Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
k8s-ingress
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
3
Merge Requests
3
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Commits
Issue Boards
Open sidebar
uplex-varnish
k8s-ingress
Commits
f6684104
Commit
f6684104
authored
Feb 07, 2020
by
Geoff Simmons
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Automate un-/deployment of the Basic/Proxy Auth examples.
parent
ea7c9b99
Changes
12
Hide whitespace changes
Inline
Side-by-side
Showing
12 changed files
with
232 additions
and
0 deletions
+232
-0
cafe_acl_or_auth.vtc
examples/authentication/cafe_acl_or_auth.vtc
+35
-0
cafe_basic_auth.vtc
examples/authentication/cafe_basic_auth.vtc
+33
-0
cafe_proxy_auth.vtc
examples/authentication/cafe_proxy_auth.vtc
+17
-0
deploy_acl_or_auth.sh
examples/authentication/deploy_acl_or_auth.sh
+9
-0
deploy_basic_auth.sh
examples/authentication/deploy_basic_auth.sh
+9
-0
deploy_proxy_auth.sh
examples/authentication/deploy_proxy_auth.sh
+9
-0
undeploy_acl_or_auth.sh
examples/authentication/undeploy_acl_or_auth.sh
+24
-0
undeploy_basic_auth.sh
examples/authentication/undeploy_basic_auth.sh
+24
-0
undeploy_proxy_auth.sh
examples/authentication/undeploy_proxy_auth.sh
+24
-0
verify_acl_or_auth.sh
examples/authentication/verify_acl_or_auth.sh
+16
-0
verify_basic_auth.sh
examples/authentication/verify_basic_auth.sh
+16
-0
verify_proxy_auth.sh
examples/authentication/verify_proxy_auth.sh
+16
-0
No files found.
examples/authentication/cafe_acl_or_auth.vtc
0 → 100644
View file @
f6684104
# looks like -*- vcl -*-
varnishtest "cafe example, proxy authentication"
client c1 -connect "${localhost} ${localport}" {
txreq -url /coffee -hdr "Host: cafe.example.com"
rxresp
expect resp.status == 401
expect resp.reason == "Unauthorized"
expect resp.http.WWW-Authenticate == {Basic realm="cafe"}
txreq -url /coffee -hdr "Host: cafe.example.com" \
-hdr "X-Real-IP: 127.0.0.1"
rxresp
expect resp.status == 401
expect resp.reason == "Unauthorized"
expect resp.http.WWW-Authenticate == {Basic realm="cafe"}
txreq -url /coffee -hdr "Host: cafe.example.com" \
-hdr "X-Real-IP: 192.0.2.1"
rxresp
expect resp.status == 200
# credentials foo:bar
txreq -url /coffee -hdr "Host: cafe.example.com" \
-hdr "Authorization: Basic Zm9vOmJhcg=="
rxresp
expect resp.status == 200
txreq -url /coffee -hdr "Host: cafe.example.com" \
-hdr "Authorization: Basic Zm9vOmJhcg==" \
-hdr "X-Real-IP: 127.0.0.1"
rxresp
expect resp.status == 200
} -run
examples/authentication/cafe_basic_auth.vtc
0 → 100644
View file @
f6684104
# looks like -*- vcl -*-
varnishtest "cafe example, basic authentication"
client c1 -connect "${localhost} ${localport}" {
txreq -url /coffee -hdr "Host: cafe.example.com"
rxresp
expect resp.status == 401
expect resp.reason == "Unauthorized"
expect resp.http.WWW-Authenticate == {Basic realm="coffee", charset="UTF-8"}
txreq -url /tea -hdr "Host: cafe.example.com"
rxresp
expect resp.status == 401
expect resp.reason == "Unauthorized"
expect resp.http.WWW-Authenticate == {Basic realm="tea"}
# credentials foo:bar
txreq -url /coffee -hdr "Host: cafe.example.com" \
-hdr "Authorization: Basic Zm9vOmJhcg=="
rxresp
expect resp.status == 200
# credentials tea-admin:awesomeness
txreq -url /tea -hdr "Host: cafe.example.com" \
-hdr "Authorization: Basic dGVhLWFkbWluOmF3ZXNvbWVuZXNz"
rxresp
expect resp.status == 200
txreq -url /milk -hdr "Host: cafe.example.com"
rxresp
expect resp.status == 404
} -run
examples/authentication/cafe_proxy_auth.vtc
0 → 100644
View file @
f6684104
# looks like -*- vcl -*-
varnishtest "cafe example, proxy authentication"
client c1 -connect "${localhost} ${localport}" {
txreq -url /coffee -hdr "Host: cafe.example.com"
rxresp
expect resp.status == 407
expect resp.reason == "Proxy Authentication Required"
expect resp.http.Proxy-Authenticate == {Basic realm="ingress"}
# credentials proxy-admin:studly
txreq -url /coffee -hdr "Host: cafe.example.com" \
-hdr "Proxy-Authorization: Basic cHJveHktYWRtaW46c3R1ZGx5"
rxresp
expect resp.status == 200
} -run
examples/authentication/deploy_acl_or_auth.sh
0 → 100755
View file @
f6684104
#! /bin/bash -ex
kubectl apply
-f
../hello/cafe.yaml
kubectl apply
-f
../hello/cafe-ingress.yaml
kubectl apply
-f
basic-secrets.yaml
kubectl apply
-f
acl-or-auth.yaml
examples/authentication/deploy_basic_auth.sh
0 → 100755
View file @
f6684104
#! /bin/bash -ex
kubectl apply
-f
../hello/cafe.yaml
kubectl apply
-f
../hello/cafe-ingress.yaml
kubectl apply
-f
basic-secrets.yaml
kubectl apply
-f
basic-auth.yaml
examples/authentication/deploy_proxy_auth.sh
0 → 100755
View file @
f6684104
#! /bin/bash -ex
kubectl apply
-f
../hello/cafe.yaml
kubectl apply
-f
../hello/cafe-ingress.yaml
kubectl apply
-f
proxy-auth-secrets.yaml
kubectl apply
-f
proxy-auth.yaml
examples/authentication/undeploy_acl_or_auth.sh
0 → 100755
View file @
f6684104
#! /bin/bash -ex
kubectl delete
-f
acl-or-auth.yaml
kubectl delete
-f
basic-secrets.yaml
kubectl delete
-f
../hello/cafe-ingress.yaml
kubectl delete
-f
../hello/cafe.yaml
echo
"Waiting until varnish-ingress Pods are not ready"
N
=
0
until
[
$N
-ge
120
]
do
if
kubectl get pods
-l
app
=
varnish-ingress |
grep
-q
' 1/1'
;
then
sleep
10
N
=
$((
N
+
10
))
continue
fi
exit
0
done
echo
"Giving up"
exit
1
examples/authentication/undeploy_basic_auth.sh
0 → 100755
View file @
f6684104
#! /bin/bash -ex
kubectl delete
-f
basic-auth.yaml
kubectl delete
-f
basic-secrets.yaml
kubectl delete
-f
../hello/cafe-ingress.yaml
kubectl delete
-f
../hello/cafe.yaml
echo
"Waiting until varnish-ingress Pods are not ready"
N
=
0
until
[
$N
-ge
120
]
do
if
kubectl get pods
-l
app
=
varnish-ingress |
grep
-q
' 1/1'
;
then
sleep
10
N
=
$((
N
+
10
))
continue
fi
exit
0
done
echo
"Giving up"
exit
1
examples/authentication/undeploy_proxy_auth.sh
0 → 100755
View file @
f6684104
#! /bin/bash -ex
kubectl delete
-f
proxy-auth.yaml
kubectl delete
-f
proxy-auth-secrets.yaml
kubectl delete
-f
../hello/cafe-ingress.yaml
kubectl delete
-f
../hello/cafe.yaml
echo
"Waiting until varnish-ingress Pods are not ready"
N
=
0
until
[
$N
-ge
120
]
do
if
kubectl get pods
-l
app
=
varnish-ingress |
grep
-q
' 1/1'
;
then
sleep
10
N
=
$((
N
+
10
))
continue
fi
exit
0
done
echo
"Giving up"
exit
1
examples/authentication/verify_acl_or_auth.sh
0 → 100755
View file @
f6684104
#! /bin/bash -ex
function
killforward
{
kill
$KUBEPID
}
LOCALPORT
=
${
LOCALPORT
:-
8888
}
kubectl
wait
--timeout
=
2m pod
-l
app
=
varnish-ingress
--for
=
condition
=
Ready
kubectl port-forward svc/varnish-ingress
${
LOCALPORT
}
:80
>
/dev/null &
KUBEPID
=
$!
trap
killforward EXIT
sleep
1
varnishtest
${
TESTOPTS
}
-Dlocalport
=
${
LOCALPORT
}
cafe_acl_or_auth.vtc
examples/authentication/verify_basic_auth.sh
0 → 100755
View file @
f6684104
#! /bin/bash -ex
function
killforward
{
kill
$KUBEPID
}
LOCALPORT
=
${
LOCALPORT
:-
8888
}
kubectl
wait
--timeout
=
2m pod
-l
app
=
varnish-ingress
--for
=
condition
=
Ready
kubectl port-forward svc/varnish-ingress
${
LOCALPORT
}
:80
>
/dev/null &
KUBEPID
=
$!
trap
killforward EXIT
sleep
1
varnishtest
${
TESTOPTS
}
-Dlocalport
=
${
LOCALPORT
}
cafe_basic_auth.vtc
examples/authentication/verify_proxy_auth.sh
0 → 100755
View file @
f6684104
#! /bin/bash -ex
function
killforward
{
kill
$KUBEPID
}
LOCALPORT
=
${
LOCALPORT
:-
8888
}
kubectl
wait
--timeout
=
2m pod
-l
app
=
varnish-ingress
--for
=
condition
=
Ready
kubectl port-forward svc/varnish-ingress
${
LOCALPORT
}
:80
>
/dev/null &
KUBEPID
=
$!
trap
killforward EXIT
sleep
1
varnishtest
${
TESTOPTS
}
-Dlocalport
=
${
LOCALPORT
}
cafe_proxy_auth.vtc
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment