add tls unit tests (#10665)

Author: puertomontt

changelog/v1.19.0-beta13/tls-unit-test.yaml

@@ -0,0 +1,4 @@
+changelog:
+  - type: NON_USER_FACING
+    description: >-
+      "add unit tests for tls gateway and tls route"

projects/gateway2/translator/gateway_translator_test.go

@@ -266,6 +266,91 @@ var _ = DescribeTable("Basic GatewayTranslator Tests",
 				Name:      "example-tcp-gateway",
 			},
 		}),
+	Entry(
+		"tls gateway with basic routing",
+		translatorTestCase{
+			inputFile:  "tls-routing/basic.yaml",
+			outputFile: "tls-routing/basic-proxy.yaml",
+			gwNN: types.NamespacedName{
+				Namespace: "default",
+				Name:      "example-gateway",
+			},
+			assertReports: func(gwNN types.NamespacedName, reportsMap reports.ReportMap) {
+				route := &gwv1a2.TLSRoute{
+					ObjectMeta: metav1.ObjectMeta{
+						Name:      "example-tls-route",
+						Namespace: "default",
+					},
+				}
+				routeStatus := reportsMap.BuildRouteStatus(context.TODO(), route, "")
+				Expect(routeStatus).NotTo(BeNil())
+				Expect(routeStatus.Parents).To(HaveLen(1))
+				resolvedRefs := meta.FindStatusCondition(routeStatus.Parents[0].Conditions, string(gwv1.RouteConditionResolvedRefs))
+				Expect(resolvedRefs).NotTo(BeNil())
+				Expect(resolvedRefs.Status).To(Equal(metav1.ConditionTrue))
+				Expect(resolvedRefs.Reason).To(Equal(string(gwv1.RouteReasonResolvedRefs)))
+			},
+		}),
+	Entry(
+		"tlsroute with missing backend reports correctly",
+		translatorTestCase{
+			inputFile:  "tls-routing/missing-backend.yaml",
+			outputFile: "tls-routing/missing-backend.yaml",
+			gwNN: types.NamespacedName{
+				Namespace: "default",
+				Name:      "example-gateway",
+			},
+			assertReports: func(gwNN types.NamespacedName, reportsMap reports.ReportMap) {
+				route := &gwv1a2.TLSRoute{
+					ObjectMeta: metav1.ObjectMeta{
+						Name:      "example-tls-route",
+						Namespace: "default",
+					},
+				}
+				routeStatus := reportsMap.BuildRouteStatus(context.TODO(), route, "")
+				Expect(routeStatus).NotTo(BeNil())
+				Expect(routeStatus.Parents).To(HaveLen(1))
+				resolvedRefs := meta.FindStatusCondition(routeStatus.Parents[0].Conditions, string(gwv1.RouteConditionResolvedRefs))
+				Expect(resolvedRefs).NotTo(BeNil())
+				Expect(resolvedRefs.Status).To(Equal(metav1.ConditionFalse))
+				Expect(resolvedRefs.Message).To(Equal("services \"example-tls-svc\" not found"))
+			},
+		}),
+	Entry(
+		"tlsroute with invalid backend reports correctly",
+		translatorTestCase{
+			inputFile:  "tls-routing/invalid-backend.yaml",
+			outputFile: "tls-routing/invalid-backend.yaml",
+			gwNN: types.NamespacedName{
+				Namespace: "default",
+				Name:      "example-gateway",
+			},
+			assertReports: func(gwNN types.NamespacedName, reportsMap reports.ReportMap) {
+				route := &gwv1a2.TLSRoute{
+					ObjectMeta: metav1.ObjectMeta{
+						Name:      "example-tls-route",
+						Namespace: "default",
+					},
+				}
+				routeStatus := reportsMap.BuildRouteStatus(context.TODO(), route, "")
+				Expect(routeStatus).NotTo(BeNil())
+				Expect(routeStatus.Parents).To(HaveLen(1))
+				resolvedRefs := meta.FindStatusCondition(routeStatus.Parents[0].Conditions, string(gwv1.RouteConditionResolvedRefs))
+				Expect(resolvedRefs).NotTo(BeNil())
+				Expect(resolvedRefs.Status).To(Equal(metav1.ConditionFalse))
+				Expect(resolvedRefs.Message).To(Equal("unknown backend kind"))
+			},
+		}),
+	Entry(
+		"tls gateway with multiple backend services",
+		translatorTestCase{
+			inputFile:  "tls-routing/multi-backend.yaml",
+			outputFile: "tls-routing/multi-backend-proxy.yaml",
+			gwNN: types.NamespacedName{
+				Namespace: "default",
+				Name:      "example-gateway",
+			},
+		}),
 	Entry("Plugin Backend", translatorTestCase{
 		inputFile:  "backend-plugin/gateway.yaml",
 		outputFile: "backend-plugin-proxy.yaml",

projects/gateway2/translator/testutils/inputs/tls-routing/basic.yaml

@@ -0,0 +1,39 @@
+apiVersion: gateway.networking.k8s.io/v1alpha2
+kind: TLSRoute
+metadata:
+  name: example-tls-route
+spec:
+  parentRefs:
+  - name: example-gateway
+  hostnames:
+  - "example.com"
+  rules:
+  - backendRefs:
+    - name: example-tls-svc
+      port: 443
+---
+apiVersion: gateway.networking.k8s.io/v1
+kind: Gateway
+metadata:
+  name: example-gateway
+spec:
+  gatewayClassName: example-gateway-class
+  listeners:
+  - name: tls
+    protocol: TLS
+    hostname: "example.com"
+    tls:
+      mode: Passthrough
+    port: 8443
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: example-tls-svc
+spec:
+  selector:
+    app: example
+  ports:
+    - protocol: TCP
+      port: 443
+      targetPort: 8443

projects/gateway2/translator/testutils/inputs/tls-routing/invalid-backend.yaml

@@ -0,0 +1,41 @@
+apiVersion: gateway.networking.k8s.io/v1alpha2
+kind: TLSRoute
+metadata:
+  name: example-tls-route
+spec:
+  parentRefs:
+  - name: example-gateway
+  hostnames:
+  - "example.com"
+  rules:
+  - backendRefs:
+    - name: example-tls-svc
+      port: 443
+      group: unknown
+      kind: unknown
+---
+apiVersion: gateway.networking.k8s.io/v1
+kind: Gateway
+metadata:
+  name: example-gateway
+spec:
+  gatewayClassName: example-gateway-class
+  listeners:
+  - name: tls
+    protocol: TLS
+    hostname: "example.com"
+    tls:
+      mode: Passthrough
+    port: 8443
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: example-tls-svc
+spec:
+  selector:
+    app: example
+  ports:
+    - protocol: TCP
+      port: 443
+      targetPort: 8443

projects/gateway2/translator/testutils/inputs/tls-routing/missing-backend.yaml

@@ -0,0 +1,27 @@
+apiVersion: gateway.networking.k8s.io/v1alpha2
+kind: TLSRoute
+metadata:
+  name: example-tls-route
+spec:
+  parentRefs:
+  - name: example-gateway
+  hostnames:
+  - "example.com"
+  rules:
+  - backendRefs:
+    - name: example-tls-svc
+      port: 443
+---
+apiVersion: gateway.networking.k8s.io/v1
+kind: Gateway
+metadata:
+  name: example-gateway
+spec:
+  gatewayClassName: example-gateway-class
+  listeners:
+  - name: tls
+    protocol: TLS
+    hostname: "example.com"
+    tls:
+      mode: Passthrough
+    port: 8443

projects/gateway2/translator/testutils/inputs/tls-routing/multi-backend.yaml

@@ -0,0 +1,55 @@
+apiVersion: gateway.networking.k8s.io/v1alpha2
+kind: TLSRoute
+metadata:
+  name: example-tls-route
+spec:
+  parentRefs:
+  - name: example-gateway
+  hostnames:
+  - "example.com"
+  rules:
+  - backendRefs:
+    - name: example-tls-svc
+      port: 443
+      weight: 65
+    - name: example-tls-svc-2
+      port: 443
+      weight: 35
+---
+apiVersion: gateway.networking.k8s.io/v1
+kind: Gateway
+metadata:
+  name: example-gateway
+spec:
+  gatewayClassName: example-gateway-class
+  listeners:
+  - name: tls
+    protocol: TLS
+    hostname: "example.com"
+    tls:
+      mode: Passthrough
+    port: 8443
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: example-tls-svc
+spec:
+  selector:
+    app: example
+  ports:
+    - protocol: TCP
+      port: 443
+      targetPort: 8443
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: example-tls-svc-2
+spec:
+  selector:
+    app: example2
+  ports:
+    - protocol: TCP
+      port: 443
+      targetPort: 8443

projects/gateway2/translator/testutils/outputs/tls-routing/basic-proxy.yaml

@@ -0,0 +1,33 @@
+--- 
+listeners:
+- aggregateListener:
+    httpResources: {}
+    tcpListeners:
+    - tcpListener:
+        tcpHosts:
+        - destination:
+            single:
+              kube:
+                port: 443
+                ref:
+                  name: example-tls-svc
+                  namespace: default
+          name: example-tls-route-rule-0
+          sslConfig:
+            sniDomains:
+            - example.com
+  bindAddress: '::'
+  bindPort: 8443
+  metadataStatic:
+    sources:
+    - resourceKind: gateway.networking.k8s.io/Gateway
+      resourceRef:
+        name: tls
+        namespace: default
+  name: tls
+metadata:
+  labels:
+    created_by: gloo-kube-gateway-api
+    gateway_namespace: default
+  name: default-example-gateway
+  namespace: gloo-system

projects/gateway2/translator/testutils/outputs/tls-routing/invalid-backend.yaml

@@ -0,0 +1,19 @@
+---
+listeners:
+- aggregateListener:
+    httpResources: {}
+  bindAddress: '::'
+  bindPort: 8443
+  metadataStatic:
+    sources:
+    - resourceKind: gateway.networking.k8s.io/Gateway
+      resourceRef:
+        name: tls
+        namespace: default
+  name: tls
+metadata:
+  labels:
+    created_by: gloo-kube-gateway-api
+    gateway_namespace: default
+  name: default-example-gateway
+  namespace: gloo-system

projects/gateway2/translator/testutils/outputs/tls-routing/missing-backend.yaml

@@ -0,0 +1,19 @@
+---
+listeners:
+- aggregateListener:
+    httpResources: {}
+  bindAddress: '::'
+  bindPort: 8443
+  metadataStatic:
+    sources:
+    - resourceKind: gateway.networking.k8s.io/Gateway
+      resourceRef:
+        name: tls
+        namespace: default
+  name: tls
+metadata:
+  labels:
+    created_by: gloo-kube-gateway-api
+    gateway_namespace: default
+  name: default-example-gateway
+  namespace: gloo-system

projects/gateway2/translator/testutils/outputs/tls-routing/multi-backend-proxy.yaml

@@ -0,0 +1,43 @@
+---
+listeners:
+- aggregateListener:
+    httpResources: {}
+    tcpListeners:
+    - tcpListener:
+        tcpHosts:
+        - destination:
+            multi:
+              destinations:
+              - destination:
+                  kube:
+                    port: 443
+                    ref:
+                      name: example-tls-svc
+                      namespace: default
+                weight: 65
+              - destination:
+                  kube:
+                    port: 443
+                    ref:
+                      name: example-tls-svc-2
+                      namespace: default
+                weight: 35
+          name: example-tls-route-rule-0
+          sslConfig:
+            sniDomains:
+            - example.com
+  bindAddress: '::'
+  bindPort: 8443
+  metadataStatic:
+    sources:
+    - resourceKind: gateway.networking.k8s.io/Gateway
+      resourceRef:
+        name: tls
+        namespace: default
+  name: tls
+metadata:
+  labels:
+    created_by: gloo-kube-gateway-api
+    gateway_namespace: default
+  name: default-example-gateway
+  namespace: gloo-system