adding unit tests for validation when in dns proxy mode

hashicorp · Jul 11, 2024 · e2d99c3 · e2d99c3
1 parent 5a3bc0c
commit e2d99c3
Show file tree

Hide file tree

Showing 3 changed files with 172 additions and 24 deletions.
diff --git a/Makefile b/Makefile
@@ -69,6 +69,7 @@ docker-run: docker ## run the image of $(TAG)
 
 .PHONY: dev-docker
 dev-docker: docker ## build docker image and tag the image to local
+	echo '$(ARCH)'
 	docker tag '$(PRODUCT_NAME):$(VERSION)'  '$(PRODUCT_NAME):local'
 
 ##@ Testing

diff --git a/pkg/consuldp/consul_dataplane.go b/pkg/consuldp/consul_dataplane.go
@@ -79,9 +79,9 @@ func validateConfig(cfg *Config) error {
 		return errors.New("consul addresses not specified")
 	case cfg.Consul.GRPCPort == 0:
 		return errors.New("consul server gRPC port not specified")
-	case cfg.Proxy == nil:
+	case cfg.Mode == ModeTypeSidecar && cfg.Proxy == nil:
 		return errors.New("proxy details not specified")
-	case cfg.Proxy.ProxyID == "":
+	case cfg.Mode == ModeTypeSidecar && cfg.Proxy.ProxyID == "":
 		return errors.New("proxy ID not specified")
 	case cfg.Mode == ModeTypeSidecar && cfg.Envoy == nil:
 		return errors.New("envoy settings not specified")

diff --git a/pkg/consuldp/consul_dataplane_test.go b/pkg/consuldp/consul_dataplane_test.go
@@ -10,9 +10,9 @@ import (
 	"github.com/stretchr/testify/require"
 )
 
-func validConfig() *Config {
+func validConfig(mode ModeType) *Config {
 	return &Config{
-		Mode: ModeTypeSidecar,
+		Mode: mode,
 		Consul: &ConsulConfig{
 			Addresses: "consul.servers.dns.com",
 			GRPCPort:  1234,
@@ -55,7 +55,7 @@ func validConfig() *Config {
 }
 
 func TestNewConsulDP(t *testing.T) {
-	cfg := validConfig()
+	cfg := validConfig(ModeTypeSidecar)
 	consulDP, err := NewConsulDP(cfg)
 	require.NoError(t, err)
 	require.NotNil(t, consulDP)
@@ -70,114 +70,261 @@ func TestNewConsulDPError(t *testing.T) {
 		name      string
 		modFn     func(*Config)
 		expectErr string
+		mode      ModeType
 	}
 
 	testCases := []testCase{
+		// Side car test cases
 		{
-			name:      "missing consul config",
+			name:      "sidecar mode - missing consul config",
+			mode:      ModeTypeSidecar,
 			modFn:     func(c *Config) { c.Consul = nil },
 			expectErr: "consul addresses not specified",
 		},
 		{
-			name:      "missing consul addresses",
+			name:      "sidecar mode - missing consul addresses",
+			mode:      ModeTypeSidecar,
 			modFn:     func(c *Config) { c.Consul.Addresses = "" },
 			expectErr: "consul addresses not specified",
 		},
 		{
-			name:      "missing consul server grpc port",
+			name:      "sidecar mode - missing consul server grpc port",
+			mode:      ModeTypeSidecar,
 			modFn:     func(c *Config) { c.Consul.GRPCPort = 0 },
 			expectErr: "consul server gRPC port not specified",
 		},
 		{
-			name:      "missing proxy config",
+			name:      "sidecar mode - missing proxy config",
+			mode:      ModeTypeSidecar,
 			modFn:     func(c *Config) { c.Proxy = nil },
 			expectErr: "proxy details not specified",
 		},
 		{
-			name:      "missing proxy id",
+			name:      "sidecar mode - missing proxy id",
+			mode:      ModeTypeSidecar,
 			modFn:     func(c *Config) { c.Proxy.ProxyID = "" },
 			expectErr: "proxy ID not specified",
 		},
 		{
-			name:      "missing envoy config",
+			name:      "sidecar mode - missing envoy config",
+			mode:      ModeTypeSidecar,
 			modFn:     func(c *Config) { c.Envoy = nil },
 			expectErr: "envoy settings not specified",
 		},
 		{
-			name:      "missing envoy admin bind address",
+			name:      "sidecar mode - missing envoy admin bind address",
+			mode:      ModeTypeSidecar,
 			modFn:     func(c *Config) { c.Envoy.AdminBindAddress = "" },
 			expectErr: "envoy admin bind address not specified",
 		},
 		{
-			name:      "missing envoy admin bind port",
+			name:      "sidecar mode - missing envoy admin bind port",
+			mode:      ModeTypeSidecar,
 			modFn:     func(c *Config) { c.Envoy.AdminBindPort = 0 },
 			expectErr: "envoy admin bind port not specified",
 		},
 		{
-			name:      "missing logging config",
+			name:      "sidecar mode - missing logging config",
+			mode:      ModeTypeSidecar,
 			modFn:     func(c *Config) { c.Logging = nil },
 			expectErr: "logging settings not specified",
 		},
 		{
-			name:      "missing prometheus ca certs path",
+			name:      "sidecar mode - missing prometheus ca certs path",
+			mode:      ModeTypeSidecar,
 			modFn:     func(c *Config) { c.Telemetry.Prometheus.CACertsPath = "" },
 			expectErr: "Must provide -telemetry-prom-ca-certs-path, -telemetry-prom-cert-file, and -telemetry-prom-key-file to enable TLS for prometheus metrics",
 		},
 		{
-			name:      "missing prometheus key file",
+			name:      "sidecar mode - missing prometheus key file",
+			mode:      ModeTypeSidecar,
 			modFn:     func(c *Config) { c.Telemetry.Prometheus.KeyFile = "" },
 			expectErr: "Must provide -telemetry-prom-ca-certs-path, -telemetry-prom-cert-file, and -telemetry-prom-key-file to enable TLS for prometheus metrics",
 		},
 		{
-			name:      "missing prometheus cert file",
+			name:      "sidecar mode - missing prometheus cert file",
+			mode:      ModeTypeSidecar,
 			modFn:     func(c *Config) { c.Telemetry.Prometheus.CertFile = "" },
 			expectErr: "Must provide -telemetry-prom-ca-certs-path, -telemetry-prom-cert-file, and -telemetry-prom-key-file to enable TLS for prometheus metrics",
 		},
 		{
-			name:      "missing prometheus retention time",
+			name:      "sidecar mode - missing prometheus retention time",
+			mode:      ModeTypeSidecar,
 			modFn:     func(c *Config) { c.Telemetry.Prometheus.RetentionTime = 0 },
 			expectErr: "-telemetry-prom-retention-time must be greater than zero",
 		},
 		{
-			name:      "missing prometheus scrape path",
+			name:      "sidecar mode - missing prometheus scrape path",
+			mode:      ModeTypeSidecar,
 			modFn:     func(c *Config) { c.Telemetry.Prometheus.ScrapePath = "" },
 			expectErr: "-telemetry-prom-scrape-path must not be empty",
 		},
 		{
-			name:      "missing xds bind address",
+			name:      "sidecar mode - missing xds bind address",
+			mode:      ModeTypeSidecar,
 			modFn:     func(c *Config) { c.XDSServer.BindAddress = "" },
 			expectErr: "envoy xDS bind address not specified",
 		},
 		{
-			name: "non-local xds bind address",
+			name: "sidecar mode - non-local xds bind address",
+			mode: ModeTypeSidecar,
 			modFn: func(c *Config) {
 				c.XDSServer.BindAddress = "1.2.3.4"
 			},
 			expectErr: "non-local xDS bind address not allowed",
 		},
 		{
-			name: "non-local xds bind address",
+			name: "sidecar mode - non-local xds bind address",
+			mode: ModeTypeSidecar,
 			modFn: func(c *Config) {
 				c.DNSServer.BindAddr = "1.2.3.4"
 				c.DNSServer.Port = 1
 			},
 			expectErr: "non-local DNS proxy bind address not allowed when running as a sidecar",
 		},
 		{
-			name: "no bearer token or path given",
+			name: "sidecar mode - no bearer token or path given",
+			mode: ModeTypeSidecar,
 			modFn: func(c *Config) {
 				c.Consul.Credentials.Type = CredentialsTypeLogin
 				c.Consul.Credentials.Login = LoginCredentialsConfig{}
 			},
 			expectErr: "bearer token (or path to a file containing a bearer token) is required for login",
 		},
 	}
+
+	dnsProxyTestCases := []testCase{
+		// dns proxy test cases
+		{
+			name:      "dns-proxy mode - missing consul config",
+			mode:      ModeTypeDNSProxy,
+			modFn:     func(c *Config) { c.Consul = nil },
+			expectErr: "consul addresses not specified",
+		},
+		{
+			name:      "dns-proxy mode - missing consul addresses",
+			mode:      ModeTypeDNSProxy,
+			modFn:     func(c *Config) { c.Consul.Addresses = "" },
+			expectErr: "consul addresses not specified",
+		},
+		{
+			name:      "dns-proxy mode - missing consul server grpc port",
+			mode:      ModeTypeDNSProxy,
+			modFn:     func(c *Config) { c.Consul.GRPCPort = 0 },
+			expectErr: "consul server gRPC port not specified",
+		},
+		{
+			name:      "dns-proxy mode - no error when missing proxy config",
+			mode:      ModeTypeDNSProxy,
+			modFn:     func(c *Config) { c.Proxy = nil },
+			expectErr: "",
+		},
+		{
+			name:      "dns-proxy mode - no error when missing proxy id",
+			mode:      ModeTypeDNSProxy,
+			modFn:     func(c *Config) { c.Proxy.ProxyID = "" },
+			expectErr: "",
+		},
+		{
+			name:      "dns-proxy mode - no error when missing envoy config",
+			mode:      ModeTypeDNSProxy,
+			modFn:     func(c *Config) { c.Envoy = nil },
+			expectErr: "",
+		},
+		{
+			name:      "dns-proxy mode - no error when missing envoy admin bind address",
+			mode:      ModeTypeDNSProxy,
+			modFn:     func(c *Config) { c.Envoy.AdminBindAddress = "" },
+			expectErr: "",
+		},
+		{
+			name:      "dns-proxy mode - no error when missing envoy admin bind port",
+			mode:      ModeTypeDNSProxy,
+			modFn:     func(c *Config) { c.Envoy.AdminBindPort = 0 },
+			expectErr: "",
+		},
+		{
+			name:      "dns-proxy mode - missing logging config",
+			mode:      ModeTypeDNSProxy,
+			modFn:     func(c *Config) { c.Logging = nil },
+			expectErr: "logging settings not specified",
+		},
+		{
+			name:      "dns-proxy mode - missing prometheus ca certs path",
+			mode:      ModeTypeDNSProxy,
+			modFn:     func(c *Config) { c.Telemetry.Prometheus.CACertsPath = "" },
+			expectErr: "Must provide -telemetry-prom-ca-certs-path, -telemetry-prom-cert-file, and -telemetry-prom-key-file to enable TLS for prometheus metrics",
+		},
+		{
+			name:      "dns-proxy mode - missing prometheus key file",
+			mode:      ModeTypeDNSProxy,
+			modFn:     func(c *Config) { c.Telemetry.Prometheus.KeyFile = "" },
+			expectErr: "Must provide -telemetry-prom-ca-certs-path, -telemetry-prom-cert-file, and -telemetry-prom-key-file to enable TLS for prometheus metrics",
+		},
+		{
+			name:      "dns-proxy mode - missing prometheus cert file",
+			mode:      ModeTypeDNSProxy,
+			modFn:     func(c *Config) { c.Telemetry.Prometheus.CertFile = "" },
+			expectErr: "Must provide -telemetry-prom-ca-certs-path, -telemetry-prom-cert-file, and -telemetry-prom-key-file to enable TLS for prometheus metrics",
+		},
+		{
+			name:      "dns-proxy mode - missing prometheus retention time",
+			mode:      ModeTypeDNSProxy,
+			modFn:     func(c *Config) { c.Telemetry.Prometheus.RetentionTime = 0 },
+			expectErr: "-telemetry-prom-retention-time must be greater than zero",
+		},
+		{
+			name:      "dns-proxy mode - missing prometheus scrape path",
+			mode:      ModeTypeDNSProxy,
+			modFn:     func(c *Config) { c.Telemetry.Prometheus.ScrapePath = "" },
+			expectErr: "-telemetry-prom-scrape-path must not be empty",
+		},
+		{
+			name:      "dns-proxy mode - no error when missing xds bind address",
+			mode:      ModeTypeDNSProxy,
+			modFn:     func(c *Config) { c.XDSServer.BindAddress = "" },
+			expectErr: "",
+		},
+		{
+			name: "dns-proxy mode - no error when non-local xds bind address",
+			mode: ModeTypeDNSProxy,
+			modFn: func(c *Config) {
+				c.XDSServer.BindAddress = "1.2.3.4"
+			},
+			expectErr: "",
+		},
+		{
+			name: "dns-proxy mode - non-local xds bind address",
+			mode: ModeTypeDNSProxy,
+			modFn: func(c *Config) {
+				c.DNSServer.BindAddr = "1.2.3.4"
+				c.DNSServer.Port = 1
+			},
+			expectErr: "",
+		},
+		{
+			name: "dns-proxy mode - no bearer token or path given",
+			mode: ModeTypeDNSProxy,
+			modFn: func(c *Config) {
+				c.Consul.Credentials.Type = CredentialsTypeLogin
+				c.Consul.Credentials.Login = LoginCredentialsConfig{}
+			},
+			expectErr: "bearer token (or path to a file containing a bearer token) is required for login",
+		},
+	}
+
+	testCases = append(testCases, dnsProxyTestCases...)
+
 	for _, tc := range testCases {
 		t.Run(tc.name, func(t *testing.T) {
-			cfg := validConfig()
+			cfg := validConfig(tc.mode)
 			tc.modFn(cfg)
 
 			_, err := NewConsulDP(cfg)
+			if tc.expectErr == "" {
+				require.NoError(t, err)
+				return
+			}
 			require.EqualError(t, err, tc.expectErr)
 		})
 	}