github.com/nginxinc/kubernetes-ingress@v1.12.5/tests/suite/test_jwt_secrets.py (about) 1 import requests 2 import pytest 3 4 from suite.fixtures import PublicEndpoint 5 from suite.resources_utils import create_secret_from_yaml, delete_secret, replace_secret, ensure_connection_to_public_endpoint, wait_before_test 6 from suite.resources_utils import create_items_from_yaml, delete_items_from_yaml, create_example_app, delete_common_app 7 from suite.resources_utils import wait_until_all_pods_are_ready, is_secret_present 8 from suite.yaml_utils import get_first_ingress_host_from_yaml 9 from settings import TEST_DATA 10 11 12 class JWTSecretsSetup: 13 """ 14 Encapsulate JWT Secrets Example details. 15 16 Attributes: 17 public_endpoint (PublicEndpoint): 18 ingress_host (str): 19 jwt_token (str): 20 """ 21 def __init__(self, public_endpoint: PublicEndpoint, ingress_host, jwt_token): 22 self.public_endpoint = public_endpoint 23 self.ingress_host = ingress_host 24 self.jwt_token = jwt_token 25 26 27 class JWTSecret: 28 """ 29 Encapsulate secret name for JWT Secrets Example. 30 31 Attributes: 32 secret_name (str): 33 """ 34 def __init__(self, secret_name): 35 self.secret_name = secret_name 36 37 38 @pytest.fixture(scope="class", params=["standard", "mergeable"]) 39 def jwt_secrets_setup(request, kube_apis, ingress_controller_endpoint, ingress_controller, test_namespace) -> JWTSecretsSetup: 40 with open(f"{TEST_DATA}/jwt-secrets/tokens/jwt-secrets-token.jwt", "r") as token_file: 41 token = token_file.read().replace('\n', '') 42 print("------------------------- Deploy JWT Secrets Example -----------------------------------") 43 create_items_from_yaml(kube_apis, f"{TEST_DATA}/jwt-secrets/{request.param}/jwt-secrets-ingress.yaml", test_namespace) 44 ingress_host = get_first_ingress_host_from_yaml(f"{TEST_DATA}/jwt-secrets/{request.param}/jwt-secrets-ingress.yaml") 45 create_example_app(kube_apis, "simple", test_namespace) 46 wait_until_all_pods_are_ready(kube_apis.v1, test_namespace) 47 ensure_connection_to_public_endpoint(ingress_controller_endpoint.public_ip, 48 ingress_controller_endpoint.port, 49 ingress_controller_endpoint.port_ssl) 50 51 def fin(): 52 print("Clean up the JWT Secrets Application:") 53 delete_common_app(kube_apis, "simple", test_namespace) 54 delete_items_from_yaml(kube_apis, f"{TEST_DATA}/jwt-secrets/{request.param}/jwt-secrets-ingress.yaml", 55 test_namespace) 56 57 request.addfinalizer(fin) 58 59 return JWTSecretsSetup(ingress_controller_endpoint, ingress_host, token) 60 61 62 @pytest.fixture 63 def jwt_secret(request, kube_apis, ingress_controller_endpoint, jwt_secrets_setup, test_namespace) -> JWTSecret: 64 secret_name = create_secret_from_yaml(kube_apis.v1, test_namespace, f"{TEST_DATA}/jwt-secrets/jwt-secret.yaml") 65 wait_before_test(1) 66 67 def fin(): 68 print("Delete Secret:") 69 if is_secret_present(kube_apis.v1, secret_name, test_namespace): 70 delete_secret(kube_apis.v1, secret_name, test_namespace) 71 72 request.addfinalizer(fin) 73 74 return JWTSecret(secret_name) 75 76 77 @pytest.mark.ingresses 78 @pytest.mark.skip_for_nginx_oss 79 class TestJWTSecrets: 80 def test_response_code_200_and_server_name(self, jwt_secrets_setup, jwt_secret): 81 req_url = f"http://{jwt_secrets_setup.public_endpoint.public_ip}:{jwt_secrets_setup.public_endpoint.port}/backend2" 82 resp = requests.get(req_url, headers={"host": jwt_secrets_setup.ingress_host}, cookies={"auth_token": jwt_secrets_setup.jwt_token}) 83 assert resp.status_code == 200 84 assert f"Server name: backend2" in resp.text 85 86 def test_response_codes_after_secret_remove_and_restore(self, kube_apis, jwt_secrets_setup, test_namespace, jwt_secret): 87 req_url = f"http://{jwt_secrets_setup.public_endpoint.public_ip}:{jwt_secrets_setup.public_endpoint.port}/backend2" 88 delete_secret(kube_apis.v1, jwt_secret.secret_name, test_namespace) 89 wait_before_test(1) 90 resp = requests.get(req_url, headers={"host": jwt_secrets_setup.ingress_host}, cookies={"auth_token": jwt_secrets_setup.jwt_token}) 91 assert resp.status_code == 500 92 93 jwt_secret.secret_name = create_secret_from_yaml(kube_apis.v1, test_namespace, f"{TEST_DATA}/jwt-secrets/jwt-secret.yaml") 94 wait_before_test(1) 95 resp = requests.get(req_url, headers={"host": jwt_secrets_setup.ingress_host}, cookies={"auth_token": jwt_secrets_setup.jwt_token}) 96 assert resp.status_code == 200 97 98 def test_response_code_500_with_invalid_secret(self, kube_apis, jwt_secrets_setup, test_namespace, jwt_secret): 99 req_url = f"http://{jwt_secrets_setup.public_endpoint.public_ip}:{jwt_secrets_setup.public_endpoint.port}/backend2" 100 replace_secret(kube_apis.v1, jwt_secret.secret_name, test_namespace, f"{TEST_DATA}/jwt-secrets/jwt-secret-invalid.yaml") 101 wait_before_test(1) 102 resp = requests.get(req_url, headers={"host": jwt_secrets_setup.ingress_host}, cookies={"auth_token": jwt_secrets_setup.jwt_token}) 103 assert resp.status_code == 500 104 105 def test_response_code_302_with_updated_secret(self, kube_apis, jwt_secrets_setup, test_namespace, jwt_secret): 106 req_url = f"http://{jwt_secrets_setup.public_endpoint.public_ip}:{jwt_secrets_setup.public_endpoint.port}/backend2" 107 replace_secret(kube_apis.v1, jwt_secret.secret_name, test_namespace, f"{TEST_DATA}/jwt-secrets/jwt-secret-updated.yaml") 108 wait_before_test(1) 109 resp = requests.get(req_url, headers={"host": jwt_secrets_setup.ingress_host}, cookies={"auth_token": jwt_secrets_setup.jwt_token}, allow_redirects=False) 110 assert resp.status_code == 302