Tests Frang #265
Tests Frang #265
Conversation
|
It so happened that I already took a branch kk-test and fixed broken tests and added my new tests. Next time I will do everything in my branch, but this time we agreed to leave it like that and do a review in this branch. |
There was a problem hiding this comment.
This mostly looks like an acceptance testing, than a real functional tests. This is a security feature, so please pay much more attention to all the corner and confusing cases. Please review https://github.com/tempesta-tech/tempesta/wiki/HTTP-security and all the tests.
There was a problem hiding this comment.
To sum up:
multiple_listenersgroup of test has already been fixed in plain configs for multiple listeners #275, so you just need to rebase your branch onto master, resolving conflicts- There should be some autoformatting applied to this entire PR since changing every commented line's formatting by hand is not that productive. I suggest you to commit all your changes though before applying one, hence there will be many changes and you might not like some of them
- The majority of test files contain some base class and just one class directly inherited from it, on the other hand the tests are being grouped by files (not by classes) and it is very unlikely that, say, there will be another class in
t_frang/test_client_body_timeout.pyany soon. So what's the point having that inheritance approach all over the place? - About a solid third of the tests code consists of almost identical
Nginxconfigurations which either don't differ at all or just in very minor parts, so it looks more that we testNginxrather thanTempesta:) Why not just reuseFrangTestCaseeverywhere possible at least just for consistency's sake? - If we actually fall for that approach of using inheritance and all, the parts of starting off backends and Tempesta should be in
setUpmethod of some base class and not get repeated for every test as it is for now. - Constants are massively overused, indeed, what's point of having such constants as
ONE?
Regarding running the tests, some of them resulted in errors because of you using non-standard path to the encryption keys:
Ran 98 tests in 307.733s
FAILED (failures=1, errors=83)
Hit me up when it gets fixed and I'll give it a try again.
.gitignore
Outdated
| @@ -2,4 +2,4 @@ tests_config.ini | |||
| tests_resume.json | |||
| tests_log.log | |||
| *.pyc | |||
| *~ | |||
| *~ | |||
There was a problem hiding this comment.
These files usually get extended by piping, redirecting, etc. That is why there should be a newline character at the end, so why do you delete this one?
t_frang/test_client_body_timeout.py
Outdated
| 'type': 'nginx', | ||
| 'status_uri': 'http://${server_ip}:8000/nginx_status', | ||
| 'config': """ | ||
| pid ${pid}; |
There was a problem hiding this comment.
This test has the very same nginx configuration as FrangTestCase, so why it's not being reused if we already put it in a separate class and file only with that configuration?
There was a problem hiding this comment.
yes you are right I will fix it
There was a problem hiding this comment.
I parametrized all tests with base class - FrangTestCase
| self.assertEqual(0, len(deproxy_cl3.responses)) | ||
|
|
||
| self.assertFalse(deproxy_cl.connection_is_closed()) | ||
| self.assertTrue(deproxy_cl2.connection_is_closed())#all clients should be blocked here, but for some reason only one gets closed |
There was a problem hiding this comment.
It should probably be the second argument to self.assertTrue, not a comment, so the person who sees this failure in logs would not have to look up the test code for the meaning of it. The same goes to all similar comments.
| connection_rate 4; | ||
| } | ||
|
|
||
| listen 127.0.0.4:8765; |
There was a problem hiding this comment.
IPs and other things that are subject to change should not be hardcoded, we have ${server_ip} and embedded runtime substitution with actual values for this particular purpose.
| } | ||
|
|
||
| tls_match_any_server_name; | ||
| tls_certificate RSA/tfw-root.crt; |
There was a problem hiding this comment.
It should be tls_certificate ${tempesta_workdir}/tempesta.crt;
There was a problem hiding this comment.
There are still issues in the PR, but I think there is nothing for me to review next time, so I approve the PR.
@RomanBelozerov I reassign the PR to you to make a review with appropriate adjustments, which you think are required. Also could you please address all not addressed comments by me and @nickzaev .
@pale-emperor I add you to reviewers: the main point to pay attention is that the branch is stable enough to not to break our CI.
|
I have run the tests on CI node for several times and get stable errors in the tests listed below: |
…g limits: ip_block, request_rate, request_burst; some test in work
…ate, connection_burst; concurent_connection in progress
…tests. Removed tests for two clients (duplicate logic test_ip_block.py)
Added tests with different/same ip.
Replaced curl client for h2 tests. (it does not allow to change `authority` header).
…nection_rate`, `tls_connection_burst` tests. Added tests with different connection (tls and non-tls). Separated `tls_incomplete_connection_rate` tests.
Added tests for `concurrent_connections` with clear stats clean-up.
RomanBelozerov
force-pushed
the
kk-test
branch
from
64db18e to
3b32992
Compare
…ection_rate_burst.py. Deproxy is slow.
Done.
All tests are parameterized and general logic is moved to base class. Unnecessary inheritance removed.
Nginx replaced to deproxy. Duplicate config and single constants removed. |
|
To sum up:
This PR requires changes #360 |
…port_in_uri`, `test_host_header_no_port_in_host`. Port 80 is optional, therefore we expect 200 response for these tests.
I prepared my work pass it to Nadia, because now she is gonna make Frang tests.
I upload almost everything I have except tests I was stacked with. Something was made some time ago, something not. I disabled several tests with comment
Disabled for PR(them should be fixed). I repeat, I did not fix them, because task was passed to Nadia.Also, there is some cleaning for
multiple_listeners.@ProshNad, after PR is done, take a look of tests and do everything you want.
The related issues is tempesta-tech/tempesta#673