Implement SslPolicies for TargetHttpsProxy #1019
Conversation
|
Hi @spencerhance. Thanks for your PR. I'm waiting for a kubernetes member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
/assign @rramkumar1 |
|
/ok-to-test |
b6d2046 to
561d69b
Compare
351064e to
c5703b8
Compare
c5703b8 to
15cf41a
Compare
|
@rramkumar1 Added a bunch of unit tests, can you take another look? I also refactored the syncing logic so that we sync on target proxy creation and later syncs |
| @@ -97,6 +99,18 @@ func newTestJig(t *testing.T) *testJig { | |||
| tp.SslCertificates = request.SslCertificates | |||
| return nil | |||
| } | |||
| mockGCE.MockTargetHttpsProxies.SetSslPolicyHook = func(ctx context.Context, key *meta.Key, ref *compute.SslPolicyReference, proxies *cloud.MockTargetHttpsProxies) error { | |||
There was a problem hiding this comment.
Is this hook special? Can it be added to k8s_cloud_provider mock.go instead?
If its too much work to re-vendor then I suppose we can have this here but would be good to upstream
There was a problem hiding this comment.
Can I do this in a follow up and add a TODO here? Re-vendoring always takes like a couple days to get all the approvals.
pkg/utils/utils.go
Outdated
| @@ -439,3 +439,8 @@ func IsLegacyL4ILBService(svc *api_v1.Service) bool { | |||
| } | |||
| return false | |||
| } | |||
|
|
|||
| // NewString returns a pointer to the provider string literal | |||
pkg/utils/utils.go
Outdated
| @@ -439,3 +439,8 @@ func IsLegacyL4ILBService(svc *api_v1.Service) bool { | |||
| } | |||
| return false | |||
| } | |||
|
|
|||
| // NewString returns a pointer to the provider string literal | |||
| func NewString(s string) *string { | |||
| desc string | ||
| fc *frontendconfigv1beta1.FrontendConfig | ||
| want *string | ||
| }{ |
There was a problem hiding this comment.
Do you need a case for frontend config with empty string ssl policy?
| want: "global/sslPolicies/test-policy", | ||
| }, | ||
| { | ||
| desc: "proxy with different ssl policy", |
There was a problem hiding this comment.
Is this a duplicate of the test case below?
| want: "", | ||
| }, | ||
| } | ||
|
|
There was a problem hiding this comment.
You need a case where a proxy has a policy and then the frontend config policy string is nil.
15cf41a to
a0f6af4
Compare
|
Be sure to send a PR for the k8s_cloud_provider change /lgtm |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: rramkumar1, spencerhance The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
This is the main feature PR for SslPolicies
This relies on a few other PRs, but can be reviewed in parallel