consul/connect/proxy/proxy_test.go

package proxy

import (
	"context"
	"net"
	"testing"

	"github.com/hashicorp/consul/testrpc"

	"github.com/hashicorp/consul/agent"
	agConnect "github.com/hashicorp/consul/agent/connect"
	"github.com/hashicorp/consul/api"
	"github.com/hashicorp/consul/connect"
	"github.com/hashicorp/consul/sdk/freeport"
	"github.com/hashicorp/consul/sdk/testutil"
	"github.com/hashicorp/consul/sdk/testutil/retry"
	"github.com/stretchr/testify/require"
)

func TestProxy_public(t *testing.T) {
	t.Parallel()

	require := require.New(t)

	ports := freeport.MustTake(1)
	defer freeport.Return(ports)

	a := agent.NewTestAgent(t, "")
	defer a.Shutdown()
	testrpc.WaitForTestAgent(t, a.RPC, "dc1")
	client := a.Client()

	// Register the service so we can get a leaf cert
	_, err := client.Catalog().Register(&api.CatalogRegistration{
		Datacenter: "dc1",
		Node:       "local",
		Address:    "127.0.0.1",
		Service: &api.AgentService{
			Service: "echo",
		},
	}, nil)
	require.NoError(err)

	// Start the backend service that is being proxied
	testApp := NewTestTCPServer(t)
	defer testApp.Close()

	// Start the proxy
	p, err := New(client, NewStaticConfigWatcher(&Config{
		ProxiedServiceName: "echo",
		PublicListener: PublicListenerConfig{
			BindAddress:         "127.0.0.1",
			BindPort:            ports[0],
			LocalServiceAddress: testApp.Addr().String(),
		},
	}), testutil.Logger(t))
	require.NoError(err)
	defer p.Close()
	go p.Serve()

	// Create a test connection to the proxy. We retry here a few times
	// since this is dependent on the agent actually starting up and setting
	// up the CA.
	var conn net.Conn
	svc, err := connect.NewService("echo", client)
	require.NoError(err)
	retry.Run(t, func(r *retry.R) {
		conn, err = svc.Dial(context.Background(), &connect.StaticResolver{
			Addr:    TestLocalAddr(ports[0]),
			CertURI: agConnect.TestSpiffeIDService(t, "echo"),
		})
		if err != nil {
			r.Fatalf("err: %s", err)
		}
	})

	// Connection works, test it is the right one
	TestEchoConn(t, conn, "")
}
connect/proxy: add a full proxy test, parallel 7 years ago			`package proxy`

			`import (`
			`"context"`
			`"net"`
			`"testing"`

Fixed unstable test TestProxy_public (#4587) 6 years ago			`"github.com/hashicorp/consul/testrpc"`

connect/proxy: add a full proxy test, parallel 7 years ago			`"github.com/hashicorp/consul/agent"`
			`agConnect "github.com/hashicorp/consul/agent/connect"`
			`"github.com/hashicorp/consul/api"`
			`"github.com/hashicorp/consul/connect"`
Move internal/ to sdk/ (#5568) * Move internal/ to sdk/ * Add a readme to the SDK folder 6 years ago			`"github.com/hashicorp/consul/sdk/freeport"`
Allow users to configure either unstructured or JSON logging (#7130) * hclog Allow users to choose between unstructured and JSON logging 5 years ago			`"github.com/hashicorp/consul/sdk/testutil"`
Move internal/ to sdk/ (#5568) * Move internal/ to sdk/ * Add a readme to the SDK folder 6 years ago			`"github.com/hashicorp/consul/sdk/testutil/retry"`
connect/proxy: add a full proxy test, parallel 7 years ago			`"github.com/stretchr/testify/require"`
			`)`

			`func TestProxy_public(t *testing.T) {`
			`t.Parallel()`

			`require := require.New(t)`
sdk: add freelist tracking and ephemeral port range skipping to freeport This should cut down on test flakiness. Problems handled: - If you had enough parallel test cases running, the former circular approach to handling the port block could hand out the same port to multiple cases before they each had a chance to bind them, leading to one of the two tests to fail. - The freeport library would allocate out of the ephemeral port range. This has been corrected for Linux (which should cover CI). - The library now waits until a formerly-in-use port is verified to be free before putting it back into circulation. 5 years ago
			`ports := freeport.MustTake(1)`
			`defer freeport.Return(ports)`
connect/proxy: add a full proxy test, parallel 7 years ago
Remove name from NewTestAgent Using: git grep -l 'NewTestAgent(t, t.Name(),' \| \ xargs sed -i -e 's/NewTestAgent(t, t.Name(),/NewTestAgent(t,/g' 5 years ago			`a := agent.NewTestAgent(t, "")`
connect/proxy: add a full proxy test, parallel 7 years ago			`defer a.Shutdown()`
Fixed flaky tests (#4626) 6 years ago			`testrpc.WaitForTestAgent(t, a.RPC, "dc1")`
connect/proxy: add a full proxy test, parallel 7 years ago			`client := a.Client()`

			`// Register the service so we can get a leaf cert`
			`_, err := client.Catalog().Register(&api.CatalogRegistration{`
			`Datacenter: "dc1",`
			`Node: "local",`
			`Address: "127.0.0.1",`
			`Service: &api.AgentService{`
			`Service: "echo",`
			`},`
			`}, nil)`
			`require.NoError(err)`

			`// Start the backend service that is being proxied`
			`testApp := NewTestTCPServer(t)`
			`defer testApp.Close()`

			`// Start the proxy`
			`p, err := New(client, NewStaticConfigWatcher(&Config{`
			`ProxiedServiceName: "echo",`
			`PublicListener: PublicListenerConfig{`
			`BindAddress: "127.0.0.1",`
			`BindPort: ports[0],`
			`LocalServiceAddress: testApp.Addr().String(),`
			`},`
Allow users to configure either unstructured or JSON logging (#7130) * hclog Allow users to choose between unstructured and JSON logging 5 years ago			`}), testutil.Logger(t))`
connect/proxy: add a full proxy test, parallel 7 years ago			`require.NoError(err)`
			`defer p.Close()`
			`go p.Serve()`

			`// Create a test connection to the proxy. We retry here a few times`
			`// since this is dependent on the agent actually starting up and setting`
			`// up the CA.`
			`var conn net.Conn`
			`svc, err := connect.NewService("echo", client)`
			`require.NoError(err)`
			`retry.Run(t, func(r *retry.R) {`
			`conn, err = svc.Dial(context.Background(), &connect.StaticResolver{`
			`Addr: TestLocalAddr(ports[0]),`
			`CertURI: agConnect.TestSpiffeIDService(t, "echo"),`
			`})`
			`if err != nil {`
			`r.Fatalf("err: %s", err)`
			`}`
			`})`

			`// Connection works, test it is the right one`
			`TestEchoConn(t, conn, "")`
			`}`