Skip to content

Commit

Permalink
split tests to more cases, fix ordering and aggregation
Browse files Browse the repository at this point in the history 
Signed-off-by: Lukasz Dziedziak <lukidzi@gmail.com>
  • Loading branch information
@lukidzi
lukidzi committed Nov 28, 2024
1 parent bfa18db commit 8e4d47d
Show file tree
Hide file tree
Showing 11 changed files with 886 additions and 2,899 deletions.
207 changes: 112 additions & 95 deletions pkg/plugins/policies/meshpassthrough/plugin/v1alpha1/plugin_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -150,86 +150,6 @@ var _ = Describe("MeshPassthrough", func() {
Port: pointer.To[uint32](8080),
Protocol: api.ProtocolType("http"),
},
{
Type: api.MatchType("Domain"),
Value: "grpcdomain.com",
Port: pointer.To[uint32](19000),
Protocol: api.ProtocolType("grpc"),
},
{
Type: api.MatchType("Domain"),
Value: "http2.com",
Port: pointer.To[uint32](8080),
Protocol: api.ProtocolType("http"),
},
{
Type: api.MatchType("Domain"),
Value: "http2.com",
Port: pointer.To[uint32](8080),
Protocol: api.ProtocolType("http"),
},
{
Type: api.MatchType("Domain"),
Value: "*.example.com",
Protocol: api.ProtocolType("tls"),
},
{
Type: api.MatchType("IP"),
Value: "192.168.19.1",
Protocol: api.ProtocolType("tls"),
},
{
Type: api.MatchType("IP"),
Value: "192.168.19.1",
Port: pointer.To[uint32](10000),
Protocol: api.ProtocolType("http"),
},
{
Type: api.MatchType("IP"),
Value: "192.168.0.1",
Port: pointer.To[uint32](9091),
Protocol: api.ProtocolType("tcp"),
},
{
Type: api.MatchType("CIDR"),
Value: "192.168.0.1/24",
Protocol: api.ProtocolType("tcp"),
},
{
Type: api.MatchType("CIDR"),
Value: "192.168.0.1/30",
Protocol: api.ProtocolType("tcp"),
},
{
Type: api.MatchType("Domain"),
Value: "trace-svc.datadog-agent.svc.cluster.local",
Protocol: api.ProtocolType("http"),
Port: pointer.To[uint32](8126),
},
{
Type: api.MatchType("Domain"),
Value: "trace-svc.datadog-agent.svc",
Protocol: api.ProtocolType("http"),
Port: pointer.To[uint32](8126),
},
{
Type: api.MatchType("CIDR"),
Value: "172.16.0.0/12",
Protocol: api.ProtocolType("http"),
Port: pointer.To[uint32](8126),
},
{
Type: api.MatchType("Domain"),
Value: "cluster.test.local.dev",
Protocol: api.ProtocolType("http"),
Port: pointer.To[uint32](8005),
},
{
Type: api.MatchType("Domain"),
Value: "cluster-telemetry.test.local.dev",
Protocol: api.ProtocolType("http"),
Port: pointer.To[uint32](8006),
},
{
Type: api.MatchType("CIDR"),
Value: "192.168.0.0/16",
Expand All @@ -253,11 +173,6 @@ var _ = Describe("MeshPassthrough", func() {
Value: "10.42.0.8",
Protocol: api.ProtocolType("http"),
},
{
Type: api.MatchType("IP"),
Value: "10.42.0.9",
Protocol: api.ProtocolType("http"),
},
{
Type: api.MatchType("IP"),
Value: "b6e5:a45e:70ae:e77f:d24e:5023:375d:20a6",
Expand All @@ -269,16 +184,6 @@ var _ = Describe("MeshPassthrough", func() {
Port: pointer.To[uint32](9091),
Protocol: api.ProtocolType("tcp"),
},
{
Type: api.MatchType("CIDR"),
Value: "b0ce:f616:4e74:28f7:427c:b969:8016:6344/64",
Protocol: api.ProtocolType("tcp"),
},
{
Type: api.MatchType("CIDR"),
Value: "b0ce:f616:4e74:28f7:427c:b969:8016:6344/96",
Protocol: api.ProtocolType("tcp"),
},
},
},
},
Expand Down Expand Up @@ -383,6 +288,118 @@ var _ = Describe("MeshPassthrough", func() {
listenersGolden: "simple.listener.golden.yaml",
clustersGolden: "simple.clusters.golden.yaml",
}),
Entry("cidr and http policy", testCase{
resources: []*core_xds.Resource{
{
Name: "outbound:passthrough:ipv4",
Origin: generator.OriginTransparent,
Resource: NewListenerBuilder(envoy_common.APIV3, "outbound:passthrough:ipv4").
Configure(OutboundListener("0.0.0.0", 15001, core_xds.SocketAddressProtocolTCP)).
Configure(FilterChain(NewFilterChainBuilder(envoy_common.APIV3, envoy_common.AnonymousResource).
Configure(TCPProxy("outbound_passthrough_ipv4", []envoy_common.Split{
plugins_xds.NewSplitBuilder().WithClusterName("outbound:passthrough:ipv4").WithWeight(100).Build(),
}...)),
)).MustBuild(),
},
{
Name: "outbound:passthrough:ipv6",
Origin: generator.OriginTransparent,
Resource: NewListenerBuilder(envoy_common.APIV3, "outbound:passthrough:ipv6").
Configure(OutboundListener("::", 15001, core_xds.SocketAddressProtocolTCP)).
Configure(FilterChain(NewFilterChainBuilder(envoy_common.APIV3, envoy_common.AnonymousResource).
Configure(TCPProxy("outbound_passthrough_ipv6", []envoy_common.Split{
plugins_xds.NewSplitBuilder().WithClusterName("outbound:passthrough:ipv6").WithWeight(100).Build(),
}...)),
)).MustBuild(),
},
},
singleItemRules: core_rules.SingleItemRules{
Rules: []*core_rules.Rule{
{
Subset: []core_rules.Tag{},
Conf: api.Conf{
AppendMatch: []api.Match{
{
Type: api.MatchType("CIDR"),
Value: "10.10.0.0/16",
Port: pointer.To[uint32](80),
Protocol: api.ProtocolType("http"),
},
{
Type: api.MatchType("CIDR"),
Value: "192.168.0.0/24",
Port: pointer.To[uint32](80),
Protocol: api.ProtocolType("http"),
},
{
Type: api.MatchType("IP"),
Value: "192.168.0.0",
Protocol: api.ProtocolType("http"),
},
},
},
},
},
},
listenersGolden: "cidr-http.listener.golden.yaml",
clustersGolden: "cidr-http.clusters.golden.yaml",
}),
Entry("http domain aggregated policy", testCase{
resources: []*core_xds.Resource{
{
Name: "outbound:passthrough:ipv4",
Origin: generator.OriginTransparent,
Resource: NewListenerBuilder(envoy_common.APIV3, "outbound:passthrough:ipv4").
Configure(OutboundListener("0.0.0.0", 15001, core_xds.SocketAddressProtocolTCP)).
Configure(FilterChain(NewFilterChainBuilder(envoy_common.APIV3, envoy_common.AnonymousResource).
Configure(TCPProxy("outbound_passthrough_ipv4", []envoy_common.Split{
plugins_xds.NewSplitBuilder().WithClusterName("outbound:passthrough:ipv4").WithWeight(100).Build(),
}...)),
)).MustBuild(),
},
{
Name: "outbound:passthrough:ipv6",
Origin: generator.OriginTransparent,
Resource: NewListenerBuilder(envoy_common.APIV3, "outbound:passthrough:ipv6").
Configure(OutboundListener("::", 15001, core_xds.SocketAddressProtocolTCP)).
Configure(FilterChain(NewFilterChainBuilder(envoy_common.APIV3, envoy_common.AnonymousResource).
Configure(TCPProxy("outbound_passthrough_ipv6", []envoy_common.Split{
plugins_xds.NewSplitBuilder().WithClusterName("outbound:passthrough:ipv6").WithWeight(100).Build(),
}...)),
)).MustBuild(),
},
},
singleItemRules: core_rules.SingleItemRules{
Rules: []*core_rules.Rule{
{
Subset: []core_rules.Tag{},
Conf: api.Conf{
AppendMatch: []api.Match{
{
Type: api.MatchType("Domain"),
Value: "example1.com",
Port: pointer.To[uint32](80),
Protocol: api.ProtocolType("http"),
},
{
Type: api.MatchType("Domain"),
Value: "example2.com",
Port: pointer.To[uint32](80),
Protocol: api.ProtocolType("http"),
},
{
Type: api.MatchType("Domain"),
Value: "*.example.com",
Protocol: api.ProtocolType("http"),
},
},
},
},
},
},
listenersGolden: "http-domains-aggregated.listener.golden.yaml",
clustersGolden: "http-domains-aggregated.clusters.golden.yaml",
}),
Entry("the same protocol but different type match", testCase{
resources: []*core_xds.Resource{
{
Expand Down
Loading

0 comments on commit 8e4d47d

Please sign in to comment.