def test_grpc_flow(self, kube_apis, annotations_grpc_setup,
ingress_controller_prerequisites, annotations,
expected_strings, unexpected_strings):
initial_events = get_events(kube_apis.v1,
annotations_grpc_setup.namespace)
initial_count = get_event_count(
annotations_grpc_setup.ingress_event_text, initial_events)
print("Case 5: grpc annotations override http ones")
new_ing = generate_ingresses_with_annotation(
annotations_grpc_setup.ingress_src_file, annotations)
for ing in new_ing:
if ing['metadata']['name'] == annotations_grpc_setup.ingress_name:
replace_ingress(kube_apis.extensions_v1_beta1,
annotations_grpc_setup.ingress_name,
annotations_grpc_setup.namespace, ing)
wait_before_test(1)
result_conf = get_ingress_nginx_template_conf(
kube_apis.v1, annotations_grpc_setup.namespace,
annotations_grpc_setup.ingress_name,
annotations_grpc_setup.ingress_pod_name,
ingress_controller_prerequisites.namespace)
new_events = get_events(kube_apis.v1, annotations_grpc_setup.namespace)
assert_event_count_increased(annotations_grpc_setup.ingress_event_text,
initial_count, new_events)
for _ in expected_strings:
assert _ in result_conf
for _ in unexpected_strings:
assert _ not in result_conf
def test_upstream_zone_size_0(self, cli_arguments, kube_apis,
annotations_setup,
ingress_controller_prerequisites,
annotations):
initial_events = get_events(kube_apis.v1, annotations_setup.namespace)
initial_count = get_event_count(annotations_setup.ingress_event_text,
initial_events)
print("Edge Case: upstream-zone-size is 0")
new_ing = generate_ingresses_with_annotation(
annotations_setup.ingress_src_file, annotations)
for ing in new_ing:
# in mergeable case this will update master ingress only
if ing['metadata']['name'] == annotations_setup.ingress_name:
replace_ingress(kube_apis.extensions_v1_beta1,
annotations_setup.ingress_name,
annotations_setup.namespace, ing)
wait_before_test(1)
result_conf = get_ingress_nginx_template_conf(
kube_apis.v1, annotations_setup.namespace,
annotations_setup.ingress_name, annotations_setup.ingress_pod_name,
ingress_controller_prerequisites.namespace)
new_events = get_events(kube_apis.v1, annotations_setup.namespace)
assert_event_count_increased(annotations_setup.ingress_event_text,
initial_count, new_events)
if cli_arguments["ic-type"] == "nginx-plus-ingress":
print("Run assertions for Nginx Plus case")
assert "zone " in result_conf
assert " 256k;" in result_conf
elif cli_arguments["ic-type"] == "nginx-ingress":
print("Run assertions for Nginx OSS case")
assert "zone " not in result_conf
assert " 256k;" not in result_conf
def test_validation(self, kube_apis, annotations_setup,
ingress_controller_prerequisites, annotations):
initial_events = get_events(kube_apis.v1, annotations_setup.namespace)
print("Case 6: IC doesn't validate, only nginx validates")
initial_count = get_event_count(
annotations_setup.ingress_error_event_text, initial_events)
new_ing = generate_ingresses_with_annotation(
annotations_setup.ingress_src_file, annotations)
for ing in new_ing:
# in mergeable case this will update master ingress only
if ing['metadata']['name'] == annotations_setup.ingress_name:
replace_ingress(kube_apis.networking_v1,
annotations_setup.ingress_name,
annotations_setup.namespace, ing)
wait_before_test()
result_conf = get_ingress_nginx_template_conf(
kube_apis.v1, annotations_setup.namespace,
annotations_setup.ingress_name, annotations_setup.ingress_pod_name,
ingress_controller_prerequisites.namespace)
new_events = get_events(kube_apis.v1, annotations_setup.namespace)
assert "server {" not in result_conf
assert "No such file or directory" in result_conf
assert_event_count_increased(
annotations_setup.ingress_error_event_text, initial_count,
new_events)
def test_when_annotation_in_ing_only(self, kube_apis, annotations_setup,
ingress_controller_prerequisites,
annotations, expected_strings,
unexpected_strings):
initial_events = get_events(kube_apis.v1, annotations_setup.namespace)
initial_count = get_event_count(annotations_setup.ingress_event_text,
initial_events)
print("Case 2: no ConfigMap keys, annotations in Ingress only")
new_ing = generate_ingresses_with_annotation(
annotations_setup.ingress_src_file, annotations)
for ing in new_ing:
# in mergeable case this will update master ingress only
if ing['metadata']['name'] == annotations_setup.ingress_name:
replace_ingress(kube_apis.networking_v1,
annotations_setup.ingress_name,
annotations_setup.namespace, ing)
wait_before_test(1)
result_conf = get_ingress_nginx_template_conf(
kube_apis.v1, annotations_setup.namespace,
annotations_setup.ingress_name, annotations_setup.ingress_pod_name,
ingress_controller_prerequisites.namespace)
new_events = get_events(kube_apis.v1, annotations_setup.namespace)
assert_event_count_increased(annotations_setup.ingress_event_text,
initial_count, new_events)
for _ in expected_strings:
assert _ in result_conf
for _ in unexpected_strings:
assert _ not in result_conf
def test_headers(self, kube_apis, hsts_setup,
ingress_controller_prerequisites):
print("Case 4: no TLS, hsts is True, hsts-behind-proxy is True")
annotations = {"nginx.org/hsts-behind-proxy": "True"}
new_ing = generate_ingresses_with_annotation(
hsts_setup.ingress_src_file, annotations)
for ing in new_ing:
if ing['metadata']['name'] == hsts_setup.ingress_name:
replace_ingress(kube_apis.extensions_v1_beta1,
hsts_setup.ingress_name, hsts_setup.namespace,
ing)
wait_before_test(1)
xfp_https_headers = {
"host": hsts_setup.ingress_host,
"X-Forwarded-Proto": "https"
}
xfp_http_headers = {
"host": hsts_setup.ingress_host,
"X-Forwarded-Proto": "http"
}
xfp_https_resp = requests.get(f"{hsts_setup.http_url}/backend1",
headers=xfp_https_headers,
allow_redirects=False)
xfp_http_resp = requests.get(f"{hsts_setup.http_url}/backend1",
headers=xfp_http_headers,
allow_redirects=False)
assert "'Strict-Transport-Security': 'max-age=2592000; preload'" in str(
xfp_https_resp.headers)
assert "'Strict-Transport-Security'" not in str(xfp_http_resp.headers)
def replace_ingresses_from_yaml(extensions_v1_beta1: ExtensionsV1beta1Api, namespace, yaml_manifest) -> None:
"""
Parse file and replace all Ingresses based on its contents.
:param extensions_v1_beta1: ExtensionsV1beta1Api
:param namespace: namespace
:param yaml_manifest: an absolute path to a file
:return:
"""
print(f"Replace an Ingresses from yaml")
with open(yaml_manifest) as f:
docs = yaml.load_all(f)
for doc in docs:
if doc['kind'] == 'Ingress':
replace_ingress(extensions_v1_beta1, doc['metadata']['name'], namespace, doc)