Skip to content

Commit bb88d1b

Browse files
committed
NLB-5021: add geoip2 directives
1 parent 787a2e7 commit bb88d1b

File tree

8 files changed

+421
-2
lines changed

8 files changed

+421
-2
lines changed

analyze.go

+2
Original file line numberDiff line numberDiff line change
@@ -38,6 +38,8 @@ package crossplane
3838
// NAP v5
3939
//go:generate sh -c "sh ./scripts/generate/generate.sh --url $NAP_URL --config-path ./scripts/generate/configs/nap_v5_config.json --branch $NAP_V5_BRANCH --path ./src > analyze_appProtectWAFv5_directives.gen.go"
4040

41+
// Update for geoip2
42+
//go:generate sh -c "sh ./scripts/generate/generate.sh --url https://github.com/leev/ngx_http_geoip2_module.git --config-path ./scripts/generate/configs/geoip2_config.json > ./analyze_geoip2_directives.gen.go"
4143
import (
4244
"fmt"
4345
)

analyze_geoip2_directives.gen.go

+35
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

analyze_map.go

+1
Original file line numberDiff line numberDiff line change
@@ -39,6 +39,7 @@ var mapBodies = map[string]mapParameterMasks{
3939
defaultMasks: ngxConfTake1,
4040
},
4141
"geoip2": {
42+
specialParameterMasks: map[string]uint{"auto_reload": ngxConfTake1},
4243
defaultMasks: ngxConf1More,
4344
},
4445
"otel_exporter": {

analyze_map_test.go

+32
Original file line numberDiff line numberDiff line change
@@ -175,6 +175,38 @@ func TestAnalyzeMapBody(t *testing.T) {
175175
},
176176
term: ";",
177177
},
178+
"invalid geoip2": {
179+
mapDirective: "geoip2",
180+
parameter: &Directive{
181+
Directive: "$geoip2_data_city_name",
182+
Args: []string{},
183+
Line: 5,
184+
Block: Directives{},
185+
},
186+
term: ";",
187+
wantErr: &ParseError{What: "invalid number of parameters", BlockCtx: "geoip2"},
188+
},
189+
"valid geoip2 auto_reload": {
190+
mapDirective: "geoip2",
191+
parameter: &Directive{
192+
Directive: "auto_reload",
193+
Args: []string{"5m"},
194+
Line: 5,
195+
Block: Directives{},
196+
},
197+
term: ";",
198+
},
199+
"invalid geoip2 auto_reload": {
200+
mapDirective: "geoip2",
201+
parameter: &Directive{
202+
Directive: "auto_reload",
203+
Args: []string{"5m", "10m"},
204+
Line: 5,
205+
Block: Directives{},
206+
},
207+
term: ";",
208+
wantErr: &ParseError{What: "invalid number of parameters", BlockCtx: "geoip2"},
209+
},
178210
"valid otel_exporter": {
179211
mapDirective: "otel_exporter",
180212
parameter: &Directive{

analyze_test.go

+130
Original file line numberDiff line numberDiff line change
@@ -2665,3 +2665,133 @@ func TestAnalyze_limit_req_zone(t *testing.T) {
26652665
})
26662666
}
26672667
}
2668+
2669+
//nolint:funlen
2670+
func TestAnalyze_geoip2(t *testing.T) {
2671+
t.Parallel()
2672+
testcases := map[string]struct {
2673+
stmt *Directive
2674+
ctx blockCtx
2675+
wantErr bool
2676+
}{
2677+
"geoip2 ok": {
2678+
&Directive{
2679+
Directive: "geoip2",
2680+
Args: []string{"/etc/maxmind-country.mmdb"},
2681+
Line: 5,
2682+
Block: Directives{
2683+
{
2684+
Directive: "auto_reload",
2685+
Args: []string{"5s"},
2686+
Line: 6,
2687+
Block: Directives{},
2688+
},
2689+
{
2690+
Directive: "$geoip2_city_name",
2691+
Args: []string{"city", "names", "en"},
2692+
Line: 7,
2693+
Block: Directives{},
2694+
},
2695+
},
2696+
},
2697+
blockCtx{"http", "stream"},
2698+
false,
2699+
},
2700+
2701+
"geoip2 not ok": {
2702+
&Directive{
2703+
Directive: "geoip2",
2704+
Args: []string{"/etc/maxmind-country.mmdb"},
2705+
Line: 5,
2706+
Block: Directives{
2707+
{
2708+
Directive: "auto_reload",
2709+
Args: []string{"5s"},
2710+
Line: 6,
2711+
Block: Directives{},
2712+
},
2713+
{
2714+
Directive: "$geoip2_city_name",
2715+
Args: []string{"city", "names", "en"},
2716+
Line: 7,
2717+
Block: Directives{},
2718+
},
2719+
},
2720+
},
2721+
blockCtx{"mgmt"},
2722+
true,
2723+
},
2724+
"geoip2_proxy ok": {
2725+
&Directive{
2726+
Directive: "geoip2_proxy",
2727+
Args: []string{"203.0.113.0/24"},
2728+
Line: 5,
2729+
},
2730+
blockCtx{"http"},
2731+
false,
2732+
},
2733+
"geoip2_proxy args not ok": {
2734+
&Directive{
2735+
Directive: "geoip2_proxy",
2736+
Args: []string{"203.0.113.0/24", "172.0.0.6"},
2737+
Line: 5,
2738+
},
2739+
blockCtx{"http"},
2740+
true,
2741+
},
2742+
"geoip2_proxy not ok": {
2743+
&Directive{
2744+
Directive: "geoip2_proxy",
2745+
Args: []string{"203.0.113.0/24"},
2746+
Line: 5,
2747+
},
2748+
blockCtx{"stream"},
2749+
true,
2750+
},
2751+
"geoip2_proxy_recursive ok": {
2752+
&Directive{
2753+
Directive: "geoip2_proxy_recursive",
2754+
Args: []string{"on"},
2755+
Line: 5,
2756+
},
2757+
blockCtx{"http"},
2758+
false,
2759+
},
2760+
"geoip2_proxy_recursive not ok": {
2761+
&Directive{
2762+
Directive: "geoip2_proxy_recursive",
2763+
Args: []string{"on"},
2764+
Line: 5,
2765+
},
2766+
blockCtx{"stream"},
2767+
true,
2768+
},
2769+
"geoip2_proxy_recursive args not ok": {
2770+
&Directive{
2771+
Directive: "geoip2_proxy_recursive",
2772+
Args: []string{"on", "off"},
2773+
Line: 5,
2774+
},
2775+
blockCtx{"http"},
2776+
true,
2777+
},
2778+
}
2779+
2780+
for name, tc := range testcases {
2781+
tc := tc
2782+
t.Run(name, func(t *testing.T) {
2783+
t.Parallel()
2784+
err := analyze("nginx.conf", tc.stmt, ";", tc.ctx, &ParseOptions{
2785+
DirectiveSources: []MatchFunc{MatchNginxPlusLatest, MatchGeoip2Latest},
2786+
})
2787+
2788+
if !tc.wantErr && err != nil {
2789+
t.Fatal(err)
2790+
}
2791+
2792+
if tc.wantErr && err == nil {
2793+
t.Fatal("expected error, got nil")
2794+
}
2795+
})
2796+
}
2797+
}

0 commit comments

Comments
 (0)