Skip to content

Commit

Permalink
Add tests for wildcard hosts
Browse files Browse the repository at this point in the history
  • Loading branch information
jakurban committed Aug 25, 2022
1 parent 36b9f1c commit 60349d1
Show file tree
Hide file tree
Showing 6 changed files with 93 additions and 11 deletions.
4 changes: 4 additions & 0 deletions testsuite/objects/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -60,6 +60,10 @@ def remove_all_hosts(self):
def add_opa_policy(self, name, rego_policy):
"""Adds OPA inline Rego policy"""

@abc.abstractmethod
def add_response(self, response):
"""Add response to AuthConfig"""


class PreexistingAuthorino(Authorino):
"""Authorino which is already deployed prior to the testrun"""
Expand Down
5 changes: 5 additions & 0 deletions testsuite/openshift/objects/auth_config.py
Original file line number Diff line number Diff line change
Expand Up @@ -118,3 +118,8 @@ def add_opa_policy(self, name, rego_policy):
"inlineRego": rego_policy
}
})

@modify
def add_response(self, response):
"""Add response to AuthConfig"""
self.model["spec"]["response"] = [response]
Original file line number Diff line number Diff line change
@@ -0,0 +1,48 @@
"""
Test for wildcard collisions with clusterwide authorino
"""

import pytest

from testsuite.openshift.objects.auth_config import AuthConfig


# pylint: disable = unused-argument
@pytest.fixture(scope="module")
def authorization(authorino, blame, openshift, module_label, envoy, wildcard_domain):
"""In case of Authorino, AuthConfig used for authorization"""
auth = AuthConfig.create_instance(openshift, blame("ac"), wildcard_domain, labels={"testRun": module_label})
auth.add_response({"name": "header", "json": {"properties": [{"name": "anything", "value": "one"}]}})
return auth


# pylint: disable = unused-argument
@pytest.fixture(scope="module")
def authorization2(authorino, blame, openshift2, module_label, envoy, wildcard_domain):
"""In case of Authorino, AuthConfig used for authorization"""
auth = AuthConfig.create_instance(openshift2, blame("ac"), wildcard_domain, labels={"testRun": module_label})
auth.add_response({"name": "header", "json": {"properties": [{"name": "anything", "value": "two"}]}})
return auth


@pytest.mark.parametrize(("client_fixture", "auth_fixture", "hosts"), [
pytest.param("client", "authorization", "wildcard_domain", id="First namespace"),
pytest.param("client2", "authorization2", [], id="Second namespace"),
])
def test_wildcard_collision(client_fixture, auth_fixture, hosts, request):
"""
Preparation:
- Create AuthConfig with host set to wildcard_domain
- Create AuthConfig with host set to wildcard_domain in another project
Test:
- Send request to authorino
- Assert that the correct AuthConfig was used
"""
if hosts:
hosts = [request.getfixturevalue(hosts)]
client = request.getfixturevalue(client_fixture)
response = client.get("/get")
assert response.status_code == 200
assert response.json()["headers"]["Header"] == '{"anything":"one"}'
authorization = request.getfixturevalue(auth_fixture)
assert authorization.model.status.summary.hostsReady == hosts
11 changes: 11 additions & 0 deletions testsuite/tests/kuadrant/authorino/operator/conftest.py
Original file line number Diff line number Diff line change
@@ -1,4 +1,6 @@
"""Conftest for all tests requiring custom deployment of Authorino"""
from urllib.parse import urlparse

import pytest
from weakget import weakget

Expand Down Expand Up @@ -37,3 +39,12 @@ def authorino(openshift, blame, request, testconfig, cluster_wide, module_label,
authorino.commit()
authorino.wait_for_ready()
return authorino


@pytest.fixture(scope="session")
def wildcard_domain(openshift):
"""
Wildcard domain of openshift cluster
"""
hostname = urlparse(openshift.api_url).hostname
return "*.apps." + hostname.split(".", 1)[1]
25 changes: 25 additions & 0 deletions testsuite/tests/kuadrant/authorino/operator/test_wildcard.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
"""
Test for wildcard host
"""
import pytest

from testsuite.openshift.objects.auth_config import AuthConfig


# pylint: disable = unused-argument
@pytest.fixture(scope="module")
def authorization(authorino, blame, openshift, module_label):
"""In case of Authorino, AuthConfig used for authorization"""
return AuthConfig.create_instance(openshift, blame("ac"), "*.redhat.com", labels={"testRun": module_label})


def test_wildcard(client):
"""
Preparation:
- Create AuthConfig with host set to `*.redhat.com`
Test:
- Send request to authorino
- Assert that request was successful
"""
response = client.get("/get")
assert response.status_code == 200
11 changes: 0 additions & 11 deletions testsuite/tests/kuadrant/authorino/operator/tls/conftest.py
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
"""Conftest for all TLS-enabled tests"""
from urllib.parse import urlparse

import pytest

Expand Down Expand Up @@ -46,16 +45,6 @@ def cfssl(testconfig):
return client


@pytest.fixture(scope="session")
def wildcard_domain(openshift):
"""
Hostname of the upstream certificate sent to be validated by APIcast
May be overwritten to configure different test cases
"""
hostname = urlparse(openshift.api_url).hostname
return "*.apps." + hostname.split(".", 1)[1]


@pytest.fixture(scope="session")
def authorino_domain(openshift):
"""
Expand Down

0 comments on commit 60349d1

Please sign in to comment.