From 7f4ebe7ed0e76acffa4136297da697372f7fe2f7 Mon Sep 17 00:00:00 2001 From: guoqqqi <72343596+guoqqqi@users.noreply.github.com> Date: Wed, 26 Jan 2022 15:12:20 +0800 Subject: [PATCH 1/4] docs: add file-logger plugin info to README (#6207) --- README.md | 2 +- docs/zh/latest/README.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 42594ce1b9336..78f66463a5e7f 100644 --- a/README.md +++ b/README.md @@ -135,7 +135,7 @@ A/B testing, canary release, blue-green deployment, limit rate, defense against - High performance: The single-core QPS reaches 18k with an average delay of fewer than 0.2 milliseconds. - [Fault Injection](docs/en/latest/plugins/fault-injection.md) - [REST Admin API](docs/en/latest/admin-api.md): Using the REST Admin API to control Apache APISIX, which only allows 127.0.0.1 access by default, you can modify the `allow_admin` field in `conf/config.yaml` to specify a list of IPs that are allowed to call the Admin API. Also, note that the Admin API uses key auth to verify the identity of the caller. **The `admin_key` field in `conf/config.yaml` needs to be modified before deployment to ensure security**. - - External Loggers: Export access logs to external log management tools. ([HTTP Logger](docs/en/latest/plugins/http-logger.md), [TCP Logger](docs/en/latest/plugins/tcp-logger.md), [Kafka Logger](docs/en/latest/plugins/kafka-logger.md), [UDP Logger](docs/en/latest/plugins/udp-logger.md), [RocketMQ Logger](docs/en/latest/plugins/rocketmq-logger.md), [SkyWalking Logger](docs/en/latest/plugins/skywalking-logger.md), [Alibaba Cloud Logging(SLS)](docs/en/latest/plugins/sls-logger.md), [Google Cloud Logging](docs/en/latest/plugins/google-cloud-logging.md), [Splunk HEC Logging](docs/en/latest/plugins/splunk-hec-logging.md)) + - External Loggers: Export access logs to external log management tools. ([HTTP Logger](docs/en/latest/plugins/http-logger.md), [TCP Logger](docs/en/latest/plugins/tcp-logger.md), [Kafka Logger](docs/en/latest/plugins/kafka-logger.md), [UDP Logger](docs/en/latest/plugins/udp-logger.md), [RocketMQ Logger](docs/en/latest/plugins/rocketmq-logger.md), [SkyWalking Logger](docs/en/latest/plugins/skywalking-logger.md), [Alibaba Cloud Logging(SLS)](docs/en/latest/plugins/sls-logger.md), [Google Cloud Logging](docs/en/latest/plugins/google-cloud-logging.md), [Splunk HEC Logging](docs/en/latest/plugins/splunk-hec-logging.md), [File Logger](docs/en/latest/plugins/file-logger.md)) - [Datadog](docs/en/latest/plugins/datadog.md): push custom metrics to the DogStatsD server, comes bundled with [Datadog agent](https://docs.datadoghq.com/agent/), over the UDP protocol. DogStatsD basically is an implementation of StatsD protocol which collects the custom metrics for Apache APISIX agent, aggregates it into a single data point and sends it to the configured Datadog server. - [Helm charts](https://github.com/apache/apisix-helm-chart) - [HashiCorp Vault](https://www.vaultproject.io/): Support secret management solution for accessing secrets from Vault secure storage backed in a low trust environment. Currently, RS256 keys (public-private key pairs) or secret keys can be linked from vault in [jwt-auth](docs/en/latest/plugins/jwt-auth.md#enable-jwt-auth-with-vault-compatibility) authentication plugin. diff --git a/docs/zh/latest/README.md b/docs/zh/latest/README.md index 35cc2fbed3c33..98f33c96f9900 100644 --- a/docs/zh/latest/README.md +++ b/docs/zh/latest/README.md @@ -136,7 +136,7 @@ A/B 测试、金丝雀发布(灰度发布)、蓝绿部署、限流限速、抵 - 高性能:在单核上 QPS 可以达到 18k,同时延迟只有 0.2 毫秒。 - [故障注入](plugins/fault-injection.md) - [REST Admin API](admin-api.md): 使用 REST Admin API 来控制 Apache APISIX,默认只允许 127.0.0.1 访问,你可以修改 `conf/config.yaml` 中的 `allow_admin` 字段,指定允许调用 Admin API 的 IP 列表。同时需要注意的是,Admin API 使用 key auth 来校验调用者身份,**在部署前需要修改 `conf/config.yaml` 中的 `admin_key` 字段,来保证安全。** - - 外部日志记录器:将访问日志导出到外部日志管理工具。([HTTP Logger](plugins/http-logger.md)、[TCP Logger](plugins/tcp-logger.md)、[Kafka Logger](plugins/kafka-logger.md)、[UDP Logger](plugins/udp-logger.md)、[RocketMQ Logger](plugins/rocketmq-logger.md)、[SkyWalking Logger](plugins/skywalking-logger.md)、[Alibaba Cloud Logging(SLS)](plugins/sls-logger.md)、[Google Cloud Logging](plugins/google-cloud-logging.md)、[Splunk HEC Logging](plugins/splunk-hec-logging.md)) + - 外部日志记录器:将访问日志导出到外部日志管理工具。([HTTP Logger](plugins/http-logger.md)、[TCP Logger](plugins/tcp-logger.md)、[Kafka Logger](plugins/kafka-logger.md)、[UDP Logger](plugins/udp-logger.md)、[RocketMQ Logger](plugins/rocketmq-logger.md)、[SkyWalking Logger](plugins/skywalking-logger.md)、[Alibaba Cloud Logging(SLS)](plugins/sls-logger.md)、[Google Cloud Logging](plugins/google-cloud-logging.md)、[Splunk HEC Logging](plugins/splunk-hec-logging.md)、[File Logger](plugins/file-logger.md)) - [Helm charts](https://github.com/apache/apisix-helm-chart) - **高度可扩展** From 6865b1d5bd4c005e22229824f94ad275e1c24820 Mon Sep 17 00:00:00 2001 From: Bisakh Date: Wed, 26 Jan 2022 17:51:49 +0530 Subject: [PATCH 2/4] docs: add solarwinds loggly to readme (#6191) --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 78f66463a5e7f..951bbb9138244 100644 --- a/README.md +++ b/README.md @@ -135,7 +135,7 @@ A/B testing, canary release, blue-green deployment, limit rate, defense against - High performance: The single-core QPS reaches 18k with an average delay of fewer than 0.2 milliseconds. - [Fault Injection](docs/en/latest/plugins/fault-injection.md) - [REST Admin API](docs/en/latest/admin-api.md): Using the REST Admin API to control Apache APISIX, which only allows 127.0.0.1 access by default, you can modify the `allow_admin` field in `conf/config.yaml` to specify a list of IPs that are allowed to call the Admin API. Also, note that the Admin API uses key auth to verify the identity of the caller. **The `admin_key` field in `conf/config.yaml` needs to be modified before deployment to ensure security**. - - External Loggers: Export access logs to external log management tools. ([HTTP Logger](docs/en/latest/plugins/http-logger.md), [TCP Logger](docs/en/latest/plugins/tcp-logger.md), [Kafka Logger](docs/en/latest/plugins/kafka-logger.md), [UDP Logger](docs/en/latest/plugins/udp-logger.md), [RocketMQ Logger](docs/en/latest/plugins/rocketmq-logger.md), [SkyWalking Logger](docs/en/latest/plugins/skywalking-logger.md), [Alibaba Cloud Logging(SLS)](docs/en/latest/plugins/sls-logger.md), [Google Cloud Logging](docs/en/latest/plugins/google-cloud-logging.md), [Splunk HEC Logging](docs/en/latest/plugins/splunk-hec-logging.md), [File Logger](docs/en/latest/plugins/file-logger.md)) + - External Loggers: Export access logs to external log management tools. ([HTTP Logger](docs/en/latest/plugins/http-logger.md), [TCP Logger](docs/en/latest/plugins/tcp-logger.md), [Kafka Logger](docs/en/latest/plugins/kafka-logger.md), [UDP Logger](docs/en/latest/plugins/udp-logger.md), [RocketMQ Logger](docs/en/latest/plugins/rocketmq-logger.md), [SkyWalking Logger](docs/en/latest/plugins/skywalking-logger.md), [Alibaba Cloud Logging(SLS)](docs/en/latest/plugins/sls-logger.md), [Google Cloud Logging](docs/en/latest/plugins/google-cloud-logging.md), [Splunk HEC Logging](docs/en/latest/plugins/splunk-hec-logging.md), [File Logger](docs/en/latest/plugins/file-logger.md), [SolarWinds Loggly Logging](docs/en/latest/plugins/loggly.md)) - [Datadog](docs/en/latest/plugins/datadog.md): push custom metrics to the DogStatsD server, comes bundled with [Datadog agent](https://docs.datadoghq.com/agent/), over the UDP protocol. DogStatsD basically is an implementation of StatsD protocol which collects the custom metrics for Apache APISIX agent, aggregates it into a single data point and sends it to the configured Datadog server. - [Helm charts](https://github.com/apache/apisix-helm-chart) - [HashiCorp Vault](https://www.vaultproject.io/): Support secret management solution for accessing secrets from Vault secure storage backed in a low trust environment. Currently, RS256 keys (public-private key pairs) or secret keys can be linked from vault in [jwt-auth](docs/en/latest/plugins/jwt-auth.md#enable-jwt-auth-with-vault-compatibility) authentication plugin. From 615ee41312282ca2375abddae1d074637a901d89 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E7=BD=97=E6=B3=BD=E8=BD=A9?= Date: Thu, 27 Jan 2022 04:22:48 +0800 Subject: [PATCH 3/4] test: fix way to check file installation (#6211) --- ci/linux_apisix_current_luarocks_runner.sh | 4 +++- ci/linux_apisix_master_luarocks_runner.sh | 4 +--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/ci/linux_apisix_current_luarocks_runner.sh b/ci/linux_apisix_current_luarocks_runner.sh index a143d479d0a2c..215e44accba26 100755 --- a/ci/linux_apisix_current_luarocks_runner.sh +++ b/ci/linux_apisix_current_luarocks_runner.sh @@ -30,11 +30,13 @@ script() { export_or_prefix openresty -V - sudo rm -rf /usr/local/apisix + sudo rm -rf /usr/local/share/lua/5.1/apisix # install APISIX with local version sudo luarocks install rockspec/apisix-master-0.rockspec --only-deps > build.log 2>&1 || (cat build.log && exit 1) sudo luarocks make rockspec/apisix-master-0.rockspec > build.log 2>&1 || (cat build.log && exit 1) + # ensure all files under apisix is installed + diff -rq apisix /usr/local/share/lua/5.1/apisix mkdir cli_tmp && cd cli_tmp diff --git a/ci/linux_apisix_master_luarocks_runner.sh b/ci/linux_apisix_master_luarocks_runner.sh index 37cb12ec13754..a75fdf6c2488c 100755 --- a/ci/linux_apisix_master_luarocks_runner.sh +++ b/ci/linux_apisix_master_luarocks_runner.sh @@ -30,7 +30,7 @@ script() { export_or_prefix openresty -V - sudo rm -rf /usr/local/share/lua/5.1/apisix + sudo rm -rf /usr/local/apisix # run the test case in an empty folder mkdir tmp && cd tmp @@ -38,8 +38,6 @@ script() { # install APISIX by luarocks sudo luarocks install $APISIX_MAIN > build.log 2>&1 || (cat build.log && exit 1) - # ensure all files under ../apisix is installed - diff -rq ../apisix /usr/local/share/lua/5.1/apisix || exit 1 cp ../bin/apisix /usr/local/bin/apisix # show install files From 427e9269efe32836051bf280ea2af4a566730ae4 Mon Sep 17 00:00:00 2001 From: Zeping Bai Date: Thu, 27 Jan 2022 12:57:53 +0800 Subject: [PATCH 4/4] change: don't expose public API by default & remove plugin interceptor (#6196) --- apisix/admin/plugin_metadata.lua | 10 - apisix/api_router.lua | 77 +------- apisix/init.lua | 12 -- apisix/plugins/public-api.lua | 5 +- t/admin/plugin-metadata.t | 202 +------------------- t/admin/plugins-reload.t | 16 ++ t/chaos/delayetcd/delayetcd.go | 4 + t/chaos/killetcd/killetcd.go | 4 + t/chaos/utils/utils.go | 21 ++ t/cli/test_admin.sh | 52 ++++- t/cli/test_prometheus.sh | 32 ++++ t/config-center-yaml/consumer.t | 8 + t/config-center-yaml/global-rule.t | 5 + t/config-center-yaml/plugin.t | 5 + t/node/global-rule.t | 61 +----- t/plugin/batch-requests.t | 121 ++++++------ t/plugin/batch-requests2.t | 65 ++++++- t/plugin/jwt-auth-vault.t | 46 ++++- t/plugin/jwt-auth.t | 297 +++++++++-------------------- t/plugin/node-status.t | 55 ++++-- t/plugin/prometheus.t | 175 +++++------------ t/plugin/prometheus2.t | 247 ++++++++++-------------- t/plugin/prometheus3.t | 74 +++---- t/plugin/wolf-rbac.t | 118 ++++++++---- 24 files changed, 703 insertions(+), 1009 deletions(-) diff --git a/apisix/admin/plugin_metadata.lua b/apisix/admin/plugin_metadata.lua index f2620fc9e2793..bde9af05abfbd 100644 --- a/apisix/admin/plugin_metadata.lua +++ b/apisix/admin/plugin_metadata.lua @@ -14,12 +14,10 @@ -- See the License for the specific language governing permissions and -- limitations under the License. -- -local error = error local pcall = pcall local require = require local core = require("apisix.core") local utils = require("apisix.admin.utils") -local api_router = require("apisix.api_router") local injected_mark = "injected metadata_schema" local _M = { @@ -61,14 +59,6 @@ local function check_conf(plugin_name, conf) end local schema = plugin_object.metadata_schema - -- inject interceptors schema to each plugins - if schema.properties.interceptors - and api_router.interceptors_schema['$comment'] ~= schema.properties.interceptors['$comment'] - then - error("'interceptors' can not be used as the name of metadata schema's field") - end - schema.properties.interceptors = api_router.interceptors_schema - core.log.info("schema: ", core.json.delay_encode(schema)) core.log.info("conf: ", core.json.delay_encode(conf)) diff --git a/apisix/api_router.lua b/apisix/api_router.lua index 9f63acd27fcf6..099670150b03a 100644 --- a/apisix/api_router.lua +++ b/apisix/api_router.lua @@ -16,9 +16,7 @@ -- local require = require local router = require("apisix.utils.router") -local apisix_router = require("apisix.router") local plugin_mod = require("apisix.plugin") -local ip_restriction = require("apisix.plugins.ip-restriction") local core = require("apisix.core") local ipairs = ipairs local type = type @@ -27,50 +25,6 @@ local type = type local _M = {} local match_opts = {} local has_route_not_under_apisix -local interceptors = { - ["ip-restriction"] = { - run = function (conf, ctx) - return ip_restriction.access(conf, ctx) - end, - schema = ip_restriction.schema, - } -} - - -_M.interceptors_schema = { - ["$comment"] = "this is the mark for our interceptors schema", - type = "array", - items = { - type = "object", - minItems = 1, - properties = { - name = { - type = "string", - enum = {}, - }, - conf = { - type = "object", - } - }, - required = {"name", "conf"}, - dependencies = { - name = { - oneOf = {} - } - } - } -} -for name, attrs in pairs(interceptors) do - core.table.insert(_M.interceptors_schema.items.properties.name.enum, name) - core.table.insert(_M.interceptors_schema.items.dependencies.name.oneOf, { - properties = { - name = { - enum = {name}, - }, - conf = attrs.schema, - } - }) -end local fetch_api_router @@ -84,7 +38,6 @@ function fetch_api_router() for _, plugin in ipairs(plugin_mod.plugins) do local api_fun = plugin.api if api_fun then - local name = plugin.name local api_routes = api_fun() core.log.debug("fetched api routes: ", core.json.delay_encode(api_routes, true)) @@ -108,30 +61,8 @@ function fetch_api_router() core.table.insert(routes, { methods = route.methods, paths = route.uri, - handler = function (api_ctx, skip_global_rule) - local code, body - - local metadata = plugin_mod.plugin_metadata(name) - if metadata and metadata.value.interceptors then - for _, rule in ipairs(metadata.value.interceptors) do - local f = interceptors[rule.name] - if f == nil then - core.log.error("unknown interceptor: ", rule.name) - else - code, body = f.run(rule.conf, api_ctx) - if code or body then - return core.response.exit(code, body) - end - end - end - end - - if not skip_global_rule then - plugin_mod.run_global_rules(api_ctx, - apisix_router.global_rules, nil) - end - - code, body = route.handler(api_ctx) + handler = function (api_ctx) + local code, body = route.handler(api_ctx) if code or body then core.response.exit(code, body) end @@ -156,7 +87,7 @@ function _M.has_route_not_under_apisix() end -function _M.match(api_ctx, skip_global_rule) +function _M.match(api_ctx) local api_router = core.lrucache.global("api_router", plugin_mod.load_times, fetch_api_router) if not api_router then core.log.error("failed to fetch valid api router") @@ -166,7 +97,7 @@ function _M.match(api_ctx, skip_global_rule) core.table.clear(match_opts) match_opts.method = api_ctx.var.request_method - local ok = api_router:dispatch(api_ctx.var.uri, match_opts, api_ctx, skip_global_rule) + local ok = api_router:dispatch(api_ctx.var.uri, match_opts, api_ctx) return ok end diff --git a/apisix/init.lua b/apisix/init.lua index e603a40d09030..15e4ed7182229 100644 --- a/apisix/init.lua +++ b/apisix/init.lua @@ -377,18 +377,6 @@ function _M.http_access_phase() local route = api_ctx.matched_route if not route then - -- whether the public API run global rules is - -- controlled by the configuration file - if router.api.has_route_not_under_apisix() or - core.string.has_prefix(uri, "/apisix/") - then - local skip = local_conf and local_conf.apisix.global_rule_skip_internal_api - local matched = router.api.match(api_ctx, skip) - if matched then - return - end - end - -- run global rule when there is no matching route plugin.run_global_rules(api_ctx, router.global_rules, nil) diff --git a/apisix/plugins/public-api.lua b/apisix/plugins/public-api.lua index 5adf16f580b49..ad3f9dc0bfd22 100644 --- a/apisix/plugins/public-api.lua +++ b/apisix/plugins/public-api.lua @@ -40,14 +40,11 @@ end function _M.access(conf, ctx) - local local_conf = core.config.local_conf() - -- overwrite the uri in the ctx when the user has set the target uri ctx.var.uri = conf.uri or ctx.var.uri - local skip = local_conf and local_conf.apisix.global_rule_skip_internal_api -- perform route matching - if router.api.match(ctx, skip) then + if router.api.match(ctx) then return end diff --git a/t/admin/plugin-metadata.t b/t/admin/plugin-metadata.t index 4a92f8a60025e..5dccf2c0cd2dc 100644 --- a/t/admin/plugin-metadata.t +++ b/t/admin/plugin-metadata.t @@ -295,203 +295,7 @@ qr/\{"error_msg":"invalid configuration: property \\"ikey\\" is required"\}/ -=== TEST 9: set plugin interceptors ---- config - location /t { - content_by_lua_block { - local t = require("lib.test_admin").test - local code, body = t('/apisix/admin/plugin_metadata/prometheus', - ngx.HTTP_PUT, - [[{ - "interceptors": [ - { - "name": "ip-restriction", - "conf": { - "whitelist": ["192.168.1.0/24"] - } - } - ] - }]] - ) - - if code >= 300 then - ngx.status = code - end - ngx.say(body) - } - } ---- request -GET /t ---- response_body -passed ---- no_error_log -[error] - - - -=== TEST 10: hit prometheus route ---- config - location /t { - content_by_lua_block { - ngx.sleep(1) -- wait for data synced - local t = require("lib.test_admin").test - local code, body = t('/apisix/prometheus/metrics', - ngx.HTTP_GET) - - if code >= 300 then - ngx.status = code - end - ngx.say(body) - } - } ---- request -GET /t ---- error_code: 403 - - - -=== TEST 11: set plugin interceptors (allow ip access) ---- config - location /t { - content_by_lua_block { - local t = require("lib.test_admin").test - local code, body = t('/apisix/admin/plugin_metadata/prometheus', - ngx.HTTP_PUT, - [[{ - "interceptors": [ - { - "name": "ip-restriction", - "conf": { - "whitelist": ["127.0.0.1"] - } - } - ] - }]] - ) - - if code >= 300 then - ngx.status = code - end - ngx.say(body) - } - } ---- request -GET /t ---- response_body -passed ---- no_error_log -[error] - - - -=== TEST 12: hit prometheus route again ---- request -GET /apisix/prometheus/metrics ---- error_code: 200 - - - -=== TEST 13: invalid interceptors configure (unknown interceptor) ---- config - location /t { - content_by_lua_block { - local t = require("lib.test_admin").test - local code, body = t('/apisix/admin/plugin_metadata/prometheus', - ngx.HTTP_PUT, - [[{ - "interceptors": [ - { - "name": "unknown", - "conf": { - "whitelist": ["127.0.0.1"] - } - } - ] - }]] - ) - - if code >= 300 then - ngx.status = code - end - ngx.say(body) - } - } ---- request -GET /t ---- response_body eval -qr/\{"error_msg":"invalid configuration: property \\"interceptors\\" validation failed: failed to validate item 1: property \\"name\\" validation failed: matches none of the enum values"\}/ ---- error_code: 400 ---- no_error_log -[error] - - - -=== TEST 14: invalid interceptors configure (missing conf) ---- config - location /t { - content_by_lua_block { - local t = require("lib.test_admin").test - local code, body = t('/apisix/admin/plugin_metadata/prometheus', - ngx.HTTP_PUT, - [[{ - "interceptors": [ - { - "name": "ip-restriction" - } - ] - }]] - ) - - if code >= 300 then - ngx.status = code - end - ngx.say(body) - } - } ---- request -GET /t ---- error_code: 400 ---- response_body eval -qr/\{"error_msg":"invalid configuration: property \\"interceptors\\" validation failed: failed to validate item 1: property \\"conf\\" is required"\}/ ---- no_error_log -[error] - - - -=== TEST 15: invalid interceptors configure (invalid interceptor configure) ---- config - location /t { - content_by_lua_block { - local t = require("lib.test_admin").test - local code, body = t('/apisix/admin/plugin_metadata/prometheus', - ngx.HTTP_PUT, - [[{ - "interceptors": [ - { - "name": "ip-restriction", - "conf": {"aa": "b"} - } - ] - }]] - ) - - if code >= 300 then - ngx.status = code - end - ngx.say(body) - } - } ---- request -GET /t ---- error_code: 400 ---- response_body eval -qr/\{"error_msg":"invalid configuration: property \\"interceptors\\" validation failed: failed to validate item 1: failed to validate dependent schema for \\"name\\": value should match only one schema, but matches none"\}/ ---- no_error_log -[error] - - - -=== TEST 16: not unwanted data, PUT +=== TEST 9: not unwanted data, PUT --- config location /t { content_by_lua_block { @@ -526,7 +330,7 @@ GET /t -=== TEST 17: not unwanted data, GET +=== TEST 10: not unwanted data, GET --- config location /t { content_by_lua_block { @@ -558,7 +362,7 @@ GET /t -=== TEST 18: not unwanted data, DELETE +=== TEST 11: not unwanted data, DELETE --- config location /t { content_by_lua_block { diff --git a/t/admin/plugins-reload.t b/t/admin/plugins-reload.t index 1e15611c6a176..e4841f1bf8083 100644 --- a/t/admin/plugins-reload.t +++ b/t/admin/plugins-reload.t @@ -209,6 +209,7 @@ apisix: node_listen: 1984 admin_key: null plugins: + - public-api - prometheus plugin_attr: prometheus: @@ -219,6 +220,19 @@ location /t { local core = require "apisix.core" ngx.sleep(0.1) local t = require("lib.test_admin").test + + -- setup public API route + local code, body = t('/apisix/admin/routes/1', + ngx.HTTP_PUT, + [[{ + "plugins": { + "public-api": {} + }, + "uri": "/apisix/metrics" + }]] + ) + ngx.say(code) + local code, _, org_body = t('/apisix/metrics', ngx.HTTP_GET) ngx.say(code) @@ -228,6 +242,7 @@ apisix: node_listen: 1984 admin_key: null plugins: + - public-api - prometheus plugin_attr: prometheus: @@ -249,6 +264,7 @@ plugin_attr: --- request GET /t --- response_body +201 404 done 200 diff --git a/t/chaos/delayetcd/delayetcd.go b/t/chaos/delayetcd/delayetcd.go index 69f1af4317b01..a8245e6a4099a 100644 --- a/t/chaos/delayetcd/delayetcd.go +++ b/t/chaos/delayetcd/delayetcd.go @@ -115,6 +115,10 @@ var _ = ginkgo.Describe("Test APISIX Delay When Add ETCD Delay", func() { apisixPod = &apisixPods[0] }) + ginkgo.It("setup prometheus metrics public API", func() { + utils.SetPrometheusMetricsPublicAPI(e) + }) + ginkgo.It("check if everything works", func() { utils.SetRoute(e, httpexpect.Status2xx) utils.GetRouteList(e, http.StatusOK) diff --git a/t/chaos/killetcd/killetcd.go b/t/chaos/killetcd/killetcd.go index 81612be0f51a9..bb75db8abcea5 100644 --- a/t/chaos/killetcd/killetcd.go +++ b/t/chaos/killetcd/killetcd.go @@ -81,6 +81,10 @@ var _ = ginkgo.Describe("Test Get Success When Etcd Got Killed", func() { stopChan := make(chan bool) + ginkgo.It("setup prometheus metrics public API", func() { + utils.SetPrometheusMetricsPublicAPI(e) + }) + ginkgo.It("check if everything works", func() { utils.SetRoute(e, httpexpect.Status2xx) utils.GetRouteList(e, http.StatusOK) diff --git a/t/chaos/utils/utils.go b/t/chaos/utils/utils.go index 4e64c9c582bce..e4db50b329b63 100644 --- a/t/chaos/utils/utils.go +++ b/t/chaos/utils/utils.go @@ -166,6 +166,27 @@ func DeleteRoute(e *httpexpect.Expect) *httpexpect.Response { }) } +func SetPrometheusMetricsPublicAPI(e *httpexpect.Expect) *httpexpect.Response { + return caseCheck(httpTestCase{ + E: e, + Method: http.MethodPut, + Path: "/apisix/admin/routes/metrics", + Headers: map[string]string{"X-API-KEY": token}, + Body: `{ + "uri": "/apisix/prometheus/metrics", + "plugins": { + "public-api": {} + }, + "upstream": { + "nodes": { + "httpbin.default.svc.cluster.local:8000": 1 + }, + "type": "roundrobin" + } + }`, + }) +} + func TestPrometheusEtcdMetric(e *httpexpect.Expect, expectEtcd int) *httpexpect.Response { return caseCheck(httpTestCase{ E: e, diff --git a/t/cli/test_admin.sh b/t/cli/test_admin.sh index 0ab1c6e5cc695..789a61fb89419 100755 --- a/t/cli/test_admin.sh +++ b/t/cli/test_admin.sh @@ -235,8 +235,9 @@ echo "pass: sync /apisix/plugins from etcd when disabling admin successfully" # ignore changes to /apisix/plugins/ due to init_etcd echo ' apisix: - enable_admin: false + enable_admin: true plugins: + - public-api - node-status nginx_config: error_log_level: info @@ -246,10 +247,26 @@ rm logs/error.log make init make run +# initialize node-status public API routes #1 +code=$(curl -v -k -i -m 20 -o /dev/null -s -w %{http_code} -X PUT http://127.0.0.1:9080/apisix/admin/routes/node-status \ + -H "X-API-KEY: edd1c9f034335f136f87ad84b625c8f1" \ + -d "{ + \"uri\": \"/apisix/status\", + \"plugins\": { + \"public-api\": {} + } + }") +if [ ! $code -eq 201 ]; then + echo "failed: initialize node status public API failed #1" + exit 1 +fi + +sleep 0.5 + # first time check node status api code=$(curl -v -k -i -m 20 -o /dev/null -s -w %{http_code} http://127.0.0.1:9080/apisix/status) if [ ! $code -eq 200 ]; then - echo "failed: first time check node status api failed" + echo "failed: first time check node status api failed #1" exit 1 fi @@ -257,10 +274,26 @@ fi make init sleep 1 +# initialize node-status public API routes #2 +code=$(curl -v -k -i -m 20 -o /dev/null -s -w %{http_code} -X PUT http://127.0.0.1:9080/apisix/admin/routes/node-status \ + -H "X-API-KEY: edd1c9f034335f136f87ad84b625c8f1" \ + -d "{ + \"uri\": \"/apisix/status\", + \"plugins\": { + \"public-api\": {} + } + }") +if [ ! $code -eq 200 ]; then + echo "failed: initialize node status public API failed #2" + exit 1 +fi + +sleep 0.5 + # second time check node status api code=$(curl -v -k -i -m 20 -o /dev/null -s -w %{http_code} http://127.0.0.1:9080/apisix/status) if [ ! $code -eq 200 ]; then - echo "failed: second time check node status api failed" + echo "failed: second time check node status api failed #1" exit 1 fi @@ -274,6 +307,7 @@ echo ' apisix: enable_admin: false plugins: + - public-api - node-status stream_plugins: ' > conf/config.yaml @@ -285,14 +319,15 @@ make run # first time check node status api code=$(curl -v -k -i -m 20 -o /dev/null -s -w %{http_code} http://127.0.0.1:9080/apisix/status) if [ ! $code -eq 200 ]; then - echo "failed: first time check node status api failed" + echo "failed: first time check node status api failed #2" exit 1 fi sleep 0.5 # check http plugins load list -if ! grep -E 'new plugins: {"node-status":true}' logs/error.log; then +if ! grep -E 'new plugins: {"public-api":true,"node-status":true}' logs/error.log; -o \ + ! grep -E 'new plugins: {"node-status":true,"public-api":true}' logs/error.log; then echo "failed: first time load http plugins list failed" exit 1 fi @@ -304,7 +339,7 @@ if ! grep -E 'failed to read stream plugin list from local file' logs/error.log; fi # mock another instance add /apisix/plugins -res=$(etcdctl put "/apisix/plugins" '[{"name":"node-status"},{"name":"example-plugin"},{"stream":true,"name":"mqtt-proxy"}]') +res=$(etcdctl put "/apisix/plugins" '[{"name":"node-status"},{"name":"example-plugin"},{"name":"public-api"},{"stream":true,"name":"mqtt-proxy"}]') if [[ $res != "OK" ]]; then echo "failed: failed to set /apisix/plugins to add more plugins" exit 1 @@ -315,12 +350,13 @@ sleep 0.5 # second time check node status api code=$(curl -v -k -i -m 20 -o /dev/null -s -w %{http_code} http://127.0.0.1:9080/apisix/status) if [ ! $code -eq 200 ]; then - echo "failed: second time check node status api failed" + echo "failed: second time check node status api failed #2" exit 1 fi # check http plugins load list -if ! grep -E 'new plugins: {"node-status":true}' logs/error.log; then +if ! grep -E 'new plugins: {"public-api":true,"node-status":true}' logs/error.log; -o \ + ! grep -E 'new plugins: {"node-status":true,"public-api":true}' logs/error.log; then echo "failed: second time load http plugins list failed" exit 1 fi diff --git a/t/cli/test_prometheus.sh b/t/cli/test_prometheus.sh index c06cd619f1f63..eb4ce0300193c 100755 --- a/t/cli/test_prometheus.sh +++ b/t/cli/test_prometheus.sh @@ -76,6 +76,22 @@ plugin_attr: IP=127.0.0.1 PORT=9092 make run +# initialize prometheus metrics public API route #1 +code=$(curl -v -k -i -m 20 -o /dev/null -s -w %{http_code} -X PUT http://127.0.0.1:9080/apisix/admin/routes/metrics1 \ + -H "X-API-KEY: edd1c9f034335f136f87ad84b625c8f1" \ + -d "{ + \"uri\": \"/prometheus/metrics\", + \"plugins\": { + \"public-api\": {} + } + }") +if [ ! $code -eq 201 ]; then + echo "failed: initialize prometheus metrics public API failed #1" + exit 1 +fi + +sleep 0.5 + code=$(curl -v -k -i -m 20 -o /dev/null -s http://127.0.0.1:9092/prometheus/metrics || echo 'ouch') if [ "$code" != "ouch" ]; then echo "failed: should listen at previous prometheus address" @@ -135,6 +151,22 @@ plugin_attr: IP=127.0.0.1 PORT=9092 make run +# initialize prometheus metrics public API route #2 +code=$(curl -v -k -i -m 20 -o /dev/null -s -w %{http_code} -X PUT http://127.0.0.1:9080/apisix/admin/routes/metrics2 \ + -H "X-API-KEY: edd1c9f034335f136f87ad84b625c8f1" \ + -d "{ + \"uri\": \"/apisix/prometheus/metrics\", + \"plugins\": { + \"public-api\": {} + } + }") +if [ ! $code -eq 201 ]; then + echo "failed: initialize prometheus metrics public API failed #2" + exit 1 +fi + +sleep 0.5 + if ! curl -s http://127.0.0.1:9092/apisix/prometheus/metrics | grep "apisix_ci_prefix_" | wc -l; then echo "failed: should use custom metric prefix" exit 1 diff --git a/t/config-center-yaml/consumer.t b/t/config-center-yaml/consumer.t index 0e7ae502f0f47..62cfb321d7350 100644 --- a/t/config-center-yaml/consumer.t +++ b/t/config-center-yaml/consumer.t @@ -71,6 +71,10 @@ property "username" validation failed === TEST 2: validate the plugin under consumer --- apisix_yaml +routes: + - uri: /apisix/plugin/jwt/sign + plugins: + public-api: {} consumers: - username: jwt plugins: @@ -87,6 +91,10 @@ plugin jwt-auth err: property "key" is required === TEST 3: provide default value for the plugin --- apisix_yaml +routes: + - uri: /apisix/plugin/jwt/sign + plugins: + public-api: {} consumers: - username: jwt plugins: diff --git a/t/config-center-yaml/global-rule.t b/t/config-center-yaml/global-rule.t index 2621a697242c8..660ace6899518 100644 --- a/t/config-center-yaml/global-rule.t +++ b/t/config-center-yaml/global-rule.t @@ -117,6 +117,11 @@ global_rules: === TEST 4: common phase without matched route --- apisix_yaml +routes: + - + uri: /apisix/prometheus/metrics + plugins: + public-api: {} global_rules: - id: 1 diff --git a/t/config-center-yaml/plugin.t b/t/config-center-yaml/plugin.t index 288782be4c240..e3d13b97d86c3 100644 --- a/t/config-center-yaml/plugin.t +++ b/t/config-center-yaml/plugin.t @@ -153,7 +153,12 @@ GET /apisix/prometheus/metrics === TEST 4: enable plugin and its router --- apisix_yaml +routes: + - uri: /apisix/prometheus/metrics + plugins: + public-api: {} plugins: + - name: public-api - name: prometheus --- request GET /apisix/prometheus/metrics diff --git a/t/node/global-rule.t b/t/node/global-rule.t index 9947e53a1ce01..a2055b22a6108 100644 --- a/t/node/global-rule.t +++ b/t/node/global-rule.t @@ -120,61 +120,20 @@ GET /hello -=== TEST 6: skip global rule for internal api (not limited) +=== TEST 6: global rule for internal api (should limit) --- yaml_config plugins: - limit-count - node-status --- request GET /apisix/status ---- error_code: 200 ---- no_error_log -[error] - - - -=== TEST 7: skip global rule for internal api - 2 (not limited) ---- yaml_config -plugins: - - limit-count - - node-status ---- request -GET /apisix/status ---- error_code: 200 ---- no_error_log -[error] - - - -=== TEST 8: skip global rule for internal api - 3 (not limited) ---- yaml_config -plugins: - - limit-count - - node-status ---- request -GET /apisix/status ---- error_code: 200 ---- no_error_log -[error] - - - -=== TEST 9: doesn't skip global rule for internal api (should limit) ---- yaml_config -apisix: - global_rule_skip_internal_api: false -plugins: - - limit-count - - node-status ---- request -GET /apisix/status --- error_code: 503 --- no_error_log [error] -=== TEST 10: update global rule +=== TEST 7: update global rule --- config location /t { content_by_lua_block { @@ -210,7 +169,7 @@ passed -=== TEST 11: set one more global rule +=== TEST 8: set one more global rule --- config location /t { content_by_lua_block { @@ -243,7 +202,7 @@ passed -=== TEST 12: hit global rules +=== TEST 9: hit global rules --- request GET /hello?name=;union%20select%20 --- error_code: 403 @@ -255,10 +214,8 @@ X-TEST: test -=== TEST 13: hit global rules by internal api +=== TEST 10: hit global rules by internal api (only check uri-blocker) --- yaml_config -apisix: - global_rule_skip_internal_api: false plugins: - response-rewrite - uri-blocker @@ -274,7 +231,7 @@ X-TEST: test -=== TEST 14: delete global rules +=== TEST 11: delete global rules --- config location /t { content_by_lua_block { @@ -309,7 +266,7 @@ passed -=== TEST 15: empty global rule +=== TEST 12: empty global rule --- config location /t { content_by_lua_block { @@ -362,7 +319,7 @@ passed -=== TEST 16: hit global rules +=== TEST 13: hit global rules --- request GET /hello --- response_body @@ -372,7 +329,7 @@ changed -=== TEST 17: global rule works with the consumer, after deleting the global rule, ensure no stale plugins remaining +=== TEST 14: global rule works with the consumer, after deleting the global rule, ensure no stale plugins remaining --- config location /t { content_by_lua_block { diff --git a/t/plugin/batch-requests.t b/t/plugin/batch-requests.t index 8df3aa9499bbd..fbaaea43bef62 100644 --- a/t/plugin/batch-requests.t +++ b/t/plugin/batch-requests.t @@ -26,17 +26,50 @@ add_block_preprocessor(sub { my $extra_yaml_config = <<_EOC_; plugins: + - public-api - batch-requests _EOC_ $block->set_value("extra_yaml_config", $extra_yaml_config); + + if ((!defined $block->error_log) && (!defined $block->no_error_log)) { + $block->set_value("no_error_log", "[error]"); + } }); run_tests; __DATA__ -=== TEST 1: sanity +=== TEST 1: pre-create public API route +--- config + location /t { + content_by_lua_block { + local t = require("lib.test_admin").test + local code, body = t('/apisix/admin/routes/1', + ngx.HTTP_PUT, + [[{ + "plugins": { + "public-api": {} + }, + "uri": "/apisix/batch-requests" + }]] + ) + + if code >= 300 then + ngx.status = code + end + ngx.say(body) + } + } +--- request +GET /t +--- response_body +passed + + + +=== TEST 2: sanity --- config location = /aggregate { content_by_lua_block { @@ -161,12 +194,10 @@ __DATA__ GET /aggregate --- response_body passed ---- no_error_log -[error] -=== TEST 2: missing pipeline +=== TEST 3: missing pipeline --- config location = /aggregate { content_by_lua_block { @@ -200,12 +231,10 @@ GET /aggregate --- error_code: 400 --- response_body {"error_msg":"bad request body: object matches none of the required: [\"pipeline\"]"} ---- no_error_log -[error] -=== TEST 3: timeout is not number +=== TEST 4: timeout is not number --- config location = /aggregate { content_by_lua_block { @@ -240,12 +269,10 @@ GET /aggregate --- error_code: 400 --- response_body {"error_msg":"bad request body: property \"timeout\" validation failed: wrong type: expected integer, got string"} ---- no_error_log -[error] -=== TEST 4: different response time +=== TEST 5: different response time --- config location = /aggregate { content_by_lua_block { @@ -309,12 +336,10 @@ GET /aggregate GET /aggregate --- response_body passed ---- no_error_log -[error] -=== TEST 5: last request timeout +=== TEST 6: last request timeout --- config location = /aggregate { content_by_lua_block { @@ -382,7 +407,7 @@ timeout -=== TEST 6: first request timeout +=== TEST 7: first request timeout --- config location = /aggregate { content_by_lua_block { @@ -444,7 +469,7 @@ timeout -=== TEST 7: no body in request +=== TEST 8: no body in request --- config location = /aggregate { content_by_lua_block { @@ -465,12 +490,10 @@ GET /aggregate --- error_code: 400 --- response_body {"error_msg":"no request body, you should give at least one pipeline setting"} ---- no_error_log -[error] -=== TEST 8: invalid body +=== TEST 9: invalid body --- config location = /aggregate { content_by_lua_block { @@ -490,12 +513,10 @@ GET /aggregate --- error_code: 400 --- response_body {"error_msg":"invalid request body: invalid json string, err: Expected value but found invalid token at character 1"} ---- no_error_log -[error] -=== TEST 9: invalid pipeline's path +=== TEST 10: invalid pipeline's path --- config location = /aggregate { content_by_lua_block { @@ -520,12 +541,10 @@ GET /aggregate --- error_code: 400 --- response_body {"error_msg":"bad request body: property \"pipeline\" validation failed: failed to validate item 1: property \"path\" validation failed: string too short, expected at least 1, got 0"} ---- no_error_log -[error] -=== TEST 10: invalid pipeline's method +=== TEST 11: invalid pipeline's method --- config location = /aggregate { content_by_lua_block { @@ -550,12 +569,10 @@ GET /aggregate --- error_code: 400 --- response_body {"error_msg":"bad request body: property \"pipeline\" validation failed: failed to validate item 1: property \"method\" validation failed: matches none of the enum values"} ---- no_error_log -[error] -=== TEST 11: invalid pipeline's version +=== TEST 12: invalid pipeline's version --- config location = /aggregate { content_by_lua_block { @@ -580,12 +597,10 @@ GET /aggregate --- error_code: 400 --- response_body {"error_msg":"bad request body: property \"pipeline\" validation failed: failed to validate item 1: property \"version\" validation failed: matches none of the enum values"} ---- no_error_log -[error] -=== TEST 12: invalid pipeline's ssl +=== TEST 13: invalid pipeline's ssl --- config location = /aggregate { content_by_lua_block { @@ -610,12 +625,10 @@ GET /aggregate --- error_code: 400 --- response_body {"error_msg":"bad request body: property \"pipeline\" validation failed: failed to validate item 1: property \"ssl_verify\" validation failed: wrong type: expected boolean, got number"} ---- no_error_log -[error] -=== TEST 13: invalid pipeline's number +=== TEST 14: invalid pipeline's number --- config location = /aggregate { content_by_lua_block { @@ -636,12 +649,10 @@ GET /aggregate --- error_code: 400 --- response_body {"error_msg":"bad request body: property \"pipeline\" validation failed: expect array to have at least 1 items"} ---- no_error_log -[error] -=== TEST 14: when client body has been wrote to temp file +=== TEST 15: when client body has been wrote to temp file --- config client_body_in_file_only on; location = /aggregate { @@ -703,12 +714,10 @@ GET /aggregate GET /aggregate --- response_body passed ---- no_error_log -[error] -=== TEST 15: copy all header to every request except content +=== TEST 16: copy all header to every request except content --- config client_body_in_file_only on; location = /aggregate { @@ -791,12 +800,10 @@ passed GET /aggregate --- response_body passed ---- no_error_log -[error] -=== TEST 16: exceed default body limit size (check header) +=== TEST 17: exceed default body limit size (check header) --- config location = /t { content_by_lua_block { @@ -817,12 +824,10 @@ GET /t --- error_code: 413 --- response_body eval qr/\{"error_msg":"request size 4194304 is greater than the maximum size 1048576 allowed"\}/ ---- no_error_log -[error] -=== TEST 17: exceed default body limit size (check file size) +=== TEST 18: exceed default body limit size (check file size) --- request eval "POST /apisix/batch-requests " . ("1000\r @@ -835,14 +840,12 @@ Transfer-Encoding: chunked --- error_code: 413 --- response_body eval qr/\{"error_msg":"request size 1052672 is greater than the maximum size 1048576 allowed"\}/ ---- no_error_log -[error] --- error_log attempt to read body from file -=== TEST 18: add plugin metadata +=== TEST 19: add plugin metadata --- config location /t { content_by_lua_block { @@ -864,12 +867,10 @@ attempt to read body from file GET /t --- response_body passed ---- no_error_log -[error] -=== TEST 19: exceed body limit size +=== TEST 20: exceed body limit size --- config location = /t { content_by_lua_block { @@ -890,12 +891,10 @@ GET /t --- error_code: 413 --- response_body eval qr/\{"error_msg":"request size 4096 is greater than the maximum size 2048 allowed"\}/ ---- no_error_log -[error] -=== TEST 20: exceed body limit size (expected) +=== TEST 21: exceed body limit size (expected) --- config location = /t { content_by_lua_block { @@ -918,12 +917,10 @@ GET /t --- error_code: 413 --- response_body eval qr/\{"error_msg":"request size 4096 is greater than the maximum size 2048 allowed"\}/ ---- no_error_log -[error] -=== TEST 21: don't exceed body limit size +=== TEST 22: don't exceed body limit size --- config location = /t { content_by_lua_block { @@ -976,12 +973,10 @@ qr/\{"error_msg":"request size 4096 is greater than the maximum size 2048 allowe GET /t --- response_body passed ---- no_error_log -[error] -=== TEST 22: invalid body size +=== TEST 23: invalid body size --- config location /t { content_by_lua_block { @@ -1004,12 +999,10 @@ GET /t --- error_code: 400 --- response_body eval qr/\{"error_msg":"invalid configuration: property \\"max_body_size\\" validation failed: expected 0 to be greater than 0"\}/ ---- no_error_log -[error] -=== TEST 23: keep environment clean +=== TEST 24: keep environment clean --- config location /t { content_by_lua_block { @@ -1030,5 +1023,3 @@ qr/\{"error_msg":"invalid configuration: property \\"max_body_size\\" validation GET /t --- response_body passed ---- no_error_log -[error] diff --git a/t/plugin/batch-requests2.t b/t/plugin/batch-requests2.t index ba578c47c9a4b..fe3308842ed88 100644 --- a/t/plugin/batch-requests2.t +++ b/t/plugin/batch-requests2.t @@ -33,6 +33,7 @@ add_block_preprocessor(sub { my $extra_yaml_config = <<_EOC_; plugins: + - public-api - batch-requests _EOC_ @@ -43,7 +44,35 @@ run_tests; __DATA__ -=== TEST 1: customize uri, not found +=== TEST 1: pre-create public API route +--- config + location /t { + content_by_lua_block { + local t = require("lib.test_admin").test + local code, body = t('/apisix/admin/routes/1', + ngx.HTTP_PUT, + [[{ + "plugins": { + "public-api": {} + }, + "uri": "/apisix/batch-requests" + }]] + ) + + if code >= 300 then + ngx.status = code + end + ngx.say(body) + } + } +--- request +GET /t +--- response_body +passed + + + +=== TEST 2: customize uri, not found --- yaml_config plugin_attr: batch-requests: @@ -85,7 +114,35 @@ plugin_attr: -=== TEST 2: customize uri, found +=== TEST 3: create public API route for custom uri +--- config + location /t { + content_by_lua_block { + local t = require("lib.test_admin").test + local code, body = t('/apisix/admin/routes/2', + ngx.HTTP_PUT, + [[{ + "plugins": { + "public-api": {} + }, + "uri": "/foo/bar" + }]] + ) + + if code >= 300 then + ngx.status = code + end + ngx.say(body) + } + } +--- request +GET /t +--- response_body +passed + + + +=== TEST 4: customize uri, found --- yaml_config plugin_attr: batch-requests: @@ -149,7 +206,7 @@ plugin_attr: -=== TEST 3: customize uri, missing plugin, use default +=== TEST 5: customize uri, missing plugin, use default --- yaml_config plugin_attr: x: @@ -188,7 +245,7 @@ plugin_attr: -=== TEST 4: customize uri, missing attr, use default +=== TEST 6: customize uri, missing attr, use default --- yaml_config plugin_attr: batch-requests: diff --git a/t/plugin/jwt-auth-vault.t b/t/plugin/jwt-auth-vault.t index cd98c4d865d8d..8220663510caf 100644 --- a/t/plugin/jwt-auth-vault.t +++ b/t/plugin/jwt-auth-vault.t @@ -157,7 +157,35 @@ passed -=== TEST 4: sign a jwt and access/verify /secure-endpoint, fails as no secret entry into vault +=== TEST 4: create public API route (jwt-auth sign) +--- config + location /t { + content_by_lua_block { + local t = require("lib.test_admin").test + local code, body = t('/apisix/admin/routes/2', + ngx.HTTP_PUT, + [[{ + "plugins": { + "public-api": {} + }, + "uri": "/apisix/plugin/jwt/sign" + }]] + ) + + if code >= 300 then + ngx.status = code + end + ngx.say(body) + } + } +--- request +GET /t +--- response_body +passed + + + +=== TEST 5: sign a jwt and access/verify /secure-endpoint, fails as no secret entry into vault --- config location /t { content_by_lua_block { @@ -191,7 +219,7 @@ failed to sign jwt, err: secret could not found in vault -=== TEST 5: store HS256 secret into vault +=== TEST 6: store HS256 secret into vault --- exec VAULT_TOKEN='root' VAULT_ADDR='http://0.0.0.0:8200' vault kv put kv/apisix/consumer/jack/jwt-auth secret=$3nsitiv3-c8d3 --- response_body @@ -199,7 +227,7 @@ Success! Data written to: kv/apisix/consumer/jack/jwt-auth -=== TEST 6: sign a HS256 jwt and access/verify /secure-endpoint +=== TEST 7: sign a HS256 jwt and access/verify /secure-endpoint --- config location /t { content_by_lua_block { @@ -228,7 +256,7 @@ successfully invoked secure endpoint -=== TEST 7: store rsa key pairs into vault from local filesystem +=== TEST 8: store rsa key pairs into vault from local filesystem --- exec VAULT_TOKEN='root' VAULT_ADDR='http://0.0.0.0:8200' vault kv put kv/apisix/consumer/jim/jwt-auth public_key=@t/certs/public.pem private_key=@t/certs/private.pem --- response_body @@ -236,7 +264,7 @@ Success! Data written to: kv/apisix/consumer/jim/jwt-auth -=== TEST 8: create consumer for RS256 algorithm with key pair fetched from vault +=== TEST 9: create consumer for RS256 algorithm with key pair fetched from vault --- config location /t { content_by_lua_block { @@ -266,7 +294,7 @@ passed -=== TEST 9: sign a jwt with with rsa key pair and access /secure-endpoint +=== TEST 10: sign a jwt with with rsa key pair and access /secure-endpoint --- config location /t { content_by_lua_block { @@ -295,7 +323,7 @@ successfully invoked secure endpoint -=== TEST 10: store rsa private key into vault from local filesystem +=== TEST 11: store rsa private key into vault from local filesystem --- exec VAULT_TOKEN='root' VAULT_ADDR='http://0.0.0.0:8200' vault kv put kv/apisix/consumer/john/jwt-auth private_key=@t/certs/private.pem --- response_body @@ -303,7 +331,7 @@ Success! Data written to: kv/apisix/consumer/john/jwt-auth -=== TEST 11: create consumer for RS256 algorithm with private key fetched from vault and public key in consumer schema +=== TEST 12: create consumer for RS256 algorithm with private key fetched from vault and public key in consumer schema --- config location /t { content_by_lua_block { @@ -334,7 +362,7 @@ passed -=== TEST 12: sign a jwt with with rsa key pair and access /secure-endpoint +=== TEST 13: sign a jwt with with rsa key pair and access /secure-endpoint --- config location /t { content_by_lua_block { diff --git a/t/plugin/jwt-auth.t b/t/plugin/jwt-auth.t index fd3359a5529fa..25ba22800c173 100644 --- a/t/plugin/jwt-auth.t +++ b/t/plugin/jwt-auth.t @@ -20,6 +20,19 @@ repeat_each(2); no_long_string(); no_root_location(); no_shuffle(); + +add_block_preprocessor(sub { + my ($block) = @_; + + if ((!defined $block->error_log) && (!defined $block->no_error_log)) { + $block->set_value("no_error_log", "[error]"); + } + + if (!defined $block->request) { + $block->set_value("request", "GET /t"); + } +}); + run_tests; __DATA__ @@ -40,12 +53,8 @@ __DATA__ ngx.say(require("toolkit.json").encode(conf)) } } ---- request -GET /t --- response_body_like eval qr/{"algorithm":"HS256","base64_secret":false,"exp":86400,"key":"123","secret":"[a-zA-Z0-9+\\\/]+={0,2}"}/ ---- no_error_log -[error] @@ -63,13 +72,9 @@ qr/{"algorithm":"HS256","base64_secret":false,"exp":86400,"key":"123","secret":" ngx.say("done") } } ---- request -GET /t --- response_body property "key" validation failed: wrong type: expected string, got number done ---- no_error_log -[error] @@ -109,12 +114,8 @@ done ngx.say(body) } } ---- request -GET /t --- response_body passed ---- no_error_log -[error] @@ -145,16 +146,38 @@ passed ngx.say(body) } } ---- request -GET /t --- response_body passed ---- no_error_log -[error] -=== TEST 5: sign / verify in argument +=== TEST 5: create public API route (jwt-auth sign) +--- config + location /t { + content_by_lua_block { + local t = require("lib.test_admin").test + local code, body = t('/apisix/admin/routes/2', + ngx.HTTP_PUT, + [[{ + "plugins": { + "public-api": {} + }, + "uri": "/apisix/plugin/jwt/sign" + }]] + ) + + if code >= 300 then + ngx.status = code + end + ngx.say(body) + } + } +--- response_body +passed + + + +=== TEST 6: sign / verify in argument --- config location /t { content_by_lua_block { @@ -177,104 +200,86 @@ passed ngx.print(res) } } ---- request -GET /t --- response_body hello world ---- no_error_log -[error] -=== TEST 6: test for unsupported method +=== TEST 7: test for unsupported method --- request PATCH /apisix/plugin/jwt/sign?key=user-key --- error_code: 404 -=== TEST 7: verify, missing token +=== TEST 8: verify, missing token --- request GET /hello --- error_code: 401 --- response_body {"message":"Missing JWT token in request"} ---- no_error_log -[error] -=== TEST 8: verify: invalid JWT token +=== TEST 9: verify: invalid JWT token --- request GET /hello?jwt=invalid-eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJrZXkiOiJ1c2VyLWtleSIsImV4cCI6MTU2Mzg3MDUwMX0.pPNVvh-TQsdDzorRwa-uuiLYiEBODscp9wv0cwD6c68 --- error_code: 401 --- response_body {"message":"invalid header: invalid-eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9"} ---- no_error_log -[error] -=== TEST 9: verify: expired JWT token +=== TEST 10: verify: expired JWT token --- request GET /hello?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJrZXkiOiJ1c2VyLWtleSIsImV4cCI6MTU2Mzg3MDUwMX0.pPNVvh-TQsdDzorRwa-uuiLYiEBODscp9wv0cwD6c68 --- error_code: 401 --- response_body {"message":"'exp' claim expired at Tue, 23 Jul 2019 08:28:21 GMT"} ---- no_error_log -[error] -=== TEST 10: verify (in header) +=== TEST 11: verify (in header) --- request GET /hello --- more_headers Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJrZXkiOiJ1c2VyLWtleSIsImV4cCI6MTg3OTMxODU0MX0.fNtFJnNmJgzbiYmGB0Yjvm-l6A6M4jRV1l4mnVFSYjs --- response_body hello world ---- no_error_log -[error] -=== TEST 11: verify (in cookie) +=== TEST 12: verify (in cookie) --- request GET /hello --- more_headers Cookie: jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJrZXkiOiJ1c2VyLWtleSIsImV4cCI6MTg3OTMxODU0MX0.fNtFJnNmJgzbiYmGB0Yjvm-l6A6M4jRV1l4mnVFSYjs --- response_body hello world ---- no_error_log -[error] -=== TEST 12: verify (in header without Bearer) +=== TEST 13: verify (in header without Bearer) --- request GET /hello --- more_headers Authorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJrZXkiOiJ1c2VyLWtleSIsImV4cCI6MTg3OTMxODU0MX0.fNtFJnNmJgzbiYmGB0Yjvm-l6A6M4jRV1l4mnVFSYjs --- response_body hello world ---- no_error_log -[error] -=== TEST 13: verify (header with bearer) +=== TEST 14: verify (header with bearer) --- request GET /hello --- more_headers Authorization: bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJrZXkiOiJ1c2VyLWtleSIsImV4cCI6MTg3OTMxODU0MX0.fNtFJnNmJgzbiYmGB0Yjvm-l6A6M4jRV1l4mnVFSYjs --- response_body hello world ---- no_error_log -[error] -=== TEST 14: verify (invalid bearer token) +=== TEST 15: verify (invalid bearer token) --- request GET /hello --- more_headers @@ -282,12 +287,10 @@ Authorization: bearer invalid-eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJrZXkiOiJ1c --- error_code: 401 --- response_body {"message":"invalid header: invalid-eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9"} ---- no_error_log -[error] -=== TEST 15: delete a exist consumer +=== TEST 16: delete a exist consumer --- config location /t { content_by_lua_block { @@ -332,19 +335,15 @@ Authorization: bearer invalid-eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJrZXkiOiJ1c ngx.say("code: ", code < 300, " body: ", body) } } ---- request -GET /t --- response_body code: true body: passed code: true body: passed code: true body: passed code: true body: passed ---- no_error_log -[error] -=== TEST 16: add consumer with username and plugins with base64 secret +=== TEST 17: add consumer with username and plugins with base64 secret --- config location /t { content_by_lua_block { @@ -381,16 +380,12 @@ code: true body: passed ngx.say(body) } } ---- request -GET /t --- response_body passed ---- no_error_log -[error] -=== TEST 17: enable jwt auth plugin with base64 secret +=== TEST 18: enable jwt auth plugin with base64 secret --- config location /t { content_by_lua_block { @@ -416,16 +411,12 @@ passed ngx.say(body) } } ---- request -GET /t --- response_body passed ---- no_error_log -[error] -=== TEST 18: sign / verify +=== TEST 19: sign / verify --- config location /t { content_by_lua_block { @@ -448,27 +439,21 @@ passed ngx.print(res) } } ---- request -GET /t --- response_body hello world ---- no_error_log -[error] -=== TEST 19: verify: invalid JWT token +=== TEST 20: verify: invalid JWT token --- request GET /hello?jwt=invalid-eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJrZXkiOiJ1c2VyLWtleSIsImV4cCI6MTU2Mzg3MDUwMX0.pPNVvh-TQsdDzorRwa-uuiLYiEBODscp9wv0cwD6c68 --- error_code: 401 --- response_body {"message":"invalid header: invalid-eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9"} ---- no_error_log -[error] -=== TEST 20: verify: invalid signature +=== TEST 21: verify: invalid signature --- request GET /hello --- more_headers @@ -476,24 +461,20 @@ Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJrZXkiOiJ1c2VyLWtle --- error_code: 401 --- response_body {"message":"signature mismatch: fNtFJnNmJgzbiYmGB0Yjvm-l6A6M4jRV1l4mnVFSYjs"} ---- no_error_log -[error] -=== TEST 21: verify: happy path +=== TEST 22: verify: happy path --- request GET /hello --- more_headers Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJrZXkiOiJ1c2VyLWtleSIsImV4cCI6MTg3OTMxODU0MX0._kNmXeH1uYVAvApFTONk2Z3Gh-a4XfGrjmqd_ahoOI0 --- response_body hello world ---- no_error_log -[error] -=== TEST 22: without key +=== TEST 23: without key --- config location /t { content_by_lua_block { @@ -508,16 +489,12 @@ hello world ngx.say("done") } } ---- request -GET /t --- response_body property "key" is required ---- no_error_log -[error] -=== TEST 23: get the schema by schema_type +=== TEST 24: get the schema by schema_type --- config location /t { content_by_lua_block { @@ -532,14 +509,10 @@ property "key" is required ngx.status = code } } ---- request -GET /t ---- no_error_log -[error] -=== TEST 24: get the schema by error schema_type +=== TEST 25: get the schema by error schema_type --- config location /t { content_by_lua_block { @@ -554,14 +527,10 @@ GET /t ngx.status = code } } ---- request -GET /t ---- no_error_log -[error] -=== TEST 25: get the schema by default schema_type +=== TEST 26: get the schema by default schema_type --- config location /t { content_by_lua_block { @@ -576,14 +545,10 @@ GET /t ngx.status = code } } ---- request -GET /t ---- no_error_log -[error] -=== TEST 26: add consumer with username and plugins with public_key, private_key(private_key numbits = 512) +=== TEST 27: add consumer with username and plugins with public_key, private_key(private_key numbits = 512) --- config location /t { content_by_lua_block { @@ -622,16 +587,12 @@ GET /t ngx.say(body) } } ---- request -GET /t --- response_body passed ---- no_error_log -[error] -=== TEST 27: JWT sign and verify use RS256 algorithm(private_key numbits = 512) +=== TEST 28: JWT sign and verify use RS256 algorithm(private_key numbits = 512) --- config location /t { content_by_lua_block { @@ -658,16 +619,12 @@ passed ngx.say(body) } } ---- request -GET /t --- response_body passed ---- no_error_log -[error] -=== TEST 28: sign/verify use RS256 algorithm(private_key numbits = 512) +=== TEST 29: sign/verify use RS256 algorithm(private_key numbits = 512) --- config location /t { content_by_lua_block { @@ -690,16 +647,12 @@ passed ngx.print(res) } } ---- request -GET /t --- response_body hello world ---- no_error_log -[error] -=== TEST 29: add consumer with username and plugins with public_key, private_key(private_key numbits = 1024) +=== TEST 30: add consumer with username and plugins with public_key, private_key(private_key numbits = 1024) --- config location /t { content_by_lua_block { @@ -741,16 +694,12 @@ hello world ngx.say(body) } } ---- request -GET /t --- response_body passed ---- no_error_log -[error] -=== TEST 30: JWT sign and verify use RS256 algorithm(private_key numbits = 1024) +=== TEST 31: JWT sign and verify use RS256 algorithm(private_key numbits = 1024) --- config location /t { content_by_lua_block { @@ -777,16 +726,12 @@ passed ngx.say(body) } } ---- request -GET /t --- response_body passed ---- no_error_log -[error] -=== TEST 31: sign/verify use RS256 algorithm(private_key numbits = 1024) +=== TEST 32: sign/verify use RS256 algorithm(private_key numbits = 1024) --- config location /t { content_by_lua_block { @@ -809,16 +754,12 @@ passed ngx.print(res) } } ---- request -GET /t --- response_body hello world ---- no_error_log -[error] -=== TEST 32: sign/verify use RS256 algorithm(private_key numbits = 1024,with extra payload) +=== TEST 33: sign/verify use RS256 algorithm(private_key numbits = 1024,with extra payload) --- config location /t { content_by_lua_block { @@ -841,16 +782,12 @@ hello world ngx.print(res) } } ---- request -GET /t --- response_body hello world ---- no_error_log -[error] -=== TEST 33: add consumer with username and plugins with public_key, private_key(private_key numbits = 2048) +=== TEST 34: add consumer with username and plugins with public_key, private_key(private_key numbits = 2048) --- config location /t { content_by_lua_block { @@ -892,16 +829,12 @@ hello world ngx.say(body) } } ---- request -GET /t --- response_body passed ---- no_error_log -[error] -=== TEST 34: JWT sign and verify use RS256 algorithm(private_key numbits = 2048) +=== TEST 35: JWT sign and verify use RS256 algorithm(private_key numbits = 2048) --- config location /t { content_by_lua_block { @@ -928,16 +861,12 @@ passed ngx.say(body) } } ---- request -GET /t --- response_body passed ---- no_error_log -[error] -=== TEST 35: sign/verify use RS256 algorithm(private_key numbits = 2048) +=== TEST 36: sign/verify use RS256 algorithm(private_key numbits = 2048) --- config location /t { content_by_lua_block { @@ -960,16 +889,12 @@ passed ngx.print(res) } } ---- request -GET /t --- response_body hello world ---- no_error_log -[error] -=== TEST 36: sign/verify use RS256 algorithm(private_key numbits = 2048,with extra payload) +=== TEST 37: sign/verify use RS256 algorithm(private_key numbits = 2048,with extra payload) --- config location /t { content_by_lua_block { @@ -992,16 +917,12 @@ hello world ngx.print(res) } } ---- request -GET /t --- response_body hello world ---- no_error_log -[error] -=== TEST 37: JWT sign with the public key when using the RS256 algorithm +=== TEST 38: JWT sign with the public key when using the RS256 algorithm --- config location /t { content_by_lua_block { @@ -1040,16 +961,12 @@ hello world ngx.say(body) } } ---- request -GET /t --- response_body passed ---- no_error_log -[error] -=== TEST 38: JWT sign and verify RS256 +=== TEST 39: JWT sign and verify RS256 --- config location /t { content_by_lua_block { @@ -1076,16 +993,12 @@ passed ngx.say(body) } } ---- request -GET /t --- response_body passed ---- no_error_log -[error] -=== TEST 39: sign failed +=== TEST 40: sign failed --- request GET /apisix/plugin/jwt/sign?key=user-key-rs256 --- error_code: 500 @@ -1094,7 +1007,7 @@ qr/failed to sign jwt/ -=== TEST 40: sanity(algorithm = HS512) +=== TEST 41: sanity(algorithm = HS512) --- config location /t { content_by_lua_block { @@ -1110,16 +1023,12 @@ qr/failed to sign jwt/ ngx.say(require("toolkit.json").encode(conf)) } } ---- request -GET /t --- response_body_like eval qr/{"algorithm":"HS512","base64_secret":false,"exp":86400,"key":"123","secret":"[a-zA-Z0-9+\\\/]+={0,2}"}/ ---- no_error_log -[error] -=== TEST 41: add consumer with username and plugins use HS512 algorithm +=== TEST 42: add consumer with username and plugins use HS512 algorithm --- config location /t { content_by_lua_block { @@ -1157,16 +1066,12 @@ qr/{"algorithm":"HS512","base64_secret":false,"exp":86400,"key":"123","secret":" ngx.say(body) } } ---- request -GET /t --- response_body passed ---- no_error_log -[error] -=== TEST 42: JWT sign and verify use HS512 algorithm +=== TEST 43: JWT sign and verify use HS512 algorithm --- config location /t { content_by_lua_block { @@ -1193,16 +1098,12 @@ passed ngx.say(body) } } ---- request -GET /t --- response_body passed ---- no_error_log -[error] -=== TEST 43: sign / verify (algorithm = HS512) +=== TEST 44: sign / verify (algorithm = HS512) --- config location /t { content_by_lua_block { @@ -1225,16 +1126,12 @@ passed ngx.print(res) } } ---- request -GET /t --- response_body hello world ---- no_error_log -[error] -=== TEST 44: sign / verify (algorithm = HS512,with extra payload) +=== TEST 45: sign / verify (algorithm = HS512,with extra payload) --- config location /t { content_by_lua_block { @@ -1257,16 +1154,12 @@ hello world ngx.print(res) } } ---- request -GET /t --- response_body hello world ---- no_error_log -[error] -=== TEST 45: test for unsupported algorithm +=== TEST 46: test for unsupported algorithm --- request PATCH /apisix/plugin/jwt/sign?key=user-key --- config @@ -1291,7 +1184,7 @@ qr/property "algorithm" validation failed/ -=== TEST 46: wrong format of secret +=== TEST 47: wrong format of secret --- config location /t { content_by_lua_block { @@ -1311,14 +1204,10 @@ qr/property "algorithm" validation failed/ } --- response_body base64_secret required but the secret is not in base64 format ---- no_error_log -[error] ---- request -GET /t -=== TEST 47: when the exp value is not set, make sure the default value(86400) works +=== TEST 48: when the exp value is not set, make sure the default value(86400) works --- config location /t { content_by_lua_block { @@ -1354,16 +1243,12 @@ GET /t ngx.say(require("toolkit.json").encode(res_data)) } } ---- request -GET /t --- response_body_like eval qr/"exp":86400/ ---- no_error_log -[error] -=== TEST 48: when the exp value is not set, sign jwt use the default value(86400) +=== TEST 49: when the exp value is not set, sign jwt use the default value(86400) --- config location /t { content_by_lua_block { @@ -1379,16 +1264,12 @@ qr/"exp":86400/ ngx.say(use_default_exp) } } ---- request -GET /t --- response_body true ---- no_error_log -[error] -=== TEST 49: RS256 without public key +=== TEST 50: RS256 without public key --- config location /t { content_by_lua_block { @@ -1409,17 +1290,13 @@ true ngx.say(body) } } ---- request -GET /t --- error_code: 400 --- response_body_like eval qr/failed to validate dependent schema for \\"algorithm\\"/ ---- no_error_log -[error] -=== TEST 50: RS256 without private key +=== TEST 51: RS256 without private key --- config location /t { content_by_lua_block { @@ -1441,10 +1318,6 @@ qr/failed to validate dependent schema for \\"algorithm\\"/ ngx.say(body) } } ---- request -GET /t --- error_code: 400 --- response_body_like eval qr/failed to validate dependent schema for \\"algorithm\\"/ ---- no_error_log -[error] diff --git a/t/plugin/node-status.t b/t/plugin/node-status.t index 4df3d3a7c53ed..bd19d7ddf74b7 100644 --- a/t/plugin/node-status.t +++ b/t/plugin/node-status.t @@ -21,11 +21,20 @@ add_block_preprocessor(sub { my $extra_yaml_config = <<_EOC_; plugins: + - public-api - node-status _EOC_ $block->set_value("extra_yaml_config", $extra_yaml_config); + if ((!defined $block->error_log) && (!defined $block->no_error_log)) { + $block->set_value("no_error_log", "[error]"); + } + + if (!defined $block->request) { + $block->set_value("request", "GET /t"); + } + $block; }); @@ -38,7 +47,33 @@ run_tests; __DATA__ -=== TEST 1: sanity +=== TEST 1: pre-create public API route +--- config + location /t { + content_by_lua_block { + local t = require("lib.test_admin").test + local code, body = t('/apisix/admin/routes/1', + ngx.HTTP_PUT, + [[{ + "plugins": { + "public-api": {} + }, + "uri": "/apisix/status" + }]] + ) + + if code >= 300 then + ngx.status = code + end + ngx.say(body) + } + } +--- response_body +passed + + + +=== TEST 2: sanity --- config location /t { content_by_lua_block { @@ -52,23 +87,19 @@ location /t { ngx.say(body_org) } } ---- request -GET /t --- response_body eval qr/"accepted":/ ---- no_error_log -[error] -=== TEST 2: test for unsupported method +=== TEST 3: test for unsupported method --- request PATCH /apisix/status --- error_code: 404 -=== TEST 3: test for use default uuid as apisix_uid +=== TEST 4: test for use default uuid as apisix_uid --- config location /t { content_by_lua_block { @@ -84,16 +115,12 @@ location /t { ngx.say(body_json.id) } } ---- request -GET /t --- response_body_like eval qr/[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}/ ---- no_error_log -[error] -=== TEST 4: test for allow user to specify a meaningful id as apisix_uid +=== TEST 5: test for allow user to specify a meaningful id as apisix_uid --- yaml_config apisix: id: "user-set-apisix-instance-id-A" @@ -111,9 +138,5 @@ location /t { ngx.say(body_org) } } ---- request -GET /t --- response_body eval qr/"id":"user-set-apisix-instance-id-A"/ ---- no_error_log -[error] diff --git a/t/plugin/prometheus.t b/t/plugin/prometheus.t index af88949ffddda..442d1b8b3f5b0 100644 --- a/t/plugin/prometheus.t +++ b/t/plugin/prometheus.t @@ -30,6 +30,19 @@ repeat_each(1); no_long_string(); no_shuffle(); no_root_location(); + +add_block_preprocessor(sub { + my ($block) = @_; + + if ((!defined $block->error_log) && (!defined $block->no_error_log)) { + $block->set_value("no_error_log", "[error]"); + } + + if (!defined $block->request) { + $block->set_value("request", "GET /t"); + } +}); + run_tests; __DATA__ @@ -47,48 +60,52 @@ __DATA__ ngx.say("done") } } ---- request -GET /t --- response_body done ---- no_error_log -[error] -=== TEST 2: set it in route +=== TEST 2: setup public API route and test route --- config location /t { content_by_lua_block { - local t = require("lib.test_admin").test - local code, body = t('/apisix/admin/routes/1', - ngx.HTTP_PUT, - [[{ - "plugins": { - "prometheus": {} - }, - "upstream": { - "nodes": { - "127.0.0.1:1980": 1 + local data = { + { + url = "/apisix/admin/routes/1", + data = [[{ + "plugins": { + "prometheus": {} }, - "type": "roundrobin" - }, - "uri": "/hello" - }]] - ) + "upstream": { + "nodes": { + "127.0.0.1:1980": 1 + }, + "type": "roundrobin" + }, + "uri": "/hello" + }]], + }, + { + url = "/apisix/admin/routes/metrics", + data = [[{ + "plugins": { + "public-api": {} + }, + "uri": "/apisix/prometheus/metrics" + }]] + }, + } - if code >= 300 then - ngx.status = code + local t = require("lib.test_admin").test + + for _, data in ipairs(data) do + local code, body = t(data.url, ngx.HTTP_PUT, data.data) + ngx.say(code..body) end - ngx.say(body) } } ---- request -GET /t ---- response_body -passed ---- no_error_log -[error] +--- response_body eval +"201passed\n" x 2 @@ -97,8 +114,6 @@ passed GET /apisix/prometheus/metrics --- response_body_like apisix_etcd_reachable 1 ---- no_error_log -[error] @@ -107,8 +122,6 @@ apisix_etcd_reachable 1 ["GET /hello", "GET /hello", "GET /hello", "GET /hello"] --- error_code eval [200, 200, 200, 200] ---- no_error_log -[error] @@ -117,8 +130,6 @@ apisix_etcd_reachable 1 ["GET /hello1", "GET /hello", "GET /hello2", "GET /hello", "GET /hello"] --- error_code eval [404, 200, 404, 200, 200] ---- no_error_log -[error] @@ -127,8 +138,6 @@ apisix_etcd_reachable 1 GET /apisix/prometheus/metrics --- response_body eval qr/apisix_bandwidth\{type="egress",route="1",service="",consumer="",node="127.0.0.1"\} \d+/ ---- no_error_log -[error] @@ -168,12 +177,8 @@ PATCH /apisix/prometheus/metrics ngx.say(body) } } ---- request -GET /t --- response_body passed ---- no_error_log -[error] @@ -182,8 +187,6 @@ passed ["GET /hello", "GET /not_found", "GET /hello", "GET /hello"] --- error_code eval [200, 404, 200, 200] ---- no_error_log -[error] @@ -192,8 +195,6 @@ passed GET /apisix/prometheus/metrics --- response_body eval qr/apisix_bandwidth\{type="egress",route="1",service="",consumer="",node="127.0.0.1"\} \d+/ ---- no_error_log -[error] @@ -202,8 +203,6 @@ qr/apisix_bandwidth\{type="egress",route="1",service="",consumer="",node="127.0. GET /apisix/prometheus/metrics --- response_body eval qr/apisix_http_latency_count\{type="request",route="1",service="",consumer="",node="127.0.0.1"\} \d+/ ---- no_error_log -[error] @@ -233,12 +232,8 @@ qr/apisix_http_latency_count\{type="request",route="1",service="",consumer="",no ngx.say(body) } } ---- request -GET /t --- response_body passed ---- no_error_log -[error] @@ -261,12 +256,8 @@ passed ngx.say(body) } } ---- request -GET /t --- response_body passed ---- no_error_log -[error] @@ -275,8 +266,6 @@ passed ["GET /hello1", "GET /not_found", "GET /hello1", "GET /hello1"] --- error_code eval [200, 404, 200, 200] ---- no_error_log -[error] @@ -285,8 +274,6 @@ passed GET /apisix/prometheus/metrics --- response_body eval qr/apisix_bandwidth\{type="egress",route="2",service="1",consumer="",node="127.0.0.1"\} \d+/ ---- no_error_log -[error] @@ -305,12 +292,8 @@ qr/apisix_bandwidth\{type="egress",route="2",service="1",consumer="",node="127.0 ngx.say(body) } } ---- request -GET /t --- response_body passed ---- no_error_log -[error] @@ -341,12 +324,8 @@ passed ngx.say(body) } } ---- request -GET /t --- response_body passed ---- no_error_log -[error] @@ -355,8 +334,6 @@ passed ["GET /hello", "GET /not_found", "GET /hello", "GET /hello"] --- error_code eval [200, 404, 200, 200] ---- no_error_log -[error] @@ -395,13 +372,9 @@ passed ngx.say(body) } } ---- request -GET /t --- response_body passed passed ---- no_error_log -[error] @@ -410,8 +383,6 @@ passed ["GET /hello3", "GET /hello3"] --- error_code eval [404, 404] ---- no_error_log -[error] @@ -420,8 +391,6 @@ passed GET /apisix/prometheus/metrics --- response_body eval qr/apisix_http_status\{code="404",route="3",matched_uri="\/hello3",matched_host="",service="",consumer="",node="127.0.0.1"\} 2/ ---- no_error_log -[error] @@ -430,8 +399,6 @@ qr/apisix_http_status\{code="404",route="3",matched_uri="\/hello3",matched_host= GET /apisix/prometheus/metrics --- response_body eval qr/.*apisix_http_latency_bucket\{type="apisix".*/ ---- no_error_log -[error] @@ -461,12 +428,8 @@ qr/.*apisix_http_latency_bucket\{type="apisix".*/ ngx.say(body) } } ---- request -GET /t --- response_body passed ---- no_error_log -[error] @@ -489,12 +452,8 @@ passed ngx.say(body) } } ---- request -GET /t --- response_body passed ---- no_error_log -[error] @@ -503,8 +462,6 @@ passed ["GET /mysleep?seconds=1", "GET /mysleep?seconds=1", "GET /mysleep?seconds=1"] --- error_code eval [200, 200, 200] ---- no_error_log -[error] @@ -513,8 +470,6 @@ passed GET /apisix/prometheus/metrics --- response_body eval qr/apisix_http_latency_bucket\{type="apisix".*service=\"3\".*le=\"500.*/ ---- no_error_log -[error] @@ -532,12 +487,8 @@ qr/apisix_http_latency_bucket\{type="apisix".*service=\"3\".*le=\"500.*/ ngx.say(body) } } ---- request -GET /t --- response_body passed ---- no_error_log -[error] @@ -555,12 +506,8 @@ passed ngx.say(body) } } ---- request -GET /t --- response_body passed ---- no_error_log -[error] @@ -569,8 +516,6 @@ passed GET /apisix/prometheus/metrics --- response_body_like eval qr/apisix_etcd_modify_indexes\{key="consumers"\} \d+/ ---- no_error_log -[error] @@ -579,8 +524,6 @@ qr/apisix_etcd_modify_indexes\{key="consumers"\} \d+/ GET /apisix/prometheus/metrics --- response_body_like eval qr/apisix_etcd_modify_indexes\{key="global_rules"\} \d+/ ---- no_error_log -[error] @@ -589,8 +532,6 @@ qr/apisix_etcd_modify_indexes\{key="global_rules"\} \d+/ GET /apisix/prometheus/metrics --- response_body_like eval qr/apisix_etcd_modify_indexes\{key="max_modify_index"\} \d+/ ---- no_error_log -[error] @@ -599,8 +540,6 @@ qr/apisix_etcd_modify_indexes\{key="max_modify_index"\} \d+/ GET /apisix/prometheus/metrics --- response_body_like eval qr/apisix_etcd_modify_indexes\{key="protos"\} \d+/ ---- no_error_log -[error] @@ -609,8 +548,6 @@ qr/apisix_etcd_modify_indexes\{key="protos"\} \d+/ GET /apisix/prometheus/metrics --- response_body_like eval qr/apisix_etcd_modify_indexes\{key="routes"\} \d+/ ---- no_error_log -[error] @@ -619,8 +556,6 @@ qr/apisix_etcd_modify_indexes\{key="routes"\} \d+/ GET /apisix/prometheus/metrics --- response_body_like eval qr/apisix_etcd_modify_indexes\{key="services"\} \d+/ ---- no_error_log -[error] @@ -629,8 +564,6 @@ qr/apisix_etcd_modify_indexes\{key="services"\} \d+/ GET /apisix/prometheus/metrics --- response_body_like eval qr/apisix_etcd_modify_indexes\{key="ssls"\} \d+/ ---- no_error_log -[error] @@ -639,8 +572,6 @@ qr/apisix_etcd_modify_indexes\{key="ssls"\} \d+/ GET /apisix/prometheus/metrics --- response_body_like eval qr/apisix_etcd_modify_indexes\{key="stream_routes"\} \d+/ ---- no_error_log -[error] @@ -649,8 +580,6 @@ qr/apisix_etcd_modify_indexes\{key="stream_routes"\} \d+/ GET /apisix/prometheus/metrics --- response_body_like eval qr/apisix_etcd_modify_indexes\{key="upstreams"\} \d+/ ---- no_error_log -[error] @@ -659,8 +588,6 @@ qr/apisix_etcd_modify_indexes\{key="upstreams"\} \d+/ GET /apisix/prometheus/metrics --- response_body_like eval qr/apisix_etcd_modify_indexes\{key="prev_index"\} \d+/ ---- no_error_log -[error] @@ -669,8 +596,6 @@ qr/apisix_etcd_modify_indexes\{key="prev_index"\} \d+/ GET /apisix/prometheus/metrics --- response_body_like eval qr/apisix_etcd_modify_indexes\{key="x_etcd_index"\} \d+/ ---- no_error_log -[error] @@ -679,8 +604,6 @@ qr/apisix_etcd_modify_indexes\{key="x_etcd_index"\} \d+/ GET /apisix/prometheus/metrics --- response_body eval qr/apisix_node_info\{hostname=".*"\} 1/ ---- no_error_log -[error] @@ -692,6 +615,10 @@ apisix: enable_admin: false --- apisix_yaml routes: + - + uri: /apisix/prometheus/metrics + plugins: + public-api: {} - uri: /hello upstream: @@ -705,5 +632,3 @@ GET /apisix/prometheus/metrics qr/apisix_/ --- response_body_unlike eval qr/etcd/ ---- no_error_log -[error] diff --git a/t/plugin/prometheus2.t b/t/plugin/prometheus2.t index 25fa21e8962d4..72400e7d77927 100644 --- a/t/plugin/prometheus2.t +++ b/t/plugin/prometheus2.t @@ -30,11 +30,62 @@ repeat_each(1); no_long_string(); no_shuffle(); no_root_location(); + +add_block_preprocessor(sub { + my ($block) = @_; + + if ((!defined $block->error_log) && (!defined $block->no_error_log)) { + $block->set_value("no_error_log", "[error]"); + } + + if (!defined $block->request) { + $block->set_value("request", "GET /t"); + } +}); + run_tests; __DATA__ -=== TEST 1: set route with key-auth enabled for consumer metrics +=== TEST 1: pre-create public API route +--- config + location /t { + content_by_lua_block { + local data = { + { + url = "/apisix/admin/routes/metrics", + data = [[{ + "plugins": { + "public-api": {} + }, + "uri": "/apisix/prometheus/metrics" + }]] + }, + { + url = "/apisix/admin/routes/metrics-custom-uri", + data = [[{ + "plugins": { + "public-api": {} + }, + "uri": "/a" + }]] + }, + } + + local t = require("lib.test_admin").test + + for _, data in ipairs(data) do + local code, body = t(data.url, ngx.HTTP_PUT, data.data) + ngx.say(code..body) + end + } + } +--- response_body eval +"201passed\n" x 2 + + + +=== TEST 2: set route with key-auth enabled for consumer metrics --- config location /t { content_by_lua_block { @@ -62,36 +113,28 @@ __DATA__ ngx.say(body) } } ---- request -GET /t --- response_body passed ---- no_error_log -[error] -=== TEST 2: pipeline of client request without api-key +=== TEST 3: pipeline of client request without api-key --- pipelined_requests eval ["GET /hello", "GET /hello", "GET /hello", "GET /hello"] --- error_code eval [401, 401, 401, 401] ---- no_error_log -[error] -=== TEST 3: fetch the prometheus metric data: consumer is empty +=== TEST 4: fetch the prometheus metric data: consumer is empty --- request GET /apisix/prometheus/metrics --- response_body eval qr/apisix_bandwidth\{type="egress",route="1",service="",consumer="",node=""\} \d+/ ---- no_error_log -[error] -=== TEST 4: set consumer for metrics data collection +=== TEST 5: set consumer for metrics data collection --- config location /t { content_by_lua_block { @@ -125,38 +168,30 @@ qr/apisix_bandwidth\{type="egress",route="1",service="",consumer="",node=""\} \d ngx.say(body) } } ---- request -GET /t --- response_body passed ---- no_error_log -[error] -=== TEST 5: pipeline of client request with successfully authorized +=== TEST 6: pipeline of client request with successfully authorized --- pipelined_requests eval ["GET /hello", "GET /hello", "GET /hello", "GET /hello"] --- more_headers apikey: auth-one --- error_code eval [200, 200, 200, 200] ---- no_error_log -[error] -=== TEST 6: fetch the prometheus metric data: consumer is jack +=== TEST 7: fetch the prometheus metric data: consumer is jack --- request GET /apisix/prometheus/metrics --- response_body eval qr/apisix_http_status\{code="200",route="1",matched_uri="\/hello",matched_host="",service="",consumer="jack",node="127.0.0.1"\} \d+/ ---- no_error_log -[error] -=== TEST 7: set route(id: 9) +=== TEST 8: set route(id: 9) --- config location /t { content_by_lua_block { @@ -185,16 +220,12 @@ qr/apisix_http_status\{code="200",route="1",matched_uri="\/hello",matched_host=" ngx.say(body) } } ---- request -GET /t --- response_body passed ---- no_error_log -[error] -=== TEST 8: set it in global rule +=== TEST 9: set it in global rule --- config location /t { content_by_lua_block { @@ -214,37 +245,29 @@ passed ngx.say(body) } } ---- request -GET /t --- response_body passed ---- no_error_log -[error] -=== TEST 9: 404 Route Not Found +=== TEST 10: 404 Route Not Found --- request GET /not_found --- error_code: 404 --- response_body {"error_msg":"404 Route Not Found"} ---- no_error_log -[error] -=== TEST 10: fetch the prometheus metric data: 404 Route Not Found +=== TEST 11: fetch the prometheus metric data: 404 Route Not Found --- request GET /apisix/prometheus/metrics --- response_body eval qr/apisix_http_status\{code="404",route="",matched_uri="",matched_host="",service="",consumer="",node=""\} \d+/ ---- no_error_log -[error] -=== TEST 11: hit routes(uri = "/foo*", host = "foo.com") +=== TEST 12: hit routes(uri = "/foo*", host = "foo.com") --- request GET /foo1 --- more_headers @@ -252,22 +275,18 @@ Host: foo.com --- error_code: 404 --- response_body eval qr/404 Not Found/ ---- no_error_log -[error] -=== TEST 12: fetch the prometheus metric data: hit routes(uri = "/foo*", host = "foo.com") +=== TEST 13: fetch the prometheus metric data: hit routes(uri = "/foo*", host = "foo.com") --- request GET /apisix/prometheus/metrics --- response_body eval qr/apisix_http_status\{code="404",route="9",matched_uri="\/foo\*",matched_host="foo.com",service="",consumer="",node="127.0.0.1"\} \d+/ ---- no_error_log -[error] -=== TEST 13: hit routes(uri = "/bar*", host = "bar.com") +=== TEST 14: hit routes(uri = "/bar*", host = "bar.com") --- request GET /bar1 --- more_headers @@ -275,22 +294,18 @@ Host: bar.com --- error_code: 404 --- response_body eval qr/404 Not Found/ ---- no_error_log -[error] -=== TEST 14: fetch the prometheus metric data: hit routes(uri = "/bar*", host = "bar.com") +=== TEST 15: fetch the prometheus metric data: hit routes(uri = "/bar*", host = "bar.com") --- request GET /apisix/prometheus/metrics --- response_body eval qr/apisix_http_status\{code="404",route="9",matched_uri="\/bar\*",matched_host="bar.com",service="",consumer="",node="127.0.0.1"\} \d+/ ---- no_error_log -[error] -=== TEST 15: customize export uri, not found +=== TEST 16: customize export uri, not found --- yaml_config plugin_attr: prometheus: @@ -298,12 +313,10 @@ plugin_attr: --- request GET /apisix/prometheus/metrics --- error_code: 404 ---- no_error_log -[error] -=== TEST 16: customize export uri, found +=== TEST 17: customize export uri, found --- yaml_config plugin_attr: prometheus: @@ -311,12 +324,10 @@ plugin_attr: --- request GET /a --- error_code: 200 ---- no_error_log -[error] -=== TEST 17: customize export uri, missing plugin, use default +=== TEST 18: customize export uri, missing plugin, use default --- yaml_config plugin_attr: x: @@ -324,12 +335,10 @@ plugin_attr: --- request GET /apisix/prometheus/metrics --- error_code: 200 ---- no_error_log -[error] -=== TEST 18: customize export uri, missing attr, use default +=== TEST 19: customize export uri, missing attr, use default --- yaml_config plugin_attr: prometheus: @@ -337,12 +346,10 @@ plugin_attr: --- request GET /apisix/prometheus/metrics --- error_code: 200 ---- no_error_log -[error] -=== TEST 19: set sys plugins +=== TEST 20: set sys plugins --- config location /t { content_by_lua_block { @@ -386,23 +393,19 @@ GET /apisix/prometheus/metrics ngx.say(body) } } ---- request -GET /t --- response_body passed ---- no_error_log -[error] -=== TEST 20: hit batch-process-metrics +=== TEST 21: hit batch-process-metrics --- request GET /batch-process-metrics --- error_code: 404 -=== TEST 21: check sys logger metrics +=== TEST 22: check sys logger metrics --- request GET /apisix/prometheus/metrics --- error_code: 200 @@ -411,7 +414,7 @@ qr/apisix_batch_process_entries\{name="sys-logger",route_id="9",server_addr="127 -=== TEST 22: set zipkin plugins +=== TEST 23: set zipkin plugins --- config location /t { content_by_lua_block { @@ -444,23 +447,19 @@ qr/apisix_batch_process_entries\{name="sys-logger",route_id="9",server_addr="127 ngx.say(body) } } ---- request -GET /t --- response_body passed ---- no_error_log -[error] -=== TEST 23: hit batch-process-metrics +=== TEST 24: hit batch-process-metrics --- request GET /batch-process-metrics --- error_code: 404 -=== TEST 24: check zipkin log metrics +=== TEST 25: check zipkin log metrics --- request GET /apisix/prometheus/metrics --- error_code: 200 @@ -469,7 +468,7 @@ qr/apisix_batch_process_entries\{name="zipkin_report",route_id="9",server_addr=" -=== TEST 25: set http plugins +=== TEST 26: set http plugins --- config location /t { content_by_lua_block { @@ -509,23 +508,19 @@ qr/apisix_batch_process_entries\{name="zipkin_report",route_id="9",server_addr=" ngx.say(body) } } ---- request -GET /t --- response_body passed ---- no_error_log -[error] -=== TEST 26: hit batch-process-metrics +=== TEST 27: hit batch-process-metrics --- request GET /batch-process-metrics --- error_code: 404 -=== TEST 27: check http log metrics +=== TEST 28: check http log metrics --- request GET /apisix/prometheus/metrics --- error_code: 200 @@ -534,7 +529,7 @@ qr/apisix_batch_process_entries\{name="http-logger",route_id="9",server_addr="12 -=== TEST 28: set tcp-logger plugins +=== TEST 29: set tcp-logger plugins --- config location /t { content_by_lua_block { @@ -575,23 +570,19 @@ qr/apisix_batch_process_entries\{name="http-logger",route_id="9",server_addr="12 ngx.say(body) } } ---- request -GET /t --- response_body passed ---- no_error_log -[error] -=== TEST 29: trigger metrics batch-process-metrics +=== TEST 30: trigger metrics batch-process-metrics --- request GET /batch-process-metrics-10 --- error_code: 404 -=== TEST 30: check tcp log metrics +=== TEST 31: check tcp log metrics --- request GET /apisix/prometheus/metrics --- error_code: 200 @@ -600,7 +591,7 @@ qr/apisix_batch_process_entries\{name="tcp-logger",route_id="10",server_addr="12 -=== TEST 31: set udp-logger plugins +=== TEST 32: set udp-logger plugins --- config location /t { content_by_lua_block { @@ -638,23 +629,19 @@ qr/apisix_batch_process_entries\{name="tcp-logger",route_id="10",server_addr="12 ngx.say(body) } } ---- request -GET /t --- response_body passed ---- no_error_log -[error] -=== TEST 32: trigger metrics batch-process-metrics +=== TEST 33: trigger metrics batch-process-metrics --- request GET /batch-process-metrics-10 --- error_code: 404 -=== TEST 33: check udp log metrics +=== TEST 34: check udp log metrics --- request GET /apisix/prometheus/metrics --- error_code: 200 @@ -663,7 +650,7 @@ qr/apisix_batch_process_entries\{name="udp-logger",route_id="10",server_addr="12 -=== TEST 34: set sls-logger plugins +=== TEST 35: set sls-logger plugins --- config location /t { content_by_lua_block { @@ -706,23 +693,19 @@ qr/apisix_batch_process_entries\{name="udp-logger",route_id="10",server_addr="12 ngx.say(body) } } ---- request -GET /t --- response_body passed ---- no_error_log -[error] -=== TEST 35: trigger metrics batch-process-metrics +=== TEST 36: trigger metrics batch-process-metrics --- request GET /batch-process-metrics-10 --- error_code: 404 -=== TEST 36: check sls-logger metrics +=== TEST 37: check sls-logger metrics --- request GET /apisix/prometheus/metrics --- error_code: 200 @@ -731,7 +714,7 @@ qr/apisix_batch_process_entries\{name="sls-logger",route_id="10",server_addr="12 -=== TEST 37: create service and route both with name +=== TEST 38: create service and route both with name --- config location /t { content_by_lua_block { @@ -774,36 +757,28 @@ qr/apisix_batch_process_entries\{name="sls-logger",route_id="10",server_addr="12 ngx.say(body) } } ---- request -GET /t --- response_body passed passed ---- no_error_log -[error] -=== TEST 38: pipeline of client request +=== TEST 39: pipeline of client request --- request GET /hello --- error_code: 200 ---- no_error_log -[error] -=== TEST 39: fetch the prometheus metric data +=== TEST 40: fetch the prometheus metric data --- request GET /apisix/prometheus/metrics --- response_body eval qr/apisix_bandwidth\{type="egress",route="route_name",service="service_name",consumer="",node="127.0.0.1"\} \d+/ ---- no_error_log -[error] -=== TEST 40: set route name but remove service name +=== TEST 41: set route name but remove service name --- config location /t { content_by_lua_block { @@ -826,35 +801,27 @@ qr/apisix_bandwidth\{type="egress",route="route_name",service="service_name",con ngx.say(body) } } ---- request -GET /t --- response_body passed ---- no_error_log -[error] -=== TEST 41: pipeline of client request +=== TEST 42: pipeline of client request --- request GET /hello --- error_code: 200 ---- no_error_log -[error] -=== TEST 42: fetch the prometheus metric data +=== TEST 43: fetch the prometheus metric data --- request GET /apisix/prometheus/metrics --- response_body eval qr/apisix_bandwidth\{type="egress",route="route_name",service="1",consumer="",node="127.0.0.1"\} \d+/ ---- no_error_log -[error] -=== TEST 43: set service name but remove route name +=== TEST 44: set service name but remove route name --- config location /t { content_by_lua_block { @@ -896,36 +863,28 @@ qr/apisix_bandwidth\{type="egress",route="route_name",service="1",consumer="",no ngx.say(body) } } ---- request -GET /t --- response_body passed passed ---- no_error_log -[error] -=== TEST 44: pipeline of client request +=== TEST 45: pipeline of client request --- request GET /hello --- error_code: 200 ---- no_error_log -[error] -=== TEST 45: fetch the prometheus metric data +=== TEST 46: fetch the prometheus metric data --- request GET /apisix/prometheus/metrics --- response_body eval qr/apisix_bandwidth\{type="egress",route="1",service="service_name",consumer="",node="127.0.0.1"\} \d+/ ---- no_error_log -[error] -=== TEST 46: remove both name, but still set prefer_name to true +=== TEST 47: remove both name, but still set prefer_name to true --- config location /t { content_by_lua_block { @@ -949,28 +908,20 @@ qr/apisix_bandwidth\{type="egress",route="1",service="service_name",consumer="", ngx.say(body) } } ---- request -GET /t --- response_body passed ---- no_error_log -[error] -=== TEST 47: pipeline of client request +=== TEST 48: pipeline of client request --- request GET /hello --- error_code: 200 ---- no_error_log -[error] -=== TEST 48: fetch the prometheus metric data +=== TEST 49: fetch the prometheus metric data --- request GET /apisix/prometheus/metrics --- response_body eval qr/apisix_bandwidth\{type="egress",route="1",service="1",consumer="",node="127.0.0.1"\} \d+/ ---- no_error_log -[error] diff --git a/t/plugin/prometheus3.t b/t/plugin/prometheus3.t index 4f3df1f4451af..550dc71f1ee09 100644 --- a/t/plugin/prometheus3.t +++ b/t/plugin/prometheus3.t @@ -47,48 +47,53 @@ run_tests; __DATA__ -=== TEST 1: use original etcd modified index +=== TEST 1: setup public API route and test route --- config location /t { content_by_lua_block { - local t = require("lib.test_admin").test - local code, body = t('/apisix/admin/plugin_configs/1', - ngx.HTTP_PUT, - [[{ - "plugins": { - "prometheus":{} - } - }]] - ) - - if code >= 300 then - ngx.status = code - ngx.say(body) - return - end - - local code, body = t('/apisix/admin/routes/1', - ngx.HTTP_PUT, - [[{ - "plugin_config_id": 1, - "upstream": { - "nodes": { - "127.0.0.1:1980": 1 + local data = { + { + url = "/apisix/admin/plugin_configs/1", + data = [[{ + "plugins": { + "prometheus":{} + } + }]] + }, + { + url = "/apisix/admin/routes/1", + data = [[{ + "plugin_config_id": 1, + "upstream": { + "nodes": { + "127.0.0.1:1980": 1 + }, + "type": "roundrobin" }, - "type": "roundrobin" - }, - "uri": "/hello" - }]] - ) + "uri": "/hello" + }]] + }, + { + url = "/apisix/admin/routes/metrics", + data = [[{ + "plugins": { + "public-api": {} + }, + "uri": "/apisix/prometheus/metrics" + }]] + }, + } - if code >= 300 then - ngx.status = code + local t = require("lib.test_admin").test + + for _, data in ipairs(data) do + local code, body = t(data.url, ngx.HTTP_PUT, data.data) + ngx.say(code..body) end - ngx.say(body) } } ---- response_body -passed +--- response_body eval +"201passed\n" x 3 @@ -168,6 +173,7 @@ passed === TEST 4: check metrics --- yaml_config plugins: + - public-api - error-log-logger - prometheus - http-logger diff --git a/t/plugin/wolf-rbac.t b/t/plugin/wolf-rbac.t index dc2ae7c894c6d..0909f5e096c8f 100644 --- a/t/plugin/wolf-rbac.t +++ b/t/plugin/wolf-rbac.t @@ -21,6 +21,15 @@ repeat_each(1); no_long_string(); no_root_location(); no_shuffle(); + +add_block_preprocessor(sub { + my ($block) = @_; + + if (!defined $block->request) { + $block->set_value("request", "GET /t"); + } +}); + run_tests; __DATA__ @@ -30,9 +39,7 @@ __DATA__ location /t { content_by_lua_block { local plugin = require("apisix.plugins.wolf-rbac") - local conf = { - - } + local conf = {} local ok, err = plugin.check_schema(conf) if not ok then @@ -42,8 +49,6 @@ __DATA__ ngx.say(require("toolkit.json").encode(conf)) } } ---- request -GET /t --- response_body_like eval qr/\{"appid":"unset","header_prefix":"X-","server":"http:\/\/127\.0\.0\.1:12180"\}/ --- no_error_log @@ -64,8 +69,6 @@ qr/\{"appid":"unset","header_prefix":"X-","server":"http:\/\/127\.0\.0\.1:12180" ngx.say("done") } } ---- request -GET /t --- response_body property "appid" validation failed: wrong type: expected string, got number done @@ -74,7 +77,54 @@ done -=== TEST 3: add consumer with username and plugins +=== TEST 3: setup public API route +--- config + location /t { + content_by_lua_block { + local data = { + { + url = "/apisix/admin/routes/wolf-login", + data = [[{ + "plugins": { + "public-api": {} + }, + "uri": "/apisix/plugin/wolf-rbac/login" + }]] + }, + { + url = "/apisix/admin/routes/wolf-userinfo", + data = [[{ + "plugins": { + "public-api": {} + }, + "uri": "/apisix/plugin/wolf-rbac/user_info" + }]] + }, + { + url = "/apisix/admin/routes/wolf-change-pwd", + data = [[{ + "plugins": { + "public-api": {} + }, + "uri": "/apisix/plugin/wolf-rbac/change_pwd" + }]] + }, + } + + local t = require("lib.test_admin").test + + for _, data in ipairs(data) do + local code, body = t(data.url, ngx.HTTP_PUT, data.data) + ngx.say(code..body) + end + } + } +--- response_body eval +"201passed\n" x 3 + + + +=== TEST 4: add consumer with username and plugins --- config location /t { content_by_lua_block { @@ -110,8 +160,6 @@ done ngx.say(body) } } ---- request -GET /t --- response_body passed --- no_error_log @@ -119,7 +167,7 @@ passed -=== TEST 4: enable wolf rbac plugin using admin api +=== TEST 5: enable wolf rbac plugin using admin api --- config location /t { content_by_lua_block { @@ -146,8 +194,6 @@ passed ngx.say(body) } } ---- request -GET /t --- response_body passed --- no_error_log @@ -155,7 +201,7 @@ passed -=== TEST 5: login failed, appid is missing +=== TEST 6: login failed, appid is missing --- request POST /apisix/plugin/wolf-rbac/login username=admin&password=123456 @@ -169,7 +215,7 @@ qr/appid is missing/ -=== TEST 6: login failed, appid not found +=== TEST 7: login failed, appid not found --- request POST /apisix/plugin/wolf-rbac/login appid=not-found&username=admin&password=123456 @@ -183,7 +229,7 @@ qr/appid \[not-found\] not found/ -=== TEST 7: login failed, username missing +=== TEST 8: login failed, username missing --- request POST /apisix/plugin/wolf-rbac/login appid=wolf-rbac-app&password=123456 @@ -195,7 +241,7 @@ qr/ERR_USERNAME_MISSING/ -=== TEST 8: login failed, password missing +=== TEST 9: login failed, password missing --- request POST /apisix/plugin/wolf-rbac/login appid=wolf-rbac-app&username=admin @@ -207,7 +253,7 @@ qr/ERR_PASSWORD_MISSING/ -=== TEST 9: login failed, username not found +=== TEST 10: login failed, username not found --- request POST /apisix/plugin/wolf-rbac/login appid=wolf-rbac-app&username=not-found&password=123456 @@ -219,7 +265,7 @@ qr/ERR_USER_NOT_FOUND/ -=== TEST 10: login failed, wrong password +=== TEST 11: login failed, wrong password --- request POST /apisix/plugin/wolf-rbac/login appid=wolf-rbac-app&username=admin&password=wrong-password @@ -231,7 +277,7 @@ qr/ERR_PASSWORD_ERROR/ -=== TEST 11: login successfully +=== TEST 12: login successfully --- config location /t { content_by_lua_block { @@ -249,14 +295,12 @@ qr/ERR_PASSWORD_ERROR/ ngx.status = code } } ---- request -GET /t --- no_error_log [error] -=== TEST 12: verify, missing token +=== TEST 13: verify, missing token --- request GET /hello --- error_code: 401 @@ -267,7 +311,7 @@ GET /hello -=== TEST 13: verify: invalid rbac token +=== TEST 14: verify: invalid rbac token --- request GET /hello --- error_code: 401 @@ -280,7 +324,7 @@ x-rbac-token: invalid-rbac-token -=== TEST 14: verify: invalid appid in rbac token +=== TEST 15: verify: invalid appid in rbac token --- request GET /hello --- error_code: 401 @@ -291,7 +335,7 @@ x-rbac-token: V1#invalid-appid#rbac-token -=== TEST 15: verify: failed +=== TEST 16: verify: failed --- request GET /hello1 --- error_code: 401 @@ -302,7 +346,7 @@ x-rbac-token: V1#wolf-rbac-app#wolf-rbac-token -=== TEST 16: verify (in argument) +=== TEST 17: verify (in argument) --- request GET /hello?rbac_token=V1%23wolf-rbac-app%23wolf-rbac-token --- response_headers @@ -316,7 +360,7 @@ hello world -=== TEST 17: verify (in header Authorization) +=== TEST 18: verify (in header Authorization) --- request GET /hello --- more_headers @@ -332,7 +376,7 @@ hello world -=== TEST 18: verify (in header x-rbac-token) +=== TEST 19: verify (in header x-rbac-token) --- request GET /hello --- more_headers @@ -348,7 +392,7 @@ hello world -=== TEST 19: verify (in cookie) +=== TEST 20: verify (in cookie) --- request GET /hello --- more_headers @@ -364,7 +408,7 @@ hello world -=== TEST 20: get userinfo failed, missing token +=== TEST 21: get userinfo failed, missing token --- request GET /apisix/plugin/wolf-rbac/user_info --- error_code: 401 @@ -375,7 +419,7 @@ GET /apisix/plugin/wolf-rbac/user_info -=== TEST 21: get userinfo failed, invalid rbac token +=== TEST 22: get userinfo failed, invalid rbac token --- request GET /apisix/plugin/wolf-rbac/user_info --- error_code: 401 @@ -388,7 +432,7 @@ x-rbac-token: invalid-rbac-token -=== TEST 22: get userinfo +=== TEST 23: get userinfo --- config location /t { content_by_lua_block { @@ -404,14 +448,12 @@ x-rbac-token: invalid-rbac-token ngx.status = code } } ---- request -GET /t --- no_error_log [error] -=== TEST 23: change password failed, old password incorrect +=== TEST 24: change password failed, old password incorrect --- request PUT /apisix/plugin/wolf-rbac/change_pwd {"oldPassword": "error", "newPassword": "abcdef"} @@ -424,7 +466,7 @@ qr/ERR_OLD_PASSWORD_INCORRECT/ -=== TEST 24: change password +=== TEST 25: change password --- request PUT /apisix/plugin/wolf-rbac/change_pwd {"oldPassword":"123456", "newPassword": "abcdef"} @@ -437,7 +479,7 @@ qr/success to change password/ -=== TEST 25: custom headers in request headers +=== TEST 26: custom headers in request headers --- request GET /wolf/rbac/custom/headers?rbac_token=V1%23wolf-rbac-app%23wolf-rbac-token --- response_headers