istio.io/istio@v0.0.0-20240520182934-d79c90f27776/tests/integration/security/remote_jwks/main_test.go

istio.io/istio@v0.0.0-20240520182934-d79c90f27776/tests/integration/security/remote_jwks/main_test.go (about)

     1  //go:build integ
     2  // +build integ
     3  
     4  //  Copyright Istio Authors
     5  //
     6  //  Licensed under the Apache License, Version 2.0 (the "License");
     7  //  you may not use this file except in compliance with the License.
     8  //  You may obtain a copy of the License at
     9  //
    10  //      http://www.apache.org/licenses/LICENSE-2.0
    11  //
    12  //  Unless required by applicable law or agreed to in writing, software
    13  //  distributed under the License is distributed on an "AS IS" BASIS,
    14  //  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    15  //  See the License for the specific language governing permissions and
    16  //  limitations under the License.
    17  
    18  package remotejwks
    19  
    20  import (
    21  	"testing"
    22  
    23  	"istio.io/istio/pkg/test/framework"
    24  	"istio.io/istio/pkg/test/framework/components/echo/common/deployment"
    25  	"istio.io/istio/pkg/test/framework/components/istio"
    26  	"istio.io/istio/pkg/test/framework/components/jwt"
    27  	"istio.io/istio/pkg/test/framework/components/namespace"
    28  	"istio.io/istio/pkg/test/framework/label"
    29  	"istio.io/istio/pkg/test/framework/resource"
    30  )
    31  
    32  var (
    33  	ist       istio.Instance
    34  	apps      deployment.SingleNamespaceView
    35  	jwtServer jwt.Server
    36  	echoNS    namespace.Instance
    37  	systemNs  namespace.Instance
    38  )
    39  
    40  // remote_jwks is to test fully delegating Envoy to fetch JWKs server (PILOT_JWT_ENABLE_REMOTE_JWKS: envoy).
    41  func TestMain(m *testing.M) {
    42  	framework.
    43  		NewSuite(m).
    44  		Label(label.CustomSetup).
    45  		Setup(istio.Setup(&ist, setupConfig)).
    46  		Setup(func(ctx resource.Context) error {
    47  			var err error
    48  			systemNs, err = istio.ClaimSystemNamespace(ctx)
    49  			return err
    50  		}).
    51  		Setup(namespace.Setup(&echoNS, namespace.Config{Prefix: "echo1", Inject: true})).
    52  		SetupParallel(
    53  			jwt.Setup(&jwtServer, namespace.Future(&systemNs)),
    54  			deployment.SetupSingleNamespace(&apps, deployment.Config{
    55  				Namespaces: []namespace.Getter{
    56  					namespace.Future(&echoNS),
    57  				},
    58  			})).
    59  		Run()
    60  }
    61  
    62  func setupConfig(ctx resource.Context, cfg *istio.Config) {
    63  	if cfg == nil {
    64  		return
    65  	}
    66  	cfg.ControlPlaneValues = `
    67  values:
    68    pilot:
    69      env:
    70        PILOT_JWT_ENABLE_REMOTE_JWKS: envoy
    71  meshConfig:
    72    accessLogFile: /dev/stdout`
    73  }