-
Notifications
You must be signed in to change notification settings - Fork 17
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #588 from jsmolar/jsmolar3
Fix OPA tests
- Loading branch information
Showing
4 changed files
with
49 additions
and
43 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
41 changes: 0 additions & 41 deletions
41
...s/singlecluster/authorino/authorization/opa/external_registry/test_auto_refresh_policy.py
This file was deleted.
Oops, something went wrong.
47 changes: 47 additions & 0 deletions
47
testsuite/tests/singlecluster/authorino/authorization/opa/external_registry/test_cache.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,47 @@ | ||
""" | ||
Tests for Open Policy Agent (OPA) policy pulled from external registry. | ||
Registry is represented by Mockserver Expectation that returns Rego query. | ||
""" | ||
|
||
from time import sleep | ||
|
||
import pytest | ||
|
||
from testsuite.utils import rego_allow_header | ||
|
||
|
||
pytestmark = [pytest.mark.authorino] | ||
|
||
|
||
KEY = "test-key" | ||
VALUE = "test-value" | ||
|
||
|
||
@pytest.fixture(scope="function", autouse=True) | ||
def reset_expectation(mockserver, module_label): | ||
"""Updates Expectation with updated header""" | ||
mockserver.create_response_expectation(module_label, rego_allow_header(KEY, VALUE)) | ||
sleep(2) # waits for cache to reset because of ttl=1 | ||
|
||
|
||
def test_caching(client, auth, mockserver, blame, module_label): | ||
"""Tests that external policy is cached""" | ||
response = client.get("/get", auth=auth, headers={KEY: VALUE}) | ||
assert response.status_code == 200 | ||
|
||
mockserver.create_response_expectation(module_label, rego_allow_header(blame(KEY), blame(VALUE))) | ||
|
||
response = client.get("/get", auth=auth, headers={KEY: VALUE}) | ||
assert response.status_code == 200 | ||
|
||
|
||
def test_cache_refresh(client, auth, mockserver, blame, module_label): | ||
"""Tests that policy is pull again from external registry after ttl expiration""" | ||
response = client.get("/get", auth=auth, headers={KEY: VALUE}) | ||
assert response.status_code == 200 | ||
|
||
mockserver.create_response_expectation(module_label, rego_allow_header(blame(KEY), blame(VALUE))) | ||
sleep(2) | ||
|
||
response = client.get("/get", auth=auth, headers={KEY: VALUE}) | ||
assert response.status_code == 403 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters