...

Source file src/sigs.k8s.io/gateway-api/conformance/tests/tlsroute-simple-same-namespace.go

Documentation: sigs.k8s.io/gateway-api/conformance/tests 

     1  /*
     2  Copyright 2022 The Kubernetes Authors.
     3  
     4  Licensed under the Apache License, Version 2.0 (the "License");
     5  you may not use this file except in compliance with the License.
     6  You may obtain a copy of the License at
     7  
     8      http://www.apache.org/licenses/LICENSE-2.0
     9  
    10  Unless required by applicable law or agreed to in writing, software
    11  distributed under the License is distributed on an "AS IS" BASIS,
    12  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13  See the License for the specific language governing permissions and
    14  limitations under the License.
    15  */
    16  
    17  package tests
    18  
    19  import (
    20  	"context"
    21  	"fmt"
    22  	"testing"
    23  	"time"
    24  
    25  	v1 "k8s.io/api/core/v1"
    26  	"k8s.io/apimachinery/pkg/types"
    27  
    28  	"sigs.k8s.io/controller-runtime/pkg/client"
    29  
    30  	"sigs.k8s.io/gateway-api/conformance/utils/http"
    31  	"sigs.k8s.io/gateway-api/conformance/utils/kubernetes"
    32  	"sigs.k8s.io/gateway-api/conformance/utils/suite"
    33  	"sigs.k8s.io/gateway-api/conformance/utils/tls"
    34  )
    35  
    36  func init() {
    37  	ConformanceTests = append(ConformanceTests, TLSRouteSimpleSameNamespace)
    38  }
    39  
    40  var TLSRouteSimpleSameNamespace = suite.ConformanceTest{
    41  	ShortName:   "TLSRouteSimpleSameNamespace",
    42  	Description: "A single TLSRoute in the gateway-conformance-infra namespace attaches to a Gateway in the same namespace",
    43  	Features: []suite.SupportedFeature{
    44  		suite.SupportGateway,
    45  		suite.SupportTLSRoute,
    46  	},
    47  	Manifests: []string{"tests/tlsroute-simple-same-namespace.yaml"},
    48  	Test: func(t *testing.T, suite *suite.ConformanceTestSuite) {
    49  		ns := "gateway-conformance-infra"
    50  		routeNN := types.NamespacedName{Name: "gateway-conformance-infra-test", Namespace: ns}
    51  		gwNN := types.NamespacedName{Name: "gateway-tlsroute", Namespace: ns}
    52  		certNN := types.NamespacedName{Name: "tls-passthrough-checks-certificate", Namespace: ns}
    53  
    54  		kubernetes.NamespacesMustBeReady(t, suite.Client, suite.TimeoutConfig, []string{ns})
    55  
    56  		gwAddr, hostnames := kubernetes.GatewayAndTLSRoutesMustBeAccepted(t, suite.Client, suite.TimeoutConfig, suite.ControllerName, kubernetes.NewGatewayRef(gwNN), routeNN)
    57  		if len(hostnames) != 1 {
    58  			t.Fatalf("unexpected error in test configuration, found %d hostnames", len(hostnames))
    59  		}
    60  		serverStr := string(hostnames[0])
    61  
    62  		cPem, keyPem, err := GetTLSSecret(suite.Client, certNN)
    63  		if err != nil {
    64  			t.Fatalf("unexpected error finding TLS secret: %v", err)
    65  		}
    66  		t.Run("Simple TLS request matching TLSRoute should reach infra-backend", func(t *testing.T) {
    67  			tls.MakeTLSRequestAndExpectEventuallyConsistentResponse(t, suite.RoundTripper, suite.TimeoutConfig, gwAddr, cPem, keyPem, serverStr,
    68  				http.ExpectedResponse{
    69  					Request:   http.Request{Host: serverStr, Path: "/"},
    70  					Backend:   "tls-backend",
    71  					Namespace: "gateway-conformance-infra",
    72  				})
    73  		})
    74  	},
    75  }
    76  
    77  // GetTLSSecret fetches the named Secret and converts both cert and key to []byte
    78  func GetTLSSecret(client client.Client, secretName types.NamespacedName) ([]byte, []byte, error) {
    79  	var cert, key []byte
    80  
    81  	ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
    82  	defer cancel()
    83  
    84  	secret := &v1.Secret{}
    85  	err := client.Get(ctx, secretName, secret)
    86  	if err != nil {
    87  		return cert, key, fmt.Errorf("error fetching TLS Secret: %w", err)
    88  	}
    89  	cert = secret.Data["tls.crt"]
    90  	key = secret.Data["tls.key"]
    91  
    92  	return cert, key, nil
    93  }
    94  

View as plain text