-
Notifications
You must be signed in to change notification settings - Fork 491
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
BackendTLSPolicy cel tests #2491
BackendTLSPolicy cel tests #2491
Conversation
Welcome @Ygnas! |
Hi @Ygnas. Thanks for your PR. I'm waiting for a kubernetes-sigs member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: robscott, Ygnas The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the changes @Ygnas !
config/crd/experimental/gateway.networking.k8s.io_backendtlspolicies.yaml
Show resolved
Hide resolved
2b2a8b9
to
b3a6b7e
Compare
b3a6b7e
to
5a94447
Compare
5a94447
to
91502f9
Compare
I'm not 100% sure if we should test |
@Ygnas The immediate intent is to just verify the two validations defined through Thanks for taking this on. LGTM (will defer approval to maintainers) |
@@ -75,8 +75,8 @@ type BackendTLSPolicySpec struct { | |||
} | |||
|
|||
// BackendTLSPolicyConfig contains backend TLS policy configuration. | |||
// +kubebuilder:validation:XValidation:message="must not contain both CertRefs and WellKnownCACerts",rule="(has(self.caCertRefs) && size(self.caCertRefs) > 0 && has(self.wellKnownCACerts) && self.wellKnownCACerts != \"\")" | |||
// +kubebuilder:validation:XValidation:message="must specify either CertRefs or WellKnownCACerts",rule="!(has(self.caCertRefs) && size(self.caCertRefs) > 0 || has(self.wellKnownCACerts) && self.wellKnownCACerts != \"\")" | |||
// +kubebuilder:validation:XValidation:message="must not contain both CACertRefs and WellKnownCACerts",rule="!(has(self.caCertRefs) && size(self.caCertRefs) > 0 && has(self.wellKnownCACerts) && self.wellKnownCACerts != \"\")" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
And there's a great example of why tests are important! Thanks @Ygnas.
Yes, I think that testing the max items or LocalObjectReference are not desirable here - there is a good chance that both of those will change soon anyway. /lgtm |
What type of PR is this?
/kind test
What this PR does / why we need it:
Without it, it's awfully hard to ensure that the CEL we've written covers all the inputs we want to allow or prevent.
Which issue(s) this PR fixes:
Fixes #2473
Does this PR introduce a user-facing change?: