Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add tests for changing targetRef field in policies #641

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Add tests for changing targetRef field in policies #641

wants to merge 1 commit into from

Conversation

emmaaroche
Copy link
Contributor

@emmaaroche emmaaroche commented Feb 20, 2025
edited
Loading

Summary
This PR adds reconciliation tests focusing on targetRef updates across different policies.

Test Cases Covered

  • DNSPolicy: Verifies DNS records are updated accordingly when changing targetRef from Gateway 1 (hostname 1) to Gateway 2 (hostname 2).
  • TLSPolicy: Verifies TLS records are updated accordingly when changing targetRef from Gateway 1 (hostname 1) to Gateway 2 (hostname 2).
  • AuthPolicy and RateLimitPolicy were covered in PR Test for changing parentRef field in policies (AuthPolicy and RateLimitPolicy) #622), but were further updated in this PR.

Additional Notes

  • Updated gateways in testsuite/tests/singlecluster/gateway/reconciliation/change_targetref/conftest.py to use TLSGatewayListener instead of GatewayListener.
  • Added a second TLS policy fixture totestsuite/tests/singlecluster/gateway/reconciliation/change_targetref/conftest.py.

Related Issue
Closes #307

@emmaaroche emmaaroche added Test case New test case DNS Issues for DNSOperator labels Feb 20, 2025
@emmaaroche emmaaroche self-assigned this Feb 20, 2025
@emmaaroche emmaaroche added the refactor Refactor with same functionality label Feb 20, 2025
averevki
averevki reviewed Feb 20, 2025
View reviewed changes
@emmaaroche emmaaroche force-pushed the change-targetref-tests branch from 895c6e6 to 8e86700 Compare February 24, 2025 16:35
averevki
averevki reviewed Feb 25, 2025
View reviewed changes
...lecluster/gateway/reconciliation/change_targetref/test_update_dns_tls_policies_target_ref.py
Comment on lines +67 to +74
client2 = hostname2.client()

response = client2.get("/get")
assert not response.has_cert_verify_error()
assert not response.has_dns_error()
assert response.status_code == 200

client2.close()
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

you can put second client in a separate fixture so you don't have to close it inside the test. Check out usage of yield in the pytest

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For this, I chose to initialize client2 only after the targetRef change to ensure the TLS secret is available. When using a separate client2 fixture, errors occurred due to missing TLS certificates.

...lecluster/gateway/reconciliation/change_targetref/test_update_dns_tls_policies_target_ref.py
Comment on lines +54 to +58
response = client.get("/get")
assert not response.has_cert_verify_error()
assert not response.has_dns_error()
assert response.status_code == 200

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

please also verify that second gateway is not affected by tls/dns policies with requests before the change. Statuses change you asserted above isn't enough, it may show that it's not affected but be different in practice

...lecluster/gateway/reconciliation/change_targetref/test_update_dns_tls_policies_target_ref.py
Comment on lines +69 to +73
response = client2.get("/get")
assert not response.has_cert_verify_error()
assert not response.has_dns_error()
assert response.status_code == 200

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

same but with the first gateway. Check that it's not affected anymore

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@averevki averevki averevki left review comments

At least 1 approving review is required to merge this pull request.

Assignees

@emmaaroche emmaaroche

Labels
DNS Issues for DNSOperator refactor Refactor with same functionality Test case New test case
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add test for changing targetRef field in policies
2 participants
@emmaaroche @averevki