Skip to content

Commit

Permalink
Issue #1579 TLSRoute Passthrough - golint fixup
Browse files Browse the repository at this point in the history
  • Loading branch information
candita committed Jan 3, 2023
1 parent ab91a3f commit c2db3c5
Show file tree
Hide file tree
Showing 4 changed files with 28 additions and 16 deletions.
4 changes: 2 additions & 2 deletions conformance/tests/tlsroute-simple-same-namespace.go
Original file line number Diff line number Diff line change
Expand Up @@ -54,12 +54,12 @@ var TLSRouteSimpleSameNamespace = suite.ConformanceTest{
}
serverStr := string(hostnames[0])

cPem, kPem, err := GetTLSSecret(suite.Client, certNN)
cPem, keyPem, err := GetTLSSecret(suite.Client, certNN)
if err != nil {
t.Fatalf("unexpected error finding TLS secret: %v", err)
}
t.Run("Simple TLS request matching TLSRoute should reach infra-backend", func(t *testing.T) {
tls.MakeTLSRequestAndExpectEventuallyConsistentResponse(t, suite.RoundTripper, suite.TimeoutConfig, gwAddr, cPem, kPem, serverStr,
tls.MakeTLSRequestAndExpectEventuallyConsistentResponse(t, suite.RoundTripper, suite.TimeoutConfig, gwAddr, cPem, keyPem, serverStr,
http.ExpectedResponse{
Request: http.Request{Host: serverStr, Path: "/"},
Backend: "infra-backend-v4",
Expand Down
4 changes: 1 addition & 3 deletions conformance/utils/kubernetes/helpers.go
Original file line number Diff line number Diff line change
Expand Up @@ -435,9 +435,7 @@ func TLSRouteInfo(t *testing.T, client client.Client, timeoutConfig config.Timeo

return match, nil
})
if waitErr != nil {
fmt.Errorf("error waiting for TLSRoute to have parents matching expectations")
}
require.NoErrorf(t, waitErr, "error waiting for TLSRoute to have parents matching expectations")

return hostnames
}
Expand Down
28 changes: 21 additions & 7 deletions conformance/utils/roundtripper/roundtripper.go
Original file line number Diff line number Diff line change
Expand Up @@ -22,11 +22,13 @@ import (
"crypto/x509"
"encoding/json"
"fmt"
"io/ioutil"
"io"
. "io/ioutil"
"net/http"
"net/http/httputil"
"net/url"
"regexp"

"sigs.k8s.io/gateway-api/conformance/utils/config"
)

Expand Down Expand Up @@ -133,7 +135,12 @@ func (d *DefaultRoundTripper) CaptureRoundTrip(request Request) (*CapturedReques
if err != nil {
return nil, nil, err
}
defer resp.Body.Close()
defer func(Body io.ReadCloser) {
err := Body.Close()
if err != nil {

}
}(resp.Body)

if d.Debug {
var dump []byte
Expand All @@ -145,7 +152,7 @@ func (d *DefaultRoundTripper) CaptureRoundTrip(request Request) (*CapturedReques
fmt.Printf("Received Response:\n%s\n\n", formatDump(dump, "< "))
}

body, _ := ioutil.ReadAll(resp.Body)
body, _ := ReadAll(resp.Body)

// we cannot assume the response is JSON
if resp.Header.Get("Content-type") == "application/json" {
Expand Down Expand Up @@ -197,12 +204,12 @@ func IsRedirect(statusCode int) bool {
// captured request and response from echoserver. An error will be returned if
// there is an error running the function but not if an HTTP error status code
// is received.
func (d *DefaultRoundTripper) CaptureTLSRoundTrip(request Request, cPem, kPem []byte, server string) (*CapturedRequest, *CapturedResponse, error) {
func (d *DefaultRoundTripper) CaptureTLSRoundTrip(request Request, cPem, keyPem []byte, server string) (*CapturedRequest, *CapturedResponse, error) {
cReq := &CapturedRequest{}
client := http.DefaultClient

// Create a certificate from the provided cert and key
cert, err := tls.X509KeyPair(cPem, kPem)
cert, err := tls.X509KeyPair(cPem, keyPem)
if err != nil {
return nil, nil, fmt.Errorf("unexpected error creating cert: %w", err)
}
Expand All @@ -223,6 +230,8 @@ func (d *DefaultRoundTripper) CaptureTLSRoundTrip(request Request, cPem, kPem []
Certificates: []tls.Certificate{cert},
ServerName: server,
RootCAs: certPool,
MinVersion: tls.VersionTLS10,
MaxVersion: tls.VersionTLS13,
},
}

Expand Down Expand Up @@ -261,7 +270,12 @@ func (d *DefaultRoundTripper) CaptureTLSRoundTrip(request Request, cPem, kPem []
if err != nil {
return nil, nil, err
}
defer resp.Body.Close()
defer func(Body io.ReadCloser) {
err := Body.Close()
if err != nil {

}
}(resp.Body)

if d.Debug {
var dump []byte
Expand All @@ -273,7 +287,7 @@ func (d *DefaultRoundTripper) CaptureTLSRoundTrip(request Request, cPem, kPem []
fmt.Printf("Received Response:\n%s\n\n", formatDump(dump, "< "))
}

body, _ := ioutil.ReadAll(resp.Body)
body, _ := ReadAll(resp.Body)

// we cannot assume the response is JSON
if resp.Header.Get("Content-type") == "application/json" {
Expand Down
8 changes: 4 additions & 4 deletions conformance/utils/tls/tls.go
Original file line number Diff line number Diff line change
Expand Up @@ -36,20 +36,20 @@ const requiredConsecutiveSuccesses = 3
//
// Once the request succeeds consistently with the response having the expected status code, make
// additional assertions on the response body using the provided ExpectedResponse.
func MakeTLSRequestAndExpectEventuallyConsistentResponse(t *testing.T, r roundtripper.RoundTripper, timeoutConfig config.TimeoutConfig, gwAddr string, cPem, kPem []byte, server string, expected http.ExpectedResponse) {
func MakeTLSRequestAndExpectEventuallyConsistentResponse(t *testing.T, r roundtripper.RoundTripper, timeoutConfig config.TimeoutConfig, gwAddr string, cPem, keyPem []byte, server string, expected http.ExpectedResponse) {
t.Helper()

req := http.MakeRequest(t, &expected, gwAddr, "HTTPS", "https")

WaitForConsistentTLSResponse(t, r, req, expected, requiredConsecutiveSuccesses, timeoutConfig.MaxTimeToConsistency, cPem, kPem, server)
WaitForConsistentTLSResponse(t, r, req, expected, requiredConsecutiveSuccesses, timeoutConfig.MaxTimeToConsistency, cPem, keyPem, server)
}

// WaitForConsistentTLSResponse - repeats the provided request until it completes with a response having
// the expected response consistently. The provided threshold determines how many times in
// a row this must occur to be considered "consistent".
func WaitForConsistentTLSResponse(t *testing.T, r roundtripper.RoundTripper, req roundtripper.Request, expected http.ExpectedResponse, threshold int, maxTimeToConsistency time.Duration, cPem, kPem []byte, server string) {
func WaitForConsistentTLSResponse(t *testing.T, r roundtripper.RoundTripper, req roundtripper.Request, expected http.ExpectedResponse, threshold int, maxTimeToConsistency time.Duration, cPem, keyPem []byte, server string) {
http.AwaitConvergence(t, threshold, maxTimeToConsistency, func(elapsed time.Duration) bool {
cReq, cRes, err := r.CaptureTLSRoundTrip(req, cPem, kPem, server)
cReq, cRes, err := r.CaptureTLSRoundTrip(req, cPem, keyPem, server)
if err != nil {
t.Logf("Request failed, not ready yet: %v (after %v)", err.Error(), elapsed)
return false
Expand Down

0 comments on commit c2db3c5

Please sign in to comment.