diff --git a/tests/suite/custom_assertions.py b/tests/suite/custom_assertions.py index d680f9e063..148fd2208c 100644 --- a/tests/suite/custom_assertions.py +++ b/tests/suite/custom_assertions.py @@ -197,5 +197,65 @@ def wait_and_assert_status_code(code, req_url, host, **kwargs) -> None: resp = requests.get(req_url, headers={"host": host}, **kwargs) assert resp.status_code == code, f"After 30 seconds the status_code is still not {code}" - - + +def assert_grpc_entries_exist(config) -> None: + """ + Assert that the gPRC config entries are present in the config file. + + :param config: the nginx config + :return: + """ + assert "grpc_connect_timeout 60s;" in config + assert "grpc_read_timeout 60s;" in config + assert "grpc_send_timeout 60s;" in config + + assert "grpc_set_header X-Real-IP $remote_addr;" in config + assert "grpc_set_header X-Forwarded-For $proxy_add_x_forwarded_for;" in config + assert "grpc_set_header X-Forwarded-Host $host;" in config + assert "grpc_set_header X-Forwarded-Port $server_port;" in config + assert "grpc_set_header X-Forwarded-Proto $scheme;" in config + + assert 'grpc_set_header Host "$host";' in config + + assert "grpc_next_upstream error timeout;" in config + assert "grpc_next_upstream_timeout 0s;" in config + assert "grpc_next_upstream_tries 0;" in config + + +def assert_proxy_entries_do_not_exist(config) -> None: + """ + Assert that the proxy config entries are not present in the config file. + + :param config: the nginx config + :return: + """ + assert "proxy_connect_timeout 60s;" not in config + assert "proxy_read_timeout 60s;" not in config + assert "proxy_send_timeout 60s;" not in config + + assert "proxy_set_header Upgrade $http_upgrade;" not in config + assert "proxy_http_version 1.1;" not in config + + assert "proxy_next_upstream error timeout;" not in config + assert "proxy_next_upstream_timeout 0s;" not in config + assert "proxy_next_upstream_tries 0;" not in config + + +def assert_proxy_entries_exist(config) -> None: + """ + Assert that the proxy config entries are present in the config file. + + :param config: the nginx config + :return: + """ + + assert "proxy_connect_timeout 60s;" in config + assert "proxy_read_timeout 60s;" in config + assert "proxy_send_timeout 60s;" in config + + assert "proxy_set_header Upgrade $http_upgrade;" in config + assert "proxy_http_version 1.1;" in config + + assert "proxy_next_upstream error timeout;" in config + assert "proxy_next_upstream_timeout 0s;" in config + assert "proxy_next_upstream_tries 0;" in config diff --git a/tests/suite/test_v_s_route_grpc.py b/tests/suite/test_v_s_route_grpc.py index 0d61a155e6..f8e8c24b3e 100644 --- a/tests/suite/test_v_s_route_grpc.py +++ b/tests/suite/test_v_s_route_grpc.py @@ -3,7 +3,8 @@ from kubernetes.client.rest import ApiException from settings import TEST_DATA, DEPLOYMENTS -from suite.custom_assertions import assert_event_starts_with_text_and_contains_errors +from suite.custom_assertions import assert_event_starts_with_text_and_contains_errors, \ + assert_grpc_entries_exist, assert_proxy_entries_do_not_exist, assert_proxy_entries_exist from suite.custom_resources_utils import read_custom_resource from suite.grpc.helloworld_pb2 import HelloRequest from suite.grpc.helloworld_pb2_grpc import GreeterStub @@ -97,33 +98,8 @@ def test_config_after_setup(self, kube_apis, ingress_controller_prerequisites, c v_s_route_setup.vs_name, ic_pod_name, ingress_controller_prerequisites.namespace) - - assert "proxy_connect_timeout 60s;" not in config - assert "proxy_read_timeout 60s;" not in config - assert "proxy_send_timeout 60s;" not in config - - assert "proxy_set_header Upgrade $http_upgrade;" not in config - assert "proxy_http_version 1.1;" not in config - - assert "proxy_next_upstream error timeout;" not in config - assert "proxy_next_upstream_timeout 0s;" not in config - assert "proxy_next_upstream_tries 0;" not in config - - assert "grpc_connect_timeout 60s;" in config - assert "grpc_read_timeout 60s;" in config - assert "grpc_send_timeout 60s;" in config - - assert "grpc_set_header X-Real-IP $remote_addr;" in config - assert "grpc_set_header X-Forwarded-For $proxy_add_x_forwarded_for;" in config - assert "grpc_set_header X-Forwarded-Host $host;" in config - assert "grpc_set_header X-Forwarded-Port $server_port;" in config - assert "grpc_set_header X-Forwarded-Proto $scheme;" in config - - assert 'grpc_set_header Host "$host";' in config - - assert "grpc_next_upstream error timeout;" in config - assert "grpc_next_upstream_timeout 0s;" in config - assert "grpc_next_upstream_tries 0;" in config + assert_proxy_entries_do_not_exist(config) + assert_grpc_entries_exist(config) @pytest.mark.parametrize("backend_setup", [{"app_type": "grpc-vs"}], indirect=True) def test_config_after_enable_tls(self, kube_apis, ingress_controller_prerequisites, @@ -173,29 +149,5 @@ def test_mixed_config(self, kube_apis, ingress_controller_prerequisites, crd_ing v_s_route_setup.vs_name, ic_pod_name, ingress_controller_prerequisites.namespace) - assert "proxy_connect_timeout 60s;" in config - assert "proxy_read_timeout 60s;" in config - assert "proxy_send_timeout 60s;" in config - - assert "proxy_set_header Upgrade $http_upgrade;" in config - assert "proxy_http_version 1.1;" in config - - assert "proxy_next_upstream error timeout;" in config - assert "proxy_next_upstream_timeout 0s;" in config - assert "proxy_next_upstream_tries 0;" in config - - assert "grpc_connect_timeout 60s;" in config - assert "grpc_read_timeout 60s;" in config - assert "grpc_send_timeout 60s;" in config - - assert "grpc_set_header X-Real-IP $remote_addr;" in config - assert "grpc_set_header X-Forwarded-For $proxy_add_x_forwarded_for;" in config - assert "grpc_set_header X-Forwarded-Host $host;" in config - assert "grpc_set_header X-Forwarded-Port $server_port;" in config - assert "grpc_set_header X-Forwarded-Proto $scheme;" in config - - assert 'grpc_set_header Host "$host";' in config - - assert "grpc_next_upstream error timeout;" in config - assert "grpc_next_upstream_timeout 0s;" in config - assert "grpc_next_upstream_tries 0;" in config + assert_proxy_entries_exist(config) + assert_grpc_entries_exist(config) diff --git a/tests/suite/test_virtual_server_grpc.py b/tests/suite/test_virtual_server_grpc.py index 3eefadfa8e..a224b08b98 100644 --- a/tests/suite/test_virtual_server_grpc.py +++ b/tests/suite/test_virtual_server_grpc.py @@ -3,7 +3,8 @@ from kubernetes.client.rest import ApiException from settings import TEST_DATA, DEPLOYMENTS -from suite.custom_assertions import assert_event_starts_with_text_and_contains_errors +from suite.custom_assertions import assert_event_starts_with_text_and_contains_errors, \ + assert_grpc_entries_exist, assert_proxy_entries_do_not_exist from suite.custom_resources_utils import read_custom_resource from suite.grpc.helloworld_pb2 import HelloRequest from suite.grpc.helloworld_pb2_grpc import GreeterStub @@ -69,27 +70,6 @@ def fin(): indirect=True) class TestVirtualServerGrpc: - def connect_grpc_backend(self, virtual_server_setup) -> None: - """ - Function to connect to a gRPC enabled backend - """ - cert = get_certificate(virtual_server_setup.public_endpoint.public_ip, - virtual_server_setup.vs_host, - virtual_server_setup.public_endpoint.port_ssl) - target = f'{virtual_server_setup.public_endpoint.public_ip}:{virtual_server_setup.public_endpoint.port_ssl}' - credentials = grpc.ssl_channel_credentials(root_certificates=cert.encode()) - options = (('grpc.ssl_target_name_override', virtual_server_setup.vs_host),) - - with grpc.secure_channel(target, credentials, options) as channel: - stub = GreeterStub(channel) - response = "" - try: - response = stub.SayHello(HelloRequest(name=virtual_server_setup.public_endpoint.public_ip)) - print(response) - except grpc.RpcError as e: - print(e.details()) - pytest.fail("RPC error was not expected during call, exiting...") - def patch_valid_vs(self, kube_apis, virtual_server_setup) -> None: """ Function to revert vs deployment to valid state @@ -113,35 +93,47 @@ def test_config_after_setup(self, kube_apis, ingress_controller_prerequisites, c ic_pod_name, ingress_controller_prerequisites.namespace) - assert "proxy_connect_timeout 60s;" not in config - assert "proxy_read_timeout 60s;" not in config - assert "proxy_send_timeout 60s;" not in config + assert_grpc_entries_exist(config) + assert_proxy_entries_do_not_exist(config) - assert "proxy_set_header Upgrade $http_upgrade;" not in config - assert "proxy_http_version 1.1;" not in config - - assert "proxy_next_upstream error timeout;" not in config - assert "proxy_next_upstream_timeout 0s;" not in config - assert "proxy_next_upstream_tries 0;" not in config - - assert "grpc_connect_timeout 60s;" in config - assert "grpc_read_timeout 60s;" in config - assert "grpc_send_timeout 60s;" in config - - assert "grpc_set_header X-Real-IP $remote_addr;" in config - assert "grpc_set_header X-Forwarded-For $proxy_add_x_forwarded_for;" in config - assert "grpc_set_header X-Forwarded-Host $host;" in config - assert "grpc_set_header X-Forwarded-Port $server_port;" in config - assert "grpc_set_header X-Forwarded-Proto $scheme;" in config + @pytest.mark.parametrize("backend_setup", [{"app_type": "grpc-vs"}], indirect=True) + def test_validation_flow(self, kube_apis, ingress_controller_prerequisites, + crd_ingress_controller, backend_setup, virtual_server_setup): + print("\nTest 1: Wrong type") + patch_virtual_server_from_yaml(kube_apis.custom_objects, + virtual_server_setup.vs_name, + f"{TEST_DATA}/virtual-server-grpc/virtual-server-invalid-type.yaml", + virtual_server_setup.namespace) + wait_before_test() + text = f"{virtual_server_setup.namespace}/{virtual_server_setup.vs_name}" + event_text1 = f"VirtualServer {text} was rejected with error:" + invalid_fields1 = ["spec.upstreams[0].type"] + vs_events1 = get_events(kube_apis.v1, virtual_server_setup.namespace) + assert_event_starts_with_text_and_contains_errors(event_text1, vs_events1, invalid_fields1) - assert 'grpc_set_header Host "$host";' in config + self.patch_valid_vs(kube_apis, virtual_server_setup) + wait_before_test() - assert "grpc_next_upstream error timeout;" in config - assert "grpc_next_upstream_timeout 0s;" in config - assert "grpc_next_upstream_tries 0;" in config + @pytest.mark.parametrize("backend_setup", [{"app_type": "grpc-vs"}], indirect=True) + def test_connect_grpc_backend(self, kube_apis, ingress_controller_prerequisites, crd_ingress_controller, + backend_setup, virtual_server_setup) -> None: + cert = get_certificate(virtual_server_setup.public_endpoint.public_ip, + virtual_server_setup.vs_host, + virtual_server_setup.public_endpoint.port_ssl) + target = f'{virtual_server_setup.public_endpoint.public_ip}:{virtual_server_setup.public_endpoint.port_ssl}' + credentials = grpc.ssl_channel_credentials(root_certificates=cert.encode()) + options = (('grpc.ssl_target_name_override', virtual_server_setup.vs_host),) - print("\nStep 2: Check connection to app") - self.connect_grpc_backend(virtual_server_setup) + with grpc.secure_channel(target, credentials, options) as channel: + stub = GreeterStub(channel) + response = "" + try: + response = stub.SayHello(HelloRequest(name=virtual_server_setup.public_endpoint.public_ip)) + valid_message = "Hello {}".format(virtual_server_setup.public_endpoint.public_ip) + assert valid_message in response.message + except grpc.RpcError as e: + print(e.details()) + pytest.fail("RPC error was not expected during call, exiting...") @pytest.mark.parametrize("backend_setup", [{"app_type": "grpc-vs"}], indirect=True) def test_config_after_enable_tls(self, kube_apis, ingress_controller_prerequisites, @@ -158,21 +150,3 @@ def test_config_after_enable_tls(self, kube_apis, ingress_controller_prerequisit ic_pod_name, ingress_controller_prerequisites.namespace) assert 'grpc_pass grpcs://' in config - - @pytest.mark.parametrize("backend_setup", [{"app_type": "grpc-vs"}], indirect=True) - def test_validation_flow(self, kube_apis, ingress_controller_prerequisites, - crd_ingress_controller, backend_setup, virtual_server_setup): - print("\nTest 1: Wrong type") - patch_virtual_server_from_yaml(kube_apis.custom_objects, - virtual_server_setup.vs_name, - f"{TEST_DATA}/virtual-server-grpc/virtual-server-invalid-type.yaml", - virtual_server_setup.namespace) - wait_before_test() - text = f"{virtual_server_setup.namespace}/{virtual_server_setup.vs_name}" - event_text1 = f"VirtualServer {text} was rejected with error:" - invalid_fields1 = ["spec.upstreams[0].type"] - vs_events1 = get_events(kube_apis.v1, virtual_server_setup.namespace) - assert_event_starts_with_text_and_contains_errors(event_text1, vs_events1, invalid_fields1) - - self.patch_valid_vs(kube_apis, virtual_server_setup) - wait_before_test() diff --git a/tests/suite/test_virtual_server_mixed_grpc.py b/tests/suite/test_virtual_server_mixed_grpc.py index 052b7e20fe..3f8e795b5f 100644 --- a/tests/suite/test_virtual_server_mixed_grpc.py +++ b/tests/suite/test_virtual_server_mixed_grpc.py @@ -10,6 +10,7 @@ delete_items_from_yaml, get_first_pod_name from suite.ssl_utils import get_certificate from suite.vs_vsr_resources_utils import get_vs_nginx_template_conf +from suite.custom_assertions import assert_grpc_entries_exist, assert_proxy_entries_exist @pytest.fixture(scope="function") @@ -75,32 +76,8 @@ def test_config_after_setup(self, kube_apis, ingress_controller_prerequisites, c ic_pod_name, ingress_controller_prerequisites.namespace) - assert "proxy_connect_timeout 60s;" in config - assert "proxy_read_timeout 60s;" in config - assert "proxy_send_timeout 60s;" in config - - assert "proxy_set_header Upgrade $http_upgrade;" in config - assert "proxy_http_version 1.1;" in config - - assert "proxy_next_upstream error timeout;" in config - assert "proxy_next_upstream_timeout 0s;" in config - assert "proxy_next_upstream_tries 0;" in config - - assert "grpc_connect_timeout 60s;" in config - assert "grpc_read_timeout 60s;" in config - assert "grpc_send_timeout 60s;" in config - - assert "grpc_set_header X-Real-IP $remote_addr;" in config - assert "grpc_set_header X-Forwarded-For $proxy_add_x_forwarded_for;" in config - assert "grpc_set_header X-Forwarded-Host $host;" in config - assert "grpc_set_header X-Forwarded-Port $server_port;" in config - assert "grpc_set_header X-Forwarded-Proto $scheme;" in config - - assert 'grpc_set_header Host "$host";' in config - - assert "grpc_next_upstream error timeout;" in config - assert "grpc_next_upstream_timeout 0s;" in config - assert "grpc_next_upstream_tries 0;" in config + assert_grpc_entries_exist(config) + assert_proxy_entries_exist(config) print("\nStep 2: check connection to http backend") resp = requests.get(virtual_server_setup.backend_2_url, headers={"host": virtual_server_setup.vs_host}) @@ -120,7 +97,8 @@ def test_config_after_setup(self, kube_apis, ingress_controller_prerequisites, c response = "" try: response = stub.SayHello(HelloRequest(name=virtual_server_setup.public_endpoint.public_ip)) - print(response) + valid_message = "Hello {}".format(virtual_server_setup.public_endpoint.public_ip) + assert valid_message in response.message except grpc.RpcError as e: print(e.details()) pytest.fail("RPC error was not expected during call, exiting...")