From 7127d1109be8614881db8b04dd0bf14ea21912f6 Mon Sep 17 00:00:00 2001 From: jnavea Date: Wed, 24 Apr 2024 13:14:30 +0200 Subject: [PATCH 1/3] Add description parameter to ApisixConsumer --- docs/en/latest/concepts/apisix_consumer.md | 1 + .../latest/references/apisix_consumer_v2.md | 1 + pkg/kube/apisix/apis/config/v2/types.go | 2 ++ .../apisix/translation/apisix_consumer.go | 6 ++++++ .../translation/apisix_consumer_test.go | 11 ++++++++++ samples/deploy/crd/v1/ApisixConsumer.yaml | 2 ++ test/e2e/scaffold/consumer.go | 20 +++++++++++-------- test/e2e/suite-annotations/authorization.go | 8 ++++---- .../suite-ingress-features/ingress-class.go | 10 ++++++++++ .../suite-ingress-features/resourcesync.go | 5 +++-- .../suite-ingress-features/status.go | 2 +- .../suite-plugins-authentication/basic.go | 4 ++-- .../suite-plugins-authentication/hmac.go | 6 ++++++ .../suite-plugins-authentication/jwt.go | 6 ++++++ .../suite-plugins-authentication/key.go | 8 ++++++-- .../suite-plugins-authentication/ldap.go | 6 ++++++ .../suite-plugins-authentication/wolfrbac.go | 6 ++++++ .../consumer-restriction.go | 8 ++++---- 18 files changed, 89 insertions(+), 23 deletions(-) diff --git a/docs/en/latest/concepts/apisix_consumer.md b/docs/en/latest/concepts/apisix_consumer.md index 15e4d95f6d..319acc0382 100644 --- a/docs/en/latest/concepts/apisix_consumer.md +++ b/docs/en/latest/concepts/apisix_consumer.md @@ -44,6 +44,7 @@ kind: ApisixConsumer metadata: name: jack spec: + description: "Jack consumer" authParameter: keyAuth: value: diff --git a/docs/en/latest/references/apisix_consumer_v2.md b/docs/en/latest/references/apisix_consumer_v2.md index 35e8bba2c8..4ffb2895a1 100644 --- a/docs/en/latest/references/apisix_consumer_v2.md +++ b/docs/en/latest/references/apisix_consumer_v2.md @@ -31,6 +31,7 @@ See the [definition](../../../../samples/deploy/crd/v1/ApisixConsumer.yaml) on G | Field | Type | Description | |------------------|---------|------------------------------------------------------------------------------------------------------------------------------------------------| +| description | string | Description of the consumer | authParameter | object | Configuration of one of the available authentication plugins. | | authParameter.basicAuth.value | object | Plugin configuration for [`basic-auth` plugin](https://apisix.apache.org/docs/apisix/plugins/basic-auth/) | | authParameter.basicAuth.secretRef.name | string | You can store plugin configuration in Kubernetes secret and reference here with the secret name | diff --git a/pkg/kube/apisix/apis/config/v2/types.go b/pkg/kube/apisix/apis/config/v2/types.go index dfec5928d7..5d31742b83 100644 --- a/pkg/kube/apisix/apis/config/v2/types.go +++ b/pkg/kube/apisix/apis/config/v2/types.go @@ -375,6 +375,8 @@ type ApisixConsumerSpec struct { // +optional IngressClassName string `json:"ingressClassName,omitempty" yaml:"ingressClassName,omitempty"` + Description string `json:"description,omitempty" yaml:"description,omitempty"` + AuthParameter ApisixConsumerAuthParameter `json:"authParameter" yaml:"authParameter"` } diff --git a/pkg/providers/apisix/translation/apisix_consumer.go b/pkg/providers/apisix/translation/apisix_consumer.go index 6559c2166d..ed62cbff4c 100644 --- a/pkg/providers/apisix/translation/apisix_consumer.go +++ b/pkg/providers/apisix/translation/apisix_consumer.go @@ -70,5 +70,11 @@ func (t *translator) TranslateApisixConsumerV2(ac *configv2.ApisixConsumer) (*ap } consumer.Username = apisixv1.ComposeConsumerName(ac.Namespace, ac.Name) consumer.Plugins = plugins + if len(ac.Spec.Description) != 0 { + consumer.Desc = ac.Spec.Description + } else { + consumer.Desc = "" + } + return consumer, nil } diff --git a/pkg/providers/apisix/translation/apisix_consumer_test.go b/pkg/providers/apisix/translation/apisix_consumer_test.go index c78c1a8835..a7ce56f24a 100644 --- a/pkg/providers/apisix/translation/apisix_consumer_test.go +++ b/pkg/providers/apisix/translation/apisix_consumer_test.go @@ -31,6 +31,7 @@ func TestTranslateApisixConsumerV2(t *testing.T) { Namespace: "qa", }, Spec: configv2.ApisixConsumerSpec{ + Description: "Jack Consumer", AuthParameter: configv2.ApisixConsumerAuthParameter{ BasicAuth: &configv2.ApisixConsumerBasicAuth{ Value: &configv2.ApisixConsumerBasicAuthValue{ @@ -43,6 +44,7 @@ func TestTranslateApisixConsumerV2(t *testing.T) { } consumer, err := (&translator{}).TranslateApisixConsumerV2(ac) assert.Nil(t, err) + assert.Equal(t, "Jack Consumer", consumer.Desc) assert.Len(t, consumer.Plugins, 1) cfg := consumer.Plugins["basic-auth"].(*apisixv1.BasicAuthConsumerConfig) assert.Equal(t, "jack", cfg.Username) @@ -54,6 +56,7 @@ func TestTranslateApisixConsumerV2(t *testing.T) { Namespace: "qa", }, Spec: configv2.ApisixConsumerSpec{ + Description: "Jack Consumer", AuthParameter: configv2.ApisixConsumerAuthParameter{ KeyAuth: &configv2.ApisixConsumerKeyAuth{ Value: &configv2.ApisixConsumerKeyAuthValue{ @@ -65,6 +68,7 @@ func TestTranslateApisixConsumerV2(t *testing.T) { } consumer, err = (&translator{}).TranslateApisixConsumerV2(ac) assert.Nil(t, err) + assert.Equal(t, "Jack Consumer", consumer.Desc) assert.Len(t, consumer.Plugins, 1) cfg2 := consumer.Plugins["key-auth"].(*apisixv1.KeyAuthConsumerConfig) assert.Equal(t, "qwerty", cfg2.Key) @@ -75,6 +79,7 @@ func TestTranslateApisixConsumerV2(t *testing.T) { Namespace: "qa", }, Spec: configv2.ApisixConsumerSpec{ + Description: "Jack Consumer", AuthParameter: configv2.ApisixConsumerAuthParameter{ JwtAuth: &configv2.ApisixConsumerJwtAuth{ Value: &configv2.ApisixConsumerJwtAuthValue{ @@ -92,6 +97,7 @@ func TestTranslateApisixConsumerV2(t *testing.T) { } consumer, err = (&translator{}).TranslateApisixConsumerV2(ac) assert.Nil(t, err) + assert.Equal(t, "Jack Consumer", consumer.Desc) assert.Len(t, consumer.Plugins, 1) cfg3 := consumer.Plugins["jwt-auth"].(*apisixv1.JwtAuthConsumerConfig) assert.Equal(t, "foo", cfg3.Key) @@ -108,6 +114,7 @@ func TestTranslateApisixConsumerV2(t *testing.T) { Namespace: "qa", }, Spec: configv2.ApisixConsumerSpec{ + Description: "Jack Consumer", AuthParameter: configv2.ApisixConsumerAuthParameter{ WolfRBAC: &configv2.ApisixConsumerWolfRBAC{ Value: &configv2.ApisixConsumerWolfRBACValue{ @@ -120,6 +127,7 @@ func TestTranslateApisixConsumerV2(t *testing.T) { } consumer, err = (&translator{}).TranslateApisixConsumerV2(ac) assert.Nil(t, err) + assert.Equal(t, "Jack Consumer", consumer.Desc) assert.Len(t, consumer.Plugins, 1) cfg4 := consumer.Plugins["wolf-rbac"].(*apisixv1.WolfRBACConsumerConfig) assert.Equal(t, "https://httpbin.org", cfg4.Server) @@ -131,6 +139,7 @@ func TestTranslateApisixConsumerV2(t *testing.T) { Namespace: "qa", }, Spec: configv2.ApisixConsumerSpec{ + Description: "Jack Consumer", AuthParameter: configv2.ApisixConsumerAuthParameter{ HMACAuth: &configv2.ApisixConsumerHMACAuth{ Value: &configv2.ApisixConsumerHMACAuthValue{ @@ -143,6 +152,7 @@ func TestTranslateApisixConsumerV2(t *testing.T) { } consumer, err = (&translator{}).TranslateApisixConsumerV2(ac) assert.Nil(t, err) + assert.Equal(t, "Jack Consumer", consumer.Desc) assert.Len(t, consumer.Plugins, 1) cfg5 := consumer.Plugins["hmac-auth"].(*apisixv1.HMACAuthConsumerConfig) assert.Equal(t, "foo", cfg5.AccessKey) @@ -165,6 +175,7 @@ func TestTranslateApisixConsumerV2(t *testing.T) { } consumer, err = (&translator{}).TranslateApisixConsumerV2(ac) assert.Nil(t, err) + assert.Equal(t, "", consumer.Desc) assert.Len(t, consumer.Plugins, 1) cfg6 := consumer.Plugins["ldap-auth"].(*apisixv1.LDAPAuthConsumerConfig) assert.Equal(t, "cn=user01,ou=users,dc=example,dc=org", cfg6.UserDN) diff --git a/samples/deploy/crd/v1/ApisixConsumer.yaml b/samples/deploy/crd/v1/ApisixConsumer.yaml index 6ccc5897a9..96e778312a 100644 --- a/samples/deploy/crd/v1/ApisixConsumer.yaml +++ b/samples/deploy/crd/v1/ApisixConsumer.yaml @@ -46,6 +46,8 @@ spec: properties: ingressClassName: type: string + description: + type: string authParameter: type: object oneOf: diff --git a/test/e2e/scaffold/consumer.go b/test/e2e/scaffold/consumer.go index 6e47b93c59..71bacf6594 100644 --- a/test/e2e/scaffold/consumer.go +++ b/test/e2e/scaffold/consumer.go @@ -25,6 +25,7 @@ kind: ApisixConsumer metadata: name: %s spec: + description: %s authParameter: basicAuth: value: @@ -37,6 +38,7 @@ kind: ApisixConsumer metadata: name: %s spec: + description: %s authParameter: basicAuth: secretRef: @@ -48,6 +50,7 @@ spec: metadata: name: %s spec: + description: %s authParameter: keyAuth: value: @@ -59,6 +62,7 @@ spec: metadata: name: %s spec: + description: %s authParameter: keyAuth: secretRef: @@ -66,22 +70,22 @@ spec: ` ) -func (s *Scaffold) ApisixConsumerBasicAuthCreated(name, username, password string) error { - ac := fmt.Sprintf(_apisixConsumerBasicAuth, s.opts.ApisixResourceVersion, name, username, password) +func (s *Scaffold) ApisixConsumerBasicAuthCreated(name, desc, username, password string) error { + ac := fmt.Sprintf(_apisixConsumerBasicAuth, s.opts.ApisixResourceVersion, name, desc, username, password) return s.CreateVersionedApisixResource(ac) } -func (s *Scaffold) ApisixConsumerBasicAuthSecretCreated(name, secret string) error { - ac := fmt.Sprintf(_apisixConsumerBasicAuthSecret, s.opts.ApisixResourceVersion, name, secret) +func (s *Scaffold) ApisixConsumerBasicAuthSecretCreated(name, desc, secret string) error { + ac := fmt.Sprintf(_apisixConsumerBasicAuthSecret, s.opts.ApisixResourceVersion, name, desc, secret) return s.CreateVersionedApisixResource(ac) } -func (s *Scaffold) ApisixConsumerKeyAuthCreated(name, key string) error { - ac := fmt.Sprintf(_apisixConsumerKeyAuth, s.opts.ApisixResourceVersion, name, key) +func (s *Scaffold) ApisixConsumerKeyAuthCreated(name, desc, key string) error { + ac := fmt.Sprintf(_apisixConsumerKeyAuth, s.opts.ApisixResourceVersion, name, desc, key) return s.CreateVersionedApisixResource(ac) } -func (s *Scaffold) ApisixConsumerKeyAuthSecretCreated(name, secret string) error { - ac := fmt.Sprintf(_apisixConsumerKeyAuthSecret, s.opts.ApisixResourceVersion, name, secret) +func (s *Scaffold) ApisixConsumerKeyAuthSecretCreated(name, desc, secret string) error { + ac := fmt.Sprintf(_apisixConsumerKeyAuthSecret, s.opts.ApisixResourceVersion, name, desc, secret) return s.CreateVersionedApisixResource(ac) } diff --git a/test/e2e/suite-annotations/authorization.go b/test/e2e/suite-annotations/authorization.go index f946c245e5..2ec27ab5eb 100644 --- a/test/e2e/suite-annotations/authorization.go +++ b/test/e2e/suite-annotations/authorization.go @@ -30,7 +30,7 @@ var _ = ginkgo.Describe("suite-annotations: authorization annotations", func() { s := scaffoldFunc() ginkgo.It("enable keyAuth in ingress networking/v1", func() { - err := s.ApisixConsumerKeyAuthCreated("foo", "bar") + err := s.ApisixConsumerKeyAuthCreated("foo", "foo consumer", "bar") assert.Nil(ginkgo.GinkgoT(), err, "creating keyAuth ApisixConsumer") // Wait until the ApisixConsumer create event was delivered. @@ -78,7 +78,7 @@ spec: }) ginkgo.It("enable keyAuth in ingress networking/v1beta1", func() { - err := s.ApisixConsumerKeyAuthCreated("foo", "bar") + err := s.ApisixConsumerKeyAuthCreated("foo", "foo consumer", "bar") assert.Nil(ginkgo.GinkgoT(), err, "creating keyAuth ApisixConsumer") // Wait until the ApisixConsumer create event was delivered. @@ -124,7 +124,7 @@ spec: }) ginkgo.It("enable basicAuth in ingress networking/v1", func() { - err := s.ApisixConsumerBasicAuthCreated("jack1", "jack1-username", "jack1-password") + err := s.ApisixConsumerBasicAuthCreated("jack1", "jack1 consumer", "jack1-username", "jack1-password") assert.Nil(ginkgo.GinkgoT(), err, "creating keyAuth ApisixConsumer") // Wait until the ApisixConsumer create event was delivered. @@ -172,7 +172,7 @@ spec: }) ginkgo.It("enable basicAuth in ingress networking/v1beta1", func() { - err := s.ApisixConsumerBasicAuthCreated("jack1", "jack1-username", "jack1-password") + err := s.ApisixConsumerBasicAuthCreated("jack1", "jack1 consumer", "jack1-username", "jack1-password") assert.Nil(ginkgo.GinkgoT(), err, "creating keyAuth ApisixConsumer") // Wait until the ApisixConsumer create event was delivered. diff --git a/test/e2e/suite-ingress/suite-ingress-features/ingress-class.go b/test/e2e/suite-ingress/suite-ingress-features/ingress-class.go index 6fe07c4786..eedf2e9892 100644 --- a/test/e2e/suite-ingress/suite-ingress-features/ingress-class.go +++ b/test/e2e/suite-ingress/suite-ingress-features/ingress-class.go @@ -432,6 +432,7 @@ kind: ApisixConsumer metadata: name: jack spec: + description: jack consumer authParameter: keyAuth: value: @@ -444,6 +445,7 @@ spec: assert.Nil(ginkgo.GinkgoT(), err) assert.Len(ginkgo.GinkgoT(), acs, 1) assert.Contains(ginkgo.GinkgoT(), acs[0].Username, "jack") + assert.Contains(ginkgo.GinkgoT(), acs[0].Desc, "jack consumer") assert.Equal(ginkgo.GinkgoT(), map[string]interface{}{"key": "jack-key"}, acs[0].Plugins["key-auth"]) // delete ApisixConsumer @@ -461,6 +463,7 @@ metadata: name: james spec: ingressClassName: apisix + description: james consumer authParameter: keyAuth: value: @@ -473,6 +476,7 @@ spec: assert.Nil(ginkgo.GinkgoT(), err) assert.Len(ginkgo.GinkgoT(), acs, 1) assert.Contains(ginkgo.GinkgoT(), acs[0].Username, "james") + assert.Contains(ginkgo.GinkgoT(), acs[0].Desc, "james consumer") assert.Equal(ginkgo.GinkgoT(), map[string]interface{}{"key": "james-key"}, acs[0].Plugins["key-auth"]) }) @@ -884,6 +888,7 @@ kind: ApisixConsumer metadata: name: jack spec: + description: jack consumer authParameter: keyAuth: value: @@ -896,6 +901,7 @@ spec: assert.Nil(ginkgo.GinkgoT(), err) assert.Len(ginkgo.GinkgoT(), acs, 1) assert.Contains(ginkgo.GinkgoT(), acs[0].Username, "jack") + assert.Contains(ginkgo.GinkgoT(), acs[0].Desc, "jack consumer") assert.Equal(ginkgo.GinkgoT(), map[string]interface{}{"key": "jack-key"}, acs[0].Plugins["key-auth"]) // delete ApisixConsumer @@ -913,6 +919,7 @@ metadata: name: james spec: ingressClassName: apisix + description: james consumer authParameter: keyAuth: value: @@ -925,6 +932,7 @@ spec: assert.Nil(ginkgo.GinkgoT(), err) assert.Len(ginkgo.GinkgoT(), acs, 1) assert.Contains(ginkgo.GinkgoT(), acs[0].Username, "james") + assert.Contains(ginkgo.GinkgoT(), acs[0].Desc, "james consumer") assert.Equal(ginkgo.GinkgoT(), map[string]interface{}{"key": "james-key"}, acs[0].Plugins["key-auth"]) // update ApisixConsumer resource with ingressClassName: watch @@ -935,6 +943,7 @@ metadata: name: james spec: ingressClassName: watch + description: james consumer authParameter: keyAuth: value: @@ -947,6 +956,7 @@ spec: assert.Nil(ginkgo.GinkgoT(), err) assert.Len(ginkgo.GinkgoT(), acs, 1) assert.Contains(ginkgo.GinkgoT(), acs[0].Username, "james") + assert.Contains(ginkgo.GinkgoT(), acs[0].Desc, "james consumer") assert.Equal(ginkgo.GinkgoT(), map[string]interface{}{"key": "james-password"}, acs[0].Plugins["key-auth"]) }) diff --git a/test/e2e/suite-ingress/suite-ingress-features/resourcesync.go b/test/e2e/suite-ingress/suite-ingress-features/resourcesync.go index 34041459bd..2cf133814f 100644 --- a/test/e2e/suite-ingress/suite-ingress-features/resourcesync.go +++ b/test/e2e/suite-ingress/suite-ingress-features/resourcesync.go @@ -132,7 +132,7 @@ spec: assert.Nil(ginkgo.GinkgoT(), s.EnsureNumApisixRoutesCreated(3), "Checking number of routes") // Create ApisixConsumer resource - err := s.ApisixConsumerKeyAuthCreated("foo", "foo-key") + err := s.ApisixConsumerKeyAuthCreated("foo", "foo consumer", "foo-key") assert.Nil(ginkgo.GinkgoT(), err) }) @@ -171,12 +171,13 @@ spec: _ = s.CreateApisixConsumerByApisixAdmin([]byte(fmt.Sprintf(` { "username": "%s", + "desc", "%s", "plugins": { "key-auth": { "key": "auth-one" } } -}`, consumer.Username))) +}`, consumer.Username, consumer.Desc))) } routes, _ = s.ListApisixRoutes() diff --git a/test/e2e/suite-ingress/suite-ingress-features/status.go b/test/e2e/suite-ingress/suite-ingress-features/status.go index a51fa5abd9..1876187367 100644 --- a/test/e2e/suite-ingress/suite-ingress-features/status.go +++ b/test/e2e/suite-ingress/suite-ingress-features/status.go @@ -235,7 +235,7 @@ wrw7im4TNSAdwVX4Y1F4svJ2as5SJn5QYGAzXDixNuwzXYrpP9rzA2s= //TODO: ApisixGlobal ginkgo.It("check ApisixConsumer status is recorded", func() { // create ApisixConsumer resource - assert.Nil(ginkgo.GinkgoT(), s.ApisixConsumerBasicAuthCreated("test-apisix-consumer", "foo", "bar"), "create consumer error") + assert.Nil(ginkgo.GinkgoT(), s.ApisixConsumerBasicAuthCreated("test-apisix-consumer", "test-apisix-consumer consumer", "foo", "bar"), "create consumer error") time.Sleep(6 * time.Second) // status should be recorded as successful diff --git a/test/e2e/suite-plugins/suite-plugins-authentication/basic.go b/test/e2e/suite-plugins/suite-plugins-authentication/basic.go index eb399cc101..f132bfc915 100644 --- a/test/e2e/suite-plugins/suite-plugins-authentication/basic.go +++ b/test/e2e/suite-plugins/suite-plugins-authentication/basic.go @@ -30,7 +30,7 @@ var _ = ginkgo.Describe("suite-plugins-authentication: ApisixConsumer with basic s := scaffoldFunc() ginkgo.It("ApisixRoute with basicAuth consumer", func() { - assert.Nil(ginkgo.GinkgoT(), s.ApisixConsumerBasicAuthCreated("basicvalue", "foo", "bar"), "creating basicAuth ApisixConsumer") + assert.Nil(ginkgo.GinkgoT(), s.ApisixConsumerBasicAuthCreated("basicvalue", "basicvalue consumer", "foo", "bar"), "creating basicAuth ApisixConsumer") // Wait until the ApisixConsumer create event was delivered. time.Sleep(6 * time.Second) @@ -114,7 +114,7 @@ data: username: Zm9v ` assert.Nil(ginkgo.GinkgoT(), s.CreateResourceFromString(secret), "creating basic secret for ApisixConsumer") - assert.Nil(ginkgo.GinkgoT(), s.ApisixConsumerBasicAuthSecretCreated("basicvalue", "basic"), "creating basicAuth ApisixConsumer") + assert.Nil(ginkgo.GinkgoT(), s.ApisixConsumerBasicAuthSecretCreated("basicvalue", "basicvalue consumer", "basic"), "creating basicAuth ApisixConsumer") // Wait until the ApisixConsumer create event was delivered. time.Sleep(6 * time.Second) diff --git a/test/e2e/suite-plugins/suite-plugins-authentication/hmac.go b/test/e2e/suite-plugins/suite-plugins-authentication/hmac.go index 4a8d951185..1fe3bae902 100644 --- a/test/e2e/suite-plugins/suite-plugins-authentication/hmac.go +++ b/test/e2e/suite-plugins/suite-plugins-authentication/hmac.go @@ -36,6 +36,7 @@ kind: ApisixConsumer metadata: name: hmacvalue spec: + description: hmacvalue consumer authParameter: hmacAuth: value: @@ -51,6 +52,8 @@ spec: grs, err := s.ListApisixConsumers() assert.Nil(ginkgo.GinkgoT(), err, "listing consumer") assert.Len(ginkgo.GinkgoT(), grs, 1) + assert.Contains(ginkgo.GinkgoT(), grs[0].Username, "hmacvalue") + assert.Contains(ginkgo.GinkgoT(), grs[0].Desc, "hmacvalue consumer") assert.Len(ginkgo.GinkgoT(), grs[0].Plugins, 1) hmacAuth, _ := grs[0].Plugins["hmac-auth"].(map[string]interface{}) assert.Equal(ginkgo.GinkgoT(), "papa", hmacAuth["access_key"]) @@ -142,6 +145,7 @@ kind: ApisixConsumer metadata: name: hmacvalue spec: + description: hmacvalue consumer authParameter: hmacAuth: secretRef: @@ -155,6 +159,8 @@ spec: grs, err := s.ListApisixConsumers() assert.Nil(ginkgo.GinkgoT(), err, "listing consumer") assert.Len(ginkgo.GinkgoT(), grs, 1) + assert.Contains(ginkgo.GinkgoT(), grs[0].Username, "hmacvalue") + assert.Contains(ginkgo.GinkgoT(), grs[0].Desc, "hmacvalue consumer") assert.Len(ginkgo.GinkgoT(), grs[0].Plugins, 1) hmacAuth, _ := grs[0].Plugins["hmac-auth"].(map[string]interface{}) assert.Equal(ginkgo.GinkgoT(), "papa", hmacAuth["access_key"]) diff --git a/test/e2e/suite-plugins/suite-plugins-authentication/jwt.go b/test/e2e/suite-plugins/suite-plugins-authentication/jwt.go index f6eee819f5..f7b11c2838 100644 --- a/test/e2e/suite-plugins/suite-plugins-authentication/jwt.go +++ b/test/e2e/suite-plugins/suite-plugins-authentication/jwt.go @@ -36,6 +36,7 @@ kind: ApisixConsumer metadata: name: foo spec: + description: foo consumer authParameter: jwtAuth: value: @@ -49,6 +50,8 @@ spec: grs, err := s.ListApisixConsumers() assert.Nil(ginkgo.GinkgoT(), err, "listing consumer") assert.Len(ginkgo.GinkgoT(), grs, 1) + assert.Contains(ginkgo.GinkgoT(), grs[0].Username, "foo") + assert.Contains(ginkgo.GinkgoT(), grs[0].Desc, "foo consumer") assert.Len(ginkgo.GinkgoT(), grs[0].Plugins, 1) jwtAuth, _ := grs[0].Plugins["jwt-auth"].(map[string]interface{}) assert.Equal(ginkgo.GinkgoT(), jwtAuth["key"], "foo-key") @@ -141,6 +144,7 @@ kind: ApisixConsumer metadata: name: foo spec: + description: foo consumer authParameter: jwtAuth: secretRef: @@ -154,6 +158,8 @@ spec: grs, err := s.ListApisixConsumers() assert.Nil(ginkgo.GinkgoT(), err, "listing consumer") assert.Len(ginkgo.GinkgoT(), grs, 1) + assert.Contains(ginkgo.GinkgoT(), grs[0].Username, "foo") + assert.Contains(ginkgo.GinkgoT(), grs[0].Desc, "foo consumer") assert.Len(ginkgo.GinkgoT(), grs[0].Plugins, 1) jwtAuth, _ := grs[0].Plugins["jwt-auth"].(map[string]interface{}) assert.Equal(ginkgo.GinkgoT(), jwtAuth["key"], "foo-key") diff --git a/test/e2e/suite-plugins/suite-plugins-authentication/key.go b/test/e2e/suite-plugins/suite-plugins-authentication/key.go index 73a393e90c..b872872d2f 100644 --- a/test/e2e/suite-plugins/suite-plugins-authentication/key.go +++ b/test/e2e/suite-plugins/suite-plugins-authentication/key.go @@ -30,7 +30,7 @@ var _ = ginkgo.Describe("suite-plugins-authentication: ApisixConsumer with keyAu s := scaffoldFunc() ginkgo.It("ApisixRoute with keyAuth consumer", func() { - assert.Nil(ginkgo.GinkgoT(), s.ApisixConsumerKeyAuthCreated("keyvalue", "foo"), "creating keyAuth ApisixConsumer") + assert.Nil(ginkgo.GinkgoT(), s.ApisixConsumerKeyAuthCreated("keyvalue", "keyvalue consumer", "foo"), "creating keyAuth ApisixConsumer") // Wait until the ApisixConsumer create event was delivered. time.Sleep(6 * time.Second) @@ -38,6 +38,8 @@ var _ = ginkgo.Describe("suite-plugins-authentication: ApisixConsumer with keyAu grs, err := s.ListApisixConsumers() assert.Nil(ginkgo.GinkgoT(), err, "listing consumer") assert.Len(ginkgo.GinkgoT(), grs, 1) + assert.Contains(ginkgo.GinkgoT(), grs[0].Username, "keyvalue") + assert.Contains(ginkgo.GinkgoT(), grs[0].Desc, "keyvalue consumer") assert.Len(ginkgo.GinkgoT(), grs[0].Plugins, 1) basicAuth, _ := grs[0].Plugins["key-auth"] assert.Equal(ginkgo.GinkgoT(), basicAuth, map[string]interface{}{ @@ -112,7 +114,7 @@ data: key: Zm9v ` assert.Nil(ginkgo.GinkgoT(), s.CreateResourceFromString(secret), "creating keyauth secret for ApisixConsumer") - assert.Nil(ginkgo.GinkgoT(), s.ApisixConsumerKeyAuthSecretCreated("keyvalue", "keyauth"), "creating keyAuth ApisixConsumer") + assert.Nil(ginkgo.GinkgoT(), s.ApisixConsumerKeyAuthSecretCreated("keyvalue", "keyvalue consumer", "keyauth"), "creating keyAuth ApisixConsumer") // Wait until the ApisixConsumer create event was delivered. time.Sleep(6 * time.Second) @@ -120,6 +122,8 @@ data: grs, err := s.ListApisixConsumers() assert.Nil(ginkgo.GinkgoT(), err, "listing consumer") assert.Len(ginkgo.GinkgoT(), grs, 1) + assert.Contains(ginkgo.GinkgoT(), grs[0].Username, "keyvalue") + assert.Contains(ginkgo.GinkgoT(), grs[0].Desc, "keyvalue consumer") assert.Len(ginkgo.GinkgoT(), grs[0].Plugins, 1) basicAuth, _ := grs[0].Plugins["key-auth"] assert.Equal(ginkgo.GinkgoT(), basicAuth, map[string]interface{}{ diff --git a/test/e2e/suite-plugins/suite-plugins-authentication/ldap.go b/test/e2e/suite-plugins/suite-plugins-authentication/ldap.go index 107e42e9e9..4cc57a1e1c 100644 --- a/test/e2e/suite-plugins/suite-plugins-authentication/ldap.go +++ b/test/e2e/suite-plugins/suite-plugins-authentication/ldap.go @@ -48,6 +48,7 @@ kind: ApisixConsumer metadata: name: jack spec: + description: jack consumer authParameter: ldapAuth: value: @@ -61,6 +62,8 @@ spec: grs, err := s.ListApisixConsumers() assert.Nil(ginkgo.GinkgoT(), err, "listing consumer") assert.Len(ginkgo.GinkgoT(), grs, 1) + assert.Contains(ginkgo.GinkgoT(), grs[0].Username, "jack") + assert.Contains(ginkgo.GinkgoT(), grs[0].Desc, "jack consumer") assert.Len(ginkgo.GinkgoT(), grs[0].Plugins, 1) ldapAuth, _ := grs[0].Plugins["ldap-auth"].(map[string]interface{}) assert.Equal(ginkgo.GinkgoT(), ldapAuth["user_dn"], "cn=jack,ou=users,dc=ldap,dc=example,dc=org") @@ -138,6 +141,7 @@ kind: ApisixConsumer metadata: name: jack spec: + description: jack consumer authParameter: ldapAuth: secretRef: @@ -151,6 +155,8 @@ spec: grs, err := s.ListApisixConsumers() assert.Nil(ginkgo.GinkgoT(), err, "listing consumer") assert.Len(ginkgo.GinkgoT(), grs, 1) + assert.Contains(ginkgo.GinkgoT(), grs[0].Username, "jack") + assert.Contains(ginkgo.GinkgoT(), grs[0].Desc, "jack consumer") assert.Len(ginkgo.GinkgoT(), grs[0].Plugins, 1) ldapAuth, _ := grs[0].Plugins["ldap-auth"].(map[string]interface{}) assert.Equal(ginkgo.GinkgoT(), ldapAuth["user_dn"], "cn=jack,ou=users,dc=ldap,dc=example,dc=org") diff --git a/test/e2e/suite-plugins/suite-plugins-authentication/wolfrbac.go b/test/e2e/suite-plugins/suite-plugins-authentication/wolfrbac.go index 2ecab924fb..d5aafdf6e5 100644 --- a/test/e2e/suite-plugins/suite-plugins-authentication/wolfrbac.go +++ b/test/e2e/suite-plugins/suite-plugins-authentication/wolfrbac.go @@ -53,6 +53,7 @@ kind: ApisixConsumer metadata: name: wolf-user spec: + description: wolf-user consumer authParameter: wolfRBAC: value: @@ -68,6 +69,8 @@ spec: grs, err := s.ListApisixConsumers() assert.Nil(ginkgo.GinkgoT(), err, "listing consumer") assert.Len(ginkgo.GinkgoT(), grs, 1) + assert.Contains(ginkgo.GinkgoT(), grs[0].Username, "wolf-user") + assert.Contains(ginkgo.GinkgoT(), grs[0].Desc, "wolf-user consumer") assert.Len(ginkgo.GinkgoT(), grs[0].Plugins, 1) wolfRBAC, _ := grs[0].Plugins["wolf-rbac"].(map[string]interface{}) assert.Equal(ginkgo.GinkgoT(), wolfRBAC, map[string]interface{}{ @@ -180,6 +183,7 @@ kind: ApisixConsumer metadata: name: wolf-user spec: + description: wolf-user consumer authParameter: wolfRBAC: secretRef: @@ -193,6 +197,8 @@ spec: grs, err := s.ListApisixConsumers() assert.Nil(ginkgo.GinkgoT(), err, "listing consumer") assert.Len(ginkgo.GinkgoT(), grs, 1) + assert.Contains(ginkgo.GinkgoT(), grs[0].Username, "wolf-user") + assert.Contains(ginkgo.GinkgoT(), grs[0].Desc, "wolf-user consumer") assert.Len(ginkgo.GinkgoT(), grs[0].Plugins, 1) wolfRBAC, _ := grs[0].Plugins["wolf-rbac"].(map[string]interface{}) assert.Equal(ginkgo.GinkgoT(), wolfRBAC, map[string]interface{}{ diff --git a/test/e2e/suite-plugins/suite-plugins-security/consumer-restriction.go b/test/e2e/suite-plugins/suite-plugins-security/consumer-restriction.go index 8db1d86ae7..dcedb89b24 100644 --- a/test/e2e/suite-plugins/suite-plugins-security/consumer-restriction.go +++ b/test/e2e/suite-plugins/suite-plugins-security/consumer-restriction.go @@ -30,10 +30,10 @@ var _ = ginkgo.Describe("suite-plugins-security: consumer-restriction plugin", f s := scaffoldFunc() ginkgo.It("restrict consumer_name", func() { - err := s.ApisixConsumerBasicAuthCreated("jack1", "jack1-username", "jack1-password") + err := s.ApisixConsumerBasicAuthCreated("jack1", "", "jack1-username", "jack1-password") assert.Nil(ginkgo.GinkgoT(), err, "creating basicAuth ApisixConsumer") - err = s.ApisixConsumerBasicAuthCreated("jack2", "jack2-username", "jack2-password") + err = s.ApisixConsumerBasicAuthCreated("jack2", "", "jack2-username", "jack2-password") assert.Nil(ginkgo.GinkgoT(), err, "creating basicAuth ApisixConsumer") // Wait until the ApisixConsumer create event was delivered. @@ -117,10 +117,10 @@ spec: }) ginkgo.It("restrict allowed_by_methods", func() { - err := s.ApisixConsumerBasicAuthCreated("jack1", "jack1-username", "jack1-password") + err := s.ApisixConsumerBasicAuthCreated("jack1", "", "jack1-username", "jack1-password") assert.Nil(ginkgo.GinkgoT(), err, "creating basicAuth ApisixConsumer") - err = s.ApisixConsumerBasicAuthCreated("jack2", "jack2-username", "jack2-password") + err = s.ApisixConsumerBasicAuthCreated("jack2", "", "jack2-username", "jack2-password") assert.Nil(ginkgo.GinkgoT(), err, "creating basicAuth ApisixConsumer") // Wait until the ApisixConsumer create event was delivered. From 42e3904b9755e49555169f0f7f624102e245002e Mon Sep 17 00:00:00 2001 From: jnavea Date: Thu, 25 Apr 2024 08:14:00 +0200 Subject: [PATCH 2/3] Fix lint and e2e test --- docs/en/latest/references/apisix_consumer_v2.md | 2 +- samples/deploy/crd/v1/ApisixConsumer.yaml | 2 +- .../suite-plugins/suite-plugins-authentication/wolfrbac.go | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/en/latest/references/apisix_consumer_v2.md b/docs/en/latest/references/apisix_consumer_v2.md index 4ffb2895a1..fbd143afa5 100644 --- a/docs/en/latest/references/apisix_consumer_v2.md +++ b/docs/en/latest/references/apisix_consumer_v2.md @@ -31,7 +31,7 @@ See the [definition](../../../../samples/deploy/crd/v1/ApisixConsumer.yaml) on G | Field | Type | Description | |------------------|---------|------------------------------------------------------------------------------------------------------------------------------------------------| -| description | string | Description of the consumer +| description | string | Description of the consumer | | authParameter | object | Configuration of one of the available authentication plugins. | | authParameter.basicAuth.value | object | Plugin configuration for [`basic-auth` plugin](https://apisix.apache.org/docs/apisix/plugins/basic-auth/) | | authParameter.basicAuth.secretRef.name | string | You can store plugin configuration in Kubernetes secret and reference here with the secret name | diff --git a/samples/deploy/crd/v1/ApisixConsumer.yaml b/samples/deploy/crd/v1/ApisixConsumer.yaml index 96e778312a..80967bf2af 100644 --- a/samples/deploy/crd/v1/ApisixConsumer.yaml +++ b/samples/deploy/crd/v1/ApisixConsumer.yaml @@ -46,7 +46,7 @@ spec: properties: ingressClassName: type: string - description: + description: type: string authParameter: type: object diff --git a/test/e2e/suite-plugins/suite-plugins-authentication/wolfrbac.go b/test/e2e/suite-plugins/suite-plugins-authentication/wolfrbac.go index d5aafdf6e5..c103f5ac07 100644 --- a/test/e2e/suite-plugins/suite-plugins-authentication/wolfrbac.go +++ b/test/e2e/suite-plugins/suite-plugins-authentication/wolfrbac.go @@ -69,7 +69,7 @@ spec: grs, err := s.ListApisixConsumers() assert.Nil(ginkgo.GinkgoT(), err, "listing consumer") assert.Len(ginkgo.GinkgoT(), grs, 1) - assert.Contains(ginkgo.GinkgoT(), grs[0].Username, "wolf-user") + assert.Contains(ginkgo.GinkgoT(), grs[0].Username, "wolf_user") assert.Contains(ginkgo.GinkgoT(), grs[0].Desc, "wolf-user consumer") assert.Len(ginkgo.GinkgoT(), grs[0].Plugins, 1) wolfRBAC, _ := grs[0].Plugins["wolf-rbac"].(map[string]interface{}) @@ -197,7 +197,7 @@ spec: grs, err := s.ListApisixConsumers() assert.Nil(ginkgo.GinkgoT(), err, "listing consumer") assert.Len(ginkgo.GinkgoT(), grs, 1) - assert.Contains(ginkgo.GinkgoT(), grs[0].Username, "wolf-user") + assert.Contains(ginkgo.GinkgoT(), grs[0].Username, "wolf_user") assert.Contains(ginkgo.GinkgoT(), grs[0].Desc, "wolf-user consumer") assert.Len(ginkgo.GinkgoT(), grs[0].Plugins, 1) wolfRBAC, _ := grs[0].Plugins["wolf-rbac"].(map[string]interface{}) From 3fc2b3ae111b0625437f788eba53508d1c3a742f Mon Sep 17 00:00:00 2001 From: jorgenll Date: Fri, 28 Jun 2024 06:53:21 +0200 Subject: [PATCH 3/3] Include maxLength on description --- samples/deploy/crd/v1/ApisixConsumer.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/samples/deploy/crd/v1/ApisixConsumer.yaml b/samples/deploy/crd/v1/ApisixConsumer.yaml index 80967bf2af..8ba06e2680 100644 --- a/samples/deploy/crd/v1/ApisixConsumer.yaml +++ b/samples/deploy/crd/v1/ApisixConsumer.yaml @@ -48,6 +48,7 @@ spec: type: string description: type: string + maxLength: 256 authParameter: type: object oneOf: