Skip to content

Commit

Permalink
Add controller tests for L7 intentions
Browse files Browse the repository at this point in the history
  • Loading branch information
Ashwin Venkatesh committed Oct 7, 2020
1 parent 8d3fcf6 commit b8a87a1
Showing 1 changed file with 134 additions and 3 deletions.
137 changes: 134 additions & 3 deletions controller/configentry_controller_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -248,6 +248,27 @@ func TestConfigEntryControllers_createsConfigEntry(t *testing.T) {
Name: "baz",
Action: "deny",
},
&v1alpha1.SourceIntention{
Name: "bax",
Permissions: v1alpha1.IntentionPermissions{
&v1alpha1.IntentionPermission{
Action: "allow",
HTTP: &v1alpha1.IntentionHTTPPermission{
PathExact: "/path",
Header: v1alpha1.IntentionHTTPHeaderPermissions{
v1alpha1.IntentionHTTPHeaderPermission{
Name: "auth",
Present: true,
},
},
Methods: []string{
"PUT",
"GET",
},
},
},
},
},
},
},
},
Expand All @@ -269,6 +290,9 @@ func TestConfigEntryControllers_createsConfigEntry(t *testing.T) {
require.Equal(t, capi.IntentionActionAllow, svcIntentions.Sources[0].Action)
require.Equal(t, "baz", svcIntentions.Sources[1].Name)
require.Equal(t, capi.IntentionActionDeny, svcIntentions.Sources[1].Action)
require.Equal(t, "bax", svcIntentions.Sources[2].Name)
require.Equal(t, capi.IntentionActionAllow, svcIntentions.Sources[2].Permissions[0].Action)
require.Equal(t, "/path", svcIntentions.Sources[2].Permissions[0].HTTP.PathExact)
},
},
}
Expand Down Expand Up @@ -571,6 +595,27 @@ func TestConfigEntryControllers_updatesConfigEntry(t *testing.T) {
Name: "bar",
Action: "allow",
},
&v1alpha1.SourceIntention{
Name: "baz",
Permissions: v1alpha1.IntentionPermissions{
&v1alpha1.IntentionPermission{
Action: "allow",
HTTP: &v1alpha1.IntentionHTTPPermission{
PathExact: "/path",
Header: v1alpha1.IntentionHTTPHeaderPermissions{
v1alpha1.IntentionHTTPHeaderPermission{
Name: "auth",
Present: true,
},
},
Methods: []string{
"PUT",
"GET",
},
},
},
},
},
},
},
},
Expand All @@ -587,11 +632,13 @@ func TestConfigEntryControllers_updatesConfigEntry(t *testing.T) {
updateF: func(resource common.ConfigEntryResource) {
svcIntentions := resource.(*v1alpha1.ServiceIntentions)
svcIntentions.Spec.Sources[0].Action = "deny"
svcIntentions.Spec.Sources[1].Permissions[0].Action = "deny"
},
compare: func(t *testing.T, consulEntry capi.ConfigEntry) {
configEntry, ok := consulEntry.(*capi.ServiceIntentionsConfigEntry)
require.True(t, ok, "cast error")
require.Equal(t, capi.IntentionActionDeny, configEntry.Sources[0].Action)
require.Equal(t, capi.IntentionActionDeny, configEntry.Sources[1].Permissions[0].Action)
},
},
}
Expand Down Expand Up @@ -859,6 +906,27 @@ func TestConfigEntryControllers_deletesConfigEntry(t *testing.T) {
Name: "bar",
Action: "allow",
},
&v1alpha1.SourceIntention{
Name: "baz",
Permissions: v1alpha1.IntentionPermissions{
&v1alpha1.IntentionPermission{
Action: "allow",
HTTP: &v1alpha1.IntentionHTTPPermission{
PathExact: "/path",
Header: v1alpha1.IntentionHTTPHeaderPermissions{
v1alpha1.IntentionHTTPHeaderPermission{
Name: "auth",
Present: true,
},
},
Methods: []string{
"PUT",
"GET",
},
},
},
},
},
},
},
},
Expand Down Expand Up @@ -1289,6 +1357,27 @@ func TestConfigEntryControllers_setsSyncedToTrue(t *testing.T) {
Name: "bar",
Action: "deny",
},
&v1alpha1.SourceIntention{
Name: "baz",
Permissions: v1alpha1.IntentionPermissions{
&v1alpha1.IntentionPermission{
Action: "allow",
HTTP: &v1alpha1.IntentionHTTPPermission{
PathExact: "/path",
Header: v1alpha1.IntentionHTTPHeaderPermissions{
v1alpha1.IntentionHTTPHeaderPermission{
Name: "auth",
Present: true,
},
},
Methods: []string{
"PUT",
"GET",
},
},
},
},
},
},
},
Status: v1alpha1.Status{
Expand Down Expand Up @@ -1519,6 +1608,27 @@ func TestConfigEntryControllers_doesNotCreateUnownedConfigEntry(t *testing.T) {
Name: "bar",
Action: "deny",
},
&v1alpha1.SourceIntention{
Name: "baz",
Permissions: v1alpha1.IntentionPermissions{
&v1alpha1.IntentionPermission{
Action: "allow",
HTTP: &v1alpha1.IntentionHTTPPermission{
PathExact: "/path",
Header: v1alpha1.IntentionHTTPHeaderPermissions{
v1alpha1.IntentionHTTPHeaderPermission{
Name: "auth",
Present: true,
},
},
Methods: []string{
"PUT",
"GET",
},
},
},
},
},
},
},
},
Expand Down Expand Up @@ -1862,6 +1972,27 @@ func TestConfigEntryControllers_doesNotDeleteUnownedConfig(t *testing.T) {
Name: "bar",
Action: "allow",
},
&v1alpha1.SourceIntention{
Name: "baz",
Permissions: v1alpha1.IntentionPermissions{
&v1alpha1.IntentionPermission{
Action: "allow",
HTTP: &v1alpha1.IntentionHTTPPermission{
PathExact: "/path",
Header: v1alpha1.IntentionHTTPHeaderPermissions{
v1alpha1.IntentionHTTPHeaderPermission{
Name: "auth",
Present: true,
},
},
Methods: []string{
"PUT",
"GET",
},
},
},
},
},
},
},
},
Expand All @@ -1876,9 +2007,9 @@ func TestConfigEntryControllers_doesNotDeleteUnownedConfig(t *testing.T) {
}
},
confirmDelete: func(t *testing.T, cli client.Client, ctx context.Context, name types.NamespacedName) {
svcSplitter := &v1alpha1.ServiceIntentions{}
_ = cli.Get(ctx, name, svcSplitter)
require.Empty(t, svcSplitter.Finalizers())
svcIntentions := &v1alpha1.ServiceIntentions{}
_ = cli.Get(ctx, name, svcIntentions)
require.Empty(t, svcIntentions.Finalizers())
},
},
}
Expand Down

0 comments on commit b8a87a1

Please sign in to comment.