Merge branch 'master' into tests/add-aws

build/Dockerfile

@@ -21,7 +21,9 @@ RUN apt-get update \
 # docker.io/library/nginx is a temporary workaround for Dependabot to see this as different from the one used in Debian
 FROM docker.io/library/nginx:1.21.6-alpine AS alpine
 
-RUN apk add --no-cache libcap
+RUN apk add --no-cache libcap \
+    # Temp fix for CVE-2022-23308
+    && apk add --no-cache libxml2~2.9.13-r0
 
 
 ############################################# Base image for Alpine with NGINX Plus #############################################
@@ -32,7 +34,9 @@ RUN --mount=type=secret,id=nginx-repo.crt,dst=/etc/apk/cert.pem,mode=0644 \
 	--mount=type=secret,id=nginx-repo.key,dst=/etc/apk/cert.key,mode=0644 \
 	wget -nv -O /etc/apk/keys/nginx_signing.rsa.pub https://cs.nginx.com/static/keys/nginx_signing.rsa.pub \
 	&& printf "%s\n" "https://pkgs.nginx.com/plus/alpine/v$(grep -E -o '^[0-9]+\.[0-9]+' /etc/alpine-release)/main" >> /etc/apk/repositories \
-	&& apk add --no-cache libcap nginx-plus~${NGINX_PLUS_VERSION#r} nginx-plus-module-njs~${NGINX_PLUS_VERSION#r}
+	&& apk add --no-cache libcap nginx-plus~${NGINX_PLUS_VERSION#r} nginx-plus-module-njs~${NGINX_PLUS_VERSION#r} \
+	# Temp fix for CVE-2022-23308
+    && apk add --no-cache libxml2~2.9.13-r0
 
 
 ############################################# Base image for Debian with NGINX Plus #############################################

internal/configs/annotations_test.go

@@ -7,6 +7,7 @@ import (
 )
 
 func TestParseRewrites(t *testing.T) {
+	t.Parallel()
 	serviceName := "coffee-svc"
 	serviceNamePart := "serviceName=" + serviceName
 	rewritePath := "/beans/"
@@ -20,6 +21,7 @@ func TestParseRewrites(t *testing.T) {
 }
 
 func TestParseRewritesWithLeadingAndTrailingWhitespace(t *testing.T) {
+	t.Parallel()
 	serviceName := "coffee-svc"
 	serviceNamePart := "serviceName=" + serviceName
 	rewritePath := "/beans/"
@@ -33,6 +35,7 @@ func TestParseRewritesWithLeadingAndTrailingWhitespace(t *testing.T) {
 }
 
 func TestParseRewritesInvalidFormat(t *testing.T) {
+	t.Parallel()
 	rewriteService := "serviceNamecoffee-svc rewrite=/"
 
 	_, _, err := parseRewrites(rewriteService)
@@ -42,6 +45,7 @@ func TestParseRewritesInvalidFormat(t *testing.T) {
 }
 
 func TestParseStickyService(t *testing.T) {
+	t.Parallel()
 	serviceName := "coffee-svc"
 	serviceNamePart := "serviceName=" + serviceName
 	stickyCookie := "srv_id expires=1h domain=.example.com path=/"
@@ -54,6 +58,7 @@ func TestParseStickyService(t *testing.T) {
 }
 
 func TestParseStickyServiceInvalidFormat(t *testing.T) {
+	t.Parallel()
 	stickyService := "serviceNamecoffee-svc srv_id expires=1h domain=.example.com path=/"
 
 	_, _, err := parseStickyService(stickyService)
@@ -63,6 +68,7 @@ func TestParseStickyServiceInvalidFormat(t *testing.T) {
 }
 
 func TestFilterMasterAnnotations(t *testing.T) {
+	t.Parallel()
 	masterAnnotations := map[string]string{
 		"nginx.org/rewrites":                "serviceName=service1 rewrite=rewrite1",
 		"nginx.org/ssl-services":            "service1",
@@ -94,6 +100,7 @@ func TestFilterMasterAnnotations(t *testing.T) {
 }
 
 func TestFilterMinionAnnotations(t *testing.T) {
+	t.Parallel()
 	minionAnnotations := map[string]string{
 		"nginx.org/rewrites":                "serviceName=service1 rewrite=rewrite1",
 		"nginx.org/ssl-services":            "service1",
@@ -125,6 +132,7 @@ func TestFilterMinionAnnotations(t *testing.T) {
 }
 
 func TestMergeMasterAnnotationsIntoMinion(t *testing.T) {
+	t.Parallel()
 	masterAnnotations := map[string]string{
 		"nginx.org/proxy-buffering":       "True",
 		"nginx.org/proxy-buffers":         "2",

internal/configs/config_params_test.go

@@ -3,6 +3,7 @@ package configs
 import "testing"
 
 func TestNewDefaultConfigParamsUpstreamZoneSize(t *testing.T) {
+	t.Parallel()
 	tests := []struct {
 		isPlus   bool
 		expected string

internal/configs/configmaps_test.go

@@ -7,6 +7,7 @@ import (
 )
 
 func TestParseConfigMapWithAppProtectCompressedRequestsAction(t *testing.T) {
+	t.Parallel()
 	tests := []struct {
 		action string
 		expect string

internal/configs/configurator_test.go

@@ -76,6 +76,7 @@ func createTestConfiguratorInvalidIngressTemplate() (*Configurator, error) {
 }
 
 func TestAddOrUpdateIngress(t *testing.T) {
+	t.Parallel()
 	cnf, err := createTestConfigurator()
 	if err != nil {
 		t.Errorf("Failed to create a test configurator: %v", err)
@@ -98,6 +99,7 @@ func TestAddOrUpdateIngress(t *testing.T) {
 }
 
 func TestAddOrUpdateMergeableIngress(t *testing.T) {
+	t.Parallel()
 	cnf, err := createTestConfigurator()
 	if err != nil {
 		t.Errorf("Failed to create a test configurator: %v", err)
@@ -120,6 +122,7 @@ func TestAddOrUpdateMergeableIngress(t *testing.T) {
 }
 
 func TestAddOrUpdateIngressFailsWithInvalidIngressTemplate(t *testing.T) {
+	t.Parallel()
 	cnf, err := createTestConfiguratorInvalidIngressTemplate()
 	if err != nil {
 		t.Errorf("Failed to create a test configurator: %v", err)
@@ -137,6 +140,7 @@ func TestAddOrUpdateIngressFailsWithInvalidIngressTemplate(t *testing.T) {
 }
 
 func TestAddOrUpdateMergeableIngressFailsWithInvalidIngressTemplate(t *testing.T) {
+	t.Parallel()
 	cnf, err := createTestConfiguratorInvalidIngressTemplate()
 	if err != nil {
 		t.Errorf("Failed to create a test configurator: %v", err)
@@ -154,6 +158,7 @@ func TestAddOrUpdateMergeableIngressFailsWithInvalidIngressTemplate(t *testing.T
 }
 
 func TestUpdateEndpoints(t *testing.T) {
+	t.Parallel()
 	cnf, err := createTestConfigurator()
 	if err != nil {
 		t.Errorf("Failed to create a test configurator: %v", err)
@@ -174,6 +179,7 @@ func TestUpdateEndpoints(t *testing.T) {
 }
 
 func TestUpdateEndpointsMergeableIngress(t *testing.T) {
+	t.Parallel()
 	cnf, err := createTestConfigurator()
 	if err != nil {
 		t.Errorf("Failed to create a test configurator: %v", err)
@@ -194,6 +200,7 @@ func TestUpdateEndpointsMergeableIngress(t *testing.T) {
 }
 
 func TestUpdateEndpointsFailsWithInvalidTemplate(t *testing.T) {
+	t.Parallel()
 	cnf, err := createTestConfiguratorInvalidIngressTemplate()
 	if err != nil {
 		t.Errorf("Failed to create a test configurator: %v", err)
@@ -209,6 +216,7 @@ func TestUpdateEndpointsFailsWithInvalidTemplate(t *testing.T) {
 }
 
 func TestUpdateEndpointsMergeableIngressFailsWithInvalidTemplate(t *testing.T) {
+	t.Parallel()
 	cnf, err := createTestConfiguratorInvalidIngressTemplate()
 	if err != nil {
 		t.Errorf("Failed to create a test configurator: %v", err)
@@ -224,6 +232,7 @@ func TestUpdateEndpointsMergeableIngressFailsWithInvalidTemplate(t *testing.T) {
 }
 
 func TestGetVirtualServerConfigFileName(t *testing.T) {
+	t.Parallel()
 	vs := conf_v1.VirtualServer{
 		ObjectMeta: meta_v1.ObjectMeta{
 			Namespace: "test",
@@ -240,6 +249,7 @@ func TestGetVirtualServerConfigFileName(t *testing.T) {
 }
 
 func TestGetFileNameForVirtualServerFromKey(t *testing.T) {
+	t.Parallel()
 	key := "default/cafe"
 
 	expected := "vs_default_cafe"
@@ -251,6 +261,7 @@ func TestGetFileNameForVirtualServerFromKey(t *testing.T) {
 }
 
 func TestGetFileNameForTransportServer(t *testing.T) {
+	t.Parallel()
 	transportServer := &conf_v1alpha1.TransportServer{
 		ObjectMeta: meta_v1.ObjectMeta{
 			Namespace: "default",
@@ -267,6 +278,7 @@ func TestGetFileNameForTransportServer(t *testing.T) {
 }
 
 func TestGetFileNameForTransportServerFromKey(t *testing.T) {
+	t.Parallel()
 	key := "default/test-server"
 
 	expected := "ts_default_test-server"
@@ -278,6 +290,7 @@ func TestGetFileNameForTransportServerFromKey(t *testing.T) {
 }
 
 func TestGenerateNamespaceNameKey(t *testing.T) {
+	t.Parallel()
 	objectMeta := &meta_v1.ObjectMeta{
 		Namespace: "default",
 		Name:      "test-server",
@@ -292,6 +305,7 @@ func TestGenerateNamespaceNameKey(t *testing.T) {
 }
 
 func TestGenerateTLSPassthroughHostsConfig(t *testing.T) {
+	t.Parallel()
 	tlsPassthroughPairs := map[string]tlsPassthroughPair{
 		"default/ts-1": {
 			Host:       "one.example.com",
@@ -315,6 +329,7 @@ func TestGenerateTLSPassthroughHostsConfig(t *testing.T) {
 }
 
 func TestAddInternalRouteConfig(t *testing.T) {
+	t.Parallel()
 	cnf, err := createTestConfigurator()
 	if err != nil {
 		t.Errorf("Failed to create a test configurator: %v", err)
@@ -338,6 +353,7 @@ func TestAddInternalRouteConfig(t *testing.T) {
 }
 
 func TestFindRemovedKeys(t *testing.T) {
+	t.Parallel()
 	tests := []struct {
 		currentKeys []string
 		newKeys     map[string]bool
@@ -702,6 +718,7 @@ func TestUpdateIngressMetricsLabels(t *testing.T) {
 }
 
 func TestUpdateVirtualServerMetricsLabels(t *testing.T) {
+	t.Parallel()
 	cnf, err := createTestConfigurator()
 	if err != nil {
 		t.Fatalf("Failed to create a test configurator: %v", err)
@@ -871,6 +888,7 @@ func TestUpdateVirtualServerMetricsLabels(t *testing.T) {
 }
 
 func TestUpdateTransportServerMetricsLabels(t *testing.T) {
+	t.Parallel()
 	cnf, err := createTestConfigurator()
 	if err != nil {
 		t.Fatalf("Failed to create a test configurator: %v", err)
@@ -1086,6 +1104,7 @@ func TestUpdateTransportServerMetricsLabels(t *testing.T) {
 }
 
 func TestUpdateApResources(t *testing.T) {
+	t.Parallel()
 	appProtectPolicy := &unstructured.Unstructured{
 		Object: map[string]interface{}{
 			"metadata": map[string]interface{}{
@@ -1182,6 +1201,7 @@ func TestUpdateApResources(t *testing.T) {
 }
 
 func TestUpdateApResourcesForVs(t *testing.T) {
+	t.Parallel()
 	apPolRefs := map[string]*unstructured.Unstructured{
 		"test-ns-1/test-name-1": {
 			Object: map[string]interface{}{

internal/configs/dos_test.go

@@ -10,6 +10,7 @@ import (
 )
 
 func TestUpdateApDosResource(t *testing.T) {
+	t.Parallel()
 	appProtectDosPolicy := &unstructured.Unstructured{
 		Object: map[string]interface{}{
 			"metadata": map[string]interface{}{