Commit 291650c7 authored by Matt Kasa's avatar Matt Kasa Committed by Michael Kozono

Add Istio API group to kubeclient

Relates to https://gitlab.com/gitlab-org/gitlab/issues/33559
parent f8aa5fa3
...@@ -17,6 +17,7 @@ module Gitlab ...@@ -17,6 +17,7 @@ module Gitlab
core: { group: 'api', version: 'v1' }, core: { group: 'api', version: 'v1' },
rbac: { group: 'apis/rbac.authorization.k8s.io', version: 'v1' }, rbac: { group: 'apis/rbac.authorization.k8s.io', version: 'v1' },
extensions: { group: 'apis/extensions', version: 'v1beta1' }, extensions: { group: 'apis/extensions', version: 'v1beta1' },
istio: { group: 'apis/networking.istio.io', version: 'v1alpha3' },
knative: { group: 'apis/serving.knative.dev', version: 'v1alpha1' } knative: { group: 'apis/serving.knative.dev', version: 'v1alpha1' }
}.freeze }.freeze
...@@ -91,6 +92,13 @@ module Gitlab ...@@ -91,6 +92,13 @@ module Gitlab
:watch_pod_log, :watch_pod_log,
to: :core_client to: :core_client
# Gateway methods delegate to the apis/networking.istio.io api
# group client
delegate :create_gateway,
:get_gateway,
:update_gateway,
to: :istio_client
attr_reader :api_prefix, :kubeclient_options attr_reader :api_prefix, :kubeclient_options
# We disable redirects through 'http_max_redirects: 0', # We disable redirects through 'http_max_redirects: 0',
......
...@@ -136,6 +136,20 @@ describe Gitlab::Kubernetes::KubeClient do ...@@ -136,6 +136,20 @@ describe Gitlab::Kubernetes::KubeClient do
end end
end end
describe '#istio_client' do
subject { client.istio_client }
it_behaves_like 'a Kubeclient'
it 'has the Istio API group endpoint' do
expect(subject.api_endpoint.to_s).to match(%r{\/apis\/networking.istio.io\Z})
end
it 'has the api_version' do
expect(subject.instance_variable_get(:@api_version)).to eq('v1alpha3')
end
end
describe '#knative_client' do describe '#knative_client' do
subject { client.knative_client } subject { client.knative_client }
...@@ -233,6 +247,29 @@ describe Gitlab::Kubernetes::KubeClient do ...@@ -233,6 +247,29 @@ describe Gitlab::Kubernetes::KubeClient do
end end
end end
describe 'istio API group' do
let(:istio_client) { client.istio_client }
[
:create_gateway,
:get_gateway,
:update_gateway
].each do |method|
describe "##{method}" do
include_examples 'redirection not allowed', method
include_examples 'dns rebinding not allowed', method
it 'delegates to the istio client' do
expect(client).to delegate_method(method).to(:istio_client)
end
it 'responds to the method' do
expect(client).to respond_to method
end
end
end
end
describe 'non-entity methods' do describe 'non-entity methods' do
it 'does not proxy for non-entity methods' do it 'does not proxy for non-entity methods' do
expect(client).not_to respond_to :proxy_url expect(client).not_to respond_to :proxy_url
......
...@@ -33,6 +33,14 @@ module KubernetesHelpers ...@@ -33,6 +33,14 @@ module KubernetesHelpers
.to_return(kube_response(kube_v1_rbac_authorization_discovery_body)) .to_return(kube_response(kube_v1_rbac_authorization_discovery_body))
end end
def stub_kubeclient_discover_istio(api_url)
stub_kubeclient_discover_base(api_url)
WebMock
.stub_request(:get, api_url + '/apis/networking.istio.io/v1alpha3')
.to_return(kube_response(kube_istio_discovery_body))
end
def stub_kubeclient_discover(api_url) def stub_kubeclient_discover(api_url)
stub_kubeclient_discover_base(api_url) stub_kubeclient_discover_base(api_url)
...@@ -244,6 +252,16 @@ module KubernetesHelpers ...@@ -244,6 +252,16 @@ module KubernetesHelpers
.to_return(kube_response({})) .to_return(kube_response({}))
end end
def stub_kubeclient_get_gateway(api_url, name, namespace: 'default')
WebMock.stub_request(:get, api_url + "/apis/networking.istio.io/v1alpha3/namespaces/#{namespace}/gateways/#{name}")
.to_return(kube_response(kube_istio_gateway_body(name, namespace)))
end
def stub_kubeclient_put_gateway(api_url, name, namespace: 'default')
WebMock.stub_request(:put, api_url + "/apis/networking.istio.io/v1alpha3/namespaces/#{namespace}/gateways/#{name}")
.to_return(kube_response({}))
end
def kube_v1_secret_body(**options) def kube_v1_secret_body(**options)
{ {
"kind" => "SecretList", "kind" => "SecretList",
...@@ -311,6 +329,115 @@ module KubernetesHelpers ...@@ -311,6 +329,115 @@ module KubernetesHelpers
} }
end end
def kube_istio_discovery_body
{
"kind" => "APIResourceList",
"apiVersion" => "v1",
"groupVersion" => "networking.istio.io/v1alpha3",
"resources" => [
{
"name" => "gateways",
"singularName" => "gateway",
"namespaced" => true,
"kind" => "Gateway",
"verbs" => %w[delete deletecollection get list patch create update watch],
"shortNames" => %w[gw],
"categories" => %w[istio-io networking-istio-io]
},
{
"name" => "serviceentries",
"singularName" => "serviceentry",
"namespaced" => true,
"kind" => "ServiceEntry",
"verbs" => %w[delete deletecollection get list patch create update watch],
"shortNames" => %w[se],
"categories" => %w[istio-io networking-istio-io]
},
{
"name" => "destinationrules",
"singularName" => "destinationrule",
"namespaced" => true,
"kind" => "DestinationRule",
"verbs" => %w[delete deletecollection get list patch create update watch],
"shortNames" => %w[dr],
"categories" => %w[istio-io networking-istio-io]
},
{
"name" => "envoyfilters",
"singularName" => "envoyfilter",
"namespaced" => true,
"kind" => "EnvoyFilter",
"verbs" => %w[delete deletecollection get list patch create update watch],
"categories" => %w[istio-io networking-istio-io]
},
{
"name" => "sidecars",
"singularName" => "sidecar",
"namespaced" => true,
"kind" => "Sidecar",
"verbs" => %w[delete deletecollection get list patch create update watch],
"categories" => %w[istio-io networking-istio-io]
},
{
"name" => "virtualservices",
"singularName" => "virtualservice",
"namespaced" => true,
"kind" => "VirtualService",
"verbs" => %w[delete deletecollection get list patch create update watch],
"shortNames" => %w[vs],
"categories" => %w[istio-io networking-istio-io]
}
]
}
end
def kube_istio_gateway_body(name, namespace)
{
"apiVersion" => "networking.istio.io/v1alpha3",
"kind" => "Gateway",
"metadata" => {
"generation" => 1,
"labels" => {
"networking.knative.dev/ingress-provider" => "istio",
"serving.knative.dev/release" => "v0.7.0"
},
"name" => name,
"namespace" => namespace,
"selfLink" => "/apis/networking.istio.io/v1alpha3/namespaces/#{namespace}/gateways/#{name}"
},
"spec" => {
"selector" => {
"istio" => "ingressgateway"
},
"servers" => [
{
"hosts" => [
"*"
],
"port" => {
"name" => "http",
"number" => 80,
"protocol" => "HTTP"
}
},
{
"hosts" => [
"*"
],
"port" => {
"name" => "https",
"number" => 443,
"protocol" => "HTTPS"
},
"tls" => {
"mode" => "PASSTHROUGH"
}
}
]
}
}
end
def kube_v1alpha1_serving_knative_discovery_body def kube_v1alpha1_serving_knative_discovery_body
{ {
"kind" => "APIResourceList", "kind" => "APIResourceList",
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment