Skip to content

Commit

Permalink
add gcpAuthzExtension CRD
Browse files Browse the repository at this point in the history
  • Loading branch information
@Lessyless
Lessyless committed Oct 21, 2024
1 parent 1e93516 commit aa0b7bb
Show file tree
Hide file tree
Showing 12 changed files with 610 additions and 0 deletions.
11 changes: 11 additions & 0 deletions authz/authz-cr-validation/backend_ref_invalid_group.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
apiVersion: networking.gke.io/v1
kind: GCPAuthzExtension
metadata:
name: "test"
spec:
backendRef:
group: "fake-group"
kind: Service
name: test-service
port: 80
authority: hello.com
11 changes: 11 additions & 0 deletions authz/authz-cr-validation/backend_ref_invalid_kind.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
apiVersion: networking.gke.io/v1
kind: GCPAuthzExtension
metadata:
name: "test"
spec:
backendRef:
group: ""
kind: Gateway
name: test-service
port: 80
authority: hello.com
14 changes: 14 additions & 0 deletions authz/authz-cr-validation/invalid_metadata_key.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
apiVersion: networking.gke.io/v1
kind: GCPAuthzExtension
metadata:
name: "test"
spec:
backendRef:
group: ""
kind: Service
name: test-service
port: 80
authority: hello.com
timeout: 1s
metadata:
"???": "value"
14 changes: 14 additions & 0 deletions authz/authz-cr-validation/invalid_metadata_value.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
apiVersion: networking.gke.io/v1
kind: GCPAuthzExtension
metadata:
name: "test"
spec:
backendRef:
group: ""
kind: Service
name: test-service
port: 80
authority: hello.com
timeout: 1s
metadata:
"key": ""
11 changes: 11 additions & 0 deletions authz/authz-cr-validation/no_authority.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
apiVersion: networking.gke.io/v1
kind: GCPAuthzExtension
metadata:
name: "test"
spec:
backendRef:
group: ""
kind: Service
name: test-service
port: 80
timeout: 1s
11 changes: 11 additions & 0 deletions authz/authz-cr-validation/no_timeout.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
apiVersion: networking.gke.io/v1
kind: GCPAuthzExtension
metadata:
name: "test"
spec:
backendRef:
group: ""
kind: Service
name: test-service
port: 80
authority: hello.com
11 changes: 11 additions & 0 deletions authz/authz-cr-validation/run-test.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,3 +45,14 @@ check_cr_validation "./authz/authz-cr-validation/invalid_provider_deny.yaml" "tr
check_cr_validation "./authz/authz-cr-validation/invalid_provider_custom.yaml" "true"
check_cr_validation "./authz/authz-cr-validation/invalid_multiple_providers.yaml" "true"
check_cr_validation "./authz/authz-cr-validation/valid.yaml" "false"

check_cr_validation "./authz/authz-cr-validation/backend_ref_invalid_group.yaml" "true"
check_cr_validation "./authz/authz-cr-validation/backend_ref_invalid_kind.yaml" "true"
check_cr_validation "./authz/authz-cr-validation/invalid_metadata_key.yaml" "true"
check_cr_validation "./authz/authz-cr-validation/invalid_metadata_value.yaml" "true"
check_cr_validation "./authz/authz-cr-validation/no_authority.yaml" "true"
check_cr_validation "./authz/authz-cr-validation/no_timeout.yaml" "true"
check_cr_validation "./authz/authz-cr-validation/too_big_timeout.yaml" "true"
check_cr_validation "./authz/authz-cr-validation/too_small_timeout.yaml" "true"
check_cr_validation "./authz/authz-cr-validation/wrong_wire_format.yaml" "true"
check_cr_validation "./authz/authz-cr-validation/valid_extension.yaml" "false"
12 changes: 12 additions & 0 deletions authz/authz-cr-validation/too_big_timeout.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
apiVersion: networking.gke.io/v1
kind: GCPAuthzExtension
metadata:
name: "test"
spec:
backendRef:
group: ""
kind: Service
name: test-service
port: 80
authority: hello.com
timeout: 11s
12 changes: 12 additions & 0 deletions authz/authz-cr-validation/too_small_timeout.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
apiVersion: networking.gke.io/v1
kind: GCPAuthzExtension
metadata:
name: "test"
spec:
backendRef:
group: ""
kind: Service
name: test-service
port: 80
authority: hello.com
timeout: 1ms
18 changes: 18 additions & 0 deletions authz/authz-cr-validation/valid_extension.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
apiVersion: networking.gke.io/v1
kind: GCPAuthzExtension
metadata:
name: "test"
spec:
backendRef:
group: ""
kind: Service
name: test-service
port: 80
authority: hello.com
timeout: 1s
failOpen: true
metadata:
"key": "value"
forwardHeaders:
- hello.com
wireFormat: ExtProcGRPC
13 changes: 13 additions & 0 deletions authz/authz-cr-validation/wrong_wire_format.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
apiVersion: networking.gke.io/v1
kind: GCPAuthzExtension
metadata:
name: "test"
spec:
backendRef:
group: ""
kind: Service
name: test-service
port: 80
timeout: 1s
authority: hello.com
wireFormat: ExtProc
Loading

0 comments on commit aa0b7bb

Please sign in to comment.