increase counter and add retries to jwks and mtls ingress tests (#3861)

nginxinc · May 4, 2023 · 85a353a · 85a353a
1 parent a79415e
commit 85a353a
Show file tree

Hide file tree

Showing 3 changed files with 79 additions and 50 deletions.
diff --git a/tests/suite/test_ingress_mtls.py b/tests/suite/test_ingress_mtls.py
@@ -145,13 +145,21 @@ def test_ingress_mtls_policy(
             virtual_server_setup.namespace,
         )
         wait_before_test()
-        resp = session.get(
-            virtual_server_setup.backend_1_url_ssl,
-            cert=(crt, key),
-            headers={"host": virtual_server_setup.vs_host},
-            allow_redirects=False,
-            verify=False,
-        )
+        resp = mock.Mock()
+        resp.status_code == 502
+        counter = 0
+
+        while resp.status_code != expected_code and counter < 10:
+            resp = session.get(
+                virtual_server_setup.backend_1_url_ssl,
+                cert=(crt, key),
+                headers={"host": virtual_server_setup.vs_host},
+                allow_redirects=False,
+                verify=False,
+            )
+            wait_before_test()
+            counter += 1
+
         vs_res = read_vs(kube_apis.custom_objects, test_namespace, virtual_server_setup.vs_name)
         teardown_policy(kube_apis, test_namespace, tls_secret, pol_name, mtls_secret)
 
@@ -208,21 +216,28 @@ def test_ingress_mtls_policy_cert(
         )
         wait_before_test()
         ssl_exception = ""
-        resp = ""
-        try:
-            resp = session.get(
-                virtual_server_setup.backend_1_url_ssl,
-                cert=certificate,
-                headers={"host": virtual_server_setup.vs_host},
-                allow_redirects=False,
-                verify=False,
-            )
-        except requests.exceptions.SSLError as e:
-            print(f"SSL certificate exception: {e}")
-            ssl_exception = str(e)
-            resp = mock.Mock()
-            resp.status_code = "None"
-            resp.text = "None"
+        resp = mock.Mock()
+        resp.status_code == 502
+        counter = 0
+
+        while resp.status_code != expected_code and counter < 10:
+            try:
+                resp = session.get(
+                    virtual_server_setup.backend_1_url_ssl,
+                    cert=certificate,
+                    headers={"host": virtual_server_setup.vs_host},
+                    allow_redirects=False,
+                    verify=False,
+                )
+                wait_before_test()
+                counter += 1
+
+            except requests.exceptions.SSLError as e:
+                print(f"SSL certificate exception: {e}")
+                ssl_exception = str(e)
+                resp = mock.Mock()
+                resp.status_code = "None"
+                resp.text = "None"
 
         teardown_policy(kube_apis, test_namespace, tls_secret, pol_name, mtls_secret)
 
@@ -267,7 +282,7 @@ def test_ingress_mtls_policy_cert(
             ),
         ],
     )
-    def test_ingress_mtls_polciy_crl(
+    def test_ingress_mtls_policy_crl(
         self,
         kube_apis,
         crd_ingress_controller,
@@ -297,13 +312,21 @@ def test_ingress_mtls_polciy_crl(
             virtual_server_setup.namespace,
         )
         wait_before_test()
-        resp = session.get(
-            virtual_server_setup.backend_1_url_ssl,
-            cert=(crt_not_revoked, key_not_revoked),
-            headers={"host": virtual_server_setup.vs_host},
-            allow_redirects=False,
-            verify=False,
-        )
+        resp = mock.Mock()
+        resp.status_code == 502
+        counter = 0
+
+        while resp.status_code != expected_code and counter < 10:
+            resp = session.get(
+                virtual_server_setup.backend_1_url_ssl,
+                cert=(crt_not_revoked, key_not_revoked),
+                headers={"host": virtual_server_setup.vs_host},
+                allow_redirects=False,
+                verify=False,
+            )
+            wait_before_test()
+            counter += 1
+
         vs_res = read_vs(kube_apis.custom_objects, test_namespace, virtual_server_setup.vs_name)
         teardown_policy(kube_apis, test_namespace, tls_secret, pol_name, mtls_secret)
 
@@ -360,21 +383,27 @@ def test_ingress_mtls_policy_cert_crl(
         )
         wait_before_test()
         ssl_exception = ""
-        resp = ""
-        try:
-            resp = session.get(
-                virtual_server_setup.backend_1_url_ssl,
-                cert=certificate,
-                headers={"host": virtual_server_setup.vs_host},
-                allow_redirects=False,
-                verify=False,
-            )
-        except requests.exceptions.SSLError as e:
-            print(f"SSL certificate exception: {e}")
-            ssl_exception = str(e)
-            resp = mock.Mock()
-            resp.status_code = "None"
-            resp.text = "None"
+        resp = mock.Mock()
+        resp.status_code == 502
+        counter = 0
+
+        while resp.status_code != expected_code and counter < 10:
+            try:
+                resp = session.get(
+                    virtual_server_setup.backend_1_url_ssl,
+                    cert=certificate,
+                    headers={"host": virtual_server_setup.vs_host},
+                    allow_redirects=False,
+                    verify=False,
+                )
+                wait_before_test()
+                counter += 1
+            except requests.exceptions.SSLError as e:
+                print(f"SSL certificate exception: {e}")
+                ssl_exception = str(e)
+                resp = mock.Mock()
+                resp.status_code = "None"
+                resp.text = "None"
 
         teardown_policy(kube_apis, test_namespace, tls_secret, pol_name, mtls_secret)
 

diff --git a/tests/suite/test_jwt_policies_jwksuri.py b/tests/suite/test_jwt_policies_jwksuri.py
@@ -111,7 +111,7 @@ def test_jwt_policy_jwksuri(
         resp_no_token.status_code == 502
         counter = 0
 
-        while resp_no_token.status_code != 401 and counter < 10:
+        while resp_no_token.status_code != 401 and counter < 20:
             resp_no_token = requests.get(
                 virtual_server_setup.backend_1_url,
                 headers={"host": virtual_server_setup.vs_host},
@@ -230,7 +230,7 @@ def test_jwt_policy_subroute_jwksuri(
         resp_no_token.status_code == 502
         counter = 0
 
-        while resp_no_token.status_code != 401 and counter < 10:
+        while resp_no_token.status_code != 401 and counter < 20:
             resp_no_token = requests.get(
                 virtual_server_setup.backend_1_url + "/subpath1",
                 headers={"host": virtual_server_setup.vs_host},
@@ -304,7 +304,7 @@ def test_jwt_policy_subroute_jwksuri_multiple_vs(
         resp_2_no_token.status_code == 502
         counter = 0
 
-        while resp_1_no_token.status_code != 401 and counter < 10:
+        while resp_1_no_token.status_code != 401 and counter < 20:
             resp_1_no_token = requests.get(
                 virtual_server_setup.backend_1_url + "/subpath1",
                 headers={"host": virtual_server_setup.vs_host},
@@ -314,7 +314,7 @@ def test_jwt_policy_subroute_jwksuri_multiple_vs(
 
         counter = 0
 
-        while resp_2_no_token.status_code != 401 and counter < 10:
+        while resp_2_no_token.status_code != 401 and counter < 20:
             resp_2_no_token = requests.get(
                 virtual_server_setup.backend_1_url + "/subpath1",
                 headers={"host": "virtual-server-2.example.com"},

diff --git a/tests/suite/test_jwt_policies_jwksuri_vsr.py b/tests/suite/test_jwt_policies_jwksuri_vsr.py
@@ -101,7 +101,7 @@ def test_jwt_policy_jwksuri(
         resp_no_token.status_code == 502
         counter = 0
 
-        while resp_no_token.status_code != 401 and counter < 10:
+        while resp_no_token.status_code != 401 and counter < 20:
             resp_no_token = requests.get(
                 f"{req_url}{v_s_route_setup.route_m.paths[0]}",
                 headers={"host": v_s_route_setup.vs_host},