diff --git a/tests/data/common/service/loadbalancer-with-additional-ports.yaml b/tests/data/common/service/loadbalancer-with-additional-ports.yaml index 489b6b13dc..8b040ca901 100644 --- a/tests/data/common/service/loadbalancer-with-additional-ports.yaml +++ b/tests/data/common/service/loadbalancer-with-additional-ports.yaml @@ -23,6 +23,14 @@ spec: targetPort: 8443 protocol: TCP name: custom-tls-port + - port: 8085 + targetPort: 8085 + protocol: TCP + name: custom-http + - port: 8445 + targetPort: 8445 + protocol: TCP + name: custom-https - port: 9113 targetPort: 9113 protocol: TCP diff --git a/tests/data/common/service/nodeport-with-additional-ports.yaml b/tests/data/common/service/nodeport-with-additional-ports.yaml index f2b717a801..57c6cce982 100644 --- a/tests/data/common/service/nodeport-with-additional-ports.yaml +++ b/tests/data/common/service/nodeport-with-additional-ports.yaml @@ -38,5 +38,13 @@ spec: targetPort: 8443 protocol: TCP name: custom-ssl-port + - port: 8085 + targetPort: 8085 + protocol: TCP + name: custom-http + - port: 8445 + targetPort: 8445 + protocol: TCP + name: custom-https selector: app: nginx-ingress diff --git a/tests/data/virtual-server-custom-listeners/global-configuration-http-listener-with-ssl.yaml b/tests/data/virtual-server-custom-listeners/global-configuration-http-listener-with-ssl.yaml new file mode 100644 index 0000000000..11daf67d67 --- /dev/null +++ b/tests/data/virtual-server-custom-listeners/global-configuration-http-listener-with-ssl.yaml @@ -0,0 +1,21 @@ +apiVersion: k8s.nginx.org/v1alpha1 +kind: GlobalConfiguration +metadata: + name: nginx-configuration + namespace: nginx-ingress +spec: + listeners: + - name: dns-udp + port: 5353 + protocol: UDP + - name: dns-tcp + port: 5353 + protocol: TCP + - name: http-8085 + port: 8085 + protocol: HTTP + ssl: true + - name: https-8445 + port: 8445 + protocol: HTTP + ssl: true diff --git a/tests/data/virtual-server-custom-listeners/global-configuration-https-listener-without-ssl.yaml b/tests/data/virtual-server-custom-listeners/global-configuration-https-listener-without-ssl.yaml new file mode 100644 index 0000000000..f447489926 --- /dev/null +++ b/tests/data/virtual-server-custom-listeners/global-configuration-https-listener-without-ssl.yaml @@ -0,0 +1,19 @@ +apiVersion: k8s.nginx.org/v1alpha1 +kind: GlobalConfiguration +metadata: + name: nginx-configuration + namespace: nginx-ingress +spec: + listeners: + - name: dns-udp + port: 5353 + protocol: UDP + - name: dns-tcp + port: 5353 + protocol: TCP + - name: http-8085 + port: 8085 + protocol: HTTP + - name: https-8445 + port: 8445 + protocol: HTTP diff --git a/tests/data/virtual-server-custom-listeners/global-configuration-missing-http-https.yaml b/tests/data/virtual-server-custom-listeners/global-configuration-missing-http-https.yaml new file mode 100644 index 0000000000..66bbd0632d --- /dev/null +++ b/tests/data/virtual-server-custom-listeners/global-configuration-missing-http-https.yaml @@ -0,0 +1,13 @@ +apiVersion: k8s.nginx.org/v1alpha1 +kind: GlobalConfiguration +metadata: + name: nginx-configuration + namespace: nginx-ingress +spec: + listeners: + - name: dns-udp + port: 5353 + protocol: UDP + - name: dns-tcp + port: 5353 + protocol: TCP diff --git a/tests/data/virtual-server-custom-listeners/global-configuration-missing-http.yaml b/tests/data/virtual-server-custom-listeners/global-configuration-missing-http.yaml new file mode 100644 index 0000000000..d04f853ab4 --- /dev/null +++ b/tests/data/virtual-server-custom-listeners/global-configuration-missing-http.yaml @@ -0,0 +1,17 @@ +apiVersion: k8s.nginx.org/v1alpha1 +kind: GlobalConfiguration +metadata: + name: nginx-configuration + namespace: nginx-ingress +spec: + listeners: + - name: dns-udp + port: 5353 + protocol: UDP + - name: dns-tcp + port: 5353 + protocol: TCP + - name: https-8445 + port: 8445 + protocol: HTTP + ssl: true diff --git a/tests/data/virtual-server-custom-listeners/global-configuration-missing-https.yaml b/tests/data/virtual-server-custom-listeners/global-configuration-missing-https.yaml new file mode 100644 index 0000000000..e1d04f916c --- /dev/null +++ b/tests/data/virtual-server-custom-listeners/global-configuration-missing-https.yaml @@ -0,0 +1,16 @@ +apiVersion: k8s.nginx.org/v1alpha1 +kind: GlobalConfiguration +metadata: + name: nginx-configuration + namespace: nginx-ingress +spec: + listeners: + - name: dns-udp + port: 5353 + protocol: UDP + - name: dns-tcp + port: 5353 + protocol: TCP + - name: http-8085 + port: 8085 + protocol: HTTP diff --git a/tests/data/virtual-server-custom-listeners/global-configuration.yaml b/tests/data/virtual-server-custom-listeners/global-configuration.yaml new file mode 100644 index 0000000000..cb6edda94e --- /dev/null +++ b/tests/data/virtual-server-custom-listeners/global-configuration.yaml @@ -0,0 +1,20 @@ +apiVersion: k8s.nginx.org/v1alpha1 +kind: GlobalConfiguration +metadata: + name: nginx-configuration + namespace: nginx-ingress +spec: + listeners: + - name: dns-udp + port: 5353 + protocol: UDP + - name: dns-tcp + port: 5353 + protocol: TCP + - name: http-8085 + port: 8085 + protocol: HTTP + - name: https-8445 + port: 8445 + protocol: HTTP + ssl: true diff --git a/tests/data/virtual-server-custom-listeners/standard/virtual-server.yaml b/tests/data/virtual-server-custom-listeners/standard/virtual-server.yaml new file mode 100644 index 0000000000..b78faab44d --- /dev/null +++ b/tests/data/virtual-server-custom-listeners/standard/virtual-server.yaml @@ -0,0 +1,22 @@ +apiVersion: k8s.nginx.org/v1 +kind: VirtualServer +metadata: + name: virtual-server-status +spec: + host: virtual-server-status.example.com + tls: + secret: virtual-server-tls-secret + upstreams: + - name: backend2 + service: backend2-svc + port: 80 + - name: backend1 + service: backend1-svc + port: 80 + routes: + - path: /backend1 + action: + pass: backend1 + - path: /backend2 + action: + pass: backend2 diff --git a/tests/data/virtual-server-custom-listeners/virtual-server-http-https-listeners-switched.yaml b/tests/data/virtual-server-custom-listeners/virtual-server-http-https-listeners-switched.yaml new file mode 100644 index 0000000000..b88bd695f0 --- /dev/null +++ b/tests/data/virtual-server-custom-listeners/virtual-server-http-https-listeners-switched.yaml @@ -0,0 +1,25 @@ +apiVersion: k8s.nginx.org/v1 +kind: VirtualServer +metadata: + name: virtual-server-status +spec: + listener: + http: https-8445 + https: http-8085 + host: virtual-server-status.example.com + tls: + secret: virtual-server-tls-secret + upstreams: + - name: backend2 + service: backend2-svc + port: 80 + - name: backend1 + service: backend1-svc + port: 80 + routes: + - path: /backend1 + action: + pass: backend1 + - path: /backend2 + action: + pass: backend2 diff --git a/tests/data/virtual-server-custom-listeners/virtual-server-http-listener-in-https-block.yaml b/tests/data/virtual-server-custom-listeners/virtual-server-http-listener-in-https-block.yaml new file mode 100644 index 0000000000..bdbce2941b --- /dev/null +++ b/tests/data/virtual-server-custom-listeners/virtual-server-http-listener-in-https-block.yaml @@ -0,0 +1,25 @@ +apiVersion: k8s.nginx.org/v1 +kind: VirtualServer +metadata: + name: virtual-server-status +spec: + listener: + http: "" + https: http-8085 + host: virtual-server-status.example.com + tls: + secret: virtual-server-tls-secret + upstreams: + - name: backend2 + service: backend2-svc + port: 80 + - name: backend1 + service: backend1-svc + port: 80 + routes: + - path: /backend1 + action: + pass: backend1 + - path: /backend2 + action: + pass: backend2 diff --git a/tests/data/virtual-server-custom-listeners/virtual-server-https-listener-in-http-block.yaml b/tests/data/virtual-server-custom-listeners/virtual-server-https-listener-in-http-block.yaml new file mode 100644 index 0000000000..d65e710a1d --- /dev/null +++ b/tests/data/virtual-server-custom-listeners/virtual-server-https-listener-in-http-block.yaml @@ -0,0 +1,25 @@ +apiVersion: k8s.nginx.org/v1 +kind: VirtualServer +metadata: + name: virtual-server-status +spec: + listener: + http: https-8445 + https: "" + host: virtual-server-status.example.com + tls: + secret: virtual-server-tls-secret + upstreams: + - name: backend2 + service: backend2-svc + port: 80 + - name: backend1 + service: backend1-svc + port: 80 + routes: + - path: /backend1 + action: + pass: backend1 + - path: /backend2 + action: + pass: backend2 diff --git a/tests/data/virtual-server-custom-listeners/virtual-server.yaml b/tests/data/virtual-server-custom-listeners/virtual-server.yaml new file mode 100644 index 0000000000..07b52f37a4 --- /dev/null +++ b/tests/data/virtual-server-custom-listeners/virtual-server.yaml @@ -0,0 +1,25 @@ +apiVersion: k8s.nginx.org/v1 +kind: VirtualServer +metadata: + name: virtual-server-status +spec: + listener: + http: http-8085 + https: https-8445 + host: virtual-server-status.example.com + tls: + secret: virtual-server-tls-secret + upstreams: + - name: backend2 + service: backend2-svc + port: 80 + - name: backend1 + service: backend1-svc + port: 80 + routes: + - path: /backend1 + action: + pass: backend1 + - path: /backend2 + action: + pass: backend2 diff --git a/tests/suite/fixtures/custom_resource_fixtures.py b/tests/suite/fixtures/custom_resource_fixtures.py index 2744b038de..b78935d39b 100644 --- a/tests/suite/fixtures/custom_resource_fixtures.py +++ b/tests/suite/fixtures/custom_resource_fixtures.py @@ -54,6 +54,14 @@ def __init__(self, public_endpoint: PublicEndpoint, namespace, vs_host, vs_name, self.backend_2_url = f"http://{public_endpoint.public_ip}:{public_endpoint.port}{vs_paths[1]}" self.backend_1_url_ssl = f"https://{public_endpoint.public_ip}:{public_endpoint.port_ssl}{vs_paths[0]}" self.backend_2_url_ssl = f"https://{public_endpoint.public_ip}:{public_endpoint.port_ssl}{vs_paths[1]}" + self.backend_1_url_custom = f"http://{public_endpoint.public_ip}:{public_endpoint.custom_http}{vs_paths[0]}" + self.backend_2_url_custom = f"http://{public_endpoint.public_ip}:{public_endpoint.custom_http}{vs_paths[1]}" + self.backend_1_url_custom_ssl = ( + f"https://{public_endpoint.public_ip}:{public_endpoint.custom_https}{vs_paths[0]}" + ) + self.backend_2_url_custom_ssl = ( + f"https://{public_endpoint.public_ip}:{public_endpoint.custom_https}{vs_paths[1]}" + ) self.metrics_url = f"http://{public_endpoint.public_ip}:{public_endpoint.metrics_port}/metrics" diff --git a/tests/suite/fixtures/fixtures.py b/tests/suite/fixtures/fixtures.py index fcafa32804..53baccdb57 100644 --- a/tests/suite/fixtures/fixtures.py +++ b/tests/suite/fixtures/fixtures.py @@ -87,6 +87,8 @@ def __init__( udp_server_port=3334, service_insight_port=9114, custom_ssl_port=8443, + custom_http=8085, + custom_https=8445, ): self.public_ip = public_ip self.port = port @@ -97,6 +99,8 @@ def __init__( self.udp_server_port = udp_server_port self.service_insight_port = service_insight_port self.custom_ssl_port = custom_ssl_port + self.custom_http = custom_http + self.custom_https = custom_https class IngressControllerPrerequisites: @@ -185,6 +189,8 @@ def ingress_controller_endpoint(cli_arguments, kube_apis, ingress_controller_pre udp_server_port, service_insight_port, custom_ssl_port, + custom_http, + custom_https, ) = get_service_node_ports(kube_apis.v1, service_name, namespace) return PublicEndpoint( public_ip, @@ -196,6 +202,8 @@ def ingress_controller_endpoint(cli_arguments, kube_apis, ingress_controller_pre udp_server_port, service_insight_port, custom_ssl_port, + custom_http, + custom_https, ) else: create_service_from_yaml( diff --git a/tests/suite/test_virtual_server_custom_listeners.py b/tests/suite/test_virtual_server_custom_listeners.py new file mode 100644 index 0000000000..324db1c799 --- /dev/null +++ b/tests/suite/test_virtual_server_custom_listeners.py @@ -0,0 +1,374 @@ +from typing import List, TypedDict + +import pytest +import requests +from requests.exceptions import ConnectionError +from settings import TEST_DATA +from suite.utils.custom_resources_utils import create_gc_from_yaml, delete_gc, patch_gc_from_yaml +from suite.utils.resources_utils import create_secret_from_yaml, delete_secret, get_first_pod_name, wait_before_test +from suite.utils.vs_vsr_resources_utils import get_vs_nginx_template_conf, patch_virtual_server_from_yaml, read_vs + + +def make_request(url, host): + return requests.get( + url, + headers={"host": host}, + allow_redirects=False, + verify=False, + ) + + +def restore_default_vs(kube_apis, virtual_server_setup) -> None: + """ + Function to revert vs deployment to valid state + """ + patch_src = f"{TEST_DATA}/virtual-server-status/standard/virtual-server.yaml" + patch_virtual_server_from_yaml( + kube_apis.custom_objects, + virtual_server_setup.vs_name, + patch_src, + virtual_server_setup.namespace, + ) + wait_before_test() + + +@pytest.mark.vs +@pytest.mark.parametrize( + "crd_ingress_controller, virtual_server_setup", + [ + ( + { + "type": "complete", + "extra_args": [ + f"-global-configuration=nginx-ingress/nginx-configuration", + f"-enable-leader-election=false", + ], + }, + { + "example": "virtual-server-custom-listeners", + "app_type": "simple", + }, + ) + ], + indirect=True, +) +class TestVirtualServerCustomListeners: + TestSetup = TypedDict( + "TestSetup", + { + "gc_yaml": str, + "vs_yaml": str, + "http_listener_in_config": bool, + "https_listener_in_config": bool, + "expected_response_codes": List[int], # responses from requests to port 80, 433, 8085, 8445 + "expected_error_msg": str, + }, + ) + + @pytest.mark.parametrize( + "test_setup", + [ + { + "gc_yaml": "global-configuration", + "vs_yaml": "virtual-server", + "http_listener_in_config": True, + "https_listener_in_config": True, + "expected_response_codes": [404, 404, 200, 200], + "expected_error_msg": "", + }, + { + "gc_yaml": "global-configuration-missing-http", + "vs_yaml": "virtual-server", + "http_listener_in_config": False, + "https_listener_in_config": True, + "expected_response_codes": [404, 404, 0, 200], + "expected_error_msg": "Listener http-8085 is not defined in GlobalConfiguration", + }, + { + "gc_yaml": "global-configuration-missing-https", + "vs_yaml": "virtual-server", + "http_listener_in_config": True, + "https_listener_in_config": False, + "expected_response_codes": [404, 404, 200, 0], + "expected_error_msg": "Listener https-8445 is not defined in GlobalConfiguration", + }, + { + "gc_yaml": "global-configuration-missing-http-https", + "vs_yaml": "virtual-server", + "http_listener_in_config": False, + "https_listener_in_config": False, + "expected_response_codes": [404, 404, 0, 0], + "expected_error_msg": "Listeners defined, but no GlobalConfiguration is deployed", + }, + { + "gc_yaml": "global-configuration", + "vs_yaml": "virtual-server-http-listener-in-https-block", + "http_listener_in_config": False, + "https_listener_in_config": False, + "expected_response_codes": [404, 404, 0, 0], + "expected_error_msg": "Listener http-8085 can't be use in `listener.https` context as SSL is not " + "enabled for that listener", + }, + { + "gc_yaml": "global-configuration", + "vs_yaml": "virtual-server-https-listener-in-http-block", + "http_listener_in_config": False, + "https_listener_in_config": False, + "expected_response_codes": [404, 404, 0, 0], + "expected_error_msg": "Listener https-8445 can't be use in `listener.http` context as SSL is enabled " + "for that listener.", + }, + { + "gc_yaml": "global-configuration", + "vs_yaml": "virtual-server-http-https-listeners-switched", + "http_listener_in_config": False, + "https_listener_in_config": False, + "expected_response_codes": [404, 404, 0, 0], + "expected_error_msg": "Listener https-8445 can't be use in `listener.http` context as SSL is enabled " + "for that listener.", + }, + { + "gc_yaml": "", + "vs_yaml": "virtual-server", + "http_listener_in_config": False, + "https_listener_in_config": False, + "expected_response_codes": [404, 404, 0, 0], + "expected_error_msg": "Listeners defined, but no GlobalConfiguration is deployed", + }, + ], + ids=[ + "valid_config", + "global_configuration_missing_http_listener", + "global_configuration_missing_https_listener", + "global_configuration_missing_both_http_and_https_listeners", + "http_listener_in_https_block", + "https_listener_in_http_block", + "http_https_listeners_switched", + "no_global_configuration", + ], + ) + def test_custom_listeners( + self, + kube_apis, + ingress_controller_prerequisites, + crd_ingress_controller, + virtual_server_setup, + test_setup: TestSetup, + ) -> None: + print("\nStep 1: Create GC resource") + secret_name = create_secret_from_yaml( + kube_apis.v1, virtual_server_setup.namespace, f"{TEST_DATA}/virtual-server-tls/tls-secret.yaml" + ) + if test_setup["gc_yaml"]: + global_config_file = f"{TEST_DATA}/virtual-server-custom-listeners/{test_setup['gc_yaml']}.yaml" + gc_resource = create_gc_from_yaml(kube_apis.custom_objects, global_config_file, "nginx-ingress") + + print("\nStep 2: Create VS with custom listeners") + vs_custom_listeners = f"{TEST_DATA}/virtual-server-custom-listeners/{test_setup['vs_yaml']}.yaml" + patch_virtual_server_from_yaml( + kube_apis.custom_objects, + virtual_server_setup.vs_name, + vs_custom_listeners, + virtual_server_setup.namespace, + ) + wait_before_test() + + print("\nStep 3: Test generated VS configs") + ic_pod_name = get_first_pod_name(kube_apis.v1, ingress_controller_prerequisites.namespace) + vs_config = get_vs_nginx_template_conf( + kube_apis.v1, + virtual_server_setup.namespace, + virtual_server_setup.vs_name, + ic_pod_name, + ingress_controller_prerequisites.namespace, + ) + + print(vs_config) + + if test_setup["http_listener_in_config"]: + assert "listen 8085;" in vs_config + assert "listen [::]:8085;" in vs_config + + else: + assert "listen 8085;" not in vs_config + assert "listen [::]:8085;" not in vs_config + + if test_setup["https_listener_in_config"]: + assert "listen 8445 ssl;" in vs_config + assert "listen [::]:8445 ssl;" in vs_config + else: + assert "listen 8445 ssl;" not in vs_config + assert "listen [::]:8445 ssl;" not in vs_config + + assert "listen 80;" not in vs_config + assert "listen [::]:80;" not in vs_config + assert "listen 443 ssl;" not in vs_config + assert "listen [::]:443 ssl;" not in vs_config + + print("\nStep 4: Test HTTP responses") + urls = [ + virtual_server_setup.backend_1_url, + virtual_server_setup.backend_1_url_ssl, + virtual_server_setup.backend_1_url_custom, + virtual_server_setup.backend_1_url_custom_ssl, + ] + for url, expected_response in zip(urls, test_setup["expected_response_codes"]): + if expected_response > 0: + res = make_request(url, virtual_server_setup.vs_host) + assert res.status_code == expected_response + else: + with pytest.raises(ConnectionError, match="Connection refused") as e: + make_request(url, virtual_server_setup.vs_host) + + print("\nStep 5: Test Kubernetes VirtualServer warning events") + if test_setup["expected_error_msg"]: + response = read_vs(kube_apis.custom_objects, virtual_server_setup.namespace, virtual_server_setup.vs_name) + print(response) + assert ( + response["status"]["reason"] == "AddedOrUpdatedWithWarning" + and response["status"]["state"] == "Warning" + and test_setup["expected_error_msg"] in response["status"]["message"] + ) + + print("\nStep 6: Restore test environments") + delete_secret(kube_apis.v1, secret_name, virtual_server_setup.namespace) + restore_default_vs(kube_apis, virtual_server_setup) + if test_setup["gc_yaml"]: + delete_gc(kube_apis.custom_objects, gc_resource, "nginx-ingress") + + @pytest.mark.parametrize( + "test_setup", + [ + { + "gc_yaml": "", # delete gc if empty + "vs_yaml": "virtual-server", + "http_listener_in_config": False, + "https_listener_in_config": False, + "expected_response_codes": [404, 404, 0, 0], + "expected_error_msg": "Listeners defined, but no GlobalConfiguration is deployed", + }, + { + "gc_yaml": "global-configuration-https-listener-without-ssl", + "vs_yaml": "virtual-server", + "http_listener_in_config": True, + "https_listener_in_config": False, + "expected_response_codes": [404, 404, 200, 0], + "expected_error_msg": "Listener https-8445 can't be use in `listener.https` context as SSL is not " + "enabled for that listener.", + }, + { + "gc_yaml": "global-configuration-http-listener-with-ssl", + "vs_yaml": "virtual-server", + "http_listener_in_config": False, + "https_listener_in_config": True, + "expected_response_codes": [404, 404, 0, 200], + "expected_error_msg": "Listener http-8085 can't be use in `listener.http` context as SSL is enabled", + }, + ], + ids=["delete_gc", "update_gc_https_listener_ssl_false", "update_gc_http_listener_ssl_true"], + ) + def test_custom_listeners_update( + self, + kube_apis, + ingress_controller_prerequisites, + crd_ingress_controller, + virtual_server_setup, + test_setup: TestSetup, + ) -> None: + # Deploy a working global config and virtual server, and then tests for errors after gc update + print("\nStep 1: Create GC resource") + secret_name = create_secret_from_yaml( + kube_apis.v1, virtual_server_setup.namespace, f"{TEST_DATA}/virtual-server-tls/tls-secret.yaml" + ) + global_config_file = f"{TEST_DATA}/virtual-server-custom-listeners/global-configuration.yaml" + gc_resource = create_gc_from_yaml(kube_apis.custom_objects, global_config_file, "nginx-ingress") + vs_custom_listeners = f"{TEST_DATA}/virtual-server-custom-listeners/virtual-server.yaml" + + print("\nStep 2: Create VS with custom listener (http-8085, https-8445)") + patch_virtual_server_from_yaml( + kube_apis.custom_objects, + virtual_server_setup.vs_name, + vs_custom_listeners, + virtual_server_setup.namespace, + ) + wait_before_test() + + urls = [ + virtual_server_setup.backend_1_url, + virtual_server_setup.backend_1_url_ssl, + virtual_server_setup.backend_1_url_custom, + virtual_server_setup.backend_1_url_custom_ssl, + ] + + for url, expected_response in zip(urls, [404, 404, 200, 200]): + if expected_response > 0: + res = make_request(url, virtual_server_setup.vs_host) + assert res.status_code == expected_response + else: + with pytest.raises(ConnectionError, match="Connection refused"): + make_request(url, virtual_server_setup.vs_host) + + print("\nStep 3: Apply gc or vs update") + if test_setup["gc_yaml"]: + global_config_file = f"{TEST_DATA}/virtual-server-custom-listeners/{test_setup['gc_yaml']}.yaml" + patch_gc_from_yaml( + kube_apis.custom_objects, gc_resource["metadata"]["name"], global_config_file, "nginx-ingress" + ) + else: + delete_gc(kube_apis.custom_objects, gc_resource, "nginx-ingress") + wait_before_test() + + print("\nStep 4: Test generated VS configs") + ic_pod_name = get_first_pod_name(kube_apis.v1, ingress_controller_prerequisites.namespace) + vs_config = get_vs_nginx_template_conf( + kube_apis.v1, + virtual_server_setup.namespace, + virtual_server_setup.vs_name, + ic_pod_name, + ingress_controller_prerequisites.namespace, + ) + print(vs_config) + + if test_setup["http_listener_in_config"]: + assert "listen 8085;" in vs_config + assert "listen [::]:8085;" in vs_config + else: + assert "listen 8085;" not in vs_config + assert "listen [::]:8085;" not in vs_config + + if test_setup["https_listener_in_config"]: + assert "listen 8445 ssl;" in vs_config + assert "listen [::]:8445 ssl;" in vs_config + else: + assert "listen 8445 ssl;" not in vs_config + assert "listen [::]:8445 ssl;" not in vs_config + + assert "listen 80;" not in vs_config + assert "listen [::]:80;" not in vs_config + assert "listen 443 ssl;" not in vs_config + assert "listen [::]:443 ssl;" not in vs_config + + print("\nStep 5: Test HTTP responses") + for url, expected_response in zip(urls, test_setup["expected_response_codes"]): + if expected_response > 0: + res = make_request(url, virtual_server_setup.vs_host) + assert res.status_code == expected_response + else: + with pytest.raises(ConnectionError, match="Connection refused"): + make_request(url, virtual_server_setup.vs_host) + + print("\nStep 6: Test Kubernetes VirtualServer warning events") + if test_setup["expected_error_msg"]: + response = read_vs(kube_apis.custom_objects, virtual_server_setup.namespace, virtual_server_setup.vs_name) + print(response) + assert ( + response["status"]["reason"] == "AddedOrUpdatedWithWarning" + and response["status"]["state"] == "Warning" + and test_setup["expected_error_msg"] in response["status"]["message"] + ) + + print("\nStep 7: Restore test environments") + delete_secret(kube_apis.v1, secret_name, virtual_server_setup.namespace) + restore_default_vs(kube_apis, virtual_server_setup) + if test_setup["gc_yaml"]: + delete_gc(kube_apis.custom_objects, gc_resource, "nginx-ingress") diff --git a/tests/suite/utils/custom_resources_utils.py b/tests/suite/utils/custom_resources_utils.py index 9fcff4bf78..587773d3b3 100644 --- a/tests/suite/utils/custom_resources_utils.py +++ b/tests/suite/utils/custom_resources_utils.py @@ -149,9 +149,23 @@ def create_gc_from_yaml(custom_objects: CustomObjectsApi, yaml_manifest, namespa :param namespace: :return: a dictionary representing the resource """ + print(f"Load {yaml_manifest}") return create_resource_from_yaml(custom_objects, yaml_manifest, namespace, "globalconfigurations") +def patch_gc_from_yaml(custom_objects: CustomObjectsApi, name, yaml_manifest, namespace) -> dict: + """ + Patch a GlobalConfiguration Resource based on yaml file. + + :param custom_objects: CustomObjectsApi + :param yaml_manifest: an absolute path to file + :param namespace: + :return: a dictionary representing the resource + """ + print(f"Load {yaml_manifest}") + return patch_custom_resource_v1alpha1(custom_objects, name, yaml_manifest, namespace, "globalconfigurations") + + def create_resource_from_yaml(custom_objects: CustomObjectsApi, yaml_manifest, namespace, plural) -> dict: """ Create a Resource based on yaml file. diff --git a/tests/suite/utils/resources_utils.py b/tests/suite/utils/resources_utils.py index 0327e521ea..21c9a19297 100644 --- a/tests/suite/utils/resources_utils.py +++ b/tests/suite/utils/resources_utils.py @@ -445,7 +445,9 @@ def get_service_node_ports(v1: CoreV1Api, name, namespace) -> (int, int, int, in print(f"Service with an TPC server port: {resp.spec.ports[4].node_port}") print(f"Service with an UDP server port: {resp.spec.ports[5].node_port}") print(f"Service with an Service Insight port: {resp.spec.ports[6].node_port}") - print(f"Service with an custom ssl port: {resp.spec.ports[7].node_port}") + print(f"Service with an custom SSL port: {resp.spec.ports[7].node_port}") + print(f"Service with an custom http listener port: {resp.spec.ports[8].node_port}") + print(f"Service with an custom https listener port: {resp.spec.ports[9].node_port}") return ( resp.spec.ports[0].node_port, resp.spec.ports[1].node_port, @@ -455,6 +457,8 @@ def get_service_node_ports(v1: CoreV1Api, name, namespace) -> (int, int, int, in resp.spec.ports[5].node_port, resp.spec.ports[6].node_port, resp.spec.ports[7].node_port, + resp.spec.ports[8].node_port, + resp.spec.ports[9].node_port, )