-
Notifications
You must be signed in to change notification settings - Fork 164
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Per container ingress network override #480
Changes from 7 commits
1ce5de7
24aa6bf
966a28a
b34dca8
13cb05c
e653ba7
2501f38
abb36fc
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -138,6 +138,52 @@ func TestServices_ManualIngressNetwork(t *testing.T) { | |
}, expectedCaddyfile, expectedLogs) | ||
} | ||
|
||
func TestServices_OverrideIngressNetwork(t *testing.T) { | ||
dockerClient := createBasicDockerClientMock() | ||
dockerClient.NetworksData = []types.NetworkResource{ | ||
{ | ||
ID: "other-network-id", | ||
Name: "other-network-name", | ||
}, | ||
{ | ||
ID: "another-network-id", | ||
Name: "another-network-name", | ||
}, | ||
} | ||
dockerClient.ServicesData = []swarm.Service{ | ||
{ | ||
ID: "SERVICE-ID", | ||
Spec: swarm.ServiceSpec{ | ||
Annotations: swarm.Annotations{ | ||
Name: "service", | ||
Labels: map[string]string{ | ||
"caddy_ingress_network": "another-network", | ||
fmtLabel("%s"): "service.testdomain.com", | ||
fmtLabel("%s.reverse_proxy"): "{{upstreams}}", | ||
}, | ||
}, | ||
}, | ||
Endpoint: swarm.Endpoint{ | ||
VirtualIPs: []swarm.EndpointVirtualIP{ | ||
{ | ||
NetworkID: "other-network-id", | ||
}, | ||
}, | ||
}, | ||
}, | ||
} | ||
|
||
const expectedCaddyfile = "service.testdomain.com {\n" + | ||
" reverse_proxy service\n" + | ||
"}\n" | ||
|
||
const expectedLogs = otherIngressNetworksMapLog + swarmIsAvailableLog | ||
|
||
testGeneration(t, dockerClient, func(options *config.Options) { | ||
options.IngressNetworks = []string{"other-network-name"} | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. You're right, this test is not meaningful as it is right now.
This will swap the behavior to IPs, and then adjust the There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Ah, I see. If I understand correctly, I should use There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. No need |
||
}, expectedCaddyfile, expectedLogs) | ||
} | ||
|
||
func TestServices_SwarmDisabled(t *testing.T) { | ||
dockerClient := createBasicDockerClientMock() | ||
dockerClient.ServicesData = []swarm.Service{ | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There might be a simpler way to express this logic, but I believe the
caddy_ingress_network
label needs to be a complete override of the allowed networks. Otherwise, we could still return IPs from another network?There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah, that makes sense, can you please let param
ingress
overrule everything else? Basically, there is a place that calls this function to get all IPs, not only IPs for ingress.Maybe doing an
if !ingress
beforeif overrideNetwork
Feel free to rename the ingress param as well to something more clear, maybe
forIngress
oronlyIngressIps
.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Will go with
onlyIngressIps