diff --git a/testsuite/gateway/envoy/config.py b/testsuite/gateway/envoy/config.py index 4a57a9ae..a7598485 100644 --- a/testsuite/gateway/envoy/config.py +++ b/testsuite/gateway/envoy/config.py @@ -107,6 +107,17 @@ def create_instance( labels, ) + def has_backend(self, backend: Backend, prefix: str) -> bool: + """Returns True, if backend & prefix combination is already setup""" + config = yaml.safe_load(self["envoy.yaml"]) + virtual_hosts = config["static_resources"]["listeners"][0]["filter_chains"][0]["filters"][0]["typed_config"][ + "route_config" + ]["virtual_hosts"][0]["routes"] + for host in virtual_hosts: + if host["match"]["prefix"] == prefix and host["route"]["cluster"] == backend.url: + return True + return False + @modify def add_backend(self, backend: Backend, prefix: str): """Adds backend to the EnvoyConfig""" diff --git a/testsuite/gateway/envoy/route.py b/testsuite/gateway/envoy/route.py index 43bd26bb..65e5fcfb 100644 --- a/testsuite/gateway/envoy/route.py +++ b/testsuite/gateway/envoy/route.py @@ -29,8 +29,9 @@ def __init__(self, openshift, gateway) -> None: self.hostnames: list[str] = [] def add_backend(self, backend: "Backend", prefix="/"): - self.gateway.config.add_backend(backend, prefix) - self.gateway.rollout() + if not self.gateway.config.has_backend(backend, prefix): + self.gateway.config.add_backend(backend, prefix) + self.gateway.rollout() def remove_all_backend(self): self.gateway.config.remove_all_backends() diff --git a/testsuite/tests/conftest.py b/testsuite/tests/conftest.py index 45158e36..20d09fd7 100644 --- a/testsuite/tests/conftest.py +++ b/testsuite/tests/conftest.py @@ -128,7 +128,7 @@ def testconfig(): return settings -@pytest.fixture(scope="module") +@pytest.fixture(scope="session") def openshift(testconfig): """OpenShift client for the primary namespace""" client = testconfig["service_protection"]["project"] @@ -137,7 +137,7 @@ def openshift(testconfig): return client -@pytest.fixture(scope="module") +@pytest.fixture(scope="session") def openshift2(testconfig, skip_or_fail): """OpenShift client for the secondary namespace located on the same cluster as primary Openshift""" client = testconfig["service_protection"]["project2"] @@ -265,7 +265,7 @@ def module_label(label): return randomize(label) -@pytest.fixture(scope="module") +@pytest.fixture(scope="session") def kuadrant(request): """Returns Kuadrant instance if exists, or None""" if request.config.getoption("--standalone"): @@ -275,7 +275,7 @@ def kuadrant(request): return True -@pytest.fixture(scope="module") +@pytest.fixture(scope="session") def backend(request, openshift, blame, label): """Deploys Httpbin backend""" httpbin = Httpbin(openshift, blame("httpbin"), label) @@ -284,11 +284,11 @@ def backend(request, openshift, blame, label): return httpbin -@pytest.fixture(scope="module") -def gateway(request, kuadrant, openshift, blame, backend, module_label, testconfig, wildcard_domain) -> Gateway: - """Deploys Envoy that wire up the Backend behind the reverse-proxy and Authorino instance""" +@pytest.fixture(scope="session") +def gateway(request, kuadrant, openshift, blame, label, testconfig, wildcard_domain) -> Gateway: + """Deploys Gateway that wires up the Backend behind the reverse-proxy and Authorino instance""" if kuadrant: - gw = KuadrantGateway.create_instance(openshift, blame("gw"), wildcard_domain, {"app": module_label}) + gw = KuadrantGateway.create_instance(openshift, blame("gw"), wildcard_domain, {"app": label}) else: authorino = request.getfixturevalue("authorino") gw = Envoy( @@ -296,10 +296,11 @@ def gateway(request, kuadrant, openshift, blame, backend, module_label, testconf blame("gw"), authorino, testconfig["service_protection"]["envoy"]["image"], - labels={"app": module_label}, + labels={"app": label}, ) request.addfinalizer(gw.delete) gw.commit() + gw.wait_for_ready(timeout=10 * 60) return gw @@ -317,7 +318,7 @@ def route(request, kuadrant, gateway, blame, hostname, backend, module_label) -> return route -@pytest.fixture(scope="module") +@pytest.fixture(scope="session") def exposer(request) -> Exposer: """Exposer object instance""" exposer = OpenShiftExposer() @@ -333,7 +334,7 @@ def hostname(gateway, exposer, blame) -> Hostname: return hostname -@pytest.fixture(scope="module") +@pytest.fixture(scope="session") def wildcard_domain(openshift): """ Wildcard domain of openshift cluster diff --git a/testsuite/tests/kuadrant/authorino/conftest.py b/testsuite/tests/kuadrant/authorino/conftest.py index c3d7fcc6..56f4941c 100644 --- a/testsuite/tests/kuadrant/authorino/conftest.py +++ b/testsuite/tests/kuadrant/authorino/conftest.py @@ -9,40 +9,28 @@ from testsuite.openshift.authorino import AuthorinoCR, Authorino, PreexistingAuthorino -@pytest.fixture(scope="module") -def authorino_parameters(): - """Optional parameters for Authorino creation, passed to the __init__""" - return {} - - -@pytest.fixture(scope="module") -def authorino(authorino, openshift, blame, request, testconfig, module_label, authorino_parameters) -> Authorino: +@pytest.fixture(scope="session") +def authorino(authorino, openshift, blame, request, testconfig, label) -> Authorino: """Authorino instance""" if authorino: return authorino authorino_config = testconfig["service_protection"]["authorino"] if not authorino_config["deploy"]: - if len(authorino_parameters) > 0: - return pytest.skip("Can't change parameters of already deployed Authorino") return PreexistingAuthorino( authorino_config["auth_url"], authorino_config["oidc_url"], authorino_config["metrics_service_name"], ) - labels = authorino_parameters.setdefault("label_selectors", []) - labels.append(f"testRun={module_label}") - - authorino_parameters.setdefault("name", blame("authorino")) - authorino = AuthorinoCR.create_instance( openshift, image=authorino_config.get("image"), log_level=authorino_config.get("log_level"), - **authorino_parameters, + name=blame("authorino"), + label_selectors=[f"testRun={label}"], ) - request.addfinalizer(lambda: authorino.delete(ignore_not_found=True)) + request.addfinalizer(authorino.delete) authorino.commit() authorino.wait_for_ready() return authorino @@ -50,14 +38,10 @@ def authorino(authorino, openshift, blame, request, testconfig, module_label, au # pylint: disable=unused-argument @pytest.fixture(scope="module") -def authorization( - authorization, oidc_provider, authorino, route, authorization_name, openshift, module_label -) -> AuthConfig: - """In case of Authorino, AuthConfig used for authorization""" +def authorization(authorization, oidc_provider, route, authorization_name, openshift, label) -> AuthConfig: + """In case of Authorino, AuthC onfig used for authorization""" if authorization is None: - authorization = AuthConfig.create_instance( - openshift, authorization_name, route, labels={"testRun": module_label} - ) + authorization = AuthConfig.create_instance(openshift, authorization_name, route, labels={"testRun": label}) authorization.identity.add_oidc("rhsso", oidc_provider.well_known["issuer"]) return authorization diff --git a/testsuite/tests/kuadrant/authorino/operator/clusterwide/conftest.py b/testsuite/tests/kuadrant/authorino/operator/clusterwide/conftest.py index 20278f88..37c8f0cb 100644 --- a/testsuite/tests/kuadrant/authorino/operator/clusterwide/conftest.py +++ b/testsuite/tests/kuadrant/authorino/operator/clusterwide/conftest.py @@ -29,9 +29,9 @@ def route2(request, gateway, blame, hostname2): @pytest.fixture(scope="module") -def authorization2(route2, blame, openshift2, module_label, oidc_provider): +def authorization2(route2, blame, openshift2, label, oidc_provider): """Second valid hostname""" - auth = AuthConfig.create_instance(openshift2, blame("ac"), route2, labels={"testRun": module_label}) + auth = AuthConfig.create_instance(openshift2, blame("ac"), route2, labels={"testRun": label}) auth.identity.add_oidc("rhsso", oidc_provider.well_known["issuer"]) return auth diff --git a/testsuite/tests/kuadrant/authorino/operator/clusterwide/test_wildcard_collision.py b/testsuite/tests/kuadrant/authorino/operator/clusterwide/test_wildcard_collision.py index 341cd422..3d338c68 100644 --- a/testsuite/tests/kuadrant/authorino/operator/clusterwide/test_wildcard_collision.py +++ b/testsuite/tests/kuadrant/authorino/operator/clusterwide/test_wildcard_collision.py @@ -20,18 +20,18 @@ def route(route, wildcard_domain, hostname): # pylint: disable = unused-argument @pytest.fixture(scope="module") -def authorization(authorino, blame, route, openshift, module_label, gateway): +def authorization(authorino, blame, route, openshift, label, gateway): """Create AuthConfig with host set to wildcard_domain""" - auth = AuthConfig.create_instance(openshift, blame("ac"), route, labels={"testRun": module_label}) + auth = AuthConfig.create_instance(openshift, blame("ac"), route, labels={"testRun": label}) auth.responses.add_success_header("header", JsonResponse({"anything": Value("one")})) return auth # pylint: disable = unused-argument @pytest.fixture(scope="module") -def authorization2(authorino, blame, route, openshift2, module_label, gateway): +def authorization2(authorino, blame, route, openshift2, label, gateway): """Create AuthConfig with host set to wildcard_domain in another project""" - auth = AuthConfig.create_instance(openshift2, blame("ac"), route, labels={"testRun": module_label}) + auth = AuthConfig.create_instance(openshift2, blame("ac"), route, labels={"testRun": label}) auth.responses.add_success_header("header", JsonResponse({"anything": Value("two")})) return auth diff --git a/testsuite/tests/kuadrant/authorino/operator/conftest.py b/testsuite/tests/kuadrant/authorino/operator/conftest.py index e69de29b..418ef42f 100644 --- a/testsuite/tests/kuadrant/authorino/operator/conftest.py +++ b/testsuite/tests/kuadrant/authorino/operator/conftest.py @@ -0,0 +1,52 @@ +"""Conftest for all tests requiring direct access to Authorino Operator""" + +import pytest + +from testsuite.gateway.envoy import Envoy +from testsuite.openshift.authorino import AuthorinoCR, Authorino + + +@pytest.fixture(scope="module") +def gateway(request, authorino, openshift, blame, label, testconfig) -> Envoy: + """Deploys Envoy that wires up the Backend behind the reverse-proxy and Authorino instance""" + gw = Envoy( + openshift, + blame("gw"), + authorino, + testconfig["service_protection"]["envoy"]["image"], + labels={"app": label}, + ) + request.addfinalizer(gw.delete) + gw.commit() + gw.wait_for_ready(timeout=10 * 60) + return gw + + +@pytest.fixture(scope="module") +def authorino_parameters(): + """Optional parameters for Authorino creation, passed to the __init__""" + return {} + + +@pytest.fixture(scope="module") +def authorino(openshift, blame, request, testconfig, label, authorino_parameters) -> Authorino: + """Module scoped Authorino instance, with specific parameters""" + authorino_config = testconfig["service_protection"]["authorino"] + if not authorino_config["deploy"]: + return pytest.skip("Can't change parameters of already deployed Authorino") + + labels = authorino_parameters.setdefault("label_selectors", []) + labels.append(f"testRun={label}") + + authorino_parameters.setdefault("name", blame("authorino")) + + authorino = AuthorinoCR.create_instance( + openshift, + image=authorino_config.get("image"), + log_level=authorino_config.get("log_level"), + **authorino_parameters, + ) + request.addfinalizer(authorino.delete) + authorino.commit() + authorino.wait_for_ready() + return authorino diff --git a/testsuite/tests/kuadrant/authorino/operator/sharding/conftest.py b/testsuite/tests/kuadrant/authorino/operator/sharding/conftest.py index e5be6f9f..e7f56636 100644 --- a/testsuite/tests/kuadrant/authorino/operator/sharding/conftest.py +++ b/testsuite/tests/kuadrant/authorino/operator/sharding/conftest.py @@ -46,7 +46,7 @@ def _route(hostname, gateway): # pylint: disable=unused-argument @pytest.fixture(scope="module") -def setup_authorization(request, blame, openshift, module_label): +def setup_authorization(request, blame, openshift, label): """Factory method for creating AuthConfigs in the test run""" def _authorization(route, sharding_label=None): @@ -54,7 +54,7 @@ def _authorization(route, sharding_label=None): openshift, blame("ac"), route, - labels={"testRun": module_label, "sharding": sharding_label}, + labels={"testRun": label, "sharding": sharding_label}, ) auth.responses.add_success_header("header", JsonResponse({"anything": Value(sharding_label)})) request.addfinalizer(auth.delete) diff --git a/testsuite/tests/kuadrant/authorino/operator/sharding/test_preexisting_auth.py b/testsuite/tests/kuadrant/authorino/operator/sharding/test_preexisting_auth.py index b147c52c..d6363341 100644 --- a/testsuite/tests/kuadrant/authorino/operator/sharding/test_preexisting_auth.py +++ b/testsuite/tests/kuadrant/authorino/operator/sharding/test_preexisting_auth.py @@ -9,7 +9,7 @@ @pytest.fixture(scope="module") -def setup_authorino(openshift, blame, testconfig, module_label, request): +def setup_authorino(openshift, blame, testconfig, label, request): """Authorino instance""" def _authorino(sharding_label): @@ -17,7 +17,7 @@ def _authorino(sharding_label): openshift, blame("authorino"), image=weakget(testconfig)["authorino"]["image"] % None, - label_selectors=[f"sharding={sharding_label}", f"testRun={module_label}"], + label_selectors=[f"sharding={sharding_label}", f"testRun={label}"], ) request.addfinalizer(authorino.delete) authorino.commit() diff --git a/testsuite/tests/kuadrant/authorino/operator/test_wildcard.py b/testsuite/tests/kuadrant/authorino/operator/test_wildcard.py index 8376dff7..896df140 100644 --- a/testsuite/tests/kuadrant/authorino/operator/test_wildcard.py +++ b/testsuite/tests/kuadrant/authorino/operator/test_wildcard.py @@ -18,9 +18,9 @@ def route(route, wildcard_domain, hostname): @pytest.fixture(scope="module") -def authorization(blame, route, openshift, module_label): +def authorization(blame, route, openshift, label): """In case of Authorino, AuthConfig used for authorization""" - return AuthConfig.create_instance(openshift, blame("ac"), route, labels={"testRun": module_label}) + return AuthConfig.create_instance(openshift, blame("ac"), route, labels={"testRun": label}) def test_wildcard(client): diff --git a/testsuite/tests/kuadrant/authorino/tracing/__init__.py b/testsuite/tests/kuadrant/authorino/operator/tracing/__init__.py similarity index 100% rename from testsuite/tests/kuadrant/authorino/tracing/__init__.py rename to testsuite/tests/kuadrant/authorino/operator/tracing/__init__.py diff --git a/testsuite/tests/kuadrant/authorino/tracing/conftest.py b/testsuite/tests/kuadrant/authorino/operator/tracing/conftest.py similarity index 100% rename from testsuite/tests/kuadrant/authorino/tracing/conftest.py rename to testsuite/tests/kuadrant/authorino/operator/tracing/conftest.py diff --git a/testsuite/tests/kuadrant/authorino/tracing/test_tracing.py b/testsuite/tests/kuadrant/authorino/operator/tracing/test_tracing.py similarity index 100% rename from testsuite/tests/kuadrant/authorino/tracing/test_tracing.py rename to testsuite/tests/kuadrant/authorino/operator/tracing/test_tracing.py diff --git a/testsuite/tests/kuadrant/authorino/tracing/test_tracing_tags.py b/testsuite/tests/kuadrant/authorino/operator/tracing/test_tracing_tags.py similarity index 100% rename from testsuite/tests/kuadrant/authorino/tracing/test_tracing_tags.py rename to testsuite/tests/kuadrant/authorino/operator/tracing/test_tracing_tags.py diff --git a/testsuite/tests/kuadrant/authorino/wristband/conftest.py b/testsuite/tests/kuadrant/authorino/wristband/conftest.py index a500f276..0632765d 100644 --- a/testsuite/tests/kuadrant/authorino/wristband/conftest.py +++ b/testsuite/tests/kuadrant/authorino/wristband/conftest.py @@ -97,7 +97,7 @@ def wristband_authorization( wristband_name, oidc_provider, wristband_hostname, - module_label, + label, wristband_endpoint, wristband_secret, ): @@ -112,7 +112,7 @@ def wristband_authorization( gateway.openshift, wristband_name, route, - labels={"testRun": module_label}, + labels={"testRun": label}, ) authorization.identity.add_oidc("rhsso", oidc_provider.well_known["issuer"]) diff --git a/testsuite/tests/kuadrant/conftest.py b/testsuite/tests/kuadrant/conftest.py index b1d27792..8090249f 100644 --- a/testsuite/tests/kuadrant/conftest.py +++ b/testsuite/tests/kuadrant/conftest.py @@ -8,7 +8,7 @@ # pylint: disable=unused-argument -@pytest.fixture(scope="module") +@pytest.fixture(scope="session") def authorino(kuadrant): """Authorino instance when configured through Kuadrant""" if kuadrant: @@ -24,10 +24,10 @@ def authorization_name(blame): @pytest.fixture(scope="module") -def authorization(authorino, kuadrant, oidc_provider, route, authorization_name, openshift, module_label): +def authorization(kuadrant, oidc_provider, route, authorization_name, openshift, label): """Authorization object (In case of Kuadrant AuthPolicy)""" if kuadrant: - return AuthPolicy.create_instance(openshift, authorization_name, route, labels={"testRun": module_label}) + return AuthPolicy.create_instance(openshift, authorization_name, route, labels={"testRun": label}) return None diff --git a/testsuite/tests/kuadrant/gateway/conftest.py b/testsuite/tests/kuadrant/gateway/conftest.py index 5b040bce..6143d4e2 100644 --- a/testsuite/tests/kuadrant/gateway/conftest.py +++ b/testsuite/tests/kuadrant/gateway/conftest.py @@ -2,24 +2,24 @@ import pytest +from testsuite.gateway.gateway_api.gateway import KuadrantGateway from testsuite.httpx.auth import HttpxOidcClientAuth -from testsuite.policy.authorization.auth_policy import AuthPolicy @pytest.fixture(scope="module") -def gateway_ready(gateway): +def gateway(request, openshift, blame, wildcard_domain, module_label): """Returns ready gateway""" - gateway.wait_for_ready() - return gateway + gw = KuadrantGateway.create_instance(openshift, blame("gw"), wildcard_domain, {"app": module_label}) + request.addfinalizer(gw.delete) + gw.commit() + gw.wait_for_ready(timeout=10 * 60) + return gw @pytest.fixture(scope="module") -def authorization(gateway_ready, route, oidc_provider, authorization_name, openshift, module_label): +def authorization(authorization, oidc_provider): # pylint: disable=unused-argument """Create AuthPolicy attached to gateway""" - authorization = AuthPolicy.create_instance( - openshift, authorization_name, gateway_ready, labels={"testRun": module_label} - ) authorization.identity.add_oidc("rhsso", oidc_provider.well_known["issuer"]) return authorization