def test_auth_location_config(self): settings.PROXIES_CONFIG.auth_use_resolver = False settings.PROXIES_CONFIG.dns_use_resolver = False settings.PROXIES_CONFIG.auth_enabled = True expected = """ location = /auth/v1/ { proxy_pass http://polyaxon-polyaxon-api; proxy_pass_request_body off; proxy_set_header Content-Length ""; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Origin-URI $request_uri; proxy_set_header X-Origin-Method $request_method; internal; } """ # noqa assert get_auth_location_config(resolver="") == expected # Use resolver but do not enable it for auth settings.PROXIES_CONFIG.dns_use_resolver = True settings.PROXIES_CONFIG.dns_prefix = "coredns.kube-system" settings.PROXIES_CONFIG.dns_custom_cluster = "cluster.local" assert get_dns_config() == "coredns.kube-system.svc.cluster.local" resolver = get_resolver() expected = """ location = /auth/v1/ { proxy_pass http://polyaxon-polyaxon-api; proxy_pass_request_body off; proxy_set_header Content-Length ""; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Origin-URI $request_uri; proxy_set_header X-Origin-Method $request_method; internal; } """ # noqa assert get_auth_location_config(resolver=resolver) == expected # Enable resolver for auth settings.PROXIES_CONFIG.auth_use_resolver = True expected = """ location = /auth/v1/ { resolver coredns.kube-system.svc.cluster.local valid=5s; proxy_pass http://polyaxon-polyaxon-api; proxy_pass_request_body off; proxy_set_header Content-Length ""; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Origin-URI $request_uri; proxy_set_header X-Origin-Method $request_method; internal; } """ # noqa assert get_auth_location_config(resolver=resolver) == expected
def get_base_config(): resolver = get_resolver() auth = get_auth_config() config = [get_listen_config(is_proxy=True)] if settings.PROXIES_CONFIG.ssl_enabled: config.append(get_ssl_config()) config += [ get_logging_config(), get_gzip_config(), get_charset_config(), get_buffering_config(), get_timeout_config(), get_error_page_config(), get_robots_config(), get_favicon_config(), get_healthz_location_config(), get_auth_location_config(resolver=resolver), get_streams_location_config(resolver=resolver, auth=auth), get_services_location_config(resolver=resolver, auth=auth, rewrite=False), get_services_location_config(resolver=resolver, auth=auth, rewrite=True), get_api_location_config(resolver=resolver, auth=auth), ] # config += get_plugins_location_config(resolver=resolver, auth=auth) return clean_config(config)