def fin(): print("Clean up Virtual Server Example:") delete_virtual_server(kube_apis.custom_objects, vs_name, test_namespace) if request.param['app_type']: delete_common_app(kube_apis, request.param['app_type'], test_namespace)
def test_tls_passthrough_host_collision_vs( self, kube_apis, crd_ingress_controller, transport_server_tls_passthrough_setup, test_namespace, ): """ Test host collision handling in TransportServer with VirtualServer. """ print("Step 1: Create VirtualServer with same host") vs_src_same_host = ( f"{TEST_DATA}/transport-server-tls-passthrough/virtual-server-same-host.yaml" ) vs_same_host_name = create_virtual_server_from_yaml( kube_apis.custom_objects, vs_src_same_host, test_namespace) wait_before_test(1) response = read_vs(kube_apis.custom_objects, test_namespace, vs_same_host_name) delete_virtual_server(kube_apis.custom_objects, vs_same_host_name, test_namespace) assert (response["status"]["reason"] == "Rejected" and response["status"]["message"] == "Host is taken by another resource")
def test_responses_after_virtual_server_removal(self, kube_apis, crd_ingress_controller, virtual_server_setup): print("\nStep 6: delete VS and check") delete_virtual_server(kube_apis.custom_objects, virtual_server_setup.vs_name, virtual_server_setup.namespace) wait_before_test(1) resp = requests.get(virtual_server_setup.backend_1_url, headers={"host": virtual_server_setup.vs_host}) assert resp.status_code == 404 resp = requests.get(virtual_server_setup.backend_2_url, headers={"host": virtual_server_setup.vs_host}) assert resp.status_code == 404 print("Step 7: restore VS and check") create_virtual_server_from_yaml( kube_apis.custom_objects, f"{TEST_DATA}/virtual-server/standard/virtual-server.yaml", virtual_server_setup.namespace) wait_before_test(1) resp = requests.get(virtual_server_setup.backend_1_url, headers={"host": virtual_server_setup.vs_host}) assert resp.status_code == 200 resp = requests.get(virtual_server_setup.backend_2_url, headers={"host": virtual_server_setup.vs_host}) assert resp.status_code == 200
def test_virtual_server_behavior(self, kube_apis, ingress_controller_prerequisites, crd_ingress_controller, virtual_server_setup): ic_pod_name = get_first_pod_name(kube_apis.v1, ingress_controller_prerequisites.namespace) print("Step 1: initial check") step_1_list = get_events(kube_apis.v1, virtual_server_setup.namespace) assert_vs_conf_exists(kube_apis, ic_pod_name, ingress_controller_prerequisites.namespace, virtual_server_setup) assert_response_200(virtual_server_setup) print("Step 2: make a valid VirtualServer invalid and check") patch_virtual_server_from_yaml(kube_apis.custom_objects, virtual_server_setup.vs_name, f"{TEST_DATA}/virtual-server-validation/virtual-server-invalid-cookie.yaml", virtual_server_setup.namespace) wait_before_test(1) step_2_list = get_events(kube_apis.v1, virtual_server_setup.namespace) assert_reject_event_emitted(virtual_server_setup, step_2_list, step_1_list) assert_vs_conf_not_exists(kube_apis, ic_pod_name, ingress_controller_prerequisites.namespace, virtual_server_setup) assert_response_404(virtual_server_setup) print("Step 3: update an invalid VirtualServer with another invalid and check") patch_virtual_server_from_yaml(kube_apis.custom_objects, virtual_server_setup.vs_name, f"{TEST_DATA}/virtual-server-validation/virtual-server-no-default-action.yaml", virtual_server_setup.namespace) wait_before_test(1) step_3_list = get_events(kube_apis.v1, virtual_server_setup.namespace) assert_reject_event_emitted(virtual_server_setup, step_3_list, step_2_list) assert_vs_conf_not_exists(kube_apis, ic_pod_name, ingress_controller_prerequisites.namespace, virtual_server_setup) assert_response_404(virtual_server_setup) print("Step 4: make an invalid VirtualServer valid and check") patch_virtual_server_from_yaml(kube_apis.custom_objects, virtual_server_setup.vs_name, f"{TEST_DATA}/virtual-server-validation/standard/virtual-server.yaml", virtual_server_setup.namespace) wait_before_test(1) step_4_list = get_events(kube_apis.v1, virtual_server_setup.namespace) assert_vs_conf_exists(kube_apis, ic_pod_name, ingress_controller_prerequisites.namespace, virtual_server_setup) assert_event_count_increased_in_list(virtual_server_setup, step_4_list, step_3_list) assert_response_200(virtual_server_setup) print("Step 5: delete VS and then create an invalid and check") delete_virtual_server(kube_apis.custom_objects, virtual_server_setup.vs_name, virtual_server_setup.namespace) create_virtual_server_from_yaml(kube_apis.custom_objects, f"{TEST_DATA}/virtual-server-validation/virtual-server-invalid-cookie.yaml", virtual_server_setup.namespace) wait_before_test(1) step_5_list = get_events(kube_apis.v1, virtual_server_setup.namespace) assert_reject_event_emitted(virtual_server_setup, step_5_list, step_4_list) assert_vs_conf_not_exists(kube_apis, ic_pod_name, ingress_controller_prerequisites.namespace, virtual_server_setup) assert_response_404(virtual_server_setup)
def fin(): print("Clean up the Virtual Server Route:") delete_v_s_route(kube_apis.custom_objects, vsr_m_name, ns_1) delete_v_s_route(kube_apis.custom_objects, vsr_s_name, ns_2) print("Clean up Virtual Server:") delete_virtual_server(kube_apis.custom_objects, vs_name, ns_1) print("Delete test namespaces") delete_namespace(kube_apis.v1, ns_1) delete_namespace(kube_apis.v1, ns_2)
def restore_default_vs(self, kube_apis, virtual_server_setup) -> None: """ Restore VirtualServer without policy spec """ delete_virtual_server(kube_apis.custom_objects, virtual_server_setup.vs_name, virtual_server_setup.namespace) create_virtual_server_from_yaml(kube_apis.custom_objects, std_vs_src, virtual_server_setup.namespace) wait_before_test()
def test_vs_batch_start( self, request, kube_apis, ingress_controller_prerequisites, crd_ingress_controller, virtual_server_setup, test_namespace, ): """ Pod startup time with simple VS """ resp = requests.get(virtual_server_setup.backend_1_url, headers={"host": virtual_server_setup.vs_host}) assert resp.status_code is 200 total_vs = int(request.config.getoption("--batch-resources")) manifest = f"{TEST_DATA}/virtual-server/standard/virtual-server.yaml" for i in range(1, total_vs + 1): with open(manifest) as f: doc = yaml.safe_load(f) doc["metadata"]["name"] = f"virtual-server-{i}" doc["spec"]["host"] = f"virtual-server-{i}.example.com" kube_apis.custom_objects.create_namespaced_custom_object( "k8s.nginx.org", "v1", test_namespace, "virtualservers", doc) print( f"VirtualServer created with name '{doc['metadata']['name']}'" ) print(f"Total resources deployed is {total_vs}") wait_before_test() ic_ns = ingress_controller_prerequisites.namespace scale_deployment(kube_apis.v1, kube_apis.apps_v1_api, "nginx-ingress", ic_ns, 0) while get_pods_amount(kube_apis.v1, ic_ns) is not 0: print(f"Number of replicas not 0, retrying...") wait_before_test() num = scale_deployment(kube_apis.v1, kube_apis.apps_v1_api, "nginx-ingress", ic_ns, 1) assert (get_total_vs(virtual_server_setup.metrics_url, "nginx") == str(total_vs + 1) and get_last_reload_status( virtual_server_setup.metrics_url, "nginx") == "1") for i in range(1, total_vs + 1): delete_virtual_server(kube_apis.custom_objects, f"virtual-server-{i}", test_namespace) assert num is None
def test_status_remove_vs( self, kube_apis, crd_ingress_controller, v_s_route_setup, v_s_route_app_setup ): """ Test VirtualServerRoute status after deleting referenced VirtualServer """ delete_virtual_server( kube_apis.custom_objects, v_s_route_setup.vs_name, v_s_route_setup.namespace, ) response_m = read_crd( kube_apis.custom_objects, v_s_route_setup.route_m.namespace, "virtualserverroutes", v_s_route_setup.route_m.name, ) response_s = read_crd( kube_apis.custom_objects, v_s_route_setup.route_s.namespace, "virtualserverroutes", v_s_route_setup.route_s.name, ) vs_src = f"{TEST_DATA}/virtual-server-route-status/standard/virtual-server.yaml" create_virtual_server_from_yaml(kube_apis.custom_objects, vs_src, v_s_route_setup.namespace) assert ( response_m["status"] and response_m["status"]["reason"] == "NoVirtualServerFound" and not response_m["status"]["referencedBy"] and response_m["status"]["state"] == "Warning" ) assert ( response_s["status"] and response_s["status"]["reason"] == "NoVirtualServerFound" and not response_s["status"]["referencedBy"] and response_s["status"]["state"] == "Warning" )
def test_responses_and_events_in_flow(self, kube_apis, ingress_controller_prerequisites, crd_ingress_controller, v_s_route_setup, v_s_route_app_setup): req_url = f"http://{v_s_route_setup.public_endpoint.public_ip}:{v_s_route_setup.public_endpoint.port}" ic_pod_name = get_first_pod_name( kube_apis.v1, ingress_controller_prerequisites.namespace) vs_name = f"{v_s_route_setup.namespace}/{v_s_route_setup.vs_name}" vsr_1_name = f"{v_s_route_setup.namespace}/{v_s_route_setup.route_m.name}" vsr_2_name = f"{v_s_route_setup.route_s.namespace}/{v_s_route_setup.route_s.name}" vsr_1_event_text = f"Configuration for {vsr_1_name} was added or updated" vs_event_text = f"Configuration for {vs_name} was added or updated" vsr_2_event_text = f"Configuration for {vsr_2_name} was added or updated" initial_config = get_vs_nginx_template_conf( kube_apis.v1, v_s_route_setup.namespace, v_s_route_setup.vs_name, ic_pod_name, ingress_controller_prerequisites.namespace) print("\nStep 1: initial check") resp_1 = requests.get(f"{req_url}{v_s_route_setup.route_m.paths[0]}", headers={"host": v_s_route_setup.vs_host}) resp_2 = requests.get(f"{req_url}{v_s_route_setup.route_m.paths[1]}", headers={"host": v_s_route_setup.vs_host}) resp_3 = requests.get(f"{req_url}{v_s_route_setup.route_s.paths[0]}", headers={"host": v_s_route_setup.vs_host}) events_ns_1 = get_events(kube_apis.v1, v_s_route_setup.route_m.namespace) events_ns_2 = get_events(kube_apis.v1, v_s_route_setup.route_s.namespace) assert_responses_and_server_name(resp_1, resp_2, resp_3) assert_locations_in_config(initial_config, v_s_route_setup.route_m.paths) assert_locations_in_config(initial_config, v_s_route_setup.route_s.paths) initial_count_vsr_1 = assert_event_and_get_count( vsr_1_event_text, events_ns_1) initial_count_vs = assert_event_and_get_count(vs_event_text, events_ns_1) initial_count_vsr_2 = assert_event_and_get_count( vsr_2_event_text, events_ns_2) print("\nStep 2: update multiple VSRoute and check") patch_v_s_route_from_yaml( kube_apis.custom_objects, v_s_route_setup.route_m.name, f"{TEST_DATA}/virtual-server-route/route-multiple-updated.yaml", v_s_route_setup.route_m.namespace) new_vsr_paths = get_paths_from_vsr_yaml( f"{TEST_DATA}/virtual-server-route/route-multiple-updated.yaml") wait_before_test(1) resp_1 = requests.get(f"{req_url}{new_vsr_paths[0]}", headers={"host": v_s_route_setup.vs_host}) resp_2 = requests.get(f"{req_url}{new_vsr_paths[1]}", headers={"host": v_s_route_setup.vs_host}) resp_3 = requests.get(f"{req_url}{v_s_route_setup.route_s.paths[0]}", headers={"host": v_s_route_setup.vs_host}) assert_responses_and_server_name(resp_1, resp_2, resp_3) events_ns_1 = get_events(kube_apis.v1, v_s_route_setup.route_m.namespace) events_ns_2 = get_events(kube_apis.v1, v_s_route_setup.route_s.namespace) assert_event_and_count(vsr_1_event_text, initial_count_vsr_1 + 1, events_ns_1) assert_event_and_count(vs_event_text, initial_count_vs + 1, events_ns_1) # 2nd VSRoute gets an event about update too assert_event_and_count(vsr_2_event_text, initial_count_vsr_2 + 1, events_ns_2) print("\nStep 3: restore VSRoute and check") patch_v_s_route_from_yaml( kube_apis.custom_objects, v_s_route_setup.route_m.name, f"{TEST_DATA}/virtual-server-route/route-multiple.yaml", v_s_route_setup.route_m.namespace) wait_before_test(1) resp_1 = requests.get(f"{req_url}{v_s_route_setup.route_m.paths[0]}", headers={"host": v_s_route_setup.vs_host}) resp_2 = requests.get(f"{req_url}{v_s_route_setup.route_m.paths[1]}", headers={"host": v_s_route_setup.vs_host}) resp_3 = requests.get(f"{req_url}{v_s_route_setup.route_s.paths[0]}", headers={"host": v_s_route_setup.vs_host}) assert_responses_and_server_name(resp_1, resp_2, resp_3) events_ns_1 = get_events(kube_apis.v1, v_s_route_setup.route_m.namespace) events_ns_2 = get_events(kube_apis.v1, v_s_route_setup.route_s.namespace) assert_event_and_count(vsr_1_event_text, initial_count_vsr_1 + 2, events_ns_1) assert_event_and_count(vs_event_text, initial_count_vs + 2, events_ns_1) assert_event_and_count(vsr_2_event_text, initial_count_vsr_2 + 2, events_ns_2) print("\nStep 4: update one backend service port and check") svc_1 = read_service(kube_apis.v1, "backend1-svc", v_s_route_setup.route_m.namespace) svc_1.spec.ports[0].port = 8080 replace_service(kube_apis.v1, "backend1-svc", v_s_route_setup.route_m.namespace, svc_1) wait_before_test(1) resp_1 = requests.get(f"{req_url}{v_s_route_setup.route_m.paths[0]}", headers={"host": v_s_route_setup.vs_host}) resp_2 = requests.get(f"{req_url}{v_s_route_setup.route_m.paths[1]}", headers={"host": v_s_route_setup.vs_host}) assert resp_1.status_code == 502 assert resp_2.status_code == 200 events_ns_1 = get_events(kube_apis.v1, v_s_route_setup.route_m.namespace) events_ns_2 = get_events(kube_apis.v1, v_s_route_setup.route_s.namespace) assert_event_and_count(vsr_1_event_text, initial_count_vsr_1 + 3, events_ns_1) assert_event_and_count(vs_event_text, initial_count_vs + 3, events_ns_1) assert_event_and_count(vsr_2_event_text, initial_count_vsr_2 + 3, events_ns_2) print("\nStep 5: restore backend service and check") svc_1 = read_service(kube_apis.v1, "backend1-svc", v_s_route_setup.route_m.namespace) svc_1.spec.ports[0].port = 80 replace_service(kube_apis.v1, "backend1-svc", v_s_route_setup.route_m.namespace, svc_1) wait_before_test(1) resp_1 = requests.get(f"{req_url}{v_s_route_setup.route_m.paths[0]}", headers={"host": v_s_route_setup.vs_host}) resp_2 = requests.get(f"{req_url}{v_s_route_setup.route_m.paths[1]}", headers={"host": v_s_route_setup.vs_host}) assert resp_1.status_code == 200 assert resp_2.status_code == 200 events_ns_1 = get_events(kube_apis.v1, v_s_route_setup.route_m.namespace) events_ns_2 = get_events(kube_apis.v1, v_s_route_setup.route_s.namespace) assert_event_and_count(vsr_1_event_text, initial_count_vsr_1 + 4, events_ns_1) assert_event_and_count(vs_event_text, initial_count_vs + 4, events_ns_1) assert_event_and_count(vsr_2_event_text, initial_count_vsr_2 + 4, events_ns_2) print("\nStep 6: remove VSRoute and check") delete_v_s_route(kube_apis.custom_objects, v_s_route_setup.route_m.name, v_s_route_setup.namespace) wait_before_test(1) new_config = get_vs_nginx_template_conf( kube_apis.v1, v_s_route_setup.namespace, v_s_route_setup.vs_name, ic_pod_name, ingress_controller_prerequisites.namespace) resp_1 = requests.get(f"{req_url}{v_s_route_setup.route_m.paths[0]}", headers={"host": v_s_route_setup.vs_host}) resp_2 = requests.get(f"{req_url}{v_s_route_setup.route_m.paths[1]}", headers={"host": v_s_route_setup.vs_host}) resp_3 = requests.get(f"{req_url}{v_s_route_setup.route_s.paths[0]}", headers={"host": v_s_route_setup.vs_host}) assert resp_1.status_code == 404 assert resp_2.status_code == 404 assert resp_3.status_code == 200 events_ns_1 = get_events(kube_apis.v1, v_s_route_setup.route_m.namespace) events_ns_2 = get_events(kube_apis.v1, v_s_route_setup.route_s.namespace) assert_locations_not_in_config(new_config, v_s_route_setup.route_m.paths) assert_event_and_count(vsr_1_event_text, initial_count_vsr_1 + 4, events_ns_1) assert_event_and_count(vs_event_text, initial_count_vs + 5, events_ns_1) assert_event_and_count(vsr_2_event_text, initial_count_vsr_2 + 5, events_ns_2) print("\nStep 7: restore VSRoute and check") create_v_s_route_from_yaml( kube_apis.custom_objects, f"{TEST_DATA}/virtual-server-route/route-multiple.yaml", v_s_route_setup.namespace) wait_before_test(1) new_config = get_vs_nginx_template_conf( kube_apis.v1, v_s_route_setup.namespace, v_s_route_setup.vs_name, ic_pod_name, ingress_controller_prerequisites.namespace) resp_1 = requests.get(f"{req_url}{v_s_route_setup.route_m.paths[0]}", headers={"host": v_s_route_setup.vs_host}) resp_2 = requests.get(f"{req_url}{v_s_route_setup.route_m.paths[1]}", headers={"host": v_s_route_setup.vs_host}) resp_3 = requests.get(f"{req_url}{v_s_route_setup.route_s.paths[0]}", headers={"host": v_s_route_setup.vs_host}) assert_responses_and_server_name(resp_1, resp_2, resp_3) events_ns_1 = get_events(kube_apis.v1, v_s_route_setup.route_m.namespace) events_ns_2 = get_events(kube_apis.v1, v_s_route_setup.route_s.namespace) assert_locations_in_config(new_config, v_s_route_setup.route_m.paths) assert_event_and_count(vsr_1_event_text, 1, events_ns_1) assert_event_and_count(vs_event_text, initial_count_vs + 6, events_ns_1) assert_event_and_count(vsr_2_event_text, initial_count_vsr_2 + 6, events_ns_2) print("\nStep 8: remove one backend service and check") delete_service(kube_apis.v1, "backend1-svc", v_s_route_setup.route_m.namespace) wait_before_test(1) resp_1 = requests.get(f"{req_url}{v_s_route_setup.route_m.paths[0]}", headers={"host": v_s_route_setup.vs_host}) resp_2 = requests.get(f"{req_url}{v_s_route_setup.route_m.paths[1]}", headers={"host": v_s_route_setup.vs_host}) resp_3 = requests.get(f"{req_url}{v_s_route_setup.route_s.paths[0]}", headers={"host": v_s_route_setup.vs_host}) assert resp_1.status_code == 502 assert resp_2.status_code == 200 assert resp_3.status_code == 200 events_ns_1 = get_events(kube_apis.v1, v_s_route_setup.route_m.namespace) events_ns_2 = get_events(kube_apis.v1, v_s_route_setup.route_s.namespace) assert_event_and_count(vsr_1_event_text, 2, events_ns_1) assert_event_and_count(vs_event_text, initial_count_vs + 7, events_ns_1) assert_event_and_count(vsr_2_event_text, initial_count_vsr_2 + 7, events_ns_2) print("\nStep 9: restore backend service and check") create_service_with_name(kube_apis.v1, v_s_route_setup.route_m.namespace, "backend1-svc") wait_before_test(1) resp_1 = requests.get(f"{req_url}{v_s_route_setup.route_m.paths[0]}", headers={"host": v_s_route_setup.vs_host}) resp_2 = requests.get(f"{req_url}{v_s_route_setup.route_m.paths[1]}", headers={"host": v_s_route_setup.vs_host}) resp_3 = requests.get(f"{req_url}{v_s_route_setup.route_s.paths[0]}", headers={"host": v_s_route_setup.vs_host}) assert_responses_and_server_name(resp_1, resp_2, resp_3) events_ns_1 = get_events(kube_apis.v1, v_s_route_setup.route_m.namespace) events_ns_2 = get_events(kube_apis.v1, v_s_route_setup.route_s.namespace) assert_event_and_count(vsr_1_event_text, 3, events_ns_1) assert_event_and_count(vs_event_text, initial_count_vs + 8, events_ns_1) assert_event_and_count(vsr_2_event_text, initial_count_vsr_2 + 8, events_ns_2) print("\nStep 10: remove VS and check") delete_virtual_server(kube_apis.custom_objects, v_s_route_setup.vs_name, v_s_route_setup.namespace) wait_before_test(1) resp_1 = requests.get(f"{req_url}{v_s_route_setup.route_m.paths[0]}", headers={"host": v_s_route_setup.vs_host}) resp_2 = requests.get(f"{req_url}{v_s_route_setup.route_m.paths[1]}", headers={"host": v_s_route_setup.vs_host}) resp_3 = requests.get(f"{req_url}{v_s_route_setup.route_s.paths[0]}", headers={"host": v_s_route_setup.vs_host}) assert resp_1.status_code == 404 assert resp_2.status_code == 404 assert resp_3.status_code == 404 list0_list_ns_1 = get_events(kube_apis.v1, v_s_route_setup.route_m.namespace) list0_list_ns_2 = get_events(kube_apis.v1, v_s_route_setup.route_s.namespace) assert_event_and_count(vsr_1_event_text, 3, list0_list_ns_1) assert_event_and_count(vs_event_text, initial_count_vs + 8, list0_list_ns_1) assert_event_and_count(vsr_2_event_text, initial_count_vsr_2 + 8, list0_list_ns_2) print("\nStep 11: restore VS and check") create_virtual_server_from_yaml( kube_apis.custom_objects, f"{TEST_DATA}/virtual-server-route/standard/virtual-server.yaml", v_s_route_setup.namespace) wait_before_test(1) resp_1 = requests.get(f"{req_url}{v_s_route_setup.route_m.paths[0]}", headers={"host": v_s_route_setup.vs_host}) resp_2 = requests.get(f"{req_url}{v_s_route_setup.route_m.paths[1]}", headers={"host": v_s_route_setup.vs_host}) resp_3 = requests.get(f"{req_url}{v_s_route_setup.route_s.paths[0]}", headers={"host": v_s_route_setup.vs_host}) assert_responses_and_server_name(resp_1, resp_2, resp_3) list1_list_ns_1 = get_events(kube_apis.v1, v_s_route_setup.route_m.namespace) list1_list_ns_2 = get_events(kube_apis.v1, v_s_route_setup.route_s.namespace) assert_event_and_count(vsr_1_event_text, 4, list1_list_ns_1) assert_event_and_count(vs_event_text, 1, list1_list_ns_1) assert_event_and_count(vsr_2_event_text, initial_count_vsr_2 + 9, list1_list_ns_2)
def fin(): print("Clean up Virtual Server Example:") delete_virtual_server(kube_apis.custom_objects, vs_name, test_namespace) delete_common_app(kube_apis.v1, kube_apis.extensions_v1_beta1, common_app, test_namespace)
def test_ap_waf_policy_vs_batch_start( self, request, kube_apis, ingress_controller_prerequisites, crd_ingress_controller_with_ap, virtual_server_setup, appprotect_waf_setup, test_namespace, ): """ Pod startup time with AP WAF Policy """ waf_spec_vs_src = f"{TEST_DATA}/ap-waf/virtual-server-waf-spec.yaml" waf_pol_dataguard_src = f"{TEST_DATA}/ap-waf/policies/waf-dataguard.yaml" print(f"Create waf policy") create_ap_waf_policy_from_yaml( kube_apis.custom_objects, waf_pol_dataguard_src, test_namespace, test_namespace, True, False, ap_pol_name, log_name, "syslog:server=127.0.0.1:514", ) wait_before_test() print(f"Patch vs with policy: {waf_spec_vs_src}") patch_virtual_server_from_yaml( kube_apis.custom_objects, virtual_server_setup.vs_name, waf_spec_vs_src, virtual_server_setup.namespace, ) wait_before_test(120) print( "----------------------- Send request with embedded malicious script----------------------" ) response1 = requests.get( virtual_server_setup.backend_1_url + "</script>", headers={"host": virtual_server_setup.vs_host}, ) print(response1.status_code) print( "----------------------- Send request with blocked keyword in UDS----------------------" ) response2 = requests.get( virtual_server_setup.backend_1_url, headers={"host": virtual_server_setup.vs_host}, data="kic", ) total_vs = int(request.config.getoption("--batch-resources")) print(response2.status_code) for i in range(1, total_vs + 1): with open(waf_spec_vs_src) as f: doc = yaml.safe_load(f) doc["metadata"]["name"] = f"virtual-server-{i}" doc["spec"]["host"] = f"virtual-server-{i}.example.com" kube_apis.custom_objects.create_namespaced_custom_object( "k8s.nginx.org", "v1", test_namespace, "virtualservers", doc) print( f"VirtualServer created with name '{doc['metadata']['name']}'" ) print(f"Total resources deployed is {total_vs}") wait_before_test() ic_ns = ingress_controller_prerequisites.namespace scale_deployment(kube_apis.v1, kube_apis.apps_v1_api, "nginx-ingress", ic_ns, 0) while get_pods_amount(kube_apis.v1, ic_ns) is not 0: print(f"Number of replicas not 0, retrying...") wait_before_test() num = scale_deployment(kube_apis.v1, kube_apis.apps_v1_api, "nginx-ingress", ic_ns, 1) assert (get_total_vs(virtual_server_setup.metrics_url, "nginx") == str(total_vs + 1) and get_last_reload_status( virtual_server_setup.metrics_url, "nginx") == "1") for i in range(1, total_vs + 1): delete_virtual_server(kube_apis.custom_objects, f"virtual-server-{i}", test_namespace) delete_policy(kube_apis.custom_objects, "waf-policy", test_namespace) assert num is None