luxolus
/
open-consul
2
0
Fork 0
Code Issues 1 Pull Requests Packages Releases Wiki Activity
open-consul/agent/consul/discoverychain/gateway_test.go

546 lines
13 KiB
Go
Raw Normal View History

API Gateway to Ingress Gateway Snapshot Translation and Routes to Virtual Routers and Splitters (#16127) * Stub proxycfg handler for API gateway * Add Service Kind constants/handling for API Gateway * Begin stubbing for SDS * Add new Secret type to xDS order of operations * Continue stubbing of SDS * Iterate on proxycfg handler for API gateway * Handle BoundAPIGateway config entry subscription in proxycfg-glue * Add API gateway to config snapshot validation * Add API gateway to config snapshot clone, leaf, etc. * Subscribe to bound route + cert config entries on bound-api-gateway * Track routes + certs on API gateway config snapshot * Generate DeepCopy() for types used in watch.Map * Watch all active references on api-gateway, unwatch inactive * Track loading of initial bound-api-gateway config entry * Use proper proto package for SDS mapping * Use ResourceReference instead of ServiceName, collect resources * Fix typo, add + remove TODOs * Watch discovery chains for TCPRoute * Add TODO for updating gateway services for api-gateway * make proto * Regenerate deep-copy for proxycfg * Set datacenter on upstream ID from query source * Watch discovery chains for http-route service backends * Add ServiceName getter to HTTP+TCP Service structs * Clean up unwatched discovery chains on API Gateway * Implement watch for ingress leaf certificate * Collect upstreams on http-route + tcp-route updates * Remove unused GatewayServices update handler * Remove unnecessary gateway services logic for API Gateway * Remove outdate TODO * Use .ToIngress where appropriate, including TODO for cleaning up * Cancel before returning error * Remove GatewayServices subscription * Add godoc for handlerAPIGateway functions * Update terminology from Connect => Consul Service Mesh Consistent with terminology changes in https://github.com/hashicorp/consul/pull/12690 * Add missing TODO * Remove duplicate switch case * Rerun deep-copy generator * Use correct property on config snapshot * Remove unnecessary leaf cert watch * Clean up based on code review feedback * Note handler properties that are initialized but set elsewhere * Add TODO for moving helper func into structs pkg * Update generated DeepCopy code * gofmt * Begin stubbing for SDS * Start adding tests * Remove second BoundAPIGateway case in glue * TO BE PICKED: fix formatting of str * WIP * Fix merge conflict * Implement HTTP Route to Discovery Chain config entries * Stub out function to create discovery chain * Add discovery chain merging code (#16131) * Test adding TCP and HTTP routes * Add some tests for the synthesizer * Run go mod tidy * Pairing with N8 * Run deep copy * Clean up GatewayChainSynthesizer * Fix missing assignment of BoundAPIGateway topic * Separate out synthesizeChains and toIngressTLS * Fix build errors * Ensure synthesizer skips non-matching routes by protocol * Rebase on N8s work * Generate DeepCopy() for API gateway listener types * Improve variable name * Regenerate DeepCopy() code * Fix linting issue * fix protobuf import * Fix more merge conflict errors * Fix synthesize test * Run deep copy * Add URLRewrite to proto * Update agent/consul/discoverychain/gateway_tcproute.go Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com> * Remove APIGatewayConfigEntry that was extra * Error out if route kind is unknown * Fix formatting errors in proto --------- Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com> Co-authored-by: Andrew Stucki <andrew.stucki@hashicorp.com>
2023-02-09 17:58:55 +00:00
package discoverychain
import (
"testing"
"github.com/hashicorp/consul/agent/structs"
"github.com/stretchr/testify/require"
)
func TestGatewayChainSynthesizer_AddTCPRoute(t *testing.T) {
t.Parallel()
datacenter := "dc1"
gateway := &structs.APIGatewayConfigEntry{
Kind: structs.APIGateway,
Name: "gateway",
}
route := structs.TCPRouteConfigEntry{
Kind: structs.TCPRoute,
Name: "route",
}
expected := GatewayChainSynthesizer{
datacenter: datacenter,
gateway: gateway,
matchesByHostname: map[string][]hostnameMatch{},
tcpRoutes: []structs.TCPRouteConfigEntry{
route,
},
}
gatewayChainSynthesizer := NewGatewayChainSynthesizer(datacenter, gateway)
// Add a TCP route
gatewayChainSynthesizer.AddTCPRoute(route)
require.Equal(t, expected, *gatewayChainSynthesizer)
}
func TestGatewayChainSynthesizer_AddHTTPRoute(t *testing.T) {
t.Parallel()
cases := map[string]struct {
route structs.HTTPRouteConfigEntry
expectedMatchesByHostname map[string][]hostnameMatch
}{
"no hostanames": {
route: structs.HTTPRouteConfigEntry{
Kind: structs.HTTPRoute,
Name: "route",
},
expectedMatchesByHostname: map[string][]hostnameMatch{},
},
"single hostname with no rules": {
route: structs.HTTPRouteConfigEntry{
Kind: structs.HTTPRoute,
Name: "route",
Hostnames: []string{
"example.com",
},
},
expectedMatchesByHostname: map[string][]hostnameMatch{
"example.com": {},
},
},
"single hostname with a single rule and no matches": {
route: structs.HTTPRouteConfigEntry{
Kind: structs.HTTPRoute,
Name: "route",
Hostnames: []string{
"example.com",
},
Rules: []structs.HTTPRouteRule{
{
Filters: structs.HTTPFilters{},
Matches: []structs.HTTPMatch{},
Services: []structs.HTTPService{},
},
},
},
expectedMatchesByHostname: map[string][]hostnameMatch{
"example.com": {
{
match: structs.HTTPMatch{
Path: structs.HTTPPathMatch{
Match: "prefix",
Value: "/",
},
},
filters: structs.HTTPFilters{},
services: []structs.HTTPService{},
},
},
},
},
"single hostname with a single rule and a single match": {
route: structs.HTTPRouteConfigEntry{
Kind: structs.HTTPRoute,
Name: "route",
Hostnames: []string{
"example.com",
},
Rules: []structs.HTTPRouteRule{
{
Filters: structs.HTTPFilters{},
Matches: []structs.HTTPMatch{
{
Path: structs.HTTPPathMatch{
Match: "prefix",
Value: "foo-",
},
},
},
Services: []structs.HTTPService{},
},
},
},
expectedMatchesByHostname: map[string][]hostnameMatch{
"example.com": {
{
match: structs.HTTPMatch{
Path: structs.HTTPPathMatch{
Match: "prefix",
Value: "foo-",
},
},
filters: structs.HTTPFilters{},
services: []structs.HTTPService{},
},
},
},
},
"single hostname with a single rule and multiple matches": {
route: structs.HTTPRouteConfigEntry{
Kind: structs.HTTPRoute,
Name: "route",
Hostnames: []string{
"example.com",
},
Rules: []structs.HTTPRouteRule{
{
Filters: structs.HTTPFilters{},
Matches: []structs.HTTPMatch{
{
Path: structs.HTTPPathMatch{
Match: "prefix",
Value: "foo-",
},
},
{
Path: structs.HTTPPathMatch{
Match: "prefix",
Value: "bar-",
},
},
},
Services: []structs.HTTPService{},
},
},
},
expectedMatchesByHostname: map[string][]hostnameMatch{
"example.com": {
{
match: structs.HTTPMatch{
Path: structs.HTTPPathMatch{
Match: "prefix",
Value: "foo-",
},
},
filters: structs.HTTPFilters{},
services: []structs.HTTPService{},
},
{
match: structs.HTTPMatch{
Path: structs.HTTPPathMatch{
Match: "prefix",
Value: "bar-",
},
},
filters: structs.HTTPFilters{},
services: []structs.HTTPService{},
},
},
},
},
"multiple hostnames with a single rule and a single match": {
route: structs.HTTPRouteConfigEntry{
Kind: structs.HTTPRoute,
Name: "route",
Hostnames: []string{
"example.com",
"example.net",
},
Rules: []structs.HTTPRouteRule{
{
Filters: structs.HTTPFilters{},
Matches: []structs.HTTPMatch{
{
Path: structs.HTTPPathMatch{
Match: "prefix",
Value: "foo-",
},
},
},
Services: []structs.HTTPService{},
},
},
},
expectedMatchesByHostname: map[string][]hostnameMatch{
"example.com": {
{
match: structs.HTTPMatch{
Path: structs.HTTPPathMatch{
Match: "prefix",
Value: "foo-",
},
},
filters: structs.HTTPFilters{},
services: []structs.HTTPService{},
},
},
"example.net": {
{
match: structs.HTTPMatch{
Path: structs.HTTPPathMatch{
Match: "prefix",
Value: "foo-",
},
},
filters: structs.HTTPFilters{},
services: []structs.HTTPService{},
},
},
},
},
"multiple hostnames with a single rule and multiple matches": {
route: structs.HTTPRouteConfigEntry{
Kind: structs.HTTPRoute,
Name: "route",
Hostnames: []string{
"example.com",
"example.net",
},
Rules: []structs.HTTPRouteRule{
{
Filters: structs.HTTPFilters{},
Matches: []structs.HTTPMatch{
{
Path: structs.HTTPPathMatch{
Match: "prefix",
Value: "foo-",
},
},
{
Path: structs.HTTPPathMatch{
Match: "prefix",
Value: "bar-",
},
},
},
Services: []structs.HTTPService{},
},
},
},
expectedMatchesByHostname: map[string][]hostnameMatch{
"example.com": {
{
match: structs.HTTPMatch{
Path: structs.HTTPPathMatch{
Match: "prefix",
Value: "foo-",
},
},
filters: structs.HTTPFilters{},
services: []structs.HTTPService{},
},
{
match: structs.HTTPMatch{
Path: structs.HTTPPathMatch{
Match: "prefix",
Value: "bar-",
},
},
filters: structs.HTTPFilters{},
services: []structs.HTTPService{},
},
},
"example.net": {
{
match: structs.HTTPMatch{
Path: structs.HTTPPathMatch{
Match: "prefix",
Value: "foo-",
},
},
filters: structs.HTTPFilters{},
services: []structs.HTTPService{},
},
{
match: structs.HTTPMatch{
Path: structs.HTTPPathMatch{
Match: "prefix",
Value: "bar-",
},
},
filters: structs.HTTPFilters{},
services: []structs.HTTPService{},
},
},
},
},
"multiple hostnames with multiple rules and multiple matches": {
route: structs.HTTPRouteConfigEntry{
Kind: structs.HTTPRoute,
Name: "route",
Hostnames: []string{
"example.com",
"example.net",
},
Rules: []structs.HTTPRouteRule{
{
Filters: structs.HTTPFilters{},
Matches: []structs.HTTPMatch{
{
Path: structs.HTTPPathMatch{
Match: "prefix",
Value: "foo-",
},
},
{
Path: structs.HTTPPathMatch{
Match: "prefix",
Value: "bar-",
},
},
},
Services: []structs.HTTPService{},
},
{
Filters: structs.HTTPFilters{},
Matches: []structs.HTTPMatch{
{
Path: structs.HTTPPathMatch{
Match: "prefix",
Value: "baz-",
},
},
{
Path: structs.HTTPPathMatch{
Match: "prefix",
Value: "qux-",
},
},
},
Services: []structs.HTTPService{},
},
},
},
expectedMatchesByHostname: map[string][]hostnameMatch{
"example.com": {
{
match: structs.HTTPMatch{
Path: structs.HTTPPathMatch{
Match: "prefix",
Value: "foo-",
},
},
filters: structs.HTTPFilters{},
services: []structs.HTTPService{},
},
{
match: structs.HTTPMatch{
Path: structs.HTTPPathMatch{
Match: "prefix",
Value: "bar-",
},
},
filters: structs.HTTPFilters{},
services: []structs.HTTPService{},
},
{
match: structs.HTTPMatch{
Path: structs.HTTPPathMatch{
Match: "prefix",
Value: "baz-",
},
},
filters: structs.HTTPFilters{},
services: []structs.HTTPService{},
},
{
match: structs.HTTPMatch{
Path: structs.HTTPPathMatch{
Match: "prefix",
Value: "qux-",
},
},
filters: structs.HTTPFilters{},
services: []structs.HTTPService{},
},
},
"example.net": {
{
match: structs.HTTPMatch{
Path: structs.HTTPPathMatch{
Match: "prefix",
Value: "foo-",
},
},
filters: structs.HTTPFilters{},
services: []structs.HTTPService{},
},
{
match: structs.HTTPMatch{
Path: structs.HTTPPathMatch{
Match: "prefix",
Value: "bar-",
},
},
filters: structs.HTTPFilters{},
services: []structs.HTTPService{},
},
{
match: structs.HTTPMatch{
Path: structs.HTTPPathMatch{
Match: "prefix",
Value: "baz-",
},
},
filters: structs.HTTPFilters{},
services: []structs.HTTPService{},
},
{
match: structs.HTTPMatch{
Path: structs.HTTPPathMatch{
Match: "prefix",
Value: "qux-",
},
},
filters: structs.HTTPFilters{},
services: []structs.HTTPService{},
},
},
},
},
}
for name, tc := range cases {
t.Run(name, func(t *testing.T) {
datacenter := "dc1"
gateway := &structs.APIGatewayConfigEntry{
Kind: structs.APIGateway,
Name: "gateway",
}
gatewayChainSynthesizer := NewGatewayChainSynthesizer(datacenter, gateway)
gatewayChainSynthesizer.AddHTTPRoute(tc.route)
require.Equal(t, tc.expectedMatchesByHostname, gatewayChainSynthesizer.matchesByHostname)
})
}
}
func TestGatewayChainSynthesizer_Synthesize(t *testing.T) {
t.Parallel()
cases := map[string]struct {
synthesizer *GatewayChainSynthesizer
tcpRoutes []*structs.TCPRouteConfigEntry
httpRoutes []*structs.HTTPRouteConfigEntry
chain *structs.CompiledDiscoveryChain
extra []*structs.CompiledDiscoveryChain
expectedIngressServices []structs.IngressService
expectedDiscoveryChain *structs.CompiledDiscoveryChain
}{
// TODO Add tests for other synthesizer types.
"TCPRoute-based listener": {
synthesizer: NewGatewayChainSynthesizer("dc1", &structs.APIGatewayConfigEntry{
Kind: structs.APIGateway,
Name: "gateway",
}),
tcpRoutes: []*structs.TCPRouteConfigEntry{
{
Kind: structs.TCPRoute,
Name: "tcp-route",
},
},
chain: &structs.CompiledDiscoveryChain{
ServiceName: "foo",
Namespace: "default",
Datacenter: "dc1",
},
extra: []*structs.CompiledDiscoveryChain{},
expectedIngressServices: []structs.IngressService{},
expectedDiscoveryChain: &structs.CompiledDiscoveryChain{
ServiceName: "foo",
Namespace: "default",
Datacenter: "dc1",
},
},
"HTTPRoute-based listener": {
synthesizer: NewGatewayChainSynthesizer("dc1", &structs.APIGatewayConfigEntry{
Kind: structs.APIGateway,
Name: "gateway",
}),
httpRoutes: []*structs.HTTPRouteConfigEntry{
{
Kind: structs.HTTPRoute,
Name: "http-route",
},
},
chain: &structs.CompiledDiscoveryChain{
ServiceName: "foo",
Namespace: "default",
Datacenter: "dc1",
},
extra: []*structs.CompiledDiscoveryChain{},
expectedIngressServices: []structs.IngressService{},
expectedDiscoveryChain: &structs.CompiledDiscoveryChain{
ServiceName: "foo",
Namespace: "default",
Datacenter: "dc1",
},
},
}
for name, tc := range cases {
t.Run(name, func(t *testing.T) {
for _, tcpRoute := range tc.tcpRoutes {
tc.synthesizer.AddTCPRoute(*tcpRoute)
}
for _, httpRoute := range tc.httpRoutes {
tc.synthesizer.AddHTTPRoute(*httpRoute)
}
chains := append([]*structs.CompiledDiscoveryChain{tc.chain}, tc.extra...)
ingressServices, discoveryChain, err := tc.synthesizer.Synthesize(chains...)
require.NoError(t, err)
require.Equal(t, tc.expectedIngressServices, ingressServices)
require.Equal(t, tc.expectedDiscoveryChain, discoveryChain)
})
}
}