def test_when_option_in_v_s_only(self, kube_apis, ingress_controller_prerequisites, crd_ingress_controller, virtual_server_setup, options, expected_strings): text = f"{virtual_server_setup.namespace}/{virtual_server_setup.vs_name}" vs_event_text = f"Configuration for {text} was added or updated" events_vs = get_events(kube_apis.v1, virtual_server_setup.namespace) initial_count = assert_event_and_get_count(vs_event_text, events_vs) print(f"Case 2: no key in ConfigMap , option specified in VS") new_body = generate_item_with_upstream_options( f"{TEST_DATA}/virtual-server-upstream-options/standard/virtual-server.yaml", options) patch_virtual_server(kube_apis.custom_objects, virtual_server_setup.vs_name, virtual_server_setup.namespace, new_body) wait_before_test(1) ic_pod_name = get_first_pod_name(kube_apis.v1, ingress_controller_prerequisites.namespace) config = get_vs_nginx_template_conf(kube_apis.v1, virtual_server_setup.namespace, virtual_server_setup.vs_name, ic_pod_name, ingress_controller_prerequisites.namespace) resp_1 = requests.get(virtual_server_setup.backend_1_url, headers={"host": virtual_server_setup.vs_host}) resp_2 = requests.get(virtual_server_setup.backend_2_url, headers={"host": virtual_server_setup.vs_host}) vs_events = get_events(kube_apis.v1, virtual_server_setup.namespace) assert_event_count_increased(vs_event_text, initial_count, vs_events) for _ in expected_strings: assert _ in config assert_response_codes(resp_1, resp_2)
def test_responses_and_config_after_disable_tls( self, kube_apis, ingress_controller_prerequisites, crd_ingress_controller, virtual_server_setup): ic_pod_name = get_first_pod_name( kube_apis.v1, ingress_controller_prerequisites.namespace) text = f"{virtual_server_setup.namespace}/{virtual_server_setup.vs_name}" vs_event_text = f"Configuration for {text} was added or updated" initial_events_vs = get_events(kube_apis.v1, virtual_server_setup.namespace) initial_count = assert_event_and_get_count(vs_event_text, initial_events_vs) patch_virtual_server_from_yaml( kube_apis.custom_objects, virtual_server_setup.vs_name, f"{TEST_DATA}/virtual-server-upstream-tls/virtual-server-disable-tls.yaml", virtual_server_setup.namespace) wait_before_test(1) config = get_vs_nginx_template_conf( kube_apis.v1, virtual_server_setup.namespace, virtual_server_setup.vs_name, ic_pod_name, ingress_controller_prerequisites.namespace) resp_1 = requests.get(virtual_server_setup.backend_1_url, headers={"host": virtual_server_setup.vs_host}) resp_2 = requests.get(virtual_server_setup.backend_2_url, headers={"host": virtual_server_setup.vs_host}) new_events_vs = get_events(kube_apis.v1, virtual_server_setup.namespace) assert 'proxy_pass https://' not in config assert_response_codes(resp_1, resp_2, 200, 400) assert_event_count_increased(vs_event_text, initial_count, new_events_vs)
def test_when_option_in_config_map_only(self, kube_apis, ingress_controller_prerequisites, crd_ingress_controller, virtual_server_setup, restore_configmap, config_map_file, expected_strings, unexpected_strings): text = f"{virtual_server_setup.namespace}/{virtual_server_setup.vs_name}" vs_event_text = f"Configuration for {text} was added or updated" print(f"Case 3: key specified in ConfigMap, no option in VS") patch_virtual_server_from_yaml(kube_apis.custom_objects, virtual_server_setup.vs_name, f"{TEST_DATA}/virtual-server-upstream-options/standard/virtual-server.yaml", virtual_server_setup.namespace) config_map_name = ingress_controller_prerequisites.config_map["metadata"]["name"] replace_configmap_from_yaml(kube_apis.v1, config_map_name, ingress_controller_prerequisites.namespace, config_map_file) wait_before_test(1) ic_pod_name = get_first_pod_name(kube_apis.v1, ingress_controller_prerequisites.namespace) config = get_vs_nginx_template_conf(kube_apis.v1, virtual_server_setup.namespace, virtual_server_setup.vs_name, ic_pod_name, ingress_controller_prerequisites.namespace) resp_1 = requests.get(virtual_server_setup.backend_1_url, headers={"host": virtual_server_setup.vs_host}) resp_2 = requests.get(virtual_server_setup.backend_2_url, headers={"host": virtual_server_setup.vs_host}) vs_events = get_events(kube_apis.v1, virtual_server_setup.namespace) assert_event(vs_event_text, vs_events) for _ in expected_strings: assert _ in config for _ in unexpected_strings: assert _ not in config assert_response_codes(resp_1, resp_2)
def test_invalid_value_rejection(self, kube_apis, ingress_controller_prerequisites, crd_ingress_controller, v_s_route_setup, v_s_route_secure_app_setup): ic_pod_name = get_first_pod_name(kube_apis.v1, ingress_controller_prerequisites.namespace) initial_events_ns_m = get_events(kube_apis.v1, v_s_route_setup.route_m.namespace) initial_events_ns_s = get_events(kube_apis.v1, v_s_route_setup.route_s.namespace) patch_v_s_route_from_yaml(kube_apis.custom_objects, v_s_route_setup.route_s.name, f"{TEST_DATA}/virtual-server-route-upstream-tls/route-single-invalid.yaml", v_s_route_setup.route_s.namespace) wait_before_test(1) config = get_vs_nginx_template_conf(kube_apis.v1, v_s_route_setup.namespace, v_s_route_setup.vs_name, ic_pod_name, ingress_controller_prerequisites.namespace) req_url = f"http://{v_s_route_setup.public_endpoint.public_ip}:{v_s_route_setup.public_endpoint.port}" resp_1 = requests.get(f"{req_url}{v_s_route_setup.route_m.paths[0]}", headers={"host": v_s_route_setup.vs_host}) resp_2 = requests.get(f"{req_url}{v_s_route_setup.route_s.paths[0]}", headers={"host": v_s_route_setup.vs_host}) new_events_ns_m = get_events(kube_apis.v1, v_s_route_setup.route_m.namespace) new_events_ns_s = get_events(kube_apis.v1, v_s_route_setup.route_s.namespace) vs_line = f"vs_{v_s_route_setup.namespace}_{v_s_route_setup.vs_name}" proxy_host_s = f"{vs_line}_vsr_{v_s_route_setup.route_s.namespace}_{v_s_route_setup.route_s.name}" proxy_host_m = f"{vs_line}_vsr_{v_s_route_setup.route_m.namespace}_{v_s_route_setup.route_m.name}" assert f'proxy_pass https://{proxy_host_m}' not in config assert f'proxy_pass https://{proxy_host_s}' in config assert_response_codes(resp_1, resp_2) assert_no_new_events(initial_events_ns_m, new_events_ns_m) assert_no_new_events(initial_events_ns_s, new_events_ns_s)
def test_validation_flow(self, kube_apis, ingress_controller_prerequisites, crd_ingress_controller, virtual_server_setup): ic_pod_name = get_first_pod_name( kube_apis.v1, ingress_controller_prerequisites.namespace) initial_events_vs = get_events(kube_apis.v1, virtual_server_setup.namespace) try: patch_virtual_server_from_yaml( kube_apis.custom_objects, virtual_server_setup.vs_name, f"{TEST_DATA}/virtual-server-upstream-tls/virtual-server-invalid.yaml", virtual_server_setup.namespace) except ApiException as ex: assert ex.status == 422 and "spec.upstreams.tls.enable" in ex.body except Exception as ex: pytest.fail(f"An unexpected exception is raised: {ex}") else: pytest.fail("Expected an exception but there was none") wait_before_test(1) config = get_vs_nginx_template_conf( kube_apis.v1, virtual_server_setup.namespace, virtual_server_setup.vs_name, ic_pod_name, ingress_controller_prerequisites.namespace) resp_1 = requests.get(virtual_server_setup.backend_1_url, headers={"host": virtual_server_setup.vs_host}) resp_2 = requests.get(virtual_server_setup.backend_2_url, headers={"host": virtual_server_setup.vs_host}) new_events_vs = get_events(kube_apis.v1, virtual_server_setup.namespace) proxy_host = f"vs_{virtual_server_setup.namespace}_{virtual_server_setup.vs_name}" assert f'proxy_pass https://{proxy_host}_backend1' not in config assert f'proxy_pass https://{proxy_host}_backend2' in config assert_response_codes(resp_1, resp_2) assert_no_new_events(initial_events_vs, new_events_vs)
def test_invalid_value_rejection(self, kube_apis, ingress_controller_prerequisites, crd_ingress_controller, virtual_server_setup): ic_pod_name = get_first_pod_name( kube_apis.v1, ingress_controller_prerequisites.namespace) initial_events_vs = get_events(kube_apis.v1, virtual_server_setup.namespace) patch_virtual_server_from_yaml( kube_apis.custom_objects, virtual_server_setup.vs_name, f"{TEST_DATA}/virtual-server-upstream-tls/virtual-server-invalid.yaml", virtual_server_setup.namespace) wait_before_test(1) config = get_vs_nginx_template_conf( kube_apis.v1, virtual_server_setup.namespace, virtual_server_setup.vs_name, ic_pod_name, ingress_controller_prerequisites.namespace) resp_1 = requests.get(virtual_server_setup.backend_1_url, headers={"host": virtual_server_setup.vs_host}) resp_2 = requests.get(virtual_server_setup.backend_2_url, headers={"host": virtual_server_setup.vs_host}) new_events_vs = get_events(kube_apis.v1, virtual_server_setup.namespace) proxy_host = f"vs_{virtual_server_setup.namespace}_{virtual_server_setup.vs_name}" assert f'proxy_pass https://{proxy_host}_backend1' not in config assert f'proxy_pass https://{proxy_host}_backend2' in config assert_response_codes(resp_1, resp_2) assert_no_new_events(initial_events_vs, new_events_vs)
def test_config_and_events(self, kube_apis, ingress_controller_prerequisites, crd_ingress_controller, v_s_route_setup, v_s_route_app_setup, options, expected_strings): expected_strings.append( f"location @hc-vs_{v_s_route_setup.namespace}_{v_s_route_setup.vs_name}" f"_vsr_{v_s_route_setup.route_m.namespace}_{v_s_route_setup.route_m.name}" ) expected_strings.append( f"location @hc-vs_{v_s_route_setup.namespace}_{v_s_route_setup.vs_name}" f"_vsr_{v_s_route_setup.route_s.namespace}_{v_s_route_setup.route_s.name}" ) req_url = f"http://{v_s_route_setup.public_endpoint.public_ip}:{v_s_route_setup.public_endpoint.port}" text_s = f"{v_s_route_setup.route_s.namespace}/{v_s_route_setup.route_s.name}" text_m = f"{v_s_route_setup.route_m.namespace}/{v_s_route_setup.route_m.name}" vsr_s_event_text = f"Configuration for {text_s} was added or updated" vsr_m_event_text = f"Configuration for {text_m} was added or updated" events_ns_m = get_events(kube_apis.v1, v_s_route_setup.route_m.namespace) events_ns_s = get_events(kube_apis.v1, v_s_route_setup.route_s.namespace) initial_count_vsr_m = assert_event_and_get_count( vsr_m_event_text, events_ns_m) initial_count_vsr_s = assert_event_and_get_count( vsr_s_event_text, events_ns_s) print(f"Case 2: no key in ConfigMap, option specified in VSR") new_body_m = generate_item_with_upstream_options( f"{TEST_DATA}/virtual-server-route-upstream-options/route-multiple.yaml", options) new_body_s = generate_item_with_upstream_options( f"{TEST_DATA}/virtual-server-route-upstream-options/route-single.yaml", options) patch_v_s_route(kube_apis.custom_objects, v_s_route_setup.route_m.name, v_s_route_setup.route_m.namespace, new_body_m) patch_v_s_route(kube_apis.custom_objects, v_s_route_setup.route_s.name, v_s_route_setup.route_s.namespace, new_body_s) wait_before_test(1) ic_pod_name = get_first_pod_name( kube_apis.v1, ingress_controller_prerequisites.namespace) config = get_vs_nginx_template_conf( kube_apis.v1, v_s_route_setup.namespace, v_s_route_setup.vs_name, ic_pod_name, ingress_controller_prerequisites.namespace) resp_1 = requests.get(f"{req_url}{v_s_route_setup.route_m.paths[0]}", headers={"host": v_s_route_setup.vs_host}) resp_2 = requests.get(f"{req_url}{v_s_route_setup.route_s.paths[0]}", headers={"host": v_s_route_setup.vs_host}) vsr_s_events = get_events(kube_apis.v1, v_s_route_setup.route_s.namespace) vsr_m_events = get_events(kube_apis.v1, v_s_route_setup.route_m.namespace) assert_event_count_increased(vsr_m_event_text, initial_count_vsr_m, vsr_m_events) assert_event_count_increased(vsr_s_event_text, initial_count_vsr_s, vsr_s_events) for _ in expected_strings: assert _ in config assert_response_codes(resp_1, resp_2)
def test_responses_and_config_after_disable_tls( self, kube_apis, ingress_controller_prerequisites, crd_ingress_controller, v_s_route_setup, v_s_route_secure_app_setup): ic_pod_name = get_first_pod_name( kube_apis.v1, ingress_controller_prerequisites.namespace) text_s = f"{v_s_route_setup.route_s.namespace}/{v_s_route_setup.route_s.name}" text_m = f"{v_s_route_setup.route_m.namespace}/{v_s_route_setup.route_m.name}" text_vs = f"{v_s_route_setup.namespace}/{v_s_route_setup.vs_name}" vsr_s_event_text = f"Configuration for {text_s} was added or updated" vsr_m_event_text = f"Configuration for {text_m} was added or updated" vs_event_text = f"Configuration for {text_vs} was added or updated" initial_events_ns_m = get_events(kube_apis.v1, v_s_route_setup.route_m.namespace) initial_events_ns_s = get_events(kube_apis.v1, v_s_route_setup.route_s.namespace) initial_count_vsr_m = assert_event_and_get_count( vsr_m_event_text, initial_events_ns_m) initial_count_vsr_s = assert_event_and_get_count( vsr_s_event_text, initial_events_ns_s) initial_count_vs = assert_event_and_get_count(vs_event_text, initial_events_ns_m) patch_v_s_route_from_yaml( kube_apis.custom_objects, v_s_route_setup.route_s.name, f"{TEST_DATA}/virtual-server-route-upstream-tls/route-single-disable-tls.yaml", v_s_route_setup.route_s.namespace) wait_before_test(1) config = get_vs_nginx_template_conf( kube_apis.v1, v_s_route_setup.namespace, v_s_route_setup.vs_name, ic_pod_name, ingress_controller_prerequisites.namespace) req_url = f"http://{v_s_route_setup.public_endpoint.public_ip}:{v_s_route_setup.public_endpoint.port}" resp_1 = requests.get(f"{req_url}{v_s_route_setup.route_m.paths[0]}", headers={"host": v_s_route_setup.vs_host}) resp_2 = requests.get(f"{req_url}{v_s_route_setup.route_s.paths[0]}", headers={"host": v_s_route_setup.vs_host}) new_events_ns_m = get_events(kube_apis.v1, v_s_route_setup.route_m.namespace) new_events_ns_s = get_events(kube_apis.v1, v_s_route_setup.route_s.namespace) assert 'proxy_pass https://' not in config assert_response_codes(resp_1, resp_2, 200, 400) assert_event_count_increased(vsr_m_event_text, initial_count_vsr_m, new_events_ns_m) assert_event_count_increased(vs_event_text, initial_count_vs, new_events_ns_m) assert_event_count_increased(vsr_s_event_text, initial_count_vsr_s, new_events_ns_s)
def test_responses_and_config_after_setup(self, kube_apis, ingress_controller_prerequisites, crd_ingress_controller, virtual_server_setup): ic_pod_name = get_first_pod_name(kube_apis.v1, ingress_controller_prerequisites.namespace) config = get_vs_nginx_template_conf(kube_apis.v1, virtual_server_setup.namespace, virtual_server_setup.vs_name, ic_pod_name, ingress_controller_prerequisites.namespace) resp_1 = requests.get(virtual_server_setup.backend_1_url, headers={"host": virtual_server_setup.vs_host}) resp_2 = requests.get(virtual_server_setup.backend_2_url, headers={"host": virtual_server_setup.vs_host}) proxy_host = f"vs_{virtual_server_setup.namespace}_{virtual_server_setup.vs_name}" assert f'proxy_pass https://{proxy_host}_backend1' not in config assert f'proxy_pass https://{proxy_host}_backend2' in config assert_response_codes(resp_1, resp_2)
def test_when_option_in_config_map_only( self, kube_apis, ingress_controller_prerequisites, crd_ingress_controller, v_s_route_setup, v_s_route_app_setup, restore_configmap, config_map_file, expected_strings, unexpected_strings): req_url = f"http://{v_s_route_setup.public_endpoint.public_ip}:{v_s_route_setup.public_endpoint.port}" text_s = f"{v_s_route_setup.route_s.namespace}/{v_s_route_setup.route_s.name}" text_m = f"{v_s_route_setup.route_m.namespace}/{v_s_route_setup.route_m.name}" vsr_s_event_text = f"Configuration for {text_s} was added or updated" vsr_m_event_text = f"Configuration for {text_m} was added or updated" print(f"Case 3: key specified in ConfigMap, no option in VS") patch_v_s_route_from_yaml( kube_apis.custom_objects, v_s_route_setup.route_m.name, f"{TEST_DATA}/virtual-server-route-upstream-options/route-multiple.yaml", v_s_route_setup.route_m.namespace) patch_v_s_route_from_yaml( kube_apis.custom_objects, v_s_route_setup.route_s.name, f"{TEST_DATA}/virtual-server-route-upstream-options/route-single.yaml", v_s_route_setup.route_s.namespace) config_map_name = ingress_controller_prerequisites.config_map[ "metadata"]["name"] replace_configmap_from_yaml(kube_apis.v1, config_map_name, ingress_controller_prerequisites.namespace, config_map_file) wait_before_test(1) ic_pod_name = get_first_pod_name( kube_apis.v1, ingress_controller_prerequisites.namespace) config = get_vs_nginx_template_conf( kube_apis.v1, v_s_route_setup.namespace, v_s_route_setup.vs_name, ic_pod_name, ingress_controller_prerequisites.namespace) resp_1 = requests.get(f"{req_url}{v_s_route_setup.route_m.paths[0]}", headers={"host": v_s_route_setup.vs_host}) resp_2 = requests.get(f"{req_url}{v_s_route_setup.route_s.paths[0]}", headers={"host": v_s_route_setup.vs_host}) vsr_s_events = get_events(kube_apis.v1, v_s_route_setup.route_s.namespace) vsr_m_events = get_events(kube_apis.v1, v_s_route_setup.route_m.namespace) assert_event(vsr_m_event_text, vsr_m_events) assert_event(vsr_s_event_text, vsr_s_events) for _ in expected_strings: assert _ in config for _ in unexpected_strings: assert _ not in config assert_response_codes(resp_1, resp_2)
def test_validation_flow(self, kube_apis, ingress_controller_prerequisites, crd_ingress_controller, v_s_route_setup, v_s_route_secure_app_setup): ic_pod_name = get_first_pod_name( kube_apis.v1, ingress_controller_prerequisites.namespace) initial_events_ns_m = get_events(kube_apis.v1, v_s_route_setup.route_m.namespace) initial_events_ns_s = get_events(kube_apis.v1, v_s_route_setup.route_s.namespace) try: patch_v_s_route_from_yaml( kube_apis.custom_objects, v_s_route_setup.route_s.name, f"{TEST_DATA}/virtual-server-route-upstream-tls/route-single-invalid.yaml", v_s_route_setup.route_s.namespace) except ApiException as ex: assert ex.status == 422 and "tls.enable" in ex.body except Exception as ex: pytest.fail(f"An unexpected exception is raised: {ex}") else: pytest.fail("Expected an exception but there was none") wait_before_test(1) config = get_vs_nginx_template_conf( kube_apis.v1, v_s_route_setup.namespace, v_s_route_setup.vs_name, ic_pod_name, ingress_controller_prerequisites.namespace) req_url = f"http://{v_s_route_setup.public_endpoint.public_ip}:{v_s_route_setup.public_endpoint.port}" resp_1 = requests.get(f"{req_url}{v_s_route_setup.route_m.paths[0]}", headers={"host": v_s_route_setup.vs_host}) resp_2 = requests.get(f"{req_url}{v_s_route_setup.route_s.paths[0]}", headers={"host": v_s_route_setup.vs_host}) new_events_ns_m = get_events(kube_apis.v1, v_s_route_setup.route_m.namespace) new_events_ns_s = get_events(kube_apis.v1, v_s_route_setup.route_s.namespace) vs_line = f"vs_{v_s_route_setup.namespace}_{v_s_route_setup.vs_name}" proxy_host_s = f"{vs_line}_vsr_{v_s_route_setup.route_s.namespace}_{v_s_route_setup.route_s.name}" proxy_host_m = f"{vs_line}_vsr_{v_s_route_setup.route_m.namespace}_{v_s_route_setup.route_m.name}" assert f'proxy_pass https://{proxy_host_m}' not in config assert f'proxy_pass https://{proxy_host_s}' in config assert_response_codes(resp_1, resp_2) assert_no_new_events(initial_events_ns_m, new_events_ns_m) assert_no_new_events(initial_events_ns_s, new_events_ns_s)
def test_responses_and_config_after_setup(self, kube_apis, ingress_controller_prerequisites, crd_ingress_controller, v_s_route_setup, v_s_route_secure_app_setup): ic_pod_name = get_first_pod_name(kube_apis.v1, ingress_controller_prerequisites.namespace) config = get_vs_nginx_template_conf(kube_apis.v1, v_s_route_setup.namespace, v_s_route_setup.vs_name, ic_pod_name, ingress_controller_prerequisites.namespace) req_url = f"http://{v_s_route_setup.public_endpoint.public_ip}:{v_s_route_setup.public_endpoint.port}" resp_1 = requests.get(f"{req_url}{v_s_route_setup.route_m.paths[0]}", headers={"host": v_s_route_setup.vs_host}) resp_2 = requests.get(f"{req_url}{v_s_route_setup.route_s.paths[0]}", headers={"host": v_s_route_setup.vs_host}) vs_line = f"vs_{v_s_route_setup.namespace}_{v_s_route_setup.vs_name}" proxy_host_s = f"{vs_line}_vsr_{v_s_route_setup.route_s.namespace}_{v_s_route_setup.route_s.name}" proxy_host_m = f"{vs_line}_vsr_{v_s_route_setup.route_m.namespace}_{v_s_route_setup.route_m.name}" assert f'proxy_pass https://{proxy_host_m}' not in config assert f'proxy_pass https://{proxy_host_s}' in config assert_response_codes(resp_1, resp_2)