def testcallseq(): """Return a friendly HTTP greeting.""" result_prefix = APP_LOG_PREFIX_ERROR result_text = "Unexpected" try: print('testcallseq', 'start', request.url) collection = [] headers_dict = {} next_call = get_next_call(request.args.to_dict(), collection) headers_dict = get_headers_to_include(request.headers, headers_dict) if next_call: try: print('next_call-[{}]-[{}]-[{}]'.format( next_call, collection, headers_dict)) result_text = RestHelper.call_with_sequence( next_call, collection, headers=headers_dict) if not result_text.startswith('*Error*'): result_prefix = APP_LOG_PREFIX_SUCCESS except Exception as e: result_text = '*Error*-Happened - Making the request-url[{}]'.format( request.url) else: result_text = "Last Call Successful" except Exception as e: result_text = '*Error* - Unexpected Error Happened - Probably Parsing' traceback.print_exc() print(result_prefix + ':Call:Result[{}]'.format(result_text)) return "host:" + K8S_HOST_NAME + "\n" + result_text
def warmup(self, up_to_number, sleep_seconds, check, url): for i in range(1,up_to_number): headers = {} response = RestHelper(url).get_text(None, headers) if len(response) > 0: if check in response: return time.sleep(sleep_seconds) return
def test_simple_hello_uc3_empty_token(self): token_gcf = None self.assertIn('INGRESS_ISTIO_HOST', os.environ, "INGRESS_ISTIO_HOST environment variable not set") self.assertTrue(len(os.environ['INGRESS_ISTIO_HOST']) > 0, "INGRESS_ISTIO_HOST empty - len == 0") full_url = self.get_url(os.environ['INGRESS_ISTIO_HOST'], 'app-allowed-jwt-istio-appconfigv2-service-sm-', 'uc-allowed-jwt-istio', [ '2', '3' ]) headers = {"Host": "test-simple-hello.example.com"} response = RestHelper(full_url).get_text(token_gcf,headers) self.assertTrue(len(response) > 0, "response empty - len == 0") self.assertIn("401", response, "Failed Test")
def test_simple_hello_uc3_with_google_com_token(self): self.assertIn('GOOGLE_APPLICATION_CREDENTIALS', os.environ, "INGRESS_ISTIO_HOST environment variable not set") self.assertTrue(len(os.environ['INGRESS_ISTIO_HOST']) > 0, "INGRESS_ISTIO_HOST empty - len == 0") o_auth_helper = GCPAuthHelper() token_gcf = o_auth_helper.get_google_open_id_connect_token("https://site2.ecom1.joecloudy.com") full_url = self.get_url(os.environ['INGRESS_ISTIO_HOST'], 'app-allowed-jwt-istio-appconfigv2-service-sm-', 'uc-allowed-jwt-istio', [ '2', '3' ]) headers = {"Host": "test-simple-hello.example.com"} response = RestHelper(full_url).get_text(token_gcf,headers) self.assertTrue(len(response) > 0, "response empty - len == 0") self.assertIn("Last Call Successful", response, "Failed Test")
def test_simple_hello_uc5_simple_external_not_google_apis(self): uc = "uc-secrets-istio" self.assertIn('INGRESS_ISTIO_HOST', os.environ, "INGRESS_ISTIO_HOST environment variable not set") self.assertTrue(len(os.environ['INGRESS_ISTIO_HOST']) > 0, "INGRESS_ISTIO_HOST empty - len == 0") full_url = "http://" + os.environ['INGRESS_ISTIO_HOST'] + "/testcallseq?" full_url = full_url + self.util("1", "app-secrets-istio-appconfigv2-service-sm-2", uc) full_url = full_url + "&" + self.util("2", "app-secrets-istio-appconfigv2-service-sm-3", None) full_url = full_url + "&call3=https://httpbin.org/get" headers = {"Host": "test-simple-hello.example.com"} response = RestHelper(full_url).get_text(None,headers) self.assertTrue(len(response) > 0, "response empty - len == 0") self.assertIn('*Error*', response, "Failed Test - Last Call")
def test_simple_hello_uc2_service_ok(self): uc = "uc-allowed-services-istio" self.assertTrue(len(os.environ['INGRESS_ISTIO_HOST']) > 0, "INGRESS_ISTIO_HOST empty - len == 0") full_url = "http://" + os.environ['INGRESS_ISTIO_HOST'] + "/testcallseq?" full_url = full_url + self.util("1", "app-allowed-istio-appconfigv2-service-sm-2", uc) full_url = full_url + "&" + self.util("2", "app-allowed-istio-appconfigv2-service-sm-3", uc) headers = {} response = RestHelper(full_url).get_text(None,headers) self.assertTrue(len(response) > 0, "response empty - len == 0") self.assertNotIn('*Error*', response, "Failed Test") self.assertNotIn('403', response, "Failed Test- 403") self.assertNotIn('PERMISSION_DENIED', response, "Failed Test - Denied Text")
def hello(): """Return a friendly HTTP greeting.""" collection = [ { 'call': 'http://httpbin.org/get' }, ] next_call = collection.pop()['call'] print('next_call-[{}]-[{}]'.format(next_call, collection)) text = RestHelper.call_with_sequence(next_call, collection) print(APP_LOG_PREFIX_SUCCESS + ':Call:Result[{}]'.format(text)) return text
def test_simple_hello_uc1_outbound_ok(self): uc = "uc-allowed-services-k8s" self.assertTrue(len(os.environ['INGRESS_NO_ISTIO_HOST']) > 0, "INGRESS_NO_ISTIO_HOST empty - len == 0") full_url = "http://" + os.environ['INGRESS_NO_ISTIO_HOST'] + "/testcallseq?" full_url = full_url + self.util("1", "app-allowed-k8s-appconfigv2-service-sm-2", uc) full_url = full_url + "&" + self.util("2", "app-allowed-k8s-appconfigv2-service-sm-1", uc) full_url = full_url + "&call3=https://httpbin.org/get" headers = {"Host": "test-simple-hello.example.com"} response = RestHelper(full_url).get_text(None,headers) self.assertTrue(len(response) > 0, "response empty - len == 0") self.assertIn('"User-Agent": "python-requests/2.22.0"', response, "Failed Test") self.assertIn('"Host": "httpbin.org"', response, "Failed Test")
def workload_identity_pubsub_ok(self): uc = "uc-workload-identity" self.assertIn('INGRESS_NO_ISTIO_HOST', os.environ, "INGRESS_NO_ISTIO_HOST environment variable not set") self.assertTrue(len(os.environ['INGRESS_NO_ISTIO_HOST']) > 0, "INGRESS_NO_ISTIO_HOST empty - len == 0") self.assertIn('PUBSUB_GCP_PROJECT', os.environ, "PUBSUB_GCP_PROJECT environment variable not set") self.assertTrue(len(os.environ['PUBSUB_GCP_PROJECT']) > 0, "PUBSUB_GCP_PROJECT empty - len == 0") full_url = "http://" + os.environ['INGRESS_NO_ISTIO_HOST'] + "/testcallseq?" full_url = full_url + "call1=http://workload-identity-pubsub-app." + uc + ":8000" full_url = full_url + "?gcpProjectID=" + os.environ['PUBSUB_GCP_PROJECT'] full_url = full_url + "&topic=workload-identity-topic&message=hello" headers = {"Host": "test-simple-hello.example.com"} response = RestHelper(full_url).get_text(None,headers) self.assertTrue(len(response) > 0, "response empty - len == 0") self.assertIn('Publish Success:', response, "Failed Test - Publish")
def manual_hello(): collection = [ { 'call4': 'http://localhost:8080/testcallseq' }, { 'call3': 'http://httpbin.org/get' }, ] text = RestHelper.call_with_sequence('http://localhost:8080/testcallseq', collection) print(APP_LOG_PREFIX_SUCCESS + ':Call:Result[{}]'.format(text)) return text
def test_simple_hello_uc5_pubsub_topic_acl_not_allowed(self): uc = "uc-secrets-istio" self.assertIn('INGRESS_ISTIO_HOST', os.environ, "INGRESS_ISTIO_HOST environment variable not set") self.assertTrue(len(os.environ['INGRESS_ISTIO_HOST']) > 0, "INGRESS_ISTIO_HOST empty - len == 0") self.assertIn('PUBSUB_GCP_PROJECT', os.environ, "PUBSUB_GCP_PROJECT environment variable not set") self.assertTrue(len(os.environ['PUBSUB_GCP_PROJECT']) > 0, "PUBSUB_GCP_PROJECT empty - len == 0") full_url = "http://" + os.environ['INGRESS_ISTIO_HOST'] + "/testcallseq?" full_url = full_url + self.util("1", "app-secrets-istio-appconfigv2-service-sm-2", uc) full_url = full_url + "&" + self.util("2", "app-secrets-istio-appconfigv2-service-sm-3", uc) full_url = full_url + "&call3=http://app-secrets-istio-appconfigv2-service-pubsub?" full_url = full_url + "gcpProjectID=" + os.environ['PUBSUB_GCP_PROJECT'] full_url = full_url + "&topic=appconfigcrd-demo-topic1&message=hello2" headers = {"Host": "test-simple-hello.example.com"} response = RestHelper(full_url).get_text(None,headers) self.assertTrue(len(response) > 0, "response empty - len == 0") self.assertIn('PermissionDenied', response, "Failed Test - Publish")
def test_simple_hello_uc1_service_blocked(self): uc = "uc-allowed-services-k8s" self.assertTrue(len(os.environ['INGRESS_NO_ISTIO_HOST']) > 0, "INGRESS_ISTIO_HOST empty - len == 0") full_url = "http://" + os.environ['INGRESS_NO_ISTIO_HOST'] + "/testcallseq?" full_url = full_url + self.util("1", "app-allowed-k8s-appconfigv2-service-sm-2", uc) full_url = full_url + "&" + self.util("2", "app-allowed-k8s-appconfigv2-service-sm-3", uc) full_url = full_url + "&call3=https://httpbin.org/get" headers = {"Host": "test-simple-hello.example.com"} try: response = RestHelper(full_url).get_text(None,headers) except: print('exception') return self.fail('Should fail with Timeout')
parser.add_argument('--debug') parser.add_argument('--host', required=True) parser.add_argument('--service_name', required=True) parser.add_argument('--namespace_name', required=True) parser.add_argument('--nested_calls', required=True) parser.add_argument('--skip_jwt') args = parser.parse_args() port = '80' host = args.host service_name = args.service_name namespace_name = args.namespace_name nested_calls = args.nested_calls skip_jwt = args.skip_jwt if 'INGRESS_ISTIO_HOST' in os.environ and os.environ['INGRESS_ISTIO_HOST']: o_auth_helper = GCPAuthHelper() token_gcf = o_auth_helper.get_google_open_id_connect_token( "https://site2.ecom1.joecloudy.com") if skip_jwt: print('Empty JWT') token_gcf = None # token_gcf = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c' headers = {'Host': host} full_url = get_url(os.environ['INGRESS_ISTIO_HOST'], service_name, namespace_name, nested_calls.split(',')) print('full_url', full_url, 'host', host) print(RestHelper(full_url).get_text(token_gcf, headers)) else: print('Need to export INGRESS_ISTIO_HOST IP')