ingress-nginx-helm/controllers/nginx/pkg/template/template_test.go

/*
Copyright 2015 The Kubernetes Authors.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

    http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/

package template

import (
	"encoding/json"
	"os"
	"path"
	"reflect"
	"strings"
	"testing"

	"io/ioutil"

	"k8s.io/ingress/controllers/nginx/pkg/config"
	"k8s.io/ingress/core/pkg/ingress"
	"k8s.io/ingress/core/pkg/ingress/annotations/authreq"
	"k8s.io/ingress/core/pkg/ingress/annotations/rewrite"
)

var (
	// TODO: add tests for secure endpoints
	tmplFuncTestcases = map[string]struct {
		Path       string
		Target     string
		Location   string
		ProxyPass  string
		AddBaseURL bool
	}{
		"invalid redirect / to /": {"/", "/", "/", "proxy_pass http://upstream-name;", false},
		"redirect / to /jenkins": {"/", "/jenkins", "~* /",
			`
	rewrite /(.*) /jenkins/$1 break;
	proxy_pass http://upstream-name;
	`, false},
		"redirect /something to /": {"/something", "/", `~* ^/something\/?(?<baseuri>.*)`, `
	rewrite /something/(.*) /$1 break;
	rewrite /something / break;
	proxy_pass http://upstream-name;
	`, false},
		"redirect /end-with-slash/ to /not-root": {"/end-with-slash/", "/not-root", "~* ^/end-with-slash/(?<baseuri>.*)", `
	rewrite /end-with-slash/(.*) /not-root/$1 break;
	proxy_pass http://upstream-name;
	`, false},
		"redirect /something-complex to /not-root": {"/something-complex", "/not-root", `~* ^/something-complex\/?(?<baseuri>.*)`, `
	rewrite /something-complex/(.*) /not-root/$1 break;
	proxy_pass http://upstream-name;
	`, false},
		"redirect / to /jenkins and rewrite": {"/", "/jenkins", "~* /", `
	rewrite /(.*) /jenkins/$1 break;
	proxy_pass http://upstream-name;
	subs_filter '<head(.*)>' '<head$1><base href="$scheme://$http_host/$baseuri">' r;
	subs_filter '<HEAD(.*)>' '<HEAD$1><base href="$scheme://$http_host/$baseuri">' r;
	`, true},
		"redirect /something to / and rewrite": {"/something", "/", `~* ^/something\/?(?<baseuri>.*)`, `
	rewrite /something/(.*) /$1 break;
	rewrite /something / break;
	proxy_pass http://upstream-name;
	subs_filter '<head(.*)>' '<head$1><base href="$scheme://$http_host/something/$baseuri">' r;
	subs_filter '<HEAD(.*)>' '<HEAD$1><base href="$scheme://$http_host/something/$baseuri">' r;
	`, true},
		"redirect /end-with-slash/ to /not-root and rewrite": {"/end-with-slash/", "/not-root", `~* ^/end-with-slash/(?<baseuri>.*)`, `
	rewrite /end-with-slash/(.*) /not-root/$1 break;
	proxy_pass http://upstream-name;
	subs_filter '<head(.*)>' '<head$1><base href="$scheme://$http_host/end-with-slash/$baseuri">' r;
	subs_filter '<HEAD(.*)>' '<HEAD$1><base href="$scheme://$http_host/end-with-slash/$baseuri">' r;
	`, true},
		"redirect /something-complex to /not-root and rewrite": {"/something-complex", "/not-root", `~* ^/something-complex\/?(?<baseuri>.*)`, `
	rewrite /something-complex/(.*) /not-root/$1 break;
	proxy_pass http://upstream-name;
	subs_filter '<head(.*)>' '<head$1><base href="$scheme://$http_host/something-complex/$baseuri">' r;
	subs_filter '<HEAD(.*)>' '<HEAD$1><base href="$scheme://$http_host/something-complex/$baseuri">' r;
	`, true},
	}
)

func TestBuildLocation(t *testing.T) {
	for k, tc := range tmplFuncTestcases {
		loc := &ingress.Location{
			Path:     tc.Path,
			Redirect: rewrite.Redirect{Target: tc.Target, AddBaseURL: tc.AddBaseURL},
		}

		newLoc := buildLocation(loc)
		if tc.Location != newLoc {
			t.Errorf("%s: expected '%v' but returned %v", k, tc.Location, newLoc)
		}
	}
}

func TestBuildProxyPass(t *testing.T) {
	for k, tc := range tmplFuncTestcases {
		loc := &ingress.Location{
			Path:     tc.Path,
			Redirect: rewrite.Redirect{Target: tc.Target, AddBaseURL: tc.AddBaseURL},
			Backend:  "upstream-name",
		}

		pp := buildProxyPass([]*ingress.Backend{}, loc)
		if !strings.EqualFold(tc.ProxyPass, pp) {
			t.Errorf("%s: expected \n'%v'\nbut returned \n'%v'", k, tc.ProxyPass, pp)
		}
	}
}

func TestBuildAuthResponseHeaders(t *testing.T) {
	loc := &ingress.Location{
		ExternalAuth: authreq.External{ResponseHeaders: []string{"h1", "H-With-Caps-And-Dashes"}},
	}
	headers := buildAuthResponseHeaders(loc)
	expected := []string{
		"auth_request_set $authHeader0 $upstream_http_h1;",
		"proxy_set_header 'h1' $authHeader0;",
		"auth_request_set $authHeader1 $upstream_http_h_with_caps_and_dashes;",
		"proxy_set_header 'H-With-Caps-And-Dashes' $authHeader1;",
	}

	if !reflect.DeepEqual(expected, headers) {
		t.Errorf("Expected \n'%v'\nbut returned \n'%v'", expected, headers)
	}
}

func TestTemplateWithData(t *testing.T) {
	pwd, _ := os.Getwd()
	f, err := os.Open(path.Join(pwd, "../../test/data/config.json"))
	if err != nil {
		t.Errorf("unexpected error reading json file: %v", err)
	}
	defer f.Close()
	data, err := ioutil.ReadFile(f.Name())
	if err != nil {
		t.Error("unexpected error reading json file: ", err)
	}
	var dat config.TemplateConfig
	if err := json.Unmarshal(data, &dat); err != nil {
		t.Errorf("unexpected error unmarshalling json: %v", err)
	}

	tf, err := os.Open(path.Join(pwd, "../../rootfs/etc/nginx/template/nginx.tmpl"))
	if err != nil {
		t.Errorf("unexpected error reading json file: %v", err)
	}
	defer tf.Close()

	ngxTpl, err := NewTemplate(tf.Name(), func() {})
	if err != nil {
		t.Errorf("invalid NGINX template: %v", err)
	}

	_, err = ngxTpl.Write(dat)
	if err != nil {
		t.Errorf("invalid NGINX template: %v", err)
	}
}

func BenchmarkTemplateWithData(b *testing.B) {
	pwd, _ := os.Getwd()
	f, err := os.Open(path.Join(pwd, "../../test/data/config.json"))
	if err != nil {
		b.Errorf("unexpected error reading json file: %v", err)
	}
	defer f.Close()
	data, err := ioutil.ReadFile(f.Name())
	if err != nil {
		b.Error("unexpected error reading json file: ", err)
	}
	var dat config.TemplateConfig
	if err := json.Unmarshal(data, &dat); err != nil {
		b.Errorf("unexpected error unmarshalling json: %v", err)
	}

	tf, err := os.Open(path.Join(pwd, "../../rootfs/etc/nginx/template/nginx.tmpl"))
	if err != nil {
		b.Errorf("unexpected error reading json file: %v", err)
	}
	defer tf.Close()

	ngxTpl, err := NewTemplate(tf.Name(), func() {})
	if err != nil {
		b.Errorf("invalid NGINX template: %v", err)
	}

	for i := 0; i < b.N; i++ {
		ngxTpl.Write(dat)
	}
}
Add support for rewrite 2016-05-25 21:04:34 +00:00			`/*`
Remove "All rights reserved" from all the headers 2016-09-08 11:02:39 +00:00			`Copyright 2015 The Kubernetes Authors.`
Add support for rewrite 2016-05-25 21:04:34 +00:00
			`Licensed under the Apache License, Version 2.0 (the "License");`
			`you may not use this file except in compliance with the License.`
			`You may obtain a copy of the License at`

			`http://www.apache.org/licenses/LICENSE-2.0`

			`Unless required by applicable law or agreed to in writing, software`
			`distributed under the License is distributed on an "AS IS" BASIS,`
			`WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`See the License for the specific language governing permissions and`
			`limitations under the License.`
			`*/`

Refactoring of templates 2016-08-07 22:53:08 +00:00			`package template`
Add support for rewrite 2016-05-25 21:04:34 +00:00
			`import (`
Add Generic interface 2016-11-16 18:24:26 +00:00			`"encoding/json"`
			`"os"`
			`"path"`
Added: support for http header passing from external authentication service response 2017-02-04 00:43:15 +00:00			`"reflect"`
Fix lint errors 2017-04-02 14:07:07 +00:00			`"strings"`
Add support for rewrite 2016-05-25 21:04:34 +00:00			`"testing"`

Add Generic interface 2016-11-16 18:24:26 +00:00			`"io/ioutil"`

			`"k8s.io/ingress/controllers/nginx/pkg/config"`
Split implementations from generic code 2016-11-10 22:56:29 +00:00			`"k8s.io/ingress/core/pkg/ingress"`
Added: support for http header passing from external authentication service response 2017-02-04 00:43:15 +00:00			`"k8s.io/ingress/core/pkg/ingress/annotations/authreq"`
Fix lint errors 2017-04-02 14:07:07 +00:00			`"k8s.io/ingress/core/pkg/ingress/annotations/rewrite"`
Add support for rewrite 2016-05-25 21:04:34 +00:00			`)`

			`var (`
Add Generic interface 2016-11-16 18:24:26 +00:00			`// TODO: add tests for secure endpoints`
Add support for rewrite 2016-05-25 21:04:34 +00:00			`tmplFuncTestcases = map[string]struct {`
Add option to append a base tag in the head 2016-05-27 14:58:13 +00:00			`Path string`
			`Target string`
			`Location string`
			`ProxyPass string`
			`AddBaseURL bool`
Add support for rewrite 2016-05-25 21:04:34 +00:00			`}{`
			`"invalid redirect / to /": {"/", "/", "/", "proxy_pass http://upstream-name;", false},`
			`"redirect / to /jenkins": {"/", "/jenkins", "~* /",`
Add option to append a base tag in the head 2016-05-27 14:58:13 +00:00			`
			`rewrite /(.*) /jenkins/$1 break;`
			`proxy_pass http://upstream-name;`
			`, false},
Fix add-base-url The "base" tag is used for completing a relative link in current page by browser, so it should stay the same with the base url of current page. 2017-03-13 11:15:09 +00:00			"redirect /something to /": {"/something", "/", `~* ^/something\/?(?<baseuri>.*)`, `
Add option to append a base tag in the head 2016-05-27 14:58:13 +00:00			`rewrite /something/(.*) /$1 break;`
Fix nginx rewrite rule order 2016-06-04 18:06:18 +00:00			`rewrite /something / break;`
Add option to append a base tag in the head 2016-05-27 14:58:13 +00:00			`proxy_pass http://upstream-name;`
			`, false},
Fix add-base-url The "base" tag is used for completing a relative link in current page by browser, so it should stay the same with the base url of current page. 2017-03-13 11:15:09 +00:00			"redirect /end-with-slash/ to /not-root": {"/end-with-slash/", "/not-root", "~* ^/end-with-slash/(?<baseuri>.*)", `
			`rewrite /end-with-slash/(.*) /not-root/$1 break;`
			`proxy_pass http://upstream-name;`
			`, false},
			"redirect /something-complex to /not-root": {"/something-complex", "/not-root", `~* ^/something-complex\/?(?<baseuri>.*)`, `
Add option to append a base tag in the head 2016-05-27 14:58:13 +00:00			`rewrite /something-complex/(.*) /not-root/$1 break;`
			`proxy_pass http://upstream-name;`
			`, false},
			"redirect / to /jenkins and rewrite": {"/", "/jenkins", "~* /", `
			`rewrite /(.*) /jenkins/$1 break;`
			`proxy_pass http://upstream-name;`
Fix add-base-url The "base" tag is used for completing a relative link in current page by browser, so it should stay the same with the base url of current page. 2017-03-13 11:15:09 +00:00			`subs_filter '<head(.*)>' '<head$1><base href="$scheme://$http_host/$baseuri">' r;`
			`subs_filter '<HEAD(.*)>' '<HEAD$1><base href="$scheme://$http_host/$baseuri">' r;`
Add option to append a base tag in the head 2016-05-27 14:58:13 +00:00			`, true},
Fix add-base-url The "base" tag is used for completing a relative link in current page by browser, so it should stay the same with the base url of current page. 2017-03-13 11:15:09 +00:00			"redirect /something to / and rewrite": {"/something", "/", `~* ^/something\/?(?<baseuri>.*)`, `
Add option to append a base tag in the head 2016-05-27 14:58:13 +00:00			`rewrite /something/(.*) /$1 break;`
Fix nginx rewrite rule order 2016-06-04 18:06:18 +00:00			`rewrite /something / break;`
Add option to append a base tag in the head 2016-05-27 14:58:13 +00:00			`proxy_pass http://upstream-name;`
Fix add-base-url The "base" tag is used for completing a relative link in current page by browser, so it should stay the same with the base url of current page. 2017-03-13 11:15:09 +00:00			`subs_filter '<head(.*)>' '<head$1><base href="$scheme://$http_host/something/$baseuri">' r;`
			`subs_filter '<HEAD(.*)>' '<HEAD$1><base href="$scheme://$http_host/something/$baseuri">' r;`
			`, true},
			"redirect /end-with-slash/ to /not-root and rewrite": {"/end-with-slash/", "/not-root", `~* ^/end-with-slash/(?<baseuri>.*)`, `
			`rewrite /end-with-slash/(.*) /not-root/$1 break;`
			`proxy_pass http://upstream-name;`
			`subs_filter '<head(.*)>' '<head$1><base href="$scheme://$http_host/end-with-slash/$baseuri">' r;`
			`subs_filter '<HEAD(.*)>' '<HEAD$1><base href="$scheme://$http_host/end-with-slash/$baseuri">' r;`
Add option to append a base tag in the head 2016-05-27 14:58:13 +00:00			`, true},
Fix add-base-url The "base" tag is used for completing a relative link in current page by browser, so it should stay the same with the base url of current page. 2017-03-13 11:15:09 +00:00			"redirect /something-complex to /not-root and rewrite": {"/something-complex", "/not-root", `~* ^/something-complex\/?(?<baseuri>.*)`, `
Add option to append a base tag in the head 2016-05-27 14:58:13 +00:00			`rewrite /something-complex/(.*) /not-root/$1 break;`
			`proxy_pass http://upstream-name;`
Fix add-base-url The "base" tag is used for completing a relative link in current page by browser, so it should stay the same with the base url of current page. 2017-03-13 11:15:09 +00:00			`subs_filter '<head(.*)>' '<head$1><base href="$scheme://$http_host/something-complex/$baseuri">' r;`
			`subs_filter '<HEAD(.*)>' '<HEAD$1><base href="$scheme://$http_host/something-complex/$baseuri">' r;`
Add option to append a base tag in the head 2016-05-27 14:58:13 +00:00			`, true},
Add support for rewrite 2016-05-25 21:04:34 +00:00			`}`
			`)`

			`func TestBuildLocation(t *testing.T) {`
			`for k, tc := range tmplFuncTestcases {`
Refactoring of templates 2016-08-07 22:53:08 +00:00			`loc := &ingress.Location{`
Add support for rewrite 2016-05-25 21:04:34 +00:00			`Path: tc.Path,`
Fix lint errors 2016-05-31 20:49:20 +00:00			`Redirect: rewrite.Redirect{Target: tc.Target, AddBaseURL: tc.AddBaseURL},`
Add support for rewrite 2016-05-25 21:04:34 +00:00			`}`

			`newLoc := buildLocation(loc)`
			`if tc.Location != newLoc {`
Add option to append a base tag in the head 2016-05-27 14:58:13 +00:00			`t.Errorf("%s: expected '%v' but returned %v", k, tc.Location, newLoc)`
Add support for rewrite 2016-05-25 21:04:34 +00:00			`}`
			`}`
			`}`

			`func TestBuildProxyPass(t *testing.T) {`
			`for k, tc := range tmplFuncTestcases {`
Refactoring of templates 2016-08-07 22:53:08 +00:00			`loc := &ingress.Location{`
Add support for rewrite 2016-05-25 21:04:34 +00:00			`Path: tc.Path,`
Fix lint errors 2016-05-31 20:49:20 +00:00			`Redirect: rewrite.Redirect{Target: tc.Target, AddBaseURL: tc.AddBaseURL},`
Add Generic interface 2016-11-16 18:24:26 +00:00			`Backend: "upstream-name",`
Add support for rewrite 2016-05-25 21:04:34 +00:00			`}`

Add Generic interface 2016-11-16 18:24:26 +00:00			`pp := buildProxyPass([]*ingress.Backend{}, loc)`
Add option to append a base tag in the head 2016-05-27 14:58:13 +00:00			`if !strings.EqualFold(tc.ProxyPass, pp) {`
			`t.Errorf("%s: expected \n'%v'\nbut returned \n'%v'", k, tc.ProxyPass, pp)`
Add support for rewrite 2016-05-25 21:04:34 +00:00			`}`
			`}`
			`}`
Add Generic interface 2016-11-16 18:24:26 +00:00
Added: support for http header passing from external authentication service response 2017-02-04 00:43:15 +00:00			`func TestBuildAuthResponseHeaders(t *testing.T) {`
			`loc := &ingress.Location{`
			`ExternalAuth: authreq.External{ResponseHeaders: []string{"h1", "H-With-Caps-And-Dashes"}},`
			`}`
			`headers := buildAuthResponseHeaders(loc)`
			`expected := []string{`
			`"auth_request_set $authHeader0 $upstream_http_h1;",`
			`"proxy_set_header 'h1' $authHeader0;",`
			`"auth_request_set $authHeader1 $upstream_http_h_with_caps_and_dashes;",`
			`"proxy_set_header 'H-With-Caps-And-Dashes' $authHeader1;",`
			`}`

			`if !reflect.DeepEqual(expected, headers) {`
			`t.Errorf("Expected \n'%v'\nbut returned \n'%v'", expected, headers)`
			`}`
			`}`

Add Generic interface 2016-11-16 18:24:26 +00:00			`func TestTemplateWithData(t *testing.T) {`
			`pwd, _ := os.Getwd()`
			`f, err := os.Open(path.Join(pwd, "../../test/data/config.json"))`
			`if err != nil {`
			`t.Errorf("unexpected error reading json file: %v", err)`
			`}`
			`defer f.Close()`
			`data, err := ioutil.ReadFile(f.Name())`
			`if err != nil {`
			`t.Error("unexpected error reading json file: ", err)`
			`}`
			`var dat config.TemplateConfig`
			`if err := json.Unmarshal(data, &dat); err != nil {`
			`t.Errorf("unexpected error unmarshalling json: %v", err)`
			`}`

			`tf, err := os.Open(path.Join(pwd, "../../rootfs/etc/nginx/template/nginx.tmpl"))`
			`if err != nil {`
			`t.Errorf("unexpected error reading json file: %v", err)`
			`}`
			`defer tf.Close()`

			`ngxTpl, err := NewTemplate(tf.Name(), func() {})`
			`if err != nil {`
			`t.Errorf("invalid NGINX template: %v", err)`
			`}`

Check content when cmd failed Signed-off-by: Tang Le <at28997146@163.com> 2017-02-20 02:34:05 +00:00			`_, err = ngxTpl.Write(dat)`
Add Generic interface 2016-11-16 18:24:26 +00:00			`if err != nil {`
			`t.Errorf("invalid NGINX template: %v", err)`
			`}`
			`}`

			`func BenchmarkTemplateWithData(b *testing.B) {`
			`pwd, _ := os.Getwd()`
			`f, err := os.Open(path.Join(pwd, "../../test/data/config.json"))`
			`if err != nil {`
			`b.Errorf("unexpected error reading json file: %v", err)`
			`}`
			`defer f.Close()`
			`data, err := ioutil.ReadFile(f.Name())`
			`if err != nil {`
			`b.Error("unexpected error reading json file: ", err)`
			`}`
			`var dat config.TemplateConfig`
			`if err := json.Unmarshal(data, &dat); err != nil {`
			`b.Errorf("unexpected error unmarshalling json: %v", err)`
			`}`

			`tf, err := os.Open(path.Join(pwd, "../../rootfs/etc/nginx/template/nginx.tmpl"))`
			`if err != nil {`
			`b.Errorf("unexpected error reading json file: %v", err)`
			`}`
			`defer tf.Close()`

			`ngxTpl, err := NewTemplate(tf.Name(), func() {})`
			`if err != nil {`
			`b.Errorf("invalid NGINX template: %v", err)`
			`}`

			`for i := 0; i < b.N; i++ {`
Check content when cmd failed Signed-off-by: Tang Le <at28997146@163.com> 2017-02-20 02:34:05 +00:00			`ngxTpl.Write(dat)`
Add Generic interface 2016-11-16 18:24:26 +00:00			`}`
			`}`