Add support for configmap of headers to be sent to external auth service

2019-09-24 10:53:23 -04:00 · 2019-09-24 10:53:23 -04:00 · 786a3b6862
commit 786a3b6862
parent cb2889b87b
10 changed files with 186 additions and 27 deletions
--- a/test/e2e/annotations/auth.go
+++ b/test/e2e/annotations/auth.go
@ -291,6 +291,27 @@ var _ = framework.IngressNginxDescribe("Annotations - Auth", func() {
 			})
 	})

+	It(`should set "proxy_set_header 'My-Custom-Header' '42';" when auth-headers are set`, func() {
+		host := "auth"
+
+		annotations := map[string]string{
+			"nginx.ingress.kubernetes.io/auth-url":               "http://foo.bar/basic-auth/user/password",
+			"nginx.ingress.kubernetes.io/auth-proxy-set-headers": f.Namespace + "/auth-headers",
+		}
+
+		f.CreateConfigMap("auth-headers", map[string]string{
+			"My-Custom-Header": "42",
+		})
+
+		ing := framework.NewSingleIngress(host, "/", host, f.Namespace, framework.EchoService, 80, &annotations)
+		f.EnsureIngress(ing)
+
+		f.WaitForNginxServer(host,
+			func(server string) bool {
+				return Expect(server).Should(ContainSubstring(`proxy_set_header 'My-Custom-Header' '42';`))
+			})
+	})
+
 	It(`should set cache_key when external auth cache is configured`, func() {
 		host := "auth"

--- a/test/e2e/framework/framework.go
+++ b/test/e2e/framework/framework.go
@ -261,6 +261,10 @@ func (f *Framework) matchNginxConditions(name string, matcher func(cfg string) b
 }

 func (f *Framework) getNginxConfigMap() (*v1.ConfigMap, error) {
+	return f.getConfigMap("nginx-configuration")
+}
+
+func (f *Framework) getConfigMap(name string) (*v1.ConfigMap, error) {
 	if f.KubeClientSet == nil {
 		return nil, fmt.Errorf("KubeClientSet not initialized")
 	}
@ -268,7 +272,7 @@ func (f *Framework) getNginxConfigMap() (*v1.ConfigMap, error) {
 	config, err := f.KubeClientSet.
 		CoreV1().
 		ConfigMaps(f.Namespace).
-		Get("nginx-configuration", metav1.GetOptions{})
+		Get(name, metav1.GetOptions{})
 	if err != nil {
 		return nil, err
 	}
@ -291,9 +295,11 @@ func (f *Framework) GetNginxConfigMapData() (map[string]string, error) {

 // SetNginxConfigMapData sets ingress-nginx's nginx-configuration configMap data
 func (f *Framework) SetNginxConfigMapData(cmData map[string]string) {
-	// Needs to do a Get and Set, Update will not take just the Data field
-	// or a configMap that is not the very last revision
-	config, err := f.getNginxConfigMap()
+	f.SetConfigMapData("nginx-configuration", cmData)
+}
+
+func (f *Framework) SetConfigMapData(name string, cmData map[string]string) {
+	config, err := f.getConfigMap(name)
 	Expect(err).NotTo(HaveOccurred())
 	Expect(config).NotTo(BeNil(), "expected a configmap but none returned")

@ -308,6 +314,17 @@ func (f *Framework) SetNginxConfigMapData(cmData map[string]string) {
 	time.Sleep(5 * time.Second)
 }

+func (f *Framework) CreateConfigMap(name string, data map[string]string) {
+	_, err := f.KubeClientSet.CoreV1().ConfigMaps(f.Namespace).Create(&v1.ConfigMap{
+		ObjectMeta: metav1.ObjectMeta{
+			Name:      name,
+			Namespace: f.Namespace,
+		},
+		Data: data,
+	})
+	Expect(err).NotTo(HaveOccurred(), "failed to create configMap")
+}
+
 // UpdateNginxConfigMapData updates single field in ingress-nginx's nginx-configuration map data
 func (f *Framework) UpdateNginxConfigMapData(key string, value string) {
 	config, err := f.GetNginxConfigMapData()