homelab/traefik
1
0
Fork 0
Code Activity

fix: validation system

Browse source
This commit is contained in:
Ludovic Fernandez 2019-04-01 15:30:07 +02:00 committed by Traefiker Bot
parent d6c9f51082
commit da20db862d
18 changed files with 235 additions and 324 deletions
Download patch file Download diff file Expand all files Collapse all files

2
pkg/middlewares/ipwhitelist/ip_whitelist.go
View file

@ -2,6 +2,7 @@ package ipwhitelist
import (
"context"
"errors"
"fmt"
"net/http"
@ -10,7 +11,6 @@ import (
"github.com/containous/traefik/pkg/middlewares"
"github.com/containous/traefik/pkg/tracing"
"github.com/opentracing/opentracing-go/ext"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
)

5
pkg/middlewares/redirect/redirect_scheme.go
View file

@ -2,12 +2,11 @@ package redirect
import (
"context"
"errors"
"net/http"
"github.com/containous/traefik/pkg/middlewares"
"github.com/pkg/errors"
"github.com/containous/traefik/pkg/config"
"github.com/containous/traefik/pkg/middlewares"
)
const (

2
pkg/provider/acme/provider.go
View file

@ -4,6 +4,7 @@ import (
"context"
"crypto/tls"
"crypto/x509"
"errors"
"fmt"
"io/ioutil"
fmtlog "log"
@ -29,7 +30,6 @@ import (
legolog "github.com/go-acme/lego/log"
"github.com/go-acme/lego/providers/dns"
"github.com/go-acme/lego/registration"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
)

2
pkg/provider/file/file.go
View file

@ -3,6 +3,7 @@ package file
import (
"bytes"
"context"
"errors"
"fmt"
"io/ioutil"
"os"
@ -18,7 +19,6 @@ import (
"github.com/containous/traefik/pkg/provider"
"github.com/containous/traefik/pkg/safe"
"github.com/containous/traefik/pkg/tls"
"github.com/pkg/errors"
"gopkg.in/fsnotify.v1"
)

2
pkg/provider/kubernetes/crd/kubernetes.go
View file

@ -3,6 +3,7 @@ package crd
import (
"context"
"crypto/sha256"
"errors"
"flag"
"fmt"
"os"
@ -20,7 +21,6 @@ import (
"github.com/containous/traefik/pkg/provider/kubernetes/k8s"
"github.com/containous/traefik/pkg/safe"
"github.com/containous/traefik/pkg/tls"
"github.com/pkg/errors"
corev1 "k8s.io/api/core/v1"
"k8s.io/apimachinery/pkg/labels"
)

2
pkg/provider/kubernetes/ingress/kubernetes.go
View file

@ -2,6 +2,7 @@ package ingress
import (
"context"
"errors"
"flag"
"fmt"
"math"
@ -19,7 +20,6 @@ import (
"github.com/containous/traefik/pkg/provider/kubernetes/k8s"
"github.com/containous/traefik/pkg/safe"
"github.com/containous/traefik/pkg/tls"
"github.com/pkg/errors"
corev1 "k8s.io/api/core/v1"
"k8s.io/api/extensions/v1beta1"
"k8s.io/apimachinery/pkg/labels"

2
pkg/rules/parser.go
View file

@ -1,9 +1,9 @@
package rules
import (
"errors"
"strings"
"github.com/pkg/errors"
"github.com/vulcand/predicate"
)

200
pkg/server/middleware/middlewares.go
View file

@ -2,6 +2,7 @@ package middleware
import (
"context"
"errors"
"fmt"
"net/http"
"strings"
@ -28,7 +29,6 @@ import (
"github.com/containous/traefik/pkg/middlewares/stripprefixregex"
"github.com/containous/traefik/pkg/middlewares/tracing"
"github.com/containous/traefik/pkg/server/internal"
"github.com/pkg/errors"
)
type middlewareStackType int
@ -65,7 +65,7 @@ func (b *Builder) BuildChain(ctx context.Context, middlewares []string) *alice.C
}
var err error
if constructorContext, err = checkRecursivity(constructorContext, middlewareName); err != nil {
if constructorContext, err = checkRecursion(constructorContext, middlewareName); err != nil {
return nil, err
}
@ -79,7 +79,7 @@ func (b *Builder) BuildChain(ctx context.Context, middlewares []string) *alice.C
return &chain
}
func checkRecursivity(ctx context.Context, middlewareName string) (context.Context, error) {
func checkRecursion(ctx context.Context, middlewareName string) (context.Context, error) {
currentStack, ok := ctx.Value(middlewareStackKey).([]string)
if !ok {
currentStack = []string{}
@ -92,242 +92,218 @@ func checkRecursivity(ctx context.Context, middlewareName string) (context.Conte
func (b *Builder) buildConstructor(ctx context.Context, middlewareName string, config config.Middleware) (alice.Constructor, error) {
var middleware alice.Constructor
badConf := errors.New("cannot create middleware %q: multi-types middleware not supported, consider declaring two different pieces of middleware instead")
badConf := errors.New("cannot create middleware: multi-types middleware not supported, consider declaring two different pieces of middleware instead")
// AddPrefix
if config.AddPrefix != nil {
if middleware == nil {
middleware = func(next http.Handler) (http.Handler, error) {
return addprefix.New(ctx, next, *config.AddPrefix, middlewareName)
}
} else {
return nil, badConf
middleware = func(next http.Handler) (http.Handler, error) {
return addprefix.New(ctx, next, *config.AddPrefix, middlewareName)
}
}
// BasicAuth
if config.BasicAuth != nil {
if middleware == nil {
middleware = func(next http.Handler) (http.Handler, error) {
return auth.NewBasic(ctx, next, *config.BasicAuth, middlewareName)
}
} else {
if middleware != nil {
return nil, badConf
}
middleware = func(next http.Handler) (http.Handler, error) {
return auth.NewBasic(ctx, next, *config.BasicAuth, middlewareName)
}
}
// Buffering
if config.Buffering != nil && config.MaxConn.Amount != 0 {
if middleware == nil {
middleware = func(next http.Handler) (http.Handler, error) {
return buffering.New(ctx, next, *config.Buffering, middlewareName)
}
} else {
if middleware != nil {
return nil, badConf
}
middleware = func(next http.Handler) (http.Handler, error) {
return buffering.New(ctx, next, *config.Buffering, middlewareName)
}
}
// Chain
if config.Chain != nil {
if middleware == nil {
middleware = func(next http.Handler) (http.Handler, error) {
return chain.New(ctx, next, *config.Chain, b, middlewareName)
}
} else {
if middleware != nil {
return nil, badConf
}
middleware = func(next http.Handler) (http.Handler, error) {
return chain.New(ctx, next, *config.Chain, b, middlewareName)
}
}
// CircuitBreaker
if config.CircuitBreaker != nil {
if middleware == nil {
middleware = func(next http.Handler) (http.Handler, error) {
return circuitbreaker.New(ctx, next, *config.CircuitBreaker, middlewareName)
}
} else {
if middleware != nil {
return nil, badConf
}
middleware = func(next http.Handler) (http.Handler, error) {
return circuitbreaker.New(ctx, next, *config.CircuitBreaker, middlewareName)
}
}
// Compress
if config.Compress != nil {
if middleware == nil {
middleware = func(next http.Handler) (http.Handler, error) {
return compress.New(ctx, next, middlewareName)
}
} else {
if middleware != nil {
return nil, badConf
}
middleware = func(next http.Handler) (http.Handler, error) {
return compress.New(ctx, next, middlewareName)
}
}
// CustomErrors
if config.Errors != nil {
if middleware == nil {
middleware = func(next http.Handler) (http.Handler, error) {
return customerrors.New(ctx, next, *config.Errors, b.serviceBuilder, middlewareName)
}
} else {
if middleware != nil {
return nil, badConf
}
middleware = func(next http.Handler) (http.Handler, error) {
return customerrors.New(ctx, next, *config.Errors, b.serviceBuilder, middlewareName)
}
}
// DigestAuth
if config.DigestAuth != nil {
if middleware == nil {
middleware = func(next http.Handler) (http.Handler, error) {
return auth.NewDigest(ctx, next, *config.DigestAuth, middlewareName)
}
} else {
if middleware != nil {
return nil, badConf
}
middleware = func(next http.Handler) (http.Handler, error) {
return auth.NewDigest(ctx, next, *config.DigestAuth, middlewareName)
}
}
// ForwardAuth
if config.ForwardAuth != nil {
if middleware == nil {
middleware = func(next http.Handler) (http.Handler, error) {
return auth.NewForward(ctx, next, *config.ForwardAuth, middlewareName)
}
} else {
if middleware != nil {
return nil, badConf
}
middleware = func(next http.Handler) (http.Handler, error) {
return auth.NewForward(ctx, next, *config.ForwardAuth, middlewareName)
}
}
// Headers
if config.Headers != nil {
if middleware == nil {
middleware = func(next http.Handler) (http.Handler, error) {
return headers.New(ctx, next, *config.Headers, middlewareName)
}
} else {
if middleware != nil {
return nil, badConf
}
middleware = func(next http.Handler) (http.Handler, error) {
return headers.New(ctx, next, *config.Headers, middlewareName)
}
}
// IPWhiteList
if config.IPWhiteList != nil {
if middleware == nil {
middleware = func(next http.Handler) (http.Handler, error) {
return ipwhitelist.New(ctx, next, *config.IPWhiteList, middlewareName)
}
} else {
if middleware != nil {
return nil, badConf
}
middleware = func(next http.Handler) (http.Handler, error) {
return ipwhitelist.New(ctx, next, *config.IPWhiteList, middlewareName)
}
}
// MaxConn
if config.MaxConn != nil && config.MaxConn.Amount != 0 {
if middleware == nil {
middleware = func(next http.Handler) (http.Handler, error) {
return maxconnection.New(ctx, next, *config.MaxConn, middlewareName)
}
} else {
if middleware != nil {
return nil, badConf
}
middleware = func(next http.Handler) (http.Handler, error) {
return maxconnection.New(ctx, next, *config.MaxConn, middlewareName)
}
}
// PassTLSClientCert
if config.PassTLSClientCert != nil {
if middleware == nil {
middleware = func(next http.Handler) (http.Handler, error) {
return passtlsclientcert.New(ctx, next, *config.PassTLSClientCert, middlewareName)
}
} else {
if middleware != nil {
return nil, badConf
}
middleware = func(next http.Handler) (http.Handler, error) {
return passtlsclientcert.New(ctx, next, *config.PassTLSClientCert, middlewareName)
}
}
// RateLimit
if config.RateLimit != nil {
if middleware == nil {
middleware = func(next http.Handler) (http.Handler, error) {
return ratelimiter.New(ctx, next, *config.RateLimit, middlewareName)
}
} else {
if middleware != nil {
return nil, badConf
}
middleware = func(next http.Handler) (http.Handler, error) {
return ratelimiter.New(ctx, next, *config.RateLimit, middlewareName)
}
}
// RedirectRegex
if config.RedirectRegex != nil {
if middleware == nil {
middleware = func(next http.Handler) (http.Handler, error) {
return redirect.NewRedirectRegex(ctx, next, *config.RedirectRegex, middlewareName)
}
} else {
if middleware != nil {
return nil, badConf
}
middleware = func(next http.Handler) (http.Handler, error) {
return redirect.NewRedirectRegex(ctx, next, *config.RedirectRegex, middlewareName)
}
}
// RedirectScheme
if config.RedirectScheme != nil {
if middleware == nil {
middleware = func(next http.Handler) (http.Handler, error) {
return redirect.NewRedirectScheme(ctx, next, *config.RedirectScheme, middlewareName)
}
} else {
if middleware != nil {
return nil, badConf
}
middleware = func(next http.Handler) (http.Handler, error) {
return redirect.NewRedirectScheme(ctx, next, *config.RedirectScheme, middlewareName)
}
}
// ReplacePath
if config.ReplacePath != nil {
if middleware == nil {
middleware = func(next http.Handler) (http.Handler, error) {
return replacepath.New(ctx, next, *config.ReplacePath, middlewareName)
}
} else {
if middleware != nil {
return nil, badConf
}
middleware = func(next http.Handler) (http.Handler, error) {
return replacepath.New(ctx, next, *config.ReplacePath, middlewareName)
}
}
// ReplacePathRegex
if config.ReplacePathRegex != nil {
if middleware == nil {
middleware = func(next http.Handler) (http.Handler, error) {
return replacepathregex.New(ctx, next, *config.ReplacePathRegex, middlewareName)
}
} else {
if middleware != nil {
return nil, badConf
}
middleware = func(next http.Handler) (http.Handler, error) {
return replacepathregex.New(ctx, next, *config.ReplacePathRegex, middlewareName)
}
}
// Retry
if config.Retry != nil {
if middleware == nil {
middleware = func(next http.Handler) (http.Handler, error) {
// FIXME missing metrics / accessLog
return retry.New(ctx, next, *config.Retry, retry.Listeners{}, middlewareName)
}
} else {
if middleware != nil {
return nil, badConf
}
middleware = func(next http.Handler) (http.Handler, error) {
// FIXME missing metrics / accessLog
return retry.New(ctx, next, *config.Retry, retry.Listeners{}, middlewareName)
}
}
// StripPrefix
if config.StripPrefix != nil {
if middleware == nil {
middleware = func(next http.Handler) (http.Handler, error) {
return stripprefix.New(ctx, next, *config.StripPrefix, middlewareName)
}
} else {
if middleware != nil {
return nil, badConf
}
middleware = func(next http.Handler) (http.Handler, error) {
return stripprefix.New(ctx, next, *config.StripPrefix, middlewareName)
}
}
// StripPrefixRegex
if config.StripPrefixRegex != nil {
if middleware == nil {
middleware = func(next http.Handler) (http.Handler, error) {
return stripprefixregex.New(ctx, next, *config.StripPrefixRegex, middlewareName)
}
} else {
if middleware != nil {
return nil, badConf
}
middleware = func(next http.Handler) (http.Handler, error) {
return stripprefixregex.New(ctx, next, *config.StripPrefixRegex, middlewareName)
}
}
if middleware == nil {
return nil, fmt.Errorf("middleware %q does not exist", middlewareName)
return nil, errors.New("middleware does not exist")
}
return tracing.Wrap(ctx, middleware), nil

179
pkg/server/middleware/middlewares_test.go
View file

@ -13,58 +13,6 @@ import (
"github.com/stretchr/testify/require"
)
func TestBuilder_buildConstructorCircuitBreaker(t *testing.T) {
testConfig := map[string]*config.Middleware{
"empty": {
CircuitBreaker: &config.CircuitBreaker{
Expression: "",
},
},
"foo": {
CircuitBreaker: &config.CircuitBreaker{
Expression: "NetworkErrorRatio() > 0.5",
},
},
}
middlewaresBuilder := NewBuilder(testConfig, nil)
emptyHandler := http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) {})
testCases := []struct {
desc string
middlewareID string
expectedError bool
}{
{
desc: "Should fail at creating a circuit breaker with an empty expression",
expectedError: true,
middlewareID: "empty",
}, {
desc: "Should create a circuit breaker with a valid expression",
expectedError: false,
middlewareID: "foo",
},
}
for _, test := range testCases {
test := test
t.Run(test.desc, func(t *testing.T) {
t.Parallel()
constructor, err := middlewaresBuilder.buildConstructor(context.Background(), test.middlewareID, *testConfig[test.middlewareID])
require.NoError(t, err)
middleware, err2 := constructor(emptyHandler)
if test.expectedError {
require.Error(t, err2)
} else {
require.NoError(t, err)
require.NotNil(t, middleware)
}
})
}
}
func TestBuilder_BuildChainNilConfig(t *testing.T) {
testConfig := map[string]*config.Middleware{
"empty": {},
@ -87,59 +35,7 @@ func TestBuilder_BuildChainNonExistentChain(t *testing.T) {
require.Error(t, err)
}
func TestBuilder_buildConstructorAddPrefix(t *testing.T) {
testConfig := map[string]*config.Middleware{
"empty": {
AddPrefix: &config.AddPrefix{
Prefix: "",
},
},
"foo": {
AddPrefix: &config.AddPrefix{
Prefix: "foo/",
},
},
}
middlewaresBuilder := NewBuilder(testConfig, nil)
testCases := []struct {
desc string
middlewareID string
expectedError bool
}{
{
desc: "Should not create an empty AddPrefix middleware when given an empty prefix",
middlewareID: "empty",
expectedError: true,
}, {
desc: "Should create an AddPrefix middleware when given a valid configuration",
middlewareID: "foo",
expectedError: false,
},
}
for _, test := range testCases {
test := test
t.Run(test.desc, func(t *testing.T) {
t.Parallel()
constructor, err := middlewaresBuilder.buildConstructor(context.Background(), test.middlewareID, *testConfig[test.middlewareID])
require.NoError(t, err)
middleware, err2 := constructor(http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) {}))
if test.expectedError {
require.Error(t, err2)
} else {
require.NoError(t, err)
require.NotNil(t, middleware)
}
})
}
}
func TestBuild_BuildChainWithContext(t *testing.T) {
func TestBuilder_BuildChainWithContext(t *testing.T) {
testCases := []struct {
desc string
buildChain []string
@ -389,3 +285,76 @@ func TestBuild_BuildChainWithContext(t *testing.T) {
})
}
}
func TestBuilder_buildConstructor(t *testing.T) {
testConfig := map[string]*config.Middleware{
"cb-empty": {
CircuitBreaker: &config.CircuitBreaker{
Expression: "",
},
},
"cb-foo": {
CircuitBreaker: &config.CircuitBreaker{
Expression: "NetworkErrorRatio() > 0.5",
},
},
"ap-empty": {
AddPrefix: &config.AddPrefix{
Prefix: "",
},
},
"ap-foo": {
AddPrefix: &config.AddPrefix{
Prefix: "foo/",
},
},
}
middlewaresBuilder := NewBuilder(testConfig, nil)
testCases := []struct {
desc string
middlewareID string
expectedError bool
}{
{
desc: "Should fail at creating a circuit breaker with an empty expression",
middlewareID: "cb-empty",
expectedError: true,
},
{
desc: "Should create a circuit breaker with a valid expression",
middlewareID: "cb-foo",
expectedError: false,
},
{
desc: "Should not create an empty AddPrefix middleware when given an empty prefix",
middlewareID: "ap-empty",
expectedError: true,
},
{
desc: "Should create an AddPrefix middleware when given a valid configuration",
middlewareID: "ap-foo",
expectedError: false,
},
}
for _, test := range testCases {
test := test
t.Run(test.desc, func(t *testing.T) {
t.Parallel()
constructor, err := middlewaresBuilder.buildConstructor(context.Background(), test.middlewareID, *testConfig[test.middlewareID])
require.NoError(t, err)
middleware, err2 := constructor(http.HandlerFunc(func(_ http.ResponseWriter, _ *http.Request) {}))
if test.expectedError {
require.Error(t, err2)
} else {
require.NoError(t, err)
require.NotNil(t, middleware)
}
})
}
}

2
pkg/server/roundtripper.go
View file

@ -3,6 +3,7 @@ package server
import (
"crypto/tls"
"crypto/x509"
"errors"
"net"
"net/http"
"time"
@ -10,7 +11,6 @@ import (
"github.com/containous/traefik/pkg/config/static"
"github.com/containous/traefik/pkg/log"
traefiktls "github.com/containous/traefik/pkg/tls"
"github.com/pkg/errors"
"golang.org/x/net/http2"
)