Merge remote-tracking branch 'sap/max-retries-configurable-spec' into…

… develop

jobs/gorouter/spec

@@ -157,6 +157,12 @@ properties:
   router.only_trust_client_ca_certs:
     description: "When router.only_trust_client_ca_certs is true, router.client_ca_certs are the only trusted CA certs for client requests. When router.only_trust_client_ca_certs is false, router.client_ca_certs are trusted in addition to router.ca_certs and the CA certificates installed on the filesystem. This will have no affect if the `router.client_cert_validation` property is set to none."
     default: false
+  router.backends.max_attempts:
+    description: |
+      Maximum number of attempts on failing requests against backend routes.
+      This includes CF apps and route-registrar endpoints.
+      A value of 0 implies indefinite retries, i.e. retry until success or endpoint list is exhausted.
+    default: 3
   router.backends.cert_chain:
     description: Certificate chain used for client authentication to TLS-registered backends.  In PEM format.
   router.backends.private_key:
@@ -186,6 +192,11 @@ properties:
         Values will be base64 encoded PEM. Use this value when Gorouter is the first component to terminate TLS.
         Requires `client_cert_validation: request` or `require`.
     default: always_forward
+  router.route_services.max_attempts:
+    description: |
+      Maximum number of attempts on failing requests against route service URLs.
+      The minimum value for this setting is 1. This prevents gorouter from getting blocked by indefinite retries.
+    default: 3
   router.route_services.cert_chain:
     description: Certificate chain used for client authentication to TLS-registered route services.  In PEM format.
   router.route_services.private_key:

jobs/gorouter/templates/gorouter.yml.erb

@@ -227,7 +227,15 @@ if (backend_cert_chain != '') ^ (backend_private_key != '')
   raise 'backends.cert_chain and backends.private_key must be both provided or not at all'
 end
 
+backend_attempts = 3
+if_p('router.backends.max_attempts') { |val| backend_attempts = val }
+
+if (backend_attempts < 0 )
+  raise 'router.backends.max_attempts cannot be negative'
+end
+
 backends = {
+  'max_attempts' => backend_attempts,
   'max_conns' => p('router.backends.max_conns'),
   'cert_chain' => backend_cert_chain,
   'private_key' => backend_private_key,
@@ -244,7 +252,15 @@ if (route_services_cert_chain != '') ^ (route_services_private_key != '')
   raise 'route_services.cert_chain and route_services.private_key must be both provided or not at all'
 end
 
+route_service_attempts = 3
+if_p('router.route_services.max_attempts') { |val| route_service_attempts = val }
+
+if (route_service_attempts < 1 )
+  raise 'router.route_services.max_attempts must maintain a minimum value of 1'
+end
+
 route_services = {
+  'max_attempts' => route_service_attempts,
   'cert_chain' => route_services_cert_chain,
   'private_key' => route_services_private_key,
 }

spec/gorouter_templates_spec.rb

@@ -177,11 +177,13 @@
           'max_idle_connections' => 100,
           'keep_alive_probe_interval' => '1s',
           'backends' => {
+            'max_attempts' => 3,
             'max_conns' => 100,
             'cert_chain' => TEST_CERT,
             'private_key' => TEST_KEY
           },
           'route_services' => {
+            'max_attempts' => 3,
             'cert_chain' => ROUTE_SERVICES_CLIENT_TEST_CERT,
             'private_key' => ROUTE_SERVICES_CLIENT_TEST_KEY
           },
@@ -518,6 +520,27 @@
       end
 
       describe 'route_services' do
+        context 'when max_attempts is set correctly' do
+          it 'should configure the property' do
+            expect(parsed_yaml['route_services']['max_attempts']).to eq(3)
+          end
+        end
+        context 'when max_attempts is set to 0' do
+          before do
+            deployment_manifest_fragment['router']['route_services']['max_attempts'] = 0
+          end
+          it 'should error' do
+            expect { raise parsed_yaml }.to raise_error(RuntimeError, 'router.route_services.max_attempts must maintain a minimum value of 1')
+          end
+        end
+        context 'when max_attempts is negative' do
+          before do
+            deployment_manifest_fragment['router']['route_services']['max_attempts'] = -1
+          end
+          it 'should error' do
+            expect { raise parsed_yaml }.to raise_error(RuntimeError, 'router.route_services.max_attempts must maintain a minimum value of 1')
+          end
+        end
         context 'when both cert_chain and private_key are provided' do
           it 'should configure the property' do
             expect(parsed_yaml['route_services']['cert_chain']).to eq(ROUTE_SERVICES_CLIENT_TEST_CERT)
@@ -553,6 +576,27 @@
       end
 
       describe 'backends' do
+        context 'when max_attempts is set correctly' do
+          it 'should configure the property' do
+            expect(parsed_yaml['backends']['max_attempts']).to eq(3)
+          end
+        end
+        context 'when max_attempts is set to 0' do
+          before do
+            deployment_manifest_fragment['router']['backends']['max_attempts'] = 0
+          end
+          it 'should configure the property with indefinite retries' do
+            expect(parsed_yaml['backends']['max_attempts']).to eq(0)
+          end
+        end
+        context 'when max_attempts is negative' do
+          before do
+            deployment_manifest_fragment['router']['backends']['max_attempts'] = -1
+          end
+          it 'should error' do
+            expect { raise parsed_yaml }.to raise_error(RuntimeError, 'router.backends.max_attempts cannot be negative')
+          end
+        end
         context 'when both cert_chain and private_key are provided' do
           it 'should configure the property' do
             expect(parsed_yaml['backends']['cert_chain']).to eq(TEST_CERT)