Add more tests for the API/model mapping

six-group · Jan 2, 2024 · fdad708 · fdad708
1 parent dc26c88
commit fdad708
Show file tree

Hide file tree

Showing 7 changed files with 275 additions and 9 deletions.
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -51,6 +51,7 @@ jobs:
           cache: false
       - uses: actions/checkout@v4
       - run: go run github.com/onsi/ginkgo/v2/ginkgo@v2.1.4 -r --randomize-all --randomize-suites --race --trace --fail-on-pending --keep-going --vet off --cover
+      - run: cat coverprofile.out | grep -v "zz_generated." > coverprofile.out.filtered
       - uses: shogo82148/actions-goveralls@v1
         with:
-          path-to-profile: coverprofile.out
+          path-to-profile: coverprofile.out.filtered
diff --git a/apis/config/v1alpha1/backend_types_test.go b/apis/config/v1alpha1/backend_types_test.go
@@ -1,6 +1,8 @@
 package v1alpha1_test
 
 import (
+	"fmt"
+	"k8s.io/utils/ptr"
 	"time"
 
 	parser "github.com/haproxytech/config-parser/v4"
@@ -194,7 +196,7 @@ var _ = Describe("Backend", Label("type"), func() {
 			Ω(backend.AddToParser(p)).ShouldNot(HaveOccurred())
 			Ω(p.String()).Should(ContainSubstring("cookie 098f6bcd4621d373cade4e832627b4f6 domain domain1 domain .openshift attr SameSite=None httponly indirect maxidle 120 maxlife 45 nocache postonly preserve rewrite secure\n"))
 		})
-		It("an error should appear for selecting more than one cookie mode", func() {
+		It("should return an error for selecting more than one cookie mode", func() {
 			backend := &configv1alpha1.Backend{
 				ObjectMeta: metav1.ObjectMeta{Name: "set_cookie"},
 				Spec: configv1alpha1.BackendSpec{
@@ -319,7 +321,7 @@ var _ = Describe("Backend", Label("type"), func() {
 			Ω(backend.AddToParser(p)).ShouldNot(HaveOccurred())
 			Ω(p.String()).Should(ContainSubstring("http-request redirect scheme https unless is_https\n"))
 		})
-		It("an error should appear for selecting more than one redirect type", func() {
+		It("should return an error for selecting more than one redirect type", func() {
 			backend := &configv1alpha1.Backend{
 				ObjectMeta: metav1.ObjectMeta{Name: "openshift_default"},
 				Spec: configv1alpha1.BackendSpec{
@@ -414,7 +416,7 @@ var _ = Describe("Backend", Label("type"), func() {
 			Ω(backend.AddToParser(p)).ShouldNot(HaveOccurred())
 			Ω(p.String()).Should(ContainSubstring("server server1 localhost:80 send-proxy-v2-ssl\n"))
 		})
-		It("an error should appear for selecting more than one proxy protocol", func() {
+		It("should return an error for selecting more than one proxy protocol", func() {
 			backend := &configv1alpha1.Backend{
 				ObjectMeta: metav1.ObjectMeta{Name: "openshift_default"},
 				Spec: configv1alpha1.BackendSpec{
@@ -533,5 +535,132 @@ var _ = Describe("Backend", Label("type"), func() {
 			}
 			Ω(backend.AddToParser(p)).Should(HaveOccurred())
 		})
+		It("should set timeouts", func() {
+			timeouts := map[string]metav1.Duration{
+				"check":           metav1.Duration{Duration: 5 * time.Second},
+				"connect":         metav1.Duration{Duration: 10 * time.Second},
+				"http-keep-alive": metav1.Duration{Duration: 15 * time.Second},
+				"http-request":    metav1.Duration{Duration: 20 * time.Second},
+				"queue":           metav1.Duration{Duration: 25 * time.Second},
+				"server":          metav1.Duration{Duration: 30 * time.Second},
+				"tunnel":          metav1.Duration{Duration: 35 * time.Second},
+			}
+
+			backend := &configv1alpha1.Backend{
+				ObjectMeta: metav1.ObjectMeta{Name: "foo"},
+				Spec: configv1alpha1.BackendSpec{
+					BaseSpec: configv1alpha1.BaseSpec{
+						Timeouts: timeouts,
+					},
+				},
+			}
+			Ω(backend.AddToParser(p)).ShouldNot(HaveOccurred())
+
+			for name, duration := range timeouts {
+				Ω(p.String()).Should(ContainSubstring(fmt.Sprintf("timeout %s %d\n", name, duration.Duration.Milliseconds())))
+			}
+		})
+		It("should not set invalid timeouts", func() {
+			timeouts := map[string]metav1.Duration{
+				"client":      metav1.Duration{Duration: 5 * time.Second},
+				"tunnel-idle": metav1.Duration{Duration: 10 * time.Second},
+			}
+
+			backend := &configv1alpha1.Backend{
+				ObjectMeta: metav1.ObjectMeta{Name: "foo"},
+				Spec: configv1alpha1.BackendSpec{
+					BaseSpec: configv1alpha1.BaseSpec{
+						Timeouts: timeouts,
+					},
+				},
+			}
+			Ω(backend.AddToParser(p)).Should(HaveOccurred())
+		})
+		It("should set server SSL config for server template", func() {
+			backend := &configv1alpha1.Backend{
+				ObjectMeta: metav1.ObjectMeta{Name: "foo"},
+				Spec: configv1alpha1.BackendSpec{
+					ServerTemplates: []configv1alpha1.ServerTemplate{
+						{
+							ServerParams: configv1alpha1.ServerParams{
+								SSL: &configv1alpha1.SSL{
+									Enabled:    true,
+									MinVersion: "TLSv1.3",
+									Verify:     "required",
+									CACertificate: &configv1alpha1.SSLCertificate{
+										Name: "my-ca",
+									},
+									Certificate: &configv1alpha1.SSLCertificate{
+										Name: "my-cert",
+									},
+									SNI:  "test.svc.cluster.local",
+									Alpn: []string{"h2", "http/1.1"},
+								},
+							},
+							FQDN:   "test.com",
+							Port:   9443,
+							Prefix: "test_",
+						},
+					},
+				},
+			}
+			Ω(backend.AddToParser(p)).ShouldNot(HaveOccurred())
+			Ω(p.String()).Should(ContainSubstring("server-template test_ 0 test.com:9443 ssl ca-file /usr/local/etc/haproxy/my-ca.crt crt /usr/local/etc/haproxy/my-cert.crt sni test.svc.cluster.local ssl-min-ver TLSv1.3 verify required\n"))
+		})
+		It("should set sendProxy with proxy protocol v2 and options for server templates", func() {
+			backend := &configv1alpha1.Backend{
+				ObjectMeta: metav1.ObjectMeta{Name: "openshift_default"},
+				Spec: configv1alpha1.BackendSpec{
+					ServerTemplates: []configv1alpha1.ServerTemplate{
+						{
+							ServerParams: configv1alpha1.ServerParams{
+								SendProxyV2: &configv1alpha1.ProxyProtocol{
+									V2: &configv1alpha1.ProxyProtocolV2{
+										Enabled: true,
+										Options: &configv1alpha1.ProxyProtocolV2Options{
+											CertCn:   true,
+											CertSig:  true,
+											UniqueID: true,
+											Ssl:      true,
+										},
+									},
+								},
+							},
+							FQDN:   "test.com",
+							Port:   9443,
+							Prefix: "test_",
+						},
+					},
+				},
+			}
+			Ω(backend.AddToParser(p)).ShouldNot(HaveOccurred())
+			Ω(p.String()).Should(ContainSubstring("server-template test_ 0 test.com:9443 send-proxy-v2 proxy-v2-options ssl,cert-cn,cert-sig,unique-id\n"))
+		})
+		It("should set tcp request rule", func() {
+			backend := &configv1alpha1.Backend{
+				ObjectMeta: metav1.ObjectMeta{Name: "openshift_default"},
+				Spec: configv1alpha1.BackendSpec{
+					BaseSpec: configv1alpha1.BaseSpec{
+						TCPRequest: []configv1alpha1.TCPRequestRule{
+							{
+								Type:    "inspect-delay",
+								Timeout: ptr.To(metav1.Duration{Duration: 5 * time.Second}),
+							},
+							{
+								Type:   "content",
+								Action: ptr.To("accept"),
+								Rule: configv1alpha1.Rule{
+									ConditionType: "if",
+									Condition:     "{ req_ssl_hello_type 1 }",
+								},
+							},
+						},
+					},
+				},
+			}
+			Ω(backend.AddToParser(p)).ShouldNot(HaveOccurred())
+			Ω(p.String()).Should(ContainSubstring("tcp-request inspect-delay 5000\n"))
+			Ω(p.String()).Should(ContainSubstring("tcp-request content accept if { req_ssl_hello_type 1 }\n"))
+		})
 	})
 })
diff --git a/apis/config/v1alpha1/common_types.go b/apis/config/v1alpha1/common_types.go
@@ -415,6 +415,7 @@ func (s *ServerTemplate) Model() (models.ServerTemplate, error) {
 
 	if s.SSL != nil && s.SSL.Enabled {
 		model.Ssl = models.ServerParamsSslEnabled
+		model.Verify = s.SSL.Verify
 
 		if s.SSL.Certificate != nil {
 			model.SslCertificate = s.SSL.Certificate.FilePath()

diff --git a/apis/config/v1alpha1/frontend_types_test.go b/apis/config/v1alpha1/frontend_types_test.go
@@ -1,11 +1,13 @@
 package v1alpha1_test
 
 import (
+	"fmt"
 	parser "github.com/haproxytech/config-parser/v4"
 	. "github.com/onsi/ginkgo/v2"
 	. "github.com/onsi/gomega"
 	configv1alpha1 "github.com/six-group/haproxy-operator/apis/config/v1alpha1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"time"
 )
 
 var simpleFrontend = `
@@ -25,15 +27,13 @@ var _ = Describe("Frontend", Label("type"), func() {
 			p, err = parser.New()
 			Ω(err).ShouldNot(HaveOccurred())
 		})
-
 		It("should create frontend", func() {
 			frontend := &configv1alpha1.Frontend{
 				ObjectMeta: metav1.ObjectMeta{Name: "foo"},
 			}
 			Ω(frontend.AddToParser(p)).ShouldNot(HaveOccurred())
 			Ω(p.String()).Should(Equal(simpleFrontend))
 		})
-
 		It("should create map_reg", func() {
 			backend := configv1alpha1.BackendReference{
 				RegexMapping: &configv1alpha1.RegexBackendMapping{
@@ -60,5 +60,42 @@ var _ = Describe("Frontend", Label("type"), func() {
 			a := p.String()
 			Ω(a).Should(Equal(withBackendRule))
 		})
+		It("should set timeouts", func() {
+			timeouts := map[string]metav1.Duration{
+				"client":          metav1.Duration{Duration: 5 * time.Second},
+				"http-keep-alive": metav1.Duration{Duration: 10 * time.Second},
+				"http-request":    metav1.Duration{Duration: 15 * time.Second},
+			}
+
+			frontend := &configv1alpha1.Frontend{
+				ObjectMeta: metav1.ObjectMeta{Name: "foo"},
+				Spec: configv1alpha1.FrontendSpec{
+					BaseSpec: configv1alpha1.BaseSpec{
+						Timeouts: timeouts,
+					},
+				},
+			}
+			Ω(frontend.AddToParser(p)).ShouldNot(HaveOccurred())
+
+			for name, duration := range timeouts {
+				Ω(p.String()).Should(ContainSubstring(fmt.Sprintf("timeout %s %d", name, duration.Duration.Milliseconds())))
+			}
+		})
+		It("should not set invalid timeouts", func() {
+			timeouts := map[string]metav1.Duration{
+				"server": metav1.Duration{Duration: 5 * time.Second},
+				"tunnel": metav1.Duration{Duration: 10 * time.Second},
+			}
+
+			frontend := &configv1alpha1.Frontend{
+				ObjectMeta: metav1.ObjectMeta{Name: "foo"},
+				Spec: configv1alpha1.FrontendSpec{
+					BaseSpec: configv1alpha1.BaseSpec{
+						Timeouts: timeouts,
+					},
+				},
+			}
+			Ω(frontend.AddToParser(p)).Should(HaveOccurred())
+		})
 	})
 })
diff --git a/apis/config/v1alpha1/resolver_types_test.go b/apis/config/v1alpha1/resolver_types_test.go
@@ -0,0 +1,98 @@
+package v1alpha1_test
+
+import (
+	parser "github.com/haproxytech/config-parser/v4"
+	. "github.com/onsi/ginkgo/v2"
+	. "github.com/onsi/gomega"
+	configv1alpha1 "github.com/six-group/haproxy-operator/apis/config/v1alpha1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/utils/ptr"
+	"time"
+)
+
+var simpleResolver = `
+resolvers foo
+  timeout resolve 1000
+  timeout retry 1000
+  resolve_retries 3
+`
+
+var _ = Describe("Resolver", Label("type"), func() {
+	Context("AddToParser", func() {
+		var p parser.Parser
+		BeforeEach(func() {
+			var err error
+			p, err = parser.New()
+			Ω(err).ShouldNot(HaveOccurred())
+		})
+		It("should create resolver", func() {
+			resolver := &configv1alpha1.Resolver{
+				ObjectMeta: metav1.ObjectMeta{Name: "foo"},
+			}
+			Ω(resolver.AddToParser(p)).ShouldNot(HaveOccurred())
+			Ω(p.String()).Should(Equal(simpleResolver))
+		})
+		It("should set accepted payload size", func() {
+			resolver := &configv1alpha1.Resolver{
+				ObjectMeta: metav1.ObjectMeta{Name: "foo"},
+				Spec: configv1alpha1.ResolverSpec{
+					AcceptedPayloadSize: ptr.To(int64(1024)),
+				},
+			}
+			Ω(resolver.AddToParser(p)).ShouldNot(HaveOccurred())
+			Ω(p.String()).Should(ContainSubstring("accepted_payload_size 1024\n"))
+		})
+		It("should set nameservers", func() {
+			resolver := &configv1alpha1.Resolver{
+				ObjectMeta: metav1.ObjectMeta{Name: "foo"},
+				Spec: configv1alpha1.ResolverSpec{
+					Nameservers: []configv1alpha1.Nameserver{
+						{Name: "ns1", Address: "ns1.com", Port: 53},
+						{Name: "ns2", Address: "ns2.com", Port: 5553},
+					},
+				},
+			}
+			Ω(resolver.AddToParser(p)).ShouldNot(HaveOccurred())
+			Ω(p.String()).Should(ContainSubstring("nameserver ns1 ns1.com:53\n"))
+			Ω(p.String()).Should(ContainSubstring("nameserver ns2 ns2.com:5553\n"))
+		})
+		It("should set hold time periods", func() {
+			resolver := &configv1alpha1.Resolver{
+				ObjectMeta: metav1.ObjectMeta{Name: "foo"},
+				Spec: configv1alpha1.ResolverSpec{
+					Hold: &configv1alpha1.Hold{
+						Nx:       ptr.To(metav1.Duration{Duration: 1 * time.Second}),
+						Obsolete: ptr.To(metav1.Duration{Duration: 2 * time.Second}),
+						Other:    ptr.To(metav1.Duration{Duration: 3 * time.Second}),
+						Refused:  ptr.To(metav1.Duration{Duration: 4 * time.Second}),
+						Timeout:  ptr.To(metav1.Duration{Duration: 5 * time.Second}),
+						Valid:    ptr.To(metav1.Duration{Duration: 6 * time.Second}),
+					},
+				},
+			}
+			Ω(resolver.AddToParser(p)).ShouldNot(HaveOccurred())
+			Ω(p.String()).Should(ContainSubstring("hold nx 1000\n"))
+			Ω(p.String()).Should(ContainSubstring("hold obsolete 2000\n"))
+			Ω(p.String()).Should(ContainSubstring("hold other 3000\n"))
+			Ω(p.String()).Should(ContainSubstring("hold refused 4000\n"))
+			Ω(p.String()).Should(ContainSubstring("hold timeout 5000\n"))
+			Ω(p.String()).Should(ContainSubstring("hold valid 6000\n"))
+		})
+		It("should overwrite default retires and timouts", func() {
+			resolver := &configv1alpha1.Resolver{
+				ObjectMeta: metav1.ObjectMeta{Name: "foo"},
+				Spec: configv1alpha1.ResolverSpec{
+					ResolveRetries: ptr.To(int64(10)),
+					Timeouts: &configv1alpha1.Timeouts{
+						Resolve: ptr.To(metav1.Duration{Duration: 2 * time.Second}),
+						Retry:   ptr.To(metav1.Duration{Duration: 5 * time.Second}),
+					},
+				},
+			}
+			Ω(resolver.AddToParser(p)).ShouldNot(HaveOccurred())
+			Ω(p.String()).Should(ContainSubstring("timeout resolve 2000\n"))
+			Ω(p.String()).Should(ContainSubstring("timeout retry 5000\n"))
+			Ω(p.String()).Should(ContainSubstring("resolve_retries 10\n"))
+		})
+	})
+})
diff --git a/go.mod b/go.mod
@@ -18,7 +18,7 @@ require (
 	k8s.io/client-go v0.28.3
 	k8s.io/klog/v2 v2.100.1
 	k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 // indirect
-	k8s.io/utils v0.0.0-20230406110748-d93618cff8a2
+	k8s.io/utils v0.0.0-20231127182322-b307cd553661
 	sigs.k8s.io/controller-runtime v0.16.3
 )
 

diff --git a/go.sum b/go.sum
@@ -386,8 +386,8 @@ k8s.io/klog/v2 v2.100.1 h1:7WCHKK6K8fNhTqfBhISHQ97KrnJNFZMcQvKp7gP/tmg=
 k8s.io/klog/v2 v2.100.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0=
 k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 h1:LyMgNKD2P8Wn1iAwQU5OhxCKlKJy0sHc+PcDwFB24dQ=
 k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9/go.mod h1:wZK2AVp1uHCp4VamDVgBP2COHZjqD1T68Rf0CM3YjSM=
-k8s.io/utils v0.0.0-20230406110748-d93618cff8a2 h1:qY1Ad8PODbnymg2pRbkyMT/ylpTrCM8P2RJ0yroCyIk=
-k8s.io/utils v0.0.0-20230406110748-d93618cff8a2/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
+k8s.io/utils v0.0.0-20231127182322-b307cd553661 h1:FepOBzJ0GXm8t0su67ln2wAZjbQ6RxQGZDnzuLcrUTI=
+k8s.io/utils v0.0.0-20231127182322-b307cd553661/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
 sigs.k8s.io/controller-runtime v0.16.3 h1:2TuvuokmfXvDUamSx1SuAOO3eTyye+47mJCigwG62c4=
 sigs.k8s.io/controller-runtime v0.16.3/go.mod h1:j7bialYoSn142nv9sCOJmQgDXQXxnroFU4VnX/brVJ0=
 sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo=