-
Notifications
You must be signed in to change notification settings - Fork 38.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
proxy e2e test improvements #10070
proxy e2e test improvements #10070
Conversation
GCE e2e build/test failed for commit 748438b0acb88804129b84cdf14b9ad72165a86c. |
GCE e2e build/test failed for commit e9ff9f277989e71c127e59e2cc222049f16faacd. |
@k8s-bot ok to test |
@lavalamp why does the e2e fail? |
GCE e2e build/test failed for commit e9ff9f277989e71c127e59e2cc222049f16faacd. |
e2e fails because this is broken :) Let's see if it's fixed now. |
OK, I think the test is diagnosing our system as being wrong. We probably shouldn't submit until I get a fix. |
GCE e2e build/test failed for commit 33a7e5a445fc609f58ccfbb9ab1d4f1bffd59035. |
GCE e2e build/test failed for commit 55152797448666ff745fdddad898c28335c6e1d5. |
Sorry I did not get a chance to update this. I still think it's the system that's broken, not the test. |
GCE e2e build/test failed for commit a3ebdfda4e25c89fb597251446abbbfc95ba0014. |
@stephenR In the "Make UI work through kubectl proxy (again)" commit, I'm allowing traffic to more paths in the apiserver. Do you see any security issue with this? |
GCE e2e build/test failed for commit 773a754efaa245b5743084552e51f7c0586faded. |
@lavalamp Is this ready to review? If so, @satnam6502 can you review this today, since it's for a v1.0 issue? |
@@ -33,7 +33,7 @@ const prefix = "SERVE_PORT_" | |||
|
|||
func main() { | |||
for _, vk := range os.Environ() { | |||
parts := strings.Split(vk, "=") | |||
parts := strings.SplitN(vk, "=", 2) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I find it useful to have a comment or example for the use of things like SplitN
to help others understand what is going on.
GCE e2e build/test failed for commit 859b7d2d482dea34f444609d796cfc93cb3605df. |
GCE e2e build/test failed for commit 56528a59d8eff40bf06384816cd91178ce8e808e. |
Are you ready for me to PTAL? |
I don't have a good overview of what paths become available through this, but since POST requests are blocked anyway, this should be fine. An issue would be if there are any state changing endpoints in the new paths that can be triggered via a GET request, similar to the /api/*/{exec,run} handlers. |
@stephenR The UI is read only at the moment. Here's a list of top level paths. IMO we shouldn't have ANY state changing GET operations--that is like http 101--and we need to change the ones you mentioned.
But really I don't understand this mechanism of hiding mutating paths; I think people will just run without this filter because typically you're running this proxy because you want to do something. |
OK, final change-- I think this should make e2e pass. |
GCE e2e build/test failed for commit e90bcff0ca20601cd0415d7f82bd2420ae08cfff. |
OK. Final push. Should be ready to go now. PTAL |
GCE e2e build/test passed for commit 5eb5b4a. |
YAY IT PASSED |
@quinton-hoole @brendandburns I can haz LGTMs/ok-to-merge? |
LGTM |
I can take a look. |
LGTM |
I guess technically it still needs an LGTM from @brendandburns or @quinton-hoole |
I can take a look now. |
High level comment. This really is a lot of code to add so late before v1.0. Do we really need all of this right now? @lavalamp ? |
PS: Can someone with more context help to decide whether the milestone for this is
? |
@quinton-hoole a large majority of this is test code. The non-test code changes are either fixing bugs or adding logging. |
The test code here, had it been in, would have saved us grief in GKE recently. |
I agree, I think this is just an intermediate solution and in the end we'll have to think of a good way to do proper xsrf protection. |
OK, I won't bother doing a full forth code review after @davidopp @satnam6502 and @stephenR . Based on what I see it's relatively low risk, and high value. ok-to-merge |
This improves the proxy test to make multiple attempts. It also adds a URL rewriting check, which should verify that the correct stack of transports is being used.
It also fixes
kubectl proxy
to allow traffic to the ui again.