From 57a686902288bcee5d1444827480f734de1ae605 Mon Sep 17 00:00:00 2001 From: Ashwin Venkatesh Date: Thu, 15 Apr 2021 09:49:32 -0400 Subject: [PATCH] Add cluster resource CRD - Add a CRD for the cluster resource. This additionally adds a webhook for the same as well. This is a CRD that supports the Transparent Proxy feature. - Only support the mutating webhook version v1, as v1beta1 is deprecated in the newer Kubernetes versions and v1 is supported in Kubernetes 1.16+ which are the versions we support --- .circleci/config.yml | 2 +- templates/connect-inject-mutatingwebhook.yaml | 16 +- ...ntroller-mutatingwebhookconfiguration.yaml | 202 ++++++++++-------- templates/crd-clusters.yaml | 104 +++++++++ test/acceptance/go.mod | 4 +- test/acceptance/go.sum | 9 +- .../controller/controller_namespaces_test.go | 25 +++ .../tests/controller/controller_test.go | 25 +++ .../tests/fixtures/crds/cluster.yaml | 7 + 9 files changed, 285 insertions(+), 109 deletions(-) create mode 100644 templates/crd-clusters.yaml create mode 100644 test/acceptance/tests/fixtures/crds/cluster.yaml diff --git a/.circleci/config.yml b/.circleci/config.yml index 5cdfde9fc..97efa8671 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -145,7 +145,7 @@ jobs: -secondary-kubecontext="kind-dc2" \ -debug-directory="$TEST_RESULTS/debug" \ -consul-image="ishustava/consul-enterprise:tproxy-test" \ - -consul-k8s-image="docker.mirror.hashicorp.services/hashicorpdev/consul-k8s:296675a" + -consul-k8s-image="ashwinvenkatesh/consul-k8s@sha256:a73eff871ad25f127c303753486fd2f7d2d6dc9a60e9ae025183c8b26089780b" then echo "Tests in ${pkg} failed, aborting early" exit_code=1 diff --git a/templates/connect-inject-mutatingwebhook.yaml b/templates/connect-inject-mutatingwebhook.yaml index fa1cc14c3..8c7af50c2 100644 --- a/templates/connect-inject-mutatingwebhook.yaml +++ b/templates/connect-inject-mutatingwebhook.yaml @@ -1,10 +1,6 @@ {{- if (or (and (ne (.Values.connectInject.enabled | toString) "-") .Values.connectInject.enabled) (and (eq (.Values.connectInject.enabled | toString) "-") .Values.global.enabled)) }} # The MutatingWebhookConfiguration to enable the Connect injector. -{{- if .Capabilities.APIVersions.Has "admissionregistration.k8s.io/v1" }} apiVersion: admissionregistration.k8s.io/v1 -{{- else }} -apiVersion: admissionregistration.k8s.io/v1beta1 -{{- end }} kind: MutatingWebhookConfiguration metadata: name: {{ template "consul.fullname" . }}-connect-injector-cfg @@ -19,18 +15,18 @@ webhooks: failurePolicy: Ignore sideEffects: None admissionReviewVersions: - - "v1beta1" - - "v1" + - "v1beta1" + - "v1" clientConfig: service: name: {{ template "consul.fullname" . }}-connect-injector-svc namespace: {{ .Release.Namespace }} path: "/mutate" rules: - - operations: [ "CREATE" ] - apiGroups: [""] - apiVersions: ["v1"] - resources: ["pods"] + - operations: [ "CREATE" ] + apiGroups: [""] + apiVersions: ["v1"] + resources: ["pods"] {{- if .Values.connectInject.namespaceSelector }} namespaceSelector: {{ tpl .Values.connectInject.namespaceSelector . | indent 6 }} diff --git a/templates/controller-mutatingwebhookconfiguration.yaml b/templates/controller-mutatingwebhookconfiguration.yaml index a3504f21d..c19ded484 100644 --- a/templates/controller-mutatingwebhookconfiguration.yaml +++ b/templates/controller-mutatingwebhookconfiguration.yaml @@ -1,9 +1,5 @@ {{- if .Values.controller.enabled }} -{{- if .Capabilities.APIVersions.Has "admissionregistration.k8s.io/v1" }} apiVersion: admissionregistration.k8s.io/v1 -{{- else }} -apiVersion: admissionregistration.k8s.io/v1beta1 -{{- end }} kind: MutatingWebhookConfiguration metadata: name: {{ template "consul.fullname" . }}-controller-mutating-webhook-configuration @@ -22,19 +18,41 @@ webhooks: path: /mutate-v1alpha1-proxydefaults failurePolicy: Fail admissionReviewVersions: - - "v1beta1" - - "v1" + - "v1beta1" + - "v1" name: mutate-proxydefaults.consul.hashicorp.com rules: - - apiGroups: - - consul.hashicorp.com - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - proxydefaults + - apiGroups: + - consul.hashicorp.com + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - proxydefaults + sideEffects: None +- clientConfig: + caBundle: Cg== + service: + name: {{ template "consul.fullname" . }}-controller-webhook + namespace: {{ .Release.Namespace }} + path: /mutate-v1alpha1-cluster + failurePolicy: Fail + admissionReviewVersions: + - "v1beta1" + - "v1" + name: mutate-cluster.consul.hashicorp.com + rules: + - apiGroups: + - consul.hashicorp.com + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - cluster sideEffects: None - clientConfig: caBundle: Cg== @@ -44,19 +62,19 @@ webhooks: path: /mutate-v1alpha1-servicedefaults failurePolicy: Fail admissionReviewVersions: - - "v1beta1" - - "v1" + - "v1beta1" + - "v1" name: mutate-servicedefaults.consul.hashicorp.com rules: - - apiGroups: - - consul.hashicorp.com - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - servicedefaults + - apiGroups: + - consul.hashicorp.com + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - servicedefaults sideEffects: None - clientConfig: caBundle: Cg== @@ -66,19 +84,19 @@ webhooks: path: /mutate-v1alpha1-serviceresolver failurePolicy: Fail admissionReviewVersions: - - "v1beta1" - - "v1" + - "v1beta1" + - "v1" name: mutate-serviceresolver.consul.hashicorp.com rules: - - apiGroups: - - consul.hashicorp.com - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - serviceresolvers + - apiGroups: + - consul.hashicorp.com + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - serviceresolvers sideEffects: None - clientConfig: caBundle: Cg== @@ -88,19 +106,19 @@ webhooks: path: /mutate-v1alpha1-servicerouter failurePolicy: Fail admissionReviewVersions: - - "v1beta1" - - "v1" + - "v1beta1" + - "v1" name: mutate-servicerouter.consul.hashicorp.com rules: - - apiGroups: - - consul.hashicorp.com - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - servicerouters + - apiGroups: + - consul.hashicorp.com + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - servicerouters sideEffects: None - clientConfig: caBundle: Cg== @@ -110,19 +128,19 @@ webhooks: path: /mutate-v1alpha1-servicesplitter failurePolicy: Fail admissionReviewVersions: - - "v1beta1" - - "v1" + - "v1beta1" + - "v1" name: mutate-servicesplitter.consul.hashicorp.com rules: - - apiGroups: - - consul.hashicorp.com - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - servicesplitters + - apiGroups: + - consul.hashicorp.com + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - servicesplitters sideEffects: None - clientConfig: caBundle: Cg== @@ -132,19 +150,19 @@ webhooks: path: /mutate-v1alpha1-serviceintentions failurePolicy: Fail admissionReviewVersions: - - "v1beta1" - - "v1" + - "v1beta1" + - "v1" name: mutate-serviceintentions.consul.hashicorp.com rules: - - apiGroups: - - consul.hashicorp.com - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - serviceintentions + - apiGroups: + - consul.hashicorp.com + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - serviceintentions sideEffects: None - clientConfig: caBundle: Cg== @@ -154,19 +172,19 @@ webhooks: path: /mutate-v1alpha1-ingressgateway failurePolicy: Fail admissionReviewVersions: - - "v1beta1" - - "v1" + - "v1beta1" + - "v1" name: mutate-ingressgateway.consul.hashicorp.com rules: - - apiGroups: - - consul.hashicorp.com - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - ingressgateways + - apiGroups: + - consul.hashicorp.com + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - ingressgateways sideEffects: None - clientConfig: caBundle: Cg== @@ -176,18 +194,18 @@ webhooks: path: /mutate-v1alpha1-terminatinggateway failurePolicy: Fail admissionReviewVersions: - - "v1beta1" - - "v1" + - "v1beta1" + - "v1" name: mutate-terminatinggateway.consul.hashicorp.com rules: - - apiGroups: - - consul.hashicorp.com - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - terminatinggateways + - apiGroups: + - consul.hashicorp.com + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - terminatinggateways sideEffects: None {{- end }} diff --git a/templates/crd-clusters.yaml b/templates/crd-clusters.yaml new file mode 100644 index 000000000..06c392a9d --- /dev/null +++ b/templates/crd-clusters.yaml @@ -0,0 +1,104 @@ +{{- if .Values.controller.enabled }} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.5.0 + creationTimestamp: null + name: clusters.consul.hashicorp.com + labels: + app: {{ template "consul.name" . }} + chart: {{ template "consul.chart" . }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} + component: crd +spec: + group: consul.hashicorp.com + names: + kind: Cluster + listKind: ClusterList + plural: clusters + singular: cluster + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The sync status of the resource with Consul + jsonPath: .status.conditions[?(@.type=="Synced")].status + name: Synced + type: string + - description: The last successful synced time of the resource with Consul + jsonPath: .status.lastSyncedTime + name: Last Synced + type: date + - description: The age of the resource + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: Cluster is the Schema for the clusters API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ClusterSpec defines the desired state of Cluster + properties: + transparentProxy: + properties: + catalogDestinationsOnly: + type: boolean + type: object + type: object + status: + properties: + conditions: + description: Conditions indicate the latest available observations of a resource's current state. + items: + description: 'Conditions define a readiness condition for a Consul resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties' + properties: + lastTransitionTime: + description: LastTransitionTime is the last time the condition transitioned from one status to another. + format: date-time + type: string + message: + description: A human readable message indicating details about the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition. + type: string + required: + - status + - type + type: object + type: array + lastSyncedTime: + description: LastSyncedTime is the last time the resource successfully synced with Consul. + format: date-time + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +{{- end }} diff --git a/test/acceptance/go.mod b/test/acceptance/go.mod index 17eb89f06..4e0d75a5d 100644 --- a/test/acceptance/go.mod +++ b/test/acceptance/go.mod @@ -4,8 +4,8 @@ go 1.14 require ( github.com/gruntwork-io/terratest v0.31.2 - github.com/hashicorp/consul/api v1.4.1-0.20201015173526-812fe06d6c64 - github.com/hashicorp/consul/sdk v0.6.0 + github.com/hashicorp/consul/api v1.4.1-0.20210415000851-62fcf1ff17cd + github.com/hashicorp/consul/sdk v0.7.0 github.com/stretchr/testify v1.5.1 gopkg.in/yaml.v2 v2.2.8 k8s.io/api v0.19.3 diff --git a/test/acceptance/go.sum b/test/acceptance/go.sum index 96beae1fa..5d3fd7470 100644 --- a/test/acceptance/go.sum +++ b/test/acceptance/go.sum @@ -225,10 +225,10 @@ github.com/gruntwork-io/gruntwork-cli v0.7.0 h1:YgSAmfCj9c61H+zuvHwKfYUwlMhu5arn github.com/gruntwork-io/gruntwork-cli v0.7.0/go.mod h1:jp6Z7NcLF2avpY8v71fBx6hds9eOFPELSuD/VPv7w00= github.com/gruntwork-io/terratest v0.31.2 h1:xvYHA80MUq5kx670dM18HInewOrrQrAN+XbVVtytUHg= github.com/gruntwork-io/terratest v0.31.2/go.mod h1:EEgJie28gX/4AD71IFqgMj6e99KP5mi81hEtzmDjxTo= -github.com/hashicorp/consul/api v1.4.1-0.20201015173526-812fe06d6c64 h1:8/zXC/mxIXKRqcRACIu/G016QKE/XWWBXsuNnJO3O9s= -github.com/hashicorp/consul/api v1.4.1-0.20201015173526-812fe06d6c64/go.mod h1:duA0cMzNQkvdlj8Ayz6LmyaMUta7iVW8qY2w2bic/Iw= -github.com/hashicorp/consul/sdk v0.6.0 h1:FfhMEkwvQl57CildXJyGHnwGGM4HMODGyfjGwNM1Vdw= -github.com/hashicorp/consul/sdk v0.6.0/go.mod h1:fY08Y9z5SvJqevyZNy6WWPXiG3KwBPAvlcdx16zZ0fM= +github.com/hashicorp/consul/api v1.4.1-0.20210415000851-62fcf1ff17cd h1:HKntL2binKSK5AFIzsJ9WmfPwjUTRgT5/mCifKVpPt8= +github.com/hashicorp/consul/api v1.4.1-0.20210415000851-62fcf1ff17cd/go.mod h1:sDjTOq0yUyv5G4h+BqSea7Fn6BU+XbolEz1952UB+mk= +github.com/hashicorp/consul/sdk v0.7.0 h1:H6R9d008jDcHPQPAqPNuydAshJ4v5/8URdFnUvK/+sc= +github.com/hashicorp/consul/sdk v0.7.0/go.mod h1:fY08Y9z5SvJqevyZNy6WWPXiG3KwBPAvlcdx16zZ0fM= github.com/hashicorp/errwrap v1.0.0 h1:hLrqtEDnRye3+sgx6z4qVLNuviH3MR5aQ0ykNJa/UYA= github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/go-cleanhttp v0.5.1 h1:dH3aiDG9Jvb5r5+bYHsikaOUIpcM0xvgMXVoDkXMzJM= @@ -412,6 +412,7 @@ github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An github.com/spf13/viper v1.3.2/go.mod h1:ZiWeW+zYFKm7srdB9IoDzzZXaJaI5eL9QjNiN/DMA2s= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.2.0 h1:Hbg2NidpLE8veEBkEZTL3CvlkUIVzuU9jDplZO54c48= github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE= github.com/stretchr/testify v0.0.0-20151208002404-e3a8ff8ce365/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= diff --git a/test/acceptance/tests/controller/controller_namespaces_test.go b/test/acceptance/tests/controller/controller_namespaces_test.go index 9c4c07847..cd4ceb900 100644 --- a/test/acceptance/tests/controller/controller_namespaces_test.go +++ b/test/acceptance/tests/controller/controller_namespaces_test.go @@ -153,6 +153,13 @@ func TestControllerNamespaces(t *testing.T) { require.True(r, ok, "could not cast to ProxyConfigEntry") require.Equal(r, api.MeshGatewayModeLocal, proxyDefaultEntry.MeshGateway.Mode) + // cluster + entry, _, err = consulClient.ConfigEntries().Get(api.ClusterConfig, "cluster", defaultOpts) + require.NoError(r, err) + clusterEntry, ok := entry.(*api.ClusterConfigEntry) + require.True(r, ok, "could not cast to ClusterConfigEntry") + require.True(r, clusterEntry.TransparentProxy.CatalogDestinationsOnly) + // service-router entry, _, err = consulClient.ConfigEntries().Get(api.ServiceRouter, "router", queryOpts) require.NoError(r, err) @@ -213,6 +220,9 @@ func TestControllerNamespaces(t *testing.T) { patchMeshGatewayMode := "remote" k8s.RunKubectl(t, ctx.KubectlOptions(t), "patch", "-n", KubeNS, "proxydefaults", "global", "-p", fmt.Sprintf(`{"spec":{"meshGateway":{"mode": "%s"}}}`, patchMeshGatewayMode), "--type=merge") + logger.Log(t, "patching cluster custom resource") + k8s.RunKubectl(t, ctx.KubectlOptions(t), "patch", "-n", KubeNS, "cluster", "cluster", "-p", fmt.Sprintf(`{"spec":{"transparentProxy":{"catalogDestinationsOnly": %t}}}`, false), "--type=merge") + logger.Log(t, "patching service-router custom resource") patchPathPrefix := "/baz" k8s.RunKubectl(t, ctx.KubectlOptions(t), "patch", "-n", KubeNS, "servicerouter", "router", "-p", fmt.Sprintf(`{"spec":{"routes":[{"match":{"http":{"pathPrefix":"%s"}}}]}}`, patchPathPrefix), "--type=merge") @@ -254,6 +264,13 @@ func TestControllerNamespaces(t *testing.T) { require.True(r, ok, "could not cast to ProxyConfigEntry") require.Equal(r, api.MeshGatewayModeRemote, proxyDefaultsEntry.MeshGateway.Mode) + // cluster + entry, _, err = consulClient.ConfigEntries().Get(api.ClusterConfig, "cluster", defaultOpts) + require.NoError(r, err) + clusterConfigEntry, ok := entry.(*api.ClusterConfigEntry) + require.True(r, ok, "could not cast to ClusterConfigEntry") + require.False(r, clusterConfigEntry.TransparentProxy.CatalogDestinationsOnly) + // service-router entry, _, err = consulClient.ConfigEntries().Get(api.ServiceRouter, "router", queryOpts) require.NoError(r, err) @@ -304,6 +321,9 @@ func TestControllerNamespaces(t *testing.T) { logger.Log(t, "deleting proxy-defaults custom resource") k8s.RunKubectl(t, ctx.KubectlOptions(t), "delete", "-n", KubeNS, "proxydefaults", "global") + logger.Log(t, "deleting cluster custom resource") + k8s.RunKubectl(t, ctx.KubectlOptions(t), "delete", "-n", KubeNS, "cluster", "cluster") + logger.Log(t, "deleting service-router custom resource") k8s.RunKubectl(t, ctx.KubectlOptions(t), "delete", "-n", KubeNS, "servicerouter", "router") @@ -336,6 +356,11 @@ func TestControllerNamespaces(t *testing.T) { require.Error(r, err) require.Contains(r, err.Error(), "404 (Config entry not found") + // cluster + _, _, err = consulClient.ConfigEntries().Get(api.ClusterConfig, "cluster", defaultOpts) + require.Error(r, err) + require.Contains(r, err.Error(), "404 (Config entry not found") + // service-router _, _, err = consulClient.ConfigEntries().Get(api.ServiceRouter, "router", queryOpts) require.Error(r, err) diff --git a/test/acceptance/tests/controller/controller_test.go b/test/acceptance/tests/controller/controller_test.go index a152295ad..bccb7720a 100644 --- a/test/acceptance/tests/controller/controller_test.go +++ b/test/acceptance/tests/controller/controller_test.go @@ -93,6 +93,13 @@ func TestController(t *testing.T) { require.True(r, ok, "could not cast to ProxyConfigEntry") require.Equal(r, api.MeshGatewayModeLocal, proxyDefaultEntry.MeshGateway.Mode) + // cluster + entry, _, err = consulClient.ConfigEntries().Get(api.ClusterConfig, "cluster", nil) + require.NoError(r, err) + clusterEntry, ok := entry.(*api.ClusterConfigEntry) + require.True(r, ok, "could not cast to ClusterConfigEntry") + require.True(r, clusterEntry.TransparentProxy.CatalogDestinationsOnly) + // service-router entry, _, err = consulClient.ConfigEntries().Get(api.ServiceRouter, "router", nil) require.NoError(r, err) @@ -154,6 +161,9 @@ func TestController(t *testing.T) { patchMeshGatewayMode := "remote" k8s.RunKubectl(t, ctx.KubectlOptions(t), "patch", "proxydefaults", "global", "-p", fmt.Sprintf(`{"spec":{"meshGateway":{"mode": "%s"}}}`, patchMeshGatewayMode), "--type=merge") + logger.Log(t, "patching cluster custom resource") + k8s.RunKubectl(t, ctx.KubectlOptions(t), "patch", "cluster", "cluster", "-p", fmt.Sprintf(`{"spec":{"transparentProxy":{"catalogDestinationsOnly": %t}}}`, false), "--type=merge") + logger.Log(t, "patching service-router custom resource") patchPathPrefix := "/baz" k8s.RunKubectl(t, ctx.KubectlOptions(t), "patch", "servicerouter", "router", "-p", fmt.Sprintf(`{"spec":{"routes":[{"match":{"http":{"pathPrefix":"%s"}}}]}}`, patchPathPrefix), "--type=merge") @@ -195,6 +205,13 @@ func TestController(t *testing.T) { require.True(r, ok, "could not cast to ProxyConfigEntry") require.Equal(r, api.MeshGatewayModeRemote, proxyDefaultsEntry.MeshGateway.Mode) + // cluster + entry, _, err = consulClient.ConfigEntries().Get(api.ClusterConfig, "cluster", nil) + require.NoError(r, err) + clusterEntry, ok := entry.(*api.ClusterConfigEntry) + require.True(r, ok, "could not cast to ClusterConfigEntry") + require.False(r, clusterEntry.TransparentProxy.CatalogDestinationsOnly) + // service-router entry, _, err = consulClient.ConfigEntries().Get(api.ServiceRouter, "router", nil) require.NoError(r, err) @@ -246,6 +263,9 @@ func TestController(t *testing.T) { logger.Log(t, "deleting proxy-defaults custom resource") k8s.RunKubectl(t, ctx.KubectlOptions(t), "delete", "proxydefaults", "global") + logger.Log(t, "deleting cluster custom resource") + k8s.RunKubectl(t, ctx.KubectlOptions(t), "delete", "cluster", "cluster") + logger.Log(t, "deleting service-router custom resource") k8s.RunKubectl(t, ctx.KubectlOptions(t), "delete", "servicerouter", "router") @@ -278,6 +298,11 @@ func TestController(t *testing.T) { require.Error(r, err) require.Contains(r, err.Error(), "404 (Config entry not found") + // cluster + _, _, err = consulClient.ConfigEntries().Get(api.ClusterConfig, "cluster", nil) + require.Error(r, err) + require.Contains(r, err.Error(), "404 (Config entry not found") + // service-router _, _, err = consulClient.ConfigEntries().Get(api.ServiceRouter, "router", nil) require.Error(r, err) diff --git a/test/acceptance/tests/fixtures/crds/cluster.yaml b/test/acceptance/tests/fixtures/crds/cluster.yaml new file mode 100644 index 000000000..e20393859 --- /dev/null +++ b/test/acceptance/tests/fixtures/crds/cluster.yaml @@ -0,0 +1,7 @@ +apiVersion: consul.hashicorp.com/v1alpha1 +kind: Cluster +metadata: + name: cluster +spec: + transparentProxy: + catalogDestinationsOnly: true \ No newline at end of file