[NET-6417] Add validation of MeshGateway name + listeners (#20425)

* Add validation of MeshGateway name + listeners

* Adds test for ValidateMeshGateway

* Fixes data fetcher test for gatewayproxy

---------

Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com>
This commit is contained in:
Melisa Griffin 2024-01-31 18:47:57 -05:00 committed by GitHub
parent b6f10bc58f
commit 7c00d396cf
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 128 additions and 2 deletions

View File

@ -69,9 +69,14 @@ func (suite *dataFetcherSuite) setupWithTenancy(tenancy *pbresource.Tenancy) {
).
Write(suite.T(), suite.client)
suite.meshGateway = resourcetest.Resource(pbmesh.MeshGatewayType, "mesh-gateway-1").
suite.meshGateway = resourcetest.Resource(pbmesh.MeshGatewayType, "mesh-gateway").
WithData(suite.T(), &pbmesh.MeshGateway{
GatewayClassName: "gateway-class-1",
Listeners: []*pbmesh.MeshGatewayListener{
{
Name: "wan",
},
},
}).
Write(suite.T(), suite.client)

View File

@ -4,6 +4,12 @@
package types
import (
"errors"
"fmt"
"github.com/hashicorp/go-multierror"
"github.com/hashicorp/consul/internal/mesh/internal/controllers/meshgateways"
"github.com/hashicorp/consul/internal/resource"
pbmesh "github.com/hashicorp/consul/proto-public/pbmesh/v2beta1"
)
@ -15,6 +21,24 @@ func RegisterMeshGateway(r resource.Registry) {
Scope: resource.ScopePartition,
ACLs: nil, // TODO NET-6416
Mutate: nil, // TODO NET-6418
Validate: nil, // TODO NET-6417
Validate: resource.DecodeAndValidate(validateMeshGateway),
})
}
func validateMeshGateway(res *DecodedMeshGateway) error {
var merr error
if res.GetId().GetName() != meshgateways.GatewayName {
merr = multierror.Append(merr, fmt.Errorf("invalid gateway name, must be %q", meshgateways.GatewayName))
}
if len(res.GetData().Listeners) != 1 {
merr = multierror.Append(merr, errors.New("invalid listeners, must have exactly one listener"))
}
if len(res.GetData().Listeners) > 0 && (res.GetData().Listeners[0].GetName() != meshgateways.WANPortName) {
merr = multierror.Append(merr, fmt.Errorf("invalid listener name, must be %q", meshgateways.WANPortName))
}
return merr
}

View File

@ -0,0 +1,97 @@
// Copyright (c) HashiCorp, Inc.
// SPDX-License-Identifier: BUSL-1.1
package types
import (
"github.com/hashicorp/consul/internal/resource"
"testing"
"github.com/hashicorp/consul/internal/resource/resourcetest"
pbmesh "github.com/hashicorp/consul/proto-public/pbmesh/v2beta1"
"github.com/hashicorp/consul/sdk/testutil"
"github.com/stretchr/testify/require"
)
func TestValidateMeshGateway(t *testing.T) {
type testcase struct {
mgwName string
mgw *pbmesh.MeshGateway
expectErr string
}
run := func(t *testing.T, tc testcase) {
res := resourcetest.Resource(pbmesh.MeshGatewayType, tc.mgwName).
WithData(t, tc.mgw).
Build()
err := resource.DecodeAndValidate(validateMeshGateway)(res)
if tc.expectErr == "" {
require.NoError(t, err)
} else {
testutil.RequireErrorContains(t, err, tc.expectErr)
}
}
cases := map[string]testcase{
"happy path": {
mgwName: "mesh-gateway",
mgw: &pbmesh.MeshGateway{
Listeners: []*pbmesh.MeshGatewayListener{
{
Name: "wan",
},
},
},
expectErr: "",
},
"wrong name for mesh-gateway": {
mgwName: "my-mesh-gateway",
mgw: &pbmesh.MeshGateway{
Listeners: []*pbmesh.MeshGatewayListener{
{
Name: "wan",
},
},
},
expectErr: "invalid gateway name, must be \"mesh-gateway\"",
},
"too many listeners on mesh-gateway": {
mgwName: "mesh-gateway",
mgw: &pbmesh.MeshGateway{
Listeners: []*pbmesh.MeshGatewayListener{
{
Name: "obi",
},
{
Name: "wan",
},
},
},
expectErr: "invalid listeners, must have exactly one listener",
},
"zero listeners on mesh-gateway": {
mgwName: "mesh-gateway",
mgw: &pbmesh.MeshGateway{},
expectErr: "invalid listeners, must have exactly one listener",
},
"incorrect listener name on mesh-gateway": {
mgwName: "mesh-gateway",
mgw: &pbmesh.MeshGateway{
Listeners: []*pbmesh.MeshGatewayListener{
{
Name: "kenobi",
},
},
},
expectErr: "invalid listener name, must be \"wan\"",
},
}
for name, tc := range cases {
t.Run(name, func(t *testing.T) {
run(t, tc)
})
}
}