NE-1140, NE-1145: Set/delete HTTP request/response headers via IngressController API #872
Conversation
openshift-ci
bot
added
the
do-not-merge/work-in-progress
miheer
force-pushed
the
headers
branch
2 times, most recently
from
bbffb85 to
40e1904
Compare
|
/test verify |
1 similar comment
|
/test verify |
miheer
force-pushed
the
headers
branch
3 times, most recently
from
928f19a to
704ce4e
Compare
miheer
force-pushed
the
headers
branch
14 times, most recently
from
e90540a to
a3a6318
Compare
miheer
force-pushed
the
headers
branch
2 times, most recently
from
f4cb835 to
477e41d
Compare
openshift-merge-robot
added
the
needs-rebase
openshift-merge-robot
removed
the
needs-rebase
test/e2e/set_delete_test.go
Outdated
| t.Errorf("failed to get logs from pod %s: %v", clientPod.Name, err) | ||
| } | ||
|
|
||
| t.Fatalf("failed to observe the expected output: %v\nclient pod spec: %#v\nclient pod logs:\n%s", err, pod, logs) |
There was a problem hiding this comment.
err has been redefined, no longer relevant and could be nil. Just print out the logs.
| t.Fatalf("failed to observe the expected output: %v\nclient pod spec: %#v\nclient pod logs:\n%s", err, pod, logs) | |
| t.Errorf("client pod spec: %#v\nclient pod logs:\n%s", pod, logs) |
There was a problem hiding this comment.
Better yet, rename the inner err to err2 so that it doesn't clobber err.
There was a problem hiding this comment.
Actually, I see that Miheer added a t.Errorf statement earlier on that prints err before it gets clobbered, so no need to print it here anyway.
|
/retest-required |
miheer
force-pushed
the
headers
branch
2 times, most recently
from
29c86b4 to
4dc8310
Compare
| echoRoute := buildRoute(echoPod.Name, echoPod.Namespace, echoService.Name) | ||
| if err := kclient.Create(context.TODO(), echoRoute); err != nil { | ||
| t.Fatalf("failed to create route %s/%s: %v", echoRoute.Namespace, echoRoute.Name, err) | ||
| } | ||
| defer func() { | ||
| if err := kclient.Delete(context.TODO(), echoRoute); err != nil { | ||
| t.Fatalf("failed to delete route %s/%s: %v", echoRoute.Namespace, echoRoute.Name, err) | ||
| } | ||
| }() |
There was a problem hiding this comment.
This should make the test a little more reliable:
| echoRoute := buildRoute(echoPod.Name, echoPod.Namespace, echoService.Name) | |
| if err := kclient.Create(context.TODO(), echoRoute); err != nil { | |
| t.Fatalf("failed to create route %s/%s: %v", echoRoute.Namespace, echoRoute.Name, err) | |
| } | |
| defer func() { | |
| if err := kclient.Delete(context.TODO(), echoRoute); err != nil { | |
| t.Fatalf("failed to delete route %s/%s: %v", echoRoute.Namespace, echoRoute.Name, err) | |
| } | |
| }() | |
| echoRoute := buildRoute(echoPod.Name, echoPod.Namespace, echoService.Name) | |
| if err := kclient.Create(context.TODO(), echoRoute); err != nil { | |
| t.Fatalf("failed to create route %s/%s: %v", echoRoute.Namespace, echoRoute.Name, err) | |
| } | |
| defer func() { | |
| if err := kclient.Delete(context.TODO(), echoRoute); err != nil { | |
| t.Fatalf("failed to delete route %s/%s: %v", echoRoute.Namespace, echoRoute.Name, err) | |
| } | |
| }() | |
| cond := routev1.RouteIngressCondition{ | |
| Type: routev1.RouteAdmitted, | |
| Status: corev1.ConditionTrue, | |
| } | |
| echoRouteName := types.NamespacedName{ | |
| Namespace: echoRoute.Namespace, | |
| Name: echoRoute.Name, | |
| } | |
| waitForRouteIngressConditions(t, kclient, echoRouteName, ic.Name, cond) |
test/e2e/set_delete_test.go
Outdated
| echoRoute := buildRouteWithHTTPResponseHeaders(echoPod.Name, echoPod.Namespace, echoService.Name, headerNameXFrame, "DENY") | ||
| if err := kclient.Create(context.TODO(), echoRoute); err != nil { | ||
| t.Fatalf("failed to create route %s/%s: %v", echoRoute.Namespace, echoRoute.Name, err) | ||
| } | ||
| defer func() { | ||
| if err := kclient.Delete(context.TODO(), echoRoute); err != nil { | ||
| t.Fatalf("failed to delete route %s/%s: %v", echoRoute.Namespace, echoRoute.Name, err) | ||
| } | ||
| }() |
There was a problem hiding this comment.
| echoRoute := buildRouteWithHTTPResponseHeaders(echoPod.Name, echoPod.Namespace, echoService.Name, headerNameXFrame, "DENY") | |
| if err := kclient.Create(context.TODO(), echoRoute); err != nil { | |
| t.Fatalf("failed to create route %s/%s: %v", echoRoute.Namespace, echoRoute.Name, err) | |
| } | |
| defer func() { | |
| if err := kclient.Delete(context.TODO(), echoRoute); err != nil { | |
| t.Fatalf("failed to delete route %s/%s: %v", echoRoute.Namespace, echoRoute.Name, err) | |
| } | |
| }() | |
| echoRoute := buildRouteWithHTTPResponseHeaders(echoPod.Name, echoPod.Namespace, echoService.Name, headerNameXFrame, "DENY") | |
| if err := kclient.Create(context.TODO(), echoRoute); err != nil { | |
| t.Fatalf("failed to create route %s/%s: %v", echoRoute.Namespace, echoRoute.Name, err) | |
| } | |
| defer func() { | |
| if err := kclient.Delete(context.TODO(), echoRoute); err != nil { | |
| t.Fatalf("failed to delete route %s/%s: %v", echoRoute.Namespace, echoRoute.Name, err) | |
| } | |
| }() | |
| cond := routev1.RouteIngressCondition{ | |
| Type: routev1.RouteAdmitted, | |
| Status: corev1.ConditionTrue, | |
| } | |
| echoRouteName := types.NamespacedName{ | |
| Namespace: echoRoute.Namespace, | |
| Name: echoRoute.Name, | |
| } | |
| waitForRouteIngressConditions(t, kclient, echoRouteName, ic.Name, cond) |
test/e2e/set_delete_test.go
Outdated
| for scanner.Scan() { | ||
| line := scanner.Text() | ||
| if strings.Contains(strings.ToLower(line), expectedResponse) { | ||
| t.Logf("found %d expected: %s", expectedMatches, line) |
There was a problem hiding this comment.
You aren't checking the number of matches anymore, so why do you need expectedMatches?
test/e2e/set_delete_test.go
Outdated
| } | ||
| } | ||
| }() | ||
| expectedResponse = strings.ToLower(expectedResponse) |
There was a problem hiding this comment.
Why do you use strings.ToLower here and below? Just delcare headerNameXFrame to be lower-case x-frame-options below, and then you don't need any strings.ToLower.
test/e2e/set_delete_test.go
Outdated
|
|
||
| func TestSetIngressControllerResponseHeaders(t *testing.T) { | ||
| t.Parallel() | ||
| var headerNameXFrame string = "X-Frame-Options" |
There was a problem hiding this comment.
Better yet:
| var headerNameXFrame string = "X-Frame-Options" | |
| const ( | |
| headerName = "x-frame-options" | |
| headerValue = "DENY" | |
| ) |
And replace "DENY" with headerValue below.
test/e2e/set_delete_test.go
Outdated
|
|
||
| var podCount int | ||
|
|
||
| func testHeaders(t *testing.T, image string, route *routev1.Route, address string, headers []string, expectedResponse string, expectedMatches int) { |
There was a problem hiding this comment.
You can delete the headers parameter.
|
@miheer, the commits are backwards. Do the vendor bump first, then the implementation. |
… used to set the HTTP header request/reponse in Ingress Controller CR's spec. The other files are generated files after running `go mod tidy` followed by `go mod vendor`.
|
/retest |
1 similar comment
|
/retest |
|
https://github.com/openshift/cluster-ingress-operator/compare/5ceabd73033d098a2b3006370c1309b346ee1deb..29c86b4ca01dc3738c87018f6cfef2bfa6565bbc -first iteration RAW push had comments just had pushed to test. This had @candita 's suggestion for changing the block with return true and false and not using number of matches logic. https://github.com/openshift/cluster-ingress-operator/compare/29c86b4ca01dc3738c87018f6cfef2bfa6565bbc..4dc8310c9d3698bf41ffd7b391a6ffa38951b60b --- comments removed and code was cleaned up. https://github.com/openshift/cluster-ingress-operator/compare/4dc8310c9d3698bf41ffd7b391a6ffa38951b60b..32a6380e633d74a67db6f3007eccee5830e2d5a6 ---- consists of @Miciah suggestions and also some @candita suggestions to fix log statements. The last push was just changing the sequence of the commits as |
done |
API pkg/operator/controller/ingress/deployment.go Fetches the headers from the ingress controller CR and then sets the router deployment with environment vars with the header value and action. pkg/operator/controller/ingress/deployment_test.go Units tests for setting enviroment var in thr router deployment.
|
@miheer: The following test failed, say
Full PR test history. Your PR dashboard. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
/test e2e-hypershift |
|
/approve |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: candita The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci
bot
added
the
approved
|
/test remaining-required |
|
/lgtm |
8 participants
Set/Replace/Append HTTP Request/Response Headers via Ingress Controller
API
pkg/operator/controller/ingress/deployment.goFetches the headers fromthe ingress controller CR and then sets the router deployment with
environment vars with the header value and action.
pkg/operator/controller/ingress/deployment_test.goUnits tests forsetting enviroment var in thr router deployment.