mirror of
https://github.com/status-im/consul.git
synced 2025-01-09 05:23:04 +00:00
134aac7c26
* endpoints xds cluster configuration * resources test fix * fix reversion in resources_test * Update agent/proxycfg/api_gateway.go Co-authored-by: John Maguire <john.maguire@hashicorp.com> * gofmt * Modify getReadyUpstreams to filter upstreams by listener (#17410) Each listener would previously have all upstreams from any route that bound to the listener. This is problematic when a route bound to one listener also binds to other listeners and so includes upstreams for multiple listeners. The list for a given listener would then wind up including upstreams for other listeners. * Update agent/proxycfg/api_gateway.go Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com> * Restore import blocking * Skip to next route if route has no upstreams * cleanup * change set from bool to empty struct --------- Co-authored-by: John Maguire <john.maguire@hashicorp.com> Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com>
49 lines
1.9 KiB
Bash
49 lines
1.9 KiB
Bash
#!/usr/bin/env bats
|
|
|
|
load helpers
|
|
|
|
@test "api gateway proxy admin is up on :20000" {
|
|
retry_default curl -f -s localhost:20000/stats -o /dev/null
|
|
}
|
|
|
|
@test "api gateway should have been accepted and not conflicted" {
|
|
assert_config_entry_status Accepted True Accepted primary api-gateway api-gateway
|
|
assert_config_entry_status Conflicted False NoConflict primary api-gateway api-gateway
|
|
}
|
|
|
|
@test "api gateway should have healthy endpoints for s1" {
|
|
assert_config_entry_status Bound True Bound primary http-route api-gateway-route-one
|
|
assert_upstream_has_endpoints_in_status 127.0.0.1:20000 s1 HEALTHY 1
|
|
}
|
|
|
|
@test "api gateway should have healthy endpoints for s2" {
|
|
assert_config_entry_status Bound True Bound primary http-route api-gateway-route-two
|
|
assert_upstream_has_endpoints_in_status 127.0.0.1:20000 s2 HEALTHY 1
|
|
}
|
|
|
|
@test "api gateway should be able to connect to s1 via configured port" {
|
|
run retry_long curl -sk -f -d hello https://localhost:9999
|
|
[[ "$output" == *"hello"* ]]
|
|
}
|
|
|
|
@test "api gateway should be able to serve host.consul.example traffic on listener 1" {
|
|
assert_cert_has_cn localhost:9999 host.consul.example host.consul.example
|
|
}
|
|
|
|
@test "api gateway should be able to serve all other traffic with the host.consul.example certificate on listener 1" {
|
|
assert_cert_has_cn localhost:9999 host.consul.example other.consul.example
|
|
}
|
|
|
|
@test "api gateway should get an intentions error connecting to s2 via configured port" {
|
|
run retry_default sh -c "curl -sk https://localhost:9998 | grep RBAC"
|
|
[[ "$output" == "RBAC: access denied" ]]
|
|
}
|
|
|
|
@test "api gateway should be able to serve listener 2 with the other.consul.example certificate" {
|
|
assert_cert_has_cn localhost:9998 other.consul.example other.consul.example
|
|
}
|
|
|
|
@test "api gateway should fall back to a connect certificate on conflicted SNI on listener 2" {
|
|
assert_cert_has_cn localhost:9998 pri host.consul.example
|
|
}
|