From 85a353a9ae504d59c1d0f9c4e043a243434acb42 Mon Sep 17 00:00:00 2001 From: Venktesh Shivam Patel Date: Thu, 4 May 2023 15:27:41 +0100 Subject: [PATCH] increase counter and add retries to jwks and mtls ingress tests (#3861) --- tests/suite/test_ingress_mtls.py | 119 ++++++++++++------- tests/suite/test_jwt_policies_jwksuri.py | 8 +- tests/suite/test_jwt_policies_jwksuri_vsr.py | 2 +- 3 files changed, 79 insertions(+), 50 deletions(-) diff --git a/tests/suite/test_ingress_mtls.py b/tests/suite/test_ingress_mtls.py index 0993e4c345..af4390c861 100644 --- a/tests/suite/test_ingress_mtls.py +++ b/tests/suite/test_ingress_mtls.py @@ -145,13 +145,21 @@ def test_ingress_mtls_policy( virtual_server_setup.namespace, ) wait_before_test() - resp = session.get( - virtual_server_setup.backend_1_url_ssl, - cert=(crt, key), - headers={"host": virtual_server_setup.vs_host}, - allow_redirects=False, - verify=False, - ) + resp = mock.Mock() + resp.status_code == 502 + counter = 0 + + while resp.status_code != expected_code and counter < 10: + resp = session.get( + virtual_server_setup.backend_1_url_ssl, + cert=(crt, key), + headers={"host": virtual_server_setup.vs_host}, + allow_redirects=False, + verify=False, + ) + wait_before_test() + counter += 1 + vs_res = read_vs(kube_apis.custom_objects, test_namespace, virtual_server_setup.vs_name) teardown_policy(kube_apis, test_namespace, tls_secret, pol_name, mtls_secret) @@ -208,21 +216,28 @@ def test_ingress_mtls_policy_cert( ) wait_before_test() ssl_exception = "" - resp = "" - try: - resp = session.get( - virtual_server_setup.backend_1_url_ssl, - cert=certificate, - headers={"host": virtual_server_setup.vs_host}, - allow_redirects=False, - verify=False, - ) - except requests.exceptions.SSLError as e: - print(f"SSL certificate exception: {e}") - ssl_exception = str(e) - resp = mock.Mock() - resp.status_code = "None" - resp.text = "None" + resp = mock.Mock() + resp.status_code == 502 + counter = 0 + + while resp.status_code != expected_code and counter < 10: + try: + resp = session.get( + virtual_server_setup.backend_1_url_ssl, + cert=certificate, + headers={"host": virtual_server_setup.vs_host}, + allow_redirects=False, + verify=False, + ) + wait_before_test() + counter += 1 + + except requests.exceptions.SSLError as e: + print(f"SSL certificate exception: {e}") + ssl_exception = str(e) + resp = mock.Mock() + resp.status_code = "None" + resp.text = "None" teardown_policy(kube_apis, test_namespace, tls_secret, pol_name, mtls_secret) @@ -267,7 +282,7 @@ def test_ingress_mtls_policy_cert( ), ], ) - def test_ingress_mtls_polciy_crl( + def test_ingress_mtls_policy_crl( self, kube_apis, crd_ingress_controller, @@ -297,13 +312,21 @@ def test_ingress_mtls_polciy_crl( virtual_server_setup.namespace, ) wait_before_test() - resp = session.get( - virtual_server_setup.backend_1_url_ssl, - cert=(crt_not_revoked, key_not_revoked), - headers={"host": virtual_server_setup.vs_host}, - allow_redirects=False, - verify=False, - ) + resp = mock.Mock() + resp.status_code == 502 + counter = 0 + + while resp.status_code != expected_code and counter < 10: + resp = session.get( + virtual_server_setup.backend_1_url_ssl, + cert=(crt_not_revoked, key_not_revoked), + headers={"host": virtual_server_setup.vs_host}, + allow_redirects=False, + verify=False, + ) + wait_before_test() + counter += 1 + vs_res = read_vs(kube_apis.custom_objects, test_namespace, virtual_server_setup.vs_name) teardown_policy(kube_apis, test_namespace, tls_secret, pol_name, mtls_secret) @@ -360,21 +383,27 @@ def test_ingress_mtls_policy_cert_crl( ) wait_before_test() ssl_exception = "" - resp = "" - try: - resp = session.get( - virtual_server_setup.backend_1_url_ssl, - cert=certificate, - headers={"host": virtual_server_setup.vs_host}, - allow_redirects=False, - verify=False, - ) - except requests.exceptions.SSLError as e: - print(f"SSL certificate exception: {e}") - ssl_exception = str(e) - resp = mock.Mock() - resp.status_code = "None" - resp.text = "None" + resp = mock.Mock() + resp.status_code == 502 + counter = 0 + + while resp.status_code != expected_code and counter < 10: + try: + resp = session.get( + virtual_server_setup.backend_1_url_ssl, + cert=certificate, + headers={"host": virtual_server_setup.vs_host}, + allow_redirects=False, + verify=False, + ) + wait_before_test() + counter += 1 + except requests.exceptions.SSLError as e: + print(f"SSL certificate exception: {e}") + ssl_exception = str(e) + resp = mock.Mock() + resp.status_code = "None" + resp.text = "None" teardown_policy(kube_apis, test_namespace, tls_secret, pol_name, mtls_secret) diff --git a/tests/suite/test_jwt_policies_jwksuri.py b/tests/suite/test_jwt_policies_jwksuri.py index 9006de79d6..52a7adee8e 100644 --- a/tests/suite/test_jwt_policies_jwksuri.py +++ b/tests/suite/test_jwt_policies_jwksuri.py @@ -111,7 +111,7 @@ def test_jwt_policy_jwksuri( resp_no_token.status_code == 502 counter = 0 - while resp_no_token.status_code != 401 and counter < 10: + while resp_no_token.status_code != 401 and counter < 20: resp_no_token = requests.get( virtual_server_setup.backend_1_url, headers={"host": virtual_server_setup.vs_host}, @@ -230,7 +230,7 @@ def test_jwt_policy_subroute_jwksuri( resp_no_token.status_code == 502 counter = 0 - while resp_no_token.status_code != 401 and counter < 10: + while resp_no_token.status_code != 401 and counter < 20: resp_no_token = requests.get( virtual_server_setup.backend_1_url + "/subpath1", headers={"host": virtual_server_setup.vs_host}, @@ -304,7 +304,7 @@ def test_jwt_policy_subroute_jwksuri_multiple_vs( resp_2_no_token.status_code == 502 counter = 0 - while resp_1_no_token.status_code != 401 and counter < 10: + while resp_1_no_token.status_code != 401 and counter < 20: resp_1_no_token = requests.get( virtual_server_setup.backend_1_url + "/subpath1", headers={"host": virtual_server_setup.vs_host}, @@ -314,7 +314,7 @@ def test_jwt_policy_subroute_jwksuri_multiple_vs( counter = 0 - while resp_2_no_token.status_code != 401 and counter < 10: + while resp_2_no_token.status_code != 401 and counter < 20: resp_2_no_token = requests.get( virtual_server_setup.backend_1_url + "/subpath1", headers={"host": "virtual-server-2.example.com"}, diff --git a/tests/suite/test_jwt_policies_jwksuri_vsr.py b/tests/suite/test_jwt_policies_jwksuri_vsr.py index c3b772f469..da2c42f637 100644 --- a/tests/suite/test_jwt_policies_jwksuri_vsr.py +++ b/tests/suite/test_jwt_policies_jwksuri_vsr.py @@ -101,7 +101,7 @@ def test_jwt_policy_jwksuri( resp_no_token.status_code == 502 counter = 0 - while resp_no_token.status_code != 401 and counter < 10: + while resp_no_token.status_code != 401 and counter < 20: resp_no_token = requests.get( f"{req_url}{v_s_route_setup.route_m.paths[0]}", headers={"host": v_s_route_setup.vs_host},