istio.io/istio@v0.0.0-20240520182934-d79c90f27776/pilot/pkg/networking/core/tls_test.go (about) 1 // Copyright Istio Authors 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 15 package core 16 17 import ( 18 "testing" 19 20 "istio.io/api/networking/v1alpha3" 21 "istio.io/istio/pkg/config/labels" 22 "istio.io/istio/pkg/util/sets" 23 ) 24 25 func TestMatchTLS(t *testing.T) { 26 type args struct { 27 match *v1alpha3.TLSMatchAttributes 28 proxyLabels labels.Instance 29 gateways sets.String 30 port int 31 namespace string 32 } 33 tests := []struct { 34 name string 35 args args 36 want bool 37 }{ 38 { 39 "source namespace match", 40 args{ 41 match: &v1alpha3.TLSMatchAttributes{ 42 SourceNamespace: "foo", 43 }, 44 namespace: "foo", 45 }, 46 true, 47 }, 48 { 49 "source namespace not match", 50 args{ 51 match: &v1alpha3.TLSMatchAttributes{ 52 SourceNamespace: "foo", 53 }, 54 namespace: "bar", 55 }, 56 false, 57 }, 58 { 59 "source namespace not match when empty", 60 args{ 61 match: &v1alpha3.TLSMatchAttributes{ 62 SourceNamespace: "foo", 63 }, 64 namespace: "", 65 }, 66 false, 67 }, 68 { 69 "source namespace any", 70 args{ 71 match: &v1alpha3.TLSMatchAttributes{}, 72 namespace: "bar", 73 }, 74 true, 75 }, 76 } 77 for _, tt := range tests { 78 t.Run(tt.name, func(t *testing.T) { 79 if got := matchTLS(tt.args.match, tt.args.proxyLabels, tt.args.gateways, tt.args.port, tt.args.namespace); got != tt.want { 80 t.Errorf("matchTLS() = %v, want %v", got, tt.want) 81 } 82 }) 83 } 84 } 85 86 func TestMatchTCP(t *testing.T) { 87 type args struct { 88 match *v1alpha3.L4MatchAttributes 89 proxyLabels labels.Instance 90 gateways sets.String 91 port int 92 namespace string 93 } 94 tests := []struct { 95 name string 96 args args 97 want bool 98 }{ 99 { 100 "source namespace match", 101 args{ 102 match: &v1alpha3.L4MatchAttributes{ 103 SourceNamespace: "foo", 104 }, 105 namespace: "foo", 106 }, 107 true, 108 }, 109 { 110 "source namespace not match", 111 args{ 112 match: &v1alpha3.L4MatchAttributes{ 113 SourceNamespace: "foo", 114 }, 115 namespace: "bar", 116 }, 117 false, 118 }, 119 { 120 "source namespace not match when empty", 121 args{ 122 match: &v1alpha3.L4MatchAttributes{ 123 SourceNamespace: "foo", 124 }, 125 namespace: "", 126 }, 127 false, 128 }, 129 { 130 "source namespace any", 131 args{ 132 match: &v1alpha3.L4MatchAttributes{}, 133 namespace: "bar", 134 }, 135 true, 136 }, 137 } 138 for _, tt := range tests { 139 t.Run(tt.name, func(t *testing.T) { 140 if got := matchTCP(tt.args.match, tt.args.proxyLabels, tt.args.gateways, tt.args.port, tt.args.namespace); got != tt.want { 141 t.Errorf("matchTLS() = %v, want %v", got, tt.want) 142 } 143 }) 144 } 145 }