def ingress_setup(request, kube_apis, ingress_controller_endpoint, test_namespace) -> IngressSetup: print( "------------------------- Deploy Ingress Example -----------------------------------" ) secret_name = create_secret_from_yaml( kube_apis.v1, test_namespace, f"{TEST_DATA}/smoke/smoke-secret.yaml") create_items_from_yaml(kube_apis, f"{TEST_DATA}/smoke/standard/smoke-ingress.yaml", test_namespace) ingress_host = get_first_ingress_host_from_yaml( f"{TEST_DATA}/smoke/standard/smoke-ingress.yaml") create_example_app(kube_apis, "simple", test_namespace) wait_until_all_pods_are_ready(kube_apis.v1, test_namespace) ensure_connection_to_public_endpoint( ingress_controller_endpoint.public_ip, ingress_controller_endpoint.port, ingress_controller_endpoint.port_ssl, ) req_url = f"https://{ingress_controller_endpoint.public_ip}:{ingress_controller_endpoint.port_ssl}/backend1" def fin(): print("Clean up simple app") delete_common_app(kube_apis, "simple", test_namespace) delete_items_from_yaml( kube_apis, f"{TEST_DATA}/smoke/standard/smoke-ingress.yaml", test_namespace) delete_secret(kube_apis.v1, secret_name, test_namespace) request.addfinalizer(fin) return IngressSetup(req_url, ingress_host)
def smoke_setup(request, kube_apis, ingress_controller_endpoint, ingress_controller, test_namespace) -> SmokeSetup: print( "------------------------- Deploy Smoke Example -----------------------------------" ) secret_name = create_secret_from_yaml( kube_apis.v1, test_namespace, f"{TEST_DATA}/smoke/smoke-secret.yaml") create_items_from_yaml( kube_apis, f"{TEST_DATA}/smoke/{request.param}/smoke-ingress.yaml", test_namespace) ingress_host = get_first_ingress_host_from_yaml( f"{TEST_DATA}/smoke/{request.param}/smoke-ingress.yaml") common_app = create_common_app(kube_apis.v1, kube_apis.extensions_v1_beta1, test_namespace) wait_until_all_pods_are_ready(kube_apis.v1, test_namespace) ensure_connection_to_public_endpoint(ingress_controller_endpoint.public_ip, ingress_controller_endpoint.port, ingress_controller_endpoint.port_ssl) def fin(): print("Clean up the Smoke Application:") delete_common_app(kube_apis.v1, kube_apis.extensions_v1_beta1, common_app, test_namespace) delete_items_from_yaml( kube_apis, f"{TEST_DATA}/smoke/{request.param}/smoke-ingress.yaml", test_namespace) delete_secret(kube_apis.v1, secret_name, test_namespace) request.addfinalizer(fin) return SmokeSetup(ingress_controller_endpoint, ingress_host)
def jwt_secrets_setup(request, kube_apis, ingress_controller_endpoint, ingress_controller, test_namespace) -> JWTSecretsSetup: with open(f"{TEST_DATA}/jwt-secrets/tokens/jwt-secrets-token.jwt", "r") as token_file: token = token_file.read().replace('\n', '') print( "------------------------- Deploy JWT Secrets Example -----------------------------------" ) create_items_from_yaml( kube_apis, f"{TEST_DATA}/jwt-secrets/{request.param}/jwt-secrets-ingress.yaml", test_namespace) ingress_host = get_first_ingress_host_from_yaml( f"{TEST_DATA}/jwt-secrets/{request.param}/jwt-secrets-ingress.yaml") create_example_app(kube_apis, "simple", test_namespace) wait_until_all_pods_are_ready(kube_apis.v1, test_namespace) ensure_connection_to_public_endpoint(ingress_controller_endpoint.public_ip, ingress_controller_endpoint.port, ingress_controller_endpoint.port_ssl) def fin(): print("Clean up the JWT Secrets Application:") delete_common_app(kube_apis, "simple", test_namespace) delete_items_from_yaml( kube_apis, f"{TEST_DATA}/jwt-secrets/{request.param}/jwt-secrets-ingress.yaml", test_namespace) request.addfinalizer(fin) return JWTSecretsSetup(ingress_controller_endpoint, ingress_host, token)
def wildcard_tls_secret_setup(request, kube_apis, ingress_controller_endpoint, test_namespace) -> WildcardTLSSecretSetup: ing_type = request.param print( "------------------------- Deploy Wildcard-Tls-Secret-Example -----------------------------------" ) create_items_from_yaml( kube_apis, f"{TEST_DATA}/wildcard-tls-secret/{ing_type}/wildcard-secret-ingress.yaml", test_namespace) host = get_first_ingress_host_from_yaml( f"{TEST_DATA}/wildcard-tls-secret/{ing_type}/wildcard-secret-ingress.yaml" ) common_app = create_example_app(kube_apis, "simple", test_namespace) wait_until_all_pods_are_ready(kube_apis.v1, test_namespace) def fin(): print("Clean up Wildcard-Tls-Secret-Example:") delete_items_from_yaml( kube_apis, f"{TEST_DATA}/wildcard-tls-secret/{ing_type}/wildcard-secret-ingress.yaml", test_namespace) delete_common_app(kube_apis.v1, kube_apis.apps_v1_api, common_app, test_namespace) request.addfinalizer(fin) return WildcardTLSSecretSetup(ingress_controller_endpoint, test_namespace, host)
def v_s_route_secure_app_setup(request, kube_apis, v_s_route_setup) -> None: """ Prepare a secure example app for Virtual Server Route. 1st namespace with backend1-svc and backend3-svc and deployment and 2nd namespace with https backend2-svc and deployment. :param request: internal pytest fixture :param kube_apis: client apis :param v_s_route_setup: :return: """ print("---------------------- Deploy a VS Route Example Application ----------------------------") create_items_from_yaml(kube_apis, f"{TEST_DATA}/common/app/vsr/secure/multiple.yaml", v_s_route_setup.route_m.namespace) create_items_from_yaml(kube_apis, f"{TEST_DATA}/common/app/vsr/secure/single.yaml", v_s_route_setup.route_s.namespace) wait_until_all_pods_are_ready(kube_apis.v1, v_s_route_setup.route_m.namespace) wait_until_all_pods_are_ready(kube_apis.v1, v_s_route_setup.route_s.namespace) def fin(): print("Clean up the Application:") delete_items_from_yaml(kube_apis, f"{TEST_DATA}/common/app/vsr/secure/multiple.yaml", v_s_route_setup.route_m.namespace) delete_items_from_yaml(kube_apis, f"{TEST_DATA}/common/app/vsr/secure/single.yaml", v_s_route_setup.route_s.namespace) request.addfinalizer(fin)
def smoke_setup(request, kube_apis, ingress_controller_endpoint, ingress_controller, test_namespace) -> SmokeSetup: print( "------------------------- Deploy Smoke Example -----------------------------------" ) secret_name = create_secret_from_yaml( kube_apis.v1, test_namespace, f"{TEST_DATA}/smoke/smoke-secret.yaml") create_items_from_yaml( kube_apis, f"{TEST_DATA}/smoke/{request.param}/smoke-ingress.yaml", test_namespace) ingress_host = get_first_ingress_host_from_yaml( f"{TEST_DATA}/smoke/{request.param}/smoke-ingress.yaml") create_example_app(kube_apis, "simple", test_namespace) wait_until_all_pods_are_ready(kube_apis.v1, test_namespace) ensure_connection_to_public_endpoint( ingress_controller_endpoint.public_ip, ingress_controller_endpoint.port, ingress_controller_endpoint.port_ssl, ) def fin(): print("Clean up the Smoke Application:") delete_common_app(kube_apis, "simple", test_namespace) delete_items_from_yaml( kube_apis, f"{TEST_DATA}/smoke/{request.param}/smoke-ingress.yaml", test_namespace) delete_secret(kube_apis.v1, secret_name, test_namespace) write_to_json(f"reload-{get_test_file_name(request.node.fspath)}.json", reload_times) request.addfinalizer(fin) return SmokeSetup(ingress_controller_endpoint, ingress_host)
def enable_exporter_port(cli_arguments, kube_apis, ingress_controller_prerequisites, ingress_controller) -> None: """ Set containerPort for Prometheus Exporter. :param cli_arguments: context :param kube_apis: client apis :param ingress_controller_prerequisites :param ingress_controller: IC name :return: """ namespace = ingress_controller_prerequisites.namespace port = V1ContainerPort(9113, None, None, "prometheus", "TCP") print( "------------------------- Enable 9113 port in IC -----------------------------------" ) body = kube_apis.apps_v1_api.read_namespaced_deployment( ingress_controller, namespace) body.spec.template.spec.containers[0].ports.append(port) if cli_arguments["deployment-type"] == "deployment": kube_apis.apps_v1_api.patch_namespaced_deployment( ingress_controller, namespace, body) else: kube_apis.apps_v1_api.patch_namespaced_daemon_set( ingress_controller, namespace, body) wait_until_all_pods_are_ready(kube_apis.v1, namespace)
def hsts_setup(request, kube_apis, ingress_controller_prerequisites, ingress_controller_endpoint, ingress_controller, test_namespace) -> HSTSSetup: print( "------------------------- Deploy HSTS-Example -----------------------------------" ) create_items_from_yaml( kube_apis, f"{TEST_DATA}/hsts/{request.param}/hsts-ingress.yaml", test_namespace) ingress_name = get_name_from_yaml( f"{TEST_DATA}/hsts/{request.param}/hsts-ingress.yaml") ingress_host = get_first_ingress_host_from_yaml( f"{TEST_DATA}/hsts/{request.param}/hsts-ingress.yaml") create_example_app(kube_apis, "simple", test_namespace) wait_until_all_pods_are_ready(kube_apis.v1, test_namespace) ensure_connection_to_public_endpoint(ingress_controller_endpoint.public_ip, ingress_controller_endpoint.port, ingress_controller_endpoint.port_ssl) req_https_url = f"https://{ingress_controller_endpoint.public_ip}:" \ f"{ingress_controller_endpoint.port_ssl}/backend1" ensure_response_from_backend(req_https_url, ingress_host) def fin(): print("Clean up HSTS Example:") delete_common_app(kube_apis, "simple", test_namespace) delete_items_from_yaml( kube_apis, f"{TEST_DATA}/hsts/{request.param}/hsts-ingress.yaml", test_namespace) request.addfinalizer(fin) return HSTSSetup(ingress_controller_endpoint, f"{TEST_DATA}/hsts/{request.param}/hsts-ingress.yaml", ingress_name, ingress_host, test_namespace)
def jwt_auth_setup(request, kube_apis, ingress_controller_endpoint, ingress_controller, test_namespace) -> JWTAuthMergeableSetup: tokens = {"master": get_token_from_file("master"), "minion": get_token_from_file("minion")} master_secret_name = create_secret_from_yaml(kube_apis.v1, test_namespace, f"{TEST_DATA}/jwt-auth-mergeable/jwt-master-secret.yaml") minion_secret_name = create_secret_from_yaml(kube_apis.v1, test_namespace, f"{TEST_DATA}/jwt-auth-mergeable/jwt-minion-secret.yaml") print("------------------------- Deploy JWT Auth Mergeable Minions Example -----------------------------------") create_items_from_yaml(kube_apis.extensions_v1_beta1, f"{TEST_DATA}/jwt-auth-mergeable/mergeable/jwt-auth-ingress.yaml", test_namespace) ingress_host = get_ingress_host_from_yaml(f"{TEST_DATA}/jwt-auth-mergeable/mergeable/jwt-auth-ingress.yaml") common_app = create_common_app(kube_apis.v1, kube_apis.extensions_v1_beta1, test_namespace) wait_until_all_pods_are_ready(kube_apis.v1, test_namespace) ensure_connection_to_public_endpoint(ingress_controller_endpoint.public_ip, ingress_controller_endpoint.port, ingress_controller_endpoint.port_ssl) wait_before_test(2) def fin(): print("Delete Master Secret:") if is_secret_present(kube_apis.v1, master_secret_name, test_namespace): delete_secret(kube_apis.v1, master_secret_name, test_namespace) print("Delete Minion Secret:") if is_secret_present(kube_apis.v1, minion_secret_name, test_namespace): delete_secret(kube_apis.v1, minion_secret_name, test_namespace) print("Clean up the JWT Auth Mergeable Minions Application:") delete_common_app(kube_apis.v1, kube_apis.extensions_v1_beta1, common_app, test_namespace) delete_items_from_yaml(kube_apis.extensions_v1_beta1, f"{TEST_DATA}/jwt-auth-mergeable/mergeable/jwt-auth-ingress.yaml", test_namespace) request.addfinalizer(fin) return JWTAuthMergeableSetup(ingress_controller_endpoint, ingress_host, master_secret_name, minion_secret_name, tokens)
def backend_setup(request, kube_apis, ingress_controller_endpoint, test_namespace) -> BackendSetup: """ Deploy simple application and all the Ingress resources under test in one namespace. :param request: pytest fixture :param kube_apis: client apis :param ingress_controller_endpoint: public endpoint :param test_namespace: :return: BackendSetup """ print("------------------------- Deploy the backend -----------------------------------") create_example_app(kube_apis, "simple", test_namespace) req_url = f"http://{ingress_controller_endpoint.public_ip}:{ingress_controller_endpoint.port}/backend1" wait_until_all_pods_are_ready(kube_apis.v1, test_namespace) ensure_connection_to_public_endpoint(ingress_controller_endpoint.public_ip, ingress_controller_endpoint.port, ingress_controller_endpoint.port_ssl) print("------------------------- Deploy ingresses under test -----------------------------------") ingress_hosts = {} for item in ingresses_under_test: src_ing_yaml = f"{TEST_DATA}/ingress-class/{item}-ingress.yaml" create_items_from_yaml(kube_apis, src_ing_yaml, test_namespace) ingress_hosts[item] = get_first_ingress_host_from_yaml(src_ing_yaml) wait_before_test(2) def fin(): print("Clean up:") delete_common_app(kube_apis, "simple", test_namespace) for item in ingresses_under_test: src_ing_yaml = f"{TEST_DATA}/ingress-class/{item}-ingress.yaml" delete_items_from_yaml(kube_apis, src_ing_yaml, test_namespace) request.addfinalizer(fin) return BackendSetup(req_url, ingress_hosts)
def vsr_regexp_setup(request, kube_apis, ingress_controller_prerequisites, ingress_controller_endpoint, test_namespace) -> VSRRegexpSetup: """ Prepare an example app for advanced routing VSR. Single namespace with VS+VSR and simple app. :param request: internal pytest fixture :param kube_apis: client apis :param ingress_controller_endpoint: :param ingress_controller_prerequisites: :param test_namespace: :return: """ print("------------------------- Deploy Virtual Server -----------------------------------") vs_src_yaml = f"{TEST_DATA}/{request.param['example']}/additional-case/virtual-server-exact-over-all.yaml" vs_name = create_virtual_server_from_yaml(kube_apis.custom_objects, vs_src_yaml, test_namespace) vs_host = get_first_host_from_yaml(vs_src_yaml) print("------------------------- Deploy VSRs -----------------------------------") for item in ['prefix', 'exact', 'regexp']: create_v_s_route_from_yaml(kube_apis.custom_objects, f"{TEST_DATA}/{request.param['example']}/additional-case/route-{item}.yaml", test_namespace) print("---------------------- Deploy simple app ----------------------------") create_example_app(kube_apis, "extended", test_namespace) wait_until_all_pods_are_ready(kube_apis.v1, test_namespace) return VSRRegexpSetup(test_namespace, vs_host, vs_name)
def auth_basic_secrets_setup(request, kube_apis, ingress_controller_endpoint, ingress_controller, test_namespace) -> AuthBasicSecretsSetup: with open(f"{TEST_DATA}/auth-basic-secrets/credentials/credentials.txt", "r") as credentials_file: credentials = credentials_file.read().replace('\n', '') print( "------------------------- Deploy Auth Basic Secrets Example -----------------------------------" ) create_items_from_yaml( kube_apis, f"{TEST_DATA}/auth-basic-secrets/{request.param}/auth-basic-secrets-ingress.yaml", test_namespace) ingress_host = get_first_ingress_host_from_yaml( f"{TEST_DATA}/auth-basic-secrets/{request.param}/auth-basic-secrets-ingress.yaml" ) create_example_app(kube_apis, "simple", test_namespace) wait_until_all_pods_are_ready(kube_apis.v1, test_namespace) ensure_connection_to_public_endpoint(ingress_controller_endpoint.public_ip, ingress_controller_endpoint.port, ingress_controller_endpoint.port_ssl) def fin(): print("Clean up the Auth Basic Secrets Application:") delete_common_app(kube_apis, "simple", test_namespace) delete_items_from_yaml( kube_apis, f"{TEST_DATA}/auth-basic-secrets/{request.param}/auth-basic-secrets-ingress.yaml", test_namespace) request.addfinalizer(fin) return AuthBasicSecretsSetup(ingress_controller_endpoint, ingress_host, credentials)
def jwt_auth_setup(request, kube_apis, ingress_controller_endpoint, ingress_controller, test_namespace) -> JWTAuthMergeableSetup: tokens = {"master": get_token_from_file("master"), "minion": get_token_from_file("minion")} master_secret_name = create_secret_from_yaml(kube_apis.v1, test_namespace, f"{TEST_DATA}/jwt-auth-mergeable/jwt-master-secret.yaml") minion_secret_name = create_secret_from_yaml(kube_apis.v1, test_namespace, f"{TEST_DATA}/jwt-auth-mergeable/jwt-minion-secret.yaml") print("------------------------- Deploy JWT Auth Mergeable Minions Example -----------------------------------") create_items_from_yaml(kube_apis, f"{TEST_DATA}/jwt-auth-mergeable/mergeable/jwt-auth-ingress.yaml", test_namespace) ingress_host = get_first_ingress_host_from_yaml(f"{TEST_DATA}/jwt-auth-mergeable/mergeable/jwt-auth-ingress.yaml") create_example_app(kube_apis, "simple", test_namespace) wait_until_all_pods_are_ready(kube_apis.v1, test_namespace) ensure_connection_to_public_endpoint(ingress_controller_endpoint.public_ip, ingress_controller_endpoint.port, ingress_controller_endpoint.port_ssl) wait_before_test(2) def fin(): print("Delete Master Secret:") if is_secret_present(kube_apis.v1, master_secret_name, test_namespace): delete_secret(kube_apis.v1, master_secret_name, test_namespace) print("Delete Minion Secret:") if is_secret_present(kube_apis.v1, minion_secret_name, test_namespace): delete_secret(kube_apis.v1, minion_secret_name, test_namespace) print("Clean up the JWT Auth Mergeable Minions Application:") delete_common_app(kube_apis, "simple", test_namespace) delete_items_from_yaml(kube_apis, f"{TEST_DATA}/jwt-auth-mergeable/mergeable/jwt-auth-ingress.yaml", test_namespace) request.addfinalizer(fin) return JWTAuthMergeableSetup(ingress_controller_endpoint, ingress_host, master_secret_name, minion_secret_name, tokens)
def virtual_server_setup(request, kube_apis, crd_ingress_controller, ingress_controller_endpoint, test_namespace) -> VirtualServerSetup: """ Prepare Virtual Server Example. :param request: internal pytest fixture to parametrize this method: {example: virtual-server|virtual-server-tls|..., app_type: simple|split|...} 'example' is a directory name in TEST_DATA, 'app_type' is a directory name in TEST_DATA/common/app :param kube_apis: client apis :param crd_ingress_controller: :param ingress_controller_endpoint: :param test_namespace: :return: VirtualServerSetup """ print("------------------------- Deploy Virtual Server Example -----------------------------------") vs_source = f"{TEST_DATA}/{request.param['example']}/standard/virtual-server.yaml" vs_name = create_virtual_server_from_yaml(kube_apis.custom_objects, vs_source, test_namespace) vs_host = get_first_vs_host_from_yaml(vs_source) vs_paths = get_paths_from_vs_yaml(vs_source) if request.param['app_type']: create_example_app(kube_apis, request.param['app_type'], test_namespace) wait_until_all_pods_are_ready(kube_apis.v1, test_namespace) def fin(): print("Clean up Virtual Server Example:") delete_virtual_server(kube_apis.custom_objects, vs_name, test_namespace) if request.param['app_type']: delete_common_app(kube_apis, request.param['app_type'], test_namespace) request.addfinalizer(fin) return VirtualServerSetup(ingress_controller_endpoint, test_namespace, vs_host, vs_name, vs_paths)
def hello_app(request, kube_apis, test_namespace): create_items_from_yaml(kube_apis, hello_app_yaml, test_namespace) wait_until_all_pods_are_ready(kube_apis.v1, test_namespace) def fin(): delete_items_from_yaml(kube_apis, hello_app_yaml, test_namespace) request.addfinalizer(fin)
def example_app_setup(request, kube_apis, v_s_route_setup) -> None: """ Prepare an example app. 1st namespace with backend1-svc and backend3-svc and deployment and 2nd namespace with backend2-svc and deployment. :param request: internal pytest fixture :param kube_apis: client apis :param v_s_route_setup: :return: """ print( "---------------------- Deploy a VS Route Example Application ----------------------------" ) svc_one = create_service_with_name(kube_apis.v1, v_s_route_setup.route_m.namespace, "backend1-svc") svc_three = create_service_with_name(kube_apis.v1, v_s_route_setup.route_m.namespace, "backend3-svc") deployment_one = create_deployment_with_name( kube_apis.extensions_v1_beta1, v_s_route_setup.route_m.namespace, "backend1") deployment_three = create_deployment_with_name( kube_apis.extensions_v1_beta1, v_s_route_setup.route_m.namespace, "backend3") svc_two = create_service_with_name(kube_apis.v1, v_s_route_setup.route_s.namespace, "backend2-svc") deployment_two = create_deployment_with_name( kube_apis.extensions_v1_beta1, v_s_route_setup.route_s.namespace, "backend2") wait_until_all_pods_are_ready(kube_apis.v1, v_s_route_setup.route_m.namespace) wait_until_all_pods_are_ready(kube_apis.v1, v_s_route_setup.route_s.namespace) # wait_before_test(2) def fin(): print("Clean up the Application:") delete_deployment(kube_apis.extensions_v1_beta1, deployment_one, v_s_route_setup.route_m.namespace) delete_service(kube_apis.v1, svc_one, v_s_route_setup.route_m.namespace) delete_deployment(kube_apis.extensions_v1_beta1, deployment_three, v_s_route_setup.route_m.namespace) delete_service(kube_apis.v1, svc_three, v_s_route_setup.route_m.namespace) delete_deployment(kube_apis.extensions_v1_beta1, deployment_two, v_s_route_setup.route_s.namespace) delete_service(kube_apis.v1, svc_two, v_s_route_setup.route_s.namespace) request.addfinalizer(fin)
def ap_ingress_setup( request, kube_apis, ingress_controller_endpoint, test_namespace ) -> IngressSetup: """ Deploy a simple application and AppProtect manifests. :param request: pytest fixture :param kube_apis: client apis :param ingress_controller_endpoint: public endpoint :param test_namespace: :return: BackendSetup """ print("------------------------- Deploy backend application -------------------------") create_example_app(kube_apis, "simple", test_namespace) req_url = f"https://{ingress_controller_endpoint.public_ip}:{ingress_controller_endpoint.port_ssl}/backend1" metrics_url = f"http://{ingress_controller_endpoint.public_ip}:{ingress_controller_endpoint.metrics_port}/metrics" wait_until_all_pods_are_ready(kube_apis.v1, test_namespace) ensure_connection_to_public_endpoint( ingress_controller_endpoint.public_ip, ingress_controller_endpoint.port, ingress_controller_endpoint.port_ssl, ) print("------------------------- Deploy Secret -----------------------------") src_sec_yaml = f"{TEST_DATA}/appprotect/appprotect-secret.yaml" create_items_from_yaml(kube_apis, src_sec_yaml, test_namespace) print("------------------------- Deploy logconf -----------------------------") src_log_yaml = f"{TEST_DATA}/appprotect/logconf.yaml" log_name = create_ap_logconf_from_yaml(kube_apis.custom_objects, src_log_yaml, test_namespace) print(f"------------------------- Deploy appolicy: ---------------------------") src_pol_yaml = f"{TEST_DATA}/appprotect/dataguard-alarm.yaml" pol_name = create_ap_policy_from_yaml(kube_apis.custom_objects, src_pol_yaml, test_namespace) print("------------------------- Deploy ingress -----------------------------") ingress_host = {} src_ing_yaml = f"{TEST_DATA}/appprotect/appprotect-ingress.yaml" create_ingress_with_ap_annotations( kube_apis, src_ing_yaml, test_namespace, "dataguard-alarm", "True", "True", "127.0.0.1:514" ) ingress_host = get_first_ingress_host_from_yaml(src_ing_yaml) wait_before_test() def fin(): print("Clean up:") src_ing_yaml = f"{TEST_DATA}/appprotect/appprotect-ingress.yaml" delete_items_from_yaml(kube_apis, src_ing_yaml, test_namespace) delete_ap_policy(kube_apis.custom_objects, pol_name, test_namespace) delete_ap_logconf(kube_apis.custom_objects, log_name, test_namespace) delete_common_app(kube_apis, "simple", test_namespace) src_sec_yaml = f"{TEST_DATA}/appprotect/appprotect-secret.yaml" delete_items_from_yaml(kube_apis, src_sec_yaml, test_namespace) request.addfinalizer(fin) return IngressSetup(req_url, metrics_url, ingress_host)
def appprotect_setup(request, kube_apis, ingress_controller_endpoint, test_namespace) -> AppProtectSetup: """ Deploy simple application and all the AppProtect(dataguard-alarm) resources under test in one namespace. :param request: pytest fixture :param kube_apis: client apis :param ingress_controller_endpoint: public endpoint :param test_namespace: :return: BackendSetup """ print( "------------------------- Deploy simple backend application -------------------------" ) create_example_app(kube_apis, "simple", test_namespace) req_url = f"https://{ingress_controller_endpoint.public_ip}:{ingress_controller_endpoint.port_ssl}/backend1" metrics_url = f"http://{ingress_controller_endpoint.public_ip}:{ingress_controller_endpoint.metrics_port}/metrics" wait_until_all_pods_are_ready(kube_apis.v1, test_namespace) ensure_connection_to_public_endpoint( ingress_controller_endpoint.public_ip, ingress_controller_endpoint.port, ingress_controller_endpoint.port_ssl, ) print( "------------------------- Deploy Secret -----------------------------" ) src_sec_yaml = f"{TEST_DATA}/appprotect/appprotect-secret.yaml" create_items_from_yaml(kube_apis, src_sec_yaml, test_namespace) print( "------------------------- Deploy logconf -----------------------------" ) src_log_yaml = f"{TEST_DATA}/appprotect/logconf.yaml" log_name = create_ap_logconf_from_yaml(kube_apis.custom_objects, src_log_yaml, test_namespace) print( f"------------------------- Deploy dataguard-alarm appolicy ---------------------------" ) src_pol_yaml = f"{TEST_DATA}/appprotect/{ap_policy}.yaml" pol_name = create_ap_policy_from_yaml(kube_apis.custom_objects, src_pol_yaml, test_namespace) def fin(): print("Clean up:") delete_ap_policy(kube_apis.custom_objects, pol_name, test_namespace) delete_ap_logconf(kube_apis.custom_objects, log_name, test_namespace) delete_common_app(kube_apis, "simple", test_namespace) src_sec_yaml = f"{TEST_DATA}/appprotect/appprotect-secret.yaml" delete_items_from_yaml(kube_apis, src_sec_yaml, test_namespace) write_to_json(f"reload-{get_test_file_name(request.node.fspath)}.json", reload_times) request.addfinalizer(fin) return AppProtectSetup(req_url, metrics_url)
def transport_server_setup( request, kube_apis, ingress_controller_prerequisites, test_namespace, ingress_controller_endpoint) -> TransportServerSetup: """ Prepare Transport Server Example. :param ingress_controller_endpoint: :param ingress_controller_prerequisites: :param request: internal pytest fixture to parametrize this method :param kube_apis: client apis :param test_namespace: :return: TransportServerSetup """ print( "------------------------- Deploy Transport Server Example -----------------------------------" ) # deploy global config global_config_file = ( f"{TEST_DATA}/{request.param['example']}/standard/global-configuration.yaml" ) gc_resource = create_gc_from_yaml(kube_apis.custom_objects, global_config_file, "nginx-ingress") # deploy service_file service_file = f"{TEST_DATA}/{request.param['example']}/standard/service_deployment.yaml" create_items_from_yaml(kube_apis, service_file, test_namespace) # deploy transport server transport_server_file = f"{TEST_DATA}/{request.param['example']}/standard/transport-server.yaml" ts_resource = create_ts_from_yaml(kube_apis.custom_objects, transport_server_file, test_namespace) wait_until_all_pods_are_ready(kube_apis.v1, test_namespace) def fin(): print("Clean up TransportServer Example:") delete_ts(kube_apis.custom_objects, ts_resource, test_namespace) delete_items_from_yaml(kube_apis, service_file, test_namespace) delete_gc(kube_apis.custom_objects, gc_resource, "nginx-ingress") request.addfinalizer(fin) ic_pod_name = get_first_pod_name( kube_apis.v1, ingress_controller_prerequisites.namespace) ic_namespace = ingress_controller_prerequisites.namespace return TransportServerSetup( ts_resource['metadata']['name'], test_namespace, ic_pod_name, ic_namespace, ingress_controller_endpoint, ts_resource, )
def vsr_adv_routing_setup( request, kube_apis, ingress_controller_prerequisites, ingress_controller_endpoint) -> VSRAdvancedRoutingSetup: """ Prepare an example app for advanced routing VSR. Single namespace with VS+VSR and advanced-routing app. :param request: internal pytest fixture :param kube_apis: client apis :param ingress_controller_endpoint: :param ingress_controller_prerequisites: :return: """ vs_routes_ns = get_route_namespace_from_vs_yaml( f"{TEST_DATA}/{request.param['example']}/standard/virtual-server.yaml") ns_1 = create_namespace_with_name_from_yaml(kube_apis.v1, vs_routes_ns[0], f"{TEST_DATA}/common/ns.yaml") print( "------------------------- Deploy Virtual Server -----------------------------------" ) vs_name = create_virtual_server_from_yaml( kube_apis.custom_objects, f"{TEST_DATA}/{request.param['example']}/standard/virtual-server.yaml", ns_1) vs_host = get_first_vs_host_from_yaml( f"{TEST_DATA}/{request.param['example']}/standard/virtual-server.yaml") print( "------------------------- Deploy Virtual Server Route -----------------------------------" ) vsr_name = create_v_s_route_from_yaml( kube_apis.custom_objects, f"{TEST_DATA}/{request.param['example']}/virtual-server-route-header.yaml", ns_1) vsr_paths = get_paths_from_vsr_yaml( f"{TEST_DATA}/{request.param['example']}/virtual-server-route-header.yaml" ) route = VirtualServerRoute(ns_1, vsr_name, vsr_paths) backends_url = f"http://{ingress_controller_endpoint.public_ip}:{ingress_controller_endpoint.port}{vsr_paths[0]}" print( "---------------------- Deploy advanced-routing app ----------------------------" ) create_example_app(kube_apis, "advanced-routing", ns_1) wait_until_all_pods_are_ready(kube_apis.v1, ns_1) def fin(): print("Delete test namespace") delete_namespace(kube_apis.v1, ns_1) request.addfinalizer(fin) return VSRAdvancedRoutingSetup(ns_1, vs_host, vs_name, route, backends_url)
def enable_prometheus_port( cli_arguments, kube_apis, ingress_controller_prerequisites, crd_ingress_controller_with_ap ) -> None: namespace = ingress_controller_prerequisites.namespace port = V1ContainerPort(9113, None, None, "prometheus", "TCP") print("------------------------- Enable 9113 port in IC ----------------------------") body = kube_apis.apps_v1_api.read_namespaced_deployment("nginx-ingress", namespace) body.spec.template.spec.containers[0].ports.append(port) kube_apis.apps_v1_api.patch_namespaced_deployment("nginx-ingress", namespace, body) wait_until_all_pods_are_ready(kube_apis.v1, namespace)
def backend_setup(request, kube_apis, ingress_controller_prerequisites, test_namespace): """ Replace the ConfigMap and deploy the secret. :param request: pytest fixture :param kube_apis: client apis :param test_namespace: """ app_name = request.param.get("app_type") try: print( "------------------------- Replace ConfigMap with HTTP2 -------------------------" ) cm_source = f"{TEST_DATA}/virtual-server-grpc/nginx-config.yaml" replace_configmap_from_yaml( kube_apis.v1, ingress_controller_prerequisites.config_map['metadata']['name'], ingress_controller_prerequisites.namespace, cm_source) print( "------------------------- Deploy Secret -----------------------------" ) src_sec_yaml = f"{TEST_DATA}/virtual-server-grpc/tls-secret.yaml" create_secret_from_yaml(kube_apis.v1, test_namespace, src_sec_yaml) print( "------------------------- Deploy App -----------------------------" ) app_name = request.param.get("app_type") create_example_app(kube_apis, app_name, test_namespace) wait_until_all_pods_are_ready(kube_apis.v1, test_namespace) except Exception as ex: print("Failed to complete setup, cleaning up..") delete_items_from_yaml(kube_apis, src_sec_yaml, test_namespace) replace_configmap_from_yaml( kube_apis.v1, ingress_controller_prerequisites.config_map['metadata']['name'], ingress_controller_prerequisites.namespace, f"{DEPLOYMENTS}/common/nginx-config.yaml") delete_common_app(kube_apis, app_name, test_namespace) pytest.fail(f"VS GRPC setup failed") def fin(): print("Clean up:") delete_items_from_yaml(kube_apis, src_sec_yaml, test_namespace) replace_configmap_from_yaml( kube_apis.v1, ingress_controller_prerequisites.config_map['metadata']['name'], ingress_controller_prerequisites.namespace, f"{DEPLOYMENTS}/common/nginx-config.yaml") delete_common_app(kube_apis, app_name, test_namespace) request.addfinalizer(fin)
def annotations_setup(request, kube_apis, ingress_controller_prerequisites, ingress_controller_endpoint, ingress_controller, test_namespace) -> AnnotationsSetup: print( "------------------------- Deploy Annotations-Example -----------------------------------" ) create_items_from_yaml( kube_apis, f"{TEST_DATA}/annotations/{request.param}/annotations-ingress.yaml", test_namespace) ingress_name = get_names_from_yaml( f"{TEST_DATA}/annotations/{request.param}/annotations-ingress.yaml")[0] ingress_host = get_first_ingress_host_from_yaml( f"{TEST_DATA}/annotations/{request.param}/annotations-ingress.yaml") common_app = create_example_app(kube_apis, "simple", test_namespace) wait_until_all_pods_are_ready(kube_apis.v1, test_namespace) ensure_connection_to_public_endpoint(ingress_controller_endpoint.public_ip, ingress_controller_endpoint.port, ingress_controller_endpoint.port_ssl) ic_pod_name = get_first_pod_name( kube_apis.v1, ingress_controller_prerequisites.namespace) if request.param == 'mergeable': event_text = f"Configuration for {test_namespace}/{ingress_name}(Master) was added or updated" error_text = f"{event_text} but was not applied: Error reloading NGINX" else: event_text = f"Configuration for {test_namespace}/{ingress_name} was added or updated" error_text = f"{event_text}, but not applied: Error reloading NGINX" def fin(): print("Clean up Annotations Example:") replace_configmap_from_yaml( kube_apis.v1, ingress_controller_prerequisites.config_map['metadata']['name'], ingress_controller_prerequisites.namespace, f"{DEPLOYMENTS}/common/nginx-config.yaml") delete_common_app(kube_apis.v1, kube_apis.apps_v1_api, common_app, test_namespace) delete_items_from_yaml( kube_apis, f"{TEST_DATA}/annotations/{request.param}/annotations-ingress.yaml", test_namespace) request.addfinalizer(fin) return AnnotationsSetup( ingress_controller_endpoint, f"{TEST_DATA}/annotations/{request.param}/annotations-ingress.yaml", ingress_name, ingress_host, ic_pod_name, test_namespace, event_text, error_text)
def annotations_setup(request, kube_apis, ingress_controller_prerequisites, ingress_controller_endpoint, ingress_controller, test_namespace) -> AnnotationsSetup: print("------------------------- Deploy Annotations-Example -----------------------------------") create_items_from_yaml(kube_apis, f"{TEST_DATA}/annotations/{request.param}/annotations-ingress.yaml", test_namespace) ingress_name = get_name_from_yaml(f"{TEST_DATA}/annotations/{request.param}/annotations-ingress.yaml") ingress_host = get_first_ingress_host_from_yaml(f"{TEST_DATA}/annotations/{request.param}/annotations-ingress.yaml") if request.param == 'mergeable': minions_info = get_minions_info_from_yaml(f"{TEST_DATA}/annotations/{request.param}/annotations-ingress.yaml") else: minions_info = None create_example_app(kube_apis, "simple", test_namespace) wait_until_all_pods_are_ready(kube_apis.v1, test_namespace) ensure_connection_to_public_endpoint(ingress_controller_endpoint.public_ip, ingress_controller_endpoint.port, ingress_controller_endpoint.port_ssl) ic_pod_name = get_first_pod_name(kube_apis.v1, ingress_controller_prerequisites.namespace) upstream_names = [] if request.param == 'mergeable': event_text = f"Configuration for {test_namespace}/{ingress_name} was added or updated" error_text = f"{test_namespace}/{ingress_name} was rejected: with error" for minion in minions_info: upstream_names.append(f"{test_namespace}-{minion['name']}-{ingress_host}-{minion['svc_name']}-80") else: event_text = f"Configuration for {test_namespace}/{ingress_name} was added or updated" error_text = f"{test_namespace}/{ingress_name} was rejected: with error" upstream_names.append(f"{test_namespace}-{ingress_name}-{ingress_host}-backend1-svc-80") upstream_names.append(f"{test_namespace}-{ingress_name}-{ingress_host}-backend2-svc-80") def fin(): print("Clean up Annotations Example:") replace_configmap_from_yaml(kube_apis.v1, ingress_controller_prerequisites.config_map['metadata']['name'], ingress_controller_prerequisites.namespace, f"{DEPLOYMENTS}/common/nginx-config.yaml") delete_common_app(kube_apis, "simple", test_namespace) delete_items_from_yaml(kube_apis, f"{TEST_DATA}/annotations/{request.param}/annotations-ingress.yaml", test_namespace) request.addfinalizer(fin) return AnnotationsSetup(ingress_controller_endpoint, f"{TEST_DATA}/annotations/{request.param}/annotations-ingress.yaml", ingress_name, ingress_host, ic_pod_name, test_namespace, event_text, error_text, upstream_names)
def simple_ingress_setup( request, kube_apis, ingress_controller_endpoint, test_namespace, ingress_controller, ) -> IngressSetup: """ Deploy simple application and all the Ingress resources under test in one namespace. :param request: pytest fixture :param kube_apis: client apis :param ingress_controller_endpoint: public endpoint :param test_namespace: :return: BackendSetup """ req_url = f"https://{ingress_controller_endpoint.public_ip}:{ingress_controller_endpoint.port_ssl}/backend1" metrics_url = f"http://{ingress_controller_endpoint.public_ip}:{ingress_controller_endpoint.metrics_port}/metrics" secret_name = create_secret_from_yaml( kube_apis.v1, test_namespace, f"{TEST_DATA}/smoke/smoke-secret.yaml" ) create_example_app(kube_apis, "simple", test_namespace) create_items_from_yaml( kube_apis, f"{TEST_DATA}/smoke/standard/smoke-ingress.yaml", test_namespace ) ingress_host = get_first_ingress_host_from_yaml( f"{TEST_DATA}/smoke/standard/smoke-ingress.yaml" ) wait_until_all_pods_are_ready(kube_apis.v1, test_namespace) ensure_connection_to_public_endpoint( ingress_controller_endpoint.public_ip, ingress_controller_endpoint.port, ingress_controller_endpoint.port_ssl, ) def fin(): print("Clean up the Application:") delete_common_app(kube_apis, "simple", test_namespace) delete_secret(kube_apis.v1, secret_name, test_namespace) delete_items_from_yaml( kube_apis, f"{TEST_DATA}/smoke/standard/smoke-ingress.yaml", test_namespace ) request.addfinalizer(fin) return IngressSetup(req_url, metrics_url, ingress_host)
def wildcard_tls_secret_setup(request, kube_apis, ingress_controller_endpoint, test_namespace) -> WildcardTLSSecretSetup: ing_type = request.param print("------------------------- Deploy Wildcard-Tls-Secret-Example -----------------------------------") create_items_from_yaml(kube_apis.extensions_v1_beta1, f"{TEST_DATA}/wildcard-tls-secret/{ing_type}/wildcard-secret-ingress.yaml", test_namespace) host = get_ingress_host_from_yaml(f"{TEST_DATA}/wildcard-tls-secret/{ing_type}/wildcard-secret-ingress.yaml") common_app = create_common_app(kube_apis.v1, kube_apis.extensions_v1_beta1, test_namespace) wait_until_all_pods_are_ready(kube_apis.v1, test_namespace) def fin(): print("Clean up Wildcard-Tls-Secret-Example:") delete_items_from_yaml(kube_apis.extensions_v1_beta1, f"{TEST_DATA}/wildcard-tls-secret/{ing_type}/wildcard-secret-ingress.yaml", test_namespace) delete_common_app(kube_apis.v1, kube_apis.extensions_v1_beta1, common_app, test_namespace) request.addfinalizer(fin) return WildcardTLSSecretSetup(ingress_controller_endpoint, test_namespace, host)
def transport_server_setup(request, kube_apis, test_namespace) -> TransportServerSetup: """ Prepare Transport Server Example. :param request: internal pytest fixture to parametrize this method :param kube_apis: client apis :param test_namespace: :return: TransportServerSetup """ print( "------------------------- Deploy Transport Server Example -----------------------------------" ) # deploy global config global_config_file = ( f"{TEST_DATA}/{request.param['example']}/standard/global-configuration.yaml" ) gc_resource = create_gc_from_yaml(kube_apis.custom_objects, global_config_file, "nginx-ingress") # deploy dns dns_file = f"{TEST_DATA}/{request.param['example']}/standard/dns.yaml" create_items_from_yaml(kube_apis, dns_file, test_namespace) # deploy transport server transport_server_file = f"{TEST_DATA}/{request.param['example']}/standard/transport-server.yaml" ts_resource = create_ts_from_yaml(kube_apis.custom_objects, transport_server_file, test_namespace) wait_until_all_pods_are_ready(kube_apis.v1, test_namespace) def fin(): print("Clean up TransportServer Example:") delete_ts(kube_apis.custom_objects, ts_resource, test_namespace) delete_items_from_yaml(kube_apis, dns_file, test_namespace) delete_gc(kube_apis.custom_objects, gc_resource, "nginx-ingress") request.addfinalizer(fin) return TransportServerSetup(ts_resource["metadata"]["name"], test_namespace)
def jwt_secrets_setup(request, kube_apis, ingress_controller_endpoint, ingress_controller, test_namespace) -> JWTSecretsSetup: with open(f"{TEST_DATA}/jwt-secrets/tokens/jwt-secrets-token.jwt", "r") as token_file: token = token_file.read().replace('\n', '') print("------------------------- Deploy JWT Secrets Example -----------------------------------") create_items_from_yaml(kube_apis.extensions_v1_beta1, f"{TEST_DATA}/jwt-secrets/{request.param}/jwt-secrets-ingress.yaml", test_namespace) ingress_host = get_ingress_host_from_yaml(f"{TEST_DATA}/jwt-secrets/{request.param}/jwt-secrets-ingress.yaml") common_app = create_common_app(kube_apis.v1, kube_apis.extensions_v1_beta1, test_namespace) wait_until_all_pods_are_ready(kube_apis.v1, test_namespace) ensure_connection_to_public_endpoint(ingress_controller_endpoint.public_ip, ingress_controller_endpoint.port, ingress_controller_endpoint.port_ssl) def fin(): print("Clean up the JWT Secrets Application:") delete_common_app(kube_apis.v1, kube_apis.extensions_v1_beta1, common_app, test_namespace) delete_items_from_yaml(kube_apis.extensions_v1_beta1, f"{TEST_DATA}/jwt-secrets/{request.param}/jwt-secrets-ingress.yaml", test_namespace) request.addfinalizer(fin) return JWTSecretsSetup(ingress_controller_endpoint, ingress_host, token)
def smoke_setup(request, kube_apis, ingress_controller_endpoint, ingress_controller, test_namespace) -> SmokeSetup: print("------------------------- Deploy Smoke Example -----------------------------------") secret_name = create_secret_from_yaml(kube_apis.v1, test_namespace, f"{TEST_DATA}/smoke/smoke-secret.yaml") create_items_from_yaml(kube_apis.extensions_v1_beta1, f"{TEST_DATA}/smoke/{request.param}/smoke-ingress.yaml", test_namespace) ingress_host = get_ingress_host_from_yaml(f"{TEST_DATA}/smoke/{request.param}/smoke-ingress.yaml") common_app = create_common_app(kube_apis.v1, kube_apis.extensions_v1_beta1, test_namespace) wait_until_all_pods_are_ready(kube_apis.v1, test_namespace) ensure_connection_to_public_endpoint(ingress_controller_endpoint.public_ip, ingress_controller_endpoint.port, ingress_controller_endpoint.port_ssl) def fin(): print("Clean up the Smoke Application:") delete_common_app(kube_apis.v1, kube_apis.extensions_v1_beta1, common_app, test_namespace) delete_items_from_yaml(kube_apis.extensions_v1_beta1, f"{TEST_DATA}/smoke/{request.param}/smoke-ingress.yaml", test_namespace) delete_secret(kube_apis.v1, secret_name, test_namespace) request.addfinalizer(fin) return SmokeSetup(ingress_controller_endpoint, ingress_host)
def transport_server_tls_passthrough_setup( request, kube_apis, test_namespace, ingress_controller_endpoint) -> TransportServerTlsSetup: """ Prepare Transport Server Example. :param request: internal pytest fixture to parametrize this method :param kube_apis: client apis :param test_namespace: namespace for test resources :param ingress_controller_endpoint: ip and port information :return TransportServerTlsSetup: """ print( "------------------------- Deploy Transport Server with tls passthrough -----------------------------------" ) # deploy secure_app secure_app_file = f"{TEST_DATA}/{request.param['example']}/standard/secure-app.yaml" create_items_from_yaml(kube_apis, secure_app_file, test_namespace) # deploy transport server transport_server_std_src = f"{TEST_DATA}/{request.param['example']}/standard/transport-server.yaml" ts_resource = create_ts_from_yaml(kube_apis.custom_objects, transport_server_std_src, test_namespace) ts_host = get_first_host_from_yaml(transport_server_std_src) wait_until_all_pods_are_ready(kube_apis.v1, test_namespace) def fin(): print("Clean up TransportServer and app:") delete_ts(kube_apis.custom_objects, ts_resource, test_namespace) delete_items_from_yaml(kube_apis, secure_app_file, test_namespace) request.addfinalizer(fin) return TransportServerTlsSetup( ingress_controller_endpoint, ts_resource, ts_resource["metadata"]["name"], test_namespace, ts_host, )
def ap_generic_setup(kube_apis, vs_namespace, test_namespace, policy_method, vs_yaml): src_pol_yaml = f"{TEST_DATA}/ap-waf-grpc/policies/waf-block-{policy_method}.yaml" print( "------------------------- Deploy logconf -----------------------------" ) global log_name log_name = create_ap_logconf_from_yaml(kube_apis.custom_objects, src_log_yaml, test_namespace) print( f"------------------------- Deploy AP policy ---------------------------" ) src_appol_yaml = f"{TEST_DATA}/ap-waf-grpc/grpc-block-{policy_method}.yaml" global ap_pol_name ap_pol_name = create_ap_policy_from_yaml(kube_apis.custom_objects, src_appol_yaml, test_namespace) print( "------------------------- Deploy Syslog -----------------------------" ) create_items_from_yaml(kube_apis, src_syslog_yaml, test_namespace) wait_before_test(20) syslog_ep = get_service_endpoint(kube_apis, "syslog-svc", test_namespace) print("------------------------- Deploy App -----------------------------") create_example_app(kube_apis, "grpc-vs", vs_namespace) wait_until_all_pods_are_ready(kube_apis.v1, vs_namespace) print( "------------------------- Deploy Secret -----------------------------" ) create_secret_from_yaml(kube_apis.v1, vs_namespace, src_vs_sec_yaml) print( f"------------------------- Deploy policy ---------------------------") src_pol_name = create_ap_waf_policy_from_yaml( kube_apis.custom_objects, src_pol_yaml, vs_namespace, test_namespace, True, True, ap_pol_name, log_name, f"syslog:server={syslog_ep}:514") print( "------------------------- Deploy Virtual Server -----------------------------------" ) vs_name = create_virtual_server_from_yaml(kube_apis.custom_objects, vs_yaml, vs_namespace) return (src_pol_name, vs_name)
def send_build_info(self, kube_apis, ingress_controller_prerequisites) -> str: """ Helper function to get pod logs """ retry = 0 ready = False pod_name = get_first_pod_name( kube_apis.v1, ingress_controller_prerequisites.namespace ) wait_until_all_pods_are_ready(kube_apis.v1, ingress_controller_prerequisites.namespace) while(not ready): time.sleep(1) try: api_response = kube_apis.v1.read_namespaced_pod_log( name=pod_name, namespace=ingress_controller_prerequisites.namespace, limit_bytes=200, ) logging.info(api_response) ready = True except Exception as ex: if retry < 10: retry += 1 print(f"Retry# {retry}") else: logging.exception(ex) raise ex br = io.StringIO(api_response) _log = br.readline() try: _info = _log[_log.find("Version") :].strip() logging.info(f"Version and GitCommit info: {_info}") except Exception as e: logging.exception(f"Tag labels not found") return _info
def backend_setup(request, kube_apis, ingress_controller_endpoint) -> BackendSetup: """ Create 2 namespaces and deploy simple applications in them. :param request: pytest fixture :param kube_apis: client apis :param ingress_controller_endpoint: public endpoint :return: BackendSetup """ watched_namespace = create_namespace_with_name_from_yaml( kube_apis.v1, f"watched-ns", f"{TEST_DATA}/common/ns.yaml") foreign_namespace = create_namespace_with_name_from_yaml( kube_apis.v1, f"foreign-ns", f"{TEST_DATA}/common/ns.yaml") ingress_hosts = {} for ns in [watched_namespace, foreign_namespace]: print( f"------------------------- Deploy the backend in {ns} -----------------------------------" ) create_example_app(kube_apis, "simple", ns) src_ing_yaml = f"{TEST_DATA}/watch-namespace/{ns}-ingress.yaml" create_items_from_yaml(kube_apis, src_ing_yaml, ns) ingress_host = get_first_ingress_host_from_yaml(src_ing_yaml) ingress_hosts[f"{ns}-ingress"] = ingress_host req_url = f"http://{ingress_controller_endpoint.public_ip}:{ingress_controller_endpoint.port}/backend1" wait_until_all_pods_are_ready(kube_apis.v1, ns) ensure_connection_to_public_endpoint( ingress_controller_endpoint.public_ip, ingress_controller_endpoint.port, ingress_controller_endpoint.port_ssl) def fin(): print("Clean up:") delete_namespace(kube_apis.v1, watched_namespace) delete_namespace(kube_apis.v1, foreign_namespace) request.addfinalizer(fin) return BackendSetup(req_url, ingress_hosts)
def backend_setup(request, kube_apis, ingress_controller_endpoint, ingress_controller_prerequisites, test_namespace) -> BackendSetup: """ Deploy a simple application and AppProtect manifests. :param request: pytest fixture :param kube_apis: client apis :param ingress_controller_endpoint: public endpoint :param test_namespace: :return: BackendSetup """ try: print( "------------------------- Replace ConfigMap with HTTP2 -------------------------" ) replace_configmap_from_yaml( kube_apis.v1, ingress_controller_prerequisites.config_map['metadata']['name'], ingress_controller_prerequisites.namespace, f"{TEST_DATA}/appprotect/grpc/nginx-config.yaml") policy = request.param["policy"] print( "------------------------- Deploy backend application -------------------------" ) create_example_app(kube_apis, "grpc", test_namespace) wait_until_all_pods_are_ready(kube_apis.v1, test_namespace) print( "------------------------- Deploy Secret -----------------------------" ) src_sec_yaml = f"{TEST_DATA}/appprotect/appprotect-secret.yaml" create_items_from_yaml(kube_apis, src_sec_yaml, test_namespace) print( "------------------------- Deploy logconf -----------------------------" ) src_log_yaml = f"{TEST_DATA}/appprotect/logconf.yaml" log_name = create_ap_logconf_from_yaml(kube_apis.custom_objects, src_log_yaml, test_namespace) print( f"------------------------- Deploy appolicy: {policy} ---------------------------" ) src_pol_yaml = f"{TEST_DATA}/appprotect/grpc/{policy}.yaml" pol_name = create_ap_policy_from_yaml(kube_apis.custom_objects, src_pol_yaml, test_namespace) print( "------------------------- Deploy Syslog -----------------------------" ) src_syslog_yaml = f"{TEST_DATA}/appprotect/syslog.yaml" create_items_from_yaml(kube_apis, src_syslog_yaml, test_namespace) syslog_ep = get_service_endpoint(kube_apis, "syslog-svc", test_namespace) print(syslog_ep) print( "------------------------- Deploy ingress -----------------------------" ) src_ing_yaml = f"{TEST_DATA}/appprotect/grpc/ingress.yaml" create_ingress_with_ap_annotations(kube_apis, src_ing_yaml, test_namespace, policy, "True", "True", f"{syslog_ep}:514") ingress_host = get_first_ingress_host_from_yaml(src_ing_yaml) wait_before_test(40) except Exception as ex: print("Failed to complete setup, cleaning up..") delete_items_from_yaml(kube_apis, src_syslog_yaml, test_namespace) delete_items_from_yaml(kube_apis, src_ing_yaml, test_namespace) delete_ap_policy(kube_apis.custom_objects, pol_name, test_namespace) delete_ap_logconf(kube_apis.custom_objects, log_name, test_namespace) delete_common_app(kube_apis, "grpc", test_namespace) delete_items_from_yaml(kube_apis, src_sec_yaml, test_namespace) replace_configmap_from_yaml( kube_apis.v1, ingress_controller_prerequisites.config_map['metadata']['name'], ingress_controller_prerequisites.namespace, f"{DEPLOYMENTS}/common/nginx-config.yaml") pytest.fail(f"AP GRPC setup failed") def fin(): print("Clean up:") delete_items_from_yaml(kube_apis, src_syslog_yaml, test_namespace) delete_items_from_yaml(kube_apis, src_ing_yaml, test_namespace) delete_ap_policy(kube_apis.custom_objects, pol_name, test_namespace) delete_ap_logconf(kube_apis.custom_objects, log_name, test_namespace) delete_common_app(kube_apis, "grpc", test_namespace) delete_items_from_yaml(kube_apis, src_sec_yaml, test_namespace) replace_configmap_from_yaml( kube_apis.v1, ingress_controller_prerequisites.config_map['metadata']['name'], ingress_controller_prerequisites.namespace, f"{DEPLOYMENTS}/common/nginx-config.yaml") request.addfinalizer(fin) return BackendSetup(ingress_host, ingress_controller_endpoint.public_ip, ingress_controller_endpoint.port_ssl)