaml, test_namespace)
if vs_or_vsr == "vs":
delete_virtual_server(kube_apis.custom_objects, vs_name,
test_namespace)
delete_items_from_yaml(kube_apis, src_vs_sec_yaml, test_namespace)
elif vs_or_vsr == "vsr":
print("Delete test namespaces")
delete_namespace(kube_apis.v1, vsr.namespace)
def fin():
print("Clean up Wildcard-Tls-Secret-Example:")
delete_items_from_yaml(kube_apis.extensions_v1_beta1,
f"{TEST_DATA}/wildcard-tls-secret/{ing_type}/wildcard-secret-ingress.yaml",
test_namespace)
delete_common_app(kube_apis.v1, kube_apis.extensions_v1_beta1, common_app, test_namespace)
def fin():
print("Clean up the Smoke Application:")
delete_common_app(kube_apis.v1, kube_apis.extensions_v1_beta1, common_app, test_namespace)
delete_items_from_yaml(kube_apis.extensions_v1_beta1, f"{TEST_DATA}/smoke/{request.param}/smoke-ingress.yaml",
test_namespace)
delete_secret(kube_apis.v1, secret_name, test_namespace)
def fin():
print("Clean up:")
delete_common_app(kube_apis, "simple", test_namespace)
for item in ingresses_under_test:
src_ing_yaml = f"{TEST_DATA}/ingress-class/{item}-ingress.yaml"
delete_items_from_yaml(kube_apis, src_ing_yaml, test_namespace)
def fin():
print("Clean up Virtual Server Example:")
delete_virtual_server(kube_apis.custom_objects, vs_name,
test_namespace)
delete_common_app(kube_apis.v1, kube_apis.extensions_v1_beta1,
common_app, test_namespace)
def backend_setup(request, kube_apis, ingress_controller_endpoint,
ingress_controller_prerequisites,
test_namespace) -> BackendSetup:
"""
Deploy a simple application and AppProtect manifests.
:param request: pytest fixture
:param kube_apis: client apis
:param ingress_controller_endpoint: public endpoint
:param test_namespace:
:return: BackendSetup
"""
try:
print(
"------------------------- Replace ConfigMap with HTTP2 -------------------------"
)
replace_configmap_from_yaml(
kube_apis.v1,
ingress_controller_prerequisites.config_map['metadata']['name'],
ingress_controller_prerequisites.namespace,
f"{TEST_DATA}/appprotect/grpc/nginx-config.yaml")
policy = request.param["policy"]
print(
"------------------------- Deploy backend application -------------------------"
)
create_example_app(kube_apis, "grpc", test_namespace)
wait_until_all_pods_are_ready(kube_apis.v1, test_namespace)
print(
"------------------------- Deploy Secret -----------------------------"
)
src_sec_yaml = f"{TEST_DATA}/appprotect/appprotect-secret.yaml"
create_items_from_yaml(kube_apis, src_sec_yaml, test_namespace)
print(
"------------------------- Deploy logconf -----------------------------"
)
src_log_yaml = f"{TEST_DATA}/appprotect/logconf.yaml"
log_name = create_ap_logconf_from_yaml(kube_apis.custom_objects,
src_log_yaml, test_namespace)
print(
f"------------------------- Deploy appolicy: {policy} ---------------------------"
)
src_pol_yaml = f"{TEST_DATA}/appprotect/grpc/{policy}.yaml"
pol_name = create_ap_policy_from_yaml(kube_apis.custom_objects,
src_pol_yaml, test_namespace)
print(
"------------------------- Deploy Syslog -----------------------------"
)
src_syslog_yaml = f"{TEST_DATA}/appprotect/syslog.yaml"
create_items_from_yaml(kube_apis, src_syslog_yaml, test_namespace)
syslog_ep = get_service_endpoint(kube_apis, "syslog-svc",
test_namespace)
print(syslog_ep)
print(
"------------------------- Deploy ingress -----------------------------"
)
src_ing_yaml = f"{TEST_DATA}/appprotect/grpc/ingress.yaml"
create_ingress_with_ap_annotations(kube_apis, src_ing_yaml,
test_namespace, policy, "True",
"True", f"{syslog_ep}:514")
ingress_host = get_first_ingress_host_from_yaml(src_ing_yaml)
wait_before_test(40)
except Exception as ex:
print("Failed to complete setup, cleaning up..")
delete_items_from_yaml(kube_apis, src_syslog_yaml, test_namespace)
delete_items_from_yaml(kube_apis, src_ing_yaml, test_namespace)
delete_ap_policy(kube_apis.custom_objects, pol_name, test_namespace)
delete_ap_logconf(kube_apis.custom_objects, log_name, test_namespace)
delete_common_app(kube_apis, "grpc", test_namespace)
delete_items_from_yaml(kube_apis, src_sec_yaml, test_namespace)
replace_configmap_from_yaml(
kube_apis.v1,
ingress_controller_prerequisites.config_map['metadata']['name'],
ingress_controller_prerequisites.namespace,
f"{DEPLOYMENTS}/common/nginx-config.yaml")
pytest.fail(f"AP GRPC setup failed")
def fin():
print("Clean up:")
delete_items_from_yaml(kube_apis, src_syslog_yaml, test_namespace)
delete_items_from_yaml(kube_apis, src_ing_yaml, test_namespace)
delete_ap_policy(kube_apis.custom_objects, pol_name, test_namespace)
delete_ap_logconf(kube_apis.custom_objects, log_name, test_namespace)
delete_common_app(kube_apis, "grpc", test_namespace)
delete_items_from_yaml(kube_apis, src_sec_yaml, test_namespace)
replace_configmap_from_yaml(
kube_apis.v1,
ingress_controller_prerequisites.config_map['metadata']['name'],
ingress_controller_prerequisites.namespace,
f"{DEPLOYMENTS}/common/nginx-config.yaml")
request.addfinalizer(fin)
return BackendSetup(ingress_host, ingress_controller_endpoint.public_ip,
ingress_controller_endpoint.port_ssl)
def fin():
print("Clean up the JWT Secrets Application:")
delete_common_app(kube_apis.v1, kube_apis.extensions_v1_beta1, common_app, test_namespace)
delete_items_from_yaml(kube_apis.extensions_v1_beta1, f"{TEST_DATA}/jwt-secrets/{request.param}/jwt-secrets-ingress.yaml",
test_namespace)
