Skip to content

Commit

Permalink
Add test for ingress internal and external.
Browse files Browse the repository at this point in the history
* Add genereate_config.sh to generate config for tests. It should be run
  before running tests.
* Add tests for ingress internal and external.
  • Loading branch information
sawsa307 committed Oct 10, 2023
1 parent 4c7cd32 commit e94bd69
Show file tree
Hide file tree
Showing 10 changed files with 166 additions and 9 deletions.
3 changes: 2 additions & 1 deletion .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -4,4 +4,5 @@ asm/
.crt
.key
.pem
certs/
certs/
test/test.conf
14 changes: 13 additions & 1 deletion ingress/single-cluster/ingress-external-basic/cleanup.sh
Original file line number Diff line number Diff line change
Expand Up @@ -19,4 +19,16 @@ set -o nounset;
set -o pipefail;
set -o xtrace;

echo "Running external basic cleanup."
source "$(find -name helper.sh)" "$@"
source "$(find -name test.conf)" "$@"
test_name="ingress-external-basic"
suffix=$(get_hash "${test_name}")
context=$(kubectl config view -o json | jq -r ".contexts[] | select(.name | test(\"-${suffix}\")).name")

resource_yaml="ingress/single-cluster/ingress-external-basic/external-ingress-basic.yaml"

kubectl --context "${context}" delete -f "${resource_yaml}" -n "${test_name}" || true
kubectl --context "${context}" delete namespace "${test_name}" || true
wait_for_glbc_deletion "foo-external" "${test_name}"

cleanup_gke_basic "${test_name}" "${zone}" "${subnet_region}"
12 changes: 11 additions & 1 deletion ingress/single-cluster/ingress-external-basic/run-test.sh
100644 → 100755
Original file line number Diff line number Diff line change
Expand Up @@ -19,4 +19,14 @@ set -o nounset;
set -o pipefail;
set -o xtrace;

echo "Running external basic test."
source "$(find -name helper.sh)" "$@"
source "$(find -name test.conf)" "$@"
test_name="ingress-external-basic"
suffix=$(get_hash "${test_name}")
context=$(kubectl config view -o json | jq -r ".contexts[] | select(.name | test(\"-${suffix}\")).name")

vip=$(wait_for_ingress_ip "foo-external" "${test_name}" "${context}")
echo "Load balancer IP is ${vip}"

check_http_status "${vip}" 200 "host: foo.example.com"
check_http_status "${vip}" 404 "host: bar.example.com"
12 changes: 11 additions & 1 deletion ingress/single-cluster/ingress-external-basic/setup.sh
Original file line number Diff line number Diff line change
Expand Up @@ -19,4 +19,14 @@ set -o nounset;
set -o pipefail;
set -o xtrace;

echo "Running external basic setup."
source "$(find -name helper.sh)" "$@"
source "$(find -name test.conf)" "$@"
test_name="ingress-external-basic"
setup_gke_basic "${test_name}" "${zone}" "${subnet_region}"
suffix=$(get_hash "${test_name}")
context=$(kubectl config view -o json | jq -r ".contexts[] | select(.name | test(\"-${suffix}\")).name")

resource_yaml="ingress/single-cluster/ingress-external-basic/external-ingress-basic.yaml"
kubectl --context "${context}" create namespace "${test_name}"

kubectl --context "${context}" apply -f "${resource_yaml}" -n "${test_name}"
34 changes: 34 additions & 0 deletions ingress/single-cluster/ingress-internal-basic/cleanup.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
#!/bin/bash

# Copyright 2023 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

set -o errexit;
set -o nounset;
set -o pipefail;
set -o xtrace;

source "$(find -name helper.sh)" "$@"
source "$(find -name test.conf)" "$@"
test_name="ingress-internal-basic"
suffix=$(get_hash "${test_name}")
context=$(kubectl config view -o json | jq -r ".contexts[] | select(.name | test(\"-${suffix}\")).name")

resource_yaml="ingress/single-cluster/ingress-internal-basic/internal-ingress-basic.yaml"

kubectl --context "${context}" delete -f "${resource_yaml}" -n "${test_name}" || true
kubectl --context "${context}" delete namespace "${test_name}" || true
wait_for_glbc_deletion "foo-internal" "${test_name}"

cleanup_gke_basic "${test_name}" "${zone}" "${subnet_region}"
32 changes: 32 additions & 0 deletions ingress/single-cluster/ingress-internal-basic/run-test.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
#!/bin/bash

# Copyright 2023 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

set -o errexit;
set -o nounset;
set -o pipefail;
set -o xtrace;

source "$(find -name helper.sh)" "$@"
source "$(find -name test.conf)" "$@"
test_name="ingress-internal-basic"
suffix=$(get_hash "${test_name}")
context=$(kubectl config view -o json | jq -r ".contexts[] | select(.name | test(\"-${suffix}\")).name")

vip=$(wait_for_ingress_ip "foo-internal" "${test_name}" "${context}")
echo "Load balancer IP is ${vip}"

check_http_status "${vip}" 200 "host: foo.example.com" "${test_name}" "${zone}"
check_http_status "${vip}" 404 "host: bar.example.com" "${test_name}" "${zone}"
33 changes: 33 additions & 0 deletions ingress/single-cluster/ingress-internal-basic/setup.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
#!/bin/bash

# Copyright 2023 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

set -o errexit;
set -o nounset;
set -o pipefail;
set -o xtrace;

source "$(find -name helper.sh)" "$@"
source "$(find -name test.conf)" "$@"
test_name="ingress-internal-basic"
setup_gke_basic "${test_name}" "${zone}" "${subnet_region}"
setup_ilb "${test_name}" "${subnet_region}"
suffix=$(get_hash "${test_name}")
context=$(kubectl config view -o json | jq -r ".contexts[] | select(.name | test(\"-${suffix}\")).name")

resource_yaml="ingress/single-cluster/ingress-internal-basic/internal-ingress-basic.yaml"
kubectl --context "${context}" create namespace "${test_name}"

kubectl --context "${context}" apply -f "${resource_yaml}" -n "${test_name}"
12 changes: 12 additions & 0 deletions test/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,18 @@ Make sure you are at the root directory of the repository.
cd gke-networking-recipes
```


First, set ZONE and SUBNET_REGION environment variable, then run ./test/generate_config.sh to generate the testing config.
```
export ZONE=zone
export SUBNET_REGION=subnet_region
./test/generate_config.sh
```

To run ingress-https test, you need a special project($DNS_PROJECT) that has configured DNS domain, and make sure the current service account have role/dns_admin access to that project. Create a public DNS zone(DNS_ZONE).
Then set the environment variable for DNS_PROJECT, RECORD1, RECORD2, DNS_ZONE before running generate_env.sh. Make sure the two records that uses the DNS name of the created DNS zone as suffix.

To run a specific test, run the setup.sh, run-test.sh, and cleanup.sh in order in the recipe directory.

```
Expand Down
11 changes: 11 additions & 0 deletions test/generate_config.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
testConf="test/test.conf"
echo "Writing to ${testConf}"
echo "----"
cat <<EOF | tee ${testConf}
zone="${ZONE}"
subnet_region="${SUBNET_REGION}"
dns_project="${DNS_PROJECT}"
dns_zone="${DNS_ZONE}"
record1="${RECORD1}"
record2="${RECORD2}"
EOF
12 changes: 7 additions & 5 deletions test/helper.sh
Original file line number Diff line number Diff line change
Expand Up @@ -36,14 +36,15 @@ get_hash() {
# Returns:
# 0 if the ingress IP is populated within 15 minutes, 1 if not.
wait_for_ingress_ip() {
local ing ns ATTEMPT
local ing ns conext ATTEMPT
ing="$1"
ns="$2"
context="$3"

# 180*5s=15min
for ATTEMPT in $(seq 180); do
local vip
vip=$(kubectl get ingress ${ing} \
vip=$(kubectl --context "${context}" get ingress ${ing} \
-n ${ns} \
-o jsonpath="{.status.loadBalancer.ingress[0].ip}")
if [[ ! -z "$vip" ]]; then
Expand All @@ -62,15 +63,16 @@ wait_for_ingress_ip() {
# Returns:
# 0 if the status of the given certificate is Active within 60 minutes, 1 if not.
wait_for_managed_cert() {
local mc ns ATTEMPT
local mc ns context ATTEMPT
mc="$1"
ns="$2"
context="$3"

# 360*10s=60min
for ATTEMPT in $(seq 360); do
local certStatus domainStatus status
# Check status of the certificate.
certStatus=$(kubectl get ManagedCertificate ${mc} \
certStatus=$(kubectl --context "${context}" get ManagedCertificate ${mc} \
-n ${ns} \
-o jsonpath="{.status.certificateStatus}")
if [[ "${certStatus}" != "Active" ]]; then
Expand All @@ -79,7 +81,7 @@ wait_for_managed_cert() {
fi

# Check status of each domain.
domainStatus=( $(kubectl get ManagedCertificate ${mc} \
domainStatus=( $(kubectl --context "${context}" get ManagedCertificate ${mc} \
-n ${ns} \
-o jsonpath="{.status.domainStatus}" | \
jq ".[] | .status") )
Expand Down

0 comments on commit e94bd69

Please sign in to comment.