homelab/traefik
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge current v2.5 into master

Browse source
This commit is contained in:
Tom Moulard 2021-09-23 15:30:01 +02:00
commit 380514941c
No known key found for this signature in database
GPG key ID: 521ABE0C1A0DEAF6
35 changed files with 773 additions and 161 deletions
Download patch file Download diff file Expand all files Collapse all files

396
pkg/provider/kubernetes/crd/kubernetes_test.go
View file

@ -1332,10 +1332,11 @@ func TestLoadIngressRouteTCPs(t *testing.T) {
func TestLoadIngressRoutes(t *testing.T) {
testCases := []struct {
desc string
ingressClass string
paths []string
expected *dynamic.Configuration
desc string
ingressClass string
paths []string
expected *dynamic.Configuration
AllowCrossNamespace bool
}{
{
desc: "Empty",
@ -1402,8 +1403,9 @@ func TestLoadIngressRoutes(t *testing.T) {
},
},
{
desc: "Simple Ingress Route with middleware",
paths: []string{"services.yml", "with_middleware.yml"},
desc: "Simple Ingress Route with middleware",
AllowCrossNamespace: true,
paths: []string{"services.yml", "with_middleware.yml"},
expected: &dynamic.Configuration{
UDP: &dynamic.UDPConfiguration{
Routers: map[string]*dynamic.UDPRouter{},
@ -1457,8 +1459,9 @@ func TestLoadIngressRoutes(t *testing.T) {
},
},
{
desc: "Simple Ingress Route with middleware crossprovider",
paths: []string{"services.yml", "with_middleware_crossprovider.yml"},
desc: "Simple Ingress Route with middleware crossprovider",
AllowCrossNamespace: true,
paths: []string{"services.yml", "with_middleware_crossprovider.yml"},
expected: &dynamic.Configuration{
UDP: &dynamic.UDPConfiguration{
Routers: map[string]*dynamic.UDPRouter{},
@ -2026,8 +2029,9 @@ func TestLoadIngressRoutes(t *testing.T) {
},
},
{
desc: "services lb, servers lb, and mirror service, all in a wrr with different namespaces",
paths: []string{"with_namespaces.yml"},
desc: "services lb, servers lb, and mirror service, all in a wrr with different namespaces",
AllowCrossNamespace: true,
paths: []string{"with_namespaces.yml"},
expected: &dynamic.Configuration{
UDP: &dynamic.UDPConfiguration{
Routers: map[string]*dynamic.UDPRouter{},
@ -2730,8 +2734,9 @@ func TestLoadIngressRoutes(t *testing.T) {
},
},
{
desc: "TLS with tls options and specific namespace",
paths: []string{"services.yml", "with_tls_options_and_specific_namespace.yml"},
desc: "TLS with tls options and specific namespace",
paths: []string{"services.yml", "with_tls_options_and_specific_namespace.yml"},
AllowCrossNamespace: true,
expected: &dynamic.Configuration{
UDP: &dynamic.UDPConfiguration{
Routers: map[string]*dynamic.UDPRouter{},
@ -2924,8 +2929,9 @@ func TestLoadIngressRoutes(t *testing.T) {
},
},
{
desc: "TLS with unknown tls options namespace",
paths: []string{"services.yml", "with_unknown_tls_options_namespace.yml"},
desc: "TLS with unknown tls options namespace",
paths: []string{"services.yml", "with_unknown_tls_options_namespace.yml"},
AllowCrossNamespace: true,
expected: &dynamic.Configuration{
UDP: &dynamic.UDPConfiguration{
Routers: map[string]*dynamic.UDPRouter{},
@ -3497,7 +3503,7 @@ func TestLoadIngressRoutes(t *testing.T) {
},
HTTP: &dynamic.HTTPConfiguration{
ServersTransports: map[string]*dynamic.ServersTransport{
"test": {
"foo-test": {
ServerName: "test",
InsecureSkipVerify: true,
RootCAs: []tls.FileOrContent{"TESTROOTCAS0", "TESTROOTCAS1", "TESTROOTCAS2", "TESTROOTCAS3", "TESTROOTCAS5", "TESTALLCERTS"},
@ -3507,16 +3513,71 @@ func TestLoadIngressRoutes(t *testing.T) {
{CertFile: "TESTCERT3", KeyFile: "TESTKEY3"},
},
MaxIdleConnsPerHost: 42,
DisableHTTP2: true,
ForwardingTimeouts: &dynamic.ForwardingTimeouts{
DialTimeout: types.Duration(42 * time.Second),
ResponseHeaderTimeout: types.Duration(42 * time.Second),
IdleConnTimeout: types.Duration(42 * time.Millisecond),
},
PeerCertURI: "foo://bar",
},
"default-test": {
ServerName: "test",
ForwardingTimeouts: &dynamic.ForwardingTimeouts{
DialTimeout: types.Duration(30 * time.Second),
IdleConnTimeout: types.Duration(90 * time.Second),
},
},
},
Routers: map[string]*dynamic.Router{
"default-test-route-6f97418635c7e18853da": {
EntryPoints: []string{"foo"},
Service: "default-test-route-6f97418635c7e18853da",
Rule: "Host(`foo.com`)",
},
},
Routers: map[string]*dynamic.Router{},
Middlewares: map[string]*dynamic.Middleware{},
Services: map[string]*dynamic.Service{},
Services: map[string]*dynamic.Service{
"default-external-svc-with-https-443": {
LoadBalancer: &dynamic.ServersLoadBalancer{
Servers: []dynamic.Server{
{
URL: "https://external.domain:443",
},
},
PassHostHeader: Bool(true),
ServersTransport: "default-test",
},
},
"default-whoamitls-443": {
LoadBalancer: &dynamic.ServersLoadBalancer{
Servers: []dynamic.Server{
{
URL: "https://10.10.0.5:8443",
},
{
URL: "https://10.10.0.6:8443",
},
},
PassHostHeader: Bool(true),
ServersTransport: "default-default-test",
},
},
"default-test-route-6f97418635c7e18853da": {
Weighted: &dynamic.WeightedRoundRobin{
Services: []dynamic.WRRService{
{
Name: "default-external-svc-with-https-443",
Weight: Int(1),
},
{
Name: "default-whoamitls-443",
Weight: Int(1),
},
},
},
},
},
},
TLS: &dynamic.TLSConfiguration{},
},
@ -3532,7 +3593,7 @@ func TestLoadIngressRoutes(t *testing.T) {
return
}
p := Provider{IngressClass: test.ingressClass, AllowCrossNamespace: true, AllowExternalNameServices: true}
p := Provider{IngressClass: test.ingressClass, AllowCrossNamespace: test.AllowCrossNamespace, AllowExternalNameServices: true}
clientMock := newClientMock(test.paths...)
conf := p.loadConfigurationFromCRD(context.Background(), clientMock)
@ -4474,6 +4535,11 @@ func TestCrossNamespace(t *testing.T) {
Rule: "Host(`foo.com`) && PathPrefix(`/bar`)",
Priority: 12,
},
"default-cross-ns-route-1bc3efa892379bb93c6e": {
EntryPoints: []string{"foo"},
Service: "default-cross-ns-route-1bc3efa892379bb93c6e",
Rule: "Host(`bar.com`) && PathPrefix(`/foo`)",
},
},
Middlewares: map[string]*dynamic.Middleware{},
Services: map[string]*dynamic.Service{
@ -4503,6 +4569,20 @@ func TestCrossNamespace(t *testing.T) {
},
},
},
"default-cross-ns-route-1bc3efa892379bb93c6e": {
LoadBalancer: &dynamic.ServersLoadBalancer{
Servers: []dynamic.Server{
{
URL: "http://10.10.0.1:80",
},
{
URL: "http://10.10.0.2:80",
},
},
PassHostHeader: Bool(true),
ServersTransport: "foo-test@kubernetescrd",
},
},
"cross-ns-whoami-svc-80": {
LoadBalancer: &dynamic.ServersLoadBalancer{
Servers: []dynamic.Server{
@ -4647,6 +4727,189 @@ func TestCrossNamespace(t *testing.T) {
TLS: &dynamic.TLSConfiguration{},
},
},
{
desc: "HTTP ServersTransport cross namespace allowed",
paths: []string{"services.yml", "with_servers_transport_cross_namespace.yml"},
allowCrossNamespace: true,
expected: &dynamic.Configuration{
UDP: &dynamic.UDPConfiguration{
Routers: map[string]*dynamic.UDPRouter{},
Services: map[string]*dynamic.UDPService{},
},
TCP: &dynamic.TCPConfiguration{
Routers: map[string]*dynamic.TCPRouter{},
Middlewares: map[string]*dynamic.TCPMiddleware{},
Services: map[string]*dynamic.TCPService{},
},
HTTP: &dynamic.HTTPConfiguration{
Routers: map[string]*dynamic.Router{
"default-test-route-6b204d94623b3df4370c": {
EntryPoints: []string{"foo"},
Service: "default-test-route-6b204d94623b3df4370c",
Rule: "Host(`foo.com`) && PathPrefix(`/bar`)",
Priority: 12,
},
},
Middlewares: map[string]*dynamic.Middleware{},
Services: map[string]*dynamic.Service{
"default-test-route-6b204d94623b3df4370c": {
LoadBalancer: &dynamic.ServersLoadBalancer{
Servers: []dynamic.Server{
{
URL: "http://10.10.0.1:80",
},
{
URL: "http://10.10.0.2:80",
},
},
PassHostHeader: Bool(true),
ServersTransport: "cross-ns-st-cross-ns@kubernetescrd",
},
},
},
ServersTransports: map[string]*dynamic.ServersTransport{
"cross-ns-st-cross-ns": {
ForwardingTimeouts: &dynamic.ForwardingTimeouts{
DialTimeout: 30000000000,
ResponseHeaderTimeout: 0,
IdleConnTimeout: 90000000000,
},
DisableHTTP2: true,
},
},
},
TLS: &dynamic.TLSConfiguration{},
},
},
{
desc: "HTTP ServersTransport cross namespace disallowed",
paths: []string{"services.yml", "with_servers_transport_cross_namespace.yml"},
expected: &dynamic.Configuration{
UDP: &dynamic.UDPConfiguration{
Routers: map[string]*dynamic.UDPRouter{},
Services: map[string]*dynamic.UDPService{},
},
TCP: &dynamic.TCPConfiguration{
Routers: map[string]*dynamic.TCPRouter{},
Middlewares: map[string]*dynamic.TCPMiddleware{},
Services: map[string]*dynamic.TCPService{},
},
HTTP: &dynamic.HTTPConfiguration{
Routers: map[string]*dynamic.Router{},
Middlewares: map[string]*dynamic.Middleware{},
Services: map[string]*dynamic.Service{},
ServersTransports: map[string]*dynamic.ServersTransport{
"cross-ns-st-cross-ns": {
ForwardingTimeouts: &dynamic.ForwardingTimeouts{
DialTimeout: 30000000000,
ResponseHeaderTimeout: 0,
IdleConnTimeout: 90000000000,
},
DisableHTTP2: true,
},
},
},
TLS: &dynamic.TLSConfiguration{},
},
},
{
desc: "HTTP TLSOption cross namespace allowed",
paths: []string{"services.yml", "with_tls_options_cross_namespace.yml"},
allowCrossNamespace: true,
expected: &dynamic.Configuration{
UDP: &dynamic.UDPConfiguration{
Routers: map[string]*dynamic.UDPRouter{},
Services: map[string]*dynamic.UDPService{},
},
TCP: &dynamic.TCPConfiguration{
Routers: map[string]*dynamic.TCPRouter{},
Middlewares: map[string]*dynamic.TCPMiddleware{},
Services: map[string]*dynamic.TCPService{},
},
HTTP: &dynamic.HTTPConfiguration{
Routers: map[string]*dynamic.Router{
"default-test-route-6b204d94623b3df4370c": {
EntryPoints: []string{"foo"},
Service: "default-test-route-6b204d94623b3df4370c",
Rule: "Host(`foo.com`) && PathPrefix(`/bar`)",
Priority: 12,
TLS: &dynamic.RouterTLSConfig{
Options: "cross-ns-tls-options-cn",
},
},
},
Middlewares: map[string]*dynamic.Middleware{},
Services: map[string]*dynamic.Service{
"default-test-route-6b204d94623b3df4370c": {
LoadBalancer: &dynamic.ServersLoadBalancer{
Servers: []dynamic.Server{
{
URL: "http://10.10.0.1:80",
},
{
URL: "http://10.10.0.2:80",
},
},
PassHostHeader: Bool(true),
},
},
},
ServersTransports: map[string]*dynamic.ServersTransport{},
},
TLS: &dynamic.TLSConfiguration{
Options: map[string]tls.Options{
"cross-ns-tls-options-cn": {
MinVersion: "VersionTLS12",
ALPNProtocols: []string{"h2", "http/1.1", "acme-tls/1"},
},
},
},
},
},
{
desc: "HTTP TLSOption cross namespace disallowed",
paths: []string{"services.yml", "with_tls_options_cross_namespace.yml"},
allowCrossNamespace: false,
expected: &dynamic.Configuration{
UDP: &dynamic.UDPConfiguration{
Routers: map[string]*dynamic.UDPRouter{},
Services: map[string]*dynamic.UDPService{},
},
TCP: &dynamic.TCPConfiguration{
Routers: map[string]*dynamic.TCPRouter{},
Middlewares: map[string]*dynamic.TCPMiddleware{},
Services: map[string]*dynamic.TCPService{},
},
HTTP: &dynamic.HTTPConfiguration{
Routers: map[string]*dynamic.Router{},
Middlewares: map[string]*dynamic.Middleware{},
Services: map[string]*dynamic.Service{
"default-test-route-6b204d94623b3df4370c": {
LoadBalancer: &dynamic.ServersLoadBalancer{
Servers: []dynamic.Server{
{
URL: "http://10.10.0.1:80",
},
{
URL: "http://10.10.0.2:80",
},
},
PassHostHeader: Bool(true),
},
},
},
ServersTransports: map[string]*dynamic.ServersTransport{},
},
TLS: &dynamic.TLSConfiguration{
Options: map[string]tls.Options{
"cross-ns-tls-options-cn": {
MinVersion: "VersionTLS12",
ALPNProtocols: []string{"h2", "http/1.1", "acme-tls/1"},
},
},
},
},
},
{
desc: "TCP middleware cross namespace disallowed",
paths: []string{"tcp/services.yml", "tcp/with_middleware_with_cross_namespace.yml"},
@ -4843,6 +5106,101 @@ func TestCrossNamespace(t *testing.T) {
TLS: &dynamic.TLSConfiguration{},
},
},
{
desc: "TCP TLSOption cross namespace allowed",
paths: []string{"tcp/services.yml", "tcp/with_tls_options_cross_namespace.yml"},
allowCrossNamespace: true,
expected: &dynamic.Configuration{
UDP: &dynamic.UDPConfiguration{
Routers: map[string]*dynamic.UDPRouter{},
Services: map[string]*dynamic.UDPService{},
},
HTTP: &dynamic.HTTPConfiguration{
Routers: map[string]*dynamic.Router{},
Middlewares: map[string]*dynamic.Middleware{},
Services: map[string]*dynamic.Service{},
ServersTransports: map[string]*dynamic.ServersTransport{},
},
TCP: &dynamic.TCPConfiguration{
Routers: map[string]*dynamic.TCPRouter{
"default-test.route-fdd3e9338e47a45efefc": {
EntryPoints: []string{"foo"},
Service: "default-test.route-fdd3e9338e47a45efefc",
Rule: "HostSNI(`foo.com`)",
TLS: &dynamic.RouterTCPTLSConfig{
Options: "cross-ns-tls-options-cn",
},
},
},
Middlewares: map[string]*dynamic.TCPMiddleware{},
Services: map[string]*dynamic.TCPService{
"default-test.route-fdd3e9338e47a45efefc": {
LoadBalancer: &dynamic.TCPServersLoadBalancer{
Servers: []dynamic.TCPServer{
{
Address: "10.10.0.1:8000",
},
{
Address: "10.10.0.2:8000",
},
},
},
},
},
},
TLS: &dynamic.TLSConfiguration{
Options: map[string]tls.Options{
"cross-ns-tls-options-cn": {
MinVersion: "VersionTLS12",
ALPNProtocols: []string{"h2", "http/1.1", "acme-tls/1"},
},
},
},
},
},
{
desc: "TCP TLSOption cross namespace disallowed",
paths: []string{"tcp/services.yml", "tcp/with_tls_options_cross_namespace.yml"},
allowCrossNamespace: false,
expected: &dynamic.Configuration{
UDP: &dynamic.UDPConfiguration{
Routers: map[string]*dynamic.UDPRouter{},
Services: map[string]*dynamic.UDPService{},
},
HTTP: &dynamic.HTTPConfiguration{
Routers: map[string]*dynamic.Router{},
Middlewares: map[string]*dynamic.Middleware{},
Services: map[string]*dynamic.Service{},
ServersTransports: map[string]*dynamic.ServersTransport{},
},
TCP: &dynamic.TCPConfiguration{
Routers: map[string]*dynamic.TCPRouter{},
Middlewares: map[string]*dynamic.TCPMiddleware{},
Services: map[string]*dynamic.TCPService{
"default-test.route-fdd3e9338e47a45efefc": {
LoadBalancer: &dynamic.TCPServersLoadBalancer{
Servers: []dynamic.TCPServer{
{
Address: "10.10.0.1:8000",
},
{
Address: "10.10.0.2:8000",
},
},
},
},
},
},
TLS: &dynamic.TLSConfiguration{
Options: map[string]tls.Options{
"cross-ns-tls-options-cn": {
MinVersion: "VersionTLS12",
ALPNProtocols: []string{"h2", "http/1.1", "acme-tls/1"},
},
},
},
},
},
{
desc: "UDP cross namespace allowed",
paths: []string{"udp/services.yml", "udp/with_cross_namespace.yml"},
@ -4949,6 +5307,8 @@ func TestCrossNamespace(t *testing.T) {
crdObjects = append(crdObjects, o)
case *v1alpha1.TLSStore:
crdObjects = append(crdObjects, o)
case *v1alpha1.ServersTransport:
crdObjects = append(crdObjects, o)
default:
}
}