From acd9b3d1c4c1492cf35dbc491aed6abd675afe74 Mon Sep 17 00:00:00 2001 From: "R.B. Boyer" <4903+rboyer@users.noreply.github.com> Date: Thu, 7 Sep 2023 13:04:17 -0500 Subject: [PATCH] test: update sidecarproxy/builder golden tests to use determinstic golden data (#18703) --- .../sidecarproxy/builder/builder_test.go | 12 ++ .../testdata/l4-multi-destination.golden | 114 +++++++++--------- ...kload-addresses-with-specific-ports.golden | 74 ++++++------ ...le-workload-addresses-without-ports.golden | 74 ++++++------ ...le-destination-ip-port-bind-address.golden | 68 +++++------ ...estination-unix-socket-bind-address.golden | 68 +++++------ ...ngle-workload-address-without-ports.golden | 74 ++++++------ 7 files changed, 248 insertions(+), 236 deletions(-) diff --git a/internal/mesh/internal/controllers/sidecarproxy/builder/builder_test.go b/internal/mesh/internal/controllers/sidecarproxy/builder/builder_test.go index 5768251a67..24e242f7bb 100644 --- a/internal/mesh/internal/controllers/sidecarproxy/builder/builder_test.go +++ b/internal/mesh/internal/controllers/sidecarproxy/builder/builder_test.go @@ -1,6 +1,7 @@ package builder import ( + "encoding/json" "flag" "os" "testing" @@ -22,5 +23,16 @@ func protoToJSON(t *testing.T, pb proto.Message) string { } gotJSON, err := m.Marshal(pb) require.NoError(t, err) + + // protojson format is non-determinstic, so scrub it through the determinstic json.Marshal so + // 'git diff' only shows real changes + // + // https://github.com/golang/protobuf/issues/1269 + var tmp map[string]any + require.NoError(t, json.Unmarshal(gotJSON, &tmp)) + + gotJSON, err = json.MarshalIndent(&tmp, "", " ") + require.NoError(t, err) + return string(gotJSON) } diff --git a/internal/mesh/internal/controllers/sidecarproxy/builder/testdata/l4-multi-destination.golden b/internal/mesh/internal/controllers/sidecarproxy/builder/testdata/l4-multi-destination.golden index 36310c806f..24b06ad29b 100644 --- a/internal/mesh/internal/controllers/sidecarproxy/builder/testdata/l4-multi-destination.golden +++ b/internal/mesh/internal/controllers/sidecarproxy/builder/testdata/l4-multi-destination.golden @@ -1,47 +1,5 @@ { "proxyState": { - "identity": { - "tenancy": { - "partition": "default", - "namespace": "default", - "peerName": "local" - }, - "name": "test-identity" - }, - "listeners": [ - { - "name": "api-1:tcp:1.1.1.1:1234", - "direction": "DIRECTION_OUTBOUND", - "hostPort": { - "host": "1.1.1.1", - "port": 1234 - }, - "routers": [ - { - "l4": { - "name": "api-1.default.dc1.internal.foo.consul", - "statPrefix": "upstream.api-1.default.default.dc1" - } - } - ] - }, - { - "name": "api-2:tcp:/path/to/socket", - "direction": "DIRECTION_OUTBOUND", - "unixSocket": { - "path": "/path/to/socket", - "mode": "0666" - }, - "routers": [ - { - "l4": { - "name": "api-2.default.dc1.internal.foo.consul", - "statPrefix": "upstream.api-2.default.default.dc1" - } - } - ] - } - ], "clusters": { "api-1.default.dc1.internal.foo.consul": { "endpointGroup": { @@ -52,12 +10,12 @@ "outboundTls": { "outboundMesh": { "identityKey": "test-identity", + "sni": "api-1.default.dc1.internal.foo.consul", "validationContext": { "spiffeIds": [ "spiffe://foo.consul/ap/default/ns/default/identity/api1-identity" ] - }, - "sni": "api-1.default.dc1.internal.foo.consul" + } } } } @@ -72,32 +30,74 @@ "outboundTls": { "outboundMesh": { "identityKey": "test-identity", + "sni": "api-2.default.dc1.internal.foo.consul", "validationContext": { "spiffeIds": [ "spiffe://foo.consul/ap/default/ns/default/identity/api2-identity" ] - }, - "sni": "api-2.default.dc1.internal.foo.consul" + } } } } } } - } + }, + "identity": { + "name": "test-identity", + "tenancy": { + "namespace": "default", + "partition": "default", + "peerName": "local" + } + }, + "listeners": [ + { + "direction": "DIRECTION_OUTBOUND", + "hostPort": { + "host": "1.1.1.1", + "port": 1234 + }, + "name": "api-1:tcp:1.1.1.1:1234", + "routers": [ + { + "l4": { + "name": "api-1.default.dc1.internal.foo.consul", + "statPrefix": "upstream.api-1.default.default.dc1" + } + } + ] + }, + { + "direction": "DIRECTION_OUTBOUND", + "name": "api-2:tcp:/path/to/socket", + "routers": [ + { + "l4": { + "name": "api-2.default.dc1.internal.foo.consul", + "statPrefix": "upstream.api-2.default.default.dc1" + } + } + ], + "unixSocket": { + "mode": "0666", + "path": "/path/to/socket" + } + } + ] }, "requiredEndpoints": { "api-1.default.dc1.internal.foo.consul": { "id": { "name": "api-1", + "tenancy": { + "namespace": "default", + "partition": "default", + "peerName": "local" + }, "type": { "group": "catalog", "groupVersion": "v1alpha1", "kind": "ServiceEndpoints" - }, - "tenancy": { - "partition": "default", - "namespace": "default", - "peerName": "local" } }, "port": "mesh" @@ -105,15 +105,15 @@ "api-2.default.dc1.internal.foo.consul": { "id": { "name": "api-2", + "tenancy": { + "namespace": "default", + "partition": "default", + "peerName": "local" + }, "type": { "group": "catalog", "groupVersion": "v1alpha1", "kind": "ServiceEndpoints" - }, - "tenancy": { - "partition": "default", - "namespace": "default", - "peerName": "local" } }, "port": "mesh" diff --git a/internal/mesh/internal/controllers/sidecarproxy/builder/testdata/l4-multiple-workload-addresses-with-specific-ports.golden b/internal/mesh/internal/controllers/sidecarproxy/builder/testdata/l4-multiple-workload-addresses-with-specific-ports.golden index 834672743c..e9c3a9a18d 100644 --- a/internal/mesh/internal/controllers/sidecarproxy/builder/testdata/l4-multiple-workload-addresses-with-specific-ports.golden +++ b/internal/mesh/internal/controllers/sidecarproxy/builder/testdata/l4-multiple-workload-addresses-with-specific-ports.golden @@ -1,41 +1,5 @@ { "proxyState": { - "identity": { - "tenancy": { - "partition": "default", - "namespace": "default", - "peerName": "local" - }, - "name": "test-identity" - }, - "listeners": [ - { - "name": "public_listener", - "direction": "DIRECTION_INBOUND", - "hostPort": { - "host": "10.0.0.2", - "port": 20000 - }, - "routers": [ - { - "l4": { - "name": "local_app:port1", - "statPrefix": "public_listener" - }, - "inboundTls": { - "inboundMesh": { - "identityKey": "test-identity", - "validationContext": { - "trustBundlePeerNameKeys": [ - "local" - ] - } - } - } - } - ] - } - ], "clusters": { "local_app:port1": { "endpointGroup": { @@ -54,7 +18,43 @@ } ] } - } + }, + "identity": { + "name": "test-identity", + "tenancy": { + "namespace": "default", + "partition": "default", + "peerName": "local" + } + }, + "listeners": [ + { + "direction": "DIRECTION_INBOUND", + "hostPort": { + "host": "10.0.0.2", + "port": 20000 + }, + "name": "public_listener", + "routers": [ + { + "inboundTls": { + "inboundMesh": { + "identityKey": "test-identity", + "validationContext": { + "trustBundlePeerNameKeys": [ + "local" + ] + } + } + }, + "l4": { + "name": "local_app:port1", + "statPrefix": "public_listener" + } + } + ] + } + ] }, "requiredLeafCertificates": { "test-identity": { diff --git a/internal/mesh/internal/controllers/sidecarproxy/builder/testdata/l4-multiple-workload-addresses-without-ports.golden b/internal/mesh/internal/controllers/sidecarproxy/builder/testdata/l4-multiple-workload-addresses-without-ports.golden index 39c532d737..ba93466594 100644 --- a/internal/mesh/internal/controllers/sidecarproxy/builder/testdata/l4-multiple-workload-addresses-without-ports.golden +++ b/internal/mesh/internal/controllers/sidecarproxy/builder/testdata/l4-multiple-workload-addresses-without-ports.golden @@ -1,41 +1,5 @@ { "proxyState": { - "identity": { - "tenancy": { - "partition": "default", - "namespace": "default", - "peerName": "local" - }, - "name": "test-identity" - }, - "listeners": [ - { - "name": "public_listener", - "direction": "DIRECTION_INBOUND", - "hostPort": { - "host": "10.0.0.1", - "port": 20000 - }, - "routers": [ - { - "l4": { - "name": "local_app:port1", - "statPrefix": "public_listener" - }, - "inboundTls": { - "inboundMesh": { - "identityKey": "test-identity", - "validationContext": { - "trustBundlePeerNameKeys": [ - "local" - ] - } - } - } - } - ] - } - ], "clusters": { "local_app:port1": { "endpointGroup": { @@ -54,7 +18,43 @@ } ] } - } + }, + "identity": { + "name": "test-identity", + "tenancy": { + "namespace": "default", + "partition": "default", + "peerName": "local" + } + }, + "listeners": [ + { + "direction": "DIRECTION_INBOUND", + "hostPort": { + "host": "10.0.0.1", + "port": 20000 + }, + "name": "public_listener", + "routers": [ + { + "inboundTls": { + "inboundMesh": { + "identityKey": "test-identity", + "validationContext": { + "trustBundlePeerNameKeys": [ + "local" + ] + } + } + }, + "l4": { + "name": "local_app:port1", + "statPrefix": "public_listener" + } + } + ] + } + ] }, "requiredLeafCertificates": { "test-identity": { diff --git a/internal/mesh/internal/controllers/sidecarproxy/builder/testdata/l4-single-destination-ip-port-bind-address.golden b/internal/mesh/internal/controllers/sidecarproxy/builder/testdata/l4-single-destination-ip-port-bind-address.golden index e1865f7fe2..b426d287e9 100644 --- a/internal/mesh/internal/controllers/sidecarproxy/builder/testdata/l4-single-destination-ip-port-bind-address.golden +++ b/internal/mesh/internal/controllers/sidecarproxy/builder/testdata/l4-single-destination-ip-port-bind-address.golden @@ -1,31 +1,5 @@ { "proxyState": { - "identity": { - "tenancy": { - "partition": "default", - "namespace": "default", - "peerName": "local" - }, - "name": "test-identity" - }, - "listeners": [ - { - "name": "api-1:tcp:1.1.1.1:1234", - "direction": "DIRECTION_OUTBOUND", - "hostPort": { - "host": "1.1.1.1", - "port": 1234 - }, - "routers": [ - { - "l4": { - "name": "api-1.default.dc1.internal.foo.consul", - "statPrefix": "upstream.api-1.default.default.dc1" - } - } - ] - } - ], "clusters": { "api-1.default.dc1.internal.foo.consul": { "endpointGroup": { @@ -36,32 +10,58 @@ "outboundTls": { "outboundMesh": { "identityKey": "test-identity", + "sni": "api-1.default.dc1.internal.foo.consul", "validationContext": { "spiffeIds": [ "spiffe://foo.consul/ap/default/ns/default/identity/api1-identity" ] - }, - "sni": "api-1.default.dc1.internal.foo.consul" + } } } } } } - } + }, + "identity": { + "name": "test-identity", + "tenancy": { + "namespace": "default", + "partition": "default", + "peerName": "local" + } + }, + "listeners": [ + { + "direction": "DIRECTION_OUTBOUND", + "hostPort": { + "host": "1.1.1.1", + "port": 1234 + }, + "name": "api-1:tcp:1.1.1.1:1234", + "routers": [ + { + "l4": { + "name": "api-1.default.dc1.internal.foo.consul", + "statPrefix": "upstream.api-1.default.default.dc1" + } + } + ] + } + ] }, "requiredEndpoints": { "api-1.default.dc1.internal.foo.consul": { "id": { "name": "api-1", + "tenancy": { + "namespace": "default", + "partition": "default", + "peerName": "local" + }, "type": { "group": "catalog", "groupVersion": "v1alpha1", "kind": "ServiceEndpoints" - }, - "tenancy": { - "partition": "default", - "namespace": "default", - "peerName": "local" } }, "port": "mesh" diff --git a/internal/mesh/internal/controllers/sidecarproxy/builder/testdata/l4-single-destination-unix-socket-bind-address.golden b/internal/mesh/internal/controllers/sidecarproxy/builder/testdata/l4-single-destination-unix-socket-bind-address.golden index a67ba1c22c..cc2bd0fdc5 100644 --- a/internal/mesh/internal/controllers/sidecarproxy/builder/testdata/l4-single-destination-unix-socket-bind-address.golden +++ b/internal/mesh/internal/controllers/sidecarproxy/builder/testdata/l4-single-destination-unix-socket-bind-address.golden @@ -1,31 +1,5 @@ { "proxyState": { - "identity": { - "tenancy": { - "partition": "default", - "namespace": "default", - "peerName": "local" - }, - "name": "test-identity" - }, - "listeners": [ - { - "name": "api-2:tcp:/path/to/socket", - "direction": "DIRECTION_OUTBOUND", - "unixSocket": { - "path": "/path/to/socket", - "mode": "0666" - }, - "routers": [ - { - "l4": { - "name": "api-2.default.dc1.internal.foo.consul", - "statPrefix": "upstream.api-2.default.default.dc1" - } - } - ] - } - ], "clusters": { "api-2.default.dc1.internal.foo.consul": { "endpointGroup": { @@ -36,32 +10,58 @@ "outboundTls": { "outboundMesh": { "identityKey": "test-identity", + "sni": "api-2.default.dc1.internal.foo.consul", "validationContext": { "spiffeIds": [ "spiffe://foo.consul/ap/default/ns/default/identity/api2-identity" ] - }, - "sni": "api-2.default.dc1.internal.foo.consul" + } } } } } } - } + }, + "identity": { + "name": "test-identity", + "tenancy": { + "namespace": "default", + "partition": "default", + "peerName": "local" + } + }, + "listeners": [ + { + "direction": "DIRECTION_OUTBOUND", + "name": "api-2:tcp:/path/to/socket", + "routers": [ + { + "l4": { + "name": "api-2.default.dc1.internal.foo.consul", + "statPrefix": "upstream.api-2.default.default.dc1" + } + } + ], + "unixSocket": { + "mode": "0666", + "path": "/path/to/socket" + } + } + ] }, "requiredEndpoints": { "api-2.default.dc1.internal.foo.consul": { "id": { "name": "api-2", + "tenancy": { + "namespace": "default", + "partition": "default", + "peerName": "local" + }, "type": { "group": "catalog", "groupVersion": "v1alpha1", "kind": "ServiceEndpoints" - }, - "tenancy": { - "partition": "default", - "namespace": "default", - "peerName": "local" } }, "port": "mesh" diff --git a/internal/mesh/internal/controllers/sidecarproxy/builder/testdata/l4-single-workload-address-without-ports.golden b/internal/mesh/internal/controllers/sidecarproxy/builder/testdata/l4-single-workload-address-without-ports.golden index 39c532d737..ba93466594 100644 --- a/internal/mesh/internal/controllers/sidecarproxy/builder/testdata/l4-single-workload-address-without-ports.golden +++ b/internal/mesh/internal/controllers/sidecarproxy/builder/testdata/l4-single-workload-address-without-ports.golden @@ -1,41 +1,5 @@ { "proxyState": { - "identity": { - "tenancy": { - "partition": "default", - "namespace": "default", - "peerName": "local" - }, - "name": "test-identity" - }, - "listeners": [ - { - "name": "public_listener", - "direction": "DIRECTION_INBOUND", - "hostPort": { - "host": "10.0.0.1", - "port": 20000 - }, - "routers": [ - { - "l4": { - "name": "local_app:port1", - "statPrefix": "public_listener" - }, - "inboundTls": { - "inboundMesh": { - "identityKey": "test-identity", - "validationContext": { - "trustBundlePeerNameKeys": [ - "local" - ] - } - } - } - } - ] - } - ], "clusters": { "local_app:port1": { "endpointGroup": { @@ -54,7 +18,43 @@ } ] } - } + }, + "identity": { + "name": "test-identity", + "tenancy": { + "namespace": "default", + "partition": "default", + "peerName": "local" + } + }, + "listeners": [ + { + "direction": "DIRECTION_INBOUND", + "hostPort": { + "host": "10.0.0.1", + "port": 20000 + }, + "name": "public_listener", + "routers": [ + { + "inboundTls": { + "inboundMesh": { + "identityKey": "test-identity", + "validationContext": { + "trustBundlePeerNameKeys": [ + "local" + ] + } + } + }, + "l4": { + "name": "local_app:port1", + "statPrefix": "public_listener" + } + } + ] + } + ] }, "requiredLeafCertificates": { "test-identity": {