Merge pull request #551 from averevki/dnspolicy-modification-tests

DNSPolicy modification tests

config/settings.local.yaml.tpl

@@ -54,11 +54,12 @@
 #      kind: "ClusterIssuer"                       # Kind of Issuer, can be "Issuer" or "ClusterIssuer"
 #  dns:
 #    dns_server:
-#      geo_code: "DE"                       # dns provider geo code of the dns server
-#      address: "ns1.seolizer.de"           # dns nameserver hostname or ip
+#      geo_code: "DE"                              # dns provider geo code of the dns server
+#      address: "ns1.seolizer.de"                  # dns nameserver hostname or ip
 #    dns_server2:
-#      geo_code: "AU"                       # dns provider geo code of the second dns server
-#      address: "ns2.seolizer.de"           # second dns nameserver hostname or ip
+#      geo_code: "AU"                              # dns provider geo code of the second dns server
+#      address: "ns2.seolizer.de"                  # second dns nameserver hostname or ip
+#    default_geo_server: "ns3.seolizer.de"         # dns nameserver for tests with default geolocation resolution
 #  letsencrypt:
 #    issuer:                                       # Issuer object for testing TLSPolicy
 #      name: "letsencrypt-staging-issuer"          # Name of Issuer CR

testsuite/config/__init__.py

@@ -66,6 +66,7 @@ def __init__(self, name, default, **kwargs) -> None:
             & Validator("dns.dns_server2.address", must_exist=True, ne=None, cast=hostname_to_ip)
             & Validator("dns.dns_server2.geo_code", must_exist=True, ne=None)
         ),
+        Validator("dns.default_geo_server", must_exist=True, ne=None, cast=hostname_to_ip),
         DefaultValueValidator("keycloak.url", default=fetch_service_ip("keycloak", force_http=True, port=8080)),
         DefaultValueValidator("keycloak.password", default=fetch_secret("credential-sso", "ADMIN_PASSWORD")),
         DefaultValueValidator("mockserver.url", default=fetch_service_ip("mockserver", force_http=True, port=1080)),

testsuite/tests/multicluster/load_balanced/conftest.py

@@ -10,10 +10,10 @@
 def dns_config(testconfig, skip_or_fail):
     """Configuration for DNS tests"""
     try:
-        testconfig.validators.validate(only="dns")
+        testconfig.validators.validate(only=["dns.dns_server", "dns.dns_server2"])
         return testconfig["dns"]
     except ValidationError as exc:
-        return skip_or_fail(f"DNS configuration is missing: {exc}")
+        return skip_or_fail(f"DNS servers configuration is missing: {exc}")
 
 
 @pytest.fixture(scope="package")
@@ -28,6 +28,16 @@ def dns_server2(dns_config):
     return dns_config["dns_server2"]
 
 
+@pytest.fixture(scope="session")
+def dns_default_geo_server(testconfig, skip_or_fail):
+    """Configuration of DNS server for default GEO tests"""
+    try:
+        testconfig.validators.validate(only="dns.default_geo_server")
+        return testconfig["dns"]["default_geo_server"]
+    except ValidationError as exc:
+        return skip_or_fail(f"DNS default geo server configuration is missing: {exc}")
+
+
 @pytest.fixture(scope="module")
 def dns_policy(blame, cluster, gateway, dns_server, module_label, dns_provider_secret):
     """DNSPolicy with load-balancing for the first cluster"""

testsuite/tests/multicluster/load_balanced/test_change_default_geo.py

@@ -0,0 +1,27 @@
+"""Test for modification of default geolocation in DNSPolicy"""
+
+from time import sleep
+
+import pytest
+import dns.resolver
+
+pytestmark = [pytest.mark.multicluster]
+
+
+def test_change_default_geo(hostname, gateway, gateway2, dns_policy, dns_policy2, dns_default_geo_server):
+    """Test changing dns default geolocation and verify that changes are propagated"""
+    resolver = dns.resolver.Resolver(configure=False)
+    resolver.nameservers = [dns_default_geo_server]
+
+    assert resolver.resolve(hostname.hostname)[0].address == gateway.external_ip().split(":")[0]
+
+    dns_policy.model.spec.loadBalancing.defaultGeo = False
+    dns_policy.apply()
+    dns_policy.wait_for_ready()
+
+    dns_policy2.model.spec.loadBalancing.defaultGeo = True
+    dns_policy2.apply()
+    dns_policy2.wait_for_ready()
+
+    sleep(300)  # wait for DNS propagation on providers
+    assert resolver.resolve(hostname.hostname)[0].address == gateway2.external_ip().split(":")[0]

testsuite/tests/multicluster/load_balanced/test_change_strategy.py

@@ -0,0 +1,14 @@
+"""Test changing load-balancing strategy in DNSPolicy"""
+
+import pytest
+
+pytestmark = [pytest.mark.multicluster]
+
+
+def test_change_lb_strategy(dns_policy2):
+    """Verify that changing load-balancing strategy is not allowed"""
+    dns_policy2.model.spec.pop("loadBalancing")
+    res = dns_policy2.apply()
+
+    assert res.status() == 1
+    assert "loadBalancing is immutable" in res.err()

testsuite/tests/multicluster/load_balanced/test_load_balanced_geo.py

@@ -1,13 +1,12 @@
 """Test load-balancing based on geolocation"""
 
 import pytest
-import dns.name
 import dns.resolver
 
 pytestmark = [pytest.mark.multicluster]
 
 
-def test_load_balanced_geo(client, hostname, gateway, gateway2, dns_server, dns_server2):
+def test_load_balanced_geo(client, hostname, gateway, gateway2, dns_server, dns_server2, dns_default_geo_server):
     """
     - Verify that request to the hostname is successful
     - Verify that DNS resolution through nameservers from different regions returns according IPs
@@ -23,3 +22,6 @@ def test_load_balanced_geo(client, hostname, gateway, gateway2, dns_server, dns_
 
     resolver.nameservers = [dns_server2["address"]]
     assert resolver.resolve(hostname.hostname)[0].address == gateway2.external_ip().split(":")[0]
+
+    resolver.nameservers = [dns_default_geo_server]
+    assert resolver.resolve(hostname.hostname)[0].address == gateway.external_ip().split(":")[0]