Implement annotation validation (#9673)
* Add validation to all annotations * Add annotation validation for fcgi * Fix reviews and fcgi e2e * Add flag to disable cross namespace validation * Add risk, flag for validation, tests * Add missing formating * Enable validation by default on tests * Test validation flag * remove ajp from list * Finalize validation changes * Add validations to CI * Update helm docs * Fix code review * Use a better name for annotation risk
This commit is contained in:
Ricardo Katz
GitHub
parent
86c00a2310
commit
c5f348ea2e
109 changed files with 4320 additions and 586 deletions
|
|
@ -18,6 +18,7 @@ package fastcgi
|
|||
|
||||
import (
|
||||
"fmt"
|
||||
"reflect"
|
||||
"testing"
|
||||
|
||||
api "k8s.io/api/core/v1"
|
||||
|
|
@ -49,10 +50,16 @@ func buildIngress() *networking.Ingress {
|
|||
|
||||
type mockConfigMap struct {
|
||||
resolver.Mock
|
||||
extraConfigMap map[string]map[string]string
|
||||
}
|
||||
|
||||
func (m mockConfigMap) GetConfigMap(name string) (*api.ConfigMap, error) {
|
||||
if name != "default/demo-configmap" && name != "otherns/demo-configmap" {
|
||||
if m.extraConfigMap == nil {
|
||||
m.extraConfigMap = make(map[string]map[string]string)
|
||||
}
|
||||
cmdata, ok := m.extraConfigMap[name]
|
||||
|
||||
if name != "default/demo-configmap" && name != "otherns/demo-configmap" && !ok {
|
||||
return nil, fmt.Errorf("there is no configmap with name %v", name)
|
||||
}
|
||||
|
||||
|
|
@ -61,12 +68,17 @@ func (m mockConfigMap) GetConfigMap(name string) (*api.ConfigMap, error) {
|
|||
return nil, fmt.Errorf("invalid configmap name")
|
||||
}
|
||||
|
||||
data := map[string]string{"REDIRECT_STATUS": "200", "SERVER_NAME": "$server_name"}
|
||||
if ok {
|
||||
data = cmdata
|
||||
}
|
||||
|
||||
return &api.ConfigMap{
|
||||
ObjectMeta: meta_v1.ObjectMeta{
|
||||
Namespace: cmns,
|
||||
Name: cmn,
|
||||
},
|
||||
Data: map[string]string{"REDIRECT_STATUS": "200", "SERVER_NAME": "$server_name"},
|
||||
Data: data,
|
||||
}, nil
|
||||
}
|
||||
|
||||
|
|
@ -283,3 +295,111 @@ func TestConfigEquality(t *testing.T) {
|
|||
t.Errorf("config4 should be equal to config")
|
||||
}
|
||||
}
|
||||
|
||||
func Test_fastcgi_Parse(t *testing.T) {
|
||||
|
||||
tests := []struct {
|
||||
name string
|
||||
index string
|
||||
configmapname string
|
||||
configmap map[string]string
|
||||
want interface{}
|
||||
wantErr bool
|
||||
}{
|
||||
{
|
||||
name: "valid configuration",
|
||||
index: "indexxpto-92123.php",
|
||||
configmapname: "default/fcgiconfig",
|
||||
configmap: map[string]string{
|
||||
"REQUEST_METHOD": "$request_method",
|
||||
"SCRIPT_FILENAME": "$document_root$fastcgi_script_name",
|
||||
},
|
||||
want: Config{
|
||||
Index: "indexxpto-92123.php",
|
||||
Params: map[string]string{
|
||||
"REQUEST_METHOD": "$request_method",
|
||||
"SCRIPT_FILENAME": "$document_root$fastcgi_script_name",
|
||||
},
|
||||
},
|
||||
},
|
||||
{
|
||||
name: "invalid index name",
|
||||
index: "indexxpto-92123$xx.php",
|
||||
configmapname: "default/fcgiconfig",
|
||||
configmap: map[string]string{
|
||||
"REQUEST_METHOD": "$request_method",
|
||||
"SCRIPT_FILENAME": "$document_root$fastcgi_script_name",
|
||||
},
|
||||
want: Config{},
|
||||
wantErr: true,
|
||||
},
|
||||
{
|
||||
name: "invalid configmap namespace",
|
||||
index: "indexxpto-92123.php",
|
||||
configmapname: "otherns/fcgiconfig",
|
||||
configmap: map[string]string{
|
||||
"REQUEST_METHOD": "$request_method",
|
||||
"SCRIPT_FILENAME": "$document_root$fastcgi_script_name",
|
||||
},
|
||||
want: Config{Index: "indexxpto-92123.php"},
|
||||
wantErr: true,
|
||||
},
|
||||
{
|
||||
name: "invalid configmap namespace name",
|
||||
index: "indexxpto-92123.php",
|
||||
configmapname: "otherns/fcgicon;{fig",
|
||||
configmap: map[string]string{
|
||||
"REQUEST_METHOD": "$request_method",
|
||||
"SCRIPT_FILENAME": "$document_root$fastcgi_script_name",
|
||||
},
|
||||
want: Config{Index: "indexxpto-92123.php"},
|
||||
wantErr: true,
|
||||
},
|
||||
{
|
||||
name: "invalid configmap values key",
|
||||
index: "indexxpto-92123.php",
|
||||
configmapname: "default/fcgiconfig",
|
||||
configmap: map[string]string{
|
||||
"REQUEST_METHOD$XPTO": "$request_method",
|
||||
},
|
||||
want: Config{Index: "indexxpto-92123.php"},
|
||||
wantErr: true,
|
||||
},
|
||||
{
|
||||
name: "invalid configmap values val",
|
||||
index: "indexxpto-92123.php",
|
||||
configmapname: "default/fcgiconfig",
|
||||
configmap: map[string]string{
|
||||
"REQUEST_METHOD_XPTO": "$request_method{test};a",
|
||||
},
|
||||
want: Config{Index: "indexxpto-92123.php"},
|
||||
wantErr: true,
|
||||
},
|
||||
}
|
||||
for _, tt := range tests {
|
||||
t.Run(tt.name, func(t *testing.T) {
|
||||
|
||||
ing := buildIngress()
|
||||
|
||||
data := map[string]string{}
|
||||
data[parser.GetAnnotationWithPrefix("fastcgi-index")] = tt.index
|
||||
data[parser.GetAnnotationWithPrefix("fastcgi-params-configmap")] = tt.configmapname
|
||||
ing.SetAnnotations(data)
|
||||
|
||||
m := &mockConfigMap{
|
||||
extraConfigMap: map[string]map[string]string{
|
||||
tt.configmapname: tt.configmap,
|
||||
},
|
||||
}
|
||||
|
||||
got, err := NewParser(m).Parse(ing)
|
||||
if (err != nil) != tt.wantErr {
|
||||
t.Errorf("fastcgi.Parse() error = %v, wantErr %v", err, tt.wantErr)
|
||||
return
|
||||
}
|
||||
if !reflect.DeepEqual(got, tt.want) {
|
||||
t.Errorf("fastcgi.Parse() = %v, want %v", got, tt.want)
|
||||
}
|
||||
})
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue