Skip to content

Commit 53b3b73

Browse files
krmodelskikrmodelski
committed
add proxy-url tests
1 parent 1d47564 commit 53b3b73

File tree

3 files changed

+164
-35
lines changed

3 files changed

+164
-35
lines changed

src/config_test.ts

Lines changed: 67 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -15,12 +15,15 @@ import { CoreV1Api, RequestContext } from './api.js';
1515
import { bufferFromFileOrString, findHomeDir, findObject, KubeConfig, makeAbsolutePath } from './config.js';
1616
import { ActionOnInvalid, Cluster, newClusters, newContexts, newUsers, User } from './config_types.js';
1717
import { ExecAuth } from './exec_auth.js';
18+
import { HttpProxyAgent, HttpsProxyAgent } from 'hpagent';
19+
import { SocksProxyAgent } from 'socks-proxy-agent';
1820

1921
const kcFileName = 'testdata/kubeconfig.yaml';
2022
const kc2FileName = 'testdata/kubeconfig-2.yaml';
2123
const kcDupeCluster = 'testdata/kubeconfig-dupe-cluster.yaml';
2224
const kcDupeContext = 'testdata/kubeconfig-dupe-context.yaml';
2325
const kcDupeUser = 'testdata/kubeconfig-dupe-user.yaml';
26+
const kcProxyUrl = 'testdata/kubeconfig-proxy-url.yaml';
2427

2528
const kcNoUserFileName = 'testdata/empty-user-kubeconfig.yaml';
2629
const kcInvalidContextFileName = 'testdata/empty-context-kubeconfig.yaml';
@@ -43,6 +46,7 @@ function validateFileLoad(kc: KubeConfig) {
4346
expect(cluster1.name).to.equal('cluster1');
4447
expect(cluster1.caData).to.equal('Q0FEQVRB');
4548
expect(cluster1.server).to.equal('http://example.com');
49+
expect(cluster1.proxyUrl).to.equal('socks5://localhost:1181');
4650
expect(cluster2.name).to.equal('cluster2');
4751
expect(cluster2.caData).to.equal('Q0FEQVRBMg==');
4852
expect(cluster2.server).to.equal('http://example2.com');
@@ -358,6 +362,69 @@ describe('KubeConfig', () => {
358362

359363
assertRequestOptionsEqual(opts, expectedOptions);
360364
});
365+
it('should apply socks proxy', async () => {
366+
const kc = new KubeConfig();
367+
kc.loadFromFile(kcProxyUrl);
368+
kc.setCurrentContext('contextA');
369+
370+
const testServerName = 'https://example.com';
371+
const rc = new RequestContext(testServerName, HttpMethod.GET);
372+
373+
await kc.applySecurityAuthentication(rc);
374+
const expectedCA = Buffer.from('CADAT@', 'utf-8');
375+
const expectedProxyHost = 'example';
376+
const expectedProxyPort = 1187;
377+
378+
expect(rc.getAgent()).to.be.instanceOf(SocksProxyAgent);
379+
const agent = rc.getAgent() as SocksProxyAgent;
380+
expect(agent.options.ca?.toString()).to.equal(expectedCA.toString());
381+
expect(agent.proxy.host).to.equal(expectedProxyHost);
382+
expect(agent.proxy.port).to.equal(expectedProxyPort);
383+
});
384+
it('should apply https proxy', async () => {
385+
const kc = new KubeConfig();
386+
kc.loadFromFile(kcProxyUrl);
387+
kc.setCurrentContext('contextB');
388+
389+
const testServerName = 'https://example.com';
390+
const rc = new RequestContext(testServerName, HttpMethod.GET);
391+
392+
await kc.applySecurityAuthentication(rc);
393+
const expectedCA = Buffer.from('CADAT@', 'utf-8');
394+
const expectedProxyHref = 'http://example:9443/';
395+
396+
expect(rc.getAgent()).to.be.instanceOf(HttpsProxyAgent);
397+
const agent = rc.getAgent() as HttpsProxyAgent;
398+
expect(agent.options.ca?.toString()).to.equal(expectedCA.toString());
399+
expect(agent.proxy.href).to.equal(expectedProxyHref);
400+
});
401+
it('should apply http proxy', async () => {
402+
const kc = new KubeConfig();
403+
kc.loadFromFile(kcProxyUrl);
404+
kc.setCurrentContext('contextC');
405+
406+
const testServerName = 'https://example.com';
407+
const rc = new RequestContext(testServerName, HttpMethod.GET);
408+
409+
await kc.applySecurityAuthentication(rc);
410+
const expectedCA = Buffer.from('CADAT@', 'utf-8');
411+
const expectedProxyHref = 'http://example:8080/';
412+
413+
expect(rc.getAgent()).to.be.instanceOf(HttpProxyAgent);
414+
const agent = rc.getAgent() as HttpProxyAgent;
415+
expect(agent.options.ca?.toString()).to.equal(expectedCA.toString());
416+
expect(agent.proxy.href).to.equal(expectedProxyHref);
417+
});
418+
it('should throw an error if proxy-url is provided but the server protocol is not http or https', async () => {
419+
const kc = new KubeConfig();
420+
kc.loadFromFile(kcProxyUrl);
421+
kc.setCurrentContext('contextD');
422+
423+
const testServerName = 'https://example.com';
424+
const rc = new RequestContext(testServerName, HttpMethod.GET);
425+
426+
return expect(kc.applySecurityAuthentication(rc)).to.be.rejectedWith('Unsupported proxy type');
427+
});
361428
});
362429

363430
describe('loadClusterConfigObjects', () => {

testdata/kubeconfig-proxy-url.yaml

Lines changed: 61 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,61 @@
1+
apiVersion: v1
2+
clusters:
3+
- cluster:
4+
certificate-authority-data: Q0FEQVRA
5+
server: http://example1.com
6+
proxy-url: socks5://example:1187
7+
name: clusterA
8+
- cluster:
9+
certificate-authority-data: Q0FEQVRA
10+
server: https://example2.com
11+
proxy-url: http://example:9443
12+
name: clusterB
13+
- cluster:
14+
certificate-authority-data: Q0FEQVRA
15+
server: http://example3.com
16+
proxy-url: http://example:8080
17+
name: clusterC
18+
- cluster:
19+
certificate-authority-data: Q0FEQVRA
20+
server: htto://exampleerror.com
21+
proxy-url: http://example:8080
22+
name: clusterD
23+
24+
contexts:
25+
- context:
26+
cluster: clusterA
27+
user: userA
28+
name: contextA
29+
- context:
30+
cluster: clusterB
31+
user: userB
32+
name: contextB
33+
- context:
34+
cluster: clusterC
35+
user: userC
36+
name: contextC
37+
- context:
38+
cluster: clusterD
39+
user: userD
40+
name: contextD
41+
42+
current-context: contextA
43+
kind: Config
44+
preferences: {}
45+
users:
46+
- name: userA
47+
user:
48+
client-certificate-data: XVNFUl9DQURBVEE=
49+
client-key-data: XVNFUl9DS0RBVEE=
50+
- name: userB
51+
user:
52+
client-certificate-data: XVNFUl9DQURBVEE=
53+
client-key-data: XVNFUl9DS0RBVEE=
54+
- name: userC
55+
user:
56+
client-certificate-data: XVNFUl9DQURBVEE=
57+
client-key-data: XVNFUl9DS0RBVEE=
58+
- name: userD
59+
user:
60+
client-certificate-data: XVNFUl9DQURBVEE=
61+
client-key-data: XVNFUl9DS0RBVEE=

testdata/kubeconfig.yaml

Lines changed: 36 additions & 35 deletions
Original file line numberDiff line numberDiff line change
@@ -1,43 +1,44 @@
11
apiVersion: v1
22
clusters:
3-
- cluster:
4-
certificate-authority-data: Q0FEQVRB
5-
server: http://example.com
6-
name: cluster1
7-
- cluster:
8-
certificate-authority-data: Q0FEQVRBMg==
9-
server: http://example2.com
10-
insecure-skip-tls-verify: true
11-
name: cluster2
3+
- cluster:
4+
certificate-authority-data: Q0FEQVRB
5+
server: http://example.com
6+
proxy-url: socks5://localhost:1181
7+
name: cluster1
8+
- cluster:
9+
certificate-authority-data: Q0FEQVRBMg==
10+
server: http://example2.com
11+
insecure-skip-tls-verify: true
12+
name: cluster2
1213

1314
contexts:
14-
- context:
15-
cluster: cluster1
16-
user: user1
17-
name: context1
18-
- context:
19-
cluster: cluster2
20-
namespace: namespace2
21-
user: user2
22-
name: context2
23-
- context:
24-
cluster: cluster2
25-
user: user3
26-
name: passwd
15+
- context:
16+
cluster: cluster1
17+
user: user1
18+
name: context1
19+
- context:
20+
cluster: cluster2
21+
namespace: namespace2
22+
user: user2
23+
name: context2
24+
- context:
25+
cluster: cluster2
26+
user: user3
27+
name: passwd
2728

28-
current-context: context2
29+
current-context: context2
2930
kind: Config
3031
preferences: {}
3132
users:
32-
- name: user1
33-
user:
34-
client-certificate-data: VVNFUl9DQURBVEE=
35-
client-key-data: VVNFUl9DS0RBVEE=
36-
- name: user2
37-
user:
38-
client-certificate-data: VVNFUjJfQ0FEQVRB
39-
client-key-data: VVNFUjJfQ0tEQVRB
40-
- name: user3
41-
user:
42-
username: foo
43-
password: bar
33+
- name: user1
34+
user:
35+
client-certificate-data: VVNFUl9DQURBVEE=
36+
client-key-data: VVNFUl9DS0RBVEE=
37+
- name: user2
38+
user:
39+
client-certificate-data: VVNFUjJfQ0FEQVRB
40+
client-key-data: VVNFUjJfQ0tEQVRB
41+
- name: user3
42+
user:
43+
username: foo
44+
password: bar

0 commit comments

Comments
 (0)