def appprotect_setup(request, kube_apis, ingress_controller_endpoint, test_namespace) -> AppProtectSetup: """ Deploy simple application and all the AppProtect(dataguard-alarm) resources under test in one namespace. :param request: pytest fixture :param kube_apis: client apis :param ingress_controller_endpoint: public endpoint :param test_namespace: :return: BackendSetup """ print( "------------------------- Deploy simple backend application -------------------------" ) create_example_app(kube_apis, "simple", test_namespace) req_url = f"https://{ingress_controller_endpoint.public_ip}:{ingress_controller_endpoint.port_ssl}/backend1" metrics_url = f"http://{ingress_controller_endpoint.public_ip}:{ingress_controller_endpoint.metrics_port}/metrics" wait_until_all_pods_are_ready(kube_apis.v1, test_namespace) ensure_connection_to_public_endpoint( ingress_controller_endpoint.public_ip, ingress_controller_endpoint.port, ingress_controller_endpoint.port_ssl, ) print( "------------------------- Deploy Secret -----------------------------" ) src_sec_yaml = f"{TEST_DATA}/appprotect/appprotect-secret.yaml" create_items_from_yaml(kube_apis, src_sec_yaml, test_namespace) print( "------------------------- Deploy logconf -----------------------------" ) src_log_yaml = f"{TEST_DATA}/appprotect/logconf.yaml" log_name = create_ap_logconf_from_yaml(kube_apis.custom_objects, src_log_yaml, test_namespace) print( f"------------------------- Deploy dataguard-alarm appolicy ---------------------------" ) src_pol_yaml = f"{TEST_DATA}/appprotect/{ap_policy}.yaml" pol_name = create_ap_policy_from_yaml(kube_apis.custom_objects, src_pol_yaml, test_namespace) def fin(): print("Clean up:") delete_ap_policy(kube_apis.custom_objects, pol_name, test_namespace) delete_ap_logconf(kube_apis.custom_objects, log_name, test_namespace) delete_common_app(kube_apis, "simple", test_namespace) src_sec_yaml = f"{TEST_DATA}/appprotect/appprotect-secret.yaml" delete_items_from_yaml(kube_apis, src_sec_yaml, test_namespace) write_to_json(f"reload-{get_test_file_name(request.node.fspath)}.json", reload_times) request.addfinalizer(fin) return AppProtectSetup(req_url, metrics_url)
def appprotect_setup(request, kube_apis, test_namespace) -> None: """ Deploy simple application and all the AppProtect(dataguard-alarm) resources under test in one namespace. :param request: pytest fixture :param kube_apis: client apis :param ingress_controller_endpoint: public endpoint :param test_namespace: """ print( "------------------------- Deploy logconf -----------------------------" ) src_log_yaml = f"{TEST_DATA}/ap-waf/logconf.yaml" global log_name log_name = create_ap_logconf_from_yaml(kube_apis.custom_objects, src_log_yaml, test_namespace) print( "------------------------- Create UserSig CRD -----------------------------" ) ap_uds_crd_name = get_name_from_yaml(uds_crd) create_crd_from_yaml( kube_apis.api_extensions_v1_beta1, ap_uds_crd_name, uds_crd, ) wait_before_test() print( "------------------------- Create UserSig CRD resource-----------------------------" ) usersig_name = create_ap_usersig_from_yaml(kube_apis.custom_objects, uds_crd_resource, test_namespace) print( f"------------------------- Deploy dataguard-alarm appolicy ---------------------------" ) src_pol_yaml = f"{TEST_DATA}/ap-waf/{ap_policy_uds}.yaml" global ap_pol_name ap_pol_name = create_ap_policy_from_yaml(kube_apis.custom_objects, src_pol_yaml, test_namespace) def fin(): print("Clean up:") delete_ap_policy(kube_apis.custom_objects, ap_pol_name, test_namespace) delete_ap_usersig(kube_apis.custom_objects, usersig_name, test_namespace) delete_crd( kube_apis.api_extensions_v1_beta1, ap_uds_crd_name, ) delete_ap_logconf(kube_apis.custom_objects, log_name, test_namespace) request.addfinalizer(fin)
def backend_setup(request, kube_apis, ingress_controller_endpoint, test_namespace) -> BackendSetup: """ Deploy a simple application and AppProtect manifests. :param request: pytest fixture :param kube_apis: client apis :param ingress_controller_endpoint: public endpoint :param test_namespace: :return: BackendSetup """ policy = request.param["policy"] print("------------------------- Deploy backend application -------------------------") create_example_app(kube_apis, "simple", test_namespace) req_url = f"https://{ingress_controller_endpoint.public_ip}:{ingress_controller_endpoint.port_ssl}/backend1" wait_until_all_pods_are_ready(kube_apis.v1, test_namespace) ensure_connection_to_public_endpoint( ingress_controller_endpoint.public_ip, ingress_controller_endpoint.port, ingress_controller_endpoint.port_ssl, ) print("------------------------- Deploy Secret -----------------------------") src_sec_yaml = f"{TEST_DATA}/appprotect/appprotect-secret.yaml" create_items_from_yaml(kube_apis, src_sec_yaml, test_namespace) print("------------------------- Deploy logconf -----------------------------") src_log_yaml = f"{TEST_DATA}/appprotect/logconf.yaml" log_name = create_ap_logconf_from_yaml(kube_apis.custom_objects, src_log_yaml, test_namespace) print(f"------------------------- Deploy appolicy: {policy} ---------------------------") src_pol_yaml = f"{TEST_DATA}/appprotect/{policy}.yaml" pol_name = create_ap_policy_from_yaml(kube_apis.custom_objects, src_pol_yaml, test_namespace) print("------------------------- Deploy ingress -----------------------------") ingress_host = {} src_ing_yaml = f"{TEST_DATA}/appprotect/appprotect-ingress.yaml" create_ingress_with_ap_annotations(kube_apis, src_ing_yaml, test_namespace, policy, "True", "True", "127.0.0.1:514") ingress_host = get_first_ingress_host_from_yaml(src_ing_yaml) wait_before_test() def fin(): print("Clean up:") delete_ap_policy(kube_apis.custom_objects, pol_name, test_namespace) delete_ap_logconf(kube_apis.custom_objects, log_name, test_namespace) delete_common_app(kube_apis, "simple", test_namespace) src_sec_yaml = f"{TEST_DATA}/appprotect/appprotect-secret.yaml" delete_items_from_yaml(kube_apis, src_sec_yaml, test_namespace) src_ing_yaml = f"{TEST_DATA}/appprotect/appprotect-ingress.yaml" delete_items_from_yaml(kube_apis, src_ing_yaml, test_namespace) request.addfinalizer(fin) return BackendSetup(req_url, ingress_host)
def backend_setup(request, kube_apis, ingress_controller_endpoint, ingress_controller_prerequisites, test_namespace) -> BackendSetup: """ Deploy a simple application and AppProtect manifests. :param request: pytest fixture :param kube_apis: client apis :param ingress_controller_endpoint: public endpoint :param test_namespace: :return: BackendSetup """ try: print( "------------------------- Replace ConfigMap with HTTP2 -------------------------" ) replace_configmap_from_yaml( kube_apis.v1, ingress_controller_prerequisites.config_map['metadata']['name'], ingress_controller_prerequisites.namespace, f"{TEST_DATA}/appprotect/grpc/nginx-config.yaml") policy = request.param["policy"] print( "------------------------- Deploy backend application -------------------------" ) create_example_app(kube_apis, "grpc", test_namespace) wait_until_all_pods_are_ready(kube_apis.v1, test_namespace) print( "------------------------- Deploy Secret -----------------------------" ) src_sec_yaml = f"{TEST_DATA}/appprotect/appprotect-secret.yaml" create_items_from_yaml(kube_apis, src_sec_yaml, test_namespace) print( "------------------------- Deploy logconf -----------------------------" ) src_log_yaml = f"{TEST_DATA}/appprotect/logconf.yaml" log_name = create_ap_logconf_from_yaml(kube_apis.custom_objects, src_log_yaml, test_namespace) print( f"------------------------- Deploy appolicy: {policy} ---------------------------" ) src_pol_yaml = f"{TEST_DATA}/appprotect/grpc/{policy}.yaml" pol_name = create_ap_policy_from_yaml(kube_apis.custom_objects, src_pol_yaml, test_namespace) print( "------------------------- Deploy Syslog -----------------------------" ) src_syslog_yaml = f"{TEST_DATA}/appprotect/syslog.yaml" create_items_from_yaml(kube_apis, src_syslog_yaml, test_namespace) syslog_ep = get_service_endpoint(kube_apis, "syslog-svc", test_namespace) print(syslog_ep) print( "------------------------- Deploy ingress -----------------------------" ) src_ing_yaml = f"{TEST_DATA}/appprotect/grpc/ingress.yaml" create_ingress_with_ap_annotations(kube_apis, src_ing_yaml, test_namespace, policy, "True", "True", f"{syslog_ep}:514") ingress_host = get_first_ingress_host_from_yaml(src_ing_yaml) wait_before_test(40) except Exception as ex: print("Failed to complete setup, cleaning up..") delete_items_from_yaml(kube_apis, src_syslog_yaml, test_namespace) delete_items_from_yaml(kube_apis, src_ing_yaml, test_namespace) delete_ap_policy(kube_apis.custom_objects, pol_name, test_namespace) delete_ap_logconf(kube_apis.custom_objects, log_name, test_namespace) delete_common_app(kube_apis, "grpc", test_namespace) delete_items_from_yaml(kube_apis, src_sec_yaml, test_namespace) replace_configmap_from_yaml( kube_apis.v1, ingress_controller_prerequisites.config_map['metadata']['name'], ingress_controller_prerequisites.namespace, f"{DEPLOYMENTS}/common/nginx-config.yaml") pytest.fail(f"AP GRPC setup failed") def fin(): print("Clean up:") delete_items_from_yaml(kube_apis, src_syslog_yaml, test_namespace) delete_items_from_yaml(kube_apis, src_ing_yaml, test_namespace) delete_ap_policy(kube_apis.custom_objects, pol_name, test_namespace) delete_ap_logconf(kube_apis.custom_objects, log_name, test_namespace) delete_common_app(kube_apis, "grpc", test_namespace) delete_items_from_yaml(kube_apis, src_sec_yaml, test_namespace) replace_configmap_from_yaml( kube_apis.v1, ingress_controller_prerequisites.config_map['metadata']['name'], ingress_controller_prerequisites.namespace, f"{DEPLOYMENTS}/common/nginx-config.yaml") request.addfinalizer(fin) return BackendSetup(ingress_host, ingress_controller_endpoint.public_ip, ingress_controller_endpoint.port_ssl)