Bug 1896474: HTTPS redirect happens even if there is a more specific http-only route

[miheer]

Bug 2002205 - HTTPS redirect happens even if there is a more specific http-only route

Let's say we have 2 routes like this:

• HTTP-only route for "myapp.apps.example.com" domain and "/mypath" path
• HTTPS-edge-redirect route for "myapp.apps.example.com" and no path

In such situation, redirect is sent for any query to "myapp.apps.example.com", including "myapp.apps.example.com/mypath", so the more specific path route is not taking precedence as expected.

[miheer]

/bugzilla refresh

[openshift-ci]

@miheer: No Bugzilla bug is referenced in the title of this pull request.
To reference a bug, add 'Bug XXX:' to the title of this pull request and request another bug refresh with /bugzilla refresh.

In response to this:

/bugzilla refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[miheer]

/bugzilla refresh

[openshift-ci]

@miheer: This pull request references Bugzilla bug 1896474, which is invalid:

• expected the bug to target the "4.10.0" release, but it targets "---" instead

Comment /bugzilla refresh to re-evaluate validity if changes to the Bugzilla bug are made, or edit the title of this pull request to link to a different bug.

In response to this:

Bug 1896474: HTTPS redirect happens even if there is a more specific http-only route

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[openshift-ci]

@miheer: This pull request references Bugzilla bug 1896474, which is invalid:

• expected the bug to target the "4.10.0" release, but it targets "---" instead

Comment /bugzilla refresh to re-evaluate validity if changes to the Bugzilla bug are made, or edit the title of this pull request to link to a different bug.

In response to this:

/bugzilla refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[miheer]

/bugzilla refresh

[openshift-ci]

@miheer: This pull request references Bugzilla bug 1896474, which is valid. The bug has been moved to the POST state. The bug has been updated to refer to the pull request using the external bug tracker.

3 validation(s) were run on this bug

• bug is open, matching expected state (open)
• bug target release (4.10.0) matches configured target release for branch (4.10.0)
• bug is in the state NEW, which is one of the valid states (NEW, ASSIGNED, ON_DEV, POST, POST)

Requesting review from QA contact:
/cc @quarterpin

In response to this:

/bugzilla refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[miheer]

I am still working on to fix the unit test as the following is failing ->

=== RUN TestGenerateHAProxyMap
template_helper_test.go:503: TestGenerateHAProxyMap os_route_http_redirect.map error: sorted data ^zzz-production.wildcard.test.?(:[0-9]+)?(/.*)?$ 1 at index 0 did not match suffix expectation test:api-route
--- FAIL: TestGenerateHAProxyMap (0.00s)
FAIL
FAIL github.com/openshift/router/pkg/router/template 0.008s
testing: warning: no tests to run

[miheer]

/retest

[Miciah]

Why include the key and not the value as we discussed?

[Miciah]

Please fix the formatting issue with the } at the end of the line, consider using switch, and reduce code duplication.

[melvinjoseph86]

/bugzilla cc-qa

[openshift-ci]

@melvinjoseph86: This pull request references Bugzilla bug 1896474, which is valid.

3 validation(s) were run on this bug

• bug is open, matching expected state (open)
• bug target release (4.10.0) matches configured target release for branch (4.10.0)
• bug is in the state POST, which is one of the valid states (NEW, ASSIGNED, ON_DEV, POST, POST)

No GitHub users were found matching the public email listed for the QA contact in Bugzilla (mjoseph@redhat.com), skipping review request.

In response to this:

/bugzilla cc-qa

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[melvinjoseph86]

/lgtm
/label qe-approved

Verified via pre-merge verification workflow, more references related to the test can be found in:
https://bugzilla.redhat.com/show_bug.cgi?id=1896474#c13

[Miciah]

This can be simplified:

Suggested change

	Key: templateutil.GenerateRouteRegexp(cfg.Host, cfg.Path, cfg.IsWildcard),
	}
	switch cfg.InsecurePolicy {
	case routev1.InsecureEdgeTerminationPolicyRedirect:
	haproxyMapEntry.Value = "1"
	return haproxyMapEntry
	default:
	haproxyMapEntry.Value = "0"
	return haproxyMapEntry
	}
	Key: templateutil.GenerateRouteRegexp(cfg.Host, cfg.Path, cfg.IsWildcard),
	Value: "0",
	}
	switch cfg.InsecurePolicy {
	case routev1.InsecureEdgeTerminationPolicyRedirect:
	haproxyMapEntry.Value = "1"
	}
	return haproxyMapEntry

[melvinjoseph86]

/retest

[melvinjoseph86]

/retest-required

[melvinjoseph86]

/retest-required

[melvinjoseph86]

/lgtm
/label qe-approved

Verified via pre-merge verification workflow, more references related to the test can be found in:
https://bugzilla.redhat.com/show_bug.cgi?id=1896474#c15

[miheer]

@Miciah PTAL. Can you please approve ?

[Miciah]

Thanks!
/approve

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: melvinjoseph86, Miciah, miheer

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [Miciah]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci]

@miheer: All pull requests linked via external trackers have merged:

• openshift/router#343

Bugzilla bug 1896474 has been moved to the MODIFIED state.

In response to this:

Bug 1896474: HTTPS redirect happens even if there is a more specific http-only route

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[melvinjoseph86]

/bugzilla refresh

[openshift-ci]

@melvinjoseph86: Bugzilla bug 1896474 is in an unrecognized state (ON_QA) and will not be moved to the MODIFIED state.

In response to this:

/bugzilla refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[miheer]

/cherry-pick release-4.9

[openshift-cherrypick-robot]

@miheer: new pull request created: #367

In response to this:

/cherry-pick release-4.9

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.