def fin():
delete_crd(kube_apis.api_extensions_v1_beta1, vs_crd_name)
delete_crd(kube_apis.api_extensions_v1_beta1, vsr_crd_name)
print("Restore the ClusterRole:")
patch_rbac(kube_apis.rbac_v1_beta1, f"{DEPLOYMENTS}/rbac/rbac.yaml")
print("Remove the IC:")
delete_ingress_controller(kube_apis.apps_v1_api, name, cli_arguments['deployment-type'], namespace)
def test_responses_after_crd_removal_on_the_fly(self, kube_apis,
crd_ingress_controller,
virtual_server_setup):
print("\nStep 12: remove CRD and check")
crd_name = get_names_from_yaml(
f"{DEPLOYMENTS}/common/custom-resource-definitions.yaml")[0]
delete_crd(kube_apis.api_extensions_v1_beta1, crd_name)
wait_and_assert_status_code(404, virtual_server_setup.backend_1_url,
virtual_server_setup.vs_host)
wait_and_assert_status_code(404, virtual_server_setup.backend_2_url,
virtual_server_setup.vs_host)
print("Step 13: restore CRD and VS and check")
create_crd_from_yaml(
kube_apis.api_extensions_v1_beta1, crd_name,
f"{DEPLOYMENTS}/common/custom-resource-definitions.yaml")
wait_before_test(1)
create_virtual_server_from_yaml(
kube_apis.custom_objects,
f"{TEST_DATA}/virtual-server/standard/virtual-server.yaml",
virtual_server_setup.namespace)
wait_and_assert_status_code(200, virtual_server_setup.backend_1_url,
virtual_server_setup.vs_host)
wait_and_assert_status_code(200, virtual_server_setup.backend_2_url,
virtual_server_setup.vs_host)
def test_responses_after_crd_removal_on_the_fly(self, kube_apis,
crd_ingress_controller,
virtual_server_setup):
print("\nStep 12: remove CRD and check")
crd_name = get_names_from_yaml(
f"{TEST_DATA}/virtual-server/virtualserver.yaml")[0]
delete_crd(kube_apis.api_extensions_v1_beta1, crd_name)
wait_before_test(1)
resp = requests.get(virtual_server_setup.backend_1_url,
headers={"host": virtual_server_setup.vs_host})
assert resp.status_code == 404
resp = requests.get(virtual_server_setup.backend_2_url,
headers={"host": virtual_server_setup.vs_host})
assert resp.status_code == 404
print("Step 13: restore CRD and VS and check")
create_crds_from_yaml(
kube_apis.api_extensions_v1_beta1,
f"{TEST_DATA}/virtual-server/virtualserver.yaml")
create_virtual_server_from_yaml(
kube_apis.custom_objects,
f"{TEST_DATA}/virtual-server/standard/virtual-server.yaml",
virtual_server_setup.namespace)
wait_before_test(1)
resp = requests.get(virtual_server_setup.backend_1_url,
headers={"host": virtual_server_setup.vs_host})
assert resp.status_code == 200
resp = requests.get(virtual_server_setup.backend_2_url,
headers={"host": virtual_server_setup.vs_host})
assert resp.status_code == 200
def fin():
print("Clean up:")
delete_ap_policy(kube_apis.custom_objects, ap_pol_name, test_namespace)
delete_ap_usersig(kube_apis.custom_objects, usersig_name,
test_namespace)
delete_crd(
kube_apis.api_extensions_v1_beta1,
ap_uds_crd_name,
)
delete_ap_logconf(kube_apis.custom_objects, log_name, test_namespace)
def crd_ingress_controller(cli_arguments, kube_apis, ingress_controller_prerequisites,
ingress_controller_endpoint,
request) -> None:
"""
Create an Ingress Controller with CRD enabled.
:param cli_arguments: pytest context
:param kube_apis: client apis
:param ingress_controller_prerequisites
:param ingress_controller_endpoint:
:param request: pytest fixture to parametrize this method
{type: complete|rbac-without-vs, extra_args: }
'type' type of test pre-configuration
'extra_args' list of IC cli arguments
:return:
"""
namespace = ingress_controller_prerequisites.namespace
name = "nginx-ingress"
vs_crd_name = get_name_from_yaml(f"{DEPLOYMENTS}/common/vs-definition.yaml")
vsr_crd_name = get_name_from_yaml(f"{DEPLOYMENTS}/common/vsr-definition.yaml")
try:
print("------------------------- Update ClusterRole -----------------------------------")
if request.param['type'] == 'rbac-without-vs':
patch_rbac(kube_apis.rbac_v1_beta1, f"{TEST_DATA}/virtual-server/rbac-without-vs.yaml")
print("------------------------- Register CRDs -----------------------------------")
create_crd_from_yaml(kube_apis.api_extensions_v1_beta1, vs_crd_name,
f"{DEPLOYMENTS}/common/vs-definition.yaml")
create_crd_from_yaml(kube_apis.api_extensions_v1_beta1, vsr_crd_name,
f"{DEPLOYMENTS}/common/vsr-definition.yaml")
print("------------------------- Create IC -----------------------------------")
name = create_ingress_controller(kube_apis.v1, kube_apis.apps_v1_api, cli_arguments, namespace,
request.param.get('extra_args', None))
ensure_connection_to_public_endpoint(ingress_controller_endpoint.public_ip,
ingress_controller_endpoint.port,
ingress_controller_endpoint.port_ssl)
except ApiException as ex:
# Finalizer method doesn't start if fixture creation was incomplete, ensure clean up here
print(f"Failed to complete CRD IC fixture: {ex}\nClean up the cluster as much as possible.")
delete_crd(kube_apis.api_extensions_v1_beta1, vs_crd_name)
delete_crd(kube_apis.api_extensions_v1_beta1, vsr_crd_name)
print("Restore the ClusterRole:")
patch_rbac(kube_apis.rbac_v1_beta1, f"{DEPLOYMENTS}/rbac/rbac.yaml")
print("Remove the IC:")
delete_ingress_controller(kube_apis.apps_v1_api, name, cli_arguments['deployment-type'], namespace)
def fin():
delete_crd(kube_apis.api_extensions_v1_beta1, vs_crd_name)
delete_crd(kube_apis.api_extensions_v1_beta1, vsr_crd_name)
print("Restore the ClusterRole:")
patch_rbac(kube_apis.rbac_v1_beta1, f"{DEPLOYMENTS}/rbac/rbac.yaml")
print("Remove the IC:")
delete_ingress_controller(kube_apis.apps_v1_api, name, cli_arguments['deployment-type'], namespace)
request.addfinalizer(fin)
def fin():
print("--------------Cleanup----------------")
delete_crd(
kube_apis.api_extensions_v1_beta1,
ap_pol_crd_name,
)
delete_crd(
kube_apis.api_extensions_v1_beta1,
ap_log_crd_name,
)
print("Remove ap-rbac")
cleanup_rbac(kube_apis.rbac_v1, rbac)
print("Remove the IC:")
delete_ingress_controller(kube_apis.apps_v1_api, name,
cli_arguments["deployment-type"], namespace)
def fin():
print("Restore the ClusterRole:")
patch_rbac(kube_apis.rbac_v1, f"{DEPLOYMENTS}/rbac/rbac.yaml")
print("Remove the DNSEndpoint CRD:")
delete_crd(
kube_apis.api_extensions_v1,
external_dns_crd_name,
)
print("Remove the IC:")
delete_ingress_controller(kube_apis.apps_v1_api, name,
cli_arguments["deployment-type"], namespace)
replace_configmap_from_yaml(
kube_apis.v1,
ingress_controller_prerequisites.config_map["metadata"]["name"],
ingress_controller_prerequisites.namespace,
f"{DEPLOYMENTS}/common/nginx-config.yaml",
)
def fin():
print("--------------Cleanup----------------")
delete_crd(
kube_apis.api_extensions_v1,
dos_pol_crd_name,
)
delete_crd(
kube_apis.api_extensions_v1,
dos_log_crd_name,
)
delete_crd(
kube_apis.api_extensions_v1,
dos_protected_crd_name,
)
print("Remove ap-rbac")
cleanup_rbac(kube_apis.rbac_v1, rbac)
print("Remove dos arbitrator:")
delete_dos_arbitrator(kube_apis.v1, kube_apis.apps_v1_api,
dos_arbitrator_name, namespace)
print("Remove the IC:")
delete_ingress_controller(kube_apis.apps_v1_api, name,
cli_arguments["deployment-type"], namespace)
print("Remove the syslog svc:")
delete_items_from_yaml(kube_apis, src_syslog_yaml, namespace)
def crd_ingress_controller_with_ap(cli_arguments, kube_apis,
ingress_controller_prerequisites,
ingress_controller_endpoint,
request) -> None:
"""
Create an Ingress Controller with AppProtect CRD enabled.
:param cli_arguments: pytest context
:param kube_apis: client apis
:param ingress_controller_prerequisites
:param ingress_controller_endpoint:
:param request: pytest fixture to parametrize this method
{extra_args: }
'extra_args' list of IC arguments
:return:
"""
namespace = ingress_controller_prerequisites.namespace
name = "nginx-ingress"
try:
print(
"--------------------Create roles and bindings for AppProtect------------------------"
)
rbac = configure_rbac_with_ap(kube_apis.rbac_v1)
print(
"------------------------- Register AP CRD -----------------------------------"
)
ap_pol_crd_name = get_name_from_yaml(
f"{DEPLOYMENTS}/common/crds-v1beta1/appprotect.f5.com_appolicies.yaml"
)
ap_log_crd_name = get_name_from_yaml(
f"{DEPLOYMENTS}/common/crds-v1beta1/appprotect.f5.com_aplogconfs.yaml"
)
ap_uds_crd_name = get_name_from_yaml(
f"{DEPLOYMENTS}/common/crds-v1beta1/appprotect.f5.com_apusersigs.yaml"
)
vs_crd_name = get_name_from_yaml(
f"{DEPLOYMENTS}/common/crds-v1beta1/k8s.nginx.org_virtualservers.yaml"
)
vsr_crd_name = get_name_from_yaml(
f"{DEPLOYMENTS}/common/crds-v1beta1/k8s.nginx.org_virtualserverroutes.yaml"
)
pol_crd_name = get_name_from_yaml(
f"{DEPLOYMENTS}/common/crds-v1beta1/k8s.nginx.org_policies.yaml")
ts_crd_name = get_name_from_yaml(
f"{DEPLOYMENTS}/common/crds-v1beta1/k8s.nginx.org_transportservers.yaml"
)
create_crd_from_yaml(
kube_apis.api_extensions_v1_beta1,
ap_pol_crd_name,
f"{DEPLOYMENTS}/common/crds-v1beta1/appprotect.f5.com_appolicies.yaml",
)
create_crd_from_yaml(
kube_apis.api_extensions_v1_beta1,
ap_log_crd_name,
f"{DEPLOYMENTS}/common/crds-v1beta1/appprotect.f5.com_aplogconfs.yaml",
)
create_crd_from_yaml(
kube_apis.api_extensions_v1_beta1,
ap_uds_crd_name,
f"{DEPLOYMENTS}/common/crds-v1beta1/appprotect.f5.com_apusersigs.yaml",
)
create_crd_from_yaml(
kube_apis.api_extensions_v1_beta1,
vs_crd_name,
f"{DEPLOYMENTS}/common/crds-v1beta1/k8s.nginx.org_virtualservers.yaml",
)
create_crd_from_yaml(
kube_apis.api_extensions_v1_beta1,
vsr_crd_name,
f"{DEPLOYMENTS}/common/crds-v1beta1/k8s.nginx.org_virtualserverroutes.yaml",
)
create_crd_from_yaml(
kube_apis.api_extensions_v1_beta1,
pol_crd_name,
f"{DEPLOYMENTS}/common/crds-v1beta1/k8s.nginx.org_policies.yaml",
)
create_crd_from_yaml(
kube_apis.api_extensions_v1_beta1,
ts_crd_name,
f"{DEPLOYMENTS}/common/crds-v1beta1/k8s.nginx.org_transportservers.yaml",
)
print(
"------------------------- Create IC -----------------------------------"
)
name = create_ingress_controller(
kube_apis.v1,
kube_apis.apps_v1_api,
cli_arguments,
namespace,
request.param.get("extra_args", None),
)
ensure_connection_to_public_endpoint(
ingress_controller_endpoint.public_ip,
ingress_controller_endpoint.port,
ingress_controller_endpoint.port_ssl,
)
except Exception as ex:
print(
f"Failed to complete CRD IC fixture: {ex}\nClean up the cluster as much as possible."
)
delete_crd(
kube_apis.api_extensions_v1_beta1,
ap_pol_crd_name,
)
delete_crd(
kube_apis.api_extensions_v1_beta1,
ap_log_crd_name,
)
delete_crd(
kube_apis.api_extensions_v1_beta1,
ap_uds_crd_name,
)
delete_crd(
kube_apis.api_extensions_v1_beta1,
vs_crd_name,
)
delete_crd(
kube_apis.api_extensions_v1_beta1,
vsr_crd_name,
)
delete_crd(
kube_apis.api_extensions_v1_beta1,
pol_crd_name,
)
delete_crd(
kube_apis.api_extensions_v1_beta1,
ts_crd_name,
)
print("Remove ap-rbac")
cleanup_rbac(kube_apis.rbac_v1, rbac)
print("Remove the IC:")
delete_ingress_controller(kube_apis.apps_v1_api, name,
cli_arguments["deployment-type"], namespace)
def fin():
print("--------------Cleanup----------------")
delete_crd(
kube_apis.api_extensions_v1_beta1,
ap_pol_crd_name,
)
delete_crd(
kube_apis.api_extensions_v1_beta1,
ap_log_crd_name,
)
delete_crd(
kube_apis.api_extensions_v1_beta1,
ap_uds_crd_name,
)
delete_crd(
kube_apis.api_extensions_v1_beta1,
vs_crd_name,
)
delete_crd(
kube_apis.api_extensions_v1_beta1,
vsr_crd_name,
)
delete_crd(
kube_apis.api_extensions_v1_beta1,
pol_crd_name,
)
delete_crd(
kube_apis.api_extensions_v1_beta1,
ts_crd_name,
)
print("Remove ap-rbac")
cleanup_rbac(kube_apis.rbac_v1, rbac)
print("Remove the IC:")
delete_ingress_controller(kube_apis.apps_v1_api, name,
cli_arguments["deployment-type"], namespace)
request.addfinalizer(fin)
def test_ap_enable_true_policy_correct_uds(self, kube_apis,
crd_ingress_controller_with_ap,
appprotect_setup,
test_namespace):
"""
Test request with UDS rule string is rejected while AppProtect with User Defined Signatures is enabled in Ingress
"""
ap_uds_crd_name = get_name_from_yaml(uds_crd)
create_crd_from_yaml(
kube_apis.api_extensions_v1_beta1,
ap_uds_crd_name,
uds_crd,
)
wait_before_test()
usersig_name = create_ap_usersig_from_yaml(kube_apis.custom_objects,
uds_crd_resource,
test_namespace)
# Apply dataguard-alarm AP policy with UDS
delete_and_create_ap_policy_from_yaml(
kube_apis.custom_objects,
ap_policy,
f"{TEST_DATA}/appprotect/{ap_policy_uds}.yaml",
test_namespace,
)
wait_before_test()
create_ingress_with_ap_annotations(kube_apis, src_ing_yaml,
test_namespace, ap_policy, "True",
"True", "127.0.0.1:514")
ingress_host = get_first_ingress_host_from_yaml(src_ing_yaml)
print(
"--------- Run test while AppProtect module is enabled with correct policy and UDS ---------"
)
ap_crd_info = read_ap_crd(kube_apis.custom_objects, test_namespace,
"appolicies", ap_policy)
assert_ap_crd_info(ap_crd_info, ap_policy)
wait_before_test(120)
ensure_response_from_backend(appprotect_setup.req_url, ingress_host)
print("----------------------- Send request ----------------------")
response = requests.get(appprotect_setup.req_url,
headers={"host": ingress_host},
verify=False,
data="kic")
print(response.text)
# Restore default dataguard-alarm policy
delete_and_create_ap_policy_from_yaml(
kube_apis.custom_objects,
ap_policy,
f"{TEST_DATA}/appprotect/{ap_policy}.yaml",
test_namespace,
)
delete_ap_usersig(kube_apis.custom_objects, usersig_name,
test_namespace)
delete_crd(
kube_apis.api_extensions_v1_beta1,
ap_uds_crd_name,
)
delete_items_from_yaml(kube_apis, src_ing_yaml, test_namespace)
assert_invalid_responses(response)
def crd_ingress_controller_with_ed(cli_arguments, kube_apis,
ingress_controller_prerequisites,
ingress_controller_endpoint, request,
crds) -> None:
"""
Create an Ingress Controller with CRD enabled.
:param crds: the common ingress controller crds.
:param cli_arguments: pytest context
:param kube_apis: client apis
:param ingress_controller_prerequisites
:param ingress_controller_endpoint:
:param request: pytest fixture to parametrize this method
{type: complete|rbac-without-vs, extra_args: }
'type' type of test pre-configuration
'extra_args' list of IC cli arguments
:return:
"""
namespace = ingress_controller_prerequisites.namespace
name = "nginx-ingress"
print(
"---------------------- Register DNSEndpoint CRD ------------------------------"
)
external_dns_crd_name = get_name_from_yaml(
f"{DEPLOYMENTS}/common/crds/externaldns.nginx.org_dnsendpoints.yaml")
create_crd_from_yaml(
kube_apis.api_extensions_v1,
external_dns_crd_name,
f"{DEPLOYMENTS}/common/crds/externaldns.nginx.org_dnsendpoints.yaml",
)
try:
print(
"------------------------- Create IC -----------------------------------"
)
name = create_ingress_controller(
kube_apis.v1,
kube_apis.apps_v1_api,
cli_arguments,
namespace,
request.param.get("extra_args", None),
)
ensure_connection_to_public_endpoint(
ingress_controller_endpoint.public_ip,
ingress_controller_endpoint.port,
ingress_controller_endpoint.port_ssl,
)
print(
"---------------- Replace ConfigMap with external-status-address --------------------"
)
cm_source = f"{TEST_DATA}/virtual-server-external-dns/nginx-config.yaml"
replace_configmap_from_yaml(
kube_apis.v1,
ingress_controller_prerequisites.config_map['metadata']['name'],
ingress_controller_prerequisites.namespace, cm_source)
except ApiException as ex:
# Finalizer method doesn't start if fixture creation was incomplete, ensure clean up here
print("Restore the ClusterRole:")
patch_rbac(kube_apis.rbac_v1, f"{DEPLOYMENTS}/rbac/rbac.yaml")
print("Remove the DNSEndpoint CRD:")
delete_crd(
kube_apis.api_extensions_v1,
external_dns_crd_name,
)
print("Remove the IC:")
delete_ingress_controller(kube_apis.apps_v1_api, name,
cli_arguments["deployment-type"], namespace)
replace_configmap_from_yaml(
kube_apis.v1,
ingress_controller_prerequisites.config_map["metadata"]["name"],
ingress_controller_prerequisites.namespace,
f"{DEPLOYMENTS}/common/nginx-config.yaml",
)
pytest.fail("IC setup failed")
def fin():
print("Restore the ClusterRole:")
patch_rbac(kube_apis.rbac_v1, f"{DEPLOYMENTS}/rbac/rbac.yaml")
print("Remove the DNSEndpoint CRD:")
delete_crd(
kube_apis.api_extensions_v1,
external_dns_crd_name,
)
print("Remove the IC:")
delete_ingress_controller(kube_apis.apps_v1_api, name,
cli_arguments["deployment-type"], namespace)
replace_configmap_from_yaml(
kube_apis.v1,
ingress_controller_prerequisites.config_map["metadata"]["name"],
ingress_controller_prerequisites.namespace,
f"{DEPLOYMENTS}/common/nginx-config.yaml",
)
request.addfinalizer(fin)
def crd_ingress_controller_with_dos(cli_arguments, kube_apis,
ingress_controller_prerequisites,
ingress_controller_endpoint, request,
crds) -> None:
"""
Create an Ingress Controller with DOS CRDs enabled.
:param crds: the common IC crds.
:param cli_arguments: pytest context
:param kube_apis: client apis
:param ingress_controller_prerequisites
:param ingress_controller_endpoint:
:param request: pytest fixture to parametrize this method
{extra_args: }
'extra_args' list of IC arguments
:return:
"""
namespace = ingress_controller_prerequisites.namespace
name = "nginx-ingress"
try:
print(
"--------------------Create roles and bindings for AppProtect------------------------"
)
rbac = configure_rbac_with_dos(kube_apis.rbac_v1)
print(
"------------------------- Register AP CRD -----------------------------------"
)
dos_pol_crd_name = get_name_from_yaml(
f"{DEPLOYMENTS}/common/crds/appprotectdos.f5.com_apdospolicy.yaml")
dos_log_crd_name = get_name_from_yaml(
f"{DEPLOYMENTS}/common/crds/appprotectdos.f5.com_apdoslogconfs.yaml"
)
dos_protected_crd_name = get_name_from_yaml(
f"{DEPLOYMENTS}/common/crds/appprotectdos.f5.com_dosprotectedresources.yaml"
)
create_crd_from_yaml(
kube_apis.api_extensions_v1,
dos_pol_crd_name,
f"{DEPLOYMENTS}/common/crds/appprotectdos.f5.com_apdospolicy.yaml",
)
create_crd_from_yaml(
kube_apis.api_extensions_v1,
dos_log_crd_name,
f"{DEPLOYMENTS}/common/crds/appprotectdos.f5.com_apdoslogconfs.yaml",
)
create_crd_from_yaml(
kube_apis.api_extensions_v1,
dos_protected_crd_name,
f"{DEPLOYMENTS}/common/crds/appprotectdos.f5.com_dosprotectedresources.yaml",
)
print(
"------------------------- Create syslog svc -----------------------"
)
src_syslog_yaml = f"{TEST_DATA}/dos/dos-syslog.yaml"
log_loc = f"/var/log/messages"
create_items_from_yaml(kube_apis, src_syslog_yaml, namespace)
before = time.time()
wait_until_all_pods_are_ready(kube_apis.v1, namespace)
after = time.time()
print(f"All pods came up in {int(after-before)} seconds")
print(f"syslog svc was created")
print(
"------------------------- Create dos arbitrator -----------------------"
)
dos_arbitrator_name = create_dos_arbitrator(
kube_apis.v1,
kube_apis.apps_v1_api,
namespace,
)
print(
"------------------------- Create IC -----------------------------------"
)
name = create_ingress_controller(
kube_apis.v1,
kube_apis.apps_v1_api,
cli_arguments,
namespace,
request.param.get("extra_args", None),
)
ensure_connection_to_public_endpoint(
ingress_controller_endpoint.public_ip,
ingress_controller_endpoint.port,
ingress_controller_endpoint.port_ssl,
)
except Exception as ex:
print(
f"Failed to complete CRD IC fixture: {ex}\nClean up the cluster as much as possible."
)
delete_crd(
kube_apis.api_extensions_v1,
dos_pol_crd_name,
)
delete_crd(
kube_apis.api_extensions_v1,
dos_log_crd_name,
)
delete_crd(
kube_apis.api_extensions_v1,
dos_protected_crd_name,
)
print("Remove ap-rbac")
cleanup_rbac(kube_apis.rbac_v1, rbac)
print("Remove dos arbitrator:")
delete_dos_arbitrator(kube_apis.v1, kube_apis.apps_v1_api,
dos_arbitrator_name, namespace)
print("Remove the IC:")
delete_ingress_controller(kube_apis.apps_v1_api, name,
cli_arguments["deployment-type"], namespace)
pytest.fail("IC setup failed")
def fin():
print("--------------Cleanup----------------")
delete_crd(
kube_apis.api_extensions_v1,
dos_pol_crd_name,
)
delete_crd(
kube_apis.api_extensions_v1,
dos_log_crd_name,
)
delete_crd(
kube_apis.api_extensions_v1,
dos_protected_crd_name,
)
print("Remove ap-rbac")
cleanup_rbac(kube_apis.rbac_v1, rbac)
print("Remove dos arbitrator:")
delete_dos_arbitrator(kube_apis.v1, kube_apis.apps_v1_api,
dos_arbitrator_name, namespace)
print("Remove the IC:")
delete_ingress_controller(kube_apis.apps_v1_api, name,
cli_arguments["deployment-type"], namespace)
print("Remove the syslog svc:")
delete_items_from_yaml(kube_apis, src_syslog_yaml, namespace)
request.addfinalizer(fin)
def fin():
delete_crd(kube_apis.api_extensions_v1, vs_crd_name)
delete_crd(kube_apis.api_extensions_v1, vsr_crd_name)
delete_crd(kube_apis.api_extensions_v1, pol_crd_name)
delete_crd(kube_apis.api_extensions_v1, ts_crd_name)
delete_crd(kube_apis.api_extensions_v1, gc_crd_name)
def crds(kube_apis, request) -> None:
"""
Create an Ingress Controller with CRD enabled.
:param kube_apis: client apis
:param request: pytest fixture to parametrize this method
{type: complete|rbac-without-vs, extra_args: }
'type' type of test pre-configuration
'extra_args' list of IC cli arguments
:return:
"""
vs_crd_name = get_name_from_yaml(
f"{DEPLOYMENTS}/common/crds/k8s.nginx.org_virtualservers.yaml")
vsr_crd_name = get_name_from_yaml(
f"{DEPLOYMENTS}/common/crds/k8s.nginx.org_virtualserverroutes.yaml")
pol_crd_name = get_name_from_yaml(
f"{DEPLOYMENTS}/common/crds/k8s.nginx.org_policies.yaml")
ts_crd_name = get_name_from_yaml(
f"{DEPLOYMENTS}/common/crds/k8s.nginx.org_transportservers.yaml")
gc_crd_name = get_name_from_yaml(
f"{DEPLOYMENTS}/common/crds/k8s.nginx.org_globalconfigurations.yaml")
try:
print(
"------------------------- Register CRDs -----------------------------------"
)
create_crd_from_yaml(
kube_apis.api_extensions_v1,
vs_crd_name,
f"{DEPLOYMENTS}/common/crds/k8s.nginx.org_virtualservers.yaml",
)
create_crd_from_yaml(
kube_apis.api_extensions_v1,
vsr_crd_name,
f"{DEPLOYMENTS}/common/crds/k8s.nginx.org_virtualserverroutes.yaml",
)
create_crd_from_yaml(
kube_apis.api_extensions_v1,
pol_crd_name,
f"{DEPLOYMENTS}/common/crds/k8s.nginx.org_policies.yaml",
)
create_crd_from_yaml(
kube_apis.api_extensions_v1,
ts_crd_name,
f"{DEPLOYMENTS}/common/crds/k8s.nginx.org_transportservers.yaml",
)
create_crd_from_yaml(
kube_apis.api_extensions_v1,
gc_crd_name,
f"{DEPLOYMENTS}/common/crds/k8s.nginx.org_globalconfigurations.yaml",
)
except ApiException as ex:
# Finalizer method doesn't start if fixture creation was incomplete, ensure clean up here
print(
f"Failed to complete CRD IC fixture: {ex}\nClean up the cluster as much as possible."
)
delete_crd(kube_apis.api_extensions_v1, vs_crd_name)
delete_crd(kube_apis.api_extensions_v1, vsr_crd_name)
delete_crd(kube_apis.api_extensions_v1, pol_crd_name)
delete_crd(kube_apis.api_extensions_v1, ts_crd_name)
delete_crd(kube_apis.api_extensions_v1, gc_crd_name)
pytest.fail("IC setup failed")
def fin():
delete_crd(kube_apis.api_extensions_v1, vs_crd_name)
delete_crd(kube_apis.api_extensions_v1, vsr_crd_name)
delete_crd(kube_apis.api_extensions_v1, pol_crd_name)
delete_crd(kube_apis.api_extensions_v1, ts_crd_name)
delete_crd(kube_apis.api_extensions_v1, gc_crd_name)
request.addfinalizer(fin)
