istio.io/istio@v0.0.0-20240520182934-d79c90f27776/tests/integration/security/main_test.go

istio.io/istio@v0.0.0-20240520182934-d79c90f27776/tests/integration/security/main_test.go (about)

     1  //go:build integ
     2  // +build integ
     3  
     4  //  Copyright Istio Authors
     5  //
     6  //  Licensed under the Apache License, Version 2.0 (the "License");
     7  //  you may not use this file except in compliance with the License.
     8  //  You may obtain a copy of the License at
     9  //
    10  //      http://www.apache.org/licenses/LICENSE-2.0
    11  //
    12  //  Unless required by applicable law or agreed to in writing, software
    13  //  distributed under the License is distributed on an "AS IS" BASIS,
    14  //  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    15  //  See the License for the specific language governing permissions and
    16  //  limitations under the License.
    17  
    18  package security
    19  
    20  import (
    21  	"testing"
    22  
    23  	"istio.io/istio/pkg/test/framework"
    24  	"istio.io/istio/pkg/test/framework/components/authz"
    25  	"istio.io/istio/pkg/test/framework/components/echo/common/deployment"
    26  	"istio.io/istio/pkg/test/framework/components/istio"
    27  	"istio.io/istio/pkg/test/framework/components/jwt"
    28  	"istio.io/istio/pkg/test/framework/components/namespace"
    29  	"istio.io/istio/pkg/test/framework/resource"
    30  )
    31  
    32  var (
    33  	// Namespaces
    34  	echo1NS    namespace.Instance
    35  	echo2NS    namespace.Instance
    36  	externalNS namespace.Instance
    37  	serverNS   namespace.Instance
    38  
    39  	// Servers
    40  	apps             deployment.TwoNamespaceView
    41  	authzServer      authz.Server
    42  	localAuthzServer authz.Server
    43  	jwtServer        jwt.Server
    44  
    45  	i istio.Instance
    46  )
    47  
    48  func TestMain(m *testing.M) {
    49  	framework.
    50  		NewSuite(m).
    51  		Setup(istio.Setup(&i, func(c resource.Context, cfg *istio.Config) {
    52  			cfg.ControlPlaneValues = `
    53  values:
    54    global:
    55      logging:
    56        level: delta:debug
    57    pilot: 
    58      env: 
    59        PILOT_JWT_ENABLE_REMOTE_JWKS: true
    60  meshConfig:
    61    defaultConfig:
    62      gatewayTopology:
    63        numTrustedProxies: 1 # Needed for X-Forwarded-For (See https://istio.io/latest/docs/ops/configuration/traffic-management/network-topologies/)
    64  `
    65  		})).
    66  		// Create namespaces first. This way, echo can correctly configure egress to all namespaces.
    67  		SetupParallel(
    68  			namespace.Setup(&echo1NS, namespace.Config{Prefix: "echo1", Inject: true}),
    69  			namespace.Setup(&echo2NS, namespace.Config{Prefix: "echo2", Inject: true}),
    70  			namespace.Setup(&externalNS, namespace.Config{Prefix: "external", Inject: false}),
    71  			namespace.Setup(&serverNS, namespace.Config{Prefix: "servers", Inject: true})).
    72  		SetupParallel(
    73  			jwt.Setup(&jwtServer, namespace.Future(&serverNS)),
    74  			authz.Setup(&authzServer, namespace.Future(&serverNS)),
    75  			authz.SetupLocal(&localAuthzServer, namespace.Future(&echo1NS)),
    76  			deployment.SetupTwoNamespaces(&apps, deployment.Config{
    77  				IncludeExtAuthz: true,
    78  				Namespaces: []namespace.Getter{
    79  					namespace.Future(&echo1NS),
    80  					namespace.Future(&echo2NS),
    81  				},
    82  				ExternalNamespace: namespace.Future(&externalNS),
    83  			})).
    84  		Run()
    85  }