consul/test/integration/connect/envoy
Michael Zalimeni d4761c0ccd
security: upgrade google.golang.org/protobuf to 1.33.0 (#20801)
Resolves CVE-2024-24786.
2024-03-06 23:04:42 +00:00
..
case-api-gateway-http-hostnames [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-api-gateway-http-simple [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-api-gateway-http-splitter-targets [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-api-gateway-http-tls-overlapping-hosts [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-api-gateway-tcp-conflicted [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-api-gateway-tcp-simple [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-api-gateway-tcp-tls-overlapping-hosts [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-badauthz [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-basic [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-centralconf [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-cfg-resolver-cluster-peering-failover [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-cfg-resolver-dc-failover-gateways-none [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-cfg-resolver-dc-failover-gateways-remote [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-cfg-resolver-defaultsubset [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-cfg-resolver-features [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-cfg-resolver-subset-onlypassing [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-cfg-resolver-subset-redirect [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-cfg-resolver-svc-failover [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-cfg-resolver-svc-redirect-http [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-cfg-resolver-svc-redirect-tcp [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-cfg-router-features Case sensitive route match (#19647) 2024-01-22 09:23:24 -06:00
case-cfg-splitter-cluster-peering [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-cfg-splitter-features [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-cfg-splitter-peering-ingress-gateways [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-consul-exec [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-cross-peer-control-plane-mgw [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-cross-peers [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-cross-peers-http [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-cross-peers-http-router [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-cross-peers-resolver-redirect-tcp [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-dogstatsd-udp [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-expose-checks [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-gateway-without-services [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-gateways-local [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-gateways-remote [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-grpc [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-http [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-http-badauthz [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-ingress-gateway-grpc [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-ingress-gateway-http [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-ingress-gateway-multiple-services [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-ingress-gateway-peering-failover [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-ingress-gateway-sds NET-6317 - update usage of deprecated fields: http2_protocol_options and access_log_path (#19940) 2023-12-14 13:08:53 -07:00
case-ingress-gateway-simple [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-ingress-gateway-tls [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-ingress-mesh-gateways-resolver [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-l7-intentions [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-lua [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-mesh-to-lambda [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-multidc-rsa-ca [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-prometheus [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-property-override [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-stats-proxy [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-statsd-udp [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-terminating-gateway-hostnames [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-terminating-gateway-simple [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-terminating-gateway-subsets [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-terminating-gateway-without-services [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-upstream-config [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-wanfed-gw [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-wasm [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
case-zipkin [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
consul-base-cfg [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
docs Envoy Integration Test Windows (#18007) 2023-07-21 20:26:00 +05:30
test-sds-server security: upgrade google.golang.org/protobuf to 1.33.0 (#20801) 2024-03-06 23:04:42 +00:00
.gitignore
Dockerfile-bats chore(test): Update bats version 2022-05-24 11:56:08 -04:00
Dockerfile-consul-envoy Run integration tests locally using amd64 (#14365) 2022-08-29 16:13:49 -07:00
Dockerfile-consul-envoy-windows Envoy Integration Test Windows (#18007) 2023-07-21 20:26:00 +05:30
Dockerfile-tcpdump Upgrade Alpine image to 3.17 (#16358) 2023-02-22 10:09:41 -06:00
Dockerfile-tcpdump-windows Envoy Integration Test Windows (#18007) 2023-07-21 20:26:00 +05:30
Dockerfile-test-sds-server-windows Envoy Integration Test Windows (#18007) 2023-07-21 20:26:00 +05:30
README.md update comments and docs about running envoy integration tests with the ENVOY_VERSION set. (#18614) 2023-08-30 17:31:40 +00:00
WINDOWS-TEST.md Envoy Integration Test Windows (#18007) 2023-07-21 20:26:00 +05:30
defaults.sh [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
docker-windows.md Envoy Integration Test Windows (#18007) 2023-07-21 20:26:00 +05:30
down.sh [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
helpers.bash [NET-5916] Fix locality-aware routing config and tests (CE) (#19483) 2023-11-02 14:05:06 -05:00
helpers.windows.bash [NET-5916] Fix locality-aware routing config and tests (CE) (#19483) 2023-11-02 14:05:06 -05:00
main_test.go fix formatting issue in envoy bootstrapping. (#20036) 2023-12-21 15:18:11 -07:00
run-tests.sh update comments and docs about running envoy integration tests with the ENVOY_VERSION set. (#18614) 2023-08-30 17:31:40 +00:00
run-tests.windows.sh Windows Integration Test Changes (#18758) 2023-09-13 15:40:08 +05:30
windows-troubleshooting.md Envoy Integration Test Windows (#18007) 2023-07-21 20:26:00 +05:30

README.md

Envoy Integration Tests

Overview

These tests validate that Consul is configuring Envoy correctly. They set up various scenarios using Docker containers and then run Bats (a Bash test framework) tests to validate the expected results.

Running Tests

To run the tests locally, cd into the root of the repo and run:

make test-envoy-integ

To run a specific test, run:

make test-envoy-integ GO_TEST_FLAGS="-run TestEnvoy/case-basic"

Where case-basic can be replaced by any directory name from this directory.

How Do These Tests Work

  1. The tests are all run through Go test via the main_test.go file. Each directory prefixed by case- is a subtest, for example, TestEnvoy/case-basic and TestEnvoy/case-wanfed-gw.
  2. The real framework for this test suite lives in run-tests.sh. Under the hood, main_test.go just runs run-tests.sh with various arguments.
  3. The tests use your local code by building a Docker image from your local directory just before executing. Note: this is implemented as the docker-envoy-integ Makefile target which is a prerequisite to the test-envoy-integ target, so if you are running the tests by invoking run-tests.sh or go test manually, be sure to rebuild the Docker image to ensure you are running your latest code.
  4. The tests run Docker containers connected by a shared Docker network. All tests have at least one Consul server running and then depending on the test case they will spin up additional services or gateways. Some tests run multiple Consul servers to test multi-DC setups. See the case-wanfed-gateway test for an example of this.
  5. At a high level, tests are set up by executing the setup.sh script in each directory. This script uses helper functions defined in helpers.bash. Once the test case is set up, the validations in verify.bats are run.
  6. If there exists a vars.sh file in the top-level of the case directory, the test runner will source it prior to invoking the run_tests, test_teardown and capture_logs phases of the test scenario.
  7. If there exists a capture.sh file in the top-level of the case directory, it will be executed after the test is done, but prior to the containers being removed. This is useful for capturing logs or Envoy snapshots for debugging test failures.
  8. Any files matching the *.hcl glob will be copied to the container $WORKDIR/$CLUSTER/consul directory prior to running the tests. This is useful for defining Consul configuration for each agent process to load on start up.
  9. In CI, the tests are executed against different Envoy versions and with both XDS_TARGET=client and XDS_TARGET=server. If set to client, a Consul server and client are run, and services are registered against the client. If set to server, only a Consul server is run, and services are registered against the server. By default, XDS_TARGET is set to server. See this comment for more information.

Investigating Test Failures

  • When tests fail in CI, logs and additional debugging data are available in the artifacts of the test run.
  • You can re-run the tests locally by running make test-envoy-integ GO_TEST_FLAGS="-run TestEnvoy/<case-directory>" where <case-directory> is replaced with the name of the directory, e.g. case-basic.
  • You can override the envoy version by specifying ENVOY_VERSION=<your envoy version> eg. ENVOY_VERSION=1.27.0 make test-envoy-integ.
  • Locally, all the logs of the failed test will be available in workdir in this directory.
  • You can run with DEBUG=1 to print out all the commands being run, e.g. DEBUG=1 make test-envoy-integ GO_TEST_FLAGS="-run TestEnvoy/case-basic".
  • If you want to prevent the Docker containers from being spun down after test failure, add a sleep 9999 to the verify.bats test case that's failing.

Creating a New Test

Below is a rough outline for creating a new test. For the example, assume our test case will be called my-feature.

  1. Create a new directory named case-my-feature
  2. If the test involves multiple datacenters/clusters, create a separate subdirectory for each cluster (eg. case-my-feature/{dc1,dc2})
  3. Add any necessary configuration to *.hcl files in the respective cluster subdirectory (or the test case directory when using a single cluster).
  4. Create a setup.sh file in the case directory
  5. Create a capture.sh file in the case directory
  6. Create a verify.bats file in the case directory
  7. Populate the setup.sh, capture.sh and verify.bats files with the appropriate code for running your test, validating its state and capturing any logs or snapshots.