From e2d99c3c4c6c11fc6ee41d46a70c49591691e86d Mon Sep 17 00:00:00 2001 From: John Murret Date: Thu, 11 Jul 2024 13:16:26 -0600 Subject: [PATCH] adding unit tests for validation when in dns proxy mode --- Makefile | 1 + pkg/consuldp/consul_dataplane.go | 4 +- pkg/consuldp/consul_dataplane_test.go | 191 +++++++++++++++++++++++--- 3 files changed, 172 insertions(+), 24 deletions(-) diff --git a/Makefile b/Makefile index ada7c187..0bb2e2bc 100644 --- a/Makefile +++ b/Makefile @@ -69,6 +69,7 @@ docker-run: docker ## run the image of $(TAG) .PHONY: dev-docker dev-docker: docker ## build docker image and tag the image to local + echo '$(ARCH)' docker tag '$(PRODUCT_NAME):$(VERSION)' '$(PRODUCT_NAME):local' ##@ Testing diff --git a/pkg/consuldp/consul_dataplane.go b/pkg/consuldp/consul_dataplane.go index 2a1afa13..73a589cc 100644 --- a/pkg/consuldp/consul_dataplane.go +++ b/pkg/consuldp/consul_dataplane.go @@ -79,9 +79,9 @@ func validateConfig(cfg *Config) error { return errors.New("consul addresses not specified") case cfg.Consul.GRPCPort == 0: return errors.New("consul server gRPC port not specified") - case cfg.Proxy == nil: + case cfg.Mode == ModeTypeSidecar && cfg.Proxy == nil: return errors.New("proxy details not specified") - case cfg.Proxy.ProxyID == "": + case cfg.Mode == ModeTypeSidecar && cfg.Proxy.ProxyID == "": return errors.New("proxy ID not specified") case cfg.Mode == ModeTypeSidecar && cfg.Envoy == nil: return errors.New("envoy settings not specified") diff --git a/pkg/consuldp/consul_dataplane_test.go b/pkg/consuldp/consul_dataplane_test.go index c2a404c4..008b4f2a 100644 --- a/pkg/consuldp/consul_dataplane_test.go +++ b/pkg/consuldp/consul_dataplane_test.go @@ -10,9 +10,9 @@ import ( "github.com/stretchr/testify/require" ) -func validConfig() *Config { +func validConfig(mode ModeType) *Config { return &Config{ - Mode: ModeTypeSidecar, + Mode: mode, Consul: &ConsulConfig{ Addresses: "consul.servers.dns.com", GRPCPort: 1234, @@ -55,7 +55,7 @@ func validConfig() *Config { } func TestNewConsulDP(t *testing.T) { - cfg := validConfig() + cfg := validConfig(ModeTypeSidecar) consulDP, err := NewConsulDP(cfg) require.NoError(t, err) require.NotNil(t, consulDP) @@ -70,93 +70,112 @@ func TestNewConsulDPError(t *testing.T) { name string modFn func(*Config) expectErr string + mode ModeType } testCases := []testCase{ + // Side car test cases { - name: "missing consul config", + name: "sidecar mode - missing consul config", + mode: ModeTypeSidecar, modFn: func(c *Config) { c.Consul = nil }, expectErr: "consul addresses not specified", }, { - name: "missing consul addresses", + name: "sidecar mode - missing consul addresses", + mode: ModeTypeSidecar, modFn: func(c *Config) { c.Consul.Addresses = "" }, expectErr: "consul addresses not specified", }, { - name: "missing consul server grpc port", + name: "sidecar mode - missing consul server grpc port", + mode: ModeTypeSidecar, modFn: func(c *Config) { c.Consul.GRPCPort = 0 }, expectErr: "consul server gRPC port not specified", }, { - name: "missing proxy config", + name: "sidecar mode - missing proxy config", + mode: ModeTypeSidecar, modFn: func(c *Config) { c.Proxy = nil }, expectErr: "proxy details not specified", }, { - name: "missing proxy id", + name: "sidecar mode - missing proxy id", + mode: ModeTypeSidecar, modFn: func(c *Config) { c.Proxy.ProxyID = "" }, expectErr: "proxy ID not specified", }, { - name: "missing envoy config", + name: "sidecar mode - missing envoy config", + mode: ModeTypeSidecar, modFn: func(c *Config) { c.Envoy = nil }, expectErr: "envoy settings not specified", }, { - name: "missing envoy admin bind address", + name: "sidecar mode - missing envoy admin bind address", + mode: ModeTypeSidecar, modFn: func(c *Config) { c.Envoy.AdminBindAddress = "" }, expectErr: "envoy admin bind address not specified", }, { - name: "missing envoy admin bind port", + name: "sidecar mode - missing envoy admin bind port", + mode: ModeTypeSidecar, modFn: func(c *Config) { c.Envoy.AdminBindPort = 0 }, expectErr: "envoy admin bind port not specified", }, { - name: "missing logging config", + name: "sidecar mode - missing logging config", + mode: ModeTypeSidecar, modFn: func(c *Config) { c.Logging = nil }, expectErr: "logging settings not specified", }, { - name: "missing prometheus ca certs path", + name: "sidecar mode - missing prometheus ca certs path", + mode: ModeTypeSidecar, modFn: func(c *Config) { c.Telemetry.Prometheus.CACertsPath = "" }, expectErr: "Must provide -telemetry-prom-ca-certs-path, -telemetry-prom-cert-file, and -telemetry-prom-key-file to enable TLS for prometheus metrics", }, { - name: "missing prometheus key file", + name: "sidecar mode - missing prometheus key file", + mode: ModeTypeSidecar, modFn: func(c *Config) { c.Telemetry.Prometheus.KeyFile = "" }, expectErr: "Must provide -telemetry-prom-ca-certs-path, -telemetry-prom-cert-file, and -telemetry-prom-key-file to enable TLS for prometheus metrics", }, { - name: "missing prometheus cert file", + name: "sidecar mode - missing prometheus cert file", + mode: ModeTypeSidecar, modFn: func(c *Config) { c.Telemetry.Prometheus.CertFile = "" }, expectErr: "Must provide -telemetry-prom-ca-certs-path, -telemetry-prom-cert-file, and -telemetry-prom-key-file to enable TLS for prometheus metrics", }, { - name: "missing prometheus retention time", + name: "sidecar mode - missing prometheus retention time", + mode: ModeTypeSidecar, modFn: func(c *Config) { c.Telemetry.Prometheus.RetentionTime = 0 }, expectErr: "-telemetry-prom-retention-time must be greater than zero", }, { - name: "missing prometheus scrape path", + name: "sidecar mode - missing prometheus scrape path", + mode: ModeTypeSidecar, modFn: func(c *Config) { c.Telemetry.Prometheus.ScrapePath = "" }, expectErr: "-telemetry-prom-scrape-path must not be empty", }, { - name: "missing xds bind address", + name: "sidecar mode - missing xds bind address", + mode: ModeTypeSidecar, modFn: func(c *Config) { c.XDSServer.BindAddress = "" }, expectErr: "envoy xDS bind address not specified", }, { - name: "non-local xds bind address", + name: "sidecar mode - non-local xds bind address", + mode: ModeTypeSidecar, modFn: func(c *Config) { c.XDSServer.BindAddress = "1.2.3.4" }, expectErr: "non-local xDS bind address not allowed", }, { - name: "non-local xds bind address", + name: "sidecar mode - non-local xds bind address", + mode: ModeTypeSidecar, modFn: func(c *Config) { c.DNSServer.BindAddr = "1.2.3.4" c.DNSServer.Port = 1 @@ -164,7 +183,8 @@ func TestNewConsulDPError(t *testing.T) { expectErr: "non-local DNS proxy bind address not allowed when running as a sidecar", }, { - name: "no bearer token or path given", + name: "sidecar mode - no bearer token or path given", + mode: ModeTypeSidecar, modFn: func(c *Config) { c.Consul.Credentials.Type = CredentialsTypeLogin c.Consul.Credentials.Login = LoginCredentialsConfig{} @@ -172,12 +192,139 @@ func TestNewConsulDPError(t *testing.T) { expectErr: "bearer token (or path to a file containing a bearer token) is required for login", }, } + + dnsProxyTestCases := []testCase{ + // dns proxy test cases + { + name: "dns-proxy mode - missing consul config", + mode: ModeTypeDNSProxy, + modFn: func(c *Config) { c.Consul = nil }, + expectErr: "consul addresses not specified", + }, + { + name: "dns-proxy mode - missing consul addresses", + mode: ModeTypeDNSProxy, + modFn: func(c *Config) { c.Consul.Addresses = "" }, + expectErr: "consul addresses not specified", + }, + { + name: "dns-proxy mode - missing consul server grpc port", + mode: ModeTypeDNSProxy, + modFn: func(c *Config) { c.Consul.GRPCPort = 0 }, + expectErr: "consul server gRPC port not specified", + }, + { + name: "dns-proxy mode - no error when missing proxy config", + mode: ModeTypeDNSProxy, + modFn: func(c *Config) { c.Proxy = nil }, + expectErr: "", + }, + { + name: "dns-proxy mode - no error when missing proxy id", + mode: ModeTypeDNSProxy, + modFn: func(c *Config) { c.Proxy.ProxyID = "" }, + expectErr: "", + }, + { + name: "dns-proxy mode - no error when missing envoy config", + mode: ModeTypeDNSProxy, + modFn: func(c *Config) { c.Envoy = nil }, + expectErr: "", + }, + { + name: "dns-proxy mode - no error when missing envoy admin bind address", + mode: ModeTypeDNSProxy, + modFn: func(c *Config) { c.Envoy.AdminBindAddress = "" }, + expectErr: "", + }, + { + name: "dns-proxy mode - no error when missing envoy admin bind port", + mode: ModeTypeDNSProxy, + modFn: func(c *Config) { c.Envoy.AdminBindPort = 0 }, + expectErr: "", + }, + { + name: "dns-proxy mode - missing logging config", + mode: ModeTypeDNSProxy, + modFn: func(c *Config) { c.Logging = nil }, + expectErr: "logging settings not specified", + }, + { + name: "dns-proxy mode - missing prometheus ca certs path", + mode: ModeTypeDNSProxy, + modFn: func(c *Config) { c.Telemetry.Prometheus.CACertsPath = "" }, + expectErr: "Must provide -telemetry-prom-ca-certs-path, -telemetry-prom-cert-file, and -telemetry-prom-key-file to enable TLS for prometheus metrics", + }, + { + name: "dns-proxy mode - missing prometheus key file", + mode: ModeTypeDNSProxy, + modFn: func(c *Config) { c.Telemetry.Prometheus.KeyFile = "" }, + expectErr: "Must provide -telemetry-prom-ca-certs-path, -telemetry-prom-cert-file, and -telemetry-prom-key-file to enable TLS for prometheus metrics", + }, + { + name: "dns-proxy mode - missing prometheus cert file", + mode: ModeTypeDNSProxy, + modFn: func(c *Config) { c.Telemetry.Prometheus.CertFile = "" }, + expectErr: "Must provide -telemetry-prom-ca-certs-path, -telemetry-prom-cert-file, and -telemetry-prom-key-file to enable TLS for prometheus metrics", + }, + { + name: "dns-proxy mode - missing prometheus retention time", + mode: ModeTypeDNSProxy, + modFn: func(c *Config) { c.Telemetry.Prometheus.RetentionTime = 0 }, + expectErr: "-telemetry-prom-retention-time must be greater than zero", + }, + { + name: "dns-proxy mode - missing prometheus scrape path", + mode: ModeTypeDNSProxy, + modFn: func(c *Config) { c.Telemetry.Prometheus.ScrapePath = "" }, + expectErr: "-telemetry-prom-scrape-path must not be empty", + }, + { + name: "dns-proxy mode - no error when missing xds bind address", + mode: ModeTypeDNSProxy, + modFn: func(c *Config) { c.XDSServer.BindAddress = "" }, + expectErr: "", + }, + { + name: "dns-proxy mode - no error when non-local xds bind address", + mode: ModeTypeDNSProxy, + modFn: func(c *Config) { + c.XDSServer.BindAddress = "1.2.3.4" + }, + expectErr: "", + }, + { + name: "dns-proxy mode - non-local xds bind address", + mode: ModeTypeDNSProxy, + modFn: func(c *Config) { + c.DNSServer.BindAddr = "1.2.3.4" + c.DNSServer.Port = 1 + }, + expectErr: "", + }, + { + name: "dns-proxy mode - no bearer token or path given", + mode: ModeTypeDNSProxy, + modFn: func(c *Config) { + c.Consul.Credentials.Type = CredentialsTypeLogin + c.Consul.Credentials.Login = LoginCredentialsConfig{} + }, + expectErr: "bearer token (or path to a file containing a bearer token) is required for login", + }, + } + + testCases = append(testCases, dnsProxyTestCases...) + for _, tc := range testCases { t.Run(tc.name, func(t *testing.T) { - cfg := validConfig() + cfg := validConfig(tc.mode) tc.modFn(cfg) _, err := NewConsulDP(cfg) + if tc.expectErr == "" { + require.NoError(t, err) + return + } require.EqualError(t, err, tc.expectErr) }) }