示例#1
0
    def test_grpc_flow(self, kube_apis, annotations_grpc_setup,
                       ingress_controller_prerequisites, annotations,
                       expected_strings, unexpected_strings):
        initial_events = get_events(kube_apis.v1,
                                    annotations_grpc_setup.namespace)
        initial_count = get_event_count(
            annotations_grpc_setup.ingress_event_text, initial_events)
        print("Case 5: grpc annotations override http ones")
        new_ing = generate_ingresses_with_annotation(
            annotations_grpc_setup.ingress_src_file, annotations)
        for ing in new_ing:
            if ing['metadata']['name'] == annotations_grpc_setup.ingress_name:
                replace_ingress(kube_apis.extensions_v1_beta1,
                                annotations_grpc_setup.ingress_name,
                                annotations_grpc_setup.namespace, ing)
        wait_before_test(1)
        result_conf = get_ingress_nginx_template_conf(
            kube_apis.v1, annotations_grpc_setup.namespace,
            annotations_grpc_setup.ingress_name,
            annotations_grpc_setup.ingress_pod_name,
            ingress_controller_prerequisites.namespace)
        new_events = get_events(kube_apis.v1, annotations_grpc_setup.namespace)

        assert_event_count_increased(annotations_grpc_setup.ingress_event_text,
                                     initial_count, new_events)
        for _ in expected_strings:
            assert _ in result_conf
        for _ in unexpected_strings:
            assert _ not in result_conf
示例#2
0
    def test_upstream_zone_size_0(self, cli_arguments, kube_apis,
                                  annotations_setup,
                                  ingress_controller_prerequisites,
                                  annotations):
        initial_events = get_events(kube_apis.v1, annotations_setup.namespace)
        initial_count = get_event_count(annotations_setup.ingress_event_text,
                                        initial_events)
        print("Edge Case: upstream-zone-size is 0")
        new_ing = generate_ingresses_with_annotation(
            annotations_setup.ingress_src_file, annotations)
        for ing in new_ing:
            # in mergeable case this will update master ingress only
            if ing['metadata']['name'] == annotations_setup.ingress_name:
                replace_ingress(kube_apis.extensions_v1_beta1,
                                annotations_setup.ingress_name,
                                annotations_setup.namespace, ing)
        wait_before_test(1)
        result_conf = get_ingress_nginx_template_conf(
            kube_apis.v1, annotations_setup.namespace,
            annotations_setup.ingress_name, annotations_setup.ingress_pod_name,
            ingress_controller_prerequisites.namespace)
        new_events = get_events(kube_apis.v1, annotations_setup.namespace)

        assert_event_count_increased(annotations_setup.ingress_event_text,
                                     initial_count, new_events)
        if cli_arguments["ic-type"] == "nginx-plus-ingress":
            print("Run assertions for Nginx Plus case")
            assert "zone " in result_conf
            assert " 256k;" in result_conf
        elif cli_arguments["ic-type"] == "nginx-ingress":
            print("Run assertions for Nginx OSS case")
            assert "zone " not in result_conf
            assert " 256k;" not in result_conf
示例#3
0
 def test_validation(self, kube_apis, annotations_setup,
                     ingress_controller_prerequisites, annotations):
     initial_events = get_events(kube_apis.v1, annotations_setup.namespace)
     print("Case 6: IC doesn't validate, only nginx validates")
     initial_count = get_event_count(
         annotations_setup.ingress_error_event_text, initial_events)
     new_ing = generate_ingresses_with_annotation(
         annotations_setup.ingress_src_file, annotations)
     for ing in new_ing:
         # in mergeable case this will update master ingress only
         if ing['metadata']['name'] == annotations_setup.ingress_name:
             replace_ingress(kube_apis.networking_v1,
                             annotations_setup.ingress_name,
                             annotations_setup.namespace, ing)
     wait_before_test()
     result_conf = get_ingress_nginx_template_conf(
         kube_apis.v1, annotations_setup.namespace,
         annotations_setup.ingress_name, annotations_setup.ingress_pod_name,
         ingress_controller_prerequisites.namespace)
     new_events = get_events(kube_apis.v1, annotations_setup.namespace)
     assert "server {" not in result_conf
     assert "No such file or directory" in result_conf
     assert_event_count_increased(
         annotations_setup.ingress_error_event_text, initial_count,
         new_events)
示例#4
0
    def test_when_annotation_in_ing_only(self, kube_apis, annotations_setup,
                                         ingress_controller_prerequisites,
                                         annotations, expected_strings,
                                         unexpected_strings):
        initial_events = get_events(kube_apis.v1, annotations_setup.namespace)
        initial_count = get_event_count(annotations_setup.ingress_event_text,
                                        initial_events)
        print("Case 2: no ConfigMap keys, annotations in Ingress only")
        new_ing = generate_ingresses_with_annotation(
            annotations_setup.ingress_src_file, annotations)
        for ing in new_ing:
            # in mergeable case this will update master ingress only
            if ing['metadata']['name'] == annotations_setup.ingress_name:
                replace_ingress(kube_apis.networking_v1,
                                annotations_setup.ingress_name,
                                annotations_setup.namespace, ing)
        wait_before_test(1)
        result_conf = get_ingress_nginx_template_conf(
            kube_apis.v1, annotations_setup.namespace,
            annotations_setup.ingress_name, annotations_setup.ingress_pod_name,
            ingress_controller_prerequisites.namespace)
        new_events = get_events(kube_apis.v1, annotations_setup.namespace)

        assert_event_count_increased(annotations_setup.ingress_event_text,
                                     initial_count, new_events)
        for _ in expected_strings:
            assert _ in result_conf
        for _ in unexpected_strings:
            assert _ not in result_conf
示例#5
0
    def test_headers(self, kube_apis, hsts_setup,
                     ingress_controller_prerequisites):
        print("Case 4: no TLS, hsts is True, hsts-behind-proxy is True")
        annotations = {"nginx.org/hsts-behind-proxy": "True"}
        new_ing = generate_ingresses_with_annotation(
            hsts_setup.ingress_src_file, annotations)
        for ing in new_ing:
            if ing['metadata']['name'] == hsts_setup.ingress_name:
                replace_ingress(kube_apis.extensions_v1_beta1,
                                hsts_setup.ingress_name, hsts_setup.namespace,
                                ing)
        wait_before_test(1)

        xfp_https_headers = {
            "host": hsts_setup.ingress_host,
            "X-Forwarded-Proto": "https"
        }
        xfp_http_headers = {
            "host": hsts_setup.ingress_host,
            "X-Forwarded-Proto": "http"
        }
        xfp_https_resp = requests.get(f"{hsts_setup.http_url}/backend1",
                                      headers=xfp_https_headers,
                                      allow_redirects=False)
        xfp_http_resp = requests.get(f"{hsts_setup.http_url}/backend1",
                                     headers=xfp_http_headers,
                                     allow_redirects=False)

        assert "'Strict-Transport-Security': 'max-age=2592000; preload'" in str(
            xfp_https_resp.headers)
        assert "'Strict-Transport-Security'" not in str(xfp_http_resp.headers)
示例#6
0
def replace_ingresses_from_yaml(extensions_v1_beta1: ExtensionsV1beta1Api, namespace, yaml_manifest) -> None:
    """
    Parse file and replace all Ingresses based on its contents.

    :param extensions_v1_beta1: ExtensionsV1beta1Api
    :param namespace: namespace
    :param yaml_manifest: an absolute path to a file
    :return:
    """
    print(f"Replace an Ingresses from yaml")
    with open(yaml_manifest) as f:
        docs = yaml.load_all(f)
        for doc in docs:
            if doc['kind'] == 'Ingress':
                replace_ingress(extensions_v1_beta1, doc['metadata']['name'], namespace, doc)