DevFW-CICD/ingress-nginx-helm
12
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add e2e tests for secure cookie annotations (#7575) (#7619)

Browse source 
Co-authored-by: Agoretti <andremotta96@gmail.com>

Co-authored-by: Agoretti <andremotta96@gmail.com>
This commit is contained in:
Renato Britto Araujo 2021-09-12 17:10:07 -03:00 committed by GitHub
parent ff2b743a94
commit 0dbaadf608
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 70 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

70
test/e2e/annotations/affinity.go
View file

@ -18,6 +18,7 @@ package annotations
import ( import (
"context" "context"
"crypto/tls"
"fmt" "fmt"
"net/http" "net/http"
"strings" "strings"
@ -363,4 +364,73 @@ var _ = framework.DescribeAnnotation("affinity session-cookie-name", func() {
Header("Set-Cookie").Contains("SERVERID=") Header("Set-Cookie").Contains("SERVERID=")
}) })
ginkgo.It("should set secure in cookie with provided true annotation on http", func() {
host := "foo.com"
annotations := make(map[string]string)
annotations["nginx.ingress.kubernetes.io/affinity"] = "cookie"
annotations["nginx.ingress.kubernetes.io/session-cookie-name"] = "SERVERID"
annotations["nginx.ingress.kubernetes.io/session-cookie-secure"] = "true"
ing := framework.NewSingleIngress(host, "/bar", host, f.Namespace, framework.EchoService, 80, annotations)
f.EnsureIngress(ing)
f.WaitForNginxServer(host,
func(server string) bool {
return strings.Contains(server, fmt.Sprintf("server_name %s ;", host))
})
f.HTTPTestClient().
GET("/bar").
WithHeader("Host", host).
Expect().
Status(http.StatusOK).
Header("Set-Cookie").Contains("; Secure")
})
ginkgo.It("should not set secure in cookie with provided false annotation on http", func() {
host := "foo.com"
annotations := make(map[string]string)
annotations["nginx.ingress.kubernetes.io/affinity"] = "cookie"
annotations["nginx.ingress.kubernetes.io/session-cookie-name"] = "SERVERID"
annotations["nginx.ingress.kubernetes.io/session-cookie-secure"] = "false"
ing := framework.NewSingleIngress(host, "/bar", host, f.Namespace, framework.EchoService, 80, annotations)
f.EnsureIngress(ing)
f.WaitForNginxServer(host,
func(server string) bool {
return strings.Contains(server, fmt.Sprintf("server_name %s ;", host))
})
f.HTTPTestClient().
GET("/bar").
WithHeader("Host", host).
Expect().
Status(http.StatusOK).
Header("Set-Cookie").NotContains("; Secure")
})
ginkgo.It("should set secure in cookie with provided false annotation on https", func() {
host := "foo.com"
annotations := make(map[string]string)
annotations["nginx.ingress.kubernetes.io/affinity"] = "cookie"
annotations["nginx.ingress.kubernetes.io/session-cookie-name"] = "SERVERID"
annotations["nginx.ingress.kubernetes.io/session-cookie-secure"] = "false"
f.EnsureIngress(framework.NewSingleIngressWithTLS(host, "/", host, []string{host}, f.Namespace, framework.EchoService, 80, annotations))
f.WaitForNginxServer(host,
func(server string) bool {
return strings.Contains(server, fmt.Sprintf("server_name %s ;", host)) &&
strings.Contains(server, "listen 443")
})
f.HTTPTestClientWithTLSConfig(&tls.Config{ServerName: host, InsecureSkipVerify: true}).
GET("/").
WithURL(f.GetURL(framework.HTTPS)).
WithHeader("Host", host).
Expect().
Status(http.StatusOK).
Header("Set-Cookie").Contains("; Secure")
})
}) })