github.com/interconnectedcloud/qdr-operator@v0.0.0-20210826174505-576d2b33dac7/test/e2e/spec_listener.go (about) 1 package e2e 2 3 import ( 4 "context" 5 "fmt" 6 "github.com/interconnectedcloud/qdr-operator/pkg/apis/interconnectedcloud/v1alpha1" 7 "github.com/interconnectedcloud/qdr-operator/test/e2e/framework" 8 "github.com/interconnectedcloud/qdr-operator/test/e2e/framework/qdrmanagement" 9 "github.com/interconnectedcloud/qdr-operator/test/e2e/framework/qdrmanagement/entities/common" 10 "github.com/interconnectedcloud/qdr-operator/test/e2e/validation" 11 "github.com/onsi/ginkgo" 12 "github.com/onsi/gomega" 13 ) 14 15 var _ = ginkgo.Describe("[spec_listener] Listener manipulation tests", func() { 16 17 var ( 18 icName = "listener" 19 size = 3 20 ) 21 22 // Framework instance to be used across test specs 23 f := framework.NewFramework(icName, nil) 24 25 // 26 // Validating manipulation of normal, inter-router and edge listeners 27 // 28 ginkgo.It("Defines listeners", func() { 29 ginkgo.By("creating an Interconnect with listeners") 30 // Create a new Interconnect with the corresponding AMQP and HTTP listeners 31 ic, err := f.CreateInterconnect(f.Namespace, int32(size), specListenerNoSSL) 32 gomega.Expect(err).NotTo(gomega.HaveOccurred()) 33 gomega.Expect(ic).NotTo(gomega.BeNil()) 34 35 // Wait till Interconnect up and running 36 err = framework.WaitForDeployment(f.KubeClient, f.Namespace, ic.Name, size, framework.RetryInterval, framework.Timeout) 37 gomega.Expect(err).NotTo(gomega.HaveOccurred()) 38 39 // Wait till mesh is formed 40 ginkgo.By("Waiting until full interconnect initial qdr entities") 41 ctx, fn := context.WithTimeout(context.Background(), framework.Timeout) 42 defer fn() 43 err = qdrmanagement.WaitUntilFullInterconnectWithQdrEntities(ctx, f, ic) 44 gomega.Expect(err).NotTo(gomega.HaveOccurred()) 45 46 // Retrieve current Interconnect 47 ic, err = f.GetInterconnect(ic.Name) 48 gomega.Expect(err).NotTo(gomega.HaveOccurred()) 49 50 // Validating the two defined listeners are present 51 validation.ValidateSpecListener(ic, f, validation.ListenerMapByPort{ 52 "5672": { 53 "Name": "normal-amqp", 54 "Host": "0.0.0.0", 55 "Role": common.RoleNormal, 56 "Port": "5672", 57 "LinkCapacity": 200, 58 }, 59 "8080": { 60 "Name": "normal-http", 61 "Host": "0.0.0.0", 62 "Role": common.RoleNormal, 63 "Port": "8080", 64 "Http": true, 65 "LinkCapacity": 200, 66 }, 67 "15672": { 68 "Name": "inter-amqp", 69 "Host": "0.0.0.0", 70 "Role": common.RoleInterRouter, 71 "Port": "15672", 72 "LinkCapacity": 200, 73 }, 74 "25672": { 75 "Name": "edge-amqp", 76 "Host": "0.0.0.0", 77 "Role": common.RoleEdge, 78 "Port": "25672", 79 "LinkCapacity": 200, 80 }, 81 }) 82 }) 83 84 ginkgo.It("Defines listeners with cert-manager installed", func() { 85 if !f.CertManagerPresent { 86 ginkgo.Skip("No cert-manager installed") 87 } 88 89 ginkgo.By("creating an Interconnect with AMQPS and HTTPS listeners") 90 // Create a new Interconnect with the corresponding AMQP and HTTP listeners 91 ic, err := f.CreateInterconnect(f.Namespace, int32(size), specListenerSSL, specListenerNormalSslProfile) 92 gomega.Expect(err).NotTo(gomega.HaveOccurred()) 93 gomega.Expect(ic).NotTo(gomega.BeNil()) 94 95 // Wait for deployment 96 err = framework.WaitForDeployment(f.KubeClient, f.Namespace, ic.Name, size, framework.RetryInterval, framework.Timeout) 97 gomega.Expect(err).NotTo(gomega.HaveOccurred()) 98 99 // Wait till Interconnect up and running 100 ginkgo.By("Waiting until full interconnect initial qdr entities") 101 ctx, fn := context.WithTimeout(context.Background(), framework.Timeout) 102 defer fn() 103 err = qdrmanagement.WaitUntilFullInterconnectWithQdrEntities(ctx, f, ic) 104 gomega.Expect(err).NotTo(gomega.HaveOccurred()) 105 106 // Retrieve current Interconnect 107 ic, err = f.GetInterconnect(ic.Name) 108 gomega.Expect(err).NotTo(gomega.HaveOccurred()) 109 110 // Validating the two defined listeners are present 111 ginkgo.By("Validating defined listeners") 112 validation.ValidateSpecListener(ic, f, validation.ListenerMapByPort{ 113 "5672": { 114 "Name": "normal-amqp", 115 "Host": "0.0.0.0", 116 "Role": common.RoleNormal, 117 "Port": "5672", 118 "LinkCapacity": 200, 119 }, 120 "5671": { 121 "Name": "normal-amqps", 122 "Host": "0.0.0.0", 123 "Role": common.RoleNormal, 124 "SslProfile": "amqps", 125 "Port": "5671", 126 "LinkCapacity": 200, 127 }, 128 "8443": { 129 "Name": "normal-https", 130 "Host": "0.0.0.0", 131 "Role": common.RoleNormal, 132 "SslProfile": "https", 133 "Port": "8443", 134 "Http": true, 135 "LinkCapacity": 200, 136 }, 137 "15671": { 138 "Name": "inter-amqps", 139 "Host": "0.0.0.0", 140 "Role": common.RoleInterRouter, 141 "SslProfile": "amqps", 142 "SaslMechanisms": "EXTERNAL", 143 "Port": "15671", 144 "LinkCapacity": 200, 145 }, 146 "25671": { 147 "Name": "edge-amqps", 148 "Host": "0.0.0.0", 149 "Role": common.RoleEdge, 150 "SslProfile": "amqps", 151 "Port": "25671", 152 "LinkCapacity": 200, 153 }, 154 }) 155 156 // Validating defined SSL Profiles 157 ginkgo.By("Validating SSL Profiles") 158 validation.ValidateSslProfileModels(ic, f, validation.SslProfileMapByName{ 159 "amqps": { 160 "Name": "amqps", 161 "CaCertFile": fmt.Sprintf("/etc/qpid-dispatch-certs/%s/%s/ca.crt", "amqps", "amqps-crt"), // amqps-crt because of mutual auth (otherwise would be amqps-ca 162 "CertFile": fmt.Sprintf("/etc/qpid-dispatch-certs/%s/%s/tls.crt", "amqps", "amqps-crt"), 163 "PrivateKeyFile": fmt.Sprintf("/etc/qpid-dispatch-certs/%s/%s/tls.key", "amqps", "amqps-crt"), 164 }, 165 "https": { 166 "Name": "https", 167 "CaCertFile": fmt.Sprintf("/etc/qpid-dispatch-certs/%s/%s/tls.crt", "https", "https-ca"), 168 "CertFile": fmt.Sprintf("/etc/qpid-dispatch-certs/%s/%s/tls.crt", "https", "https-crt"), 169 "PrivateKeyFile": fmt.Sprintf("/etc/qpid-dispatch-certs/%s/%s/tls.key", "https", "https-crt"), 170 }, 171 }) 172 173 // Verify amqps-ca Issuer exists (as MutualAuth: true) 174 ginkgo.By("Validating Issuers") 175 issuer, err := f.GetResource(framework.Issuers, "amqps-ca") 176 gomega.Expect(err).NotTo(gomega.HaveOccurred()) 177 gomega.Expect(issuer).NotTo(gomega.BeNil()) 178 gomega.Expect(issuer.GetKind()).To(gomega.Equal("Issuer")) 179 180 // Verify certificates have been generated 181 ginkgo.By("Validating Certificates") 182 expectedCertificates := []string{"amqps-ca", "amqps-crt", "https-ca", "https-crt"} 183 for _, certName := range expectedCertificates { 184 cert, err := f.GetResource(framework.Certificates, certName) 185 gomega.Expect(err).NotTo(gomega.HaveOccurred()) 186 gomega.Expect(cert).NotTo(gomega.BeNil()) 187 gomega.Expect(cert.GetKind()).To(gomega.Equal("Certificate")) 188 } 189 190 }) 191 }) 192 193 func specListenerNoSSL(interconnect *v1alpha1.Interconnect) { 194 interconnect.Spec.Listeners = []v1alpha1.Listener{ 195 { 196 Name: "normal-amqp", 197 Host: "0.0.0.0", 198 Port: int32(5672), 199 Expose: true, 200 LinkCapacity: int32(200), 201 }, 202 { 203 Name: "normal-http", 204 Host: "0.0.0.0", 205 Port: int32(8080), 206 Http: true, 207 Expose: true, 208 LinkCapacity: int32(200), 209 }, 210 } 211 interconnect.Spec.InterRouterListeners = []v1alpha1.Listener{ 212 { 213 Name: "inter-amqp", 214 Host: "0.0.0.0", 215 Port: int32(15672), 216 Expose: true, 217 LinkCapacity: int32(200), 218 }, 219 } 220 interconnect.Spec.EdgeListeners = []v1alpha1.Listener{ 221 { 222 Name: "edge-amqp", 223 Host: "0.0.0.0", 224 Port: int32(25672), 225 Expose: true, 226 LinkCapacity: int32(200), 227 }, 228 } 229 } 230 231 func specListenerSSL(interconnect *v1alpha1.Interconnect) { 232 interconnect.Spec.Listeners = []v1alpha1.Listener{ 233 { 234 Name: "normal-amqp", 235 Host: "0.0.0.0", 236 Port: int32(5672), 237 Expose: true, 238 LinkCapacity: int32(200), 239 }, 240 { 241 Name: "normal-amqps", 242 Host: "0.0.0.0", 243 Port: int32(5671), 244 SslProfile: "amqps", 245 AuthenticatePeer: true, 246 Expose: true, 247 LinkCapacity: int32(200), 248 }, 249 { 250 Name: "normal-https", 251 Host: "0.0.0.0", 252 Port: int32(8443), 253 Http: true, 254 SslProfile: "https", 255 AuthenticatePeer: false, 256 Expose: true, 257 LinkCapacity: int32(200), 258 }, 259 } 260 interconnect.Spec.InterRouterListeners = []v1alpha1.Listener{ 261 { 262 Name: "inter-amqps", 263 Host: "0.0.0.0", 264 Port: int32(15671), 265 SslProfile: "amqps", 266 SaslMechanisms: "EXTERNAL", 267 AuthenticatePeer: true, 268 Expose: true, 269 LinkCapacity: int32(200), 270 }, 271 } 272 interconnect.Spec.EdgeListeners = []v1alpha1.Listener{ 273 { 274 Name: "edge-amqps", 275 Host: "0.0.0.0", 276 Port: int32(25671), 277 SslProfile: "amqps", 278 SaslMechanisms: "EXTERNAL", 279 AuthenticatePeer: true, 280 Expose: true, 281 LinkCapacity: int32(200), 282 }, 283 } 284 } 285 286 func specListenerNormalSslProfile(interconnect *v1alpha1.Interconnect) { 287 interconnect.Spec.SslProfiles = []v1alpha1.SslProfile{ 288 { 289 Name: "amqps", 290 Credentials: "amqps-crt", 291 CaCert: "amqps-ca", 292 GenerateCredentials: true, 293 GenerateCaCert: true, 294 MutualAuth: true, 295 }, 296 { 297 Name: "https", 298 Credentials: "https-crt", 299 CaCert: "https-ca", 300 GenerateCredentials: true, 301 GenerateCaCert: true, 302 MutualAuth: false, 303 }, 304 } 305 }