From c2db3c53447ed8bfa2d358c3e9def43a2d3a5924 Mon Sep 17 00:00:00 2001 From: candita Date: Mon, 19 Dec 2022 20:09:27 -0500 Subject: [PATCH] Issue #1579 TLSRoute Passthrough - golint fixup --- .../tests/tlsroute-simple-same-namespace.go | 4 +-- conformance/utils/kubernetes/helpers.go | 4 +-- .../utils/roundtripper/roundtripper.go | 28 ++++++++++++++----- conformance/utils/tls/tls.go | 8 +++--- 4 files changed, 28 insertions(+), 16 deletions(-) diff --git a/conformance/tests/tlsroute-simple-same-namespace.go b/conformance/tests/tlsroute-simple-same-namespace.go index 20f9b21e4d..d42ed9e1b0 100644 --- a/conformance/tests/tlsroute-simple-same-namespace.go +++ b/conformance/tests/tlsroute-simple-same-namespace.go @@ -54,12 +54,12 @@ var TLSRouteSimpleSameNamespace = suite.ConformanceTest{ } serverStr := string(hostnames[0]) - cPem, kPem, err := GetTLSSecret(suite.Client, certNN) + cPem, keyPem, err := GetTLSSecret(suite.Client, certNN) if err != nil { t.Fatalf("unexpected error finding TLS secret: %v", err) } t.Run("Simple TLS request matching TLSRoute should reach infra-backend", func(t *testing.T) { - tls.MakeTLSRequestAndExpectEventuallyConsistentResponse(t, suite.RoundTripper, suite.TimeoutConfig, gwAddr, cPem, kPem, serverStr, + tls.MakeTLSRequestAndExpectEventuallyConsistentResponse(t, suite.RoundTripper, suite.TimeoutConfig, gwAddr, cPem, keyPem, serverStr, http.ExpectedResponse{ Request: http.Request{Host: serverStr, Path: "/"}, Backend: "infra-backend-v4", diff --git a/conformance/utils/kubernetes/helpers.go b/conformance/utils/kubernetes/helpers.go index 77dd07bfbf..d90c614617 100644 --- a/conformance/utils/kubernetes/helpers.go +++ b/conformance/utils/kubernetes/helpers.go @@ -435,9 +435,7 @@ func TLSRouteInfo(t *testing.T, client client.Client, timeoutConfig config.Timeo return match, nil }) - if waitErr != nil { - fmt.Errorf("error waiting for TLSRoute to have parents matching expectations") - } + require.NoErrorf(t, waitErr, "error waiting for TLSRoute to have parents matching expectations") return hostnames } diff --git a/conformance/utils/roundtripper/roundtripper.go b/conformance/utils/roundtripper/roundtripper.go index 295ae8b3f1..d703808956 100644 --- a/conformance/utils/roundtripper/roundtripper.go +++ b/conformance/utils/roundtripper/roundtripper.go @@ -22,11 +22,13 @@ import ( "crypto/x509" "encoding/json" "fmt" - "io/ioutil" + "io" + . "io/ioutil" "net/http" "net/http/httputil" "net/url" "regexp" + "sigs.k8s.io/gateway-api/conformance/utils/config" ) @@ -133,7 +135,12 @@ func (d *DefaultRoundTripper) CaptureRoundTrip(request Request) (*CapturedReques if err != nil { return nil, nil, err } - defer resp.Body.Close() + defer func(Body io.ReadCloser) { + err := Body.Close() + if err != nil { + + } + }(resp.Body) if d.Debug { var dump []byte @@ -145,7 +152,7 @@ func (d *DefaultRoundTripper) CaptureRoundTrip(request Request) (*CapturedReques fmt.Printf("Received Response:\n%s\n\n", formatDump(dump, "< ")) } - body, _ := ioutil.ReadAll(resp.Body) + body, _ := ReadAll(resp.Body) // we cannot assume the response is JSON if resp.Header.Get("Content-type") == "application/json" { @@ -197,12 +204,12 @@ func IsRedirect(statusCode int) bool { // captured request and response from echoserver. An error will be returned if // there is an error running the function but not if an HTTP error status code // is received. -func (d *DefaultRoundTripper) CaptureTLSRoundTrip(request Request, cPem, kPem []byte, server string) (*CapturedRequest, *CapturedResponse, error) { +func (d *DefaultRoundTripper) CaptureTLSRoundTrip(request Request, cPem, keyPem []byte, server string) (*CapturedRequest, *CapturedResponse, error) { cReq := &CapturedRequest{} client := http.DefaultClient // Create a certificate from the provided cert and key - cert, err := tls.X509KeyPair(cPem, kPem) + cert, err := tls.X509KeyPair(cPem, keyPem) if err != nil { return nil, nil, fmt.Errorf("unexpected error creating cert: %w", err) } @@ -223,6 +230,8 @@ func (d *DefaultRoundTripper) CaptureTLSRoundTrip(request Request, cPem, kPem [] Certificates: []tls.Certificate{cert}, ServerName: server, RootCAs: certPool, + MinVersion: tls.VersionTLS10, + MaxVersion: tls.VersionTLS13, }, } @@ -261,7 +270,12 @@ func (d *DefaultRoundTripper) CaptureTLSRoundTrip(request Request, cPem, kPem [] if err != nil { return nil, nil, err } - defer resp.Body.Close() + defer func(Body io.ReadCloser) { + err := Body.Close() + if err != nil { + + } + }(resp.Body) if d.Debug { var dump []byte @@ -273,7 +287,7 @@ func (d *DefaultRoundTripper) CaptureTLSRoundTrip(request Request, cPem, kPem [] fmt.Printf("Received Response:\n%s\n\n", formatDump(dump, "< ")) } - body, _ := ioutil.ReadAll(resp.Body) + body, _ := ReadAll(resp.Body) // we cannot assume the response is JSON if resp.Header.Get("Content-type") == "application/json" { diff --git a/conformance/utils/tls/tls.go b/conformance/utils/tls/tls.go index 938d1150f4..e696be8ae9 100644 --- a/conformance/utils/tls/tls.go +++ b/conformance/utils/tls/tls.go @@ -36,20 +36,20 @@ const requiredConsecutiveSuccesses = 3 // // Once the request succeeds consistently with the response having the expected status code, make // additional assertions on the response body using the provided ExpectedResponse. -func MakeTLSRequestAndExpectEventuallyConsistentResponse(t *testing.T, r roundtripper.RoundTripper, timeoutConfig config.TimeoutConfig, gwAddr string, cPem, kPem []byte, server string, expected http.ExpectedResponse) { +func MakeTLSRequestAndExpectEventuallyConsistentResponse(t *testing.T, r roundtripper.RoundTripper, timeoutConfig config.TimeoutConfig, gwAddr string, cPem, keyPem []byte, server string, expected http.ExpectedResponse) { t.Helper() req := http.MakeRequest(t, &expected, gwAddr, "HTTPS", "https") - WaitForConsistentTLSResponse(t, r, req, expected, requiredConsecutiveSuccesses, timeoutConfig.MaxTimeToConsistency, cPem, kPem, server) + WaitForConsistentTLSResponse(t, r, req, expected, requiredConsecutiveSuccesses, timeoutConfig.MaxTimeToConsistency, cPem, keyPem, server) } // WaitForConsistentTLSResponse - repeats the provided request until it completes with a response having // the expected response consistently. The provided threshold determines how many times in // a row this must occur to be considered "consistent". -func WaitForConsistentTLSResponse(t *testing.T, r roundtripper.RoundTripper, req roundtripper.Request, expected http.ExpectedResponse, threshold int, maxTimeToConsistency time.Duration, cPem, kPem []byte, server string) { +func WaitForConsistentTLSResponse(t *testing.T, r roundtripper.RoundTripper, req roundtripper.Request, expected http.ExpectedResponse, threshold int, maxTimeToConsistency time.Duration, cPem, keyPem []byte, server string) { http.AwaitConvergence(t, threshold, maxTimeToConsistency, func(elapsed time.Duration) bool { - cReq, cRes, err := r.CaptureTLSRoundTrip(req, cPem, kPem, server) + cReq, cRes, err := r.CaptureTLSRoundTrip(req, cPem, keyPem, server) if err != nil { t.Logf("Request failed, not ready yet: %v (after %v)", err.Error(), elapsed) return false