Skip to content

Commit

Permalink
Make mgc test_smoke use TLSPolicy
Browse files Browse the repository at this point in the history
  • Loading branch information
Filip Čáp committed Oct 16, 2023
1 parent 639d288 commit ef90dc2
Show file tree
Hide file tree
Showing 2 changed files with 42 additions and 7 deletions.
39 changes: 34 additions & 5 deletions testsuite/tests/mgc/conftest.py
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,12 @@

from testsuite.openshift.httpbin import Httpbin
from testsuite.openshift.objects.dnspolicy import DNSPolicy
from testsuite.openshift.objects.gateway_api import CustomReference
from testsuite.openshift.objects.gateway_api.gateway import MGCGateway, GatewayProxy
from testsuite.openshift.objects.gateway_api.route import HTTPRoute
from testsuite.openshift.objects.proxy import Proxy
from testsuite.openshift.objects.route import Route
from testsuite.openshift.objects.tlspolicy import TLSPolicy


@pytest.fixture(scope="module")
Expand Down Expand Up @@ -41,7 +43,8 @@ def upstream_gateway(request, openshift, blame, hostname, module_label):
)
request.addfinalizer(upstream_gateway.delete)
upstream_gateway.commit()
upstream_gateway.wait_for_ready()
# we cannot wait here because of referencing not yet existent tls secret which would be provided later by tlspolicy
# upstream_gateway.wait_for_ready()

return upstream_gateway

Expand All @@ -61,6 +64,16 @@ def initial_host(hostname):
return f"route.{hostname}"


@pytest.fixture(scope="session")
def self_signed_cluster_issuer():
"""Reference to cluster self-signed certificate issuer"""
return CustomReference(
group="cert-manager.io",
kind="ClusterIssuer",
name="selfsigned-cluster-issuer",
)


@pytest.fixture(scope="module")
def route(request, proxy, blame, gateway, initial_host, backend) -> Route:
"""Exposed Route object"""
Expand All @@ -77,9 +90,12 @@ def route(request, proxy, blame, gateway, initial_host, backend) -> Route:
return route


# pylint: disable=unused-argument
@pytest.fixture(scope="module")
def gateway(upstream_gateway, spokes):
def gateway(upstream_gateway, spokes, hub_policies_commit):
"""Downstream gateway, e.g. gateway on a spoke cluster"""
# wait for upstream gateway here to be able to get spoke gateways
upstream_gateway.wait_for_ready()
gw = upstream_gateway.get_spoke_gateway(spokes)
gw.wait_for_ready()
return gw
Expand Down Expand Up @@ -108,10 +124,23 @@ def dns_policy(blame, upstream_gateway, module_label):
return policy


@pytest.fixture(scope="module", autouse=True)
def commit(request, dns_policy):
@pytest.fixture(scope="module")
def tls_policy(blame, upstream_gateway, module_label, self_signed_cluster_issuer):
"""TLSPolicy fixture"""
policy = TLSPolicy.create_instance(
upstream_gateway.openshift,
blame("tls"),
parent=upstream_gateway,
issuer=self_signed_cluster_issuer,
labels={"app": module_label},
)
return policy


@pytest.fixture(scope="module")
def hub_policies_commit(request, upstream_gateway, dns_policy, tls_policy):
"""Commits all important stuff before tests"""
for component in [dns_policy]:
for component in [dns_policy, tls_policy]:
if component is not None:
request.addfinalizer(component.delete)
component.commit()
10 changes: 8 additions & 2 deletions testsuite/tests/mgc/test_basic.py
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,8 @@

import pytest

from testsuite.httpx import HttpxBackoffClient

pytestmark = [pytest.mark.mgc]


Expand All @@ -25,12 +27,16 @@ def test_gateway_readiness(gateway):
assert gateway.is_ready()


def test_smoke(route):
def test_smoke(route, upstream_gateway):
"""
Tests whether the backend, exposed using the HTTPRoute and Gateway, was exposed correctly,
having a tls secured endpoint with a hostname managed by MGC
"""
backend_client = route.client(verify=False) # self-signed certificate; TBD

tls_cert = upstream_gateway.get_tls_cert()

# assert that tls_cert is used by the server
backend_client = HttpxBackoffClient(base_url=f"https://{route.hostnames[0]}", verify=tls_cert)

sleep(30) # wait for DNS record to propagate correctly; TBD

Expand Down

0 comments on commit ef90dc2

Please sign in to comment.