Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CCXDEV-11946: finalize the config update to the new config map #857

Merged
merged 9 commits into from
Dec 1, 2023
Merged

CCXDEV-11946: finalize the config update to the new config map #857

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
f7514e7
insightsreport using new config_aggregator
tremes Oct 19, 2023
83feb95
prometheuscontroller using new config_aggregator
tremes Oct 19, 2023
a5d55aa
sca controller using new config_aggregator
tremes Oct 20, 2023
75c593b
status controller using new config_aggregator
tremes Oct 20, 2023
a654065
clustertransfer controller using new config aggregator
tremes Oct 23, 2023
90b4b3b
clusterauthorizer using new config aggregator
tremes Oct 24, 2023
b478123
files renaming
tremes Nov 1, 2023
5080b4a
extend tests & final adjustments
tremes Nov 1, 2023
bf69261
update logging
tremes Nov 3, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 9 additions & 7 deletions pkg/authorizer/clusterauthorizer/clusterauthorizer.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,14 +13,16 @@ import (
)

type Authorizer struct {
configurator configobserver.Configurator
secretConfigurator configobserver.Configurator
configurator configobserver.Interface
// exposed for tests
proxyFromEnvironment func(*http.Request) (*url.URL, error)
}

// New creates a new Authorizer, whose purpose is to auth requests for outgoing traffic.
func New(configurator configobserver.Configurator) *Authorizer {
func New(secretConfigurator configobserver.Configurator, configurator configobserver.Interface) *Authorizer {
return &Authorizer{
secretConfigurator: secretConfigurator,
configurator: configurator,
proxyFromEnvironment: http.ProxyFromEnvironment,
}
Expand All @@ -46,11 +48,11 @@ func (a *Authorizer) Authorize(req *http.Request) error {
func (a *Authorizer) NewSystemOrConfiguredProxy() func(*http.Request) (*url.URL, error) {
// using specific proxy settings
if c := a.configurator.Config(); c != nil {
if len(c.HTTPConfig.HTTPProxy) > 0 || len(c.HTTPConfig.HTTPSProxy) > 0 || len(c.HTTPConfig.NoProxy) > 0 {
if len(c.Proxy.HTTPProxy) > 0 || len(c.Proxy.HTTPSProxy) > 0 || len(c.Proxy.NoProxy) > 0 {
proxyConfig := httpproxy.Config{
HTTPProxy: c.HTTPConfig.HTTPProxy,
HTTPSProxy: c.HTTPConfig.HTTPSProxy,
NoProxy: c.HTTPConfig.NoProxy,
HTTPProxy: c.Proxy.HTTPProxy,
HTTPSProxy: c.Proxy.HTTPSProxy,
NoProxy: c.Proxy.NoProxy,
}
// The golang ProxyFunc seems to have NoProxy already built in
return func(req *http.Request) (*url.URL, error) {
Expand All @@ -63,7 +65,7 @@ func (a *Authorizer) NewSystemOrConfiguredProxy() func(*http.Request) (*url.URL,
}

func (a *Authorizer) Token() (string, error) {
cfg := a.configurator.Config()
cfg := a.secretConfigurator.Config()
if len(cfg.Token) > 0 {
token := strings.TrimSpace(cfg.Token)
if strings.Contains(token, "\n") || strings.Contains(token, "\r") {
Expand Down
71 changes: 39 additions & 32 deletions pkg/authorizer/clusterauthorizer/clusterauthorizer_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,11 +22,11 @@ func nonCachedProxyFromEnvironment() func(*http.Request) (*url.URL, error) {

func Test_Proxy(tt *testing.T) {
testCases := []struct {
Name string
EnvValues map[string]interface{}
RequestURL string
HTTPConfig config.HTTPConfig
ProxyURL string
Name string
EnvValues map[string]interface{}
RequestURL string
ProxyConfig config.Proxy
ProxyURL string
}{
{
Name: "No env set, no specific proxy",
Expand All @@ -47,39 +47,39 @@ func Test_Proxy(tt *testing.T) {
ProxyURL: "http://secproxy.to",
},
{
Name: "Env not set, specific proxy set",
EnvValues: map[string]interface{}{"HTTP_PROXY": nil},
RequestURL: "http://google.com",
HTTPConfig: config.HTTPConfig{HTTPProxy: "specproxy.to"},
ProxyURL: "http://specproxy.to",
Name: "Env not set, specific proxy set",
EnvValues: map[string]interface{}{"HTTP_PROXY": nil},
RequestURL: "http://google.com",
ProxyConfig: config.Proxy{HTTPProxy: "specproxy.to"},
ProxyURL: "http://specproxy.to",
},
{
Name: "Env set, specific proxy set http",
EnvValues: map[string]interface{}{"HTTP_PROXY": "envproxy.to"},
RequestURL: "http://google.com",
HTTPConfig: config.HTTPConfig{HTTPProxy: "specproxy.to"},
ProxyURL: "http://specproxy.to",
Name: "Env set, specific proxy set http",
EnvValues: map[string]interface{}{"HTTP_PROXY": "envproxy.to"},
RequestURL: "http://google.com",
ProxyConfig: config.Proxy{HTTPProxy: "specproxy.to"},
ProxyURL: "http://specproxy.to",
},
{
Name: "Env set, specific proxy set https",
EnvValues: map[string]interface{}{"HTTPS_PROXY": "envsecproxy.to"},
RequestURL: "https://google.com",
HTTPConfig: config.HTTPConfig{HTTPSProxy: "specsecproxy.to"},
ProxyURL: "http://specsecproxy.to",
Name: "Env set, specific proxy set https",
EnvValues: map[string]interface{}{"HTTPS_PROXY": "envsecproxy.to"},
RequestURL: "https://google.com",
ProxyConfig: config.Proxy{HTTPSProxy: "specsecproxy.to"},
ProxyURL: "http://specsecproxy.to",
},
{
Name: "Env set, specific proxy set noproxy, request without noproxy",
EnvValues: map[string]interface{}{"HTTPS_PROXY": "envsecproxy.to", "NO_PROXY": "envnoproxy.to"},
RequestURL: "https://google.com",
HTTPConfig: config.HTTPConfig{HTTPSProxy: "specsecproxy.to", NoProxy: "specnoproxy.to"},
ProxyURL: "http://specsecproxy.to",
Name: "Env set, specific proxy set noproxy, request without noproxy",
EnvValues: map[string]interface{}{"HTTPS_PROXY": "envsecproxy.to", "NO_PROXY": "envnoproxy.to"},
RequestURL: "https://google.com",
ProxyConfig: config.Proxy{HTTPSProxy: "specsecproxy.to", NoProxy: "specnoproxy.to"},
ProxyURL: "http://specsecproxy.to",
},
{
Name: "Env set, specific proxy set noproxy, request with noproxy",
EnvValues: map[string]interface{}{"HTTPS_PROXY": "envsecproxy.to", "NO_PROXY": "envnoproxy.to"},
RequestURL: "https://specnoproxy.to",
HTTPConfig: config.HTTPConfig{HTTPSProxy: "specsecproxy.to", NoProxy: "specnoproxy.to"},
ProxyURL: "",
Name: "Env set, specific proxy set noproxy, request with noproxy",
EnvValues: map[string]interface{}{"HTTPS_PROXY": "envsecproxy.to", "NO_PROXY": "envnoproxy.to"},
RequestURL: "https://specnoproxy.to",
ProxyConfig: config.Proxy{HTTPSProxy: "specsecproxy.to", NoProxy: "specnoproxy.to"},
ProxyURL: "",
},
}
for _, tcase := range testCases {
Expand All @@ -97,8 +97,15 @@ func Test_Proxy(tt *testing.T) {
}
}

co2 := &config.MockSecretConfigurator{Conf: &config.Controller{HTTPConfig: tc.HTTPConfig}}
a := Authorizer{proxyFromEnvironment: nonCachedProxyFromEnvironment(), configurator: co2}
secretConfigurator := &config.MockSecretConfigurator{Conf: &config.Controller{}}
configurator := config.NewMockConfigMapConfigurator(&config.InsightsConfiguration{
Proxy: tc.ProxyConfig,
})
a := Authorizer{
proxyFromEnvironment: nonCachedProxyFromEnvironment(),
secretConfigurator: secretConfigurator,
configurator: configurator,
}
p := a.NewSystemOrConfiguredProxy()
req := httptest.NewRequest("GET", tc.RequestURL, http.NoBody)
urlRec, err := p(req)
Expand Down
Loading