1package api 2 3import ( 4 "testing" 5 6 "github.com/stretchr/testify/require" 7) 8 9func TestAPI_ConnectIntentionCreateListGetUpdateDelete(t *testing.T) { 10 t.Parallel() 11 12 require := require.New(t) 13 c, s := makeClient(t) 14 defer s.Stop() 15 16 connect := c.Connect() 17 18 // Create 19 ixn := testIntention() 20 id, _, err := connect.IntentionCreate(ixn, nil) 21 require.Nil(err) 22 require.NotEmpty(id) 23 24 // List it 25 list, _, err := connect.Intentions(nil) 26 require.Nil(err) 27 require.Len(list, 1) 28 29 actual := list[0] 30 ixn.ID = id 31 ixn.CreatedAt = actual.CreatedAt 32 ixn.UpdatedAt = actual.UpdatedAt 33 ixn.CreateIndex = actual.CreateIndex 34 ixn.ModifyIndex = actual.ModifyIndex 35 require.Equal(ixn, actual) 36 37 // Get it 38 actual, _, err = connect.IntentionGet(id, nil) 39 require.Nil(err) 40 require.Equal(ixn, actual) 41 42 // Update it 43 ixn.SourceNS = ixn.SourceNS + "-different" 44 _, err = connect.IntentionUpdate(ixn, nil) 45 require.NoError(err) 46 47 // Get it 48 actual, _, err = connect.IntentionGet(id, nil) 49 require.NoError(err) 50 ixn.UpdatedAt = actual.UpdatedAt 51 ixn.ModifyIndex = actual.ModifyIndex 52 require.Equal(ixn, actual) 53 54 // Delete it 55 _, err = connect.IntentionDelete(id, nil) 56 require.Nil(err) 57 58 // Get it (should be gone) 59 actual, _, err = connect.IntentionGet(id, nil) 60 require.Nil(err) 61 require.Nil(actual) 62} 63 64func TestAPI_ConnectIntentionGet_invalidId(t *testing.T) { 65 t.Parallel() 66 67 require := require.New(t) 68 c, s := makeClient(t) 69 defer s.Stop() 70 71 connect := c.Connect() 72 73 // Get it 74 actual, _, err := connect.IntentionGet("hello", nil) 75 require.Nil(actual) 76 require.Error(err) 77 require.Contains(err.Error(), "UUID") // verify it contains the message 78} 79 80func TestAPI_ConnectIntentionMatch(t *testing.T) { 81 t.Parallel() 82 83 require := require.New(t) 84 c, s := makeClient(t) 85 defer s.Stop() 86 87 connect := c.Connect() 88 89 // Create 90 { 91 insert := [][]string{ 92 {"foo", "*"}, 93 {"foo", "bar"}, 94 {"foo", "baz"}, // shouldn't match 95 {"bar", "bar"}, // shouldn't match 96 {"bar", "*"}, // shouldn't match 97 {"*", "*"}, 98 } 99 100 for _, v := range insert { 101 ixn := testIntention() 102 ixn.DestinationNS = v[0] 103 ixn.DestinationName = v[1] 104 id, _, err := connect.IntentionCreate(ixn, nil) 105 require.Nil(err) 106 require.NotEmpty(id) 107 } 108 } 109 110 // Match it 111 result, _, err := connect.IntentionMatch(&IntentionMatch{ 112 By: IntentionMatchDestination, 113 Names: []string{"foo/bar"}, 114 }, nil) 115 require.Nil(err) 116 require.Len(result, 1) 117 118 var actual [][]string 119 expected := [][]string{{"foo", "bar"}, {"foo", "*"}, {"*", "*"}} 120 for _, ixn := range result["foo/bar"] { 121 actual = append(actual, []string{ixn.DestinationNS, ixn.DestinationName}) 122 } 123 124 require.Equal(expected, actual) 125} 126 127func TestAPI_ConnectIntentionCheck(t *testing.T) { 128 t.Parallel() 129 130 require := require.New(t) 131 c, s := makeClient(t) 132 defer s.Stop() 133 134 connect := c.Connect() 135 136 // Create 137 { 138 insert := [][]string{ 139 {"foo", "*", "foo", "bar"}, 140 } 141 142 for _, v := range insert { 143 ixn := testIntention() 144 ixn.SourceNS = v[0] 145 ixn.SourceName = v[1] 146 ixn.DestinationNS = v[2] 147 ixn.DestinationName = v[3] 148 ixn.Action = IntentionActionDeny 149 id, _, err := connect.IntentionCreate(ixn, nil) 150 require.Nil(err) 151 require.NotEmpty(id) 152 } 153 } 154 155 // Match it 156 { 157 result, _, err := connect.IntentionCheck(&IntentionCheck{ 158 Source: "foo/qux", 159 Destination: "foo/bar", 160 }, nil) 161 require.Nil(err) 162 require.False(result) 163 } 164 165 // Match it (non-matching) 166 { 167 result, _, err := connect.IntentionCheck(&IntentionCheck{ 168 Source: "bar/qux", 169 Destination: "foo/bar", 170 }, nil) 171 require.Nil(err) 172 require.True(result) 173 } 174} 175 176func testIntention() *Intention { 177 return &Intention{ 178 SourceNS: "eng", 179 SourceName: "api", 180 DestinationNS: "eng", 181 DestinationName: "db", 182 Precedence: 9, 183 Action: IntentionActionAllow, 184 SourceType: IntentionSourceConsul, 185 Meta: map[string]string{}, 186 } 187} 188