From d2c094938190271bc63d6bd36a05c259586c16a6 Mon Sep 17 00:00:00 2001 From: Venktesh Date: Wed, 3 May 2023 16:45:02 +0100 Subject: [PATCH 1/7] remove counter limit --- tests/suite/test_jwt_policies_jwksuri.py | 8 ++++---- tests/suite/test_jwt_policies_jwksuri_vsr.py | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/tests/suite/test_jwt_policies_jwksuri.py b/tests/suite/test_jwt_policies_jwksuri.py index 9006de79d6..2909de82f2 100644 --- a/tests/suite/test_jwt_policies_jwksuri.py +++ b/tests/suite/test_jwt_policies_jwksuri.py @@ -111,7 +111,7 @@ def test_jwt_policy_jwksuri( resp_no_token.status_code == 502 counter = 0 - while resp_no_token.status_code != 401 and counter < 10: + while resp_no_token.status_code != 401: resp_no_token = requests.get( virtual_server_setup.backend_1_url, headers={"host": virtual_server_setup.vs_host}, @@ -230,7 +230,7 @@ def test_jwt_policy_subroute_jwksuri( resp_no_token.status_code == 502 counter = 0 - while resp_no_token.status_code != 401 and counter < 10: + while resp_no_token.status_code != 401: resp_no_token = requests.get( virtual_server_setup.backend_1_url + "/subpath1", headers={"host": virtual_server_setup.vs_host}, @@ -304,7 +304,7 @@ def test_jwt_policy_subroute_jwksuri_multiple_vs( resp_2_no_token.status_code == 502 counter = 0 - while resp_1_no_token.status_code != 401 and counter < 10: + while resp_1_no_token.status_code != 401: resp_1_no_token = requests.get( virtual_server_setup.backend_1_url + "/subpath1", headers={"host": virtual_server_setup.vs_host}, @@ -314,7 +314,7 @@ def test_jwt_policy_subroute_jwksuri_multiple_vs( counter = 0 - while resp_2_no_token.status_code != 401 and counter < 10: + while resp_2_no_token.status_code != 401: resp_2_no_token = requests.get( virtual_server_setup.backend_1_url + "/subpath1", headers={"host": "virtual-server-2.example.com"}, diff --git a/tests/suite/test_jwt_policies_jwksuri_vsr.py b/tests/suite/test_jwt_policies_jwksuri_vsr.py index c3b772f469..f295c4bbf6 100644 --- a/tests/suite/test_jwt_policies_jwksuri_vsr.py +++ b/tests/suite/test_jwt_policies_jwksuri_vsr.py @@ -101,7 +101,7 @@ def test_jwt_policy_jwksuri( resp_no_token.status_code == 502 counter = 0 - while resp_no_token.status_code != 401 and counter < 10: + while resp_no_token.status_code != 401: resp_no_token = requests.get( f"{req_url}{v_s_route_setup.route_m.paths[0]}", headers={"host": v_s_route_setup.vs_host}, From f0c35618960b726f53ef0f81c675cdb24e14e0e9 Mon Sep 17 00:00:00 2001 From: Venktesh Date: Wed, 3 May 2023 17:54:58 +0100 Subject: [PATCH 2/7] increase counter to 20 --- tests/suite/test_jwt_policies_jwksuri.py | 8 ++++---- tests/suite/test_jwt_policies_jwksuri_vsr.py | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/tests/suite/test_jwt_policies_jwksuri.py b/tests/suite/test_jwt_policies_jwksuri.py index 2909de82f2..52a7adee8e 100644 --- a/tests/suite/test_jwt_policies_jwksuri.py +++ b/tests/suite/test_jwt_policies_jwksuri.py @@ -111,7 +111,7 @@ def test_jwt_policy_jwksuri( resp_no_token.status_code == 502 counter = 0 - while resp_no_token.status_code != 401: + while resp_no_token.status_code != 401 and counter < 20: resp_no_token = requests.get( virtual_server_setup.backend_1_url, headers={"host": virtual_server_setup.vs_host}, @@ -230,7 +230,7 @@ def test_jwt_policy_subroute_jwksuri( resp_no_token.status_code == 502 counter = 0 - while resp_no_token.status_code != 401: + while resp_no_token.status_code != 401 and counter < 20: resp_no_token = requests.get( virtual_server_setup.backend_1_url + "/subpath1", headers={"host": virtual_server_setup.vs_host}, @@ -304,7 +304,7 @@ def test_jwt_policy_subroute_jwksuri_multiple_vs( resp_2_no_token.status_code == 502 counter = 0 - while resp_1_no_token.status_code != 401: + while resp_1_no_token.status_code != 401 and counter < 20: resp_1_no_token = requests.get( virtual_server_setup.backend_1_url + "/subpath1", headers={"host": virtual_server_setup.vs_host}, @@ -314,7 +314,7 @@ def test_jwt_policy_subroute_jwksuri_multiple_vs( counter = 0 - while resp_2_no_token.status_code != 401: + while resp_2_no_token.status_code != 401 and counter < 20: resp_2_no_token = requests.get( virtual_server_setup.backend_1_url + "/subpath1", headers={"host": "virtual-server-2.example.com"}, diff --git a/tests/suite/test_jwt_policies_jwksuri_vsr.py b/tests/suite/test_jwt_policies_jwksuri_vsr.py index f295c4bbf6..da2c42f637 100644 --- a/tests/suite/test_jwt_policies_jwksuri_vsr.py +++ b/tests/suite/test_jwt_policies_jwksuri_vsr.py @@ -101,7 +101,7 @@ def test_jwt_policy_jwksuri( resp_no_token.status_code == 502 counter = 0 - while resp_no_token.status_code != 401: + while resp_no_token.status_code != 401 and counter < 20: resp_no_token = requests.get( f"{req_url}{v_s_route_setup.route_m.paths[0]}", headers={"host": v_s_route_setup.vs_host}, From 9c94c67d45bac82562ba8f5dbe427adc653098a1 Mon Sep 17 00:00:00 2001 From: Venktesh Date: Thu, 4 May 2023 11:10:38 +0100 Subject: [PATCH 3/7] update mtls crl test with retries --- tests/suite/test_ingress_mtls.py | 120 +++++++++++++++++++------------ 1 file changed, 74 insertions(+), 46 deletions(-) diff --git a/tests/suite/test_ingress_mtls.py b/tests/suite/test_ingress_mtls.py index 0993e4c345..115c663a27 100644 --- a/tests/suite/test_ingress_mtls.py +++ b/tests/suite/test_ingress_mtls.py @@ -145,13 +145,21 @@ def test_ingress_mtls_policy( virtual_server_setup.namespace, ) wait_before_test() - resp = session.get( - virtual_server_setup.backend_1_url_ssl, - cert=(crt, key), - headers={"host": virtual_server_setup.vs_host}, - allow_redirects=False, - verify=False, - ) + resp = mock.Mock() + resp.status_code == 502 + counter = 0 + + while resp.status_code != expected_code and counter < 10: + resp = session.get( + virtual_server_setup.backend_1_url_ssl, + cert=(crt, key), + headers={"host": virtual_server_setup.vs_host}, + allow_redirects=False, + verify=False, + ) + wait_before_test() + counter += 1 + vs_res = read_vs(kube_apis.custom_objects, test_namespace, virtual_server_setup.vs_name) teardown_policy(kube_apis, test_namespace, tls_secret, pol_name, mtls_secret) @@ -207,22 +215,28 @@ def test_ingress_mtls_policy_cert( virtual_server_setup.namespace, ) wait_before_test() - ssl_exception = "" - resp = "" - try: - resp = session.get( - virtual_server_setup.backend_1_url_ssl, - cert=certificate, - headers={"host": virtual_server_setup.vs_host}, - allow_redirects=False, - verify=False, - ) - except requests.exceptions.SSLError as e: - print(f"SSL certificate exception: {e}") - ssl_exception = str(e) - resp = mock.Mock() - resp.status_code = "None" - resp.text = "None" + resp = mock.Mock() + resp.status_code == 502 + counter = 0 + + while resp.status_code != expected_code and counter < 10: + try: + resp = session.get( + virtual_server_setup.backend_1_url_ssl, + cert=certificate, + headers={"host": virtual_server_setup.vs_host}, + allow_redirects=False, + verify=False, + ) + wait_before_test() + counter += 1 + + except requests.exceptions.SSLError as e: + print(f"SSL certificate exception: {e}") + ssl_exception = str(e) + resp = mock.Mock() + resp.status_code = "None" + resp.text = "None" teardown_policy(kube_apis, test_namespace, tls_secret, pol_name, mtls_secret) @@ -267,7 +281,7 @@ def test_ingress_mtls_policy_cert( ), ], ) - def test_ingress_mtls_polciy_crl( + def test_ingress_mtls_policy_crl( self, kube_apis, crd_ingress_controller, @@ -297,13 +311,21 @@ def test_ingress_mtls_polciy_crl( virtual_server_setup.namespace, ) wait_before_test() - resp = session.get( - virtual_server_setup.backend_1_url_ssl, - cert=(crt_not_revoked, key_not_revoked), - headers={"host": virtual_server_setup.vs_host}, - allow_redirects=False, - verify=False, - ) + resp = mock.Mock() + resp.status_code == 502 + counter = 0 + + while resp.status_code != expected_code and counter < 10: + resp = session.get( + virtual_server_setup.backend_1_url_ssl, + cert=(crt_not_revoked, key_not_revoked), + headers={"host": virtual_server_setup.vs_host}, + allow_redirects=False, + verify=False, + ) + wait_before_test() + counter += 1 + vs_res = read_vs(kube_apis.custom_objects, test_namespace, virtual_server_setup.vs_name) teardown_policy(kube_apis, test_namespace, tls_secret, pol_name, mtls_secret) @@ -360,21 +382,27 @@ def test_ingress_mtls_policy_cert_crl( ) wait_before_test() ssl_exception = "" - resp = "" - try: - resp = session.get( - virtual_server_setup.backend_1_url_ssl, - cert=certificate, - headers={"host": virtual_server_setup.vs_host}, - allow_redirects=False, - verify=False, - ) - except requests.exceptions.SSLError as e: - print(f"SSL certificate exception: {e}") - ssl_exception = str(e) - resp = mock.Mock() - resp.status_code = "None" - resp.text = "None" + resp = mock.Mock() + resp.status_code == 502 + counter = 0 + + while resp.status_code != expected_code and counter < 10: + try: + resp = session.get( + virtual_server_setup.backend_1_url_ssl, + cert=certificate, + headers={"host": virtual_server_setup.vs_host}, + allow_redirects=False, + verify=False, + ) + wait_before_test() + counter += 1 + except requests.exceptions.SSLError as e: + print(f"SSL certificate exception: {e}") + ssl_exception = str(e) + resp = mock.Mock() + resp.status_code = "None" + resp.text = "None" teardown_policy(kube_apis, test_namespace, tls_secret, pol_name, mtls_secret) From 69417c87b04bc041291d23592660ae9b3e29b6db Mon Sep 17 00:00:00 2001 From: "pre-commit-ci[bot]" <66853113+pre-commit-ci[bot]@users.noreply.github.com> Date: Thu, 4 May 2023 10:12:37 +0000 Subject: [PATCH 4/7] [pre-commit.ci] auto fixes from pre-commit.com hooks for more information, see https://pre-commit.ci --- tests/suite/test_ingress_mtls.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suite/test_ingress_mtls.py b/tests/suite/test_ingress_mtls.py index 115c663a27..4ab7b7daba 100644 --- a/tests/suite/test_ingress_mtls.py +++ b/tests/suite/test_ingress_mtls.py @@ -325,7 +325,7 @@ def test_ingress_mtls_policy_crl( ) wait_before_test() counter += 1 - + vs_res = read_vs(kube_apis.custom_objects, test_namespace, virtual_server_setup.vs_name) teardown_policy(kube_apis, test_namespace, tls_secret, pol_name, mtls_secret) From 8c93fd4b164115b15bb8d78e0b2ce34292328007 Mon Sep 17 00:00:00 2001 From: Venktesh Date: Thu, 4 May 2023 12:06:30 +0100 Subject: [PATCH 5/7] add var for ssl_exception --- tests/suite/test_ingress_mtls.py | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/suite/test_ingress_mtls.py b/tests/suite/test_ingress_mtls.py index 4ab7b7daba..49e553aea0 100644 --- a/tests/suite/test_ingress_mtls.py +++ b/tests/suite/test_ingress_mtls.py @@ -311,6 +311,7 @@ def test_ingress_mtls_policy_crl( virtual_server_setup.namespace, ) wait_before_test() + ssl_exception = "" resp = mock.Mock() resp.status_code == 502 counter = 0 From e83a96f333f62ad6cb24f3dd75a4c8b83de96f18 Mon Sep 17 00:00:00 2001 From: Venktesh Date: Thu, 4 May 2023 12:43:13 +0100 Subject: [PATCH 6/7] typo --- tests/suite/test_ingress_mtls.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suite/test_ingress_mtls.py b/tests/suite/test_ingress_mtls.py index 49e553aea0..8cd25c6fef 100644 --- a/tests/suite/test_ingress_mtls.py +++ b/tests/suite/test_ingress_mtls.py @@ -215,6 +215,7 @@ def test_ingress_mtls_policy_cert( virtual_server_setup.namespace, ) wait_before_test() + ssl_exception="" resp = mock.Mock() resp.status_code == 502 counter = 0 @@ -311,7 +312,6 @@ def test_ingress_mtls_policy_crl( virtual_server_setup.namespace, ) wait_before_test() - ssl_exception = "" resp = mock.Mock() resp.status_code == 502 counter = 0 From ecdf34ac55f6069ab1ea86df1eef158dea1b5b6a Mon Sep 17 00:00:00 2001 From: "pre-commit-ci[bot]" <66853113+pre-commit-ci[bot]@users.noreply.github.com> Date: Thu, 4 May 2023 11:43:36 +0000 Subject: [PATCH 7/7] [pre-commit.ci] auto fixes from pre-commit.com hooks for more information, see https://pre-commit.ci --- tests/suite/test_ingress_mtls.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suite/test_ingress_mtls.py b/tests/suite/test_ingress_mtls.py index 8cd25c6fef..af4390c861 100644 --- a/tests/suite/test_ingress_mtls.py +++ b/tests/suite/test_ingress_mtls.py @@ -215,7 +215,7 @@ def test_ingress_mtls_policy_cert( virtual_server_setup.namespace, ) wait_before_test() - ssl_exception="" + ssl_exception = "" resp = mock.Mock() resp.status_code == 502 counter = 0