traefik/integration/proxy_protocol_test.go

109 lines
3.4 KiB
Go
Raw Normal View History

2017-10-30 09:02:03 +00:00
package integration
import (
"net/http"
"os"
"time"
"github.com/go-check/check"
"github.com/traefik/traefik/v2/integration/try"
2017-10-30 09:02:03 +00:00
checker "github.com/vdemeester/shakers"
)
type ProxyProtocolSuite struct{ BaseSuite }
func (s *ProxyProtocolSuite) SetUpSuite(c *check.C) {
s.createComposeProject(c, "proxy-protocol")
s.composeProject.Start(c)
}
func (s *ProxyProtocolSuite) TestProxyProtocolTrusted(c *check.C) {
gatewayIP := s.composeProject.Container(c, "haproxy").NetworkSettings.Gateway
haproxyIP := s.composeProject.Container(c, "haproxy").NetworkSettings.IPAddress
whoamiIP := s.composeProject.Container(c, "whoami").NetworkSettings.IPAddress
2019-08-26 12:40:04 +00:00
file := s.adaptFile(c, "fixtures/proxy-protocol/with.toml", struct {
HaproxyIP string
WhoamiIP string
}{HaproxyIP: haproxyIP, WhoamiIP: whoamiIP})
defer os.Remove(file)
cmd, display := s.traefikCmd(withConfigFile(file))
defer display(c)
err := cmd.Start()
c.Assert(err, checker.IsNil)
2020-10-09 07:32:03 +00:00
defer s.killCmd(cmd)
2019-08-26 12:40:04 +00:00
err = try.GetRequest("http://"+haproxyIP+"/whoami", 1*time.Second,
2019-08-26 12:40:04 +00:00
try.StatusCodeIs(http.StatusOK),
try.BodyContains("X-Forwarded-For: "+gatewayIP))
c.Assert(err, checker.IsNil)
}
func (s *ProxyProtocolSuite) TestProxyProtocolV2Trusted(c *check.C) {
gatewayIP := s.composeProject.Container(c, "haproxy").NetworkSettings.Gateway
haproxyIP := s.composeProject.Container(c, "haproxy").NetworkSettings.IPAddress
whoamiIP := s.composeProject.Container(c, "whoami").NetworkSettings.IPAddress
2017-10-30 09:02:03 +00:00
file := s.adaptFile(c, "fixtures/proxy-protocol/with.toml", struct {
HaproxyIP string
WhoamiIP string
2019-08-26 12:40:04 +00:00
}{HaproxyIP: haproxyIP, WhoamiIP: whoamiIP})
2017-10-30 09:02:03 +00:00
defer os.Remove(file)
cmd, display := s.traefikCmd(withConfigFile(file))
defer display(c)
err := cmd.Start()
c.Assert(err, checker.IsNil)
2020-10-09 07:32:03 +00:00
defer s.killCmd(cmd)
2017-10-30 09:02:03 +00:00
err = try.GetRequest("http://"+haproxyIP+":81/whoami", 1*time.Second,
2019-08-26 12:40:04 +00:00
try.StatusCodeIs(http.StatusOK),
try.BodyContains("X-Forwarded-For: "+gatewayIP))
2017-10-30 09:02:03 +00:00
c.Assert(err, checker.IsNil)
}
func (s *ProxyProtocolSuite) TestProxyProtocolNotTrusted(c *check.C) {
haproxyIP := s.composeProject.Container(c, "haproxy").NetworkSettings.IPAddress
whoamiIP := s.composeProject.Container(c, "whoami").NetworkSettings.IPAddress
2019-08-26 12:40:04 +00:00
file := s.adaptFile(c, "fixtures/proxy-protocol/without.toml", struct {
HaproxyIP string
WhoamiIP string
}{HaproxyIP: haproxyIP, WhoamiIP: whoamiIP})
defer os.Remove(file)
cmd, display := s.traefikCmd(withConfigFile(file))
defer display(c)
err := cmd.Start()
c.Assert(err, checker.IsNil)
2020-10-09 07:32:03 +00:00
defer s.killCmd(cmd)
2019-08-26 12:40:04 +00:00
err = try.GetRequest("http://"+haproxyIP+"/whoami", 1*time.Second,
2019-08-26 12:40:04 +00:00
try.StatusCodeIs(http.StatusOK),
try.BodyContains("X-Forwarded-For: "+haproxyIP))
c.Assert(err, checker.IsNil)
}
func (s *ProxyProtocolSuite) TestProxyProtocolV2NotTrusted(c *check.C) {
haproxyIP := s.composeProject.Container(c, "haproxy").NetworkSettings.IPAddress
whoamiIP := s.composeProject.Container(c, "whoami").NetworkSettings.IPAddress
2017-10-30 09:02:03 +00:00
file := s.adaptFile(c, "fixtures/proxy-protocol/without.toml", struct {
HaproxyIP string
WhoamiIP string
2019-08-26 12:40:04 +00:00
}{HaproxyIP: haproxyIP, WhoamiIP: whoamiIP})
2017-10-30 09:02:03 +00:00
defer os.Remove(file)
cmd, display := s.traefikCmd(withConfigFile(file))
defer display(c)
err := cmd.Start()
c.Assert(err, checker.IsNil)
2020-10-09 07:32:03 +00:00
defer s.killCmd(cmd)
2017-10-30 09:02:03 +00:00
err = try.GetRequest("http://"+haproxyIP+":81/whoami", 1*time.Second,
2019-08-26 12:40:04 +00:00
try.StatusCodeIs(http.StatusOK),
try.BodyContains("X-Forwarded-For: "+haproxyIP))
2017-10-30 09:02:03 +00:00
c.Assert(err, checker.IsNil)
}