AuthPolicy section targeting tests by fabikova · Pull Request #702 · Kuadrant/testsuite

fabikova · 2025-07-08T09:33:53Z

Verifies that AuthPolicy applies only to specific HTTPRoute path (/get) when sectionName is set to api and CEL condition restricts application to that path. Unauthenticated access to /anything is allowed, while /get requires a valid token.

azgabur

After few changes this test will nicely check for AuthPolicy targeting section name in HttpRoute. Next PR can add test for AuthPolicy targeting sec. name in Gateway. And next PR's for other Policies in same way

Signed-off-by: Martina Fabikova <mfabikov@redhat.com>

The test creates a Gateway with two listeners (one secure, one public) and two separate HTTPRoute resources to provide an unambiguous configuration for the gateway controller. It asserts that the policy only protects the targeted listener, while the other listener remains public and unaffected. Signed-off-by: Martina Fabikova <mfabikov@redhat.com>

azgabur

Overall nicely done

…hPolicy section targeting Signed-off-by: Martina Fabikova <mfabikov@redhat.com>

Signed-off-by: Martina Fabikova <mfabikov@redhat.com>

azgabur

Last review otherwise LGTM

…ther section name tests. Signed-off-by: Martina Fabikova <mfabikov@redhat.com>

Signed-off-by: Martina Fabikova <mfabikov@redhat.com>

averevki · 2025-08-28T10:34:40Z

/make kuadrant

github-actions · 2025-08-28T10:34:50Z

Test run has started (make kuadrant) and can be found here

averevki · 2025-09-05T10:58:09Z

/make kuadrant

github-actions · 2025-09-05T10:58:19Z

Test run has started (make kuadrant) and can be found here

averevki · 2025-09-23T11:17:11Z

/make kuadrant

github-actions · 2025-09-23T11:17:23Z

Test run has started (make kuadrant) and can be found here

fabikova requested review from averevki and azgabur July 8, 2025 09:33

fabikova mentioned this pull request Jul 8, 2025

Add section targeting tests for Auth, DNS and TLS policies #639

Closed

azgabur reviewed Jul 8, 2025

View reviewed changes

Comment thread ...e/tests/singlecluster/authorino/authorization/test_auth_policy_section_targeting_cel_rule.py Outdated

fabikova marked this pull request as ready for review July 15, 2025 14:43

fabikova force-pushed the section_name_targeting_tests branch 2 times, most recently from 344e8b7 to ab9febd Compare July 16, 2025 13:17

azgabur reviewed Jul 17, 2025

View reviewed changes

fabikova force-pushed the section_name_targeting_tests branch 3 times, most recently from 22ce4e7 to 2ee518b Compare July 22, 2025 09:26

fabikova requested a review from azgabur July 22, 2025 09:29

fabikova force-pushed the section_name_targeting_tests branch from 2ee518b to b326c5d Compare July 22, 2025 09:46

fabikova added 2 commits July 22, 2025 11:48

test(authpolicy): HTTPRoute section targeting

c64fff9

Signed-off-by: Martina Fabikova <mfabikov@redhat.com>

fabikova force-pushed the section_name_targeting_tests branch from b326c5d to 1ce25a2 Compare July 22, 2025 09:49

azgabur reviewed Jul 23, 2025

View reviewed changes

Refactor test names and remove unused TLS/DNS policy fixtures for Aut…

b2eb9e5

…hPolicy section targeting Signed-off-by: Martina Fabikova <mfabikov@redhat.com>

fabikova force-pushed the section_name_targeting_tests branch from 95f1301 to b2eb9e5 Compare July 24, 2025 09:43

fabikova changed the title ~~adds AuthPolicy Section Targeting Test using CEL predicate.~~ AuthPolicy Section Targeting Test Jul 24, 2025

fabikova changed the title ~~AuthPolicy Section Targeting Test~~ AuthPolicy section targeting tests Jul 24, 2025

azgabur reviewed Aug 5, 2025

View reviewed changes

Refactors the test file based on code review feedback.

02b418a

Signed-off-by: Martina Fabikova <mfabikov@redhat.com>

azgabur reviewed Aug 12, 2025

View reviewed changes

azgabur mentioned this pull request Aug 12, 2025

TLSpolicy section targeting test #715

Merged

fabikova force-pushed the section_name_targeting_tests branch 2 times, most recently from 79e59c9 to bc7a2e0 Compare August 14, 2025 11:57

azgabur reviewed Aug 14, 2025

View reviewed changes

Comment thread testsuite/tests/singlecluster/gateway/authpolicy/test_authpolicy_section_targeting_gateway.py Outdated

Comment thread testsuite/tests/singlecluster/gateway/authpolicy/test_authpolicy_section_targeting_gateway.py

averevki reviewed Aug 15, 2025

View reviewed changes

Comment thread .../tests/singlecluster/authorino/authorization/test_authpolicy_section_targeting_http_route.py

Refactors the test file based on code review feedback to unify with o…

11fa839

…ther section name tests. Signed-off-by: Martina Fabikova <mfabikov@redhat.com>

fabikova force-pushed the section_name_targeting_tests branch from bc7a2e0 to 11fa839 Compare August 18, 2025 09:06

Located the AuthPolicy tests together.

354af1e

Signed-off-by: Martina Fabikova <mfabikov@redhat.com>

Kuadrant deleted a comment from github-actions Bot Sep 5, 2025

averevki approved these changes Sep 23, 2025

View reviewed changes

azgabur approved these changes Sep 23, 2025

View reviewed changes

azgabur merged commit 8fc102b into Kuadrant:main Sep 23, 2025
3 checks passed

Conversation

fabikova commented Jul 8, 2025

Uh oh!

Uh oh!

azgabur left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

azgabur left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

azgabur left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

Uh oh!

averevki commented Aug 28, 2025

Uh oh!

github-actions Bot commented Aug 28, 2025

Uh oh!

averevki commented Sep 5, 2025

Uh oh!

github-actions Bot commented Sep 5, 2025

Uh oh!

averevki commented Sep 23, 2025

Uh oh!

github-actions Bot commented Sep 23, 2025

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants