mirrors/kube-arangodb
1
0
Fork 0
mirror of https://github.com/arangodb/kube-arangodb.git synced 2024-12-15 17:51:03 +00:00
Code Activity

GT-452 Improve master endpoint validation (#1339)

Browse source
This commit is contained in:
jwierzbo 2023-06-26 12:18:03 +02:00 committed by GitHub
parent c0afad6e7f
commit 6052958ece
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 43 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
CHANGELOG.md
View file

@ -2,6 +2,7 @@
## [master](https://github.com/arangodb/kube-arangodb/tree/master) (N/A) ## [master](https://github.com/arangodb/kube-arangodb/tree/master) (N/A)
- (Improvement) Block traffic on the services if there is more than 1 active leader in ActiveFailover mode - (Improvement) Block traffic on the services if there is more than 1 active leader in ActiveFailover mode
- (Improvement) Improve master endpoint validation.
## [1.2.30](https://github.com/arangodb/kube-arangodb/tree/1.2.30) (2023-06-16) ## [1.2.30](https://github.com/arangodb/kube-arangodb/tree/1.2.30) (2023-06-16)
- (Feature) AgencyCache Interface - (Feature) AgencyCache Interface

9
pkg/apis/deployment/v1/sync_external_access_spec.go
View file

@ -63,8 +63,15 @@ func (s SyncExternalAccessSpec) Validate() error {
return errors.WithStack(err) return errors.WithStack(err)
} }
for _, ep := range s.MasterEndpoint { for _, ep := range s.MasterEndpoint {
if _, err := url.Parse(ep); err != nil { if u, err := url.Parse(ep); err != nil {
return errors.WithStack(errors.Newf("Failed to parse master endpoint '%s': %s", ep, err)) return errors.WithStack(errors.Newf("Failed to parse master endpoint '%s': %s", ep, err))
} else {
if u.Scheme != "http" && u.Scheme != "https" {
return errors.WithStack(errors.Newf("Invalid scheme '%s' in master endpoint '%s'", u.Scheme, ep))
}
if u.Host == "" {
return errors.WithStack(errors.Newf("Missing host in master endpoint '%s'", ep))
}
} }
} }
for _, name := range s.AccessPackageSecretNames { for _, name := range s.AccessPackageSecretNames {

34
pkg/apis/deployment/v1/sync_spec_test.go
View file

@ -102,3 +102,37 @@ func TestSyncSpecResetImmutableFields(t *testing.T) {
assert.Equal(t, test.Expected, test.Target) assert.Equal(t, test.Expected, test.Target)
} }
} }
func TestSyncSpecMasterEndpointValidate(t *testing.T) {
auth := SyncAuthenticationSpec{
JWTSecretName: util.NewType[string]("foo"),
ClientCASecretName: util.NewType[string]("foo-client"),
}
tls := TLSSpec{
CASecretName: util.NewType[string]("None"),
}
t.Run("Valid MasterEndpoint", func(t *testing.T) {
err := SyncSpec{
Authentication: auth,
TLS: tls,
ExternalAccess: SyncExternalAccessSpec{
MasterEndpoint: []string{"https://arangodb.xyz:8629"},
},
Enabled: util.NewType[bool](true),
}.Validate(DeploymentModeCluster)
assert.Nil(t, err)
})
t.Run("Invalid MasterEndpoint without protocol", func(t *testing.T) {
err := SyncSpec{
Authentication: auth,
TLS: tls,
ExternalAccess: SyncExternalAccessSpec{
MasterEndpoint: []string{"example.com:8629"},
},
Enabled: util.NewType[bool](true),
}.Validate(DeploymentModeCluster)
assert.Error(t, err)
assert.Equal(t, "Invalid scheme 'example.com' in master endpoint 'example.com:8629'", err.Error())
})
}