Skip to content

Commit

Permalink
migrate jwt provider tests to resources_test.go
Browse files Browse the repository at this point in the history
  • Loading branch information
jmurret committed Nov 7, 2023
1 parent 8d6545e commit c3414ed
Show file tree
Hide file tree
Showing 11 changed files with 364 additions and 295 deletions.
61 changes: 0 additions & 61 deletions agent/xds/clusters_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -265,67 +265,6 @@ func TestClustersFromSnapshot(t *testing.T) {
},
alsoRunTestForV2: true,
},
{
name: "connect-proxy-with-jwt-config-entry-with-local",
create: func(t testinf.T) *proxycfg.ConfigSnapshot {
return proxycfg.TestConfigSnapshot(t, nil, []proxycfg.UpdateEvent{
{
CorrelationID: "jwt-provider",
Result: &structs.IndexedConfigEntries{
Kind: "jwt-provider",
Entries: []structs.ConfigEntry{
&structs.JWTProviderConfigEntry{
Name: "okta",
JSONWebKeySet: &structs.JSONWebKeySet{
Local: &structs.LocalJWKS{
JWKS: "xxx",
},
},
},
},
},
},
})
},
// TODO(proxystate): jwt work will come at a later time
alsoRunTestForV2: false,
},
{
name: "connect-proxy-with-jwt-config-entry-with-remote-jwks",
create: func(t testinf.T) *proxycfg.ConfigSnapshot {
return proxycfg.TestConfigSnapshot(t, nil, []proxycfg.UpdateEvent{
{
CorrelationID: "jwt-provider",
Result: &structs.IndexedConfigEntries{
Kind: "jwt-provider",
Entries: []structs.ConfigEntry{
&structs.JWTProviderConfigEntry{
Name: "okta",
JSONWebKeySet: &structs.JSONWebKeySet{
Remote: &structs.RemoteJWKS{
RequestTimeoutMs: 1000,
FetchAsynchronously: true,
URI: "https://test.test.com",
JWKSCluster: &structs.JWKSCluster{
DiscoveryType: structs.DiscoveryTypeStatic,
ConnectTimeout: time.Duration(5) * time.Second,
TLSCertificates: &structs.JWKSTLSCertificate{
TrustedCA: &structs.JWKSTLSCertTrustedCA{
Filename: "mycert.crt",
},
},
},
},
},
},
},
},
},
})
},
// TODO(proxystate): jwt work will come at a later time
alsoRunTestForV2: false,
},
{
name: "custom-local-app",
create: func(t testinf.T) *proxycfg.ConfigSnapshot {
Expand Down
59 changes: 0 additions & 59 deletions agent/xds/listeners_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -145,65 +145,6 @@ func makeListenerDiscoChainTests(enterprise bool) []listenerTestCase {
},
alsoRunTestForV2: true,
},
{
name: "connect-proxy-with-jwt-config-entry-with-local",
create: func(t testinf.T) *proxycfg.ConfigSnapshot {
return proxycfg.TestConfigSnapshotDiscoveryChain(t, "simple", enterprise, func(ns *structs.NodeService) {
ns.Proxy.Config["protocol"] = "http"
},
[]proxycfg.UpdateEvent{
{
CorrelationID: "jwt-provider",
Result: &structs.IndexedConfigEntries{
Kind: "jwt-provider",
Entries: []structs.ConfigEntry{
&structs.JWTProviderConfigEntry{
Name: "okta",
JSONWebKeySet: &structs.JSONWebKeySet{
Local: &structs.LocalJWKS{
JWKS: "aGVsbG8gd29ybGQK",
},
},
Locations: []*structs.JWTLocation{
{
QueryParam: &structs.JWTLocationQueryParam{
Name: "token",
},
},
{
Cookie: &structs.JWTLocationCookie{
Name: "token",
},
},
},
},
},
},
},
{
CorrelationID: "intentions",
Result: structs.SimplifiedIntentions{
{
SourceName: "*",
DestinationName: "db",
Permissions: []*structs.IntentionPermission{
{
JWT: &structs.IntentionJWTRequirement{
Providers: []*structs.IntentionJWTProvider{
{
Name: "okta",
},
},
},
},
},
},
},
},
},
)
},
},
}
}

Expand Down
67 changes: 67 additions & 0 deletions agent/xds/resources_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -275,6 +275,7 @@ func TestAllResourcesFromSnapshot(t *testing.T) {
tests = append(tests, getTrafficControlPeeringGoldenTestCases(false)...)
tests = append(tests, getEnterpriseGoldenTestCases(t)...)
tests = append(tests, getAPIGatewayGoldenTestCases(t)...)
tests = append(tests, getConnectProxyJWTProviderGoldenTestCases()...)

latestEnvoyVersion := xdscommon.EnvoyVersions[0]
for _, envoyVersion := range xdscommon.EnvoyVersions {
Expand Down Expand Up @@ -796,3 +797,69 @@ func getAPIGatewayGoldenTestCases(t *testing.T) []goldenTestCase {
},
}
}

func getConnectProxyJWTProviderGoldenTestCases() []goldenTestCase {
return []goldenTestCase{
{
name: "connect-proxy-with-jwt-config-entry-with-local",
create: func(t testinf.T) *proxycfg.ConfigSnapshot {
return proxycfg.TestConfigSnapshot(t, nil, []proxycfg.UpdateEvent{
{
CorrelationID: "jwt-provider",
Result: &structs.IndexedConfigEntries{
Kind: "jwt-provider",
Entries: []structs.ConfigEntry{
&structs.JWTProviderConfigEntry{
Name: "okta",
JSONWebKeySet: &structs.JSONWebKeySet{
Local: &structs.LocalJWKS{
JWKS: "xxx",
},
},
},
},
},
},
})
},
// TODO(proxystate): jwt work will come at a later time
alsoRunTestForV2: false,
},
{
name: "connect-proxy-with-jwt-config-entry-with-remote-jwks",
create: func(t testinf.T) *proxycfg.ConfigSnapshot {
return proxycfg.TestConfigSnapshot(t, nil, []proxycfg.UpdateEvent{
{
CorrelationID: "jwt-provider",
Result: &structs.IndexedConfigEntries{
Kind: "jwt-provider",
Entries: []structs.ConfigEntry{
&structs.JWTProviderConfigEntry{
Name: "okta",
JSONWebKeySet: &structs.JSONWebKeySet{
Remote: &structs.RemoteJWKS{
RequestTimeoutMs: 1000,
FetchAsynchronously: true,
URI: "https://test.test.com",
JWKSCluster: &structs.JWKSCluster{
DiscoveryType: structs.DiscoveryTypeStatic,
ConnectTimeout: time.Duration(5) * time.Second,
TLSCertificates: &structs.JWKSTLSCertificate{
TrustedCA: &structs.JWKSTLSCertTrustedCA{
Filename: "mycert.crt",
},
},
},
},
},
},
},
},
},
})
},
// TODO(proxystate): jwt work will come at a later time
alsoRunTestForV2: false,
},
}
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,75 @@
{
"nonce": "00000001",
"resources": [
{
"@type": "type.googleapis.com/envoy.config.endpoint.v3.ClusterLoadAssignment",
"clusterName": "db.default.dc1.internal.11111111-2222-3333-4444-555555555555.consul",
"endpoints": [
{
"lbEndpoints": [
{
"endpoint": {
"address": {
"socketAddress": {
"address": "10.10.1.1",
"portValue": 8080
}
}
},
"healthStatus": "HEALTHY",
"loadBalancingWeight": 1
},
{
"endpoint": {
"address": {
"socketAddress": {
"address": "10.10.1.2",
"portValue": 8080
}
}
},
"healthStatus": "HEALTHY",
"loadBalancingWeight": 1
}
]
}
]
},
{
"@type": "type.googleapis.com/envoy.config.endpoint.v3.ClusterLoadAssignment",
"clusterName": "geo-cache.default.dc1.query.11111111-2222-3333-4444-555555555555.consul",
"endpoints": [
{
"lbEndpoints": [
{
"endpoint": {
"address": {
"socketAddress": {
"address": "10.10.1.1",
"portValue": 8080
}
}
},
"healthStatus": "HEALTHY",
"loadBalancingWeight": 1
},
{
"endpoint": {
"address": {
"socketAddress": {
"address": "10.20.1.2",
"portValue": 8080
}
}
},
"healthStatus": "HEALTHY",
"loadBalancingWeight": 1
}
]
}
]
}
],
"typeUrl": "type.googleapis.com/envoy.config.endpoint.v3.ClusterLoadAssignment",
"versionInfo": "00000001"
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,75 @@
{
"nonce": "00000001",
"resources": [
{
"@type": "type.googleapis.com/envoy.config.endpoint.v3.ClusterLoadAssignment",
"clusterName": "db.default.dc1.internal.11111111-2222-3333-4444-555555555555.consul",
"endpoints": [
{
"lbEndpoints": [
{
"endpoint": {
"address": {
"socketAddress": {
"address": "10.10.1.1",
"portValue": 8080
}
}
},
"healthStatus": "HEALTHY",
"loadBalancingWeight": 1
},
{
"endpoint": {
"address": {
"socketAddress": {
"address": "10.10.1.2",
"portValue": 8080
}
}
},
"healthStatus": "HEALTHY",
"loadBalancingWeight": 1
}
]
}
]
},
{
"@type": "type.googleapis.com/envoy.config.endpoint.v3.ClusterLoadAssignment",
"clusterName": "geo-cache.default.dc1.query.11111111-2222-3333-4444-555555555555.consul",
"endpoints": [
{
"lbEndpoints": [
{
"endpoint": {
"address": {
"socketAddress": {
"address": "10.10.1.1",
"portValue": 8080
}
}
},
"healthStatus": "HEALTHY",
"loadBalancingWeight": 1
},
{
"endpoint": {
"address": {
"socketAddress": {
"address": "10.20.1.2",
"portValue": 8080
}
}
},
"healthStatus": "HEALTHY",
"loadBalancingWeight": 1
}
]
}
]
}
],
"typeUrl": "type.googleapis.com/envoy.config.endpoint.v3.ClusterLoadAssignment",
"versionInfo": "00000001"
}
Loading

0 comments on commit c3414ed

Please sign in to comment.