From a6e267e78340841d008ff773dfa5c162e0374125 Mon Sep 17 00:00:00 2001 From: Rafal Wegrzycki Date: Tue, 8 Sep 2020 12:13:10 +0200 Subject: [PATCH 1/3] add option to specify other log dstns --- internal/k8s/app_protect_resources.go | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/internal/k8s/app_protect_resources.go b/internal/k8s/app_protect_resources.go index 685f54421f..b3f942de53 100644 --- a/internal/k8s/app_protect_resources.go +++ b/internal/k8s/app_protect_resources.go @@ -55,14 +55,22 @@ func ValidateAppProtectLogConf(logConf *unstructured.Unstructured) error { return nil } -var logDstEx = regexp.MustCompile(`syslog:server=((?:\d{1,3}\.){3}\d{1,3}|localhost):\d{1,5}`) +var logDstEx = regexp.MustCompile(`(?:syslog:server=((?:\d{1,3}\.){3}\d{1,3}|localhost):\d{1,5})|stderr|(?:\/[\S]+)+`) +var logDstFileEx = regexp.MustCompile(`(?:\/[\S]+)+`) // ValidateAppProtectLogDestinationAnnotation validates annotation for log destination configuration func ValidateAppProtectLogDestinationAnnotation(dstAntn string) error { - errormsg := "Error parsing App Protect Log config: Destination Annotation must follow format: syslog:server=:" + errormsg := "Error parsing App Protect Log config: Destination Annotation must follow format: syslog:server=: or stderr or absolute path to file" if !logDstEx.MatchString(dstAntn) { return fmt.Errorf("%s Log Destination did not follow format", errormsg) } + if dstAntn == "stderr" { + return nil + } + + if logDstFileEx.MatchString(dstAntn) { + return nil + } dstchunks := strings.Split(dstAntn, ":") From 7675a7f563c4df40d7846d5ab06d9f9c203bf634 Mon Sep 17 00:00:00 2001 From: Rafal Wegrzycki Date: Mon, 21 Sep 2020 17:32:28 +0200 Subject: [PATCH 2/3] added unit test for log destination validation --- internal/k8s/app_protect_resources.go | 6 ++-- internal/k8s/app_protect_resources_test.go | 32 ++++++++++++++++++++++ 2 files changed, 34 insertions(+), 4 deletions(-) create mode 100644 internal/k8s/app_protect_resources_test.go diff --git a/internal/k8s/app_protect_resources.go b/internal/k8s/app_protect_resources.go index b3f942de53..d29ab03881 100644 --- a/internal/k8s/app_protect_resources.go +++ b/internal/k8s/app_protect_resources.go @@ -74,10 +74,8 @@ func ValidateAppProtectLogDestinationAnnotation(dstAntn string) error { dstchunks := strings.Split(dstAntn, ":") - port, err := strconv.Atoi(dstchunks[2]) - if err != nil { - return fmt.Errorf("Error parsing port: %v", err) - } + // This error can be ingored since the regex check ensures this string will be parsable + port, _ := strconv.Atoi(dstchunks[2]) if port > 65535 || port < 1 { return fmt.Errorf("Error parsing port: %v not a valid port number", port) diff --git a/internal/k8s/app_protect_resources_test.go b/internal/k8s/app_protect_resources_test.go new file mode 100644 index 0000000000..c01e65eafd --- /dev/null +++ b/internal/k8s/app_protect_resources_test.go @@ -0,0 +1,32 @@ +package k8s + +import ( + "strings" + "testing" +) +// Positive test cases +var posDstAntns = []string{"stderr", "syslog:server=localhost:9000", "syslog:server=10.1.1.2:9000", "/var/log/ap.log"} + +// Negative test cases item, expected error message +var negDstAntns = [][]string{{"stdout", "Log Destination did not follow format"}, + {"syslog:server=localhost:99999", "not a valid port number"}, + {"syslog:server=999.99.99.99:5678", "is not a valid ip address"}} + +func TestValidateAppProtectLogDestinationAnnotation(t *testing.T) { + for _, tCase := range posDstAntns { + err := ValidateAppProtectLogDestinationAnnotation(tCase) + if err != nil { + t.Errorf("got %v expected nil", err) + } + } + for _, nTCase := range negDstAntns { + err := ValidateAppProtectLogDestinationAnnotation(nTCase[0]) + if err == nil { + t.Errorf("got no error expected error containing %s", nTCase[1]) + } else { + if !strings.Contains(err.Error(), nTCase[1]) { + t.Errorf("got %v expected to contain: %s", err, nTCase[1]) + } + } + } +} From fb0158d64f148a4f0d0ec4b7e7be786c91e5a822 Mon Sep 17 00:00:00 2001 From: Rafal Wegrzycki Date: Mon, 21 Sep 2020 18:19:02 +0200 Subject: [PATCH 3/3] change variable scope --- internal/k8s/app_protect_resources_test.go | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/internal/k8s/app_protect_resources_test.go b/internal/k8s/app_protect_resources_test.go index c01e65eafd..385fb03d5f 100644 --- a/internal/k8s/app_protect_resources_test.go +++ b/internal/k8s/app_protect_resources_test.go @@ -4,15 +4,16 @@ import ( "strings" "testing" ) -// Positive test cases -var posDstAntns = []string{"stderr", "syslog:server=localhost:9000", "syslog:server=10.1.1.2:9000", "/var/log/ap.log"} -// Negative test cases item, expected error message -var negDstAntns = [][]string{{"stdout", "Log Destination did not follow format"}, +func TestValidateAppProtectLogDestinationAnnotation(t *testing.T) { + // Positive test cases + var posDstAntns = []string{"stderr", "syslog:server=localhost:9000", "syslog:server=10.1.1.2:9000", "/var/log/ap.log"} + + // Negative test cases item, expected error message + var negDstAntns = [][]string{{"stdout", "Log Destination did not follow format"}, {"syslog:server=localhost:99999", "not a valid port number"}, {"syslog:server=999.99.99.99:5678", "is not a valid ip address"}} -func TestValidateAppProtectLogDestinationAnnotation(t *testing.T) { for _, tCase := range posDstAntns { err := ValidateAppProtectLogDestinationAnnotation(tCase) if err != nil {