From 0bdb64373c48660192dc87fe17989ab574422932 Mon Sep 17 00:00:00 2001 From: Brendan Kamp Date: Wed, 10 May 2023 16:43:02 +0200 Subject: [PATCH] chore: update httpbin to httpbun (#9919) Signed-off-by: Spazzy --- test/data/config.json | 6 +- test/e2e/annotations/auth.go | 45 +++---- test/e2e/annotations/grpc.go | 10 +- test/e2e/annotations/satisfy.go | 10 +- test/e2e/framework/deployment.go | 103 ++++++++++++++-- test/e2e/security/request_smuggling.go | 7 +- .../servicebackend/service_externalname.go | 115 +++++++++--------- test/e2e/settings/brotli.go | 4 +- .../settings/disable_service_external_name.go | 8 +- test/e2e/settings/global_external_auth.go | 12 +- test/e2e/settings/listen_nondefault_ports.go | 10 +- test/k6/smoketest.js | 2 +- 12 files changed, 215 insertions(+), 117 deletions(-) diff --git a/test/data/config.json b/test/data/config.json index 5d8a88cbe..d51e1c40b 100644 --- a/test/data/config.json +++ b/test/data/config.json @@ -413,7 +413,7 @@ "secured": false }, "externalAuth": { - "url": "https://httpbin.org/basic-auth/user/passwd", + "url": "https://httpbun.com/basic-auth/user/passwd", "method": "", "sendBody": false }, @@ -59354,7 +59354,7 @@ "secured": false }, "externalAuth": { - "url": "https://httpbin.org/basic-auth/user/passwd", + "url": "https://httpbun.com/basic-auth/user/passwd", "method": "", "sendBody": false }, @@ -60272,4 +60272,4 @@ "failTimeout": 0 }] }] -} \ No newline at end of file +} diff --git a/test/e2e/annotations/auth.go b/test/e2e/annotations/auth.go index e3d0bcb2e..4ca034825 100644 --- a/test/e2e/annotations/auth.go +++ b/test/e2e/annotations/auth.go @@ -19,13 +19,14 @@ package annotations import ( "context" "fmt" - "golang.org/x/crypto/bcrypt" "net/http" "net/url" "regexp" "strings" "time" + "golang.org/x/crypto/bcrypt" + "github.com/onsi/ginkgo/v2" "github.com/stretchr/testify/assert" @@ -389,10 +390,10 @@ http { assert.GreaterOrEqual(ginkgo.GinkgoT(), len(e.Subsets), 1, "expected at least one endpoint") assert.GreaterOrEqual(ginkgo.GinkgoT(), len(e.Subsets[0].Addresses), 1, "expected at least one address ready in the endpoint") - httpbinIP := e.Subsets[0].Addresses[0].IP + httpbunIP := e.Subsets[0].Addresses[0].IP annotations = map[string]string{ - "nginx.ingress.kubernetes.io/auth-url": fmt.Sprintf("http://%s/cookies/set/alma/armud", httpbinIP), + "nginx.ingress.kubernetes.io/auth-url": fmt.Sprintf("http://%s/cookies/set/alma/armud", httpbunIP), "nginx.ingress.kubernetes.io/auth-signin": "http://$host/auth/start", } @@ -456,21 +457,21 @@ http { var ing *networking.Ingress ginkgo.BeforeEach(func() { - f.NewHttpbinDeployment() + f.NewHttpbunDeployment() - err := framework.WaitForEndpoints(f.KubeClientSet, framework.DefaultTimeout, framework.HTTPBinService, f.Namespace, 1) + err := framework.WaitForEndpoints(f.KubeClientSet, framework.DefaultTimeout, framework.HTTPBunService, f.Namespace, 1) assert.Nil(ginkgo.GinkgoT(), err) - e, err := f.KubeClientSet.CoreV1().Endpoints(f.Namespace).Get(context.TODO(), framework.HTTPBinService, metav1.GetOptions{}) + e, err := f.KubeClientSet.CoreV1().Endpoints(f.Namespace).Get(context.TODO(), framework.HTTPBunService, metav1.GetOptions{}) assert.Nil(ginkgo.GinkgoT(), err) assert.GreaterOrEqual(ginkgo.GinkgoT(), len(e.Subsets), 1, "expected at least one endpoint") assert.GreaterOrEqual(ginkgo.GinkgoT(), len(e.Subsets[0].Addresses), 1, "expected at least one address ready in the endpoint") - httpbinIP := e.Subsets[0].Addresses[0].IP + httpbunIP := e.Subsets[0].Addresses[0].IP annotations = map[string]string{ - "nginx.ingress.kubernetes.io/auth-url": fmt.Sprintf("http://%s/basic-auth/user/password", httpbinIP), + "nginx.ingress.kubernetes.io/auth-url": fmt.Sprintf("http://%s/basic-auth/user/password", httpbunIP), "nginx.ingress.kubernetes.io/auth-signin": "http://$host/auth/start", } @@ -649,20 +650,20 @@ http { var ing *networking.Ingress ginkgo.BeforeEach(func() { - f.NewHttpbinDeployment() + f.NewHttpbunDeployment() - var httpbinIP string + var httpbunIP string - err := framework.WaitForEndpoints(f.KubeClientSet, framework.DefaultTimeout, framework.HTTPBinService, f.Namespace, 1) + err := framework.WaitForEndpoints(f.KubeClientSet, framework.DefaultTimeout, framework.HTTPBunService, f.Namespace, 1) assert.Nil(ginkgo.GinkgoT(), err) - e, err := f.KubeClientSet.CoreV1().Endpoints(f.Namespace).Get(context.TODO(), framework.HTTPBinService, metav1.GetOptions{}) + e, err := f.KubeClientSet.CoreV1().Endpoints(f.Namespace).Get(context.TODO(), framework.HTTPBunService, metav1.GetOptions{}) assert.Nil(ginkgo.GinkgoT(), err) - httpbinIP = e.Subsets[0].Addresses[0].IP + httpbunIP = e.Subsets[0].Addresses[0].IP annotations = map[string]string{ - "nginx.ingress.kubernetes.io/auth-url": fmt.Sprintf("http://%s/basic-auth/user/password", httpbinIP), + "nginx.ingress.kubernetes.io/auth-url": fmt.Sprintf("http://%s/basic-auth/user/password", httpbunIP), "nginx.ingress.kubernetes.io/auth-signin": "http://$host/auth/start", "nginx.ingress.kubernetes.io/auth-signin-redirect-param": "orig", } @@ -728,23 +729,23 @@ http { barPath := "/bar" ginkgo.BeforeEach(func() { - f.NewHttpbinDeployment() + f.NewHttpbunDeployment() - err := framework.WaitForEndpoints(f.KubeClientSet, framework.DefaultTimeout, framework.HTTPBinService, f.Namespace, 1) + err := framework.WaitForEndpoints(f.KubeClientSet, framework.DefaultTimeout, framework.HTTPBunService, f.Namespace, 1) assert.Nil(ginkgo.GinkgoT(), err) framework.Sleep(1 * time.Second) - e, err := f.KubeClientSet.CoreV1().Endpoints(f.Namespace).Get(context.TODO(), framework.HTTPBinService, metav1.GetOptions{}) + e, err := f.KubeClientSet.CoreV1().Endpoints(f.Namespace).Get(context.TODO(), framework.HTTPBunService, metav1.GetOptions{}) assert.Nil(ginkgo.GinkgoT(), err) assert.GreaterOrEqual(ginkgo.GinkgoT(), len(e.Subsets), 1, "expected at least one endpoint") assert.GreaterOrEqual(ginkgo.GinkgoT(), len(e.Subsets[0].Addresses), 1, "expected at least one address ready in the endpoint") - httpbinIP := e.Subsets[0].Addresses[0].IP + httpbunIP := e.Subsets[0].Addresses[0].IP annotations := map[string]string{ - "nginx.ingress.kubernetes.io/auth-url": fmt.Sprintf("http://%s/basic-auth/user/password", httpbinIP), + "nginx.ingress.kubernetes.io/auth-url": fmt.Sprintf("http://%s/basic-auth/user/password", httpbunIP), "nginx.ingress.kubernetes.io/auth-signin": "http://$host/auth/start", "nginx.ingress.kubernetes.io/auth-cache-key": "fixed", "nginx.ingress.kubernetes.io/auth-cache-duration": "200 201 401 30m", @@ -777,7 +778,7 @@ http { Expect(). Status(http.StatusOK) - err := f.DeleteDeployment(framework.HTTPBinService) + err := f.DeleteDeployment(framework.HTTPBunService) assert.Nil(ginkgo.GinkgoT(), err) framework.Sleep() @@ -797,7 +798,7 @@ http { Expect(). Status(http.StatusOK) - err := f.DeleteDeployment(framework.HTTPBinService) + err := f.DeleteDeployment(framework.HTTPBunService) assert.Nil(ginkgo.GinkgoT(), err) framework.Sleep() @@ -826,7 +827,7 @@ http { Expect(). Status(http.StatusOK) - err := f.DeleteDeployment(framework.HTTPBinService) + err := f.DeleteDeployment(framework.HTTPBunService) assert.Nil(ginkgo.GinkgoT(), err) framework.Sleep() diff --git a/test/e2e/annotations/grpc.go b/test/e2e/annotations/grpc.go index 39349e701..046191b21 100644 --- a/test/e2e/annotations/grpc.go +++ b/test/e2e/annotations/grpc.go @@ -125,7 +125,7 @@ var _ = framework.DescribeAnnotation("backend-protocol - GRPC", func() { ginkgo.It("authorization metadata should be overwritten by external auth response headers", func() { f.NewGRPCBinDeployment() - f.NewHttpbinDeployment() + f.NewHttpbunDeployment() host := "echo" @@ -149,19 +149,19 @@ var _ = framework.DescribeAnnotation("backend-protocol - GRPC", func() { } f.EnsureService(svc) - err := framework.WaitForEndpoints(f.KubeClientSet, framework.DefaultTimeout, framework.HTTPBinService, f.Namespace, 1) + err := framework.WaitForEndpoints(f.KubeClientSet, framework.DefaultTimeout, framework.HTTPBunService, f.Namespace, 1) assert.Nil(ginkgo.GinkgoT(), err) - e, err := f.KubeClientSet.CoreV1().Endpoints(f.Namespace).Get(context.TODO(), framework.HTTPBinService, metav1.GetOptions{}) + e, err := f.KubeClientSet.CoreV1().Endpoints(f.Namespace).Get(context.TODO(), framework.HTTPBunService, metav1.GetOptions{}) assert.Nil(ginkgo.GinkgoT(), err) assert.GreaterOrEqual(ginkgo.GinkgoT(), len(e.Subsets), 1, "expected at least one endpoint") assert.GreaterOrEqual(ginkgo.GinkgoT(), len(e.Subsets[0].Addresses), 1, "expected at least one address ready in the endpoint") - httpbinIP := e.Subsets[0].Addresses[0].IP + httpbunIP := e.Subsets[0].Addresses[0].IP annotations := map[string]string{ - "nginx.ingress.kubernetes.io/auth-url": fmt.Sprintf("http://%s/response-headers?authorization=foo", httpbinIP), + "nginx.ingress.kubernetes.io/auth-url": fmt.Sprintf("http://%s/response-headers?authorization=foo", httpbunIP), "nginx.ingress.kubernetes.io/auth-response-headers": "Authorization", "nginx.ingress.kubernetes.io/backend-protocol": "GRPC", } diff --git a/test/e2e/annotations/satisfy.go b/test/e2e/annotations/satisfy.go index e75464a9d..758ad21a4 100644 --- a/test/e2e/annotations/satisfy.go +++ b/test/e2e/annotations/satisfy.go @@ -85,15 +85,15 @@ var _ = framework.DescribeAnnotation("satisfy", func() { host := "auth" // setup external auth - f.NewHttpbinDeployment() + f.NewHttpbunDeployment() - err := framework.WaitForEndpoints(f.KubeClientSet, framework.DefaultTimeout, framework.HTTPBinService, f.Namespace, 1) + err := framework.WaitForEndpoints(f.KubeClientSet, framework.DefaultTimeout, framework.HTTPBunService, f.Namespace, 1) assert.Nil(ginkgo.GinkgoT(), err) - e, err := f.KubeClientSet.CoreV1().Endpoints(f.Namespace).Get(context.TODO(), framework.HTTPBinService, metav1.GetOptions{}) + e, err := f.KubeClientSet.CoreV1().Endpoints(f.Namespace).Get(context.TODO(), framework.HTTPBunService, metav1.GetOptions{}) assert.Nil(ginkgo.GinkgoT(), err) - httpbinIP := e.Subsets[0].Addresses[0].IP + httpbunIP := e.Subsets[0].Addresses[0].IP // create basic auth secret at ingress s := f.EnsureSecret(buildSecret("uname", "pwd", "basic-secret", f.Namespace)) @@ -105,7 +105,7 @@ var _ = framework.DescribeAnnotation("satisfy", func() { "nginx.ingress.kubernetes.io/auth-realm": "test basic auth", // annotations for external auth - "nginx.ingress.kubernetes.io/auth-url": fmt.Sprintf("http://%s/basic-auth/user/password", httpbinIP), + "nginx.ingress.kubernetes.io/auth-url": fmt.Sprintf("http://%s/basic-auth/user/password", httpbunIP), "nginx.ingress.kubernetes.io/auth-signin": "http://$host/auth/start", // set satisfy any diff --git a/test/e2e/framework/deployment.go b/test/e2e/framework/deployment.go index 4627a8892..06dfa0c5e 100644 --- a/test/e2e/framework/deployment.go +++ b/test/e2e/framework/deployment.go @@ -19,6 +19,7 @@ package framework import ( "context" "errors" + "fmt" "os" "time" @@ -36,14 +37,18 @@ const EchoService = "echo" // SlowEchoService name of the deployment for the echo app const SlowEchoService = "slow-echo" -// HTTPBinService name of the deployment for the httpbin app -const HTTPBinService = "httpbin" +// HTTPBunService name of the deployment for the httpbun app +const HTTPBunService = "httpbun" + +// NipService name of external service using nip.io +const NIPService = "external-nip" type deploymentOptions struct { namespace string name string replicas int svcAnnotations map[string]string + image string } // WithDeploymentNamespace allows configuring the deployment's namespace @@ -82,18 +87,26 @@ func WithName(n string) func(*deploymentOptions) { } } +// WithImage allows configuring the image for the deployments +func WithImage(i string) func(*deploymentOptions) { + return func(o *deploymentOptions) { + o.image = i + } +} + // NewEchoDeployment creates a new single replica deployment of the echo server image in a particular namespace func (f *Framework) NewEchoDeployment(opts ...func(*deploymentOptions)) { options := &deploymentOptions{ namespace: f.Namespace, name: EchoService, replicas: 1, + image: "registry.k8s.io/ingress-nginx/e2e-test-echo@sha256:4938d1d91a2b7d19454460a8c1b010b89f6ff92d2987fd889ac3e8fc3b70d91a", } for _, o := range opts { o(options) } - deployment := newDeployment(options.name, options.namespace, "registry.k8s.io/ingress-nginx/e2e-test-echo@sha256:4938d1d91a2b7d19454460a8c1b010b89f6ff92d2987fd889ac3e8fc3b70d91a", 80, int32(options.replicas), + deployment := newDeployment(options.name, options.namespace, options.image, 80, int32(options.replicas), nil, nil, nil, []corev1.VolumeMount{}, []corev1.Volume{}, @@ -129,6 +142,85 @@ func (f *Framework) NewEchoDeployment(opts ...func(*deploymentOptions)) { assert.Nil(ginkgo.GinkgoT(), err, "waiting for endpoints to become ready") } +// BuildNipHost used to generate a nip host for DNS resolving +func BuildNIPHost(ip string) string { + return fmt.Sprintf("%s.nip.io", ip) +} + +// BuildNIPExternalNameService used to generate a service pointing to nip.io to +// help resolve to an IP address +func BuildNIPExternalNameService(f *Framework, ip, portName string) *corev1.Service { + return &corev1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Name: NIPService, + Namespace: f.Namespace, + }, + Spec: corev1.ServiceSpec{ + ExternalName: BuildNIPHost(ip), + Type: corev1.ServiceTypeExternalName, + Ports: []corev1.ServicePort{ + { + Name: portName, + Port: 80, + TargetPort: intstr.FromInt(80), + Protocol: "TCP", + }, + }, + }, + } +} + +// NewHttpbunDeployment creates a new single replica deployment of the httpbun +// server image in a particular namespace we return the ip for testing purposes +func (f *Framework) NewHttpbunDeployment(opts ...func(*deploymentOptions)) string { + options := &deploymentOptions{ + namespace: f.Namespace, + name: HTTPBunService, + replicas: 1, + image: "registry.k8s.io/ingress-nginx/e2e-test-httpbun:v20230505-v0.0.1", + } + for _, o := range opts { + o(options) + } + + deployment := newDeployment(options.name, options.namespace, options.image, 80, int32(options.replicas), + nil, nil, nil, + []corev1.VolumeMount{}, + []corev1.Volume{}, + true, + ) + + f.EnsureDeployment(deployment) + + service := &corev1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Name: options.name, + Namespace: options.namespace, + Annotations: options.svcAnnotations, + }, + Spec: corev1.ServiceSpec{ + Ports: []corev1.ServicePort{ + { + Name: "http", + Port: 80, + TargetPort: intstr.FromInt(80), + Protocol: corev1.ProtocolTCP, + }, + }, + Selector: map[string]string{ + "app": options.name, + }, + }, + } + + s := f.EnsureService(service) + + err := WaitForEndpoints(f.KubeClientSet, DefaultTimeout, options.name, options.namespace, options.replicas) + assert.Nil(ginkgo.GinkgoT(), err, "waiting for endpoints to become ready") + + return s.Spec.ClusterIPs[0] +} + // NewSlowEchoDeployment creates a new deployment of the slow echo server image in a particular namespace. func (f *Framework) NewSlowEchoDeployment() { cfg := `# @@ -418,11 +510,6 @@ func newDeployment(name, namespace, image string, port int32, replicas int32, co return d } -// NewHttpbinDeployment creates a new single replica deployment of the httpbin image in a particular namespace. -func (f *Framework) NewHttpbinDeployment() { - f.NewDeployment(HTTPBinService, "registry.k8s.io/ingress-nginx/e2e-test-httpbin@sha256:c6372ef57a775b95f18e19d4c735a9819f2e7bb4641e5e3f27287d831dfeb7e8", 80, 1) -} - func (f *Framework) NewDeployment(name, image string, port int32, replicas int32) { f.NewDeploymentWithOpts(name, image, port, replicas, nil, nil, nil, nil, nil, true) } diff --git a/test/e2e/security/request_smuggling.go b/test/e2e/security/request_smuggling.go index 9891480dc..786a7a397 100644 --- a/test/e2e/security/request_smuggling.go +++ b/test/e2e/security/request_smuggling.go @@ -50,9 +50,12 @@ server { f.UpdateNginxConfigMapData("http-snippet", snippet) + //TODO: currently using a self hosted HTTPBun instance results in a 499, we + //should move away from using httpbun.com once we have the httpbun + //deployment as part of the framework ing := framework.NewSingleIngress(host, "/", host, f.Namespace, framework.EchoService, 80, map[string]string{ - "nginx.ingress.kubernetes.io/auth-signin": "https://httpbin.org/uuid", - "nginx.ingress.kubernetes.io/auth-url": "https://httpbin.org/basic-auth/user/passwd", + "nginx.ingress.kubernetes.io/auth-signin": "https://httpbun.com/bearer/d4bcba7a-0def-4a31-91a7-47e420adf44b", + "nginx.ingress.kubernetes.io/auth-url": "https://httpbun.com/basic-auth/user/passwd", }) f.EnsureIngress(ing) diff --git a/test/e2e/servicebackend/service_externalname.go b/test/e2e/servicebackend/service_externalname.go index 0d121c671..2fd6cd080 100644 --- a/test/e2e/servicebackend/service_externalname.go +++ b/test/e2e/servicebackend/service_externalname.go @@ -29,44 +29,21 @@ import ( corev1 "k8s.io/api/core/v1" networking "k8s.io/api/networking/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/util/intstr" "k8s.io/ingress-nginx/internal/nginx" "k8s.io/ingress-nginx/test/e2e/framework" ) -func buildHTTPBinExternalNameService(f *framework.Framework, portName string) *corev1.Service { - return &corev1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Name: framework.HTTPBinService, - Namespace: f.Namespace, - }, - Spec: corev1.ServiceSpec{ - ExternalName: "httpbin.org", - Type: corev1.ServiceTypeExternalName, - Ports: []corev1.ServicePort{ - { - Name: portName, - Port: 80, - TargetPort: intstr.FromInt(80), - Protocol: "TCP", - }, - }, - }, - } -} - var _ = framework.IngressNginxDescribe("[Service] Type ExternalName", func() { f := framework.NewDefaultFramework("type-externalname") ginkgo.It("works with external name set to incomplete fqdn", func() { f.NewEchoDeployment() - host := "echo" svc := &corev1.Service{ ObjectMeta: metav1.ObjectMeta{ - Name: framework.HTTPBinService, + Name: framework.HTTPBunService, Namespace: f.Namespace, }, Spec: corev1.ServiceSpec{ @@ -77,7 +54,7 @@ var _ = framework.IngressNginxDescribe("[Service] Type ExternalName", func() { f.EnsureService(svc) - ing := framework.NewSingleIngress(host, "/", host, f.Namespace, framework.HTTPBinService, 80, nil) + ing := framework.NewSingleIngress(host, "/", host, f.Namespace, framework.HTTPBunService, 80, nil) f.EnsureIngress(ing) f.WaitForNginxServer(host, @@ -93,15 +70,19 @@ var _ = framework.IngressNginxDescribe("[Service] Type ExternalName", func() { }) ginkgo.It("should return 200 for service type=ExternalName without a port defined", func() { + // This is a workaround so we only depend on a self hosted instance of + // httpbun + ip := f.NewHttpbunDeployment() + host := "echo" svc := &corev1.Service{ ObjectMeta: metav1.ObjectMeta{ - Name: framework.HTTPBinService, + Name: framework.NIPService, Namespace: f.Namespace, }, Spec: corev1.ServiceSpec{ - ExternalName: "httpbin.org", + ExternalName: framework.BuildNIPHost(ip), Type: corev1.ServiceTypeExternalName, }, } @@ -109,9 +90,9 @@ var _ = framework.IngressNginxDescribe("[Service] Type ExternalName", func() { f.EnsureService(svc) annotations := map[string]string{ - "nginx.ingress.kubernetes.io/upstream-vhost": "httpbin.org", + "nginx.ingress.kubernetes.io/upstream-vhost": framework.BuildNIPHost(ip), } - ing := framework.NewSingleIngress(host, "/", host, f.Namespace, framework.HTTPBinService, 80, annotations) + ing := framework.NewSingleIngress(host, "/", host, f.Namespace, framework.HTTPBunService, 80, annotations) f.EnsureIngress(ing) f.WaitForNginxServer(host, @@ -127,15 +108,19 @@ var _ = framework.IngressNginxDescribe("[Service] Type ExternalName", func() { }) ginkgo.It("should return 200 for service type=ExternalName with a port defined", func() { + // This is a workaround so we only depend on a self hosted instance of + // httpbun + ip := f.NewHttpbunDeployment() + host := "echo" - svc := buildHTTPBinExternalNameService(f, host) + svc := framework.BuildNIPExternalNameService(f, ip, host) f.EnsureService(svc) annotations := map[string]string{ - "nginx.ingress.kubernetes.io/upstream-vhost": "httpbin.org", + "nginx.ingress.kubernetes.io/upstream-vhost": framework.BuildNIPHost(ip), } - ing := framework.NewSingleIngress(host, "/", host, f.Namespace, framework.HTTPBinService, 80, annotations) + ing := framework.NewSingleIngress(host, "/", host, f.Namespace, framework.HTTPBunService, 80, annotations) f.EnsureIngress(ing) f.WaitForNginxServer(host, @@ -155,7 +140,7 @@ var _ = framework.IngressNginxDescribe("[Service] Type ExternalName", func() { svc := &corev1.Service{ ObjectMeta: metav1.ObjectMeta{ - Name: framework.HTTPBinService, + Name: framework.HTTPBunService, Namespace: f.Namespace, }, Spec: corev1.ServiceSpec{ @@ -166,7 +151,7 @@ var _ = framework.IngressNginxDescribe("[Service] Type ExternalName", func() { f.EnsureService(svc) - ing := framework.NewSingleIngress(host, "/", host, f.Namespace, framework.HTTPBinService, 80, nil) + ing := framework.NewSingleIngress(host, "/", host, f.Namespace, framework.HTTPBunService, 80, nil) f.EnsureIngress(ing) f.WaitForNginxServer(host, @@ -182,18 +167,22 @@ var _ = framework.IngressNginxDescribe("[Service] Type ExternalName", func() { }) ginkgo.It("should return 200 for service type=ExternalName using a port name", func() { + // This is a workaround so we only depend on a self hosted instance of + // httpbun + ip := f.NewHttpbunDeployment() + host := "echo" - svc := buildHTTPBinExternalNameService(f, host) + svc := framework.BuildNIPExternalNameService(f, ip, host) f.EnsureService(svc) annotations := map[string]string{ - "nginx.ingress.kubernetes.io/upstream-vhost": "httpbin.org", + "nginx.ingress.kubernetes.io/upstream-vhost": framework.BuildNIPHost(ip), } - ing := framework.NewSingleIngress(host, "/", host, f.Namespace, framework.HTTPBinService, 80, annotations) + ing := framework.NewSingleIngress(host, "/", host, f.Namespace, framework.HTTPBunService, 80, annotations) namedBackend := networking.IngressBackend{ Service: &networking.IngressServiceBackend{ - Name: framework.HTTPBinService, + Name: framework.NIPService, Port: networking.ServiceBackendPort{ Name: host, }, @@ -215,22 +204,26 @@ var _ = framework.IngressNginxDescribe("[Service] Type ExternalName", func() { }) ginkgo.It("should return 200 for service type=ExternalName using FQDN with trailing dot", func() { + // This is a workaround so we only depend on a self hosted instance of + // httpbun + ip := f.NewHttpbunDeployment() + host := "echo" svc := &corev1.Service{ ObjectMeta: metav1.ObjectMeta{ - Name: framework.HTTPBinService, + Name: framework.NIPService, Namespace: f.Namespace, }, Spec: corev1.ServiceSpec{ - ExternalName: "httpbin.org.", + ExternalName: framework.BuildNIPHost(ip), Type: corev1.ServiceTypeExternalName, }, } f.EnsureService(svc) - ing := framework.NewSingleIngress(host, "/", host, f.Namespace, framework.HTTPBinService, 80, nil) + ing := framework.NewSingleIngress(host, "/", host, f.Namespace, framework.HTTPBunService, 80, nil) f.EnsureIngress(ing) f.WaitForNginxServer(host, @@ -246,18 +239,23 @@ var _ = framework.IngressNginxDescribe("[Service] Type ExternalName", func() { }) ginkgo.It("should update the external name after a service update", func() { + // This is a workaround so we only depend on a self hosted instance of + // httpbun + ip := f.NewHttpbunDeployment() + host := "echo" - svc := buildHTTPBinExternalNameService(f, host) + svc := framework.BuildNIPExternalNameService(f, ip, host) f.EnsureService(svc) annotations := map[string]string{ - "nginx.ingress.kubernetes.io/upstream-vhost": "httpbin.org", + "nginx.ingress.kubernetes.io/upstream-vhost": framework.BuildNIPHost(ip), } - ing := framework.NewSingleIngress(host, "/", host, f.Namespace, framework.HTTPBinService, 80, annotations) + + ing := framework.NewSingleIngress(host, "/", host, f.Namespace, framework.HTTPBunService, 80, annotations) namedBackend := networking.IngressBackend{ Service: &networking.IngressServiceBackend{ - Name: framework.HTTPBinService, + Name: framework.NIPService, Port: networking.ServiceBackendPort{ Name: host, }, @@ -281,13 +279,15 @@ var _ = framework.IngressNginxDescribe("[Service] Type ExternalName", func() { assert.Contains(ginkgo.GinkgoT(), body, `"X-Forwarded-Host": "echo"`) - svc, err := f.KubeClientSet.CoreV1().Services(f.Namespace).Get(context.TODO(), framework.HTTPBinService, metav1.GetOptions{}) - assert.Nil(ginkgo.GinkgoT(), err, "unexpected error obtaining httpbin service") + svc, err := f.KubeClientSet.CoreV1().Services(f.Namespace).Get(context.TODO(), framework.NIPService, metav1.GetOptions{}) + assert.Nil(ginkgo.GinkgoT(), err, "unexpected error obtaining external service") - svc.Spec.ExternalName = "eu.httpbin.org" + ip = f.NewHttpbunDeployment(framework.WithDeploymentName("eu-server")) + + svc.Spec.ExternalName = framework.BuildNIPHost(ip) _, err = f.KubeClientSet.CoreV1().Services(f.Namespace).Update(context.Background(), svc, metav1.UpdateOptions{}) - assert.Nil(ginkgo.GinkgoT(), err, "unexpected error updating httpbin service") + assert.Nil(ginkgo.GinkgoT(), err, "unexpected error updating external service") framework.Sleep() @@ -301,18 +301,22 @@ var _ = framework.IngressNginxDescribe("[Service] Type ExternalName", func() { assert.Contains(ginkgo.GinkgoT(), body, `"X-Forwarded-Host": "echo"`) - ginkgo.By("checking the service is updated to use eu.httpbin.org") + ginkgo.By("checking the service is updated to use new host") curlCmd := fmt.Sprintf("curl --fail --silent http://localhost:%v/configuration/backends", nginx.StatusPort) output, err := f.ExecIngressPod(curlCmd) assert.Nil(ginkgo.GinkgoT(), err) - assert.Contains(ginkgo.GinkgoT(), output, `{"address":"eu.httpbin.org"`) + assert.Contains(ginkgo.GinkgoT(), output, fmt.Sprintf("{\"address\":\"%s\"", framework.BuildNIPHost(ip))) }) ginkgo.It("should sync ingress on external name service addition/deletion", func() { + // This is a workaround so we only depend on a self hosted instance of + // httpbun + ip := f.NewHttpbunDeployment() + host := "echo" // Create the Ingress first - ing := framework.NewSingleIngress(host, "/", host, f.Namespace, framework.HTTPBinService, 80, nil) + ing := framework.NewSingleIngress(host, "/", host, f.Namespace, framework.NIPService, 80, nil) f.EnsureIngress(ing) f.WaitForNginxServer(host, @@ -328,7 +332,7 @@ var _ = framework.IngressNginxDescribe("[Service] Type ExternalName", func() { Status(http.StatusServiceUnavailable) // Now create the service - svc := buildHTTPBinExternalNameService(f, host) + svc := framework.BuildNIPExternalNameService(f, ip, host) f.EnsureService(svc) framework.Sleep() @@ -341,9 +345,8 @@ var _ = framework.IngressNginxDescribe("[Service] Type ExternalName", func() { Status(http.StatusOK) // And back to 503 after deleting the service - - err := f.KubeClientSet.CoreV1().Services(f.Namespace).Delete(context.TODO(), framework.HTTPBinService, metav1.DeleteOptions{}) - assert.Nil(ginkgo.GinkgoT(), err, "unexpected error deleting httpbin service") + err := f.KubeClientSet.CoreV1().Services(f.Namespace).Delete(context.TODO(), framework.NIPService, metav1.DeleteOptions{}) + assert.Nil(ginkgo.GinkgoT(), err, "unexpected error deleting external service") framework.Sleep() diff --git a/test/e2e/settings/brotli.go b/test/e2e/settings/brotli.go index a07eb6c09..a13678f66 100644 --- a/test/e2e/settings/brotli.go +++ b/test/e2e/settings/brotli.go @@ -33,7 +33,7 @@ var _ = framework.IngressNginxDescribe("brotli", func() { host := "brotli" ginkgo.BeforeEach(func() { - f.NewHttpbinDeployment() + f.NewHttpbunDeployment() }) ginkgo.It("should only compress responses that meet the `brotli-min-length` condition", func() { @@ -43,7 +43,7 @@ var _ = framework.IngressNginxDescribe("brotli", func() { f.UpdateNginxConfigMapData("brotli-types", contentEncoding) f.UpdateNginxConfigMapData("brotli-min-length", strconv.Itoa(brotliMinLength)) - f.EnsureIngress(framework.NewSingleIngress(host, "/", host, f.Namespace, framework.HTTPBinService, 80, nil)) + f.EnsureIngress(framework.NewSingleIngress(host, "/", host, f.Namespace, framework.HTTPBunService, 80, nil)) f.WaitForNginxConfiguration( func(server string) bool { diff --git a/test/e2e/settings/disable_service_external_name.go b/test/e2e/settings/disable_service_external_name.go index a24cfebde..7f03e5355 100644 --- a/test/e2e/settings/disable_service_external_name.go +++ b/test/e2e/settings/disable_service_external_name.go @@ -50,17 +50,21 @@ var _ = framework.IngressNginxDescribe("[Flag] disable-service-external-name", f }) ginkgo.It("should ignore services of external-name type", func() { - nonexternalhost := "echo-svc.com" externalhost := "echo-external-svc.com" + + ip := f.NewHttpbunDeployment() + svc := framework.BuildNIPExternalNameService(f, ip, "echo") + f.EnsureService(svc) + svcexternal := &corev1.Service{ ObjectMeta: metav1.ObjectMeta{ Name: "external", Namespace: f.Namespace, }, Spec: corev1.ServiceSpec{ - ExternalName: "httpbin.org", + ExternalName: framework.BuildNIPHost(ip), Type: corev1.ServiceTypeExternalName, }, } diff --git a/test/e2e/settings/global_external_auth.go b/test/e2e/settings/global_external_auth.go index c70b5a9b1..c5964299f 100644 --- a/test/e2e/settings/global_external_auth.go +++ b/test/e2e/settings/global_external_auth.go @@ -50,13 +50,13 @@ var _ = framework.DescribeSetting("[Security] global-auth-url", func() { ginkgo.BeforeEach(func() { f.NewEchoDeployment() - f.NewHttpbinDeployment() + f.NewHttpbunDeployment() }) ginkgo.Context("when global external authentication is configured", func() { ginkgo.BeforeEach(func() { - globalExternalAuthURL := fmt.Sprintf("http://%s.%s.svc.cluster.local:80/status/401", framework.HTTPBinService, f.Namespace) + globalExternalAuthURL := fmt.Sprintf("http://%s.%s.svc.cluster.local:80/status/401", framework.HTTPBunService, f.Namespace) ginkgo.By("Adding an ingress rule for /foo") fooIng := framework.NewSingleIngress("foo-ingress", fooPath, host, f.Namespace, echoServiceName, 80, nil) @@ -158,7 +158,7 @@ var _ = framework.DescribeSetting("[Security] global-auth-url", func() { globalExternalAuthCacheKey := "foo" globalExternalAuthCacheDurationSetting := "global-auth-cache-duration" globalExternalAuthCacheDuration := "200 201 401 30m" - globalExternalAuthURL := fmt.Sprintf("http://%s.%s.svc.cluster.local:80/status/200", framework.HTTPBinService, f.Namespace) + globalExternalAuthURL := fmt.Sprintf("http://%s.%s.svc.cluster.local:80/status/200", framework.HTTPBunService, f.Namespace) ginkgo.By("Adding a global-auth-cache-key to configMap") f.SetNginxConfigMapData(map[string]string{ @@ -182,7 +182,7 @@ var _ = framework.DescribeSetting("[Security] global-auth-url", func() { Expect(). Status(http.StatusOK) - err := f.DeleteDeployment(framework.HTTPBinService) + err := f.DeleteDeployment(framework.HTTPBunService) assert.Nil(ginkgo.GinkgoT(), err) framework.Sleep() @@ -307,9 +307,9 @@ http { assert.GreaterOrEqual(ginkgo.GinkgoT(), len(e.Subsets), 1, "expected at least one endpoint") assert.GreaterOrEqual(ginkgo.GinkgoT(), len(e.Subsets[0].Addresses), 1, "expected at least one address ready in the endpoint") - httpbinIP := e.Subsets[0].Addresses[0].IP + httpbunIP := e.Subsets[0].Addresses[0].IP - f.UpdateNginxConfigMapData(globalExternalAuthURLSetting, fmt.Sprintf("http://%s/cookies/set/alma/armud", httpbinIP)) + f.UpdateNginxConfigMapData(globalExternalAuthURLSetting, fmt.Sprintf("http://%s/cookies/set/alma/armud", httpbunIP)) ing1 = framework.NewSingleIngress(host, "/", host, f.Namespace, "http-cookie-with-error", 80, nil) f.EnsureIngress(ing1) diff --git a/test/e2e/settings/listen_nondefault_ports.go b/test/e2e/settings/listen_nondefault_ports.go index 61a128040..8b5d22f6e 100644 --- a/test/e2e/settings/listen_nondefault_ports.go +++ b/test/e2e/settings/listen_nondefault_ports.go @@ -98,21 +98,21 @@ var _ = framework.IngressNginxDescribe("[Flag] custom HTTP and HTTPS ports", fun ginkgo.Context("when external authentication is configured", func() { ginkgo.It("should set the X-Forwarded-Port header to 443", func() { - f.NewHttpbinDeployment() + f.NewHttpbunDeployment() - err := framework.WaitForEndpoints(f.KubeClientSet, framework.DefaultTimeout, framework.HTTPBinService, f.Namespace, 1) + err := framework.WaitForEndpoints(f.KubeClientSet, framework.DefaultTimeout, framework.HTTPBunService, f.Namespace, 1) assert.Nil(ginkgo.GinkgoT(), err) - e, err := f.KubeClientSet.CoreV1().Endpoints(f.Namespace).Get(context.TODO(), framework.HTTPBinService, metav1.GetOptions{}) + e, err := f.KubeClientSet.CoreV1().Endpoints(f.Namespace).Get(context.TODO(), framework.HTTPBunService, metav1.GetOptions{}) assert.Nil(ginkgo.GinkgoT(), err) assert.GreaterOrEqual(ginkgo.GinkgoT(), len(e.Subsets), 1, "expected at least one endpoint") assert.GreaterOrEqual(ginkgo.GinkgoT(), len(e.Subsets[0].Addresses), 1, "expected at least one address ready in the endpoint") - httpbinIP := e.Subsets[0].Addresses[0].IP + httpbunIP := e.Subsets[0].Addresses[0].IP annotations := map[string]string{ - "nginx.ingress.kubernetes.io/auth-url": fmt.Sprintf("http://%s/basic-auth/user/password", httpbinIP), + "nginx.ingress.kubernetes.io/auth-url": fmt.Sprintf("http://%s/basic-auth/user/password", httpbunIP), "nginx.ingress.kubernetes.io/auth-signin": "http://$host/auth/start", } diff --git a/test/k6/smoketest.js b/test/k6/smoketest.js index b5ab577a9..8fe9e950a 100644 --- a/test/k6/smoketest.js +++ b/test/k6/smoketest.js @@ -27,7 +27,7 @@ export default function () { const params = { headers: {'host': 'test.ingress-nginx-controller.ga'}, }; - // httpbin.org documents these requests + // httpbun.com documents these requests const req1 = { method: 'GET', url: 'http://test.ingress-nginx-controller.ga/ip',