Skip to content

Commit

Permalink
wait for new resource to program
Browse files Browse the repository at this point in the history
Signed-off-by: Guy Daich <[email protected]>
  • Loading branch information
guydc committed Jan 8, 2025
1 parent 050b8b8 commit aac6ffb
Show file tree
Hide file tree
Showing 3 changed files with 48 additions and 4 deletions.
15 changes: 11 additions & 4 deletions internal/xds/server/runner/runner.go
Original file line number Diff line number Diff line change
Expand Up @@ -88,10 +88,17 @@ func (r *Runner) Start(ctx context.Context) (err error) {
}
r.Logger.Info("loaded TLS certificate and key")

r.grpc = grpc.NewServer(grpc.Creds(credentials.NewTLS(tlsConfig)), grpc.KeepaliveEnforcementPolicy(keepalive.EnforcementPolicy{
MinTime: 15 * time.Second,
PermitWithoutStream: true,
}))
r.grpc = grpc.NewServer(
grpc.Creds(credentials.NewTLS(tlsConfig)),
grpc.KeepaliveEnforcementPolicy(keepalive.EnforcementPolicy{
MinTime: 15 * time.Second,
PermitWithoutStream: true,
}),
grpc.KeepaliveParams(keepalive.ServerParameters{
Time: 60 * time.Second,
Timeout: 20 * time.Second,
}),
)

r.cache = cache.NewSnapshotCache(true, r.Logger)
registerServer(serverv3.NewServer(ctx, r.cache, r.cache), r.grpc)
Expand Down
16 changes: 16 additions & 0 deletions test/e2e/testdata/certificate-rotation.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: http-for-cert-rotation
namespace: gateway-conformance-infra
spec:
parentRefs:
- name: same-namespace
rules:
- matches:
- path:
type: PathPrefix
value: /cert-rotation
backendRefs:
- name: infra-backend-v1
port: 8080
21 changes: 21 additions & 0 deletions test/e2e/tests/certificate_rotation.go
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ import (
corev1 "k8s.io/api/core/v1"
"k8s.io/apimachinery/pkg/types"
"sigs.k8s.io/gateway-api/conformance/utils/http"
"sigs.k8s.io/gateway-api/conformance/utils/kubernetes"
"sigs.k8s.io/gateway-api/conformance/utils/suite"
"sigs.k8s.io/gateway-api/conformance/utils/tlog"

Expand Down Expand Up @@ -128,6 +129,26 @@ var CertificateRotationTest = suite.ConformanceTest{
require.NoError(t, err)
return true
})

// Apply a new config and confirm that it's programmed successfully on proxies
suite.Applier.MustApplyWithCleanup(t, suite.Client, suite.TimeoutConfig, "testdata/certificate-rotation.yaml", false)
ns := "gateway-conformance-infra"
routeNN := types.NamespacedName{Name: "http-for-cert-rotation", Namespace: ns}
gwNN := types.NamespacedName{Name: "same-namespace", Namespace: ns}
gwAddr := kubernetes.GatewayAndHTTPRoutesMustBeAccepted(t, suite.Client, suite.TimeoutConfig, suite.ControllerName, kubernetes.NewGatewayRef(gwNN), routeNN)
kubernetes.NamespacesMustBeReady(t, suite.Client, suite.TimeoutConfig, []string{ns})

expected := http.ExpectedResponse{
Request: http.Request{
Path: "/cert-rotation",
},
Response: http.Response{
StatusCode: 200,
},
Namespace: ns,
}

http.MakeRequestAndExpectEventuallyConsistentResponse(t, suite.RoundTripper, suite.TimeoutConfig, gwAddr, expected)
})
},
}
Expand Down

0 comments on commit aac6ffb

Please sign in to comment.