diff --git a/assets/kong_EE_versions.ver b/assets/kong_EE_versions.ver index 53797a76..99db05e3 100644 --- a/assets/kong_EE_versions.ver +++ b/assets/kong_EE_versions.ver @@ -1,5 +1,6 @@ 2.8.4.2 +2.8.4.3 3.0.0.0 3.0.1.0 3.0.2.0 diff --git a/kong-versions/2.8.4.3/kong/Makefile b/kong-versions/2.8.4.3/kong/Makefile new file mode 100644 index 00000000..5a2b391d --- /dev/null +++ b/kong-versions/2.8.4.3/kong/Makefile @@ -0,0 +1,366 @@ +OS := $(shell uname | awk '{print tolower($$0)}') +MACHINE := $(shell uname -m) + +DEV_ROCKS = "busted 2.0.0" "busted-hjtest 0.0.4" "luacheck 0.25.0" "lua-llthreads2 0.1.6" "http 0.4" "ldoc 1.4.6" +WIN_SCRIPTS = "bin/busted" "bin/kong" "bin/kong-health" +BUSTED_ARGS ?= -v +TEST_CMD ?= bin/busted $(BUSTED_ARGS) + +BUILD_NAME ?= kong-dev +BAZEL_ARGS ?= --verbose_failures --action_env=BUILD_NAME=$(BUILD_NAME) --//:skip_webui=true + +ifeq ($(OS), darwin) +OPENSSL_DIR ?= /usr/local/opt/openssl +GRPCURL_OS ?= osx +else +OPENSSL_DIR ?= /usr +GRPCURL_OS ?= $(OS) +endif + +ifeq ($(MACHINE), aarch64) +GRPCURL_MACHINE ?= arm64 +H2CLIENT_MACHINE ?= arm64 +else +GRPCURL_MACHINE ?= $(MACHINE) +H2CLIENT_MACHINE ?= $(MACHINE) +endif + +ifeq ($(MACHINE), aarch64) +BAZELISK_MACHINE ?= arm64 +else ifeq ($(MACHINE), x86_64) +BAZELISK_MACHINE ?= amd64 +else +BAZELISK_MACHINE ?= $(MACHINE) +endif + +.PHONY: install dependencies dev remove grpcurl \ + setup-ci setup-kong-build-tools \ + lint test test-integration test-plugins test-all \ + pdk-phase-check functional-tests \ + fix-windows \ + nightly-release release + +ROOT_DIR:=$(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))) +KONG_SOURCE_LOCATION ?= $(ROOT_DIR) +KONG_BUILD_TOOLS_LOCATION ?= $(KONG_SOURCE_LOCATION)/../kong-build-tools +KONG_GMP_VERSION ?= `grep KONG_GMP_VERSION $(KONG_SOURCE_LOCATION)/.requirements | awk -F"=" '{print $$2}'` +RESTY_VERSION ?= `grep RESTY_VERSION $(KONG_SOURCE_LOCATION)/.requirements | awk -F"=" '{print $$2}'` +RESTY_LUAROCKS_VERSION ?= `grep RESTY_LUAROCKS_VERSION $(KONG_SOURCE_LOCATION)/.requirements | awk -F"=" '{print $$2}'` +RESTY_OPENSSL_VERSION ?= `grep RESTY_OPENSSL_VERSION $(KONG_SOURCE_LOCATION)/.requirements | awk -F"=" '{print $$2}'` +RESTY_PCRE_VERSION ?= `grep RESTY_PCRE_VERSION $(KONG_SOURCE_LOCATION)/.requirements | awk -F"=" '{print $$2}'` +KONG_BUILD_TOOLS ?= `grep KONG_BUILD_TOOLS_VERSION $(KONG_SOURCE_LOCATION)/.requirements | awk -F"=" '{print $$2}'` +GRPCURL_VERSION ?= 1.8.5 +BAZLISK_VERSION ?= 1.18.0 +OPENRESTY_PATCHES_BRANCH ?= master +KONG_NGINX_MODULE_BRANCH ?= master +KONG_PGMOON_VERSION ?= `grep KONG_PGMOON_VERSION $(KONG_SOURCE_LOCATION)/.requirements | awk -F"=" '{print $$2}'` +KONG_PGMOON_LOCATION ?= $(KONG_SOURCE_LOCATION)/../kong-pgmoon +BAZEL := $(shell command -v bazel 2> /dev/null) +VENV = /dev/null # backward compatibility when no venv is built + +# Use x86_64 grpcurl v1.8.5 for Apple silicon chips +ifeq ($(GRPCURL_OS)_$(MACHINE)_$(GRPCURL_VERSION), osx_arm64_1.8.5) +GRPCURL_MACHINE = x86_64 +endif + +H2CLIENT_VERSION ?= 0.4.0 + +PACKAGE_TYPE ?= deb +REPOSITORY_NAME ?= kong-${PACKAGE_TYPE} +REPOSITORY_OS_NAME ?= ${RESTY_IMAGE_BASE} +KONG_PACKAGE_NAME ?= kong +# This logic should mirror the kong-build-tools equivalent +KONG_VERSION ?= `echo $(KONG_SOURCE_LOCATION)/kong-*.rockspec | sed 's,.*/,,' | cut -d- -f2` + +TAG := $(shell git describe --exact-match HEAD || true) + +ifneq ($(TAG),) + # We're building a tag + ISTAG = true + POSSIBLE_PRERELEASE_NAME = $(shell git describe --tags --abbrev=0 | awk -F"-" '{print $$2}') + ifneq ($(POSSIBLE_PRERELEASE_NAME),) + # We're building a pre-release tag + OFFICIAL_RELEASE = false + REPOSITORY_NAME = kong-prerelease + else + # We're building a semver release tag + OFFICIAL_RELEASE = true + KONG_VERSION ?= `cat $(KONG_SOURCE_LOCATION)/kong-*.rockspec | grep -m1 tag | awk '{print $$3}' | sed 's/"//g'` + ifeq ($(PACKAGE_TYPE),apk) + REPOSITORY_NAME = kong-alpine-tar + endif + endif +else + OFFICIAL_RELEASE = false + ISTAG = false + BRANCH ?= $(shell git rev-parse --abbrev-ref HEAD) + REPOSITORY_NAME = kong-${BRANCH} + REPOSITORY_OS_NAME = ${BRANCH} + KONG_PACKAGE_NAME ?= kong-${BRANCH} + KONG_VERSION ?= `date +%Y-%m-%d` +endif + +bin/bazel: + @curl -s -S -L \ + https://github.com/bazelbuild/bazelisk/releases/download/v$(BAZLISK_VERSION)/bazelisk-$(OS)-$(BAZELISK_MACHINE) -o bin/bazel + @chmod +x bin/bazel + +bin/grpcurl: + @curl -s -S -L \ + https://github.com/fullstorydev/grpcurl/releases/download/v$(GRPCURL_VERSION)/grpcurl_$(GRPCURL_VERSION)_$(GRPCURL_OS)_$(GRPCURL_MACHINE).tar.gz | tar xz -C bin; + @$(RM) bin/LICENSE + +bin/h2client: + @curl -s -S -L \ + https://github.com/Kong/h2client/releases/download/v$(H2CLIENT_VERSION)/h2client_$(H2CLIENT_VERSION)_$(OS)_$(H2CLIENT_MACHINE).tar.gz | tar xz -C bin; + @$(RM) bin/README.md + +release: +ifeq ($(ISTAG),false) + sed -i -e '/return string\.format/,/\"\")/c\return "$(KONG_VERSION)\"' kong/meta.lua +endif + cd $(KONG_BUILD_TOOLS_LOCATION); \ + $(MAKE) \ + KONG_VERSION=${KONG_VERSION} \ + KONG_PACKAGE_NAME=${KONG_PACKAGE_NAME} \ + package-kong && \ + $(MAKE) \ + KONG_VERSION=${KONG_VERSION} \ + KONG_PACKAGE_NAME=${KONG_PACKAGE_NAME} \ + REPOSITORY_NAME=${REPOSITORY_NAME} \ + REPOSITORY_OS_NAME=${REPOSITORY_OS_NAME} \ + KONG_PACKAGE_NAME=${KONG_PACKAGE_NAME} \ + KONG_VERSION=${KONG_VERSION} \ + OFFICIAL_RELEASE=$(OFFICIAL_RELEASE) \ + release-kong + +setup-ci: + OPENRESTY=$(RESTY_VERSION) \ + LUAROCKS=$(RESTY_LUAROCKS_VERSION) \ + OPENSSL=$(RESTY_OPENSSL_VERSION) \ + OPENRESTY_PATCHES_BRANCH=$(OPENRESTY_PATCHES_BRANCH) \ + KONG_NGINX_MODULE_BRANCH=$(KONG_NGINX_MODULE_BRANCH) \ + .ci/setup_env.sh + +setup-kong-build-tools: + -rm -rf $(KONG_BUILD_TOOLS_LOCATION) + -git clone https://github.com/Kong/kong-build-tools.git $(KONG_BUILD_TOOLS_LOCATION) + cd $(KONG_BUILD_TOOLS_LOCATION); \ + git reset --hard && git checkout $(KONG_BUILD_TOOLS); \ + +functional-tests: setup-kong-build-tools + cd $(KONG_BUILD_TOOLS_LOCATION); \ + $(MAKE) setup-build && \ + $(MAKE) build-kong && \ + $(MAKE) test + +install-pgmoon: + -luarocks remove pgmoon --force + -rm -rf $(KONG_PGMOON_LOCATION) + -git clone https://github.com/Kong/pgmoon.git $(KONG_PGMOON_LOCATION) + cd $(KONG_PGMOON_LOCATION); \ + git reset --hard $(KONG_PGMOON_VERSION); \ + luarocks make --force + +install-kong: + @luarocks make OPENSSL_DIR=$(OPENSSL_DIR) CRYPTO_DIR=$(OPENSSL_DIR) + +install: install-kong install-pgmoon + cd ./plugins-ee/application-registration; \ + luarocks make + +remove: + -@luarocks remove kong + +remove-plugins-ee: + scripts/enterprise_plugin.sh remove-all + +dependencies: bin/grpcurl + @for rock in $(DEV_ROCKS) ; do \ + if luarocks list --porcelain $$rock | grep -q "installed" ; then \ + echo $$rock already installed, skipping ; \ + else \ + echo $$rock not found, installing via luarocks... ; \ + luarocks install $$rock OPENSSL_DIR=$(OPENSSL_DIR) CRYPTO_DIR=$(OPENSSL_DIR) || exit 1; \ + fi \ + done; + +build-venv: check-bazel + $(eval VENV := bazel-bin/build/$(BUILD_NAME)-venv.sh) + + @if [ ! -e bazel-bin/build/$(BUILD_NAME)-venv.sh ]; then \ + $(BAZEL) build //build:venv $(BAZEL_ARGS); \ + fi + +install-dev-rocks: build-venv + @. $(VENV) ;\ + for rock in $(DEV_ROCKS) ; do \ + if luarocks list --porcelain $$rock | grep -q "installed" ; then \ + echo $$rock already installed, skipping ; \ + else \ + echo $$rock not found, installing via luarocks... ; \ + LIBRARY_PREFIX=$$(pwd)/bazel-bin/build/$(BUILD_NAME)/kong ; \ + luarocks install $$rock OPENSSL_DIR=$$LIBRARY_PREFIX CRYPTO_DIR=$$LIBRARY_PREFIX YAML_DIR=$(YAML_DIR) || exit 1; \ + fi \ + done; + +dev: remove install dependencies + +venv-dev: build-venv install-dev-rocks bin/grpcurl bin/h2client + +check-bazel: bin/bazel +ifndef BAZEL + $(eval BAZEL := bin/bazel) +endif + +clean: check-bazel + $(BAZEL) clean + $(RM) bin/bazel bin/grpcurl bin/h2client + + +lint: + @luacheck --exclude-files ./plugins-ee/ -q . + @!(grep -R -E -I -n -w '#only|#o' spec && echo "#only or #o tag detected") >&2 + @!(grep -R -E -I -n -w '#only|#o' spec-ee && echo "#only or #o tag detected") >&2 + @!(grep -R -E -I -n -- '---\s+ONLY' t && echo "--- ONLY block detected") >&2 + @$(KONG_SOURCE_LOCATION)/scripts/copyright-header-checker + +install-plugins-ee: + scripts/enterprise_plugin.sh install-all + +try-install-plugins-ee: + scripts/enterprise_plugin.sh install-all --ignore-errors + +test: + @$(TEST_CMD) spec/01-unit + +test-ee: + @$(TEST_CMD) spec-ee/01-unit + +test-integration: + @$(TEST_CMD) spec/02-integration + +test-integration-ee: + @$(TEST_CMD) spec-ee/02-integration + +test-plugins-spec: + @$(TEST_CMD) spec/03-plugins + +test-plugins-spec-ee: + @$(TEST_CMD) spec-ee/03-plugins + +test-all: + @$(TEST_CMD) spec/ + +test-all-ee: + @$(TEST_CMD) spec-ee/ + +test-build-package: + $(KONG_SOURCE_LOCATION)/dist/dist.sh build alpine + +test-build-image: test-build-package + $(KONG_SOURCE_LOCATION)/dist/dist.sh build-image alpine + +test-build-pongo-deps: + scripts/enterprise_plugin.sh build-deps + +test-forward-proxy: + scripts/enterprise_plugin.sh test forward-proxy + +test-canary: + scripts/enterprise_plugin.sh test canary + +test-application-registration: + scripts/enterprise_plugin.sh test application-registration + +test-degraphql: + scripts/enterprise_plugin.sh test degraphql + +test-exit-transformer: + scripts/enterprise_plugin.sh test exit-transformer + +test-graphql-proxy-cache-advanced: + scripts/enterprise_plugin.sh test graphql-proxy-cache-advanced + +test-graphql-rate-limiting-advanced: + scripts/enterprise_plugin.sh test graphql-rate-limiting-advanced + +test-jq: + scripts/enterprise_plugin.sh test jq + +test-jwt-signer: + scripts/enterprise_plugin.sh test jwt-signer + +test-kafka-log: + scripts/enterprise_plugin.sh test kafka-log + +test-kafka-upstream: + scripts/enterprise_plugin.sh test kafka-upstream + +test-key-auth-enc: + scripts/enterprise_plugin.sh test key-auth-enc + +test-ldap-auth-advanced: + scripts/enterprise_plugin.sh test ldap-auth-advanced + +test-mocking: + scripts/enterprise_plugin.sh test mocking + +test-mtls-auth: + scripts/enterprise_plugin.sh test mtls-auth + +test-oauth2-introspection: + scripts/enterprise_plugin.sh test oauth2-introspection + +test-opa: + scripts/enterprise_plugin.sh test opa + +test-openid-connect: + scripts/enterprise_plugin.sh test openid-connect + +test-proxy-cache-advanced: + scripts/enterprise_plugin.sh test proxy-cache-advanced + +test-request-transformer-advanced: + scripts/enterprise_plugin.sh test request-transformer-advanced + +test-request-validator: + scripts/enterprise_plugin.sh test request-validator + +test-response-transformer-advanced: + scripts/enterprise_plugin.sh test response-transformer-advanced + +test-route-by-header: + scripts/enterprise_plugin.sh test route-by-header + +test-route-transformer-advanced: + scripts/enterprise_plugin.sh test route-transformer-advanced + +test-statsd-advanced: + scripts/enterprise_plugin.sh test statsd-advanced + +test-upstream-timeout: + scripts/enterprise_plugin.sh test upstream-timeout + +test-vault-auth: + scripts/enterprise_plugin.sh test vault-auth + +test-rate-limiting-advanced: + scripts/enterprise_plugin.sh test rate-limiting-advanced + +pdk-phase-checks: + rm -f t/phase_checks.stats + rm -f t/phase_checks.report + PDK_PHASE_CHECKS_LUACOV=1 prove -I. t/01*/*/00-phase*.t + luacov -c t/phase_checks.luacov + grep "ngx\\." t/phase_checks.report + grep "check_" t/phase_checks.report + +fix-windows: + @for script in $(WIN_SCRIPTS) ; do \ + echo Converting Windows file $$script ; \ + mv $$script $$script.win ; \ + tr -d '\015' <$$script.win >$$script ; \ + rm $$script.win ; \ + chmod 0755 $$script ; \ + done; diff --git a/kong-versions/2.8.4.3/kong/bin/busted b/kong-versions/2.8.4.3/kong/bin/busted new file mode 100755 index 00000000..c928fb23 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/bin/busted @@ -0,0 +1,62 @@ +#!/usr/bin/env resty + +local DEFAULT_RESTY_FLAGS="-c 4096" + +if not os.getenv("KONG_BUSTED_RESPAWNED") then + -- initial run, so go update the environment + local script = {} + for line in io.popen("set"):lines() do + local ktvar, val = line:match("^KONG_TEST_([^=]*)=(.*)") + if ktvar then + -- reinserted KONG_TEST_xxx as KONG_xxx; append + table.insert(script, "export KONG_" .. ktvar .. "=" ..val) + end + + local var = line:match("^(KONG_[^=]*)") + local var_for_spec = line:match("^(KONG_SPEC_[^=]*)") + if var and not var_for_spec then + -- remove existing KONG_xxx and KONG_TEST_xxx variables; prepend + table.insert(script, 1, "unset " .. var) + end + end + -- add cli recursion detection + table.insert(script, "export KONG_BUSTED_RESPAWNED=1") + + -- XXX EE + table.insert(script, "export KONG_IS_TESTING=1") + + -- rebuild the invoked commandline, while inserting extra resty-flags + local resty_flags = DEFAULT_RESTY_FLAGS + local cmd = { "exec", "/usr/bin/env", "resty" } + local cmd_prefix_count = #cmd + for i = 0, #arg do + if arg[i]:sub(1, 12) == "RESTY_FLAGS=" then + resty_flags = arg[i]:sub(13, -1) + + else + table.insert(cmd, "'" .. arg[i] .. "'") + end + end + + if resty_flags then + table.insert(cmd, cmd_prefix_count+1, resty_flags) + end + + table.insert(script, table.concat(cmd, " ")) + + -- recurse cli command, with proper variables (un)set for clean testing + local _, _, rc = os.execute(table.concat(script, "; ")) + os.exit(rc) +end + +setmetatable(_G, nil) + +pcall(require, "luarocks.loader") + +require("kong.globalpatches")({ + cli = true, + rbusted = true +}) + +-- Busted command-line runner +require 'busted.runner'({ standalone = false }) diff --git a/kong-versions/2.8.4.3/kong/bin/kong b/kong-versions/2.8.4.3/kong/bin/kong new file mode 100755 index 00000000..3e0ecf97 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/bin/kong @@ -0,0 +1,9 @@ +#!/usr/bin/env resty + +setmetatable(_G, nil) + +pcall(require, "luarocks.loader") + +package.path = (os.getenv("KONG_LUA_PATH_OVERRIDE") or "") .. "./?.lua;./?/init.lua;" .. package.path + +require("kong.cmd.init")(arg) diff --git a/kong-versions/2.8.4.3/kong/bin/kong-health b/kong-versions/2.8.4.3/kong/bin/kong-health new file mode 100755 index 00000000..26b36586 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/bin/kong-health @@ -0,0 +1,77 @@ +#!/usr/bin/env resty + +setmetatable(_G, nil) +package.path = (os.getenv("KONG_LUA_PATH_OVERRIDE") or "") .. "./?.lua;./?/init.lua;" .. package.path + +local kill = require "kong.cmd.utils.kill" +local kong_default_conf = require "kong.templates.kong_defaults" +local pl_app = require "pl.lapp" +local pl_config = require "pl.config" +local pl_path = require "pl.path" +local pl_stringio = require "pl.stringio" + +local KONG_DEFAULT_PREFIX = "/usr/local/kong" + + +local function get_kong_prefix() + local prefix = os.getenv("KONG_PREFIX") + + if not prefix then + local s = pl_stringio.open(kong_default_conf) + local defaults = pl_config.read(s, { + smart = false, + list_delim = "_blank_" -- mandatory but we want to ignore it + }) + s:close() + if defaults then + prefix = defaults.prefix + end + + end + + return prefix or KONG_DEFAULT_PREFIX +end + + +local function execute(args) + local prefix = args.prefix or get_kong_prefix(args) + assert(pl_path.exists(prefix), "no such prefix: " .. prefix) + + local kong_env = pl_path.join(prefix, ".kong_env") + assert(pl_path.exists(kong_env), "Kong is not running at " .. prefix) + + print("") + local pid_file = pl_path.join(prefix, "pids", "nginx.pid") + kill.is_running(pid_file) + assert(kill.is_running(pid_file), "Kong is not running at " .. prefix) + print("Kong is healthy at ", prefix) +end + + +local lapp = [[ +Usage: kong health [OPTIONS] +Check if the necessary services are running for this node. +Options: + -p,--prefix (optional string) prefix at which Kong should be running + --v verbose + --vv debug +]] + +local function run(args) + args = pl_app(lapp) + xpcall(function() execute(args) end, function(err) + if not (args.v or args.vv) then + err = err:match "^.-:.-:.(.*)$" + io.stderr:write("Error: " .. err .. "\n") + io.stderr:write("\n Run with --v (verbose) or --vv (debug) for more details\n") + else + local trace = debug.traceback(err, 2) + io.stderr:write("Error: \n") + io.stderr:write(trace .. "\n") + end + pl_app.quit(nil, true) + end) +end + + +run(arg) diff --git a/kong-versions/2.8.4.3/kong/spec-ee/fixtures/custom_plugins/kong/plugins/.keep b/kong-versions/2.8.4.3/kong/spec-ee/fixtures/custom_plugins/kong/plugins/.keep new file mode 100644 index 00000000..e69de29b diff --git a/kong-versions/2.8.4.3/kong/spec-ee/fixtures/expired_license.json b/kong-versions/2.8.4.3/kong/spec-ee/fixtures/expired_license.json new file mode 100644 index 00000000..6761c467 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec-ee/fixtures/expired_license.json @@ -0,0 +1,16 @@ +{ + "license": { + "version": 1, + "payload": { + "customer": "ee-build-test", + "product_subscription": "Kong Only", + "support_plan": "None", + "admin_seats": "1", + "dataplanes": "1", + "license_creation_date": "2020-9-23", + "license_expiration_date": "2020-09-24", + "license_key": "ASDASDASDASDASDASDASDASDASD_a1VASASD" + }, + "signature": "8229128802796d7a846a6cabf9832af936c39b8ae154b03d49182e4195fd1697cb62cd79b7e7e529eb806b566edd8d5c8833a542363a0948dac31fce57df3a38" + } +} \ No newline at end of file diff --git a/kong-versions/2.8.4.3/kong/spec-ee/fixtures/feature_rate_limit_plugins.conf b/kong-versions/2.8.4.3/kong/spec-ee/fixtures/feature_rate_limit_plugins.conf new file mode 100644 index 00000000..ccd27096 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec-ee/fixtures/feature_rate_limit_plugins.conf @@ -0,0 +1,5 @@ +rate_limiting_restrict_redis_only=on +response_ratelimiting_restrict_redis_only=on +redis_host=a-redis-host.internal +redis_port=17812 + diff --git a/kong-versions/2.8.4.3/kong/spec-ee/fixtures/feature_vitals_tsdb.conf b/kong-versions/2.8.4.3/kong/spec-ee/fixtures/feature_vitals_tsdb.conf new file mode 100644 index 00000000..013d5895 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec-ee/fixtures/feature_vitals_tsdb.conf @@ -0,0 +1,3 @@ +vitals_prometheus_enable_cluster_level=on +vitals_prometheus_auth_header=Basic supersecret +vitals_prometheus_custom_filters=client="client1" \ No newline at end of file diff --git a/kong-versions/2.8.4.3/kong/spec-ee/fixtures/keyring/crypto_cert.pem b/kong-versions/2.8.4.3/kong/spec-ee/fixtures/keyring/crypto_cert.pem new file mode 100644 index 00000000..f40836e3 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec-ee/fixtures/keyring/crypto_cert.pem @@ -0,0 +1,9 @@ +-----BEGIN PUBLIC KEY----- +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYYPKcMZWEp2RUX0bEwN +2rLDWHb10cM0+yQRE/O4eyFRrgCxdDnXY0yBcpkMHRxZHNmsktVJ34U8HzScsGRc +xbEIWGJEhs0Lj6RM0/YxRNwtUu8JwgzhxTpiXN4vya16WmSF4or4C5dvLPHKHzB0 +fNKJWrRtcOsP4ZxWmhj0kjT2YoAQiR+9r5I1HgbPMoJhS/PVevSypYrH83iB1slu +LegBkrmaif81O9E+sWMQkyyCgYXa1OplIRZdUkyPY4Alvs9WDFgYKJanBXab2Oql +WjzcfNX9t/hmc4KpFOzL7IkELintw2l8owMUSVxbaTSV1TRejhMX9jxLqPGJyM7U +DwIDAQAB +-----END PUBLIC KEY----- diff --git a/kong-versions/2.8.4.3/kong/spec-ee/fixtures/keyring/crypto_key.pem b/kong-versions/2.8.4.3/kong/spec-ee/fixtures/keyring/crypto_key.pem new file mode 100644 index 00000000..116c6559 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec-ee/fixtures/keyring/crypto_key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAmYYPKcMZWEp2RUX0bEwN2rLDWHb10cM0+yQRE/O4eyFRrgCx +dDnXY0yBcpkMHRxZHNmsktVJ34U8HzScsGRcxbEIWGJEhs0Lj6RM0/YxRNwtUu8J +wgzhxTpiXN4vya16WmSF4or4C5dvLPHKHzB0fNKJWrRtcOsP4ZxWmhj0kjT2YoAQ +iR+9r5I1HgbPMoJhS/PVevSypYrH83iB1sluLegBkrmaif81O9E+sWMQkyyCgYXa +1OplIRZdUkyPY4Alvs9WDFgYKJanBXab2OqlWjzcfNX9t/hmc4KpFOzL7IkELint +w2l8owMUSVxbaTSV1TRejhMX9jxLqPGJyM7UDwIDAQABAoIBAGYDarf5aDH+6LAH +V+9OajZUavGxuo50BBSNVrvHS2KmNTxGQaRVewYEpE+d2yrM13oQOlgnWjsosVab +AzNCvVKv3De+tIJOZcxBBLwj74EuPP/KztUe8ja4IPxMt7xvhcni2gQ7C6/IJJvc +3s3yyLTYwWSAV+iciaUE2Zbz1i//8etfTARBK49fPdULoFPhwEe2eivJgDj842xn +s/Wc/rhU/HCjnKVbjZ8IHBbQowsMkJ54xMMmYYCRq+Bsr+mgg0nyeDUHsvlxMm6K +3dGEFQ5qHPPPzxV/65d3e/u6O+/00lMTY4glugNocutyaOVljc2wpqY8JYow83yZ +7aim+QECgYEAyM25BFpjoKkEkIXphppRM5odl33GOhcBhQyEHBDkq5yrSHM0LQmg +Obm2uJIDAyCylVj4RSOmBZkISc3S4pzLjt+FowLYRmyrKH9s1kfu6DMq0+swE2+P +oGcGC7eO2c3+ho8RCypArDH9/VpaMzWTo90lqu6l9oYs1xAqaxQ46yECgYEAw7lP +w2KNpnahIRO+cUDrGt/onoZ7vSIg+RtTfLcY9bP+N7bn5eONmAEMC1ZY6rHlh5sb +Q0Z+Zw/s5RyJ8d7+QRPhBk3bGgilYBj+q77TNWnbG5qsUUqOD5TgA0e+i19diqAf +K/EqfproaXgo0AAwRPqVIXzwG0NkYRIgb/qniS8CgYByZxKT8lN0gxcAp+qmL2E3 +/wQA/T1kdxr8jGbv/ofpZfcH7eq6BhPtD2uUuEtTCtvzzp6T9X1vDwLz2Xnedepb +WemvN720UdEp339Ije8FB7HMzt+zEwpHHqsJHekbGgt66iORst7pvAmywDlHl6yn +3STKv/B6BXOii6k/HGRZQQKBgQCKUjCYuNG6zyPYqIdyqpp9B7jyL8DLTY9X/YPn +I88z9dy3q0AAK+0pe7PzXza/xrGcQHXn+a3jUFHvKVgj46B0hYQGXId3wpx9aayx +286QdRswSwN0/+eeA2y9ZLq47NDC456kA3AwwXF2+EB/n2J9nUo/vHhEDECoiZL7 +EH3OaQKBgQCbEpR5Z3jTAF2i8lQY2vSUuzPxy8nIWVtldLoAIQL19GidRRtSkFZa +Kl09C+BYNqzpNCw0G7VJx9se2u/JkcuZHBOMg/nHtVHXpUETXf/YrAB6pF7bbZzM +mwtea0ZgW5t/nII9X2VqRtRaW4wy85GqA8YiTtfT5Dku7YSBH+GlnQ== +-----END RSA PRIVATE KEY----- diff --git a/kong-versions/2.8.4.3/kong/spec-ee/fixtures/mock_feature_flags.conf b/kong-versions/2.8.4.3/kong/spec-ee/fixtures/mock_feature_flags.conf new file mode 100644 index 00000000..dacc0a93 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec-ee/fixtures/mock_feature_flags.conf @@ -0,0 +1,4 @@ +foo=on +bar_value=42 +baz = off +multi = kong,strong diff --git a/kong-versions/2.8.4.3/kong/spec-ee/fixtures/mock_license.json b/kong-versions/2.8.4.3/kong/spec-ee/fixtures/mock_license.json new file mode 100644 index 00000000..9b165065 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec-ee/fixtures/mock_license.json @@ -0,0 +1,14 @@ +{ + "license": { + "payload": { + "customer": "", + "product_subscription": "Enterprise", + "support_plan": "Silver", + "admin_seats": "5", + "license_creation_date": "2018-01-01", + "license_expiration_date": "2099-12-31", + "license_key": "0014100000LyLlf_00641000008di8T" + }, + "signature": "LS0tLS1CRUdJTiBQR1AgTUVTU0FHRS0tLS0tCgpvd0did012TXdDVjJyL3J6aHlkL2I4OWdQTzJXeEJDNXc3Zk15TlFpMFRnbEtkWFFJTm5Dd3NMY3dNdzh6Y0xTCnhNelV4TUxjMGpMWjBDakpNdEU0emRna05jblEwdExJd2lBcE9TMHQwU3paMk5BbzBUVEoxQ3pOcktPVWhVR00KaTBGV1RKRkZhSjd2SWUrNVA0cDIzRzZUZ05uRHlnU3loSUdMVXdBbXNzYVo0Wi9HalhZRmhXTEhlNnZhOXlabgp1OWJVeVRaT3kxOGI3WDFyMXFrVlltRzdObnN3L05OZjBLK2xYc3BaYXhjNldhSi9hdUw1aElaTEowdVk1dDZkCmI3cW9VUEQrVm5ZQQo9ZnV1cgotLS0tLUVORCBQR1AgTUVTU0FHRS0tLS0tCg==" + } +} diff --git a/kong-versions/2.8.4.3/kong/spec-ee/fixtures/oas_config/missing_host_v2.json b/kong-versions/2.8.4.3/kong/spec-ee/fixtures/oas_config/missing_host_v2.json new file mode 100644 index 00000000..422d10d9 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec-ee/fixtures/oas_config/missing_host_v2.json @@ -0,0 +1,153 @@ +{ + "swagger": "2.0", + "info": { + "version": "1.0.0", + "title": "Swagger Petstore3", + "license": { + "name": "MIT" + } + }, + "basePath": "/v3", + "schemes": [ + "http", + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "paths": { + "/pets": { + "get": { + "summary": "List all pets", + "operationId": "listPets", + "tags": [ + "pets" + ], + "parameters": [ + { + "name": "limit", + "in": "query", + "description": "How many items to return at one time (max 100)", + "required": false, + "type": "integer", + "format": "int32" + } + ], + "responses": { + "200": { + "description": "An paged array of pets", + "headers": { + "x-next": { + "type": "string", + "description": "A link to the next page of responses" + } + }, + "schema": { + "$ref": "#/definitions/Pets" + } + }, + "default": { + "description": "unexpected error", + "schema": { + "$ref": "#/definitions/Error" + } + } + } + }, + "post": { + "summary": "Create a pet", + "operationId": "createPets", + "tags": [ + "pets" + ], + "responses": { + "201": { + "description": "Null response" + }, + "default": { + "description": "unexpected error", + "schema": { + "$ref": "#/definitions/Error" + } + } + } + } + }, + "/pets/{petId}": { + "get": { + "summary": "Info for a specific pet", + "operationId": "showPetById", + "tags": [ + "pets" + ], + "parameters": [ + { + "name": "petId", + "in": "path", + "required": true, + "description": "The id of the pet to retrieve", + "type": "string" + } + ], + "responses": { + "200": { + "description": "Expected response to a valid request", + "schema": { + "$ref": "#/definitions/Pets" + } + }, + "default": { + "description": "unexpected error", + "schema": { + "$ref": "#/definitions/Error" + } + } + } + } + } + }, + "definitions": { + "Pet": { + "required": [ + "id", + "name" + ], + "properties": { + "id": { + "type": "integer", + "format": "int64" + }, + "name": { + "type": "string" + }, + "tag": { + "type": "string" + } + } + }, + "Pets": { + "type": "array", + "items": { + "$ref": "#/definitions/Pet" + } + }, + "Error": { + "required": [ + "code", + "message" + ], + "properties": { + "code": { + "type": "integer", + "format": "int32" + }, + "message": { + "type": "string" + } + } + } + } +} diff --git a/kong-versions/2.8.4.3/kong/spec-ee/fixtures/oas_config/missing_host_v2.yaml b/kong-versions/2.8.4.3/kong/spec-ee/fixtures/oas_config/missing_host_v2.yaml new file mode 100644 index 00000000..f24edd9a --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec-ee/fixtures/oas_config/missing_host_v2.yaml @@ -0,0 +1,699 @@ +openapi: '2.0' +info: + description: 'This is a sample server Petstore server. You can find out more about Swagger at [http://swagger.io](http://swagger.io) or on [irc.freenode.net, #swagger](http://swagger.io/irc/). For this sample, you can use the api key `special-key` to test the authorization filters.' + version: 1.0.0 + title: Swagger Petstore + termsOfService: 'http://swagger.io/terms/' + contact: + email: apiteam@swagger.io + license: + name: Apache 2.0 + url: 'http://www.apache.org/licenses/LICENSE-2.0.html' +basePath: /v2 +tags: + - name: pet + description: Everything about your Pets + externalDocs: + description: Find out more + url: 'http://swagger.io' + - name: store + description: Access to Petstore orders + - name: user + description: Operations about user + externalDocs: + description: Find out more about our store + url: 'http://swagger.io' +schemes: + - https + - http +paths: + /pet: + post: + tags: + - pet + summary: Add a new pet to the store + description: '' + operationId: addPet + consumes: + - application/json + - application/xml + produces: + - application/xml + - application/json + parameters: + - in: body + name: body + description: Pet object that needs to be added to the store + required: true + schema: + $ref: '#/definitions/Pet' + responses: + '405': + description: Invalid input + security: + - petstore_auth: + - 'write:pets' + - 'read:pets' + put: + tags: + - pet + summary: Update an existing pet + description: '' + operationId: updatePet + consumes: + - application/json + - application/xml + produces: + - application/xml + - application/json + parameters: + - in: body + name: body + description: Pet object that needs to be added to the store + required: true + schema: + $ref: '#/definitions/Pet' + responses: + '400': + description: Invalid ID supplied + '404': + description: Pet not found + '405': + description: Validation exception + security: + - petstore_auth: + - 'write:pets' + - 'read:pets' + /pet/findByStatus: + get: + tags: + - pet + summary: Finds Pets by status + description: Multiple status values can be provided with comma separated strings + operationId: findPetsByStatus + produces: + - application/xml + - application/json + parameters: + - name: status + in: query + description: Status values that need to be considered for filter + required: true + type: array + items: + type: string + enum: + - available + - pending + - sold + default: available + collectionFormat: multi + responses: + '200': + description: successful operation + schema: + type: array + items: + $ref: '#/definitions/Pet' + '400': + description: Invalid status value + security: + - petstore_auth: + - 'write:pets' + - 'read:pets' + /pet/findByTags: + get: + tags: + - pet + summary: Finds Pets by tags + description: 'Muliple tags can be provided with comma separated strings. Use tag1, tag2, tag3 for testing.' + operationId: findPetsByTags + produces: + - application/xml + - application/json + parameters: + - name: tags + in: query + description: Tags to filter by + required: true + type: array + items: + type: string + collectionFormat: multi + responses: + '200': + description: successful operation + schema: + type: array + items: + $ref: '#/definitions/Pet' + '400': + description: Invalid tag value + security: + - petstore_auth: + - 'write:pets' + - 'read:pets' + deprecated: true + '/pet/{petId}': + get: + tags: + - pet + summary: Find pet by ID + description: Returns a single pet + operationId: getPetById + produces: + - application/xml + - application/json + parameters: + - name: petId + in: path + description: ID of pet to return + required: true + type: integer + format: int64 + responses: + '200': + description: successful operation + schema: + $ref: '#/definitions/Pet' + '400': + description: Invalid ID supplied + '404': + description: Pet not found + security: + - api_key: [] + post: + tags: + - pet + summary: Updates a pet in the store with form data + description: '' + operationId: updatePetWithForm + consumes: + - application/x-www-form-urlencoded + produces: + - application/xml + - application/json + parameters: + - name: petId + in: path + description: ID of pet that needs to be updated + required: true + type: integer + format: int64 + - name: name + in: formData + description: Updated name of the pet + required: false + type: string + - name: status + in: formData + description: Updated status of the pet + required: false + type: string + responses: + '405': + description: Invalid input + security: + - petstore_auth: + - 'write:pets' + - 'read:pets' + delete: + tags: + - pet + summary: Deletes a pet + description: '' + operationId: deletePet + produces: + - application/xml + - application/json + parameters: + - name: api_key + in: header + required: false + type: string + - name: petId + in: path + description: Pet id to delete + required: true + type: integer + format: int64 + responses: + '400': + description: Invalid ID supplied + '404': + description: Pet not found + security: + - petstore_auth: + - 'write:pets' + - 'read:pets' + '/pet/{petId}/uploadImage': + post: + tags: + - pet + summary: uploads an image + description: '' + operationId: uploadFile + consumes: + - multipart/form-data + produces: + - application/json + parameters: + - name: petId + in: path + description: ID of pet to update + required: true + type: integer + format: int64 + - name: additionalMetadata + in: formData + description: Additional data to pass to server + required: false + type: string + - name: file + in: formData + description: file to upload + required: false + type: file + responses: + '200': + description: successful operation + schema: + $ref: '#/definitions/ApiResponse' + security: + - petstore_auth: + - 'write:pets' + - 'read:pets' + /store/inventory: + get: + tags: + - store + summary: Returns pet inventories by status + description: Returns a map of status codes to quantities + operationId: getInventory + produces: + - application/json + parameters: [] + responses: + '200': + description: successful operation + schema: + type: object + additionalProperties: + type: integer + format: int32 + security: + - api_key: [] + /store/order: + post: + tags: + - store + summary: Place an order for a pet + description: '' + operationId: placeOrder + produces: + - application/xml + - application/json + parameters: + - in: body + name: body + description: order placed for purchasing the pet + required: true + schema: + $ref: '#/definitions/Order' + responses: + '200': + description: successful operation + schema: + $ref: '#/definitions/Order' + '400': + description: Invalid Order + '/store/order/{orderId}': + get: + tags: + - store + summary: Find purchase order by ID + description: For valid response try integer IDs with value >= 1 and <= 10. Other values will generated exceptions + operationId: getOrderById + produces: + - application/xml + - application/json + parameters: + - name: orderId + in: path + description: ID of pet that needs to be fetched + required: true + type: integer + maximum: 10 + minimum: 1 + format: int64 + responses: + '200': + description: successful operation + schema: + $ref: '#/definitions/Order' + '400': + description: Invalid ID supplied + '404': + description: Order not found + delete: + tags: + - store + summary: Delete purchase order by ID + description: For valid response try integer IDs with positive integer value. Negative or non-integer values will generate API errors + operationId: deleteOrder + produces: + - application/xml + - application/json + parameters: + - name: orderId + in: path + description: ID of the order that needs to be deleted + required: true + type: integer + minimum: 1 + format: int64 + responses: + '400': + description: Invalid ID supplied + '404': + description: Order not found + /user: + post: + tags: + - user + summary: Create user + description: This can only be done by the logged in user. + operationId: createUser + produces: + - application/xml + - application/json + parameters: + - in: body + name: body + description: Created user object + required: true + schema: + $ref: '#/definitions/User' + responses: + default: + description: successful operation + /user/createWithArray: + post: + tags: + - user + summary: Creates list of users with given input array + description: '' + operationId: createUsersWithArrayInput + produces: + - application/xml + - application/json + parameters: + - in: body + name: body + description: List of user object + required: true + schema: + type: array + items: + $ref: '#/definitions/User' + responses: + default: + description: successful operation + /user/createWithList: + post: + tags: + - user + summary: Creates list of users with given input array + description: '' + operationId: createUsersWithListInput + produces: + - application/xml + - application/json + parameters: + - in: body + name: body + description: List of user object + required: true + schema: + type: array + items: + $ref: '#/definitions/User' + responses: + default: + description: successful operation + /user/login: + get: + tags: + - user + summary: Logs user into the system + description: '' + operationId: loginUser + produces: + - application/xml + - application/json + parameters: + - name: username + in: query + description: The user name for login + required: true + type: string + - name: password + in: query + description: The password for login in clear text + required: true + type: string + responses: + '200': + description: successful operation + schema: + type: string + headers: + X-Rate-Limit: + type: integer + format: int32 + description: calls per hour allowed by the user + X-Expires-After: + type: string + format: date-time + description: date in UTC when token expires + '400': + description: Invalid username/password supplied + /user/logout: + get: + tags: + - user + summary: Logs out current logged in user session + description: '' + operationId: logoutUser + produces: + - application/xml + - application/json + parameters: [] + responses: + default: + description: successful operation + '/user/{username}': + get: + tags: + - user + summary: Get user by user name + description: '' + operationId: getUserByName + produces: + - application/xml + - application/json + parameters: + - name: username + in: path + description: 'The name that needs to be fetched. Use user1 for testing. ' + required: true + type: string + responses: + '200': + description: successful operation + schema: + $ref: '#/definitions/User' + '400': + description: Invalid username supplied + '404': + description: User not found + put: + tags: + - user + summary: Updated user + description: This can only be done by the logged in user. + operationId: updateUser + produces: + - application/xml + - application/json + parameters: + - name: username + in: path + description: name that need to be updated + required: true + type: string + - in: body + name: body + description: Updated user object + required: true + schema: + $ref: '#/definitions/User' + responses: + '400': + description: Invalid user supplied + '404': + description: User not found + delete: + tags: + - user + summary: Delete user + description: This can only be done by the logged in user. + operationId: deleteUser + produces: + - application/xml + - application/json + parameters: + - name: username + in: path + description: The name that needs to be deleted + required: true + type: string + responses: + '400': + description: Invalid username supplied + '404': + description: User not found +securityDefinitions: + petstore_auth: + type: oauth2 + authorizationUrl: 'https://petstore.swagger.io/oauth/dialog' + flow: implicit + scopes: + 'write:pets': modify pets in your account + 'read:pets': read your pets + api_key: + type: apiKey + name: api_key + in: header +definitions: + Order: + type: object + properties: + id: + type: integer + format: int64 + petId: + type: integer + format: int64 + quantity: + type: integer + format: int32 + shipDate: + type: string + format: date-time + status: + type: string + description: Order Status + enum: + - placed + - approved + - delivered + complete: + type: boolean + default: false + xml: + name: Order + User: + type: object + properties: + id: + type: integer + format: int64 + username: + type: string + firstName: + type: string + lastName: + type: string + email: + type: string + password: + type: string + phone: + type: string + userStatus: + type: integer + format: int32 + description: User Status + xml: + name: User + Category: + type: object + properties: + id: + type: integer + format: int64 + name: + type: string + xml: + name: Category + Tag: + type: object + properties: + id: + type: integer + format: int64 + name: + type: string + xml: + name: Tag + Pet: + type: object + required: + - name + - photoUrls + properties: + id: + type: integer + format: int64 + category: + $ref: '#/definitions/Category' + name: + type: string + example: doggie + photoUrls: + type: array + xml: + name: photoUrl + wrapped: true + items: + type: string + tags: + type: array + xml: + name: tag + wrapped: true + items: + $ref: '#/definitions/Tag' + status: + type: string + description: pet status in the store + enum: + - available + - pending + - sold + xml: + name: Pet + ApiResponse: + type: object + properties: + code: + type: integer + format: int32 + type: + type: string + message: + type: string +externalDocs: + description: Find out more about Swagger + url: 'http://swagger.io' diff --git a/kong-versions/2.8.4.3/kong/spec-ee/fixtures/oas_config/missing_servers_v3.json b/kong-versions/2.8.4.3/kong/spec-ee/fixtures/oas_config/missing_servers_v3.json new file mode 100644 index 00000000..a961305b --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec-ee/fixtures/oas_config/missing_servers_v3.json @@ -0,0 +1,148 @@ +{ + "openapi": "3.0", + "info": { + "version": "1.0.0", + "title": "Swagger Petstore3", + "license": { + "name": "MIT" + } + }, + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "paths": { + "/pets": { + "get": { + "summary": "List all pets", + "operationId": "listPets", + "tags": [ + "pets" + ], + "parameters": [ + { + "name": "limit", + "in": "query", + "description": "How many items to return at one time (max 100)", + "required": false, + "type": "integer", + "format": "int32" + } + ], + "responses": { + "200": { + "description": "An paged array of pets", + "headers": { + "x-next": { + "type": "string", + "description": "A link to the next page of responses" + } + }, + "schema": { + "$ref": "#/definitions/Pets" + } + }, + "default": { + "description": "unexpected error", + "schema": { + "$ref": "#/definitions/Error" + } + } + } + }, + "post": { + "summary": "Create a pet", + "operationId": "createPets", + "tags": [ + "pets" + ], + "responses": { + "201": { + "description": "Null response" + }, + "default": { + "description": "unexpected error", + "schema": { + "$ref": "#/definitions/Error" + } + } + } + } + }, + "/pets/{petId}": { + "get": { + "summary": "Info for a specific pet", + "operationId": "showPetById", + "tags": [ + "pets" + ], + "parameters": [ + { + "name": "petId", + "in": "path", + "required": true, + "description": "The id of the pet to retrieve", + "type": "string" + } + ], + "responses": { + "200": { + "description": "Expected response to a valid request", + "schema": { + "$ref": "#/definitions/Pets" + } + }, + "default": { + "description": "unexpected error", + "schema": { + "$ref": "#/definitions/Error" + } + } + } + } + } + }, + "definitions": { + "Pet": { + "required": [ + "id", + "name" + ], + "properties": { + "id": { + "type": "integer", + "format": "int64" + }, + "name": { + "type": "string" + }, + "tag": { + "type": "string" + } + } + }, + "Pets": { + "type": "array", + "items": { + "$ref": "#/definitions/Pet" + } + }, + "Error": { + "required": [ + "code", + "message" + ], + "properties": { + "code": { + "type": "integer", + "format": "int32" + }, + "message": { + "type": "string" + } + } + } + } +} diff --git a/kong-versions/2.8.4.3/kong/spec-ee/fixtures/oas_config/missing_servers_v3.yaml b/kong-versions/2.8.4.3/kong/spec-ee/fixtures/oas_config/missing_servers_v3.yaml new file mode 100644 index 00000000..6a08cc0d --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec-ee/fixtures/oas_config/missing_servers_v3.yaml @@ -0,0 +1,107 @@ +openapi: "3.0.0" +info: + version: 1.0.0 + title: Swagger Petstore + license: + name: MIT +paths: + /pets: + get: + summary: List all pets + operationId: listPets + tags: + - pets + parameters: + - name: limit + in: query + description: How many items to return at one time (max 100) + required: false + schema: + type: integer + format: int32 + responses: + '200': + description: A paged array of pets + headers: + x-next: + description: A link to the next page of responses + schema: + type: string + content: + application/json: + schema: + $ref: "#/components/schemas/Pets" + default: + description: unexpected error + content: + application/json: + schema: + $ref: "#/components/schemas/Error" + post: + summary: Create a pet + operationId: createPets + tags: + - pets + responses: + '201': + description: Null response + default: + description: unexpected error + content: + application/json: + schema: + $ref: "#/components/schemas/Error" + /pets/{petId}: + get: + summary: Info for a specific pet + operationId: showPetById + tags: + - pets + parameters: + - name: petId + in: path + required: true + description: The id of the pet to retrieve + schema: + type: string + responses: + '200': + description: Expected response to a valid request + content: + application/json: + schema: + $ref: "#/components/schemas/Pets" + default: + description: unexpected error + content: + application/json: + schema: + $ref: "#/components/schemas/Error" +components: + schemas: + Pet: + required: + - id + - name + properties: + id: + type: integer + format: int64 + name: + type: string + tag: + type: string + Pets: + type: array + items: + $ref: "#/components/schemas/Pet" + Error: + required: + - code + - message + properties: + code: + type: integer + format: int32 + message: + type: string diff --git a/kong-versions/2.8.4.3/kong/spec-ee/fixtures/oas_config/petstore_v2.json b/kong-versions/2.8.4.3/kong/spec-ee/fixtures/oas_config/petstore_v2.json new file mode 100644 index 00000000..1703cd7e --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec-ee/fixtures/oas_config/petstore_v2.json @@ -0,0 +1,154 @@ +{ + "swagger": "2.0", + "info": { + "version": "1.0.0", + "title": "Swagger Petstore", + "license": { + "name": "MIT" + } + }, + "host": "petstore.swagger.io:9999", + "basePath": "/yeeee", + "schemes": [ + "http", + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "paths": { + "/pets": { + "get": { + "summary": "List all pets", + "operationId": "listPets", + "tags": [ + "pets" + ], + "parameters": [ + { + "name": "limit", + "in": "query", + "description": "How many items to return at one time (max 100)", + "required": false, + "type": "integer", + "format": "int32" + } + ], + "responses": { + "200": { + "description": "An paged array of pets", + "headers": { + "x-next": { + "type": "string", + "description": "A link to the next page of responses" + } + }, + "schema": { + "$ref": "#/definitions/Pets" + } + }, + "default": { + "description": "unexpected error", + "schema": { + "$ref": "#/definitions/Error" + } + } + } + }, + "post": { + "summary": "Create a pet", + "operationId": "createPets", + "tags": [ + "pets" + ], + "responses": { + "201": { + "description": "Null response" + }, + "default": { + "description": "unexpected error", + "schema": { + "$ref": "#/definitions/Error" + } + } + } + } + }, + "/pets/{petId}": { + "get": { + "summary": "Info for a specific pet", + "operationId": "showPetById", + "tags": [ + "pets" + ], + "parameters": [ + { + "name": "petId", + "in": "path", + "required": true, + "description": "The id of the pet to retrieve", + "type": "string" + } + ], + "responses": { + "200": { + "description": "Expected response to a valid request", + "schema": { + "$ref": "#/definitions/Pets" + } + }, + "default": { + "description": "unexpected error", + "schema": { + "$ref": "#/definitions/Error" + } + } + } + } + } + }, + "definitions": { + "Pet": { + "required": [ + "id", + "name" + ], + "properties": { + "id": { + "type": "integer", + "format": "int64" + }, + "name": { + "type": "string" + }, + "tag": { + "type": "string" + } + } + }, + "Pets": { + "type": "array", + "items": { + "$ref": "#/definitions/Pet" + } + }, + "Error": { + "required": [ + "code", + "message" + ], + "properties": { + "code": { + "type": "integer", + "format": "int32" + }, + "message": { + "type": "string" + } + } + } + } +} diff --git a/kong-versions/2.8.4.3/kong/spec-ee/fixtures/oas_config/petstore_v2.yaml b/kong-versions/2.8.4.3/kong/spec-ee/fixtures/oas_config/petstore_v2.yaml new file mode 100644 index 00000000..5a6628ce --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec-ee/fixtures/oas_config/petstore_v2.yaml @@ -0,0 +1,228 @@ +openapi: '2.0' +info: + description: 'This is a sample server Petstore server. You can find out more about Swagger at [http://swagger.io](http://swagger.io) or on [irc.freenode.net, #swagger](http://swagger.io/irc/). For this sample, you can use the api key `special-key` to test the authorization filters.' + version: 1.0.0 + title: Swagger Petstore + termsOfService: 'http://swagger.io/terms/' + contact: + email: apiteam@swagger.io + license: + name: Apache 2.0 + url: 'http://www.apache.org/licenses/LICENSE-2.0.html' +host: petstore.swagger.io:9999 +basePath: /yeeee +tags: + - name: pet + description: Everything about your Pets + externalDocs: + description: Find out more + url: 'http://swagger.io' + - name: store + description: Access to Petstore orders + - name: user + description: Operations about user + externalDocs: + description: Find out more about our store + url: 'http://swagger.io' +schemes: + - https + - http +paths: + /pets: + post: + tags: + - pet + summary: Add a new pet to the store + description: '' + operationId: addPet + consumes: + - application/json + - application/xml + produces: + - application/xml + - application/json + parameters: + - in: body + name: body + description: Pet object that needs to be added to the store + required: true + schema: + $ref: '#/definitions/Pet' + responses: + '405': + description: Invalid input + security: + - petstore_auth: + - 'write:pets' + - 'read:pets' + get: + tags: + - pet + summary: List all pets + description: '' + operationId: listPets + produces: + - application/xml + - application/json + '/pets/{petId}': + get: + tags: + - pet + summary: Find pet by ID + description: Returns a single pet + operationId: getPetById + produces: + - application/xml + - application/json + parameters: + - name: petId + in: path + description: ID of pet to return + required: true + type: integer + format: int64 + responses: + '200': + description: successful operation + schema: + $ref: '#/definitions/Pet' + '400': + description: Invalid ID supplied + '404': + description: Pet not found + security: + - api_key: [] +securityDefinitions: + petstore_auth: + type: oauth2 + authorizationUrl: 'https://petstore.swagger.io/oauth/dialog' + flow: implicit + scopes: + 'write:pets': modify pets in your account + 'read:pets': read your pets + api_key: + type: apiKey + name: api_key + in: header +definitions: + Order: + type: object + properties: + id: + type: integer + format: int64 + petId: + type: integer + format: int64 + quantity: + type: integer + format: int32 + shipDate: + type: string + format: date-time + status: + type: string + description: Order Status + enum: + - placed + - approved + - delivered + complete: + type: boolean + default: false + xml: + name: Order + User: + type: object + properties: + id: + type: integer + format: int64 + username: + type: string + firstName: + type: string + lastName: + type: string + email: + type: string + password: + type: string + phone: + type: string + userStatus: + type: integer + format: int32 + description: User Status + xml: + name: User + Category: + type: object + properties: + id: + type: integer + format: int64 + name: + type: string + xml: + name: Category + Tag: + type: object + properties: + id: + type: integer + format: int64 + name: + type: string + xml: + name: Tag + Pet: + type: object + required: + - name + - photoUrls + properties: + id: + type: integer + format: int64 + category: + $ref: '#/definitions/Category' + name: + type: string + example: doggie + photoUrls: + type: array + xml: + name: photoUrl + wrapped: true + items: + type: string + tags: + type: array + xml: + name: tag + wrapped: true + items: + $ref: '#/definitions/Tag' + status: + type: string + description: pet status in the store + enum: + - available + - pending + - sold + xml: + name: Pet + ApiResponse: + type: object + properties: + code: + type: integer + format: int32 + type: + type: string + message: + type: string +externalDocs: + description: Find out more about Swagger + url: 'http://swagger.io' diff --git a/kong-versions/2.8.4.3/kong/spec-ee/fixtures/oas_config/petstore_v2_service_patch.json b/kong-versions/2.8.4.3/kong/spec-ee/fixtures/oas_config/petstore_v2_service_patch.json new file mode 100644 index 00000000..4763a6ad --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec-ee/fixtures/oas_config/petstore_v2_service_patch.json @@ -0,0 +1,154 @@ +{ + "swagger": "2.0", + "info": { + "version": "1.0.0", + "title": "Swagger Petstore", + "license": { + "name": "MIT" + } + }, + "host": "new.swagger.io:8000", + "basePath": "/wooo", + "schemes": [ + "http", + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "paths": { + "/pets": { + "get": { + "summary": "List all pets", + "operationId": "listPets", + "tags": [ + "pets" + ], + "parameters": [ + { + "name": "limit", + "in": "query", + "description": "How many items to return at one time (max 100)", + "required": false, + "type": "integer", + "format": "int32" + } + ], + "responses": { + "200": { + "description": "An paged array of pets", + "headers": { + "x-next": { + "type": "string", + "description": "A link to the next page of responses" + } + }, + "schema": { + "$ref": "#/definitions/Pets" + } + }, + "default": { + "description": "unexpected error", + "schema": { + "$ref": "#/definitions/Error" + } + } + } + }, + "post": { + "summary": "Create a pet", + "operationId": "createPets", + "tags": [ + "pets" + ], + "responses": { + "201": { + "description": "Null response" + }, + "default": { + "description": "unexpected error", + "schema": { + "$ref": "#/definitions/Error" + } + } + } + } + }, + "/pets/{petId}": { + "get": { + "summary": "Info for a specific pet", + "operationId": "showPetById", + "tags": [ + "pets" + ], + "parameters": [ + { + "name": "petId", + "in": "path", + "required": true, + "description": "The id of the pet to retrieve", + "type": "string" + } + ], + "responses": { + "200": { + "description": "Expected response to a valid request", + "schema": { + "$ref": "#/definitions/Pets" + } + }, + "default": { + "description": "unexpected error", + "schema": { + "$ref": "#/definitions/Error" + } + } + } + } + } + }, + "definitions": { + "Pet": { + "required": [ + "id", + "name" + ], + "properties": { + "id": { + "type": "integer", + "format": "int64" + }, + "name": { + "type": "string" + }, + "tag": { + "type": "string" + } + } + }, + "Pets": { + "type": "array", + "items": { + "$ref": "#/definitions/Pet" + } + }, + "Error": { + "required": [ + "code", + "message" + ], + "properties": { + "code": { + "type": "integer", + "format": "int32" + }, + "message": { + "type": "string" + } + } + } + } +} diff --git a/kong-versions/2.8.4.3/kong/spec-ee/fixtures/oas_config/petstore_v2_service_patch.yaml b/kong-versions/2.8.4.3/kong/spec-ee/fixtures/oas_config/petstore_v2_service_patch.yaml new file mode 100644 index 00000000..7d9f2619 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec-ee/fixtures/oas_config/petstore_v2_service_patch.yaml @@ -0,0 +1,228 @@ +openapi: '2.0' +info: + description: 'This is a sample server Petstore server. You can find out more about Swagger at [http://swagger.io](http://swagger.io) or on [irc.freenode.net, #swagger](http://swagger.io/irc/). For this sample, you can use the api key `special-key` to test the authorization filters.' + version: 1.0.0 + title: Swagger Petstore + termsOfService: 'http://swagger.io/terms/' + contact: + email: apiteam@swagger.io + license: + name: Apache 2.0 + url: 'http://www.apache.org/licenses/LICENSE-2.0.html' +host: new.swagger.io:8000 +basePath: /wooo +tags: + - name: pet + description: Everything about your Pets + externalDocs: + description: Find out more + url: 'http://swagger.io' + - name: store + description: Access to Petstore orders + - name: user + description: Operations about user + externalDocs: + description: Find out more about our store + url: 'http://swagger.io' +schemes: + - https + - http +paths: + /pets: + post: + tags: + - pet + summary: Add a new pet to the store + description: '' + operationId: addPet + consumes: + - application/json + - application/xml + produces: + - application/xml + - application/json + parameters: + - in: body + name: body + description: Pet object that needs to be added to the store + required: true + schema: + $ref: '#/definitions/Pet' + responses: + '405': + description: Invalid input + security: + - petstore_auth: + - 'write:pets' + - 'read:pets' + get: + tags: + - pet + summary: List all pets + description: '' + operationId: listPets + produces: + - application/xml + - application/json + '/pets/{petId}': + get: + tags: + - pet + summary: Find pet by ID + description: Returns a single pet + operationId: getPetById + produces: + - application/xml + - application/json + parameters: + - name: petId + in: path + description: ID of pet to return + required: true + type: integer + format: int64 + responses: + '200': + description: successful operation + schema: + $ref: '#/definitions/Pet' + '400': + description: Invalid ID supplied + '404': + description: Pet not found + security: + - api_key: [] +securityDefinitions: + petstore_auth: + type: oauth2 + authorizationUrl: 'https://petstore.swagger.io/oauth/dialog' + flow: implicit + scopes: + 'write:pets': modify pets in your account + 'read:pets': read your pets + api_key: + type: apiKey + name: api_key + in: header +definitions: + Order: + type: object + properties: + id: + type: integer + format: int64 + petId: + type: integer + format: int64 + quantity: + type: integer + format: int32 + shipDate: + type: string + format: date-time + status: + type: string + description: Order Status + enum: + - placed + - approved + - delivered + complete: + type: boolean + default: false + xml: + name: Order + User: + type: object + properties: + id: + type: integer + format: int64 + username: + type: string + firstName: + type: string + lastName: + type: string + email: + type: string + password: + type: string + phone: + type: string + userStatus: + type: integer + format: int32 + description: User Status + xml: + name: User + Category: + type: object + properties: + id: + type: integer + format: int64 + name: + type: string + xml: + name: Category + Tag: + type: object + properties: + id: + type: integer + format: int64 + name: + type: string + xml: + name: Tag + Pet: + type: object + required: + - name + - photoUrls + properties: + id: + type: integer + format: int64 + category: + $ref: '#/definitions/Category' + name: + type: string + example: doggie + photoUrls: + type: array + xml: + name: photoUrl + wrapped: true + items: + type: string + tags: + type: array + xml: + name: tag + wrapped: true + items: + $ref: '#/definitions/Tag' + status: + type: string + description: pet status in the store + enum: + - available + - pending + - sold + xml: + name: Pet + ApiResponse: + type: object + properties: + code: + type: integer + format: int32 + type: + type: string + message: + type: string +externalDocs: + description: Find out more about Swagger + url: 'http://swagger.io' diff --git a/kong-versions/2.8.4.3/kong/spec-ee/fixtures/oas_config/petstore_v3.json b/kong-versions/2.8.4.3/kong/spec-ee/fixtures/oas_config/petstore_v3.json new file mode 100644 index 00000000..7f03c238 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec-ee/fixtures/oas_config/petstore_v3.json @@ -0,0 +1,156 @@ +{ + "openapi": "3.0", + "info": { + "version": "1.0.0", + "title": "Swagger Petstore", + "license": { + "name": "MIT" + } + }, + "servers": [ + { + "url": "http://petstore.swagger.io:9999/yeeee" + }, + { + "url": "https://petstore.swagger.io:9999/yeeee" + } + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "paths": { + "/pets": { + "get": { + "summary": "List all pets", + "operationId": "listPets", + "tags": [ + "pets" + ], + "parameters": [ + { + "name": "limit", + "in": "query", + "description": "How many items to return at one time (max 100)", + "required": false, + "type": "integer", + "format": "int32" + } + ], + "responses": { + "200": { + "description": "An paged array of pets", + "headers": { + "x-next": { + "type": "string", + "description": "A link to the next page of responses" + } + }, + "schema": { + "$ref": "#/definitions/Pets" + } + }, + "default": { + "description": "unexpected error", + "schema": { + "$ref": "#/definitions/Error" + } + } + } + }, + "post": { + "summary": "Create a pet", + "operationId": "createPets", + "tags": [ + "pets" + ], + "responses": { + "201": { + "description": "Null response" + }, + "default": { + "description": "unexpected error", + "schema": { + "$ref": "#/definitions/Error" + } + } + } + } + }, + "/pets/{petId}": { + "get": { + "summary": "Info for a specific pet", + "operationId": "showPetById", + "tags": [ + "pets" + ], + "parameters": [ + { + "name": "petId", + "in": "path", + "required": true, + "description": "The id of the pet to retrieve", + "type": "string" + } + ], + "responses": { + "200": { + "description": "Expected response to a valid request", + "schema": { + "$ref": "#/definitions/Pets" + } + }, + "default": { + "description": "unexpected error", + "schema": { + "$ref": "#/definitions/Error" + } + } + } + } + } + }, + "definitions": { + "Pet": { + "required": [ + "id", + "name" + ], + "properties": { + "id": { + "type": "integer", + "format": "int64" + }, + "name": { + "type": "string" + }, + "tag": { + "type": "string" + } + } + }, + "Pets": { + "type": "array", + "items": { + "$ref": "#/definitions/Pet" + } + }, + "Error": { + "required": [ + "code", + "message" + ], + "properties": { + "code": { + "type": "integer", + "format": "int32" + }, + "message": { + "type": "string" + } + } + } + } +} diff --git a/kong-versions/2.8.4.3/kong/spec-ee/fixtures/oas_config/petstore_v3.yaml b/kong-versions/2.8.4.3/kong/spec-ee/fixtures/oas_config/petstore_v3.yaml new file mode 100644 index 00000000..1c6fa278 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec-ee/fixtures/oas_config/petstore_v3.yaml @@ -0,0 +1,110 @@ +openapi: "3.0.0" +info: + version: 1.0.0 + title: Swagger Petstore + license: + name: MIT +servers: + - url: http://petstore.swagger.io:9999/yeeee + - url: https://petstore.swagger.io:9999/yeeee +paths: + /pets: + get: + summary: List all pets + operationId: listPets + tags: + - pets + parameters: + - name: limit + in: query + description: How many items to return at one time (max 100) + required: false + schema: + type: integer + format: int32 + responses: + '200': + description: A paged array of pets + headers: + x-next: + description: A link to the next page of responses + schema: + type: string + content: + application/json: + schema: + $ref: "#/components/schemas/Pets" + default: + description: unexpected error + content: + application/json: + schema: + $ref: "#/components/schemas/Error" + post: + summary: Create a pet + operationId: createPets + tags: + - pets + responses: + '201': + description: Null response + default: + description: unexpected error + content: + application/json: + schema: + $ref: "#/components/schemas/Error" + /pets/{petId}: + get: + summary: Info for a specific pet + operationId: showPetById + tags: + - pets + parameters: + - name: petId + in: path + required: true + description: The id of the pet to retrieve + schema: + type: string + responses: + '200': + description: Expected response to a valid request + content: + application/json: + schema: + $ref: "#/components/schemas/Pets" + default: + description: unexpected error + content: + application/json: + schema: + $ref: "#/components/schemas/Error" +components: + schemas: + Pet: + required: + - id + - name + properties: + id: + type: integer + format: int64 + name: + type: string + tag: + type: string + Pets: + type: array + items: + $ref: "#/components/schemas/Pet" + Error: + required: + - code + - message + properties: + code: + type: integer + format: int32 + message: + type: string diff --git a/kong-versions/2.8.4.3/kong/spec-ee/fixtures/oas_config/petstore_v3_service_patch.json b/kong-versions/2.8.4.3/kong/spec-ee/fixtures/oas_config/petstore_v3_service_patch.json new file mode 100644 index 00000000..139e9c16 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec-ee/fixtures/oas_config/petstore_v3_service_patch.json @@ -0,0 +1,156 @@ +{ + "openapi": "3.0", + "info": { + "version": "1.0.0", + "title": "Swagger Petstore", + "license": { + "name": "MIT" + } + }, + "servers": [ + { + "url": "http://new.swagger.io:8000/wooo" + }, + { + "url": "https://new.swagger.io:8000/wooo" + } + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "paths": { + "/pets": { + "get": { + "summary": "List all pets", + "operationId": "listPets", + "tags": [ + "pets" + ], + "parameters": [ + { + "name": "limit", + "in": "query", + "description": "How many items to return at one time (max 100)", + "required": false, + "type": "integer", + "format": "int32" + } + ], + "responses": { + "200": { + "description": "An paged array of pets", + "headers": { + "x-next": { + "type": "string", + "description": "A link to the next page of responses" + } + }, + "schema": { + "$ref": "#/definitions/Pets" + } + }, + "default": { + "description": "unexpected error", + "schema": { + "$ref": "#/definitions/Error" + } + } + } + }, + "post": { + "summary": "Create a pet", + "operationId": "createPets", + "tags": [ + "pets" + ], + "responses": { + "201": { + "description": "Null response" + }, + "default": { + "description": "unexpected error", + "schema": { + "$ref": "#/definitions/Error" + } + } + } + } + }, + "/pets/{petId}": { + "get": { + "summary": "Info for a specific pet", + "operationId": "showPetById", + "tags": [ + "pets" + ], + "parameters": [ + { + "name": "petId", + "in": "path", + "required": true, + "description": "The id of the pet to retrieve", + "type": "string" + } + ], + "responses": { + "200": { + "description": "Expected response to a valid request", + "schema": { + "$ref": "#/definitions/Pets" + } + }, + "default": { + "description": "unexpected error", + "schema": { + "$ref": "#/definitions/Error" + } + } + } + } + } + }, + "definitions": { + "Pet": { + "required": [ + "id", + "name" + ], + "properties": { + "id": { + "type": "integer", + "format": "int64" + }, + "name": { + "type": "string" + }, + "tag": { + "type": "string" + } + } + }, + "Pets": { + "type": "array", + "items": { + "$ref": "#/definitions/Pet" + } + }, + "Error": { + "required": [ + "code", + "message" + ], + "properties": { + "code": { + "type": "integer", + "format": "int32" + }, + "message": { + "type": "string" + } + } + } + } +} diff --git a/kong-versions/2.8.4.3/kong/spec-ee/fixtures/oas_config/petstore_v3_service_patch.yaml b/kong-versions/2.8.4.3/kong/spec-ee/fixtures/oas_config/petstore_v3_service_patch.yaml new file mode 100644 index 00000000..f11116f2 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec-ee/fixtures/oas_config/petstore_v3_service_patch.yaml @@ -0,0 +1,110 @@ +openapi: "3.0.0" +info: + version: 1.0.0 + title: Swagger Petstore + license: + name: MIT +servers: + - url: http://new.swagger.io:8000/wooo + - url: https://new.swagger.io:8000/wooo +paths: + /pets: + get: + summary: List all pets + operationId: listPets + tags: + - pets + parameters: + - name: limit + in: query + description: How many items to return at one time (max 100) + required: false + schema: + type: integer + format: int32 + responses: + '200': + description: A paged array of pets + headers: + x-next: + description: A link to the next page of responses + schema: + type: string + content: + application/json: + schema: + $ref: "#/components/schemas/Pets" + default: + description: unexpected error + content: + application/json: + schema: + $ref: "#/components/schemas/Error" + post: + summary: Create a pet + operationId: createPets + tags: + - pets + responses: + '201': + description: Null response + default: + description: unexpected error + content: + application/json: + schema: + $ref: "#/components/schemas/Error" + /pets/{petId}: + get: + summary: Info for a specific pet + operationId: showPetById + tags: + - pets + parameters: + - name: petId + in: path + required: true + description: The id of the pet to retrieve + schema: + type: string + responses: + '200': + description: Expected response to a valid request + content: + application/json: + schema: + $ref: "#/components/schemas/Pets" + default: + description: unexpected error + content: + application/json: + schema: + $ref: "#/components/schemas/Error" +components: + schemas: + Pet: + required: + - id + - name + properties: + id: + type: integer + format: int64 + name: + type: string + tag: + type: string + Pets: + type: array + items: + $ref: "#/components/schemas/Pet" + Error: + required: + - code + - message + properties: + code: + type: integer + format: int32 + message: + type: string diff --git a/kong-versions/2.8.4.3/kong/spec-ee/fixtures/response_transformer/feature_response_transformer_limit_body-body_size_invalid.conf b/kong-versions/2.8.4.3/kong/spec-ee/fixtures/response_transformer/feature_response_transformer_limit_body-body_size_invalid.conf new file mode 100644 index 00000000..01448af7 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec-ee/fixtures/response_transformer/feature_response_transformer_limit_body-body_size_invalid.conf @@ -0,0 +1,2 @@ +response_transformation_enable_limit_body=on +response_transformation_limit_body_size=wow diff --git a/kong-versions/2.8.4.3/kong/spec-ee/fixtures/response_transformer/feature_response_transformer_limit_body-body_size_not_defined.conf b/kong-versions/2.8.4.3/kong/spec-ee/fixtures/response_transformer/feature_response_transformer_limit_body-body_size_not_defined.conf new file mode 100644 index 00000000..5055e397 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec-ee/fixtures/response_transformer/feature_response_transformer_limit_body-body_size_not_defined.conf @@ -0,0 +1 @@ +response_transformation_enable_limit_body=on diff --git a/kong-versions/2.8.4.3/kong/spec-ee/fixtures/response_transformer/feature_response_transformer_limit_body.conf b/kong-versions/2.8.4.3/kong/spec-ee/fixtures/response_transformer/feature_response_transformer_limit_body.conf new file mode 100644 index 00000000..f59c0b3d --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec-ee/fixtures/response_transformer/feature_response_transformer_limit_body.conf @@ -0,0 +1,2 @@ +response_transformation_enable_limit_body=on +response_transformation_limit_body_size=16384 diff --git a/kong-versions/2.8.4.3/kong/spec-ee/fixtures/response_transformer/feature_response_transformer_limit_body_chunked.conf b/kong-versions/2.8.4.3/kong/spec-ee/fixtures/response_transformer/feature_response_transformer_limit_body_chunked.conf new file mode 100644 index 00000000..9ba66f4d --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec-ee/fixtures/response_transformer/feature_response_transformer_limit_body_chunked.conf @@ -0,0 +1,2 @@ +response_transformation_enable_limit_body=on +response_transformation_limit_body_size=5 diff --git a/kong-versions/2.8.4.3/kong/spec-ee/helpers.lua b/kong-versions/2.8.4.3/kong/spec-ee/helpers.lua new file mode 100644 index 00000000..afaaa602 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec-ee/helpers.lua @@ -0,0 +1,329 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local helpers = require "spec.helpers" +local listeners = require "kong.conf_loader.listeners" +local cjson = require "cjson.safe" +local assert = require "luassert" +local utils = require "kong.tools.utils" +local admins_helpers = require "kong.enterprise_edition.admins_helpers" + + +local _M = {} + +--- Returns Redis Cluster nodes list. +-- The list can be configured in environment variable `KONG_SPEC_TEST_REDIS_CLUSTER_ADDRESSES`. +-- @function parsed_redis_cluster_addresses +-- @treturn table nodes list +-- @usage +-- ~ $ export KONG_SPEC_TEST_REDIS_CLUSTER_ADDRESSES=node-1:6379,node-2:6379,node-3:6379 +-- +-- local redis_cluster_addresses = parsed_redis_cluster_addresses() +function _M.parsed_redis_cluster_addresses() + local env_cluster_addresses = os.getenv("KONG_SPEC_TEST_REDIS_CLUSTER_ADDRESSES") + + -- default + if not env_cluster_addresses then + return { "localhost:6381", "localhost:6382", "localhost:6383" } + end + + local redis_cluster_addresses = {} + for node in string.gmatch(env_cluster_addresses, "[^,]+") do + table.insert(redis_cluster_addresses, node) + end + + return redis_cluster_addresses +end + +--- Registers RBAC resources. +-- @param db db db object (see `spec.helpers.get_db_utils`) +-- @param ws_name (optional) +-- @param ws_table (optional) +-- @return on success: `super_admin, super_user_role` +-- @return on failure: `nil, nil, err` +function _M.register_rbac_resources(db, ws_name, ws_table) + local bit = require "bit" + local rbac = require "kong.rbac" + local bxor = bit.bxor + + local opts = ws_table and { workspace = ws_table.id } + + -- action int for all + local action_bits_all = 0x0 + for k, v in pairs(rbac.actions_bitfields) do + action_bits_all = bxor(action_bits_all, rbac.actions_bitfields[k]) + end + + local roles = {} + local err, _ + -- now, create the roles and assign endpoint permissions to them + + -- first, a read-only role across everything + roles.read_only, err = db.rbac_roles:insert({ + id = utils.uuid(), + name = "read-only", + comment = "Read-only access across all initial RBAC resources", + }, opts) + + if err then + return nil, nil, err + end + + -- this role only has the 'read-only' permissions + _, err = db.rbac_role_endpoints:insert({ + role = { id = roles.read_only.id, }, + workspace = ws_name or "*", + endpoint = "*", + actions = rbac.actions_bitfields.read, + }) + + ws_name = ws_name or "default" + + if err then + return nil, nil, err + end + + -- admin role with CRUD access to all resources except RBAC resource + roles.admin, err = db.rbac_roles:insert({ + id = utils.uuid(), + name = "admin", + comment = "CRUD access to most initial resources (no RBAC)", + }, opts) + + if err then + return nil, nil, err + end + + -- the 'admin' role has 'full-access' + 'no-rbac' permissions + _, err = db.rbac_role_endpoints:insert({ + role = { id = roles.admin.id, }, + workspace = "*", + endpoint = "*", + actions = action_bits_all, -- all actions + }) + + if err then + return nil, nil, err + end + + local rbac_endpoints = { '/rbac/*', '/rbac/*/*', '/rbac/*/*/*' } + for _, endpoint in ipairs(rbac_endpoints) do + _, err = db.rbac_role_endpoints:insert({ + role = { id = roles.admin.id, }, + workspace = "*", + endpoint = endpoint, + negative = true, + actions = action_bits_all, -- all actions + }) + + if err then + return nil, nil, err + end + end + + -- finally, a super user role who has access to all initial resources + roles.super_admin, err = db.rbac_roles:insert({ + id = utils.uuid(), + name = "super-admin", + comment = "Full CRUD access to all initial resources, including RBAC entities", + }, opts) + + if err then + return nil, nil, err + end + + _, err = db.rbac_role_entities:insert({ + role = { id = roles.super_admin.id, }, + entity_id = "*", + entity_type = "wildcard", + actions = action_bits_all, -- all actions + }) + + if err then + return nil, nil, err + end + + _, err = db.rbac_role_endpoints:insert({ + role = { id = roles.super_admin.id, }, + workspace = "*", + endpoint = "*", + actions = action_bits_all, -- all actions + }) + + if err then + return nil, nil, err + end + + local super_admin, err = db.rbac_users:insert({ + id = utils.uuid(), + name = "super_gruce-" .. ws_name, + user_token = "letmein-" .. ws_name, + enabled = true, + comment = "Test - Initial RBAC Super Admin User" + }, opts) + + if err then + return nil, nil, err + end + + local super_user_role, err = db.rbac_user_roles:insert({ + user = super_admin, + role = roles.super_admin, + }) + + if err then + return nil, nil, err + end + + return super_admin, super_user_role +end + + +--- returns a pre-configured `http_client` for the Kong admin gui. +-- @name admin_gui_client +function _M.admin_gui_client(timeout, forced_port) + local admin_ip = "0.0.0.0" + local admin_port + for _, entry in ipairs(_M.admin_gui_listeners) do + if entry.ssl == false then + admin_ip = entry.ip + admin_port = entry.port + end + end + assert(admin_ip, "No http-admin found in the configuration") + return helpers.http_client(admin_ip, forced_port or admin_port, timeout or 60000) +end + +--- Returns the Dev Portal port. +-- @param ssl (boolean) if `true` returns the ssl port +function _M.get_portal_api_port(ssl) + if ssl == nil then ssl = false end + for _, entry in ipairs(_M.portal_api_listeners) do + if entry.ssl == ssl then + return entry.port + end + end + error("No portal port found for ssl=" .. tostring(ssl), 2) +end + + +--- Returns the Dev Portal ip. +-- @param ssl (boolean) if `true` returns the ssl ip address +local function get_portal_api_ip(ssl) + if ssl == nil then ssl = false end + for _, entry in ipairs(_M.portal_api_listeners) do + if entry.ssl == ssl then + return entry.ip + end + end + error("No portal ip found for ssl=" .. tostring(ssl), 2) +end + + +--- Returns the Dev Portal port. +-- @param ssl (boolean) if `true` returns the ssl port +function _M.get_portal_gui_port(ssl) + if ssl == nil then ssl = false end + for _, entry in ipairs(_M.portal_gui_listeners) do + if entry.ssl == ssl then + return entry.port + end + end + error("No portal port found for ssl=" .. tostring(ssl), 2) +end + + +--- Returns the Dev Portal ip. +-- @param ssl (boolean) if `true` returns the ssl ip address +local function get_portal_gui_ip(ssl) + if ssl == nil then ssl = false end + for _, entry in ipairs(_M.portal_gui_listeners) do + if entry.ssl == ssl then + return entry.ip + end + end + error("No portal ip found for ssl=" .. tostring(ssl), 2) +end + + +--- returns a pre-configured `http_client` for the Dev Portal. +-- @name portal_client +function _M.portal_api_client(timeout) + local portal_ip = get_portal_api_ip() + local portal_port = _M.get_portal_api_port() + assert(portal_ip, "No portal_ip found in the configuration") + return helpers.http_client(portal_ip, portal_port, timeout) +end + + +function _M.portal_gui_client(timeout) + local portal_ip = get_portal_gui_ip() + local portal_port = _M.get_portal_gui_port() + assert(portal_ip, "No portal_ip found in the configuration") + return helpers.http_client(portal_ip, portal_port, timeout) +end + + +function _M.post(client, path, body, headers, expected_status) + headers = headers or {} + headers["Content-Type"] = "application/json" + local res = assert(client:send{ + method = "POST", + path = path, + body = body or {}, + headers = headers + }) + return cjson.decode(assert.res_status(expected_status or 201, res)) +end + + +function _M.create_admin(email, custom_id, status, db, username, workspace) + local opts = workspace and { workspace = workspace.id } + + local admin = assert(db.admins:insert({ + username = username or email, + custom_id = custom_id, + email = email, + status = status, + }, opts)) + + local token_res, err = admins_helpers.update_token(admin) + if err then + return nil, err + end + + -- only used for tests so we can reference token + -- WARNING: do not do this outside test environment + admin.rbac_user.raw_user_token = token_res.body.token + + return admin +end + + +function _M.get_admin_cookie_basic_auth(client, username, password) + local res = assert(client:send { + method = "GET", + path = "/auth", + headers = { + ["Authorization"] = "Basic " .. ngx.encode_base64(username .. ":" + .. password), + ["Kong-Admin-User"] = username, + } + }) + + assert.res_status(200, res) + return res.headers["Set-Cookie"] +end + + +local http_flags = { "ssl", "http2", "proxy_protocol", "transparent" } +_M.portal_api_listeners = listeners._parse_listeners(helpers.test_conf.portal_api_listen, http_flags) +_M.portal_gui_listeners = listeners._parse_listeners(helpers.test_conf.portal_gui_listen, http_flags) +_M.admin_gui_listeners = listeners._parse_listeners(helpers.test_conf.admin_gui_listen, http_flags) +_M.redis_cluster_addresses = _M.parsed_redis_cluster_addresses() + +return _M diff --git a/kong-versions/2.8.4.3/kong/spec/README.md b/kong-versions/2.8.4.3/kong/spec/README.md new file mode 100644 index 00000000..8b01c5c8 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/README.md @@ -0,0 +1,31 @@ +Test helpers for Kong (integration) tests +========================================= + +To generate the documentation run the following command in the Kong source tree: + +``` +# install ldoc using LuaRocks +luarocks install ldoc + +# generate and open the docs +cd spec && ldoc . && open docs/index.html && cd .. +``` + +## Environment variables + +When testing, Kong will ignore the `KONG_xxx` environment variables that are +usually used to configure it. This is to make sure that the tests run deterministically. +If this behaviour needs to be overridden, the `KONG_TEST_xxx` +version of the variable can be used, which will be respected by the Kong test +instance. + +To prevent the test helpers from cleaning the Kong working directory, the +variable `KONG_TEST_DONT_CLEAN` can be set. +This comes in handy when inspecting the logs after the tests complete. + +When testing with Redis, the environment variable `KONG_SPEC_REDIS_HOST` can be +used to specify where the Redis server can be found. If not specified, it will default +to `127.0.0.1`. This setting is available to tests via `helpers.redis_host`. + +The configuration file to be used can be set with `KONG_SPEC_TEST_CONF_PATH`. It can be +accessed via helpers as `helpers.test_conf_path`. diff --git a/kong-versions/2.8.4.3/kong/spec/config.ld b/kong-versions/2.8.4.3/kong/spec/config.ld new file mode 100644 index 00000000..8a46d1b3 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/config.ld @@ -0,0 +1,11 @@ +project='Kong test helpers' +title='Kong test framework' +description='Test helper functions for Kong (integration) testing' +format='markdown' +file='./helpers.lua' +dir='docs' +readme='README.md' +sort=true +sort_modules=true +style='./' +no_space_before_args=true diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/1.2_custom_nginx.template b/kong-versions/2.8.4.3/kong/spec/fixtures/1.2_custom_nginx.template new file mode 100644 index 00000000..ea240700 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/1.2_custom_nginx.template @@ -0,0 +1,580 @@ +# This is a custom nginx configuration template for Kong specs +# This is the Kong 1.2 default template + +> if nginx_user then +user ${{NGINX_USER}}; +> end +worker_processes ${{NGINX_WORKER_PROCESSES}}; +daemon ${{NGINX_DAEMON}}; + +pid pids/nginx.pid; # mandatory even for custom config templates +error_log logs/error.log ${{LOG_LEVEL}}; + +events {} + +http { +> if #proxy_listeners > 0 or #admin_listeners > 0 then + charset UTF-8; + + error_log logs/error.log ${{LOG_LEVEL}}; + +> if nginx_optimizations then +>-- send_timeout 60s; # default value +>-- keepalive_timeout 75s; # default value +>-- client_body_timeout 60s; # default value +>-- client_header_timeout 60s; # default value +>-- tcp_nopush on; # disabled until benchmarked +>-- proxy_buffer_size 128k; # disabled until benchmarked +>-- proxy_buffers 4 256k; # disabled until benchmarked +>-- proxy_busy_buffers_size 256k; # disabled until benchmarked +>-- reset_timedout_connection on; # disabled until benchmarked +> end + + proxy_ssl_server_name on; + underscores_in_headers on; + + lua_package_path '${{LUA_PACKAGE_PATH}};;'; + lua_package_cpath '${{LUA_PACKAGE_CPATH}};;'; + lua_socket_pool_size ${{LUA_SOCKET_POOL_SIZE}}; + lua_max_running_timers 4096; + lua_max_pending_timers 16384; + lua_shared_dict kong 5m; + lua_shared_dict kong_db_cache ${{MEM_CACHE_SIZE}}; +> if database == "off" then + lua_shared_dict kong_db_cache_2 ${{MEM_CACHE_SIZE}}; +> end + lua_shared_dict kong_db_cache_miss 12m; +> if database == "off" then + lua_shared_dict kong_db_cache_miss_2 12m; +> end + lua_shared_dict kong_locks 8m; + lua_shared_dict kong_process_events 5m; + lua_shared_dict kong_cluster_events 5m; + lua_shared_dict kong_healthchecks 5m; + lua_shared_dict kong_rate_limiting_counters 12m; +> if database == "cassandra" then + lua_shared_dict kong_cassandra 5m; +> end + lua_socket_log_errors off; +> if lua_ssl_trusted_certificate_combined then + lua_ssl_trusted_certificate '${{LUA_SSL_TRUSTED_CERTIFICATE_COMBINED}}'; +> end + lua_ssl_verify_depth ${{LUA_SSL_VERIFY_DEPTH}}; + + lua_shared_dict kong_mock_upstream_loggers 10m; + + # injected nginx_http_* directives +> for _, el in ipairs(nginx_http_directives) do + $(el.name) $(el.value); +> end + + init_by_lua_block { + Kong = require 'kong' + Kong.init() + } + + init_worker_by_lua_block { + Kong.init_worker() + } + +> if #proxy_listeners > 0 then + upstream kong_upstream { + server 0.0.0.1; + balancer_by_lua_block { + Kong.balancer() + } +> if upstream_keepalive and upstream_keepalive > 0 then + keepalive ${{UPSTREAM_KEEPALIVE}}; +> end + } + + server { + server_name kong; +> for i = 1, #proxy_listeners do + listen $(proxy_listeners[i].listener); +> end + error_page 400 404 408 411 412 413 414 417 494 /kong_error_handler; + error_page 500 502 503 504 /kong_error_handler; + + access_log logs/access.log; + +> if proxy_ssl_enabled then +> for i = 1, #ssl_cert do + ssl_certificate $(ssl_cert[i]); + ssl_certificate_key $(ssl_cert_key[i]); +> end + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + ssl_certificate_by_lua_block { + Kong.ssl_certificate() + } +> end + + # injected nginx_proxy_* directives +> for _, el in ipairs(nginx_proxy_directives) do + $(el.name) $(el.value); +> end +> for i = 1, #trusted_ips do + set_real_ip_from $(trusted_ips[i]); +> end + + location / { + default_type ''; + + set $ctx_ref ''; + set $upstream_te ''; + set $upstream_host ''; + set $upstream_upgrade ''; + set $upstream_connection ''; + set $upstream_scheme ''; + set $upstream_uri ''; + set $upstream_x_forwarded_for ''; + set $upstream_x_forwarded_proto ''; + set $upstream_x_forwarded_host ''; + set $upstream_x_forwarded_port ''; + + rewrite_by_lua_block { + Kong.rewrite() + } + + access_by_lua_block { + Kong.access() + } + + proxy_http_version 1.1; + proxy_set_header Host $upstream_host; + proxy_set_header Upgrade $upstream_upgrade; + proxy_set_header Connection $upstream_connection; + proxy_set_header X-Forwarded-For $upstream_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $upstream_x_forwarded_proto; + proxy_set_header X-Forwarded-Host $upstream_x_forwarded_host; + proxy_set_header X-Forwarded-Port $upstream_x_forwarded_port; + proxy_set_header X-Real-IP $remote_addr; + proxy_pass_header Server; + proxy_pass_header Date; + proxy_ssl_name $upstream_host; + proxy_pass $upstream_scheme://kong_upstream$upstream_uri; + + header_filter_by_lua_block { + Kong.header_filter() + } + + body_filter_by_lua_block { + Kong.body_filter() + } + + log_by_lua_block { + Kong.log() + } + } + + location = /kong_error_handler { + internal; + uninitialized_variable_warn off; + + content_by_lua_block { + Kong.handle_error() + } + + header_filter_by_lua_block { + Kong.header_filter() + } + + body_filter_by_lua_block { + Kong.body_filter() + } + + log_by_lua_block { + Kong.log() + } + } + } +> end + +> if #admin_listeners > 0 then + server { + server_name kong_admin; +> for i = 1, #admin_listeners do + listen $(admin_listeners[i].listener); +> end + + access_log logs/admin_access.log; + +> if admin_ssl_enabled then +> for i = 1, #admin_ssl_cert do + ssl_certificate $(admin_ssl_cert[i]); + ssl_certificate_key $(admin_ssl_cert_key[i]); +> end + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; +> end + + # injected nginx_admin_* directives +> for _, el in ipairs(nginx_admin_directives) do + $(el.name) $(el.value); +> end + + location / { + default_type application/json; + content_by_lua_block { + Kong.serve_admin_api() + } + } + + location /nginx_status { + internal; + access_log off; + stub_status; + } + + location /robots.txt { + return 200 'User-agent: *\nDisallow: /'; + } + } +> end + + server { + server_name mock_upstream; + + listen 15555; + listen 15556 ssl; + +> for i = 1, #ssl_cert do + ssl_certificate $(ssl_cert[i]); + ssl_certificate_key $(ssl_cert_key[i]); +> end + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + + set_real_ip_from 127.0.0.1; + + location / { + content_by_lua_block { + local mu = require "spec.fixtures.mock_upstream" + ngx.status = 404 + return mu.send_default_json_response() + } + } + + location = / { + content_by_lua_block { + local mu = require "spec.fixtures.mock_upstream" + return mu.send_default_json_response({ + valid_routes = { + ["/ws"] = "Websocket echo server", + ["/get"] = "Accepts a GET request and returns it in JSON format", + ["/xml"] = "Returns a simple XML document", + ["/post"] = "Accepts a POST request and returns it in JSON format", + ["/response-headers?:key=:val"] = "Returns given response headers", + ["/cache/:n"] = "Sets a Cache-Control header for n seconds", + ["/anything"] = "Accepts any request and returns it in JSON format", + ["/request"] = "Alias to /anything", + ["/delay/:duration"] = "Delay the response for seconds", + ["/basic-auth/:user/:pass"] = "Performs HTTP basic authentication with the given credentials", + ["/status/:code"] = "Returns a response with the specified ", + ["/stream/:num"] = "Stream chunks of JSON data via chunked Transfer Encoding", + }, + }) + } + } + + location = /ws { + content_by_lua_block { + local mu = require "spec.fixtures.mock_upstream" + return mu.serve_web_sockets() + } + } + + location /get { + access_by_lua_block { + local mu = require "spec.fixtures.mock_upstream" + return mu.filter_access_by_method("GET") + } + content_by_lua_block { + local mu = require "spec.fixtures.mock_upstream" + return mu.send_default_json_response() + } + } + + location /xml { + content_by_lua_block { + local mu = require "spec.fixtures.mock_upstream" + local xml = [[ + + + Kong, Monolith destroyer. + + ]] + return mu.send_text_response(xml, "application/xml") + } + } + + location /post { + access_by_lua_block { + local mu = require "spec.fixtures.mock_upstream" + return mu.filter_access_by_method("POST") + } + content_by_lua_block { + local mu = require "spec.fixtures.mock_upstream" + return mu.send_default_json_response() + } + } + + location = /response-headers { + access_by_lua_block { + local mu = require "spec.fixtures.mock_upstream" + return mu.filter_access_by_method("GET") + } + content_by_lua_block { + local mu = require "spec.fixtures.mock_upstream" + return mu.send_default_json_response({}, ngx.req.get_uri_args()) + } + } + + location = /hop-by-hop { + content_by_lua_block { + local header = ngx.header + header["Keep-Alive"] = "timeout=5, max=1000" + header["Proxy"] = "Remove-Me" + header["Proxy-Connection"] = "close" + header["Proxy-Authenticate"] = "Basic" + header["Proxy-Authorization"] = "Basic YWxhZGRpbjpvcGVuc2VzYW1l" + header["Transfer-Encoding"] = "chunked" + header["Content-Length"] = nil + header["TE"] = "trailers, deflate;q=0.5" + header["Trailer"] = "Expires" + header["Upgrade"] = "example/1, foo/2" + + ngx.print("hello\r\n\r\nExpires: Wed, 21 Oct 2015 07:28:00 GMT\r\n\r\n") + ngx.exit(200) + } + } + + location ~ "^/cache/(?\d+)$" { + content_by_lua_block { + local mu = require "spec.fixtures.mock_upstream" + return mu.send_default_json_response({}, { + ["Cache-Control"] = "public, max-age=" .. ngx.var.n, + }) + } + } + + location ~ "^/basic-auth/(?[a-zA-Z0-9_]+)/(?.+)$" { + access_by_lua_block { + local mu = require "spec.fixtures.mock_upstream" + return mu.filter_access_by_basic_auth(ngx.var.username, + ngx.var.password) + } + content_by_lua_block { + local mu = require "spec.fixtures.mock_upstream" + return mu.send_default_json_response({ + authenticated = true, + user = ngx.var.username, + }) + } + } + + location ~ "^/(request|anything)" { + content_by_lua_block { + local mu = require "spec.fixtures.mock_upstream" + return mu.send_default_json_response() + } + } + + location ~ "^/delay/(?\d{1,3})$" { + content_by_lua_block { + local mu = require "spec.fixtures.mock_upstream" + local delay_seconds = tonumber(ngx.var.delay_seconds) + if not delay_seconds then + return ngx.exit(ngx.HTTP_NOT_FOUND) + end + + ngx.sleep(delay_seconds) + + return mu.send_default_json_response({ + delay = delay_seconds, + }) + } + } + + location ~ "^/status/(?\d{3})$" { + content_by_lua_block { + local mu = require "spec.fixtures.mock_upstream" + local code = tonumber(ngx.var.code) + if not code then + return ngx.exit(ngx.HTTP_NOT_FOUND) + end + ngx.status = code + return mu.send_default_json_response({ + code = code, + }) + } + } + + location ~ "^/stream/(?\d+)$" { + content_by_lua_block { + local mu = require "spec.fixtures.mock_upstream" + local rep = tonumber(ngx.var.num) + local res = require("cjson").encode(mu.get_default_json_response()) + + ngx.header["X-Powered-By"] = "mock_upstream" + ngx.header["Content-Type"] = "application/json" + + for i = 1, rep do + ngx.say(res) + end + } + } + + location ~ "^/post_log/(?[a-z0-9_]+)$" { + content_by_lua_block { + local mu = require "spec.fixtures.mock_upstream" + return mu.store_log(ngx.var.logname) + } + } + + location ~ "^/post_auth_log/(?[a-z0-9_]+)/(?[a-zA-Z0-9_]+)/(?.+)$" { + access_by_lua_block { + local mu = require "spec.fixtures.mock_upstream" + return mu.filter_access_by_basic_auth(ngx.var.username, + ngx.var.password) + } + content_by_lua_block { + local mu = require "spec.fixtures.mock_upstream" + return mu.store_log(ngx.var.logname) + } + } + + location ~ "^/read_log/(?[a-z0-9_]+)$" { + content_by_lua_block { + local mu = require "spec.fixtures.mock_upstream" + return mu.retrieve_log(ngx.var.logname) + } + } + + location ~ "^/count_log/(?[a-z0-9_]+)$" { + content_by_lua_block { + local mu = require "spec.fixtures.mock_upstream" + return mu.count_log(ngx.var.logname) + } + } + + location ~ "^/reset_log/(?[a-z0-9_]+)$" { + content_by_lua_block { + local mu = require "spec.fixtures.mock_upstream" + return mu.reset_log(ngx.var.logname) + } + } + } + + include '*.http_mock'; + +> end +} + +> if #stream_listeners > 0 then +stream { + log_format basic '$remote_addr [$time_local] ' + '$protocol $status $bytes_sent $bytes_received ' + '$session_time'; + + lua_package_path '${{LUA_PACKAGE_PATH}};;'; + lua_package_cpath '${{LUA_PACKAGE_CPATH}};;'; + lua_shared_dict stream_kong 5m; + lua_shared_dict stream_kong_db_cache ${{MEM_CACHE_SIZE}}; +> if database == "off" then + lua_shared_dict stream_kong_db_cache_2 ${{MEM_CACHE_SIZE}}; +> end + lua_shared_dict stream_kong_db_cache_miss 12m; +> if database == "off" then + lua_shared_dict stream_kong_db_cache_miss_2 12m; +> end + lua_shared_dict stream_kong_locks 8m; + lua_shared_dict stream_kong_process_events 5m; + lua_shared_dict stream_kong_cluster_events 5m; + lua_shared_dict stream_kong_healthchecks 5m; + lua_shared_dict stream_kong_rate_limiting_counters 12m; +> if database == "cassandra" then + lua_shared_dict stream_kong_cassandra 5m; +> end + lua_shared_dict stream_prometheus_metrics 5m; + + # injected nginx_stream_* directives +> for _, el in ipairs(nginx_stream_directives) do + $(el.name) $(el.value); +> end + + init_by_lua_block { + -- shared dictionaries conflict between stream/http modules. use a prefix. + local shared = ngx.shared + ngx.shared = setmetatable({}, { + __index = function(t, k) + return shared["stream_"..k] + end, + }) + + Kong = require 'kong' + Kong.init() + } + + init_worker_by_lua_block { + Kong.init_worker() + } + + upstream kong_upstream { + server 0.0.0.1:1; + balancer_by_lua_block { + Kong.balancer() + } + } + + server { +> for i = 1, #stream_listeners do + listen $(stream_listeners[i].listener); +> end + + access_log logs/access.log basic; + error_log logs/error.log debug; + +> for i = 1, #trusted_ips do + set_real_ip_from $(trusted_ips[i]); +> end + + # injected nginx_sproxy_* directives +> for _, el in ipairs(nginx_sproxy_directives) do + $(el.name) $(el.value); +> end + +> if ssl_preread_enabled then + ssl_preread on; +> end + + preread_by_lua_block { + Kong.preread() + } + + proxy_pass kong_upstream; + + log_by_lua_block { + Kong.log() + } + } + + server { + listen 15557; + listen 15558 ssl; + +> for i = 1, #ssl_cert do + ssl_certificate $(ssl_cert[i]); + ssl_certificate_key $(ssl_cert_key[i]); +> end + ssl_protocols TLSv1.1 TLSv1.2; + + content_by_lua_block { + local sock = assert(ngx.req.socket(true)) + local data = sock:receive() -- read a line from downstream + ngx.say(data) -- echo whatever was sent + } + } + + include '*.stream_mock'; + +} +> end diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/admin_api.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/admin_api.lua new file mode 100644 index 00000000..c8a954f7 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/admin_api.lua @@ -0,0 +1,99 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local blueprints = require "spec.fixtures.blueprints" +local helpers = require "spec.helpers" +local cjson = require "cjson" + + +local prefix = "" + + +local function api_send(method, path, body, forced_port) + local api_client = helpers.admin_client(nil, forced_port) + local res, err = api_client:send({ + method = method, + path = prefix .. path, + headers = { + ["Content-Type"] = "application/json" + }, + body = body, + }) + if not res then + api_client:close() + return nil, err + end + + if res.status == 204 then + api_client:close() + return nil + end + + local resbody = res:read_body() + api_client:close() + if res.status < 300 then + return cjson.decode(resbody) + end + + return nil, "Error " .. tostring(res.status) .. ": " .. resbody +end + + +local admin_api_as_db = {} + + +for name, dao in pairs(helpers.db.daos) do + local admin_api_name = dao.schema.admin_api_name or name + admin_api_as_db[name] = { + insert = function(_, tbl) + return api_send("POST", "/" .. admin_api_name, tbl) + end, + remove = function(_, tbl) + return api_send("DELETE", "/" .. admin_api_name .. "/" .. tbl.id) + end, + update = function(_, id, tbl) + return api_send("PATCH", "/" .. admin_api_name .. "/" .. id, tbl) + end, + } +end + + +admin_api_as_db["basicauth_credentials"] = { + insert = function(_, tbl) + return api_send("POST", "/consumers/" .. tbl.consumer.id .. "/basic-auth", tbl) + end, + remove = function(_, tbl) + return api_send("DELETE", "/consumers/" .. tbl.consumer.id .. "/basic-auth/" .. tbl.id) + end, + update = function(_, id, tbl) + return api_send("PATCH", "/consumers/" .. tbl.consumer.id .. "/basic-auth/" .. id, tbl) + end, +} + +admin_api_as_db["targets"] = { + insert = function(_, tbl) + return api_send("POST", "/upstreams/" .. tbl.upstream.id .. "/targets", tbl) + end, + remove = function(_, tbl) + return api_send("DELETE", "/upstreams/" .. tbl.upstream.id .. "/targets/" .. tbl.id) + end, + update = function(_, id, tbl) + return api_send("PATCH", "/upstreams/" .. tbl.upstream.id .. "/targets/" .. id, tbl) + end, +} + + +local bp = blueprints.new(admin_api_as_db) + + +function bp.set_prefix(p) + prefix = p +end + + +return bp + diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/aws-lambda.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/aws-lambda.lua new file mode 100644 index 00000000..42bffb32 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/aws-lambda.lua @@ -0,0 +1,135 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local helpers = require "spec.helpers" + +local fixtures = { + dns_mock = helpers.dns_mock.new(), + http_mock = { + lambda_plugin = [[ + + server { + server_name mock_aws_lambda; + listen 10001 ssl; +> if ssl_cert[1] then +> for i = 1, #ssl_cert do + ssl_certificate $(ssl_cert[i]); + ssl_certificate_key $(ssl_cert_key[i]); +> end +> else + ssl_certificate ${{SSL_CERT}}; + ssl_certificate_key ${{SSL_CERT_KEY}}; +> end + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + + location ~ "/2015-03-31/functions/(?:[^/])*/invocations" { + content_by_lua_block { + local function x() + local function say(res, status) + ngx.header["x-amzn-RequestId"] = "foo" + + if string.match(ngx.var.uri, "functionWithUnhandledError") then + ngx.header["X-Amz-Function-Error"] = "Unhandled" + end + + ngx.status = status + + if string.match(ngx.var.uri, "functionWithBadJSON") then + local badRes = "{\"foo\":\"bar\"" + ngx.header["Content-Length"] = #badRes + 1 + ngx.say(badRes) + + elseif string.match(ngx.var.uri, "functionWithNoResponse") then + ngx.header["Content-Length"] = 0 + + elseif string.match(ngx.var.uri, "functionWithBase64EncodedResponse") then + ngx.header["Content-Type"] = "application/json" + ngx.say("{\"statusCode\": 200, \"body\": \"dGVzdA==\", \"isBase64Encoded\": true}") + + elseif string.match(ngx.var.uri, "functionWithNotBase64EncodedResponse") then + ngx.header["Content-Type"] = "application/json" + ngx.say("{\"statusCode\": 200, \"body\": \"dGVzdA=\", \"isBase64Encoded\": false}") + + elseif string.match(ngx.var.uri, "functionWithIllegalBase64EncodedResponse") then + ngx.say("{\"statusCode\": 200, \"body\": \"dGVzdA=\", \"isBase64Encoded\": \"abc\"}") + + elseif string.match(ngx.var.uri, "functionWithMultiValueHeadersResponse") then + ngx.header["Content-Type"] = "application/json" + ngx.say("{\"statusCode\": 200, \"headers\": { \"Age\": \"3600\"}, \"multiValueHeaders\": {\"Access-Control-Allow-Origin\": [\"site1.com\", \"site2.com\"]}}") + + elseif string.match(ngx.var.uri, "functionEcho") then + require("spec.fixtures.mock_upstream").send_default_json_response() + + elseif type(res) == 'string' then + ngx.header["Content-Length"] = #res + 1 + ngx.say(res) + + else + ngx.req.discard_body() + ngx.header['Content-Length'] = 0 + end + + ngx.exit(0) + end + + ngx.sleep(.2) -- mock some network latency + + local invocation_type = ngx.var.http_x_amz_invocation_type + if invocation_type == 'Event' then + say(nil, 202) + + elseif invocation_type == 'DryRun' then + say(nil, 204) + end + + local qargs = ngx.req.get_uri_args() + ngx.req.read_body() + local request_body = ngx.req.get_body_data() + if request_body == nil then + local body_file = ngx.req.get_body_file() + if body_file then + ngx.log(ngx.DEBUG, "reading file cached to disk: ",body_file) + local file = io.open(body_file, "rb") + request_body = file:read("*all") + file:close() + end + end + print(request_body) + local args = require("cjson").decode(request_body) + + say(request_body, 200) + end + local ok, err = pcall(x) + if not ok then + ngx.log(ngx.ERR, "Mock error: ", err) + end + } + } + } + + ]] + }, +} + +fixtures.stream_mock = { + lambda_proxy = [[ + server { + listen 13128; + + content_by_lua_block { + require("spec.fixtures.forward-proxy-server").connect() + } + } + ]], +} + +fixtures.dns_mock:A { + name = "lambda.us-east-1.amazonaws.com", + address = "127.0.0.1", +} + +return fixtures diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/aws-sam.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/aws-sam.lua new file mode 100644 index 00000000..89f1c90c --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/aws-sam.lua @@ -0,0 +1,66 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +--AWS SAM Local Test Helper +local helpers = require "spec.helpers" +local utils = require "spec.helpers.perf.utils" +local fmt = string.format + +local _M = {} + + +--- Get system architecture by uname +-- @function get_os_architecture +-- @return architecture string if success, or nil and an error message +function _M.get_os_architecture() + local ret, err = utils.execute("uname -m") + + return ret, err +end + + +function _M.is_sam_installed() + local ret, err = utils.execute("sam --version") + if err then + return nil, fmt("SAM CLI version check failed(code: %s): %s", err, ret) + end + + return true +end + + +function _M.start_local_lambda() + local port = helpers.get_available_port() + if not port then + return nil, "No available port found" + end + + -- run in background + local _ = ngx.thread.spawn(function() + utils.execute("sam local start-lambda --template-file=spec/fixtures/sam-app/template.yaml --port " .. port) + end) + + local ret, err = utils.execute("pgrep -f 'sam local'") + if err then + return nil, fmt("Start SAM CLI failed(code: %s): %s", err, ret) + end + + return true, port +end + + +function _M.stop_local_lambda() + local ret, err = utils.execute("pkill -f sam") + if err then + return nil, fmt("Stop SAM CLI failed(code: %s): %s", err, ret) + end + + return true +end + + +return _M diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/balancer_utils.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/balancer_utils.lua new file mode 100644 index 00000000..ae36a971 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/balancer_utils.lua @@ -0,0 +1,585 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local cjson = require "cjson" +local declarative = require "kong.db.declarative" +local helpers = require "spec.helpers" +local utils = require "kong.tools.utils" +local https_server = require "spec.fixtures.https_server" + + +local CONSISTENCY_FREQ = 0.1 +local FIRST_PORT = 20000 +local HEALTHCHECK_INTERVAL = 0.01 +local SLOTS = 10 +local TEST_LOG = false -- extra verbose logging +local healthchecks_defaults = { + active = { + timeout = 1, + concurrency = 10, + http_path = "/", + healthy = { + interval = 0, -- 0 = disabled by default + http_statuses = { 200, 302 }, + successes = 2, + }, + unhealthy = { + interval = 0, -- 0 = disabled by default + http_statuses = { 429, 404, + 500, 501, 502, 503, 504, 505 }, + tcp_failures = 2, + timeouts = 3, + http_failures = 5, + }, + }, + passive = { + healthy = { + http_statuses = { 200, 201, 202, 203, 204, 205, 206, 207, 208, 226, + 300, 301, 302, 303, 304, 305, 306, 307, 308 }, + successes = 5, + }, + unhealthy = { + http_statuses = { 429, 500, 503 }, + tcp_failures = 2, + timeouts = 7, + http_failures = 5, + }, + }, +} + + +local prefix = "" + + +local function healthchecks_config(config) + return utils.deep_merge(healthchecks_defaults, config) +end + + +local function direct_request(host, port, path, protocol, host_header) + local pok, client = pcall(helpers.http_client, { + host = host, + port = port, + scheme = protocol, + }) + if not pok then + return nil, "pcall: " .. client .. " : " .. host ..":"..port + end + if not client then + return nil, "client" + end + + local res, err = client:send { + method = "GET", + path = path, + headers = { ["Host"] = host_header or host } + } + local body = res and res:read_body() + client:close() + if err then + return nil, err + end + return body +end + + +local function post_target_endpoint(upstream_id, host, port, endpoint) + if host == "[::1]" then + host = "[0000:0000:0000:0000:0000:0000:0000:0001]" + end + local path = "/upstreams/" .. upstream_id + .. "/targets/" + .. utils.format_host(host, port) + .. "/" .. endpoint + local api_client = helpers.admin_client() + local res, err = assert(api_client:send { + method = "POST", + path = prefix .. path, + headers = { + ["Content-Type"] = "application/json", + }, + body = {}, + }) + api_client:close() + return res, err +end + + +local function client_requests(n, host_or_headers, proxy_host, proxy_port, protocol) + local oks, fails = 0, 0 + local last_status + for _ = 1, n do + local client + if proxy_host and proxy_port then + client = helpers.http_client({ + host = proxy_host, + port = proxy_port, + scheme = protocol, + }) + + else + if protocol == "https" then + client = helpers.proxy_ssl_client() + else + client = helpers.proxy_client() + end + end + + local res = client:send { + method = "GET", + path = "/", + headers = type(host_or_headers) == "string" + and { ["Host"] = host_or_headers } + or host_or_headers + or {} + } + if not res then + fails = fails + 1 + if TEST_LOG then + print("FAIL (no body)") + end + elseif res.status == 200 then + oks = oks + 1 + if TEST_LOG then + print("OK ", res.status, res:read_body()) + end + elseif res.status > 399 then + fails = fails + 1 + if TEST_LOG then + print("FAIL ", res.status, res:read_body()) + end + end + last_status = res and res.status + client:close() + end + return oks, fails, last_status +end + + +local add_upstream +local remove_upstream +local patch_upstream +local get_upstream +local get_upstream_health +local get_balancer_health +local post_target_address_health +local get_router_version +local add_target +local update_target +local add_api +local patch_api +local gen_port +local gen_multi_host +local invalidate_router +do + local gen_sym + do + local sym = 0 + gen_sym = function(name) + sym = sym + 1 + return name .. "_" .. sym + end + end + + local function api_send(method, path, body, forced_port) + local api_client = helpers.admin_client(nil, forced_port) + local res, err = api_client:send({ + method = method, + path = prefix .. path, + headers = { + ["Content-Type"] = "application/json" + }, + body = body, + }) + if not res then + api_client:close() + return nil, err + end + local res_body = res.status ~= 204 and cjson.decode((res:read_body())) + api_client:close() + return res.status, res_body + end + + add_upstream = function(bp, data) + local upstream_id = utils.uuid() + local req = utils.deep_copy(data) or {} + local upstream_name = req.name or gen_sym("upstream") + req.name = upstream_name + req.slots = req.slots or SLOTS + req.id = upstream_id + bp.upstreams:insert(req) + return upstream_name, upstream_id + end + + remove_upstream = function(bp, upstream_id) + bp.upstreams:remove({ id = upstream_id }) + end + + patch_upstream = function(upstream_id, data) + local res = api_send("PATCH", "/upstreams/" .. upstream_id, data) + assert(res == 200) + end + + get_upstream = function(upstream_id, forced_port) + local path = "/upstreams/" .. upstream_id + local status, body = api_send("GET", path, nil, forced_port) + if status == 200 then + return body + end + end + + get_upstream_health = function(upstream_id, forced_port) + local path = "/upstreams/" .. upstream_id .."/health" + local status, body = api_send("GET", path, nil, forced_port) + if status == 200 then + return body + end + end + + get_balancer_health = function(upstream_id, forced_port) + local path = "/upstreams/" .. upstream_id .."/health?balancer_health=1" + local status, body = api_send("GET", path, nil, forced_port) + if status == 200 then + return body + end + end + + post_target_address_health = function(upstream_id, target_id, address, mode, forced_port) + local path = "/upstreams/" .. upstream_id .. "/targets/" .. target_id .. "/" .. address .. "/" .. mode + return api_send("POST", path, {}, forced_port) + end + + get_router_version = function(forced_port) + local path = "/cache/router:version" + local status, body = api_send("GET", path, nil, forced_port) + if status == 200 then + return body.message + end + end + + invalidate_router = function(forced_port) + local path = "/cache/router:version" + local status, body = api_send("DELETE", path, nil, forced_port) + if status == 204 then + return true + end + + return nil, body + end + + do + local os_name + do + local pd = io.popen("uname -s") + os_name = pd:read("*l") + pd:close() + end + local function port_in_use(port) + if os_name ~= "Linux" then + return false + end + return os.execute("netstat -n | grep -q -w " .. port) + end + + local port = FIRST_PORT + gen_port = function() + repeat + port = port + 1 + until not port_in_use(port) + return port + end + end + + do + local host_num = 0 + gen_multi_host = function() + host_num = host_num + 1 + return "multiple-hosts-" .. tostring(host_num) .. ".test" + end + end + + add_target = function(bp, upstream_id, host, port, data) + port = port or gen_port() + local req = utils.deep_copy(data) or {} + if host == "[::1]" then + host = "[0000:0000:0000:0000:0000:0000:0000:0001]" + end + req.target = req.target or utils.format_host(host, port) + req.weight = req.weight or 10 + req.upstream = { id = upstream_id } + local new_target = bp.targets:insert(req) + return port, new_target + end + + update_target = function(bp, upstream_id, host, port, data) + local req = utils.deep_copy(data) or {} + if host == "[::1]" then + host = "[0000:0000:0000:0000:0000:0000:0000:0001]" + end + req.target = req.target or utils.format_host(host, port) + req.weight = req.weight or 10 + req.upstream = { id = upstream_id } + bp.targets:update(req.id or req.target, req) + end + + add_api = function(bp, upstream_name, opts) + opts = opts or {} + local route_id = utils.uuid() + local service_id = utils.uuid() + local route_host = gen_sym("host") + local sproto = opts.service_protocol or opts.route_protocol or "http" + local rproto = opts.route_protocol or "http" + + bp.services:insert({ + id = service_id, + url = sproto .. "://" .. upstream_name .. ":" .. (rproto == "tcp" and 9100 or 80), + read_timeout = opts.read_timeout, + write_timeout = opts.write_timeout, + connect_timeout = opts.connect_timeout, + retries = opts.retries, + protocol = sproto, + }) + bp.routes:insert({ + id = route_id, + service = { id = service_id }, + protocols = { rproto }, + hosts = rproto ~= "tcp" and { route_host } or nil, + destinations = (rproto == "tcp") and {{ port = 9100 }} or nil, + }) + return route_host, service_id, route_id + end + + patch_api = function(bp, service_id, new_upstream, read_timeout) + bp.services:update(service_id, { + url = new_upstream, + read_timeout = read_timeout, + }) + end +end + + +local poll_wait_health +local poll_wait_address_health +do + local function poll_wait(upstream_id, host, port, admin_port, fn) + if host == "[::1]" then + host = "[0000:0000:0000:0000:0000:0000:0000:0001]" + end + local hard_timeout = ngx.now() + 5 + while ngx.now() < hard_timeout do + local health = get_upstream_health(upstream_id, admin_port) + if health then + for _, d in ipairs(health.data) do + if d.target == host .. ":" .. port and fn(d) then + return true + end + end + end + ngx.sleep(0.1) -- poll-wait + end + return false + end + + poll_wait_health = function(upstream_id, host, port, value, admin_port) + local ok = poll_wait(upstream_id, host, port, admin_port, function(d) + return d.health == value + end) + if ok then + return true + end + assert(false, "timed out waiting for " .. host .. ":" .. port .. " in " .. + upstream_id .. " to become " .. value) + end + + poll_wait_address_health = function(upstream_id, host, port, address_host, address_port, value) + local ok = poll_wait(upstream_id, host, port, nil, function(d) + for _, ad in ipairs(d.data.addresses) do + if ad.ip == address_host + and ad.port == address_port + and ad.health == value then + return true + end + end + end) + if ok then + return true + end + assert(false, "timed out waiting for " .. address_host .. ":" .. address_port .. " in " .. + upstream_id .. " to become " .. value) + end +end + + +local function wait_for_router_update(bp, old_rv, localhost, proxy_port, admin_port) + -- add dummy upstream just to rebuild router + local dummy_upstream_name, dummy_upstream_id = add_upstream(bp) + local dummy_port = add_target(bp, dummy_upstream_id, localhost) + local dummy_api_host = add_api(bp, dummy_upstream_name) + local dummy_server = https_server.new(dummy_port, localhost) + dummy_server:start() + + -- forces the router to be rebuild, reduces the flakiness of the test suite + -- TODO: find out what's wrong with router invalidation in the particular + -- test setup causing the flakiness + assert(invalidate_router(admin_port)) + + helpers.wait_until(function() + client_requests(1, dummy_api_host, "127.0.0.1", proxy_port) + local rv = get_router_version(admin_port) + return rv ~= old_rv + end, 5) + + dummy_server:shutdown() +end + + +local function tcp_client_requests(nreqs, host, port) + local fails, ok1, ok2 = 0, 0, 0 + for _ = 1, nreqs do + local sock = ngx.socket.tcp() + assert(sock:connect(host, port)) + assert(sock:send("hello\n")) + local response, err = sock:receive() + if err then + fails = fails + 1 + elseif response:match("^1 ") then + ok1 = ok1 + 1 + elseif response:match("^2 ") then + ok2 = ok2 + 1 + end + end + return ok1, ok2, fails +end + + +local function begin_testcase_setup(strategy, bp) + if strategy == "off" then + bp.done() + end +end + +local function begin_testcase_setup_update(strategy, bp) + if strategy == "off" then + bp.reset_back() + end +end + + +local function end_testcase_setup(strategy, bp, consistency) + if strategy == "off" then + local cfg = bp.done() + local yaml = declarative.to_yaml_string(cfg) + local admin_client = helpers.admin_client() + local res = assert(admin_client:send { + method = "POST", + path = "/config", + body = { + config = yaml, + }, + headers = { + ["Content-Type"] = "multipart/form-data", + } + }) + assert(res ~= nil) + assert(res.status == 201) + admin_client:close() + end + if consistency == "eventual" then + ngx.sleep(CONSISTENCY_FREQ*2) -- wait for proxy state consistency timer + end +end + + +local function get_db_utils_for_dc_and_admin_api(strategy, tables) + local bp = assert(helpers.get_db_utils(strategy, tables)) + if strategy ~= "off" then + bp = require("spec.fixtures.admin_api") + end + return bp +end + + +local function setup_prefix(p) + prefix = p + local bp = require("spec.fixtures.admin_api") + bp.set_prefix(prefix) +end + + +local function teardown_prefix() + prefix = "" + local bp = require("spec.fixtures.admin_api") + bp.set_prefix(prefix) +end + + +local function test_with_prefixes(itt, strategy, prefixes) + return function(description, fn) + if strategy == "off" then + itt(description, fn) + return + end + + for _, name in ipairs(prefixes) do + itt(name .. ": " .. description, function() + setup_prefix("/" .. name) + local ok = fn() + teardown_prefix() + return ok + end) + end + end +end + + +local localhosts = { + ipv4 = "127.0.0.1", + ipv6 = "[::1]", + hostname = "localhost", +} + + +local consistencies = {"strict", "eventual"} + + +local balancer_utils = {} +--balancer_utils. +balancer_utils.add_api = add_api +balancer_utils.add_target = add_target +balancer_utils.update_target = update_target +balancer_utils.add_upstream = add_upstream +balancer_utils.remove_upstream = remove_upstream +balancer_utils.begin_testcase_setup = begin_testcase_setup +balancer_utils.begin_testcase_setup_update = begin_testcase_setup_update +balancer_utils.client_requests = client_requests +balancer_utils.consistencies = consistencies +balancer_utils.CONSISTENCY_FREQ = CONSISTENCY_FREQ +balancer_utils.direct_request = direct_request +balancer_utils.end_testcase_setup = end_testcase_setup +balancer_utils.gen_multi_host = gen_multi_host +balancer_utils.gen_port = gen_port +balancer_utils.get_balancer_health = get_balancer_health +balancer_utils.get_db_utils_for_dc_and_admin_api = get_db_utils_for_dc_and_admin_api +balancer_utils.get_router_version = get_router_version +balancer_utils.get_upstream = get_upstream +balancer_utils.get_upstream_health = get_upstream_health +balancer_utils.healthchecks_config = healthchecks_config +balancer_utils.HEALTHCHECK_INTERVAL = HEALTHCHECK_INTERVAL +balancer_utils.localhosts = localhosts +balancer_utils.patch_api = patch_api +balancer_utils.patch_upstream = patch_upstream +balancer_utils.poll_wait_address_health = poll_wait_address_health +balancer_utils.poll_wait_health = poll_wait_health +balancer_utils.post_target_address_health = post_target_address_health +balancer_utils.post_target_endpoint = post_target_endpoint +balancer_utils.SLOTS = SLOTS +balancer_utils.tcp_client_requests = tcp_client_requests +balancer_utils.wait_for_router_update = wait_for_router_update +balancer_utils.test_with_prefixes = test_with_prefixes + + +return balancer_utils diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/blueprints.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/blueprints.lua new file mode 100644 index 00000000..b365c7a1 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/blueprints.lua @@ -0,0 +1,441 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local ssl_fixtures = require "spec.fixtures.ssl" +local utils = require "kong.tools.utils" + +local deep_merge = utils.deep_merge +local fmt = string.format + + +local Blueprint = {} +Blueprint.__index = Blueprint + + +function Blueprint:build(overrides) + overrides = overrides or {} + return deep_merge(self.build_function(overrides), overrides) +end + + +function Blueprint:insert(overrides, options) + local entity, err = self.dao:insert(self:build(overrides), options) + if err then + error(err, 2) + end + return entity +end + + +-- insert blueprint in workspace specified by `ws` +function Blueprint:insert_ws(overrides, workspace) + local old_workspace = ngx.ctx.workspace + + ngx.ctx.workspace = workspace.id + local entity = self:insert(overrides) + ngx.ctx.workspace = old_workspace + + return entity +end + + +function Blueprint:remove(overrides, options) + local entity, err = self.dao:remove({ id = overrides.id }, options) + if err then + error(err, 2) + end + return entity +end + + +function Blueprint:update(id, overrides, options) + local entity, err = self.dao:update(id, overrides, options) + if err then + error(err, 2) + end + return entity +end + + +function Blueprint:upsert(id, overrides, options) + local entity, err = self.dao:upsert(id, overrides, options) + if err then + error(err, 2) + end + return entity +end + + +function Blueprint:insert_n(n, overrides, options) + local res = {} + for i=1,n do + res[i] = self:insert(overrides, options) + end + return res +end + + +local function new_blueprint(dao, build_function) + return setmetatable({ + dao = dao, + build_function = build_function, + }, Blueprint) +end + + +local Sequence = {} +Sequence.__index = Sequence + + +function Sequence:next() + self.count = self.count + 1 + return fmt(self.sequence_string, self.count) +end + + +local function new_sequence(sequence_string) + return setmetatable({ + count = 0, + sequence_string = sequence_string, + }, Sequence) +end + + +local _M = {} + + +function _M.new(db) + local res = {} + + local sni_seq = new_sequence("server-name-%d") + res.snis = new_blueprint(db.snis, function(overrides) + return { + name = overrides.name or sni_seq:next(), + certificate = overrides.certificate or res.certificates:insert(), + } + end) + + res.certificates = new_blueprint(db.certificates, function() + return { + cert = ssl_fixtures.cert, + key = ssl_fixtures.key, + } + end) + + res.ca_certificates = new_blueprint(db.ca_certificates, function() + return { + cert = ssl_fixtures.cert_ca, + } + end) + + local upstream_name_seq = new_sequence("upstream-%d") + res.upstreams = new_blueprint(db.upstreams, function(overrides) + local slots = overrides.slots or 100 + local name = overrides.name or upstream_name_seq:next() + local host_header = overrides.host_header or nil + + return { + name = name, + slots = slots, + host_header = host_header, + } + end) + + local consumer_custom_id_seq = new_sequence("consumer-id-%d") + local consumer_username_seq = new_sequence("consumer-username-%d") + res.consumers = new_blueprint(db.consumers, function() + return { + custom_id = consumer_custom_id_seq:next(), + username = consumer_username_seq:next(), + } + end) + + local developer_email_seq = new_sequence("dev-%d@example.com") + res.developers = new_blueprint(db.developers, function() + return { + email = developer_email_seq:next(), + } + end) + + res.targets = new_blueprint(db.targets, function(overrides) + return { + weight = 10, + upstream = overrides.upstream or res.upstreams:insert(), + } + end) + + res.plugins = new_blueprint(db.plugins, function() + return {} + end) + + res.routes = new_blueprint(db.routes, function(overrides) + return { + service = overrides.service or res.services:insert(), + } + end) + + res.services = new_blueprint(db.services, function() + return { + protocol = "http", + host = "127.0.0.1", + port = 15555, + } + end) + + res.clustering_data_planes = new_blueprint(db.clustering_data_planes, function() + return { + hostname = "dp.example.com", + ip = "127.0.0.1", + config_hash = "a9a166c59873245db8f1a747ba9a80a7", + } + end) + + local named_service_name_seq = new_sequence("service-name-%d") + local named_service_host_seq = new_sequence("service-host-%d.test") + res.named_services = new_blueprint(db.services, function() + return { + protocol = "http", + name = named_service_name_seq:next(), + host = named_service_host_seq:next(), + port = 15555, + } + end) + + local named_route_name_seq = new_sequence("route-name-%d") + local named_route_host_seq = new_sequence("route-host-%d.test") + res.named_routes = new_blueprint(db.routes, function(overrides) + return { + name = named_route_name_seq:next(), + hosts = { named_route_host_seq:next() }, + service = overrides.service or res.services:insert(), + } + end) + + res.acl_plugins = new_blueprint(db.plugins, function() + return { + name = "acl", + config = {}, + } + end) + + local acl_group_seq = new_sequence("acl-group-%d") + res.acls = new_blueprint(db.acls, function() + return { + group = acl_group_seq:next(), + } + end) + + res.cors_plugins = new_blueprint(db.plugins, function() + return { + name = "cors", + config = { + origins = { "example.com" }, + methods = { "GET" }, + headers = { "origin", "type", "accepts"}, + exposed_headers = { "x-auth-token" }, + max_age = 23, + credentials = true, + } + } + end) + + res.loggly_plugins = new_blueprint(db.plugins, function() + return { + name = "loggly", + config = {}, -- all fields have default values already + } + end) + + res.tcp_log_plugins = new_blueprint(db.plugins, function() + return { + name = "tcp-log", + config = { + host = "127.0.0.1", + port = 35001, + }, + } + end) + + res.udp_log_plugins = new_blueprint(db.plugins, function() + return { + name = "udp-log", + config = { + host = "127.0.0.1", + port = 35001, + }, + } + end) + + res.jwt_plugins = new_blueprint(db.plugins, function() + return { + name = "jwt", + config = {}, + } + end) + + local jwt_key_seq = new_sequence("jwt-key-%d") + res.jwt_secrets = new_blueprint(db.jwt_secrets, function() + return { + key = jwt_key_seq:next(), + secret = "secret", + } + end) + + res.oauth2_plugins = new_blueprint(db.plugins, function() + return { + name = "oauth2", + config = { + scopes = { "email", "profile" }, + enable_authorization_code = true, + mandatory_scope = true, + provision_key = "provision123", + token_expiration = 5, + enable_implicit_grant = true, + } + } + end) + + res.oauth2_credentials = new_blueprint(db.oauth2_credentials, function() + return { + name = "oauth2 credential", + client_secret = "secret", + } + end) + + local oauth_code_seq = new_sequence("oauth-code-%d") + res.oauth2_authorization_codes = new_blueprint(db.oauth2_authorization_codes, function() + return { + code = oauth_code_seq:next(), + scope = "default", + } + end) + + res.oauth2_tokens = new_blueprint(db.oauth2_tokens, function() + return { + token_type = "bearer", + expires_in = 1000000000, + scope = "default", + } + end) + + res.key_auth_plugins = new_blueprint(db.plugins, function() + return { + name = "key-auth", + config = {}, + } + end) + + local keyauth_key_seq = new_sequence("keyauth-key-%d") + res.keyauth_credentials = new_blueprint(db.keyauth_credentials, function() + return { + key = keyauth_key_seq:next(), + } + end) + + local keyauth_enc_key_seq = new_sequence("keyauth-enc-key-%d") + res.keyauth_enc_credentials = new_blueprint(db.keyauth_enc_credentials, function() + return { + key = keyauth_enc_key_seq:next(), + } + end) + + res.keyauth_enc_plugins = new_blueprint(db.plugins, function() + return { + name = "key-auths-enc", + config = {}, + } + end) + + res.basicauth_credentials = new_blueprint(db.basicauth_credentials, function() + return {} + end) + + res.hmac_auth_plugins = new_blueprint(db.plugins, function() + return { + name = "hmac-auth", + config = {}, + } + end) + + local hmac_username_seq = new_sequence("hmac-username-%d") + res.hmacauth_credentials = new_blueprint(db.hmacauth_credentials, function() + return { + username = hmac_username_seq:next(), + secret = "secret", + } + end) + + res.rate_limiting_plugins = new_blueprint(db.plugins, function() + return { + name = "rate-limiting", + config = {}, + } + end) + + res.response_ratelimiting_plugins = new_blueprint(db.plugins, function() + return { + name = "response-ratelimiting", + config = {}, + } + end) + + res.datadog_plugins = new_blueprint(db.plugins, function() + return { + name = "datadog", + config = {}, + } + end) + + res.statsd_plugins = new_blueprint(db.plugins, function() + return { + name = "statsd", + config = {}, + } + end) + + local workspace_name_seq = new_sequence("workspace-name-%d") + res.workspaces = new_blueprint(db.workspaces, function() + return { + name = workspace_name_seq:next(), + } + end) + + res.rewriter_plugins = new_blueprint(db.plugins, function() + return { + name = "rewriter", + config = {}, + } + end) + + local rbac_user_name_seq = new_sequence("rbac_user-%d") + local rbac_user_user_token_seq = new_sequence("rbac_user_token-%d") + res.rbac_users = new_blueprint(db.rbac_users, function() + return { + name = rbac_user_name_seq:next(), + user_token = rbac_user_user_token_seq:next(), + } + end) + + local rbac_roles_seq = new_sequence("rbac_role-%d") + res.rbac_roles = new_blueprint(db.rbac_roles, function() + return { + name = rbac_roles_seq:next(), + } + end) + + local rbac_users_seq = new_sequence("rbac_user-%d") + res.rbac_users = new_blueprint(db.rbac_users, function() + return { + name = rbac_users_seq:next(), + } + end) + + return res +end + + +return _M diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/burst.yml b/kong-versions/2.8.4.3/kong/spec/fixtures/burst.yml new file mode 100644 index 00000000..46f03c31 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/burst.yml @@ -0,0 +1,23649 @@ +_format_version: "1.1" +services: +- connect_timeout: 60000 + host: something-static.4test-any.svc + name: 4test-any.something-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-any.example.test + name: 4test-any.something-ingress-static.00 + paths: + - /something/4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing-ws.4test-any.svc + name: 4test-any.testing-testing-ws.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-any.example.test + name: 4test-any.testing-ingress-app.01 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/ws + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing.4test-any.svc + name: 4test-any.testing-testing.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-any-admin.example.test + name: 4test-any.testing-ingress-admin.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-any.example.test + name: 4test-any.testing-ingress-app.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/api + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-static-admin.4test-any.svc + name: 4test-any.testing-static-admin.80 + path: /static/admin + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-any-admin.example.test + name: 4test-any.testing-ingress-admin-static.00 + methods: + - GET + paths: + - /4test/static/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https +- connect_timeout: 60000 + host: testing-static.4test-any.svc + name: 4test-any.testing-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-any.example.test + name: 4test-any.testing-ingress-static.00 + paths: + - /4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: something-static.4test-athing1-otherthing.svc + name: 4test-athing1-otherthing.something-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing1-otherthing.example.test + name: 4test-athing1-otherthing.something-ingress-static.00 + paths: + - /something/4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing-ws.4test-athing1-otherthing.svc + name: 4test-athing1-otherthing.testing-testing-ws.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing1-otherthing.example.test + name: 4test-athing1-otherthing.testing-ingress-app.01 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/ws + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing.4test-athing1-otherthing.svc + name: 4test-athing1-otherthing.testing-testing.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing1-otherthing-admin.example.test + name: 4test-athing1-otherthing.testing-ingress-admin.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-athing1-otherthing.example.test + name: 4test-athing1-otherthing.testing-ingress-app.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/api + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-static-admin.4test-athing1-otherthing.svc + name: 4test-athing1-otherthing.testing-static-admin.80 + path: /static/admin + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing1-otherthing-admin.example.test + name: 4test-athing1-otherthing.testing-ingress-admin-static.00 + methods: + - GET + paths: + - /4test/static/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https +- connect_timeout: 60000 + host: testing-static.4test-athing1-otherthing.svc + name: 4test-athing1-otherthing.testing-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing1-otherthing.example.test + name: 4test-athing1-otherthing.testing-ingress-static.00 + paths: + - /4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: something-static.4test-athing1-name.svc + name: 4test-athing1-name.something-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing1-name.example.test + name: 4test-athing1-name.something-ingress-static.00 + paths: + - /something/4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing-ws.4test-athing1-name.svc + name: 4test-athing1-name.testing-testing-ws.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing1-name.example.test + name: 4test-athing1-name.testing-ingress-app.01 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/ws + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing.4test-athing1-name.svc + name: 4test-athing1-name.testing-testing.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing1-name-admin.example.test + name: 4test-athing1-name.testing-ingress-admin.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-athing1-name.example.test + name: 4test-athing1-name.testing-ingress-app.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/api + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-static-admin.4test-athing1-name.svc + name: 4test-athing1-name.testing-static-admin.80 + path: /static/admin + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing1-name-admin.example.test + name: 4test-athing1-name.testing-ingress-admin-static.00 + methods: + - GET + paths: + - /4test/static/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https +- connect_timeout: 60000 + host: testing-static.4test-athing1-name.svc + name: 4test-athing1-name.testing-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing1-name.example.test + name: 4test-athing1-name.testing-ingress-static.00 + paths: + - /4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: something-static.4test-athing1-othername.svc + name: 4test-athing1-othername.something-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing1-othername.example.test + name: 4test-athing1-othername.something-ingress-static.00 + paths: + - /something/4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing-ws.4test-athing1-othername.svc + name: 4test-athing1-othername.testing-testing-ws.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing1-othername.example.test + name: 4test-athing1-othername.testing-ingress-app.01 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/ws + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing.4test-athing1-othername.svc + name: 4test-athing1-othername.testing-testing.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing1-othername-admin.example.test + name: 4test-athing1-othername.testing-ingress-admin.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-athing1-othername.example.test + name: 4test-athing1-othername.testing-ingress-app.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/api + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-static-admin.4test-athing1-othername.svc + name: 4test-athing1-othername.testing-static-admin.80 + path: /static/admin + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing1-othername-admin.example.test + name: 4test-athing1-othername.testing-ingress-admin-static.00 + methods: + - GET + paths: + - /4test/static/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https +- connect_timeout: 60000 + host: testing-static.4test-athing1-othername.svc + name: 4test-athing1-othername.testing-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing1-othername.example.test + name: 4test-athing1-othername.testing-ingress-static.00 + paths: + - /4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: something-static.4test-athing1-morenames.svc + name: 4test-athing1-morenames.something-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing1-morenames.example.test + name: 4test-athing1-morenames.something-ingress-static.00 + paths: + - /something/4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing-ws.4test-athing1-morenames.svc + name: 4test-athing1-morenames.testing-testing-ws.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing1-morenames.example.test + name: 4test-athing1-morenames.testing-ingress-app.01 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/ws + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing.4test-athing1-morenames.svc + name: 4test-athing1-morenames.testing-testing.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing1-morenames-admin.example.test + name: 4test-athing1-morenames.testing-ingress-admin.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-athing1-morenames.example.test + name: 4test-athing1-morenames.testing-ingress-app.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/api + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-static-admin.4test-athing1-morenames.svc + name: 4test-athing1-morenames.testing-static-admin.80 + path: /static/admin + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing1-morenames-admin.example.test + name: 4test-athing1-morenames.testing-ingress-admin-static.00 + methods: + - GET + paths: + - /4test/static/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https +- connect_timeout: 60000 + host: testing-static.4test-athing1-morenames.svc + name: 4test-athing1-morenames.testing-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing1-morenames.example.test + name: 4test-athing1-morenames.testing-ingress-static.00 + paths: + - /4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: something-static.4test-thatthing.svc + name: 4test-thatthing.something-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-thatthing.example.test + name: 4test-thatthing.something-ingress-static.00 + paths: + - /something/4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing-ws.4test-thatthing.svc + name: 4test-thatthing.testing-testing-ws.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-thatthing.example.test + name: 4test-thatthing.testing-ingress-app.01 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/ws + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing.4test-thatthing.svc + name: 4test-thatthing.testing-testing.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-thatthing-admin.example.test + name: 4test-thatthing.testing-ingress-admin.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-thatthing.example.test + name: 4test-thatthing.testing-ingress-app.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/api + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-static-admin.4test-thatthing.svc + name: 4test-thatthing.testing-static-admin.80 + path: /static/admin + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-thatthing-admin.example.test + name: 4test-thatthing.testing-ingress-admin-static.00 + methods: + - GET + paths: + - /4test/static/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https +- connect_timeout: 60000 + host: testing-static.4test-thatthing.svc + name: 4test-thatthing.testing-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-thatthing.example.test + name: 4test-thatthing.testing-ingress-static.00 + paths: + - /4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: something-static.4test-athing2-suchthing.svc + name: 4test-athing2-suchthing.something-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing2-suchthing.example.test + name: 4test-athing2-suchthing.something-ingress-static.00 + paths: + - /something/4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing-ws.4test-athing2-suchthing.svc + name: 4test-athing2-suchthing.testing-testing-ws.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing2-suchthing.example.test + name: 4test-athing2-suchthing.testing-ingress-app.01 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/ws + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing.4test-athing2-suchthing.svc + name: 4test-athing2-suchthing.testing-testing.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing2-suchthing-admin.example.test + name: 4test-athing2-suchthing.testing-ingress-admin.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-athing2-suchthing.example.test + name: 4test-athing2-suchthing.testing-ingress-app.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/api + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-static-admin.4test-athing2-suchthing.svc + name: 4test-athing2-suchthing.testing-static-admin.80 + path: /static/admin + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing2-suchthing-admin.example.test + name: 4test-athing2-suchthing.testing-ingress-admin-static.00 + methods: + - GET + paths: + - /4test/static/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https +- connect_timeout: 60000 + host: testing-static.4test-athing2-suchthing.svc + name: 4test-athing2-suchthing.testing-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing2-suchthing.example.test + name: 4test-athing2-suchthing.testing-ingress-static.00 + paths: + - /4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: something-static.4test-athing2-wow.svc + name: 4test-athing2-wow.something-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing2-wow.example.test + name: 4test-athing2-wow.something-ingress-static.00 + paths: + - /something/4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing-ws.4test-athing2-wow.svc + name: 4test-athing2-wow.testing-testing-ws.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing2-wow.example.test + name: 4test-athing2-wow.testing-ingress-app.01 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/ws + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing.4test-athing2-wow.svc + name: 4test-athing2-wow.testing-testing.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing2-wow-admin.example.test + name: 4test-athing2-wow.testing-ingress-admin.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-athing2-wow.example.test + name: 4test-athing2-wow.testing-ingress-app.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/api + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-static-admin.4test-athing2-wow.svc + name: 4test-athing2-wow.testing-static-admin.80 + path: /static/admin + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing2-wow-admin.example.test + name: 4test-athing2-wow.testing-ingress-admin-static.00 + methods: + - GET + paths: + - /4test/static/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https +- connect_timeout: 60000 + host: testing-static.4test-athing2-wow.svc + name: 4test-athing2-wow.testing-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing2-wow.example.test + name: 4test-athing2-wow.testing-ingress-static.00 + paths: + - /4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: something-static.4test-manythings.svc + name: 4test-manythings.something-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-manythings.example.test + name: 4test-manythings.something-ingress-static.00 + paths: + - /something/4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing-ws.4test-manythings.svc + name: 4test-manythings.testing-testing-ws.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-manythings.example.test + name: 4test-manythings.testing-ingress-app.01 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/ws + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing.4test-manythings.svc + name: 4test-manythings.testing-testing.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-manythings-admin.example.test + name: 4test-manythings.testing-ingress-admin.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-manythings.example.test + name: 4test-manythings.testing-ingress-app.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/api + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-static-admin.4test-manythings.svc + name: 4test-manythings.testing-static-admin.80 + path: /static/admin + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-manythings-admin.example.test + name: 4test-manythings.testing-ingress-admin-static.00 + methods: + - GET + paths: + - /4test/static/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https +- connect_timeout: 60000 + host: testing-static.4test-manythings.svc + name: 4test-manythings.testing-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-manythings.example.test + name: 4test-manythings.testing-ingress-static.00 + paths: + - /4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: something-static.4test-verythings.svc + name: 4test-verythings.something-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-verythings.example.test + name: 4test-verythings.something-ingress-static.00 + paths: + - /something/4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing-ws.4test-verythings.svc + name: 4test-verythings.testing-testing-ws.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-verythings.example.test + name: 4test-verythings.testing-ingress-app.01 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/ws + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing.4test-verythings.svc + name: 4test-verythings.testing-testing.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-verythings-admin.example.test + name: 4test-verythings.testing-ingress-admin.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-verythings.example.test + name: 4test-verythings.testing-ingress-app.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/api + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-static-admin.4test-verythings.svc + name: 4test-verythings.testing-static-admin.80 + path: /static/admin + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-verythings-admin.example.test + name: 4test-verythings.testing-ingress-admin-static.00 + methods: + - GET + paths: + - /4test/static/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https +- connect_timeout: 60000 + host: testing-static.4test-verythings.svc + name: 4test-verythings.testing-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-verythings.example.test + name: 4test-verythings.testing-ingress-static.00 + paths: + - /4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: something-static.4test-athing3-tester2.svc + name: 4test-athing3-tester2.something-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing3-tester2.example.test + name: 4test-athing3-tester2.something-ingress-static.00 + paths: + - /something/4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing-ws.4test-athing3-tester2.svc + name: 4test-athing3-tester2.testing-testing-ws.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing3-tester2.example.test + name: 4test-athing3-tester2.testing-ingress-app.01 + methods: + - POST + - GET + - PATCH + - PUT + paths: + - /4test/ws + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing.4test-athing3-tester2.svc + name: 4test-athing3-tester2.testing-testing.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing3-tester2-admin.example.test + name: 4test-athing3-tester2.testing-ingress-admin.01 + paths: + - /4test/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-athing3-tester2.example.test + name: 4test-athing3-tester2.testing-ingress-app.00 + methods: + - POST + - GET + - PATCH + - PUT + paths: + - /4test/api + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-static.4test-athing3-tester2.svc + name: 4test-athing3-tester2.testing-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing3-tester2-admin.example.test + name: 4test-athing3-tester2.testing-ingress-admin.00 + paths: + - /4test/static/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-athing3-tester2.example.test + name: 4test-athing3-tester2.testing-ingress-static.00 + paths: + - /4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: something-static.4test-athing3-oldthings.svc + name: 4test-athing3-oldthings.something-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing3-oldthings.example.test + name: 4test-athing3-oldthings.something-ingress-static.00 + paths: + - /something/4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing-ws.4test-athing3-oldthings.svc + name: 4test-athing3-oldthings.testing-testing-ws.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing3-oldthings.example.test + name: 4test-athing3-oldthings.testing-ingress-app.01 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/ws + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing.4test-athing3-oldthings.svc + name: 4test-athing3-oldthings.testing-testing.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing3-oldthings-admin.example.test + name: 4test-athing3-oldthings.testing-ingress-admin.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-athing3-oldthings.example.test + name: 4test-athing3-oldthings.testing-ingress-app.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/api + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-static-admin.4test-athing3-oldthings.svc + name: 4test-athing3-oldthings.testing-static-admin.80 + path: /static/admin + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing3-oldthings-admin.example.test + name: 4test-athing3-oldthings.testing-ingress-admin-static.00 + methods: + - GET + paths: + - /4test/static/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https +- connect_timeout: 60000 + host: testing-static.4test-athing3-oldthings.svc + name: 4test-athing3-oldthings.testing-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing3-oldthings.example.test + name: 4test-athing3-oldthings.testing-ingress-static.00 + paths: + - /4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: something-static.4test-demo1.svc + name: 4test-demo1.something-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-demo1.example.test + name: 4test-demo1.something-ingress-static.00 + paths: + - /something/4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing-ws.4test-demo1.svc + name: 4test-demo1.testing-testing-ws.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-demo1.example.test + name: 4test-demo1.testing-ingress-app.01 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/ws + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing.4test-demo1.svc + name: 4test-demo1.testing-testing.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-demo1-admin.example.test + name: 4test-demo1.testing-ingress-admin.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-demo1.example.test + name: 4test-demo1.testing-ingress-app.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/api + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-static-admin.4test-demo1.svc + name: 4test-demo1.testing-static-admin.80 + path: /static/admin + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-demo1-admin.example.test + name: 4test-demo1.testing-ingress-admin-static.00 + methods: + - GET + paths: + - /4test/static/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https +- connect_timeout: 60000 + host: testing-static.4test-demo1.svc + name: 4test-demo1.testing-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-demo1.example.test + name: 4test-demo1.testing-ingress-static.00 + paths: + - /4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: something-static.4test-demo2.svc + name: 4test-demo2.something-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-demo2.example.test + name: 4test-demo2.something-ingress-static.00 + paths: + - /something/4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing-ws.4test-demo2.svc + name: 4test-demo2.testing-testing-ws.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-demo2.example.test + name: 4test-demo2.testing-ingress-app.01 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/ws + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing.4test-demo2.svc + name: 4test-demo2.testing-testing.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-demo2-admin.example.test + name: 4test-demo2.testing-ingress-admin.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-demo2.example.test + name: 4test-demo2.testing-ingress-app.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/api + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-static-admin.4test-demo2.svc + name: 4test-demo2.testing-static-admin.80 + path: /static/admin + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-demo2-admin.example.test + name: 4test-demo2.testing-ingress-admin-static.00 + methods: + - GET + paths: + - /4test/static/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https +- connect_timeout: 60000 + host: testing-static.4test-demo2.svc + name: 4test-demo2.testing-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-demo2.example.test + name: 4test-demo2.testing-ingress-static.00 + paths: + - /4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: something-static.4test-dev.svc + name: 4test-dev.something-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-dev.example.test + name: 4test-dev.something-ingress-static.00 + paths: + - /something/4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing-ws.4test-dev.svc + name: 4test-dev.testing-testing-ws.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-dev.example.test + name: 4test-dev.testing-ingress-app.01 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/ws + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing.4test-dev.svc + name: 4test-dev.testing-testing.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-dev-admin.example.test + name: 4test-dev.testing-ingress-admin.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-dev.example.test + name: 4test-dev.testing-ingress-app.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/api + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-static-admin.4test-dev.svc + name: 4test-dev.testing-static-admin.80 + path: /static/admin + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-dev-admin.example.test + name: 4test-dev.testing-ingress-admin-static.00 + methods: + - GET + paths: + - /4test/static/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https +- connect_timeout: 60000 + host: testing-static.4test-dev.svc + name: 4test-dev.testing-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-dev.example.test + name: 4test-dev.testing-ingress-static.00 + paths: + - /4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: something-static.4test-athing4-sothings.svc + name: 4test-athing4-sothings.something-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing4-sothings.example.test + name: 4test-athing4-sothings.something-ingress-static.00 + paths: + - /something/4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing-ws.4test-athing4-sothings.svc + name: 4test-athing4-sothings.testing-testing-ws.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing4-sothings.example.test + name: 4test-athing4-sothings.testing-ingress-app.01 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/ws + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing.4test-athing4-sothings.svc + name: 4test-athing4-sothings.testing-testing.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing4-sothings-admin.example.test + name: 4test-athing4-sothings.testing-ingress-admin.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-athing4-sothings.example.test + name: 4test-athing4-sothings.testing-ingress-app.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/api + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-static-admin.4test-athing4-sothings.svc + name: 4test-athing4-sothings.testing-static-admin.80 + path: /static/admin + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing4-sothings-admin.example.test + name: 4test-athing4-sothings.testing-ingress-admin-static.00 + methods: + - GET + paths: + - /4test/static/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https +- connect_timeout: 60000 + host: testing-static.4test-athing4-sothings.svc + name: 4test-athing4-sothings.testing-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing4-sothings.example.test + name: 4test-athing4-sothings.testing-ingress-static.00 + paths: + - /4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: something-static.4test-athing5-cousin.svc + name: 4test-athing5-cousin.something-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing5-cousin.example.test + name: 4test-athing5-cousin.something-ingress-static.00 + paths: + - /something/4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing-ws.4test-athing5-cousin.svc + name: 4test-athing5-cousin.testing-testing-ws.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing5-cousin.example.test + name: 4test-athing5-cousin.testing-ingress-app.01 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/ws + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing.4test-athing5-cousin.svc + name: 4test-athing5-cousin.testing-testing.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing5-cousin-admin.example.test + name: 4test-athing5-cousin.testing-ingress-admin.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-athing5-cousin.example.test + name: 4test-athing5-cousin.testing-ingress-app.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/api + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-static-admin.4test-athing5-cousin.svc + name: 4test-athing5-cousin.testing-static-admin.80 + path: /static/admin + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing5-cousin-admin.example.test + name: 4test-athing5-cousin.testing-ingress-admin-static.00 + methods: + - GET + paths: + - /4test/static/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https +- connect_timeout: 60000 + host: testing-static.4test-athing5-cousin.svc + name: 4test-athing5-cousin.testing-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing5-cousin.example.test + name: 4test-athing5-cousin.testing-ingress-static.00 + paths: + - /4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: something-static.4test-athing5-verythings.svc + name: 4test-athing5-verythings.something-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing5-verythings.example.test + name: 4test-athing5-verythings.something-ingress-static.00 + paths: + - /something/4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing-ws.4test-athing5-verythings.svc + name: 4test-athing5-verythings.testing-testing-ws.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing5-verythings.example.test + name: 4test-athing5-verythings.testing-ingress-app.01 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/ws + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing.4test-athing5-verythings.svc + name: 4test-athing5-verythings.testing-testing.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing5-verythings-admin.example.test + name: 4test-athing5-verythings.testing-ingress-admin.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-athing5-verythings.example.test + name: 4test-athing5-verythings.testing-ingress-app.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/api + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-static-admin.4test-athing5-verythings.svc + name: 4test-athing5-verythings.testing-static-admin.80 + path: /static/admin + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing5-verythings-admin.example.test + name: 4test-athing5-verythings.testing-ingress-admin-static.00 + methods: + - GET + paths: + - /4test/static/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https +- connect_timeout: 60000 + host: testing-static.4test-athing5-verythings.svc + name: 4test-athing5-verythings.testing-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing5-verythings.example.test + name: 4test-athing5-verythings.testing-ingress-static.00 + paths: + - /4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: something-static.4test-athing5-ygbkm.svc + name: 4test-athing5-ygbkm.something-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing5-ygbkm.example.test + name: 4test-athing5-ygbkm.something-ingress-static.00 + paths: + - /something/4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing-ws.4test-athing5-ygbkm.svc + name: 4test-athing5-ygbkm.testing-testing-ws.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing5-ygbkm.example.test + name: 4test-athing5-ygbkm.testing-ingress-app.01 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/ws + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing.4test-athing5-ygbkm.svc + name: 4test-athing5-ygbkm.testing-testing.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing5-ygbkm-admin.example.test + name: 4test-athing5-ygbkm.testing-ingress-admin.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-athing5-ygbkm.example.test + name: 4test-athing5-ygbkm.testing-ingress-app.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/api + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-static-admin.4test-athing5-ygbkm.svc + name: 4test-athing5-ygbkm.testing-static-admin.80 + path: /static/admin + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing5-ygbkm-admin.example.test + name: 4test-athing5-ygbkm.testing-ingress-admin-static.00 + methods: + - GET + paths: + - /4test/static/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https +- connect_timeout: 60000 + host: testing-static.4test-athing5-ygbkm.svc + name: 4test-athing5-ygbkm.testing-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing5-ygbkm.example.test + name: 4test-athing5-ygbkm.testing-ingress-static.00 + paths: + - /4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: something-static.4test-athing5-gothings.svc + name: 4test-athing5-gothings.something-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing5-gothings.example.test + name: 4test-athing5-gothings.something-ingress-static.00 + paths: + - /something/4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing-ws.4test-athing5-gothings.svc + name: 4test-athing5-gothings.testing-testing-ws.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing5-gothings.example.test + name: 4test-athing5-gothings.testing-ingress-app.01 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/ws + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing.4test-athing5-gothings.svc + name: 4test-athing5-gothings.testing-testing.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing5-gothings-admin.example.test + name: 4test-athing5-gothings.testing-ingress-admin.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-athing5-gothings.example.test + name: 4test-athing5-gothings.testing-ingress-app.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/api + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-static-admin.4test-athing5-gothings.svc + name: 4test-athing5-gothings.testing-static-admin.80 + path: /static/admin + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing5-gothings-admin.example.test + name: 4test-athing5-gothings.testing-ingress-admin-static.00 + methods: + - GET + paths: + - /4test/static/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https +- connect_timeout: 60000 + host: testing-static.4test-athing5-gothings.svc + name: 4test-athing5-gothings.testing-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing5-gothings.example.test + name: 4test-athing5-gothings.testing-ingress-static.00 + paths: + - /4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: something-static.4test-athing5-clever.svc + name: 4test-athing5-clever.something-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing5-clever.example.test + name: 4test-athing5-clever.something-ingress-static.00 + paths: + - /something/4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing-ws.4test-athing5-clever.svc + name: 4test-athing5-clever.testing-testing-ws.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing5-clever.example.test + name: 4test-athing5-clever.testing-ingress-app.01 + methods: + - POST + - GET + - PATCH + - PUT + paths: + - /4test/ws + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing.4test-athing5-clever.svc + name: 4test-athing5-clever.testing-testing.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing5-clever-admin.example.test + name: 4test-athing5-clever.testing-ingress-admin.00 + methods: + - POST + - GET + - PATCH + - PUT + paths: + - /4test/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-athing5-clever.example.test + name: 4test-athing5-clever.testing-ingress-app.00 + methods: + - POST + - GET + - PATCH + - PUT + paths: + - /4test/api + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-static-admin.4test-athing5-clever.svc + name: 4test-athing5-clever.testing-static-admin.80 + path: /static/admin + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing5-clever-admin.example.test + name: 4test-athing5-clever.testing-ingress-admin-static.00 + methods: + - GET + paths: + - /4test/static/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https +- connect_timeout: 60000 + host: testing-static.4test-athing5-clever.svc + name: 4test-athing5-clever.testing-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing5-clever.example.test + name: 4test-athing5-clever.testing-ingress-static.00 + paths: + - /4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: something-static.4test-athing6-itis.svc + name: 4test-athing6-itis.something-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing6-itis.example.test + name: 4test-athing6-itis.something-ingress-static.00 + paths: + - /something/4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing-ws.4test-athing6-itis.svc + name: 4test-athing6-itis.testing-testing-ws.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing6-itis.example.test + name: 4test-athing6-itis.testing-ingress-app.01 + methods: + - POST + - GET + - PATCH + - PUT + paths: + - /4test/ws + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing.4test-athing6-itis.svc + name: 4test-athing6-itis.testing-testing.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing6-itis-admin.example.test + name: 4test-athing6-itis.testing-ingress-admin.01 + paths: + - /4test/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-athing6-itis.example.test + name: 4test-athing6-itis.testing-ingress-app.00 + methods: + - POST + - GET + - PATCH + - PUT + paths: + - /4test/api + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-static.4test-athing6-itis.svc + name: 4test-athing6-itis.testing-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing6-itis-admin.example.test + name: 4test-athing6-itis.testing-ingress-admin.00 + paths: + - /4test/static/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-athing6-itis.example.test + name: 4test-athing6-itis.testing-ingress-static.00 + paths: + - /4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: something-static.4test-tldr.svc + name: 4test-tldr.something-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-tldr.example.test + name: 4test-tldr.something-ingress-static.00 + paths: + - /something/4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing-ws.4test-tldr.svc + name: 4test-tldr.testing-testing-ws.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-tldr.example.test + name: 4test-tldr.testing-ingress-app.01 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/ws + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing.4test-tldr.svc + name: 4test-tldr.testing-testing.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-tldr-admin.example.test + name: 4test-tldr.testing-ingress-admin.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-tldr.example.test + name: 4test-tldr.testing-ingress-app.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/api + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-static-admin.4test-tldr.svc + name: 4test-tldr.testing-static-admin.80 + path: /static/admin + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-tldr-admin.example.test + name: 4test-tldr.testing-ingress-admin-static.00 + methods: + - GET + paths: + - /4test/static/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https +- connect_timeout: 60000 + host: testing-static.4test-tldr.svc + name: 4test-tldr.testing-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-tldr.example.test + name: 4test-tldr.testing-ingress-static.00 + paths: + - /4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: something-static.4test-shock.svc + name: 4test-shock.something-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-shock.example.test + name: 4test-shock.something-ingress-static.00 + paths: + - /something/4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing-ws.4test-shock.svc + name: 4test-shock.testing-testing-ws.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-shock.example.test + name: 4test-shock.testing-ingress-app.01 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/ws + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing.4test-shock.svc + name: 4test-shock.testing-testing.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-shock-admin.example.test + name: 4test-shock.testing-ingress-admin.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-shock.example.test + name: 4test-shock.testing-ingress-app.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/api + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-static-admin.4test-shock.svc + name: 4test-shock.testing-static-admin.80 + path: /static/admin + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-shock-admin.example.test + name: 4test-shock.testing-ingress-admin-static.00 + methods: + - GET + paths: + - /4test/static/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https +- connect_timeout: 60000 + host: testing-static.4test-shock.svc + name: 4test-shock.testing-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-shock.example.test + name: 4test-shock.testing-ingress-static.00 + paths: + - /4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: something-static.4test-local.svc + name: 4test-local.something-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-local.example.test + name: 4test-local.something-ingress-static.00 + paths: + - /something/4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing-ws.4test-local.svc + name: 4test-local.testing-testing-ws.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-local.example.test + name: 4test-local.testing-ingress-app.01 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/ws + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing.4test-local.svc + name: 4test-local.testing-testing.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-local-admin.example.test + name: 4test-local.testing-ingress-admin.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-local.example.test + name: 4test-local.testing-ingress-app.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/api + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-static-admin.4test-local.svc + name: 4test-local.testing-static-admin.80 + path: /static/admin + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-local-admin.example.test + name: 4test-local.testing-ingress-admin-static.00 + methods: + - GET + paths: + - /4test/static/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https +- connect_timeout: 60000 + host: testing-static.4test-local.svc + name: 4test-local.testing-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-local.example.test + name: 4test-local.testing-ingress-static.00 + paths: + - /4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: something-static.4test-newthings.svc + name: 4test-newthings.something-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-newthings.example.test + name: 4test-newthings.something-ingress-static.00 + paths: + - /something/4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing-ws.4test-newthings.svc + name: 4test-newthings.testing-testing-ws.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-newthings.example.test + name: 4test-newthings.testing-ingress-app.01 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/ws + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing.4test-newthings.svc + name: 4test-newthings.testing-testing.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-newthings-admin.example.test + name: 4test-newthings.testing-ingress-admin.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-newthings.example.test + name: 4test-newthings.testing-ingress-app.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/api + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-static-admin.4test-newthings.svc + name: 4test-newthings.testing-static-admin.80 + path: /static/admin + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-newthings-admin.example.test + name: 4test-newthings.testing-ingress-admin-static.00 + methods: + - GET + paths: + - /4test/static/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https +- connect_timeout: 60000 + host: testing-static.4test-newthings.svc + name: 4test-newthings.testing-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-newthings.example.test + name: 4test-newthings.testing-ingress-static.00 + paths: + - /4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: something-static.4test-athing7-halftest.svc + name: 4test-athing7-halftest.something-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing7-halftest.example.test + name: 4test-athing7-halftest.something-ingress-static.00 + paths: + - /something/4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing-ws.4test-athing7-halftest.svc + name: 4test-athing7-halftest.testing-testing-ws.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing7-halftest.example.test + name: 4test-athing7-halftest.testing-ingress-app.01 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/ws + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing.4test-athing7-halftest.svc + name: 4test-athing7-halftest.testing-testing.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing7-halftest-admin.example.test + name: 4test-athing7-halftest.testing-ingress-admin.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-athing7-halftest.example.test + name: 4test-athing7-halftest.testing-ingress-app.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/api + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-static-admin.4test-athing7-halftest.svc + name: 4test-athing7-halftest.testing-static-admin.80 + path: /static/admin + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing7-halftest-admin.example.test + name: 4test-athing7-halftest.testing-ingress-admin-static.00 + methods: + - GET + paths: + - /4test/static/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https +- connect_timeout: 60000 + host: testing-static.4test-athing7-halftest.svc + name: 4test-athing7-halftest.testing-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing7-halftest.example.test + name: 4test-athing7-halftest.testing-ingress-static.00 + paths: + - /4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: something-static.4test-athing7-moartests.svc + name: 4test-athing7-moartests.something-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing7-moartests.example.test + name: 4test-athing7-moartests.something-ingress-static.00 + paths: + - /something/4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing-ws.4test-athing7-moartests.svc + name: 4test-athing7-moartests.testing-testing-ws.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing7-moartests.example.test + name: 4test-athing7-moartests.testing-ingress-app.01 + methods: + - POST + - GET + - PATCH + - PUT + paths: + - /4test/ws + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing.4test-athing7-moartests.svc + name: 4test-athing7-moartests.testing-testing.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing7-moartests-admin.example.test + name: 4test-athing7-moartests.testing-ingress-admin.01 + paths: + - /4test/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-athing7-moartests.example.test + name: 4test-athing7-moartests.testing-ingress-app.00 + methods: + - POST + - GET + - PATCH + - PUT + paths: + - /4test/api + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-static.4test-athing7-moartests.svc + name: 4test-athing7-moartests.testing-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing7-moartests-admin.example.test + name: 4test-athing7-moartests.testing-ingress-admin.00 + paths: + - /4test/static/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-athing7-moartests.example.test + name: 4test-athing7-moartests.testing-ingress-static.00 + paths: + - /4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: something-static.4test-athing7-gettests.svc + name: 4test-athing7-gettests.something-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing7-gettests.example.test + name: 4test-athing7-gettests.something-ingress-static.00 + paths: + - /something/4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing-ws.4test-athing7-gettests.svc + name: 4test-athing7-gettests.testing-testing-ws.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing7-gettests.example.test + name: 4test-athing7-gettests.testing-ingress-app.01 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/ws + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing.4test-athing7-gettests.svc + name: 4test-athing7-gettests.testing-testing.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing7-gettests-admin.example.test + name: 4test-athing7-gettests.testing-ingress-admin.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-athing7-gettests.example.test + name: 4test-athing7-gettests.testing-ingress-app.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/api + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-static-admin.4test-athing7-gettests.svc + name: 4test-athing7-gettests.testing-static-admin.80 + path: /static/admin + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing7-gettests-admin.example.test + name: 4test-athing7-gettests.testing-ingress-admin-static.00 + methods: + - GET + paths: + - /4test/static/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https +- connect_timeout: 60000 + host: testing-static.4test-athing7-gettests.svc + name: 4test-athing7-gettests.testing-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing7-gettests.example.test + name: 4test-athing7-gettests.testing-ingress-static.00 + paths: + - /4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: something-static.4test-gottests.svc + name: 4test-gottests.something-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-gottests.example.test + name: 4test-gottests.something-ingress-static.00 + paths: + - /something/4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing-ws.4test-gottests.svc + name: 4test-gottests.testing-testing-ws.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-gottests.example.test + name: 4test-gottests.testing-ingress-app.01 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/ws + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing.4test-gottests.svc + name: 4test-gottests.testing-testing.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-gottests-admin.example.test + name: 4test-gottests.testing-ingress-admin.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-gottests.example.test + name: 4test-gottests.testing-ingress-app.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/api + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-static-admin.4test-gottests.svc + name: 4test-gottests.testing-static-admin.80 + path: /static/admin + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-gottests-admin.example.test + name: 4test-gottests.testing-ingress-admin-static.00 + methods: + - GET + paths: + - /4test/static/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https +- connect_timeout: 60000 + host: testing-static.4test-gottests.svc + name: 4test-gottests.testing-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-gottests.example.test + name: 4test-gottests.testing-ingress-static.00 + paths: + - /4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: something-static.4test-fam.svc + name: 4test-fam.something-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-fam.example.test + name: 4test-fam.something-ingress-static.00 + paths: + - /something/4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing-ws.4test-fam.svc + name: 4test-fam.testing-testing-ws.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-fam.example.test + name: 4test-fam.testing-ingress-app.01 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/ws + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing.4test-fam.svc + name: 4test-fam.testing-testing.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-fam-admin.example.test + name: 4test-fam.testing-ingress-admin.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-fam.example.test + name: 4test-fam.testing-ingress-app.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/api + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-static-admin.4test-fam.svc + name: 4test-fam.testing-static-admin.80 + path: /static/admin + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-fam-admin.example.test + name: 4test-fam.testing-ingress-admin-static.00 + methods: + - GET + paths: + - /4test/static/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https +- connect_timeout: 60000 + host: testing-static.4test-fam.svc + name: 4test-fam.testing-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-fam.example.test + name: 4test-fam.testing-ingress-static.00 + paths: + - /4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: something-static.4test-athing8-2007.svc + name: 4test-athing8-2007.something-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing8-2007.example.test + name: 4test-athing8-2007.something-ingress-static.00 + paths: + - /something/4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing-ws.4test-athing8-2007.svc + name: 4test-athing8-2007.testing-testing-ws.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing8-2007.example.test + name: 4test-athing8-2007.testing-ingress-app.01 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/ws + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing.4test-athing8-2007.svc + name: 4test-athing8-2007.testing-testing.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing8-2007-admin.example.test + name: 4test-athing8-2007.testing-ingress-admin.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-athing8-2007.example.test + name: 4test-athing8-2007.testing-ingress-app.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/api + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-static-admin.4test-athing8-2007.svc + name: 4test-athing8-2007.testing-static-admin.80 + path: /static/admin + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing8-2007-admin.example.test + name: 4test-athing8-2007.testing-ingress-admin-static.00 + methods: + - GET + paths: + - /4test/static/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https +- connect_timeout: 60000 + host: testing-static.4test-athing8-2007.svc + name: 4test-athing8-2007.testing-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing8-2007.example.test + name: 4test-athing8-2007.testing-ingress-static.00 + paths: + - /4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: something-static.4test-grantests.svc + name: 4test-grantests.something-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-grantests.example.test + name: 4test-grantests.something-ingress-static.00 + paths: + - /something/4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing-ws.4test-grantests.svc + name: 4test-grantests.testing-testing-ws.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-grantests.example.test + name: 4test-grantests.testing-ingress-app.01 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/ws + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing.4test-grantests.svc + name: 4test-grantests.testing-testing.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-grantests-admin.example.test + name: 4test-grantests.testing-ingress-admin.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-grantests.example.test + name: 4test-grantests.testing-ingress-app.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/api + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-static-admin.4test-grantests.svc + name: 4test-grantests.testing-static-admin.80 + path: /static/admin + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-grantests-admin.example.test + name: 4test-grantests.testing-ingress-admin-static.00 + methods: + - GET + paths: + - /4test/static/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https +- connect_timeout: 60000 + host: testing-static.4test-grantests.svc + name: 4test-grantests.testing-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-grantests.example.test + name: 4test-grantests.testing-ingress-static.00 + paths: + - /4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: something-static.4test-btests.svc + name: 4test-btests.something-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-btests.example.test + name: 4test-btests.something-ingress-static.00 + paths: + - /something/4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing-ws.4test-btests.svc + name: 4test-btests.testing-testing-ws.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-btests.example.test + name: 4test-btests.testing-ingress-app.01 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/ws + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing.4test-btests.svc + name: 4test-btests.testing-testing.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-btests-admin.example.test + name: 4test-btests.testing-ingress-admin.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-btests.example.test + name: 4test-btests.testing-ingress-app.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/api + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-static-admin.4test-btests.svc + name: 4test-btests.testing-static-admin.80 + path: /static/admin + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-btests-admin.example.test + name: 4test-btests.testing-ingress-admin-static.00 + methods: + - GET + paths: + - /4test/static/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https +- connect_timeout: 60000 + host: testing-static.4test-btests.svc + name: 4test-btests.testing-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-btests.example.test + name: 4test-btests.testing-ingress-static.00 + paths: + - /4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: something-static.4test-lttl.svc + name: 4test-lttl.something-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-lttl.example.test + name: 4test-lttl.something-ingress-static.00 + paths: + - /something/4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing-ws.4test-lttl.svc + name: 4test-lttl.testing-testing-ws.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-lttl.example.test + name: 4test-lttl.testing-ingress-app.01 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/ws + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing.4test-lttl.svc + name: 4test-lttl.testing-testing.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-lttl-admin.example.test + name: 4test-lttl.testing-ingress-admin.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-lttl.example.test + name: 4test-lttl.testing-ingress-app.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/api + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-static-admin.4test-lttl.svc + name: 4test-lttl.testing-static-admin.80 + path: /static/admin + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-lttl-admin.example.test + name: 4test-lttl.testing-ingress-admin-static.00 + methods: + - GET + paths: + - /4test/static/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https +- connect_timeout: 60000 + host: testing-static.4test-lttl.svc + name: 4test-lttl.testing-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-lttl.example.test + name: 4test-lttl.testing-ingress-static.00 + paths: + - /4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: something-static.4test-athing9-valid.svc + name: 4test-athing9-valid.something-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing9-valid.example.test + name: 4test-athing9-valid.something-ingress-static.00 + paths: + - /something/4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing-ws.4test-athing9-valid.svc + name: 4test-athing9-valid.testing-testing-ws.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing9-valid.example.test + name: 4test-athing9-valid.testing-ingress-app.01 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/ws + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing.4test-athing9-valid.svc + name: 4test-athing9-valid.testing-testing.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing9-valid-admin.example.test + name: 4test-athing9-valid.testing-ingress-admin.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-athing9-valid.example.test + name: 4test-athing9-valid.testing-ingress-app.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/api + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-static-admin.4test-athing9-valid.svc + name: 4test-athing9-valid.testing-static-admin.80 + path: /static/admin + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing9-valid-admin.example.test + name: 4test-athing9-valid.testing-ingress-admin-static.00 + methods: + - GET + paths: + - /4test/static/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https +- connect_timeout: 60000 + host: testing-static.4test-athing9-valid.svc + name: 4test-athing9-valid.testing-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing9-valid.example.test + name: 4test-athing9-valid.testing-ingress-static.00 + paths: + - /4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: something-static.4test-athing9-morevalid.svc + name: 4test-athing9-morevalid.something-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing9-morevalid.example.test + name: 4test-athing9-morevalid.something-ingress-static.00 + paths: + - /something/4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing-ws.4test-athing9-morevalid.svc + name: 4test-athing9-morevalid.testing-testing-ws.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing9-morevalid.example.test + name: 4test-athing9-morevalid.testing-ingress-app.01 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/ws + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing.4test-athing9-morevalid.svc + name: 4test-athing9-morevalid.testing-testing.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing9-morevalid-admin.example.test + name: 4test-athing9-morevalid.testing-ingress-admin.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-athing9-morevalid.example.test + name: 4test-athing9-morevalid.testing-ingress-app.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/api + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-static-admin.4test-athing9-morevalid.svc + name: 4test-athing9-morevalid.testing-static-admin.80 + path: /static/admin + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing9-morevalid-admin.example.test + name: 4test-athing9-morevalid.testing-ingress-admin-static.00 + methods: + - GET + paths: + - /4test/static/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https +- connect_timeout: 60000 + host: testing-static.4test-athing9-morevalid.svc + name: 4test-athing9-morevalid.testing-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing9-morevalid.example.test + name: 4test-athing9-morevalid.testing-ingress-static.00 + paths: + - /4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: something-static.4test-athing9-wanttotest.svc + name: 4test-athing9-wanttotest.something-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing9-wanttotest.example.test + name: 4test-athing9-wanttotest.something-ingress-static.00 + paths: + - /something/4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing-ws.4test-athing9-wanttotest.svc + name: 4test-athing9-wanttotest.testing-testing-ws.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing9-wanttotest.example.test + name: 4test-athing9-wanttotest.testing-ingress-app.01 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/ws + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing.4test-athing9-wanttotest.svc + name: 4test-athing9-wanttotest.testing-testing.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing9-wanttotest-admin.example.test + name: 4test-athing9-wanttotest.testing-ingress-admin.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-athing9-wanttotest.example.test + name: 4test-athing9-wanttotest.testing-ingress-app.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/api + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-static-admin.4test-athing9-wanttotest.svc + name: 4test-athing9-wanttotest.testing-static-admin.80 + path: /static/admin + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing9-wanttotest-admin.example.test + name: 4test-athing9-wanttotest.testing-ingress-admin-static.00 + methods: + - GET + paths: + - /4test/static/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https +- connect_timeout: 60000 + host: testing-static.4test-athing9-wanttotest.svc + name: 4test-athing9-wanttotest.testing-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing9-wanttotest.example.test + name: 4test-athing9-wanttotest.testing-ingress-static.00 + paths: + - /4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: something-static.4test-athing9-whichtest.svc + name: 4test-athing9-whichtest.something-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing9-whichtest.example.test + name: 4test-athing9-whichtest.something-ingress-static.00 + paths: + - /something/4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing-ws.4test-athing9-whichtest.svc + name: 4test-athing9-whichtest.testing-testing-ws.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing9-whichtest.example.test + name: 4test-athing9-whichtest.testing-ingress-app.01 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/ws + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing.4test-athing9-whichtest.svc + name: 4test-athing9-whichtest.testing-testing.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing9-whichtest-admin.example.test + name: 4test-athing9-whichtest.testing-ingress-admin.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-athing9-whichtest.example.test + name: 4test-athing9-whichtest.testing-ingress-app.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/api + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-static-admin.4test-athing9-whichtest.svc + name: 4test-athing9-whichtest.testing-static-admin.80 + path: /static/admin + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing9-whichtest-admin.example.test + name: 4test-athing9-whichtest.testing-ingress-admin-static.00 + methods: + - GET + paths: + - /4test/static/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https +- connect_timeout: 60000 + host: testing-static.4test-athing9-whichtest.svc + name: 4test-athing9-whichtest.testing-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing9-whichtest.example.test + name: 4test-athing9-whichtest.testing-ingress-static.00 + paths: + - /4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: something-static.4test-athing9-frank.svc + name: 4test-athing9-frank.something-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing9-frank.example.test + name: 4test-athing9-frank.something-ingress-static.00 + paths: + - /something/4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: something-static.4test-athing9-nsf.svc + name: 4test-athing9-nsf.something-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing9-nsf.example.test + name: 4test-athing9-nsf.something-ingress-static.00 + paths: + - /something/4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing-ws.4test-athing9-nsf.svc + name: 4test-athing9-nsf.testing-testing-ws.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing9-nsf.example.test + name: 4test-athing9-nsf.testing-ingress-app.01 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/ws + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing.4test-athing9-nsf.svc + name: 4test-athing9-nsf.testing-testing.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing9-nsf-admin.example.test + name: 4test-athing9-nsf.testing-ingress-admin.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-athing9-nsf.example.test + name: 4test-athing9-nsf.testing-ingress-app.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/api + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-static-admin.4test-athing9-nsf.svc + name: 4test-athing9-nsf.testing-static-admin.80 + path: /static/admin + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing9-nsf-admin.example.test + name: 4test-athing9-nsf.testing-ingress-admin-static.00 + methods: + - GET + paths: + - /4test/static/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https +- connect_timeout: 60000 + host: testing-static.4test-athing9-nsf.svc + name: 4test-athing9-nsf.testing-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing9-nsf.example.test + name: 4test-athing9-nsf.testing-ingress-static.00 + paths: + - /4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: something-static.4test-athing10-jnk.svc + name: 4test-athing10-jnk.something-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing10-jnk.example.test + name: 4test-athing10-jnk.something-ingress-static.00 + paths: + - /something/4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing-ws.4test-athing10-jnk.svc + name: 4test-athing10-jnk.testing-testing-ws.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing10-jnk.example.test + name: 4test-athing10-jnk.testing-ingress-app.01 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/ws + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing.4test-athing10-jnk.svc + name: 4test-athing10-jnk.testing-testing.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing10-jnk-admin.example.test + name: 4test-athing10-jnk.testing-ingress-admin.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-athing10-jnk.example.test + name: 4test-athing10-jnk.testing-ingress-app.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/api + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-static-admin.4test-athing10-jnk.svc + name: 4test-athing10-jnk.testing-static-admin.80 + path: /static/admin + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing10-jnk-admin.example.test + name: 4test-athing10-jnk.testing-ingress-admin-static.00 + methods: + - GET + paths: + - /4test/static/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https +- connect_timeout: 60000 + host: testing-static.4test-athing10-jnk.svc + name: 4test-athing10-jnk.testing-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing10-jnk.example.test + name: 4test-athing10-jnk.testing-ingress-static.00 + paths: + - /4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: something-static.4test-athing10-local.svc + name: 4test-athing10-local.something-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing10-local.example.test + name: 4test-athing10-local.something-ingress-static.00 + paths: + - /something/4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing-ws.4test-athing10-local.svc + name: 4test-athing10-local.testing-testing-ws.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing10-local.example.test + name: 4test-athing10-local.testing-ingress-app.01 + methods: + - POST + - GET + - PATCH + - PUT + paths: + - /4test/ws + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing.4test-athing10-local.svc + name: 4test-athing10-local.testing-testing.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing10-local-admin.example.test + name: 4test-athing10-local.testing-ingress-admin.00 + methods: + - POST + - GET + - PATCH + - PUT + paths: + - /4test/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-athing10-local.example.test + name: 4test-athing10-local.testing-ingress-app.00 + methods: + - POST + - GET + - PATCH + - PUT + paths: + - /4test/api + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-static-admin.4test-athing10-local.svc + name: 4test-athing10-local.testing-static-admin.80 + path: /static/admin + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing10-local-admin.example.test + name: 4test-athing10-local.testing-ingress-admin-static.00 + methods: + - GET + paths: + - /4test/static/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https +- connect_timeout: 60000 + host: testing-static.4test-athing10-local.svc + name: 4test-athing10-local.testing-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing10-local.example.test + name: 4test-athing10-local.testing-ingress-static.00 + paths: + - /4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: something-static.4test-athing10-bbitw.svc + name: 4test-athing10-bbitw.something-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing10-bbitw.example.test + name: 4test-athing10-bbitw.something-ingress-static.00 + paths: + - /something/4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing-ws.4test-athing10-bbitw.svc + name: 4test-athing10-bbitw.testing-testing-ws.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing10-bbitw.example.test + name: 4test-athing10-bbitw.testing-ingress-app.01 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/ws + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing.4test-athing10-bbitw.svc + name: 4test-athing10-bbitw.testing-testing.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing10-bbitw-admin.example.test + name: 4test-athing10-bbitw.testing-ingress-admin.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-athing10-bbitw.example.test + name: 4test-athing10-bbitw.testing-ingress-app.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/api + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-static-admin.4test-athing10-bbitw.svc + name: 4test-athing10-bbitw.testing-static-admin.80 + path: /static/admin + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing10-bbitw-admin.example.test + name: 4test-athing10-bbitw.testing-ingress-admin-static.00 + methods: + - GET + paths: + - /4test/static/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https +- connect_timeout: 60000 + host: testing-static.4test-athing10-bbitw.svc + name: 4test-athing10-bbitw.testing-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing10-bbitw.example.test + name: 4test-athing10-bbitw.testing-ingress-static.00 + paths: + - /4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: something-static.4test-athing10-gettests.svc + name: 4test-athing10-gettests.something-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing10-gettests.example.test + name: 4test-athing10-gettests.something-ingress-static.00 + paths: + - /something/4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing-ws.4test-athing10-gettests.svc + name: 4test-athing10-gettests.testing-testing-ws.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing10-gettests.example.test + name: 4test-athing10-gettests.testing-ingress-app.01 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/ws + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing.4test-athing10-gettests.svc + name: 4test-athing10-gettests.testing-testing.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing10-gettests-admin.example.test + name: 4test-athing10-gettests.testing-ingress-admin.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-athing10-gettests.example.test + name: 4test-athing10-gettests.testing-ingress-app.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/api + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-static-admin.4test-athing10-gettests.svc + name: 4test-athing10-gettests.testing-static-admin.80 + path: /static/admin + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing10-gettests-admin.example.test + name: 4test-athing10-gettests.testing-ingress-admin-static.00 + methods: + - GET + paths: + - /4test/static/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https +- connect_timeout: 60000 + host: testing-static.4test-athing10-gettests.svc + name: 4test-athing10-gettests.testing-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing10-gettests.example.test + name: 4test-athing10-gettests.testing-ingress-static.00 + paths: + - /4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: something-static.4test-athing10-phn.svc + name: 4test-athing10-phn.something-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing10-phn.example.test + name: 4test-athing10-phn.something-ingress-static.00 + paths: + - /something/4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing-ws.4test-athing10-phn.svc + name: 4test-athing10-phn.testing-testing-ws.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing10-phn.example.test + name: 4test-athing10-phn.testing-ingress-app.01 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/ws + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing.4test-athing10-phn.svc + name: 4test-athing10-phn.testing-testing.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing10-tim-admin.example.test + name: 4test-athing10-phn.testing-ingress-admin.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-athing10-phn.example.test + name: 4test-athing10-phn.testing-ingress-app.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/api + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-static-admin.4test-athing10-phn.svc + name: 4test-athing10-phn.testing-static-admin.80 + path: /static/admin + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing10-tim-admin.example.test + name: 4test-athing10-phn.testing-ingress-admin-static.00 + methods: + - GET + paths: + - /4test/static/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https +- connect_timeout: 60000 + host: testing-static.4test-athing10-phn.svc + name: 4test-athing10-phn.testing-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-athing10-phn.example.test + name: 4test-athing10-phn.testing-ingress-static.00 + paths: + - /4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: something-static.4test-test1.svc + name: 4test-test1.something-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-test1.example.test + name: 4test-test1.something-ingress-static.00 + paths: + - /something/4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing-ws.4test-test1.svc + name: 4test-test1.testing-testing-ws.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-test1.example.test + name: 4test-test1.testing-ingress-app.01 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/ws + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing.4test-test1.svc + name: 4test-test1.testing-testing.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-test1-admin.example.test + name: 4test-test1.testing-ingress-admin.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-test1.example.test + name: 4test-test1.testing-ingress-app.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/api + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-static-admin.4test-test1.svc + name: 4test-test1.testing-static-admin.80 + path: /static/admin + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-test1-admin.example.test + name: 4test-test1.testing-ingress-admin-static.00 + methods: + - GET + paths: + - /4test/static/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https +- connect_timeout: 60000 + host: testing-static.4test-test1.svc + name: 4test-test1.testing-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-test1.example.test + name: 4test-test1.testing-ingress-static.00 + paths: + - /4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: something-static.4test-test2.svc + name: 4test-test2.something-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-test2.example.test + name: 4test-test2.something-ingress-static.00 + paths: + - /something/4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing-ws.4test-test2.svc + name: 4test-test2.testing-testing-ws.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-test2.example.test + name: 4test-test2.testing-ingress-app.01 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/ws + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-testing.4test-test2.svc + name: 4test-test2.testing-testing.8000 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-test2-admin.example.test + name: 4test-test2.testing-ingress-admin.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https + - hosts: + - 4test-test2.example.test + name: 4test-test2.testing-ingress-app.00 + methods: + - POST + - GET + - PATCH + - PUT + - DELETE + paths: + - /4test/api + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: false + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: testing-static-admin.4test-test2.svc + name: 4test-test2.testing-static-admin.80 + path: /static/admin + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-test2-admin.example.test + name: 4test-test2.testing-ingress-admin-static.00 + methods: + - GET + paths: + - /4test/static/admin + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 + plugins: + - name: ip-restriction + config: + deny: null + allow: + - 0.0.0.0/0 + enabled: true + protocols: + - grpc + - grpcs + - http + - https +- connect_timeout: 60000 + host: testing-static.4test-test2.svc + name: 4test-test2.testing-static.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - 4test-test2.example.test + name: 4test-test2.testing-ingress-static.00 + paths: + - /4test + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: konga.kong.svc + name: kong.konga.http + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - konga-k8s-demo01-kong.example.test + name: kong.konga.00 + paths: + - / + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: grafana.monitoring.svc + name: monitoring.grafana.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - monitor-k8s-demo01-kong.example.test + name: monitoring.grafana.00 + paths: + - / + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +- connect_timeout: 60000 + host: prometheus-alertmanager.monitoring.svc + name: monitoring.prometheus-alertmanager.80 + path: / + port: 80 + protocol: http + read_timeout: 60000 + retries: 5 + write_timeout: 60000 + routes: + - hosts: + - alerts-k8s-demo01.example.test + name: monitoring.prometheus-alertmanager.00 + paths: + - / + preserve_host: true + protocols: + - http + - https + regex_priority: 0 + strip_path: true + https_redirect_status_code: 426 +upstreams: +- name: grafana.monitoring.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.121.148.48:3000 + weight: 100 +- name: konga.kong.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.127.223.36:1337 + weight: 100 +- name: prometheus-alertmanager.monitoring.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.121.228.142:9093 + weight: 100 +- name: something-static.4test-any.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.114.171.117:80 + weight: 100 +- name: something-static.4test-athing1-otherthing.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.112.197.249:80 + weight: 100 +- name: something-static.4test-athing1-name.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.100.77.172:80 + weight: 100 +- name: something-static.4test-athing1-othername.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.96.92.92:80 + weight: 100 +- name: something-static.4test-athing1-morenames.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.98.136.209:80 + weight: 100 +- name: something-static.4test-thatthing.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.113.31.239:80 + weight: 100 +- name: something-static.4test-athing2-suchthing.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.123.1.134:80 + weight: 100 +- name: something-static.4test-athing2-wow.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.123.1.159:80 + weight: 100 +- name: something-static.4test-manythings.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.122.180.113:80 + weight: 100 +- name: something-static.4test-verythings.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.112.140.52:80 + weight: 100 +- name: something-static.4test-athing3-tester2.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.115.236.20:80 + weight: 100 +- name: something-static.4test-athing3-oldthings.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.105.222.132:80 + weight: 100 +- name: something-static.4test-demo1.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.115.236.35:80 + weight: 100 +- name: something-static.4test-demo2.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.98.136.235:80 + weight: 100 +- name: something-static.4test-dev.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.121.228.172:80 + weight: 100 +- name: something-static.4test-athing4-sothings.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.122.91.74:80 + weight: 100 +- name: something-static.4test-athing5-cousin.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.114.85.47:80 + weight: 100 +- name: something-static.4test-athing5-verythings.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.114.171.126:80 + weight: 100 +- name: something-static.4test-athing5-ygbkm.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.123.141.107:80 + weight: 100 +- name: something-static.4test-athing5-gothings.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.112.140.30:80 + weight: 100 +- name: something-static.4test-athing5-clever.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.122.91.72:80 + weight: 100 +- name: something-static.4test-athing6-itis.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.127.101.121:80 + weight: 100 +- name: something-static.4test-tldr.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.114.171.100:80 + weight: 100 +- name: something-static.4test-shock.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.105.108.171:80 + weight: 100 +- name: something-static.4test-local.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.107.57.110:80 + weight: 100 +- name: something-static.4test-newthings.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.114.85.49:80 + weight: 100 +- name: something-static.4test-athing7-halftest.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.105.108.152:80 + weight: 100 +- name: something-static.4test-athing7-moartests.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.119.243.142:80 + weight: 100 +- name: something-static.4test-athing7-gettests.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.107.57.83:80 + weight: 100 +- name: something-static.4test-gottests.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.121.148.20:80 + weight: 100 +- name: something-static.4test-fam.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.96.92.105:80 + weight: 100 +- name: something-static.4test-athing8-2007.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.123.1.132:80 + weight: 100 +- name: something-static.4test-grantests.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.113.229.89:80 + weight: 100 +- name: something-static.4test-btests.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.98.136.205:80 + weight: 100 +- name: something-static.4test-lttl.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.119.243.166:80 + weight: 100 +- name: something-static.4test-athing9-valid.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.105.108.150:80 + weight: 100 +- name: something-static.4test-athing9-morevalid.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.122.91.100:80 + weight: 100 +- name: something-static.4test-athing9-wanttotest.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.113.229.121:80 + weight: 100 +- name: something-static.4test-athing9-whichtest.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.114.171.119:80 + weight: 100 +- name: something-static.4test-athing9-frank.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.105.108.141:80 + weight: 100 +- name: something-static.4test-athing9-nsf.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.105.108.187:80 + weight: 100 +- name: something-static.4test-athing10-jnk.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.121.148.40:80 + weight: 100 +- name: something-static.4test-athing10-local.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.99.213.12:80 + weight: 100 +- name: something-static.4test-athing10-bbitw.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.114.85.5:80 + weight: 100 +- name: something-static.4test-athing10-gettests.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.114.171.69:80 + weight: 100 +- name: something-static.4test-athing10-phn.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.97.79.106:80 + weight: 100 +- name: something-static.4test-test1.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.127.223.44:80 + weight: 100 +- name: something-static.4test-test2.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.121.228.136:80 + weight: 100 +- name: testing-testing-ws.4test-any.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.112.140.24:8000 + weight: 100 +- name: testing-testing-ws.4test-athing1-otherthing.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.121.228.169:8000 + weight: 100 +- name: testing-testing-ws.4test-athing1-name.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.123.1.174:8000 + weight: 100 +- name: testing-testing-ws.4test-athing1-othername.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.97.79.91:8000 + weight: 100 +- name: testing-testing-ws.4test-athing1-morenames.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.122.180.74:8000 + weight: 100 +- name: testing-testing-ws.4test-thatthing.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.98.136.216:8000 + weight: 100 +- name: testing-testing-ws.4test-athing2-suchthing.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.122.91.85:8000 + weight: 100 +- name: testing-testing-ws.4test-athing2-wow.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.100.77.179:8000 + weight: 100 +- name: testing-testing-ws.4test-manythings.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.114.171.108:8000 + weight: 100 +- name: testing-testing-ws.4test-verythings.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.113.229.92:8000 + weight: 100 +- name: testing-testing-ws.4test-athing3-tester2.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.122.91.105:8000 + weight: 100 +- name: testing-testing-ws.4test-athing3-oldthings.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.97.79.109:8000 + weight: 100 +- name: testing-testing-ws.4test-demo1.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.112.140.15:8000 + weight: 100 +- name: testing-testing-ws.4test-demo2.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.107.57.97:8000 + weight: 100 +- name: testing-testing-ws.4test-dev.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.127.21.148:8000 + weight: 100 +- name: testing-testing-ws.4test-athing4-sothings.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.114.85.12:8000 + weight: 100 +- name: testing-testing-ws.4test-athing5-cousin.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.121.148.17:8000 + weight: 100 +- name: testing-testing-ws.4test-athing5-verythings.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.122.91.99:8000 + weight: 100 +- name: testing-testing-ws.4test-athing5-ygbkm.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.105.108.172:8000 + weight: 100 +- name: testing-testing-ws.4test-athing5-gothings.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.105.222.165:8000 + weight: 100 +- name: testing-testing-ws.4test-athing5-clever.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.105.108.173:8000 + weight: 100 +- name: testing-testing-ws.4test-athing6-itis.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.115.236.23:8000 + weight: 100 +- name: testing-testing-ws.4test-tldr.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.119.243.162:8000 + weight: 100 +- name: testing-testing-ws.4test-shock.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.107.57.114:8000 + weight: 100 +- name: testing-testing-ws.4test-local.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.112.197.221:8000 + weight: 100 +- name: testing-testing-ws.4test-newthings.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.122.180.117:8000 + weight: 100 +- name: testing-testing-ws.4test-athing7-halftest.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.113.31.196:8000 + weight: 100 +- name: testing-testing-ws.4test-athing7-moartests.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.97.79.71:8000 + weight: 100 +- name: testing-testing-ws.4test-athing7-gettests.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.105.108.147:8000 + weight: 100 +- name: testing-testing-ws.4test-gottests.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.121.228.179:8000 + weight: 100 +- name: testing-testing-ws.4test-fam.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.103.246.60:8000 + weight: 100 +- name: testing-testing-ws.4test-athing8-2007.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.96.92.72:8000 + weight: 100 +- name: testing-testing-ws.4test-grantests.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.121.228.151:8000 + weight: 100 +- name: testing-testing-ws.4test-btests.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.112.197.232:8000 + weight: 100 +- name: testing-testing-ws.4test-lttl.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.123.1.166:8000 + weight: 100 +- name: testing-testing-ws.4test-athing9-valid.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.103.246.15:8000 + weight: 100 +- name: testing-testing-ws.4test-athing9-morevalid.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.103.246.63:8000 + weight: 100 +- name: testing-testing-ws.4test-athing9-wanttotest.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.113.229.106:8000 + weight: 100 +- name: testing-testing-ws.4test-athing9-whichtest.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.123.141.88:8000 + weight: 100 +- name: testing-testing-ws.4test-athing9-nsf.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.113.229.115:8000 + weight: 100 +- name: testing-testing-ws.4test-athing10-jnk.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.113.31.225:8000 + weight: 100 +- name: testing-testing-ws.4test-athing10-local.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.99.213.13:8000 + weight: 100 +- name: testing-testing-ws.4test-athing10-bbitw.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.123.1.179:8000 + weight: 100 +- name: testing-testing-ws.4test-athing10-gettests.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.120.185.28:8000 + weight: 100 +- name: testing-testing-ws.4test-athing10-phn.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.99.213.46:8000 + weight: 100 +- name: testing-testing-ws.4test-test1.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.121.228.137:8000 + weight: 100 +- name: testing-testing-ws.4test-test2.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.127.223.49:8000 + weight: 100 +- name: testing-testing.4test-any.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.114.85.54:8000 + weight: 100 +- name: testing-testing.4test-athing1-otherthing.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.100.77.169:8000 + weight: 100 +- name: testing-testing.4test-athing1-name.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.127.101.70:8000 + weight: 100 +- name: testing-testing.4test-athing1-othername.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.114.85.11:8000 + weight: 100 +- name: testing-testing.4test-athing1-morenames.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.96.92.101:8000 + weight: 100 +- name: testing-testing.4test-thatthing.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.121.148.11:8000 + weight: 100 +- name: testing-testing.4test-athing2-suchthing.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.98.136.202:8000 + weight: 100 +- name: testing-testing.4test-athing2-wow.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.122.180.98:8000 + weight: 100 +- name: testing-testing.4test-manythings.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.122.91.81:8000 + weight: 100 +- name: testing-testing.4test-verythings.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.100.77.168:8000 + weight: 100 +- name: testing-testing.4test-athing3-tester2.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.127.21.161:8000 + weight: 100 +- name: testing-testing.4test-athing3-oldthings.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.127.21.152:8000 + weight: 100 +- name: testing-testing.4test-demo1.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.119.243.153:8000 + weight: 100 +- name: testing-testing.4test-demo2.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.107.57.116:8000 + weight: 100 +- name: testing-testing.4test-dev.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.115.236.26:8000 + weight: 100 +- name: testing-testing.4test-athing4-sothings.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.119.243.159:8000 + weight: 100 +- name: testing-testing.4test-athing5-cousin.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.114.171.127:8000 + weight: 100 +- name: testing-testing.4test-athing5-verythings.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.123.141.109:8000 + weight: 100 +- name: testing-testing.4test-athing5-ygbkm.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.127.101.122:8000 + weight: 100 +- name: testing-testing.4test-athing5-gothings.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.115.236.59:8000 + weight: 100 +- name: testing-testing.4test-athing5-clever.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.121.228.184:8000 + weight: 100 +- name: testing-testing.4test-athing6-itis.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.127.21.179:8000 + weight: 100 +- name: testing-testing.4test-tldr.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.121.148.29:8000 + weight: 100 +- name: testing-testing.4test-shock.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.112.197.225:8000 + weight: 100 +- name: testing-testing.4test-local.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.103.246.34:8000 + weight: 100 + - target: 100.114.171.74:8000 + weight: 100 +- name: testing-testing.4test-newthings.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.121.148.36:8000 + weight: 100 +- name: testing-testing.4test-athing7-halftest.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.127.101.113:8000 + weight: 100 +- name: testing-testing.4test-athing7-moartests.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.96.92.109:8000 + weight: 100 +- name: testing-testing.4test-athing7-gettests.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.105.222.188:8000 + weight: 100 +- name: testing-testing.4test-gottests.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.119.243.160:8000 + weight: 100 +- name: testing-testing.4test-fam.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.103.246.59:8000 + weight: 100 +- name: testing-testing.4test-athing8-2007.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.96.92.117:8000 + weight: 100 +- name: testing-testing.4test-grantests.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.115.236.58:8000 + weight: 100 +- name: testing-testing.4test-btests.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.112.197.237:8000 + weight: 100 +- name: testing-testing.4test-lttl.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.105.222.146:8000 + weight: 100 +- name: testing-testing.4test-athing9-valid.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.103.246.18:8000 + weight: 100 +- name: testing-testing.4test-athing9-morevalid.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.98.136.255:8000 + weight: 100 +- name: testing-testing.4test-athing9-wanttotest.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.123.141.99:8000 + weight: 100 +- name: testing-testing.4test-athing9-whichtest.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.115.236.36:8000 + weight: 100 +- name: testing-testing.4test-athing9-nsf.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.113.229.114:8000 + weight: 100 +- name: testing-testing.4test-athing10-jnk.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.120.185.31:8000 + weight: 100 +- name: testing-testing.4test-athing10-local.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.99.213.15:8000 + weight: 100 +- name: testing-testing.4test-athing10-bbitw.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.120.185.24:8000 + weight: 100 +- name: testing-testing.4test-athing10-gettests.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.120.185.27:8000 + weight: 100 +- name: testing-testing.4test-athing10-phn.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.99.213.47:8000 + weight: 100 +- name: testing-testing.4test-test1.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.127.223.25:8000 + weight: 100 +- name: testing-testing.4test-test2.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.100.77.165:8000 + weight: 100 +- name: testing-static-admin.4test-any.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.114.171.98:80 + weight: 100 +- name: testing-static-admin.4test-athing1-otherthing.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.112.197.251:80 + weight: 100 +- name: testing-static-admin.4test-athing1-name.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.100.77.147:80 + weight: 100 +- name: testing-static-admin.4test-athing1-othername.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.97.79.72:80 + weight: 100 +- name: testing-static-admin.4test-athing1-morenames.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.100.77.132:80 + weight: 100 +- name: testing-static-admin.4test-thatthing.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.114.171.95:80 + weight: 100 +- name: testing-static-admin.4test-athing2-suchthing.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.122.91.87:80 + weight: 100 +- name: testing-static-admin.4test-athing2-wow.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.122.91.71:80 + weight: 100 +- name: testing-static-admin.4test-manythings.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.122.180.73:80 + weight: 100 +- name: testing-static-admin.4test-verythings.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.112.140.17:80 + weight: 100 +- name: testing-static-admin.4test-athing3-oldthings.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.127.21.183:80 + weight: 100 +- name: testing-static-admin.4test-demo1.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.115.236.32:80 + weight: 100 +- name: testing-static-admin.4test-demo2.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.112.140.50:80 + weight: 100 +- name: testing-static-admin.4test-dev.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.100.77.167:80 + weight: 100 +- name: testing-static-admin.4test-athing4-sothings.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.105.222.157:80 + weight: 100 +- name: testing-static-admin.4test-athing5-cousin.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.114.171.89:80 + weight: 100 +- name: testing-static-admin.4test-athing5-verythings.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.114.171.118:80 + weight: 100 +- name: testing-static-admin.4test-athing5-ygbkm.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.123.141.105:80 + weight: 100 +- name: testing-static-admin.4test-athing5-gothings.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.114.85.27:80 + weight: 100 +- name: testing-static-admin.4test-athing5-clever.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.98.136.237:80 + weight: 100 +- name: testing-static-admin.4test-tldr.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.114.171.94:80 + weight: 100 +- name: testing-static-admin.4test-shock.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.105.222.170:80 + weight: 100 +- name: testing-static-admin.4test-local.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.97.79.125:80 + weight: 100 +- name: testing-static-admin.4test-newthings.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.114.85.51:80 + weight: 100 +- name: testing-static-admin.4test-athing7-halftest.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.105.108.132:80 + weight: 100 +- name: testing-static-admin.4test-athing7-gettests.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.121.148.44:80 + weight: 100 +- name: testing-static-admin.4test-gottests.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.98.136.207:80 + weight: 100 +- name: testing-static-admin.4test-fam.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.123.1.149:80 + weight: 100 +- name: testing-static-admin.4test-athing8-2007.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.112.140.34:80 + weight: 100 +- name: testing-static-admin.4test-grantests.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.112.140.13:80 + weight: 100 +- name: testing-static-admin.4test-btests.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.112.197.222:80 + weight: 100 +- name: testing-static-admin.4test-lttl.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.98.136.244:80 + weight: 100 +- name: testing-static-admin.4test-athing9-valid.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.103.246.5:80 + weight: 100 +- name: testing-static-admin.4test-athing9-morevalid.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.105.108.178:80 + weight: 100 +- name: testing-static-admin.4test-athing9-wanttotest.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.123.141.100:80 + weight: 100 +- name: testing-static-admin.4test-athing9-whichtest.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.114.171.77:80 + weight: 100 +- name: testing-static-admin.4test-athing9-nsf.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.113.229.116:80 + weight: 100 +- name: testing-static-admin.4test-athing10-jnk.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.113.31.222:80 + weight: 100 +- name: testing-static-admin.4test-athing10-local.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.99.213.14:80 + weight: 100 +- name: testing-static-admin.4test-athing10-bbitw.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.112.140.38:80 + weight: 100 +- name: testing-static-admin.4test-athing10-gettests.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.120.185.29:80 + weight: 100 +- name: testing-static-admin.4test-athing10-phn.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.114.171.79:80 + weight: 100 +- name: testing-static-admin.4test-test1.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.98.136.228:80 + weight: 100 +- name: testing-static-admin.4test-test2.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.100.77.189:80 + weight: 100 +- name: testing-static.4test-any.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.114.171.98:80 + weight: 100 +- name: testing-static.4test-athing1-otherthing.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.112.197.251:80 + weight: 100 +- name: testing-static.4test-athing1-name.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.100.77.147:80 + weight: 100 +- name: testing-static.4test-athing1-othername.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.97.79.72:80 + weight: 100 +- name: testing-static.4test-athing1-morenames.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.100.77.132:80 + weight: 100 +- name: testing-static.4test-thatthing.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.114.171.95:80 + weight: 100 +- name: testing-static.4test-athing2-suchthing.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.122.91.87:80 + weight: 100 +- name: testing-static.4test-athing2-wow.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.122.91.71:80 + weight: 100 +- name: testing-static.4test-manythings.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.122.180.73:80 + weight: 100 +- name: testing-static.4test-verythings.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.112.140.17:80 + weight: 100 +- name: testing-static.4test-athing3-tester2.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.127.21.160:80 + weight: 100 +- name: testing-static.4test-athing3-oldthings.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.127.21.183:80 + weight: 100 +- name: testing-static.4test-demo1.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.115.236.32:80 + weight: 100 +- name: testing-static.4test-demo2.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.112.140.50:80 + weight: 100 +- name: testing-static.4test-dev.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.100.77.167:80 + weight: 100 +- name: testing-static.4test-athing4-sothings.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.105.222.157:80 + weight: 100 +- name: testing-static.4test-athing5-cousin.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.114.171.89:80 + weight: 100 +- name: testing-static.4test-athing5-verythings.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.114.171.118:80 + weight: 100 +- name: testing-static.4test-athing5-ygbkm.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.123.141.105:80 + weight: 100 +- name: testing-static.4test-athing5-gothings.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.114.85.27:80 + weight: 100 +- name: testing-static.4test-athing5-clever.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.98.136.237:80 + weight: 100 +- name: testing-static.4test-athing6-itis.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.115.236.22:80 + weight: 100 +- name: testing-static.4test-tldr.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.114.171.94:80 + weight: 100 +- name: testing-static.4test-shock.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.105.222.170:80 + weight: 100 +- name: testing-static.4test-local.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.97.79.125:80 + weight: 100 +- name: testing-static.4test-newthings.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.114.85.51:80 + weight: 100 +- name: testing-static.4test-athing7-halftest.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.105.108.132:80 + weight: 100 +- name: testing-static.4test-athing7-moartests.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.122.180.94:80 + weight: 100 +- name: testing-static.4test-athing7-gettests.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.121.148.44:80 + weight: 100 +- name: testing-static.4test-gottests.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.98.136.207:80 + weight: 100 +- name: testing-static.4test-fam.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.123.1.149:80 + weight: 100 +- name: testing-static.4test-athing8-2007.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.112.140.34:80 + weight: 100 +- name: testing-static.4test-grantests.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.112.140.13:80 + weight: 100 +- name: testing-static.4test-btests.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.112.197.222:80 + weight: 100 +- name: testing-static.4test-lttl.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.98.136.244:80 + weight: 100 +- name: testing-static.4test-athing9-valid.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.103.246.5:80 + weight: 100 +- name: testing-static.4test-athing9-morevalid.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.105.108.178:80 + weight: 100 +- name: testing-static.4test-athing9-wanttotest.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.123.141.100:80 + weight: 100 +- name: testing-static.4test-athing9-whichtest.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.114.171.77:80 + weight: 100 +- name: testing-static.4test-athing9-nsf.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.113.229.116:80 + weight: 100 +- name: testing-static.4test-athing10-jnk.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.113.31.222:80 + weight: 100 +- name: testing-static.4test-athing10-local.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.99.213.14:80 + weight: 100 +- name: testing-static.4test-athing10-bbitw.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.112.140.38:80 + weight: 100 +- name: testing-static.4test-athing10-gettests.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.120.185.29:80 + weight: 100 +- name: testing-static.4test-athing10-phn.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.114.171.79:80 + weight: 100 +- name: testing-static.4test-test1.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.98.136.228:80 + weight: 100 +- name: testing-static.4test-test2.svc + algorithm: round-robin + slots: 10000 + healthchecks: + active: + concurrency: 10 + healthy: + http_statuses: + - 200 + - 302 + interval: 0 + successes: 0 + http_path: / + https_verify_certificate: true + type: http + timeout: 1 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 404 + - 500 + - 501 + - 502 + - 503 + - 504 + - 505 + tcp_failures: 0 + timeouts: 0 + interval: 0 + passive: + healthy: + http_statuses: + - 200 + - 201 + - 202 + - 203 + - 204 + - 205 + - 206 + - 207 + - 208 + - 226 + - 300 + - 301 + - 302 + - 303 + - 304 + - 305 + - 306 + - 307 + - 308 + successes: 0 + unhealthy: + http_failures: 0 + http_statuses: + - 429 + - 500 + - 503 + tcp_failures: 0 + timeouts: 0 + hash_on: none + hash_fallback: none + hash_on_cookie_path: / + targets: + - target: 100.100.77.189:80 + weight: 100 +plugins: +- name: prometheus + enabled: true + protocols: + - grpc + - grpcs + - http + - https diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_nginx.template b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_nginx.template new file mode 100644 index 00000000..5bd59dd0 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_nginx.template @@ -0,0 +1,1332 @@ +# This is a custom nginx configuration template for Kong specs + +pid pids/nginx.pid; # mandatory even for custom config templates +error_log ${{PROXY_ERROR_LOG}} ${{LOG_LEVEL}}; + +env KONG_LICENSE_DATA; +env KONG_LICENSE_PATH; + +# injected nginx_main_* directives +> for _, el in ipairs(nginx_main_directives) do +$(el.name) $(el.value); +> end + +events { + # injected nginx_events_* directives +> for _, el in ipairs(nginx_events_directives) do + $(el.name) $(el.value); +> end +} + +> if role == "control_plane" or #proxy_listeners > 0 or #admin_listeners > 0 or #status_listeners > 0 then +http { + charset UTF-8; + server_tokens off; + + error_log ${{PROXY_ERROR_LOG}} ${{LOG_LEVEL}}; + + lua_package_path '${{LUA_PACKAGE_PATH}};;'; + lua_package_cpath '${{LUA_PACKAGE_CPATH}};;'; + lua_socket_pool_size ${{LUA_SOCKET_POOL_SIZE}}; + lua_socket_log_errors off; + lua_max_running_timers 4096; + lua_max_pending_timers 16384; + lua_ssl_verify_depth ${{LUA_SSL_VERIFY_DEPTH}}; +> if lua_ssl_trusted_certificate_combined then + lua_ssl_trusted_certificate '${{LUA_SSL_TRUSTED_CERTIFICATE_COMBINED}}'; +> end + + lua_shared_dict kong 5m; + lua_shared_dict kong_locks 8m; + lua_shared_dict kong_healthchecks 5m; + lua_shared_dict kong_process_events 5m; + lua_shared_dict kong_cluster_events 5m; + lua_shared_dict kong_rate_limiting_counters 12m; + lua_shared_dict kong_core_db_cache ${{MEM_CACHE_SIZE}}; + lua_shared_dict kong_core_db_cache_miss 12m; + lua_shared_dict kong_db_cache ${{MEM_CACHE_SIZE}}; + lua_shared_dict kong_db_cache_miss 12m; +> if database == "off" then + lua_shared_dict kong_core_db_cache_2 ${{MEM_CACHE_SIZE}}; + lua_shared_dict kong_core_db_cache_miss_2 12m; + lua_shared_dict kong_db_cache_2 ${{MEM_CACHE_SIZE}}; + lua_shared_dict kong_db_cache_miss_2 12m; +> end +> if database == "cassandra" then + lua_shared_dict kong_cassandra 5m; +> end +> if role == "control_plane" then + lua_shared_dict kong_clustering 5m; +> end + lua_shared_dict kong_mock_upstream_loggers 10m; + + lua_shared_dict kong_vitals_counters 5m; + lua_shared_dict kong_vitals_lists 1m; + lua_shared_dict kong_vitals 1m; + lua_shared_dict kong_counters 1m; + lua_shared_dict kong_reports_consumers 1m; + lua_shared_dict kong_reports_routes 1m; + lua_shared_dict kong_reports_services 1m; + lua_shared_dict kong_keyring 5m; + lua_shared_dict kong_profiling_state 1536k; # 1.5 MBytes + + underscores_in_headers on; +> if ssl_ciphers then + ssl_ciphers ${{SSL_CIPHERS}}; +> end + + # injected nginx_http_* directives +> for _, el in ipairs(nginx_http_directives) do + $(el.name) $(el.value); +> end + + init_by_lua_block { + Kong = require 'kong' + Kong.init() + } + + init_worker_by_lua_block { + Kong.init_worker() + } + +> if (role == "traditional" or role == "data_plane") and #proxy_listeners > 0 then + # Load variable indexes + lua_kong_load_var_index $args; + lua_kong_load_var_index $bytes_sent; + lua_kong_load_var_index $content_type; + lua_kong_load_var_index $host; + lua_kong_load_var_index $http_authorization; + lua_kong_load_var_index $http_connection; + lua_kong_load_var_index $http_host; + lua_kong_load_var_index $http_kong_debug; + lua_kong_load_var_index $http_proxy; + lua_kong_load_var_index $http_proxy_connection; + lua_kong_load_var_index $http_te; + lua_kong_load_var_index $http_upgrade; + lua_kong_load_var_index $http_x_forwarded_for; + lua_kong_load_var_index $http_x_forwarded_host; + lua_kong_load_var_index $http_x_forwarded_path; + lua_kong_load_var_index $http_x_forwarded_port; + lua_kong_load_var_index $http_x_forwarded_prefix; + lua_kong_load_var_index $http_x_forwarded_proto; + lua_kong_load_var_index $https; + lua_kong_load_var_index $http2; + lua_kong_load_var_index $is_args; + lua_kong_load_var_index $realip_remote_addr; + lua_kong_load_var_index $realip_remote_port; + lua_kong_load_var_index $remote_addr; + lua_kong_load_var_index $remote_port; + lua_kong_load_var_index $request; + lua_kong_load_var_index $request_length; + lua_kong_load_var_index $request_method; + lua_kong_load_var_index $request_time; + lua_kong_load_var_index $request_uri; + lua_kong_load_var_index $scheme; + lua_kong_load_var_index $server_addr; + lua_kong_load_var_index $server_port; + lua_kong_load_var_index $ssl_cipher; + lua_kong_load_var_index $ssl_client_raw_cert; + lua_kong_load_var_index $ssl_client_verify; + lua_kong_load_var_index $ssl_protocol; + lua_kong_load_var_index $ssl_server_name; + lua_kong_load_var_index $upstream_http_connection; + lua_kong_load_var_index $upstream_http_trailer; + lua_kong_load_var_index $upstream_http_upgrade; + lua_kong_load_var_index $upstream_status; + + upstream kong_upstream { + server 0.0.0.1; + + # injected nginx_upstream_* directives +> for _, el in ipairs(nginx_upstream_directives) do + $(el.name) $(el.value); +> end + + balancer_by_lua_block { + Kong.balancer() + } + } + + server { + server_name kong; +> for _, entry in ipairs(proxy_listeners) do + listen $(entry.listener); +> end + + error_page 400 404 408 411 412 413 414 417 494 /kong_error_handler; + error_page 500 502 503 504 /kong_error_handler; + + access_log ${{PROXY_ACCESS_LOG}}; + error_log ${{PROXY_ERROR_LOG}} ${{LOG_LEVEL}}; + +> if proxy_ssl_enabled then +> for i = 1, #ssl_cert do + ssl_certificate $(ssl_cert[i]); + ssl_certificate_key $(ssl_cert_key[i]); +> end + ssl_session_cache shared:SSL:10m; + ssl_certificate_by_lua_block { + Kong.ssl_certificate() + } +> end + + # injected nginx_proxy_* directives +> for _, el in ipairs(nginx_proxy_directives) do + $(el.name) $(el.value); +> end +> for _, ip in ipairs(trusted_ips) do + set_real_ip_from $(ip); +> end + + rewrite_by_lua_block { + Kong.rewrite() + } + + access_by_lua_block { + Kong.access() + } + + header_filter_by_lua_block { + Kong.header_filter() + } + + body_filter_by_lua_block { + Kong.body_filter() + } + + log_by_lua_block { + Kong.log() + } + + location / { + default_type ''; + + set $ctx_ref ''; + set $upstream_te ''; + set $upstream_host ''; + set $upstream_upgrade ''; + set $upstream_connection ''; + set $upstream_scheme ''; + set $upstream_uri ''; + set $upstream_x_forwarded_for ''; + set $upstream_x_forwarded_proto ''; + set $upstream_x_forwarded_host ''; + set $upstream_x_forwarded_port ''; + set $upstream_x_forwarded_path ''; + set $upstream_x_forwarded_prefix ''; + set $kong_proxy_mode 'http'; + + set $set_request_id $request_id; + + proxy_http_version 1.1; + proxy_buffering on; + proxy_request_buffering on; + + proxy_set_header TE $upstream_te; + proxy_set_header Host $upstream_host; + proxy_set_header Upgrade $upstream_upgrade; + proxy_set_header Connection $upstream_connection; + proxy_set_header X-Forwarded-For $upstream_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $upstream_x_forwarded_proto; + proxy_set_header X-Forwarded-Host $upstream_x_forwarded_host; + proxy_set_header X-Forwarded-Port $upstream_x_forwarded_port; + proxy_set_header X-Forwarded-Path $upstream_x_forwarded_path; + proxy_set_header X-Forwarded-Prefix $upstream_x_forwarded_prefix; + proxy_set_header X-Real-IP $remote_addr; + proxy_pass_header Server; + proxy_pass_header Date; + proxy_ssl_name $upstream_host; + proxy_ssl_server_name on; +> if client_ssl then + proxy_ssl_certificate ${{CLIENT_SSL_CERT}}; + proxy_ssl_certificate_key ${{CLIENT_SSL_CERT_KEY}}; +> end + proxy_pass $upstream_scheme://kong_upstream$upstream_uri; + } + + location @unbuffered { + internal; + default_type ''; + set $kong_proxy_mode 'unbuffered'; + + proxy_http_version 1.1; + proxy_buffering off; + proxy_request_buffering off; + + proxy_set_header TE $upstream_te; + proxy_set_header Host $upstream_host; + proxy_set_header Upgrade $upstream_upgrade; + proxy_set_header Connection $upstream_connection; + proxy_set_header X-Forwarded-For $upstream_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $upstream_x_forwarded_proto; + proxy_set_header X-Forwarded-Host $upstream_x_forwarded_host; + proxy_set_header X-Forwarded-Port $upstream_x_forwarded_port; + proxy_set_header X-Forwarded-Path $upstream_x_forwarded_path; + proxy_set_header X-Forwarded-Prefix $upstream_x_forwarded_prefix; + proxy_set_header X-Real-IP $remote_addr; + proxy_pass_header Server; + proxy_pass_header Date; + proxy_ssl_name $upstream_host; + proxy_ssl_server_name on; +> if client_ssl then + proxy_ssl_certificate ${{CLIENT_SSL_CERT}}; + proxy_ssl_certificate_key ${{CLIENT_SSL_CERT_KEY}}; +> end + proxy_pass $upstream_scheme://kong_upstream$upstream_uri; + } + + location @unbuffered_request { + internal; + default_type ''; + set $kong_proxy_mode 'unbuffered'; + + proxy_http_version 1.1; + proxy_buffering on; + proxy_request_buffering off; + + proxy_set_header TE $upstream_te; + proxy_set_header Host $upstream_host; + proxy_set_header Upgrade $upstream_upgrade; + proxy_set_header Connection $upstream_connection; + proxy_set_header X-Forwarded-For $upstream_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $upstream_x_forwarded_proto; + proxy_set_header X-Forwarded-Host $upstream_x_forwarded_host; + proxy_set_header X-Forwarded-Port $upstream_x_forwarded_port; + proxy_set_header X-Forwarded-Prefix $upstream_x_forwarded_prefix; + proxy_set_header X-Real-IP $remote_addr; + proxy_pass_header Server; + proxy_pass_header Date; + proxy_ssl_name $upstream_host; + proxy_ssl_server_name on; +> if client_ssl then + proxy_ssl_certificate ${{CLIENT_SSL_CERT}}; + proxy_ssl_certificate_key ${{CLIENT_SSL_CERT_KEY}}; +> end + proxy_pass $upstream_scheme://kong_upstream$upstream_uri; + } + + location @unbuffered_response { + internal; + default_type ''; + set $kong_proxy_mode 'unbuffered'; + + proxy_http_version 1.1; + proxy_buffering off; + proxy_request_buffering on; + + proxy_set_header TE $upstream_te; + proxy_set_header Host $upstream_host; + proxy_set_header Upgrade $upstream_upgrade; + proxy_set_header Connection $upstream_connection; + proxy_set_header X-Forwarded-For $upstream_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $upstream_x_forwarded_proto; + proxy_set_header X-Forwarded-Host $upstream_x_forwarded_host; + proxy_set_header X-Forwarded-Port $upstream_x_forwarded_port; + proxy_set_header X-Forwarded-Path $upstream_x_forwarded_path; + proxy_set_header X-Forwarded-Prefix $upstream_x_forwarded_prefix; + proxy_set_header X-Real-IP $remote_addr; + proxy_pass_header Server; + proxy_pass_header Date; + proxy_ssl_name $upstream_host; + proxy_ssl_server_name on; +> if client_ssl then + proxy_ssl_certificate ${{CLIENT_SSL_CERT}}; + proxy_ssl_certificate_key ${{CLIENT_SSL_CERT_KEY}}; +> end + proxy_pass $upstream_scheme://kong_upstream$upstream_uri; + } + + location @grpc { + internal; + default_type ''; + set $kong_proxy_mode 'grpc'; + + grpc_set_header TE $upstream_te; + grpc_set_header X-Forwarded-For $upstream_x_forwarded_for; + grpc_set_header X-Forwarded-Proto $upstream_x_forwarded_proto; + grpc_set_header X-Forwarded-Host $upstream_x_forwarded_host; + grpc_set_header X-Forwarded-Port $upstream_x_forwarded_port; + grpc_set_header X-Forwarded-Path $upstream_x_forwarded_path; + grpc_set_header X-Forwarded-Prefix $upstream_x_forwarded_prefix; + grpc_set_header X-Real-IP $remote_addr; + grpc_pass_header Server; + grpc_pass_header Date; + grpc_ssl_name $upstream_host; + grpc_ssl_server_name on; +> if client_ssl then + grpc_ssl_certificate ${{CLIENT_SSL_CERT}}; + grpc_ssl_certificate_key ${{CLIENT_SSL_CERT_KEY}}; +> end + grpc_pass $upstream_scheme://kong_upstream; + } + + location = /kong_buffered_http { + internal; + default_type ''; + set $kong_proxy_mode 'http'; + + rewrite_by_lua_block {;} + access_by_lua_block {;} + header_filter_by_lua_block {;} + body_filter_by_lua_block {;} + log_by_lua_block {;} + + proxy_http_version 1.1; + proxy_set_header TE $upstream_te; + proxy_set_header Host $upstream_host; + proxy_set_header Upgrade $upstream_upgrade; + proxy_set_header Connection $upstream_connection; + proxy_set_header X-Forwarded-For $upstream_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $upstream_x_forwarded_proto; + proxy_set_header X-Forwarded-Host $upstream_x_forwarded_host; + proxy_set_header X-Forwarded-Port $upstream_x_forwarded_port; + proxy_set_header X-Forwarded-Path $upstream_x_forwarded_path; + proxy_set_header X-Forwarded-Prefix $upstream_x_forwarded_prefix; + proxy_set_header X-Real-IP $remote_addr; + proxy_pass_header Server; + proxy_pass_header Date; + proxy_ssl_name $upstream_host; + proxy_ssl_server_name on; +> if client_ssl then + proxy_ssl_certificate ${{CLIENT_SSL_CERT}}; + proxy_ssl_certificate_key ${{CLIENT_SSL_CERT_KEY}}; +> end + proxy_pass $upstream_scheme://kong_upstream$upstream_uri; + } + + location = /kong_error_handler { + internal; + default_type ''; + + uninitialized_variable_warn off; + + rewrite_by_lua_block {;} + access_by_lua_block {;} + + content_by_lua_block { + Kong.handle_error() + } + } + } +> end -- (role == "traditional" or role == "data_plane") and #proxy_listeners > 0 + +> if (role == "control_plane" or role == "traditional") and #admin_listen > 0 and #admin_gui_listeners > 0 then +server { + server_name kong_gui; +> for i = 1, #admin_gui_listeners do + listen $(admin_gui_listeners[i].listener); +> end + +> if admin_gui_ssl_enabled then +> for i = 1, #admin_gui_ssl_cert do + ssl_certificate $(admin_gui_ssl_cert[i]); + ssl_certificate_key $(admin_gui_ssl_cert_key[i]); +> end + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; +> end + + client_max_body_size 10m; + client_body_buffer_size 10m; + + types { + text/html html htm shtml; + text/css css; + text/xml xml; + image/gif gif; + image/jpeg jpeg jpg; + application/javascript js; + application/json json; + image/png png; + image/tiff tif tiff; + image/x-icon ico; + image/x-jng jng; + image/x-ms-bmp bmp; + image/svg+xml svg svgz; + image/webp webp; + } + + gzip on; + gzip_types text/plain text/css application/json application/javascript; + + location ~* \.(jpg|jpeg|png|gif|ico|css|ttf|js)$ { + root gui; + + expires 90d; + add_header Cache-Control 'public'; + add_header X-Frame-Options 'sameorigin'; + add_header X-XSS-Protection '1; mode=block'; + add_header X-Content-Type-Options 'nosniff'; + add_header X-Permitted-Cross-Domain-Policies 'master-only'; + etag off; + } + + location / { + root gui; + + try_files $uri /index.html; + + add_header Cache-Control 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0'; + add_header X-Frame-Options 'sameorigin'; + add_header X-XSS-Protection '1; mode=block'; + add_header X-Content-Type-Options 'nosniff'; + add_header X-Permitted-Cross-Domain-Policies 'master-only'; + etag off; + + access_log ${{ADMIN_GUI_ACCESS_LOG}}; + error_log ${{ADMIN_GUI_ERROR_LOG}}; + } + + location /robots.txt { + return 200 'User-agent: *\nDisallow: /'; + } + + location = /kconfig.js { + root gui_config; + expires -1; + } +} +> end + + +> if (role == "control_plane" or role == "traditional") and portal then +server { + server_name kong_portal_gui; +> for i = 1, #portal_gui_listeners do + listen $(portal_gui_listeners[i].listener); +> end + + access_log ${{PORTAL_GUI_ACCESS_LOG}}; + error_log ${{PORTAL_GUI_ERROR_LOG}} ${{LOG_LEVEL}}; + +> if portal_gui_ssl_enabled then +> for i = 1, #portal_gui_ssl_cert do + ssl_certificate $(portal_gui_ssl_cert[i]); + ssl_certificate_key $(portal_gui_ssl_cert_key[i]); +> end + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; +> end + + client_max_body_size 10m; + client_body_buffer_size 10m; + log_not_found off; + + types { + text/html html htm shtml; + text/css css; + text/xml xml; + image/gif gif; + image/jpeg jpeg jpg; + application/javascript js; + application/json json; + image/png png; + image/tiff tif tiff; + image/x-icon ico; + image/x-jng jng; + image/x-ms-bmp bmp; + image/svg+xml svg svgz; + image/webp webp; + } + + gzip on; + gzip_types text/plain text/css application/json application/javascript; + + location ^~ /__legacy { + root portal; + + header_filter_by_lua_block { + ngx.header["server"] = nil + } + + expires 90d; + add_header Cache-Control 'public'; + add_header X-Frame-Options 'sameorigin'; + add_header X-XSS-Protection '1; mode=block'; + add_header X-Content-Type-Options 'nosniff'; + etag off; + } + + location ~* \.(jpg|jpeg|png|gif|ico|css|ttf|js)$ { + root portal; + + header_filter_by_lua_block { + ngx.header["server"] = nil + } + + content_by_lua_block { + Kong.serve_portal_gui({ + acah = "Content-Type", + }) + } + + expires 90d; + add_header Cache-Control 'public'; + add_header X-Frame-Options 'sameorigin'; + add_header X-XSS-Protection '1; mode=block'; + add_header X-Content-Type-Options 'nosniff'; + etag off; + } + + + location / { + root portal; + default_type text/html; + + header_filter_by_lua_block { + ngx.header["server"] = nil + } + + content_by_lua_block { + Kong.serve_portal_gui({ + acah = "Content-Type", + }) + } + + add_header Cache-Control 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0'; + add_header Access-Control-Allow-Headers 'Content-Type'; + add_header Access-Control-Allow-Origin '*'; + etag off; + } + + location /robots.txt { + header_filter_by_lua_block { + ngx.header["server"] = nil + } + + return 200 'User-agent: *\nDisallow: /'; + } +} + +> if #portal_api_listeners > 0 and portal_api_listen then + +server { + server_name portal_api; +> for i = 1, #portal_api_listeners do + listen $(portal_api_listeners[i].listener); +> end + + access_log ${{PORTAL_API_ACCESS_LOG}}; + error_log ${{PORTAL_API_ERROR_LOG}} ${{LOG_LEVEL}}; + + client_max_body_size 10m; + client_body_buffer_size 10m; + +> if portal_api_ssl_enabled then +> for i = 1, #portal_api_ssl_cert do + ssl_certificate $(portal_api_ssl_cert[i]); + ssl_certificate_key $(portal_api_ssl_cert_key[i]); +> end + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + + ssl_session_cache shared:SSL:10m; + ssl_session_timeout 10m; + ssl_prefer_server_ciphers on; +> if ssl_ciphers then + ssl_ciphers ${{SSL_CIPHERS}}; +> end +> end + + location / { + default_type application/json; + content_by_lua_block { + Kong.serve_portal_api({ + acah = "Content-Type", + }) + } + } + + location /robots.txt { + return 200 'User-agent: *\nDisallow: /'; + } +} +> end +> end + +> if (role == "control_plane" or role == "traditional") and #admin_listeners > 0 then + server { + server_name kong_admin; +> for _, entry in ipairs(admin_listeners) do + listen $(entry.listener); +> end + + access_log ${{ADMIN_ACCESS_LOG}}; + error_log ${{ADMIN_ERROR_LOG}} ${{LOG_LEVEL}}; + +> if admin_ssl_enabled then +> for i = 1, #admin_ssl_cert do + ssl_certificate $(admin_ssl_cert[i]); + ssl_certificate_key $(admin_ssl_cert_key[i]); +> end + ssl_session_cache shared:AdminSSL:10m; +> end + + # injected nginx_admin_* directives +> for _, el in ipairs(nginx_admin_directives) do + $(el.name) $(el.value); +> end + + location / { + default_type application/json; + content_by_lua_block { + Kong.admin_content({ + acah = "Content-Type, ${{RBAC_AUTH_HEADER}}", + }) + } + + log_by_lua_block { + local audit_log = require "kong.enterprise_edition.audit_log" + audit_log.admin_log_handler() + } + + header_filter_by_lua_block { + Kong.admin_header_filter() + } + } + + location /nginx_status { + internal; + access_log off; + stub_status; + } + + location /robots.txt { + return 200 'User-agent: *\nDisallow: /'; + } + } +> end -- (role == "control_plane" or role == "traditional") and #admin_listeners > 0 + +> if #status_listeners > 0 then + server { + server_name kong_status; +> for _, entry in ipairs(status_listeners) do + listen $(entry.listener); +> end + + access_log ${{STATUS_ACCESS_LOG}}; + error_log ${{STATUS_ERROR_LOG}} ${{LOG_LEVEL}}; + +> if status_ssl_enabled then +> for i = 1, #status_ssl_cert do + ssl_certificate $(status_ssl_cert[i]); + ssl_certificate_key $(status_ssl_cert_key[i]); +> end + ssl_session_cache shared:StatusSSL:1m; +> end + + # injected nginx_status_* directives +> for _, el in ipairs(nginx_status_directives) do + $(el.name) $(el.value); +> end + + location / { + default_type application/json; + content_by_lua_block { + Kong.status_content() + } + header_filter_by_lua_block { + Kong.status_header_filter() + } + } + + location /nginx_status { + internal; + access_log off; + stub_status; + } + + location /robots.txt { + return 200 'User-agent: *\nDisallow: /'; + } + } +> end + +> if #debug_listeners > 0 then +server { + server_name kong_debug; +> for _, entry in ipairs(debug_listeners) do + listen $(entry.listener); +> end + + access_log ${{DEBUG_ACCESS_LOG}}; + error_log ${{DEBUG_ERROR_LOG}} ${{LOG_LEVEL}}; + +> if status_ssl_enabled then +> for i = 1, #status_ssl_cert do + ssl_certificate $(debug_ssl_cert[i]); + ssl_certificate_key $(debug_ssl_cert_key[i]); +> end + ssl_session_cache shared:DebugSSL:1m; +> end + + # injected nginx_debug_* directives +> for _, el in ipairs(nginx_debug_directives) do + $(el.name) $(el.value); +> end + + location / { + default_type application/json; + content_by_lua_block { + Kong.debug_content() + } + header_filter_by_lua_block { + Kong.debug_header_filter() + } + } + + location /robots.txt { + return 200 'User-agent: *\nDisallow: /'; + } +} +> end + +> if role == "control_plane" then + server { + server_name kong_cluster_listener; +> for _, entry in ipairs(cluster_listeners) do + listen $(entry.listener) ssl; +> end + + access_log ${{ADMIN_ACCESS_LOG}}; + + ssl_verify_client optional_no_ca; + ssl_certificate ${{CLUSTER_CERT}}; + ssl_certificate_key ${{CLUSTER_CERT_KEY}}; + ssl_session_cache shared:ClusterSSL:10m; + + location = /v1/outlet { + content_by_lua_block { + Kong.serve_cluster_listener() + } + } + } +> end -- role == "control_plane" + +> if role == "control_plane" then + server { + server_name kong_cluster_telemetry_listener; +> for _, entry in ipairs(cluster_telemetry_listeners) do + listen $(entry.listener) ssl; +> end + + access_log off; + + ssl_verify_client optional_no_ca; + ssl_certificate ${{CLUSTER_CERT}}; + ssl_certificate_key ${{CLUSTER_CERT_KEY}}; + ssl_session_cache shared:ClusterSSL:10m; + + location = /v1/ingest { + content_by_lua_block { + Kong.serve_cluster_telemetry_listener() + } + } + } +> end -- role == "control_plane" + +> if role ~= "data_plane" then + server { + server_name mock_upstream; + + listen 15555; + listen 15556 ssl; + +> for i = 1, #ssl_cert do + ssl_certificate $(ssl_cert[i]); + ssl_certificate_key $(ssl_cert_key[i]); +> end + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + + set_real_ip_from 127.0.0.1; + + location / { + content_by_lua_block { + local mu = require "spec.fixtures.mock_upstream" + ngx.status = 404 + return mu.send_default_json_response() + } + } + + location = / { + content_by_lua_block { + local mu = require "spec.fixtures.mock_upstream" + return mu.send_default_json_response({ + valid_routes = { + ["/ws"] = "Websocket echo server", + ["/get"] = "Accepts a GET request and returns it in JSON format", + ["/xml"] = "Returns a simple XML document", + ["/post"] = "Accepts a POST request and returns it in JSON format", + ["/response-headers?:key=:val"] = "Returns given response headers", + ["/cache/:n"] = "Sets a Cache-Control header for n seconds", + ["/anything"] = "Accepts any request and returns it in JSON format", + ["/request"] = "Alias to /anything", + ["/delay/:duration"] = "Delay the response for seconds", + ["/basic-auth/:user/:pass"] = "Performs HTTP basic authentication with the given credentials", + ["/status/:code"] = "Returns a response with the specified ", + ["/stream/:num"] = "Stream chunks of JSON data via chunked Transfer Encoding", + }, + }) + } + } + + location = /408 { + return 408 "408"; + } + + location = /ws { + content_by_lua_block { + local mu = require "spec.fixtures.mock_upstream" + return mu.serve_web_sockets() + } + } + + location /get { + access_by_lua_block { + local mu = require "spec.fixtures.mock_upstream" + return mu.filter_access_by_method("GET") + } + content_by_lua_block { + local mu = require "spec.fixtures.mock_upstream" + return mu.send_default_json_response() + } + } + + location /xml { + content_by_lua_block { + local mu = require "spec.fixtures.mock_upstream" + local xml = [[ + + + Kong, Monolith destroyer. + + ]] + return mu.send_text_response(xml, "application/xml") + } + } + + location /post { + access_by_lua_block { + local mu = require "spec.fixtures.mock_upstream" + return mu.filter_access_by_method("POST") + } + content_by_lua_block { + local mu = require "spec.fixtures.mock_upstream" + return mu.send_default_json_response() + } + } + + location = /response-headers { + access_by_lua_block { + local mu = require "spec.fixtures.mock_upstream" + return mu.filter_access_by_method("GET") + } + content_by_lua_block { + local mu = require "spec.fixtures.mock_upstream" + return mu.send_default_json_response({}, ngx.req.get_uri_args()) + } + } + + location = /hop-by-hop { + content_by_lua_block { + local header = ngx.header + header["Keep-Alive"] = "timeout=5, max=1000" + header["Proxy"] = "Remove-Me" + header["Proxy-Connection"] = "close" + header["Proxy-Authenticate"] = "Basic" + header["Proxy-Authorization"] = "Basic YWxhZGRpbjpvcGVuc2VzYW1l" + header["Transfer-Encoding"] = "chunked" + header["Content-Length"] = nil + header["TE"] = "trailers, deflate;q=0.5" + header["Trailer"] = "Expires" + header["Upgrade"] = "example/1, foo/2" + + ngx.print("hello\r\n\r\nExpires: Wed, 21 Oct 2015 07:28:00 GMT\r\n\r\n") + ngx.exit(200) + } + } + + location ~ "^/cache/(?\d+)$" { + content_by_lua_block { + local mu = require "spec.fixtures.mock_upstream" + return mu.send_default_json_response({}, { + ["Cache-Control"] = "public, max-age=" .. ngx.var.n, + }) + } + } + + location ~ "^/basic-auth/(?[a-zA-Z0-9_]+)/(?.+)$" { + access_by_lua_block { + local mu = require "spec.fixtures.mock_upstream" + return mu.filter_access_by_basic_auth(ngx.var.username, + ngx.var.password) + } + content_by_lua_block { + local mu = require "spec.fixtures.mock_upstream" + return mu.send_default_json_response({ + authenticated = true, + user = ngx.var.username, + }) + } + } + + location ~ "^/(request|anything)" { + content_by_lua_block { + local mu = require "spec.fixtures.mock_upstream" + return mu.send_default_json_response() + } + } + + location ~ "^/delay/(?\d{1,3})$" { + content_by_lua_block { + local mu = require "spec.fixtures.mock_upstream" + local delay_seconds = tonumber(ngx.var.delay_seconds) + if not delay_seconds then + return ngx.exit(ngx.HTTP_NOT_FOUND) + end + + ngx.sleep(delay_seconds) + + return mu.send_default_json_response({ + delay = delay_seconds, + }) + } + } + + location ~ "^/status/(?\d{3})$" { + content_by_lua_block { + local mu = require "spec.fixtures.mock_upstream" + local code = tonumber(ngx.var.code) + if not code then + return ngx.exit(ngx.HTTP_NOT_FOUND) + end + ngx.status = code + return mu.send_default_json_response({ + code = code, + }) + } + } + + location ~ "^/stream/(?\d+)$" { + content_by_lua_block { + local mu = require "spec.fixtures.mock_upstream" + local rep = tonumber(ngx.var.num) + local res = require("cjson").encode(mu.get_default_json_response()) + + ngx.header["X-Powered-By"] = "mock_upstream" + ngx.header["Content-Type"] = "application/json" + + for i = 1, rep do + ngx.say(res) + end + } + } + + location ~ "^/post_log/(?[a-z0-9_]+)$" { + content_by_lua_block { + local mu = require "spec.fixtures.mock_upstream" + return mu.store_log(ngx.var.logname) + } + } + + location ~ "^/post_auth_log/(?[a-z0-9_]+)/(?[a-zA-Z0-9_]+)/(?.+)$" { + access_by_lua_block { + local mu = require "spec.fixtures.mock_upstream" + return mu.filter_access_by_basic_auth(ngx.var.username, + ngx.var.password) + } + content_by_lua_block { + local mu = require "spec.fixtures.mock_upstream" + return mu.store_log(ngx.var.logname) + } + } + + location ~ "^/read_log/(?[a-z0-9_]+)$" { + content_by_lua_block { + local mu = require "spec.fixtures.mock_upstream" + return mu.retrieve_log(ngx.var.logname) + } + } + + location ~ "^/count_log/(?[a-z0-9_]+)$" { + content_by_lua_block { + local mu = require "spec.fixtures.mock_upstream" + return mu.count_log(ngx.var.logname) + } + } + + location ~ "^/reset_log/(?[a-z0-9_]+)$" { + content_by_lua_block { + local mu = require "spec.fixtures.mock_upstream" + return mu.reset_log(ngx.var.logname) + } + } + + location = /echo_sni { + return 200 'SNI=$ssl_server_name\n'; + } + + location = /ocsp { + content_by_lua_block { + local mu = require "spec.fixtures.mock_upstream" + return mu.handle_ocsp() + } + } + + location = /set_ocsp { + content_by_lua_block { + local mu = require "spec.fixtures.mock_upstream" + return mu.set_ocsp(ngx.var.arg_status) + } + } + } +> end -- role ~= "data_plane" + + include '*.http_mock'; +} +> end + +> if #stream_listeners > 0 then +stream { + log_format basic '$remote_addr [$time_local] ' + '$protocol $status $bytes_sent $bytes_received ' + '$session_time'; + + lua_package_path '${{LUA_PACKAGE_PATH}};;'; + lua_package_cpath '${{LUA_PACKAGE_CPATH}};;'; + lua_socket_pool_size ${{LUA_SOCKET_POOL_SIZE}}; + lua_socket_log_errors off; + lua_max_running_timers 4096; + lua_max_pending_timers 16384; + lua_ssl_verify_depth ${{LUA_SSL_VERIFY_DEPTH}}; +> if lua_ssl_trusted_certificate_combined then + lua_ssl_trusted_certificate '${{LUA_SSL_TRUSTED_CERTIFICATE_COMBINED}}'; +> end + + lua_shared_dict stream_kong 5m; + lua_shared_dict stream_kong_locks 8m; + lua_shared_dict stream_kong_healthchecks 5m; + lua_shared_dict stream_kong_process_events 5m; + lua_shared_dict stream_kong_cluster_events 5m; + lua_shared_dict stream_kong_rate_limiting_counters 12m; + lua_shared_dict stream_kong_core_db_cache ${{MEM_CACHE_SIZE}}; + lua_shared_dict stream_kong_core_db_cache_miss 12m; + lua_shared_dict stream_kong_db_cache ${{MEM_CACHE_SIZE}}; + lua_shared_dict stream_kong_db_cache_miss 12m; +> if database == "off" then + lua_shared_dict stream_kong_core_db_cache_2 ${{MEM_CACHE_SIZE}}; + lua_shared_dict stream_kong_core_db_cache_miss_2 12m; + lua_shared_dict stream_kong_db_cache_2 ${{MEM_CACHE_SIZE}}; + lua_shared_dict stream_kong_db_cache_miss_2 12m; +> end +> if database == "cassandra" then + lua_shared_dict stream_kong_cassandra 5m; +> end + + lua_shared_dict stream_kong_vitals_counters 50m; + lua_shared_dict stream_kong_counters 50m; + lua_shared_dict stream_kong_vitals_lists 1m; + lua_shared_dict stream_kong_vitals 1m; + +> if ssl_ciphers then + ssl_ciphers ${{SSL_CIPHERS}}; +> end + + # injected nginx_stream_* directives +> for _, el in ipairs(nginx_stream_directives) do + $(el.name) $(el.value); +> end + + init_by_lua_block { + -- shared dictionaries conflict between stream/http modules. use a prefix. + local shared = ngx.shared + ngx.shared = setmetatable({}, { + __index = function(t, k) + return shared["stream_" .. k] + end, + }) + + Kong = require 'kong' + Kong.init() + } + + init_worker_by_lua_block { + Kong.init_worker() + } + + upstream kong_upstream { + server 0.0.0.1:1; + balancer_by_lua_block { + Kong.balancer() + } + + # injected nginx_supstream_* directives +> for _, el in ipairs(nginx_supstream_directives) do + $(el.name) $(el.value); +> end + } + +> if #stream_listeners > 0 then +# non-SSL listeners, and the SSL terminator + server { +> for _, entry in ipairs(stream_listeners) do +> if not entry.ssl then + listen $(entry.listener); +> end +> end + +> if stream_proxy_ssl_enabled then + listen unix:${{PREFIX}}/stream_tls_terminate.sock ssl proxy_protocol; +> end + + access_log ${{PROXY_STREAM_ACCESS_LOG}}; + error_log ${{PROXY_STREAM_ERROR_LOG}} ${{LOG_LEVEL}}; + +> for _, ip in ipairs(trusted_ips) do + set_real_ip_from $(ip); +> end + set_real_ip_from unix:; + + # injected nginx_sproxy_* directives +> for _, el in ipairs(nginx_sproxy_directives) do + $(el.name) $(el.value); +> end + +> if stream_proxy_ssl_enabled then +> for i = 1, #ssl_cert do + ssl_certificate $(ssl_cert[i]); + ssl_certificate_key $(ssl_cert_key[i]); +> end + ssl_session_cache shared:StreamSSL:10m; + ssl_certificate_by_lua_block { + Kong.ssl_certificate() + } +> end + + preread_by_lua_block { + Kong.preread() + } + + proxy_ssl on; + proxy_ssl_server_name on; +> if client_ssl then + proxy_ssl_certificate ${{CLIENT_SSL_CERT}}; + proxy_ssl_certificate_key ${{CLIENT_SSL_CERT_KEY}}; +> end + proxy_pass kong_upstream; + + log_by_lua_block { + Kong.log() + } + } + +> if stream_proxy_ssl_enabled then +# SSL listeners, but only preread the handshake here + server { +> for _, entry in ipairs(stream_listeners) do +> if entry.ssl then + listen $(entry.listener:gsub(" ssl", "")); +> end +> end + + access_log ${{PROXY_STREAM_ACCESS_LOG}}; + error_log ${{PROXY_STREAM_ERROR_LOG}} ${{LOG_LEVEL}}; + +> for _, ip in ipairs(trusted_ips) do + set_real_ip_from $(ip); +> end + + # injected nginx_sproxy_* directives +> for _, el in ipairs(nginx_sproxy_directives) do + $(el.name) $(el.value); +> end + + preread_by_lua_block { + Kong.preread() + } + + ssl_preread on; + + proxy_protocol on; + + set $kong_tls_preread_block 1; + set $kong_tls_preread_block_upstream ''; + proxy_pass $kong_tls_preread_block_upstream; + } + +server { + listen unix:${{PREFIX}}/stream_tls_passthrough.sock proxy_protocol; + + access_log ${{PROXY_STREAM_ACCESS_LOG}}; + error_log ${{PROXY_STREAM_ERROR_LOG}} ${{LOG_LEVEL}}; + + set_real_ip_from unix:; + + # injected nginx_sproxy_* directives +> for _, el in ipairs(nginx_sproxy_directives) do + $(el.name) $(el.value); +> end + + preread_by_lua_block { + Kong.preread() + } + + ssl_preread on; + + set $kong_tls_passthrough_block 1; + + proxy_pass kong_upstream; + + log_by_lua_block { + Kong.log() + } + } +> end -- stream_proxy_ssl_enabled + + +> if database == "off" then + server { + listen unix:${{PREFIX}}/stream_config.sock; + + error_log ${{PROXY_ERROR_LOG}} ${{LOG_LEVEL}}; + + content_by_lua_block { + Kong.stream_config_listener() + } + } +> end -- database == "off" +> end -- #stream_listeners > 0 + + server { + listen 15557; + listen 15558 ssl; + listen 15557 udp; + +> for i = 1, #ssl_cert do + ssl_certificate $(ssl_cert[i]); + ssl_certificate_key $(ssl_cert_key[i]); +> end + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + + content_by_lua_block { + local sock = assert(ngx.req.socket()) + local data = sock:receive() -- read a line from downstream + + if ngx.var.protocol == "TCP" then + ngx.say(data) + + else + sock:send(data) -- echo whatever was sent + end + } + } + + include '*.stream_mock'; + + server { # ignore (and close }, to ignore content) + listen unix:${{PREFIX}}/stream_rpc.sock udp; + error_log ${{ADMIN_ERROR_LOG}} ${{LOG_LEVEL}}; + content_by_lua_block { + Kong.stream_api() + } + } + +} +> end diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/admin-api-method/api.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/admin-api-method/api.lua new file mode 100644 index 00000000..c14315d7 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/admin-api-method/api.lua @@ -0,0 +1,16 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +return { + ["/method_without_exit"] = { + GET = function() + kong.response.set_status(201) + kong.response.set_header("x-foo", "bar") + ngx.print("hello") + end, + }, +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/admin-api-method/handler.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/admin-api-method/handler.lua new file mode 100644 index 00000000..d38e2740 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/admin-api-method/handler.lua @@ -0,0 +1,23 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +-- a plugin fixture to test a method on the admin api +local BasePlugin = require "kong.plugins.base_plugin" + + +local AdminApiMethod = BasePlugin:extend() + + +AdminApiMethod.PRIORITY = 1000 + + +function AdminApiMethod:new() + AdminApiMethod.super.new(self, "admin-api-method") +end + + +return AdminApiMethod diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/admin-api-method/schema.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/admin-api-method/schema.lua new file mode 100644 index 00000000..1f5af303 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/admin-api-method/schema.lua @@ -0,0 +1,12 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +return { + fields = { + foo = { type = "string" } + } +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/admin-api-method/status_api.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/admin-api-method/status_api.lua new file mode 100644 index 00000000..6b05e5ff --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/admin-api-method/status_api.lua @@ -0,0 +1,14 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +return { + ["/hello"] = { + GET = function() + kong.response.exit(200, { hello = "from status api" }) + end, + }, +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/api-override/api.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/api-override/api.lua new file mode 100644 index 00000000..22cb9923 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/api-override/api.lua @@ -0,0 +1,32 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local kong = kong + + +return { + ["/routes"] = { + schema = kong.db.routes.schema, + GET = function(_, _, _, parent) + kong.response.set_header("Kong-Api-Override", "ok") + return parent() + end, + POST = function(_, _, _, parent) + kong.response.set_header("Kong-Api-Override", "ok") + return parent() + end, + }, + ["/services"] = { + schema = kong.db.services.schema, + methods = { + GET = function(_, _, _, parent) + kong.response.set_header("Kong-Api-Override", "ok") + return parent() + end + } + } +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/api-override/handler.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/api-override/handler.lua new file mode 100644 index 00000000..6b284476 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/api-override/handler.lua @@ -0,0 +1,8 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +return {} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/api-override/schema.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/api-override/schema.lua new file mode 100644 index 00000000..77906b0a --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/api-override/schema.lua @@ -0,0 +1,34 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local typedefs = require "kong.db.schema.typedefs" + + +return { + name = "api-override", + fields = { + { + protocols = typedefs.protocols { + default = { + "http", + "https", + "tcp", + "tls", + "grpc", + "grpcs" + }, + }, + }, + { + config = { + type = "record", + fields = { + }, + }, + }, + }, +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/cache/handler.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/cache/handler.lua new file mode 100644 index 00000000..4962733a --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/cache/handler.lua @@ -0,0 +1,58 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local BasePlugin = require "kong.plugins.base_plugin" +local singletons = require "kong.singletons" + + +local CacheHandler = BasePlugin:extend() + + +CacheHandler.PRIORITY = 1000 + + +function CacheHandler:new() + CacheHandler.super.new(self, "cache") +end + + +function CacheHandler:access(conf) + CacheHandler.super.access(self) + + ngx.req.read_body() + + local args, err = ngx.req.get_post_args() + if not args then + kong.log.err(err) + return kong.response.exit(500, { message = "An unexpected error occurred" }) + end + + local cache_key = args.cache_key + if not cache_key then + return kong.response.exit(400, { message = "missing cache_key" }) + end + + local cache_value = args.cache_value + if not cache_value then + return kong.response.exit(400, { message = "missing cache_value" }) + end + + local function cb() + return cache_value + end + + local value, err = singletons.cache:get(cache_key, nil, cb) + if err then + kong.log.err(err) + return kong.response.exit(500, { message = "An unexpected error occurred" }) + end + + return kong.response.exit(200, type(value) == "table" and value or { message = value }) +end + + +return CacheHandler diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/cache/schema.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/cache/schema.lua new file mode 100644 index 00000000..d0193bb4 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/cache/schema.lua @@ -0,0 +1,17 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +return { + name = "cache", + fields = { + { config = { + type = "record", + fields = { }, + } + } + } +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/ctx-checker-last/handler.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/ctx-checker-last/handler.lua new file mode 100644 index 00000000..5aa0ebfb --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/ctx-checker-last/handler.lua @@ -0,0 +1,28 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local BasePlugin = require "kong.plugins.base_plugin" +local CtxCheckerHandler = require "spec.fixtures.custom_plugins.kong.plugins.ctx-checker.handler" + + +local CtxCheckerLastHandler = BasePlugin:extend() + + +-- This plugin is a copy of ctx checker with a lower priority (it will run last) +CtxCheckerLastHandler.PRIORITY = 0 + + +function CtxCheckerLastHandler:new() + CtxCheckerLastHandler.super.new(self, "ctx-checker-last") +end + + +CtxCheckerLastHandler.access = CtxCheckerHandler.access +CtxCheckerLastHandler.header_filter = CtxCheckerHandler.header_filter + + +return CtxCheckerLastHandler diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/ctx-checker-last/schema.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/ctx-checker-last/schema.lua new file mode 100644 index 00000000..6577ef00 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/ctx-checker-last/schema.lua @@ -0,0 +1,9 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +-- same as regular ctx-checker +return require "spec.fixtures.custom_plugins.kong.plugins.ctx-checker.schema" diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/ctx-checker/handler.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/ctx-checker/handler.lua new file mode 100644 index 00000000..5ef98d1b --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/ctx-checker/handler.lua @@ -0,0 +1,125 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local BasePlugin = require "kong.plugins.base_plugin" +local tablex = require "pl.tablex" +local inspect = require "inspect" + + +local ngx = ngx +local kong = kong +local type = type +local error = error +local tostring = tostring + + +local CtxCheckerHandler = BasePlugin:extend() + + +CtxCheckerHandler.PRIORITY = 1000 + + +local function get_ctx(ctx_kind) + if ctx_kind == "kong.ctx.shared" then + return kong.ctx.shared + end + + if ctx_kind == "kong.ctx.plugin" then + return kong.ctx.plugin + end + + return ngx.ctx +end + + +local function set_header(conf, name, value) + if conf.ctx_kind == "kong.ctx.shared" + or conf.ctx_kind == "kong.ctx.plugin" then + return kong.response.set_header(name, value) + end + + ngx.header[name] = value +end + + +function CtxCheckerHandler:new() + CtxCheckerHandler.super.new(self, "ctx-checker") +end + + +function CtxCheckerHandler:access(conf) + CtxCheckerHandler.super.access(self) + + local set_field = conf.ctx_set_field + if not set_field then + return + end + + local ctx = get_ctx(conf.ctx_kind) + local existing = ctx[set_field] + if existing ~= nil and conf.throw_error then + if type(existing) == "table" then + existing = inspect(existing) + end + + error("Expected to be able to set" .. + conf.ctx_kind .. + "['" .. set_field .. + "'] but it was already set. Found value: " .. + tostring(existing)) + end + + + if type(conf.ctx_set_array) == "table" then + ctx[set_field] = conf.ctx_set_array + elseif type(conf.ctx_set_value) == "string" then + ctx[set_field] = conf.ctx_set_value + end +end + + +function CtxCheckerHandler:header_filter(conf) + CtxCheckerHandler.super.header_filter(self) + + local check_field = conf.ctx_check_field + if not check_field then + return + end + + local ctx = get_ctx(conf.ctx_kind) + local val = ctx[check_field] + + local ok + if conf.ctx_check_array then + if type(val) == "table" then + ok = tablex.compare(val, conf.ctx_check_array, "==") + else + ok = false + end + + elseif conf.ctx_check_value then + ok = val == conf.ctx_check_value + else + ok = true + end + + if type(val) == "table" then + val = inspect(val) + end + + if ok then + return set_header(conf, self._name .. "-" .. check_field, tostring(val)) + end + + if conf.throw_error then + error("Expected " .. conf.ctx_kind .. "['" .. check_field .. + "'] to be set, but it was " .. tostring(val)) + end +end + + +return CtxCheckerHandler diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/ctx-checker/schema.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/ctx-checker/schema.lua new file mode 100644 index 00000000..dd09f65c --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/ctx-checker/schema.lua @@ -0,0 +1,19 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +return { + fields = { + ctx_set_field = { type = "string" }, + ctx_set_value = { type = "string", default = "set_by_ctx_checker" }, + ctx_set_array = { type = "array" }, + ctx_check_field = { type = "string" }, + ctx_check_value = { type = "string" }, + ctx_check_array = { type = "array" }, + ctx_kind = { type = "string", default = "ngx.ctx" }, + ctx_throw_error = { type = "boolean", default = false }, + } +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/ctx-tests-response/handler.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/ctx-tests-response/handler.lua new file mode 100644 index 00000000..cd14b1ec --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/ctx-tests-response/handler.lua @@ -0,0 +1,433 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local ngx = ngx +local kong = kong +local type = type +local assert = assert +local subsystem = ngx.config.subsystem +local math = math + + +local function is_nil(ctx, name) + if ctx[name] ~= nil then + return false, "[ctx-tests] " .. name .. " is not a nil" + end + + return true +end + + +local function is_true(ctx, name) + if ctx[name] ~= true then + return false, "[ctx-tests] " .. name .. " is not true" + end + + return true +end + + +local function is_positive_integer(ctx, name) + local value = ctx[name] + if type(value) ~= "number" then + return false, "[ctx-tests] " .. name .. " is not a number" + end + + if math.floor(value) ~= value then + return false, "[ctx-tests] " .. name .. " is not an integer" + end + + if value <= 0 then + return false, "[ctx-tests] " .. name .. " is not a positive integer" + end + + return true +end + + +local function is_non_negative_integer(ctx, name) + local value = ctx[name] + if value == 0 then + return true + end + + return is_positive_integer(ctx, name) +end + + +local function is_equal_to_start_time(ctx, name) + local ok, err = is_positive_integer(ctx, name) + if not ok then + return ok, err + end + + if ctx[name] < ctx.KONG_PROCESSING_START then + return false, "[ctx-tests] " .. name .. " is less than the processing start" + end + + if subsystem ~= "stream" then + if ctx[name] ~= (ngx.req.start_time() * 1000) then + return false, "[ctx-tests] " .. name .. " is less than the request start time" + end + end + + return true +end + + +local function is_greater_or_equal_to_start_time(ctx, name) + local ok, err = is_positive_integer(ctx, name) + if not ok then + return ok, err + end + + if ctx[name] < ctx.KONG_PROCESSING_START then + return false, "[ctx-tests] " .. name .. " is less than the processing start" + end + + if subsystem ~= "stream" then + if ctx[name] < (ngx.req.start_time() * 1000) then + return false, "[ctx-tests] " .. name .. " is less than the request start time" + end + end + + return true +end + + +local function is_greater_or_equal_to_ctx_value(ctx, name, greater_name) + local ok, err = is_positive_integer(ctx, name) + if not ok then + return ok, err + end + + ok, err = is_positive_integer(ctx, greater_name) + if not ok then + return ok, err + end + + if ctx[greater_name] < ctx[name] then + return false, "[ctx-tests] " .. name .. " is greater than " .. greater_name + end + + return true +end + + +local function has_correct_proxy_latency(ctx) + local ok, err = is_positive_integer(ctx, "KONG_BALANCER_ENDED_AT") + if not ok then + return ok, err + end + + ok, err = is_non_negative_integer(ctx, "KONG_PROXY_LATENCY") + if not ok then + return ok, err + end + + if ctx.KONG_BALANCER_ENDED_AT < ctx.KONG_PROCESSING_START then + return false, "[ctx-tests] KONG_BALANCER_ENDED_AT is less than the processing start" + end + + local latency = ctx.KONG_BALANCER_ENDED_AT - ctx.KONG_PROCESSING_START + if ctx.KONG_PROXY_LATENCY ~= latency then + return false, "[ctx-tests] KONG_PROXY_LATENCY is not calculated correctly" + end + + if subsystem ~= "stream" then + latency = ctx.KONG_BALANCER_ENDED_AT - ngx.req.start_time() * 1000 + if ctx.KONG_PROXY_LATENCY ~= latency then + return false, "[ctx-tests] KONG_PROXY_LATENCY is not calculated correctly (request start time)" + end + end + + return true +end + + +local function has_correct_waiting_time(ctx) + local err + local ok = is_positive_integer(ctx, "KONG_RESPONSE_START") + if not ok then + ok, err = is_positive_integer(ctx, "KONG_HEADER_FILTER_START") + if not ok then + return ok, err + end + end + + ok, err = is_positive_integer(ctx, "KONG_BALANCER_ENDED_AT") + if not ok then + return ok, err + end + + local waiting_time = (ctx.KONG_RESPONSE_START or ctx.KONG_HEADER_FILTER_START) - + ctx.KONG_BALANCER_ENDED_AT + + if ctx.KONG_WAITING_TIME ~= waiting_time then + return false, "[ctx-tests] KONG_WAITING_TIME is not calculated correctly" + end + + return true +end + + +local function has_correct_receive_time(ctx) + local ok, err = is_positive_integer(ctx, "KONG_BODY_FILTER_ENDED_AT") + if not ok then + return ok, err + end + + ok, err = is_positive_integer(ctx, "KONG_HEADER_FILTER_START") + if not ok then + return ok, err + end + + local receive_time = ctx.KONG_BODY_FILTER_ENDED_AT - + (ctx.KONG_RESPONSE_START or ctx.KONG_HEADER_FILTER_START) + + if ctx.KONG_RECEIVE_TIME ~= receive_time then + return false, "[ctx-tests] KONG_RECEIVE_TIME is not calculated correctly" + end + + return true +end + + +local CtxTests = { + PRIORITY = -math.huge +} + + +function CtxTests:preread() + local ctx = ngx.ctx + assert(is_equal_to_start_time(ctx, "KONG_PROCESSING_START")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_PROCESSING_START", "KONG_PREREAD_START")) + assert(is_nil(ctx, "KONG_PREREAD_ENDED_AT")) + assert(is_nil(ctx, "KONG_PREREAD_TIME")) + assert(is_nil(ctx, "KONG_REWRITE_START")) + assert(is_nil(ctx, "KONG_REWRITE_ENDED_AT")) + assert(is_nil(ctx, "KONG_REWRITE_TIME")) + assert(is_nil(ctx, "KONG_ACCESS_START")) + assert(is_nil(ctx, "KONG_ACCESS_ENDED_AT")) + assert(is_nil(ctx, "KONG_ACCESS_TIME")) + assert(is_nil(ctx, "KONG_BALANCER_START")) + assert(is_nil(ctx, "KONG_BALANCER_ENDED_AT")) + assert(is_nil(ctx, "KONG_BALANCER_TIME")) + assert(is_nil(ctx, "KONG_RESPONSE_START")) + assert(is_nil(ctx, "KONG_RESPONSE_ENDED_AT")) + assert(is_nil(ctx, "KONG_RESPONSE_TIME")) + assert(is_nil(ctx, "KONG_HEADER_FILTER_START")) + assert(is_nil(ctx, "KONG_HEADER_FILTER_ENDED_AT")) + assert(is_nil(ctx, "KONG_HEADER_FILTER_TIME")) + assert(is_nil(ctx, "KONG_BODY_FILTER_START")) + assert(is_nil(ctx, "KONG_BODY_FILTER_ENDED_AT")) + assert(is_nil(ctx, "KONG_BODY_FILTER_TIME")) + assert(is_nil(ctx, "KONG_LOG_START")) + assert(is_nil(ctx, "KONG_LOG_ENDED_AT")) + assert(is_nil(ctx, "KONG_LOG_TIME")) + assert(is_nil(ctx, "KONG_PROXIED")) + assert(is_nil(ctx, "KONG_PROXY_LATENCY")) + assert(is_nil(ctx, "KONG_RESPONSE_LATENCY")) + assert(is_nil(ctx, "KONG_WAITING_TIME")) + assert(is_nil(ctx, "KONG_RECEIVE_TIME")) +end + + +function CtxTests:rewrite() + local ctx = ngx.ctx + assert(is_equal_to_start_time(ctx, "KONG_PROCESSING_START")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_PROCESSING_START", "KONG_REWRITE_START")) + assert(is_greater_or_equal_to_start_time(ctx, "KONG_REWRITE_START", "KONG_REWRITE_ENDED_AT")) + assert(is_nil(ctx, "KONG_PREREAD_START")) + assert(is_nil(ctx, "KONG_PREREAD_ENDED_AT")) + assert(is_nil(ctx, "KONG_PREREAD_TIME")) + assert(is_nil(ctx, "KONG_REWRITE_ENDED_AT")) + assert(is_nil(ctx, "KONG_REWRITE_TIME")) + assert(is_nil(ctx, "KONG_ACCESS_START")) + assert(is_nil(ctx, "KONG_ACCESS_ENDED_AT")) + assert(is_nil(ctx, "KONG_ACCESS_TIME")) + assert(is_nil(ctx, "KONG_BALANCER_START")) + assert(is_nil(ctx, "KONG_BALANCER_ENDED_AT")) + assert(is_nil(ctx, "KONG_BALANCER_TIME")) + assert(is_nil(ctx, "KONG_RESPONSE_START")) + assert(is_nil(ctx, "KONG_RESPONSE_ENDED_AT")) + assert(is_nil(ctx, "KONG_RESPONSE_TIME")) + assert(is_nil(ctx, "KONG_HEADER_FILTER_START")) + assert(is_nil(ctx, "KONG_HEADER_FILTER_ENDED_AT")) + assert(is_nil(ctx, "KONG_HEADER_FILTER_TIME")) + assert(is_nil(ctx, "KONG_BODY_FILTER_START")) + assert(is_nil(ctx, "KONG_BODY_FILTER_ENDED_AT")) + assert(is_nil(ctx, "KONG_BODY_FILTER_TIME")) + assert(is_nil(ctx, "KONG_LOG_START")) + assert(is_nil(ctx, "KONG_LOG_ENDED_AT")) + assert(is_nil(ctx, "KONG_LOG_TIME")) + assert(is_nil(ctx, "KONG_PROXIED")) + assert(is_nil(ctx, "KONG_PROXY_LATENCY")) + assert(is_nil(ctx, "KONG_RESPONSE_LATENCY")) + assert(is_nil(ctx, "KONG_WAITING_TIME")) + assert(is_nil(ctx, "KONG_RECEIVE_TIME")) +end + + +function CtxTests:access(config) + if config.buffered then + kong.service.request.enable_buffering() + end + + local ctx = ngx.ctx + assert(is_equal_to_start_time(ctx, "KONG_PROCESSING_START")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_PROCESSING_START", "KONG_REWRITE_START")) + assert(is_greater_or_equal_to_start_time(ctx, "KONG_REWRITE_START")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_REWRITE_START", "KONG_REWRITE_ENDED_AT")) + assert(is_non_negative_integer(ctx, "KONG_REWRITE_TIME")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_REWRITE_ENDED_AT", "KONG_ACCESS_START")) + assert(is_nil(ctx, "KONG_PREREAD_START")) + assert(is_nil(ctx, "KONG_PREREAD_ENDED_AT")) + assert(is_nil(ctx, "KONG_PREREAD_TIME")) + assert(is_nil(ctx, "KONG_ACCESS_ENDED_AT")) + assert(is_nil(ctx, "KONG_ACCESS_TIME")) + assert(is_nil(ctx, "KONG_BALANCER_START")) + assert(is_nil(ctx, "KONG_BALANCER_ENDED_AT")) + assert(is_nil(ctx, "KONG_BALANCER_TIME")) + assert(is_nil(ctx, "KONG_RESPONSE_START")) + assert(is_nil(ctx, "KONG_RESPONSE_ENDED_AT")) + assert(is_nil(ctx, "KONG_RESPONSE_TIME")) + assert(is_nil(ctx, "KONG_HEADER_FILTER_START")) + assert(is_nil(ctx, "KONG_HEADER_FILTER_ENDED_AT")) + assert(is_nil(ctx, "KONG_HEADER_FILTER_TIME")) + assert(is_nil(ctx, "KONG_BODY_FILTER_START")) + assert(is_nil(ctx, "KONG_BODY_FILTER_ENDED_AT")) + assert(is_nil(ctx, "KONG_BODY_FILTER_TIME")) + assert(is_nil(ctx, "KONG_LOG_START")) + assert(is_nil(ctx, "KONG_LOG_ENDED_AT")) + assert(is_nil(ctx, "KONG_LOG_TIME")) + assert(is_nil(ctx, "KONG_PROXIED")) + assert(is_nil(ctx, "KONG_PROXY_LATENCY")) + assert(is_nil(ctx, "KONG_RESPONSE_LATENCY")) + assert(is_nil(ctx, "KONG_WAITING_TIME")) + assert(is_nil(ctx, "KONG_RECEIVE_TIME")) +end + + +function CtxTests:response(config) +-- assert(config.buffered == true, "response should only be executed when buffering the response was requested") + + local ctx = ngx.ctx + assert(is_equal_to_start_time(ctx, "KONG_PROCESSING_START")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_PROCESSING_START", "KONG_REWRITE_START")) + assert(is_greater_or_equal_to_start_time(ctx, "KONG_REWRITE_START")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_REWRITE_START", "KONG_REWRITE_ENDED_AT")) + assert(is_non_negative_integer(ctx, "KONG_REWRITE_TIME")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_REWRITE_ENDED_AT", "KONG_ACCESS_START")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_ACCESS_START", "KONG_ACCESS_ENDED_AT")) + assert(is_non_negative_integer(ctx, "KONG_ACCESS_TIME")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_ACCESS_ENDED_AT", "KONG_BALANCER_START")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_BALANCER_START", "KONG_BALANCER_ENDED_AT")) + assert(is_non_negative_integer(ctx, "KONG_BALANCER_TIME")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_BALANCER_ENDED_AT", "KONG_RESPONSE_START")) + assert(is_nil(ctx, "KONG_RESPONSE_ENDED_AT")) + assert(is_nil(ctx, "KONG_RESPONSE_TIME")) + assert(is_nil(ctx, "KONG_HEADER_FILTER_START")) + assert(is_nil(ctx, "KONG_HEADER_FILTER_ENDED_AT")) + assert(is_nil(ctx, "KONG_HEADER_FILTER_TIME")) + assert(is_true(ctx, "KONG_PROXIED")) + assert(has_correct_proxy_latency(ctx)) + assert(has_correct_waiting_time(ctx)) + assert(is_nil(ctx, "KONG_PREREAD_START")) + assert(is_nil(ctx, "KONG_PREREAD_ENDED_AT")) + assert(is_nil(ctx, "KONG_PREREAD_TIME")) + assert(is_nil(ctx, "KONG_HEADER_FILTER_ENDED_AT")) + assert(is_nil(ctx, "KONG_HEADER_FILTER_TIME")) + assert(is_nil(ctx, "KONG_BODY_FILTER_START")) + assert(is_nil(ctx, "KONG_BODY_FILTER_ENDED_AT")) + assert(is_nil(ctx, "KONG_BODY_FILTER_TIME")) + assert(is_nil(ctx, "KONG_LOG_START")) + assert(is_nil(ctx, "KONG_LOG_ENDED_AT")) + assert(is_nil(ctx, "KONG_LOG_TIME")) + assert(is_nil(ctx, "KONG_RESPONSE_LATENCY")) + assert(is_nil(ctx, "KONG_RECEIVE_TIME")) +end + + +function CtxTests:log(config) + local ctx = ngx.ctx + if subsystem == "stream" then + assert(is_equal_to_start_time(ctx, "KONG_PROCESSING_START")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_PROCESSING_START", "KONG_PREREAD_START")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_PREREAD_START", "KONG_PREREAD_ENDED_AT")) + assert(is_non_negative_integer(ctx, "KONG_PREREAD_TIME")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_PREREAD_ENDED_AT", "KONG_BALANCER_START")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_BALANCER_START", "KONG_BALANCER_ENDED_AT")) + assert(is_non_negative_integer(ctx, "KONG_BALANCER_TIME")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_BALANCER_ENDED_AT", "KONG_LOG_START")) + assert(is_true(ctx, "KONG_PROXIED")) + assert(has_correct_proxy_latency(ctx)) + assert(is_nil(ctx, "KONG_REWRITE_START")) + assert(is_nil(ctx, "KONG_REWRITE_ENDED_AT")) + assert(is_nil(ctx, "KONG_REWRITE_TIME")) + assert(is_nil(ctx, "KONG_ACCESS_START")) + assert(is_nil(ctx, "KONG_ACCESS_ENDED_AT")) + assert(is_nil(ctx, "KONG_ACCESS_TIME")) + assert(is_nil(ctx, "KONG_RESPONSE_START")) + assert(is_nil(ctx, "KONG_RESPONSE_ENDED_AT")) + assert(is_nil(ctx, "KONG_RESPONSE_TIME")) + assert(is_nil(ctx, "KONG_HEADER_FILTER_START")) + assert(is_nil(ctx, "KONG_HEADER_FILTER_ENDED_AT")) + assert(is_nil(ctx, "KONG_HEADER_FILTER_TIME")) + assert(is_nil(ctx, "KONG_BODY_FILTER_START")) + assert(is_nil(ctx, "KONG_BODY_FILTER_ENDED_AT")) + assert(is_nil(ctx, "KONG_BODY_FILTER_TIME")) + assert(is_nil(ctx, "KONG_LOG_ENDED_AT")) + assert(is_nil(ctx, "KONG_LOG_TIME")) + assert(is_nil(ctx, "KONG_RESPONSE_LATENCY")) + + -- TODO: ngx.var.upstream_first_byte_time? + assert(is_nil(ctx, "KONG_WAITING_TIME")) + + + -- TODO: ngx.ctx.KONG_LOG_START - (ngx.ctx.BALANCER_ENDED_AT + ngx.var.upstream_first_byte_time)? + assert(is_nil(ctx, "KONG_RECEIVE_TIME")) + + else + assert(is_equal_to_start_time(ctx, "KONG_PROCESSING_START")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_PROCESSING_START", "KONG_REWRITE_START")) + assert(is_greater_or_equal_to_start_time(ctx, "KONG_REWRITE_START")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_REWRITE_START", "KONG_REWRITE_ENDED_AT")) + assert(is_non_negative_integer(ctx, "KONG_REWRITE_TIME")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_REWRITE_ENDED_AT", "KONG_ACCESS_START")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_ACCESS_START", "KONG_ACCESS_ENDED_AT")) + assert(is_non_negative_integer(ctx, "KONG_ACCESS_TIME")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_ACCESS_ENDED_AT", "KONG_BALANCER_START")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_BALANCER_START", "KONG_BALANCER_ENDED_AT")) + assert(is_non_negative_integer(ctx, "KONG_BALANCER_TIME")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_BALANCER_ENDED_AT", "KONG_HEADER_FILTER_START")) + + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_BALANCER_ENDED_AT", "KONG_RESPONSE_START")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_RESPONSE_START", "KONG_RESPONSE_ENDED_AT")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_RESPONSE_ENDED_AT", "KONG_HEADER_FILTER_START")) + assert(is_non_negative_integer(ctx, "KONG_RESPONSE_TIME")) + + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_HEADER_FILTER_START", "KONG_HEADER_FILTER_ENDED_AT")) + assert(is_non_negative_integer(ctx, "KONG_HEADER_FILTER_TIME")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_HEADER_FILTER_ENDED_AT", "KONG_BODY_FILTER_START")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_BODY_FILTER_START", "KONG_BODY_FILTER_ENDED_AT")) + assert(is_non_negative_integer(ctx, "KONG_BODY_FILTER_TIME")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_BODY_FILTER_ENDED_AT", "KONG_LOG_START")) + assert(is_true(ctx, "KONG_PROXIED")) + assert(has_correct_proxy_latency(ctx)) + assert(has_correct_waiting_time(ctx)) + assert(has_correct_receive_time(ctx)) + assert(is_nil(ctx, "KONG_PREREAD_START")) + assert(is_nil(ctx, "KONG_PREREAD_ENDED_AT")) + assert(is_nil(ctx, "KONG_PREREAD_TIME")) + assert(is_nil(ctx, "KONG_LOG_ENDED_AT")) + assert(is_nil(ctx, "KONG_LOG_TIME")) + end +end + + +return CtxTests diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/ctx-tests-response/schema.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/ctx-tests-response/schema.lua new file mode 100644 index 00000000..5e2f5e82 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/ctx-tests-response/schema.lua @@ -0,0 +1,33 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local typedefs = require "kong.db.schema.typedefs" + +-- TODO: At the moment this tests the happy case. Perhaps it could be extended to work +-- even with unhappy cases, e.g. together with error-generator plugin. Or the plugin +-- could be made to error by itself. +return { + name = "ctx-tests", + fields = { + { + protocols = typedefs.protocols { default = { "http", "https", "tcp", "tls", "grpc", "grpcs" } }, + }, + { + config = { + type = "record", + fields = { + { + buffered = { + type = "boolean", + default = false, + }, + } + }, + }, + }, + }, +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/ctx-tests/handler.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/ctx-tests/handler.lua new file mode 100644 index 00000000..72adfd2c --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/ctx-tests/handler.lua @@ -0,0 +1,497 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local ngx = ngx +local kong = kong +local type = type +local assert = assert +local subsystem = ngx.config.subsystem +local math = math +local get_phase = ngx.get_phase + + +local function is_nil(ctx, name) + if ctx[name] ~= nil then + return false, "[ctx-tests] " .. name .. " is not a nil" + end + + return true +end + + +local function is_true(ctx, name) + if ctx[name] ~= true then + return false, "[ctx-tests] " .. name .. " is not true" + end + + return true +end + + +local function is_positive_integer(ctx, name) + local value = ctx[name] + if type(value) ~= "number" then + return false, "[ctx-tests] " .. name .. " is not a number" + end + + if math.floor(value) ~= value then + return false, "[ctx-tests] " .. name .. " is not an integer" + end + + if value <= 0 then + return false, "[ctx-tests] " .. name .. " is not a positive integer" + end + + return true +end + + +local function is_non_negative_integer(ctx, name) + local value = ctx[name] + if value == 0 then + return true + end + + return is_positive_integer(ctx, name) +end + + +local function is_equal_to_start_time(ctx, name) + local ok, err = is_positive_integer(ctx, name) + if not ok then + return ok, err + end + + if ctx[name] < ctx.KONG_PROCESSING_START then + return false, "[ctx-tests] " .. name .. " is less than the processing start" + end + + if subsystem ~= "stream" then + if ctx[name] ~= (ngx.req.start_time() * 1000) then + return false, "[ctx-tests] " .. name .. " is less than the request start time" + end + end + + return true +end + + +local function is_greater_or_equal_to_start_time(ctx, name) + local ok, err = is_positive_integer(ctx, name) + if not ok then + return ok, err + end + + if ctx[name] < ctx.KONG_PROCESSING_START then + return false, "[ctx-tests] " .. name .. " is less than the processing start" + end + + if subsystem ~= "stream" then + if ctx[name] < (ngx.req.start_time() * 1000) then + return false, "[ctx-tests] " .. name .. " is less than the request start time" + end + end + + return true +end + + +local function is_greater_or_equal_to_ctx_value(ctx, name, greater_name) + local ok, err = is_positive_integer(ctx, name) + if not ok then + return ok, err + end + + ok, err = is_positive_integer(ctx, greater_name) + if not ok then + return ok, err + end + + if ctx[greater_name] < ctx[name] then + return false, "[ctx-tests] " .. name .. " is greater than " .. greater_name + end + + return true +end + + +local function has_correct_proxy_latency(ctx) + local ok, err = is_positive_integer(ctx, "KONG_BALANCER_ENDED_AT") + if not ok then + return ok, err + end + + ok, err = is_non_negative_integer(ctx, "KONG_PROXY_LATENCY") + if not ok then + return ok, err + end + + if ctx.KONG_BALANCER_ENDED_AT < ctx.KONG_PROCESSING_START then + return false, "[ctx-tests] KONG_BALANCER_ENDED_AT is less than the processing start" + end + + local latency = ctx.KONG_BALANCER_ENDED_AT - ctx.KONG_PROCESSING_START + if ctx.KONG_PROXY_LATENCY ~= latency then + return false, "[ctx-tests] KONG_PROXY_LATENCY is not calculated correctly" + end + + if subsystem ~= "stream" then + latency = ctx.KONG_BALANCER_ENDED_AT - ngx.req.start_time() * 1000 + if ctx.KONG_PROXY_LATENCY ~= latency then + return false, "[ctx-tests] KONG_PROXY_LATENCY is not calculated correctly (request start time)" + end + end + + if get_phase() == "log" then + local log = kong.log.serialize() + if ctx.KONG_PROXY_LATENCY > log.latencies.kong then + return false, "[ctx-tests] kong.log.serialize() latency is less than KONG_PROXY_LATENCY" + end + end + + return true +end + + +local function has_correct_waiting_time(ctx) + local err + local ok = is_positive_integer(ctx, "KONG_RESPONSE_START") + if not ok then + ok, err = is_positive_integer(ctx, "KONG_HEADER_FILTER_START") + if not ok then + return ok, err + end + end + + ok, err = is_positive_integer(ctx, "KONG_BALANCER_ENDED_AT") + if not ok then + return ok, err + end + + local waiting_time = (ctx.KONG_RESPONSE_START or ctx.KONG_HEADER_FILTER_START) - + ctx.KONG_BALANCER_ENDED_AT + + if ctx.KONG_WAITING_TIME ~= waiting_time then + return false, "[ctx-tests] KONG_WAITING_TIME is not calculated correctly" + end + + return true +end + + +local function has_correct_receive_time(ctx) + local ok, err = is_positive_integer(ctx, "KONG_BODY_FILTER_ENDED_AT") + if not ok then + return ok, err + end + + ok, err = is_positive_integer(ctx, "KONG_HEADER_FILTER_START") + if not ok then + return ok, err + end + + local receive_time = ctx.KONG_BODY_FILTER_ENDED_AT - + (ctx.KONG_RESPONSE_START or ctx.KONG_HEADER_FILTER_START) + + if ctx.KONG_RECEIVE_TIME ~= receive_time then + return false, "[ctx-tests] KONG_RECEIVE_TIME is not calculated correctly" + end + + return true +end + + +local CtxTests = { + PRIORITY = -math.huge +} + + +function CtxTests:preread() + local ctx = ngx.ctx + assert(is_equal_to_start_time(ctx, "KONG_PROCESSING_START")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_PROCESSING_START", "KONG_PREREAD_START")) + assert(is_nil(ctx, "KONG_PREREAD_ENDED_AT")) + assert(is_nil(ctx, "KONG_PREREAD_TIME")) + assert(is_nil(ctx, "KONG_REWRITE_START")) + assert(is_nil(ctx, "KONG_REWRITE_ENDED_AT")) + assert(is_nil(ctx, "KONG_REWRITE_TIME")) + assert(is_nil(ctx, "KONG_ACCESS_START")) + assert(is_nil(ctx, "KONG_ACCESS_ENDED_AT")) + assert(is_nil(ctx, "KONG_ACCESS_TIME")) + assert(is_nil(ctx, "KONG_BALANCER_START")) + assert(is_nil(ctx, "KONG_BALANCER_ENDED_AT")) + assert(is_nil(ctx, "KONG_BALANCER_TIME")) + assert(is_nil(ctx, "KONG_RESPONSE_START")) + assert(is_nil(ctx, "KONG_RESPONSE_ENDED_AT")) + assert(is_nil(ctx, "KONG_RESPONSE_TIME")) + assert(is_nil(ctx, "KONG_HEADER_FILTER_START")) + assert(is_nil(ctx, "KONG_HEADER_FILTER_ENDED_AT")) + assert(is_nil(ctx, "KONG_HEADER_FILTER_TIME")) + assert(is_nil(ctx, "KONG_BODY_FILTER_START")) + assert(is_nil(ctx, "KONG_BODY_FILTER_ENDED_AT")) + assert(is_nil(ctx, "KONG_BODY_FILTER_TIME")) + assert(is_nil(ctx, "KONG_LOG_START")) + assert(is_nil(ctx, "KONG_LOG_ENDED_AT")) + assert(is_nil(ctx, "KONG_LOG_TIME")) + assert(is_nil(ctx, "KONG_PROXIED")) + assert(is_nil(ctx, "KONG_PROXY_LATENCY")) + assert(is_nil(ctx, "KONG_RESPONSE_LATENCY")) + assert(is_nil(ctx, "KONG_WAITING_TIME")) + assert(is_nil(ctx, "KONG_RECEIVE_TIME")) +end + + +function CtxTests:rewrite() + local ctx = ngx.ctx + assert(is_equal_to_start_time(ctx, "KONG_PROCESSING_START")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_PROCESSING_START", "KONG_REWRITE_START")) + assert(is_greater_or_equal_to_start_time(ctx, "KONG_REWRITE_START", "KONG_REWRITE_ENDED_AT")) + assert(is_nil(ctx, "KONG_PREREAD_START")) + assert(is_nil(ctx, "KONG_PREREAD_ENDED_AT")) + assert(is_nil(ctx, "KONG_PREREAD_TIME")) + assert(is_nil(ctx, "KONG_REWRITE_ENDED_AT")) + assert(is_nil(ctx, "KONG_REWRITE_TIME")) + assert(is_nil(ctx, "KONG_ACCESS_START")) + assert(is_nil(ctx, "KONG_ACCESS_ENDED_AT")) + assert(is_nil(ctx, "KONG_ACCESS_TIME")) + assert(is_nil(ctx, "KONG_BALANCER_START")) + assert(is_nil(ctx, "KONG_BALANCER_ENDED_AT")) + assert(is_nil(ctx, "KONG_BALANCER_TIME")) + assert(is_nil(ctx, "KONG_RESPONSE_START")) + assert(is_nil(ctx, "KONG_RESPONSE_ENDED_AT")) + assert(is_nil(ctx, "KONG_RESPONSE_TIME")) + assert(is_nil(ctx, "KONG_HEADER_FILTER_START")) + assert(is_nil(ctx, "KONG_HEADER_FILTER_ENDED_AT")) + assert(is_nil(ctx, "KONG_HEADER_FILTER_TIME")) + assert(is_nil(ctx, "KONG_BODY_FILTER_START")) + assert(is_nil(ctx, "KONG_BODY_FILTER_ENDED_AT")) + assert(is_nil(ctx, "KONG_BODY_FILTER_TIME")) + assert(is_nil(ctx, "KONG_LOG_START")) + assert(is_nil(ctx, "KONG_LOG_ENDED_AT")) + assert(is_nil(ctx, "KONG_LOG_TIME")) + assert(is_nil(ctx, "KONG_PROXIED")) + assert(is_nil(ctx, "KONG_PROXY_LATENCY")) + assert(is_nil(ctx, "KONG_RESPONSE_LATENCY")) + assert(is_nil(ctx, "KONG_WAITING_TIME")) + assert(is_nil(ctx, "KONG_RECEIVE_TIME")) +end + + +function CtxTests:access(config) + if config.buffered then + kong.service.request.enable_buffering() + end + + local ctx = ngx.ctx + assert(is_equal_to_start_time(ctx, "KONG_PROCESSING_START")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_PROCESSING_START", "KONG_REWRITE_START")) + assert(is_greater_or_equal_to_start_time(ctx, "KONG_REWRITE_START")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_REWRITE_START", "KONG_REWRITE_ENDED_AT")) + assert(is_non_negative_integer(ctx, "KONG_REWRITE_TIME")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_REWRITE_ENDED_AT", "KONG_ACCESS_START")) + assert(is_nil(ctx, "KONG_PREREAD_START")) + assert(is_nil(ctx, "KONG_PREREAD_ENDED_AT")) + assert(is_nil(ctx, "KONG_PREREAD_TIME")) + assert(is_nil(ctx, "KONG_ACCESS_ENDED_AT")) + assert(is_nil(ctx, "KONG_ACCESS_TIME")) + assert(is_nil(ctx, "KONG_BALANCER_START")) + assert(is_nil(ctx, "KONG_BALANCER_ENDED_AT")) + assert(is_nil(ctx, "KONG_BALANCER_TIME")) + assert(is_nil(ctx, "KONG_RESPONSE_START")) + assert(is_nil(ctx, "KONG_RESPONSE_ENDED_AT")) + assert(is_nil(ctx, "KONG_RESPONSE_TIME")) + assert(is_nil(ctx, "KONG_HEADER_FILTER_START")) + assert(is_nil(ctx, "KONG_HEADER_FILTER_ENDED_AT")) + assert(is_nil(ctx, "KONG_HEADER_FILTER_TIME")) + assert(is_nil(ctx, "KONG_BODY_FILTER_START")) + assert(is_nil(ctx, "KONG_BODY_FILTER_ENDED_AT")) + assert(is_nil(ctx, "KONG_BODY_FILTER_TIME")) + assert(is_nil(ctx, "KONG_LOG_START")) + assert(is_nil(ctx, "KONG_LOG_ENDED_AT")) + assert(is_nil(ctx, "KONG_LOG_TIME")) + assert(is_nil(ctx, "KONG_PROXIED")) + assert(is_nil(ctx, "KONG_PROXY_LATENCY")) + assert(is_nil(ctx, "KONG_RESPONSE_LATENCY")) + assert(is_nil(ctx, "KONG_WAITING_TIME")) + assert(is_nil(ctx, "KONG_RECEIVE_TIME")) +end + + +function CtxTests:header_filter(config) + local ctx = ngx.ctx + assert(is_equal_to_start_time(ctx, "KONG_PROCESSING_START")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_PROCESSING_START", "KONG_REWRITE_START")) + assert(is_greater_or_equal_to_start_time(ctx, "KONG_REWRITE_START")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_REWRITE_START", "KONG_REWRITE_ENDED_AT")) + assert(is_non_negative_integer(ctx, "KONG_REWRITE_TIME")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_REWRITE_ENDED_AT", "KONG_ACCESS_START")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_ACCESS_START", "KONG_ACCESS_ENDED_AT")) + assert(is_non_negative_integer(ctx, "KONG_ACCESS_TIME")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_ACCESS_ENDED_AT", "KONG_BALANCER_START")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_BALANCER_START", "KONG_BALANCER_ENDED_AT")) + assert(is_non_negative_integer(ctx, "KONG_BALANCER_TIME")) + if config.buffered then + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_BALANCER_ENDED_AT", "KONG_RESPONSE_START")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_RESPONSE_START", "KONG_RESPONSE_ENDED_AT")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_RESPONSE_ENDED_AT", "KONG_HEADER_FILTER_START")) + assert(is_non_negative_integer(ctx, "KONG_RESPONSE_TIME")) + else + assert(is_nil(ctx, "KONG_RESPONSE_START")) + assert(is_nil(ctx, "KONG_RESPONSE_ENDED_AT")) + assert(is_nil(ctx, "KONG_RESPONSE_TIME")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_BALANCER_ENDED_AT", "KONG_HEADER_FILTER_START")) + end + assert(is_true(ctx, "KONG_PROXIED")) + assert(has_correct_proxy_latency(ctx)) + assert(has_correct_waiting_time(ctx)) + assert(is_nil(ctx, "KONG_PREREAD_START")) + assert(is_nil(ctx, "KONG_PREREAD_ENDED_AT")) + assert(is_nil(ctx, "KONG_PREREAD_TIME")) + assert(is_nil(ctx, "KONG_HEADER_FILTER_ENDED_AT")) + assert(is_nil(ctx, "KONG_HEADER_FILTER_TIME")) + assert(is_nil(ctx, "KONG_BODY_FILTER_START")) + assert(is_nil(ctx, "KONG_BODY_FILTER_ENDED_AT")) + assert(is_nil(ctx, "KONG_BODY_FILTER_TIME")) + assert(is_nil(ctx, "KONG_LOG_START")) + assert(is_nil(ctx, "KONG_LOG_ENDED_AT")) + assert(is_nil(ctx, "KONG_LOG_TIME")) + assert(is_nil(ctx, "KONG_RESPONSE_LATENCY")) + assert(is_nil(ctx, "KONG_RECEIVE_TIME")) +end + + +function CtxTests:body_filter(config) + if not ngx.arg[2] then + return + end + + local ctx = ngx.ctx + assert(is_equal_to_start_time(ctx, "KONG_PROCESSING_START")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_PROCESSING_START", "KONG_REWRITE_START")) + assert(is_greater_or_equal_to_start_time(ctx, "KONG_REWRITE_START")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_REWRITE_START", "KONG_REWRITE_ENDED_AT")) + assert(is_non_negative_integer(ctx, "KONG_REWRITE_TIME")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_REWRITE_ENDED_AT", "KONG_ACCESS_START")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_ACCESS_START", "KONG_ACCESS_ENDED_AT")) + assert(is_non_negative_integer(ctx, "KONG_ACCESS_TIME")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_ACCESS_ENDED_AT", "KONG_BALANCER_START")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_BALANCER_START", "KONG_BALANCER_ENDED_AT")) + assert(is_non_negative_integer(ctx, "KONG_BALANCER_TIME")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_BALANCER_ENDED_AT", "KONG_HEADER_FILTER_START")) + if config.buffered then + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_BALANCER_ENDED_AT", "KONG_RESPONSE_START")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_RESPONSE_START", "KONG_RESPONSE_ENDED_AT")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_RESPONSE_ENDED_AT", "KONG_HEADER_FILTER_START")) + assert(is_non_negative_integer(ctx, "KONG_RESPONSE_TIME")) + else + assert(is_nil(ctx, "KONG_RESPONSE_START")) + assert(is_nil(ctx, "KONG_RESPONSE_ENDED_AT")) + assert(is_nil(ctx, "KONG_RESPONSE_TIME")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_BALANCER_ENDED_AT", "KONG_HEADER_FILTER_START")) + end + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_HEADER_FILTER_START", "KONG_HEADER_FILTER_ENDED_AT")) + assert(is_non_negative_integer(ctx, "KONG_HEADER_FILTER_TIME")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_HEADER_FILTER_ENDED_AT", "KONG_BODY_FILTER_START")) + assert(is_true(ctx, "KONG_PROXIED")) + assert(has_correct_proxy_latency(ctx)) + assert(has_correct_waiting_time(ctx)) + assert(is_nil(ctx, "KONG_PREREAD_START")) + assert(is_nil(ctx, "KONG_PREREAD_ENDED_AT")) + assert(is_nil(ctx, "KONG_PREREAD_TIME")) + assert(is_nil(ctx, "KONG_BODY_FILTER_ENDED_AT")) + assert(is_nil(ctx, "KONG_BODY_FILTER_TIME")) + assert(is_nil(ctx, "KONG_LOG_START")) + assert(is_nil(ctx, "KONG_LOG_ENDED_AT")) + assert(is_nil(ctx, "KONG_LOG_TIME")) + assert(is_nil(ctx, "KONG_RESPONSE_LATENCY")) + assert(is_nil(ctx, "KONG_RECEIVE_TIME")) +end + + +function CtxTests:log(config) + local ctx = ngx.ctx + if subsystem == "stream" then + assert(is_equal_to_start_time(ctx, "KONG_PROCESSING_START")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_PROCESSING_START", "KONG_PREREAD_START")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_PREREAD_START", "KONG_PREREAD_ENDED_AT")) + assert(is_non_negative_integer(ctx, "KONG_PREREAD_TIME")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_PREREAD_ENDED_AT", "KONG_BALANCER_START")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_BALANCER_START", "KONG_BALANCER_ENDED_AT")) + assert(is_non_negative_integer(ctx, "KONG_BALANCER_TIME")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_BALANCER_ENDED_AT", "KONG_LOG_START")) + assert(is_true(ctx, "KONG_PROXIED")) + assert(has_correct_proxy_latency(ctx)) + assert(is_nil(ctx, "KONG_REWRITE_START")) + assert(is_nil(ctx, "KONG_REWRITE_ENDED_AT")) + assert(is_nil(ctx, "KONG_REWRITE_TIME")) + assert(is_nil(ctx, "KONG_ACCESS_START")) + assert(is_nil(ctx, "KONG_ACCESS_ENDED_AT")) + assert(is_nil(ctx, "KONG_ACCESS_TIME")) + assert(is_nil(ctx, "KONG_RESPONSE_START")) + assert(is_nil(ctx, "KONG_RESPONSE_ENDED_AT")) + assert(is_nil(ctx, "KONG_RESPONSE_TIME")) + assert(is_nil(ctx, "KONG_HEADER_FILTER_START")) + assert(is_nil(ctx, "KONG_HEADER_FILTER_ENDED_AT")) + assert(is_nil(ctx, "KONG_HEADER_FILTER_TIME")) + assert(is_nil(ctx, "KONG_BODY_FILTER_START")) + assert(is_nil(ctx, "KONG_BODY_FILTER_ENDED_AT")) + assert(is_nil(ctx, "KONG_BODY_FILTER_TIME")) + assert(is_nil(ctx, "KONG_LOG_ENDED_AT")) + assert(is_nil(ctx, "KONG_LOG_TIME")) + assert(is_nil(ctx, "KONG_RESPONSE_LATENCY")) + + -- TODO: ngx.var.upstream_first_byte_time? + assert(is_nil(ctx, "KONG_WAITING_TIME")) + + + -- TODO: ngx.ctx.KONG_LOG_START - (ngx.ctx.BALANCER_ENDED_AT + ngx.var.upstream_first_byte_time)? + assert(is_nil(ctx, "KONG_RECEIVE_TIME")) + + else + assert(is_equal_to_start_time(ctx, "KONG_PROCESSING_START")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_PROCESSING_START", "KONG_REWRITE_START")) + assert(is_greater_or_equal_to_start_time(ctx, "KONG_REWRITE_START")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_REWRITE_START", "KONG_REWRITE_ENDED_AT")) + assert(is_non_negative_integer(ctx, "KONG_REWRITE_TIME")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_REWRITE_ENDED_AT", "KONG_ACCESS_START")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_ACCESS_START", "KONG_ACCESS_ENDED_AT")) + assert(is_non_negative_integer(ctx, "KONG_ACCESS_TIME")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_ACCESS_ENDED_AT", "KONG_BALANCER_START")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_BALANCER_START", "KONG_BALANCER_ENDED_AT")) + assert(is_non_negative_integer(ctx, "KONG_BALANCER_TIME")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_BALANCER_ENDED_AT", "KONG_HEADER_FILTER_START")) + if config.buffered then + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_BALANCER_ENDED_AT", "KONG_RESPONSE_START")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_RESPONSE_START", "KONG_RESPONSE_ENDED_AT")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_RESPONSE_ENDED_AT", "KONG_HEADER_FILTER_START")) + assert(is_non_negative_integer(ctx, "KONG_RESPONSE_TIME")) + else + assert(is_nil(ctx, "KONG_RESPONSE_START")) + assert(is_nil(ctx, "KONG_RESPONSE_ENDED_AT")) + assert(is_nil(ctx, "KONG_RESPONSE_TIME")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_BALANCER_ENDED_AT", "KONG_HEADER_FILTER_START")) + end + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_HEADER_FILTER_START", "KONG_HEADER_FILTER_ENDED_AT")) + assert(is_non_negative_integer(ctx, "KONG_HEADER_FILTER_TIME")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_HEADER_FILTER_ENDED_AT", "KONG_BODY_FILTER_START")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_BODY_FILTER_START", "KONG_BODY_FILTER_ENDED_AT")) + assert(is_non_negative_integer(ctx, "KONG_BODY_FILTER_TIME")) + assert(is_greater_or_equal_to_ctx_value(ctx, "KONG_BODY_FILTER_ENDED_AT", "KONG_LOG_START")) + assert(is_true(ctx, "KONG_PROXIED")) + assert(has_correct_proxy_latency(ctx)) + assert(has_correct_waiting_time(ctx)) + assert(has_correct_receive_time(ctx)) + assert(is_nil(ctx, "KONG_PREREAD_START")) + assert(is_nil(ctx, "KONG_PREREAD_ENDED_AT")) + assert(is_nil(ctx, "KONG_PREREAD_TIME")) + assert(is_nil(ctx, "KONG_LOG_ENDED_AT")) + assert(is_nil(ctx, "KONG_LOG_TIME")) + end +end + + +return CtxTests diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/ctx-tests/schema.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/ctx-tests/schema.lua new file mode 100644 index 00000000..5e2f5e82 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/ctx-tests/schema.lua @@ -0,0 +1,33 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local typedefs = require "kong.db.schema.typedefs" + +-- TODO: At the moment this tests the happy case. Perhaps it could be extended to work +-- even with unhappy cases, e.g. together with error-generator plugin. Or the plugin +-- could be made to error by itself. +return { + name = "ctx-tests", + fields = { + { + protocols = typedefs.protocols { default = { "http", "https", "tcp", "tls", "grpc", "grpcs" } }, + }, + { + config = { + type = "record", + fields = { + { + buffered = { + type = "boolean", + default = false, + }, + } + }, + }, + }, + }, +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/dummy/handler.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/dummy/handler.lua new file mode 100644 index 00000000..1cd8e122 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/dummy/handler.lua @@ -0,0 +1,58 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local BasePlugin = require "kong.plugins.base_plugin" + + +local DummyHandler = BasePlugin:extend() + +DummyHandler.VERSION = "9.9.9" + +DummyHandler.PRIORITY = 1000 + + +function DummyHandler:new() + DummyHandler.super.new(self, "dummy") +end + + +function DummyHandler:access() + DummyHandler.super.access(self) + + if ngx.req.get_uri_args()["send_error"] then + return kong.response.exit(404, { message = "Not found" }) + end + + ngx.header["Dummy-Plugin-Access-Header"] = "dummy" +end + + +function DummyHandler:header_filter(conf) + DummyHandler.super.header_filter(self) + + ngx.header["Dummy-Plugin"] = conf.resp_header_value + + if conf.resp_code then + ngx.status = conf.resp_code + end + + if conf.append_body then + ngx.header["Content-Length"] = nil + end +end + + +function DummyHandler:body_filter(conf) + DummyHandler.super.body_filter(self) + + if conf.append_body and not ngx.arg[2] then + ngx.arg[1] = string.sub(ngx.arg[1], 1, -2) .. conf.append_body + end +end + + +return DummyHandler diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/dummy/schema.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/dummy/schema.lua new file mode 100644 index 00000000..9721611a --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/dummy/schema.lua @@ -0,0 +1,19 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +return { + name = "dummy", + fields = { + { config = { + type = "record", + fields = { + { resp_header_value = { type = "string", default = "1" }, }, + { append_body = { type = "string" }, }, + { resp_code = { type = "number" }, }, + }, }, }, + }, +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/enable-buffering-response/handler.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/enable-buffering-response/handler.lua new file mode 100644 index 00000000..dc7fa2ff --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/enable-buffering-response/handler.lua @@ -0,0 +1,40 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local ngx = ngx +local kong = kong + + +local EnableBuffering = { + PRIORITY = math.huge +} + + +function EnableBuffering:access() + kong.service.request.enable_buffering() +end + + +function EnableBuffering:response(conf) + if conf.phase == "response" then + if conf.mode == "modify-json" then + local body = assert(kong.service.response.get_body()) + body.modified = true + return kong.response.exit(kong.service.response.get_status(), body, { + Modified = "yes", + }) + end + + if conf.mode == "md5-header" then + local body = kong.service.response.get_raw_body() + kong.response.set_header("MD5", ngx.md5(body)) + end + end +end + + +return EnableBuffering diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/enable-buffering-response/schema.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/enable-buffering-response/schema.lua new file mode 100644 index 00000000..b59b4a76 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/enable-buffering-response/schema.lua @@ -0,0 +1,30 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +return { + name = "enable-buffering", + fields = { + { + config = { + type = "record", + fields = { + { + phase = { + type = "string", + default = "header_filter", + }, + }, + { + mode = { + type = "string", + }, + }, + }, + }, + }, + }, +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/enable-buffering/handler.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/enable-buffering/handler.lua new file mode 100644 index 00000000..225cc1cf --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/enable-buffering/handler.lua @@ -0,0 +1,40 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local ngx = ngx +local kong = kong + + +local EnableBuffering = { + PRIORITY = math.huge +} + + +function EnableBuffering:access() + kong.service.request.enable_buffering() +end + + +function EnableBuffering:header_filter(conf) + if conf.phase == "header_filter" then + if conf.mode == "modify-json" then + local body = assert(kong.service.response.get_body()) + body.modified = true + return kong.response.exit(kong.response.get_status(), body, { + Modified = "yes", + }) + end + + if conf.mode == "md5-header" then + local body = kong.service.response.get_raw_body() + kong.response.set_header("MD5", ngx.md5(body)) + end + end +end + + +return EnableBuffering diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/enable-buffering/schema.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/enable-buffering/schema.lua new file mode 100644 index 00000000..b59b4a76 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/enable-buffering/schema.lua @@ -0,0 +1,30 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +return { + name = "enable-buffering", + fields = { + { + config = { + type = "record", + fields = { + { + phase = { + type = "string", + default = "header_filter", + }, + }, + { + mode = { + type = "string", + }, + }, + }, + }, + }, + }, +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/encrypted-field/handler.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/encrypted-field/handler.lua new file mode 100644 index 00000000..ff137ce8 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/encrypted-field/handler.lua @@ -0,0 +1,21 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local kong = kong + + +local EncryptedHandler = { + PRIORITY = 0, + VERSION = "1.0.0", +} + +function EncryptedHandler:access(conf) + kong.response.exit(200, { message = conf.message }) +end + + +return EncryptedHandler diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/encrypted-field/schema.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/encrypted-field/schema.lua new file mode 100644 index 00000000..1d6e5d86 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/encrypted-field/schema.lua @@ -0,0 +1,21 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local typedefs = require "kong.db.schema.typedefs" + +return { + name = "encrypted-field", + fields = { + { protocols = typedefs.protocols }, + { config = { + type = "record", + fields = { + { message = { type = "string", required = true, encrypted = true} } + } + } } + } +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/error-generator-last/handler.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/error-generator-last/handler.lua new file mode 100644 index 00000000..2addd1ef --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/error-generator-last/handler.lua @@ -0,0 +1,72 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + + +local error = error + + +local ErrorGeneratorLastHandler = {} + + +ErrorGeneratorLastHandler.PRIORITY = -math.huge + + +function ErrorGeneratorLastHandler:init_worker() +end + + +function ErrorGeneratorLastHandler:certificate(conf) + if conf.certificate then + error("[error-generator-last] certificate") + end +end + + +function ErrorGeneratorLastHandler:rewrite(conf) + if conf.rewrite then + error("[error-generator-last] rewrite") + end +end + + +function ErrorGeneratorLastHandler:preread(conf) + if conf.preread then + error("[error-generator-last] preread") + end +end + + + +function ErrorGeneratorLastHandler:access(conf) + if conf.access then + error("[error-generator-last] access") + end +end + + +function ErrorGeneratorLastHandler:header_filter(conf) + if conf.header_filter then + error("[error-generator-last] header_filter") + end +end + + +function ErrorGeneratorLastHandler:body_filter(conf) + if conf.header_filter then + error("[error-generator-last] body_filter") + end +end + + +function ErrorGeneratorLastHandler:log(conf) + if conf.log then + error("[error-generator] body_filter") + end +end + + +return ErrorGeneratorLastHandler diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/error-generator-last/schema.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/error-generator-last/schema.lua new file mode 100644 index 00000000..40089332 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/error-generator-last/schema.lua @@ -0,0 +1,25 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +return { + name = "error-generator-last", + fields = { + { config = { + type = "record", + fields = { + { certificate = { type = "boolean", required = false, default = false }, }, + { rewrite = { type = "boolean", required = false, default = false }, }, + { preread = { type = "boolean", required = false, default = false }, }, + { access = { type = "boolean", required = false, default = false }, }, + { header_filter = { type = "boolean", required = false, default = false }, }, + { body_filter = { type = "boolean", required = false, default = false }, }, + { log = { type = "boolean", required = false, default = false }, }, + }, + } + } + } +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/error-generator/handler.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/error-generator/handler.lua new file mode 100644 index 00000000..5c9c72e7 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/error-generator/handler.lua @@ -0,0 +1,93 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local BasePlugin = require "kong.plugins.base_plugin" + + +local error = error + + +local ErrorGeneratorHandler = BasePlugin:extend() + + +ErrorGeneratorHandler.PRIORITY = math.huge + + +function ErrorGeneratorHandler:new() + ErrorGeneratorHandler.super.new(self, "error-generator") +end + + +function ErrorGeneratorHandler:init_worker() + ErrorGeneratorHandler.super.init_worker(self) +end + + +function ErrorGeneratorHandler:certificate(conf) + ErrorGeneratorHandler.super.certificate(self) + + if conf.certificate then + error("[error-generator] certificate") + end +end + + +function ErrorGeneratorHandler:rewrite(conf) + ErrorGeneratorHandler.super.rewrite(self) + + if conf.rewrite then + error("[error-generator] rewrite") + end +end + + +function ErrorGeneratorHandler:preread(conf) + ErrorGeneratorHandler.super.preread(self) + + if conf.preread then + error("[error-generator] preread") + end +end + + +function ErrorGeneratorHandler:access(conf) + ErrorGeneratorHandler.super.access(self) + + if conf.access then + error("[error-generator] access") + end +end + + +function ErrorGeneratorHandler:header_filter(conf) + ErrorGeneratorHandler.super.header_filter(self) + + if conf.header_filter then + error("[error-generator] header_filter") + end +end + + +function ErrorGeneratorHandler:body_filter(conf) + ErrorGeneratorHandler.super.body_filter(self) + + if conf.header_filter then + error("[error-generator] body_filter") + end +end + + +function ErrorGeneratorHandler:log(conf) + ErrorGeneratorHandler.super.log(self) + + if conf.log then + error("[error-generator] body_filter") + end +end + + +return ErrorGeneratorHandler diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/error-generator/schema.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/error-generator/schema.lua new file mode 100644 index 00000000..3ed34c5e --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/error-generator/schema.lua @@ -0,0 +1,30 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local typedefs = require "kong.db.schema.typedefs" + + +return { + name = "error-generator", + fields = { + { consumer = typedefs.no_consumer }, + { protocols = typedefs.protocols_http }, + { config = { + type = "record", + fields = { + { certificate = { type = "boolean", required = false, default = false }, }, + { rewrite = { type = "boolean", required = false, default = false }, }, + { preread = { type = "boolean", required = false, default = false }, }, + { access = { type = "boolean", required = false, default = false }, }, + { header_filter = { type = "boolean", required = false, default = false }, }, + { body_filter = { type = "boolean", required = false, default = false }, }, + { log = { type = "boolean", required = false, default = false }, }, + }, + } + } + } +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/error-handler-log/handler.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/error-handler-log/handler.lua new file mode 100644 index 00000000..93095daa --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/error-handler-log/handler.lua @@ -0,0 +1,59 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local cjson = require("cjson") +local ngx = ngx + + +local ErrorHandlerLog = {} + + +ErrorHandlerLog.PRIORITY = 1000 + + +local function register(phase) + local ws_id = ngx.ctx.workspace or kong.default_workspace + local phases = ngx.ctx.err_handler_log_phases or {} + local in_ws = phases[ws_id] or {} + phases[ws_id] = in_ws + table.insert(in_ws, phase) + ngx.ctx.err_handler_log_phases = phases +end + + +function ErrorHandlerLog:rewrite(conf) + register("rewrite") +end + + +function ErrorHandlerLog:access(conf) + register("access") +end + + +function ErrorHandlerLog:header_filter(conf) + register("header_filter") + + local phases = ngx.ctx.err_handler_log_phases or {} + + + ngx.header["Content-Length"] = nil + ngx.header["Log-Plugin-Phases"] = table.concat(phases[ngx.ctx.workspace] or {}, ",") + ngx.header["Log-Plugin-Workspaces"] = cjson.encode(phases) + + ngx.header["Log-Plugin-Service-Matched"] = ngx.ctx.service and ngx.ctx.service.name +end + + +function ErrorHandlerLog:body_filter(conf) + if not ngx.arg[2] then + ngx.arg[1] = "body_filter" + end +end + + +return ErrorHandlerLog diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/error-handler-log/schema.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/error-handler-log/schema.lua new file mode 100644 index 00000000..19b03fbf --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/error-handler-log/schema.lua @@ -0,0 +1,17 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +return { + name = "error-handler-log", + fields = { + { config = { + type = "record", + fields = { }, + } + } + } +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/fail-once-auth/handler.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/fail-once-auth/handler.lua new file mode 100644 index 00000000..d229e6c4 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/fail-once-auth/handler.lua @@ -0,0 +1,31 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +-- a plugin fixture to force one authentication failure + +local BasePlugin = require "kong.plugins.base_plugin" + +local FailOnceAuth = BasePlugin:extend() + +FailOnceAuth.PRIORITY = 1000 + +function FailOnceAuth:new() + FailOnceAuth.super.new(self, "fail-once-auth") +end + +local failed = {} + +function FailOnceAuth:access(conf) + FailOnceAuth.super.access(self) + + if not failed[conf.service_id] then + failed[conf.service_id] = true + return kong.response.exit(401, { message = conf.message }) + end +end + +return FailOnceAuth diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/fail-once-auth/schema.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/fail-once-auth/schema.lua new file mode 100644 index 00000000..03b9e0e5 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/fail-once-auth/schema.lua @@ -0,0 +1,18 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +return { + name = "fail-once-auth", + fields = { + { config = { + type = "record", + fields = { + { message = { type = "string", default = "try again!" }, }, + }, + }, }, + } +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/foreign-entity/daos.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/foreign-entity/daos.lua new file mode 100644 index 00000000..583d28d4 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/foreign-entity/daos.lua @@ -0,0 +1,34 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local typedefs = require "kong.db.schema.typedefs" + + +return { + foreign_entities = { + name = "foreign_entities", + primary_key = { "id" }, + endpoint_key = "name", + admin_api_name = "foreign-entities", + fields = { + { id = typedefs.uuid }, + { name = { type = "string", unique = true } }, + { same = typedefs.uuid }, + }, + }, + foreign_references = { + name = "foreign_references", + primary_key = { "id" }, + endpoint_key = "name", + admin_api_name = "foreign-references", + fields = { + { id = typedefs.uuid }, + { name = { type = "string", unique = true } }, + { same = { type = "foreign", reference = "foreign_entities", on_delete = "cascade" } }, + }, + }, +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/foreign-entity/handler.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/foreign-entity/handler.lua new file mode 100644 index 00000000..77b3600f --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/foreign-entity/handler.lua @@ -0,0 +1,10 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +return { + PRIORITY = 1 +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/foreign-entity/migrations/000_base_foreign_entity.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/foreign-entity/migrations/000_base_foreign_entity.lua new file mode 100644 index 00000000..f1fff4f7 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/foreign-entity/migrations/000_base_foreign_entity.lua @@ -0,0 +1,52 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +return { + postgres = { + up = [[ + CREATE TABLE IF NOT EXISTS "foreign_entities" ( + "id" UUID PRIMARY KEY, + "name" TEXT UNIQUE, + "same" UUID + ); + + CREATE TABLE IF NOT EXISTS "foreign_references" ( + "id" UUID PRIMARY KEY, + "name" TEXT UNIQUE, + "same_id" UUID REFERENCES "foreign_entities" ("id") ON DELETE CASCADE + ); + + DO $$ + BEGIN + CREATE INDEX IF NOT EXISTS "foreign_references_fkey_same" ON "foreign_references" ("same_id"); + EXCEPTION WHEN UNDEFINED_COLUMN THEN + -- Do nothing, accept existing state + END$$; + ]], + }, + + cassandra = { + up = [[ + CREATE TABLE IF NOT EXISTS foreign_entities ( + id uuid PRIMARY KEY, + name text, + same uuid + ); + + CREATE INDEX IF NOT EXISTS ON foreign_entities(name); + + CREATE TABLE IF NOT EXISTS foreign_references ( + id uuid PRIMARY KEY, + name text, + same_id uuid + ); + + CREATE INDEX IF NOT EXISTS ON foreign_references (name); + CREATE INDEX IF NOT EXISTS ON foreign_references (same_id); + ]], + }, +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/foreign-entity/migrations/init.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/foreign-entity/migrations/init.lua new file mode 100644 index 00000000..ce8fe5ae --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/foreign-entity/migrations/init.lua @@ -0,0 +1,10 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +return { + "000_base_foreign_entity", +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/foreign-entity/schema.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/foreign-entity/schema.lua new file mode 100644 index 00000000..c24e8412 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/foreign-entity/schema.lua @@ -0,0 +1,19 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +return { + name = "foreign-entity", + fields = { + { + config = { + type = "record", + fields = { + }, + }, + }, + }, +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/init-worker-lua-error/handler.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/init-worker-lua-error/handler.lua new file mode 100644 index 00000000..39dd4eb3 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/init-worker-lua-error/handler.lua @@ -0,0 +1,19 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local InitWorkerLuaError = {} + + +InitWorkerLuaError.PRIORITY = 1000 + + +function InitWorkerLuaError:init_worker(conf) + error("this fails intentionally") +end + + +return InitWorkerLuaError diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/init-worker-lua-error/schema.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/init-worker-lua-error/schema.lua new file mode 100644 index 00000000..942f6ed6 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/init-worker-lua-error/schema.lua @@ -0,0 +1,17 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +return { + name = "init-worker-lua-error", + fields = { + { config = { + type = "record", + fields = { }, + } + } + } +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/invalid-schema/handler.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/invalid-schema/handler.lua new file mode 100644 index 00000000..392d9b4e --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/invalid-schema/handler.lua @@ -0,0 +1,22 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local BasePlugin = require "kong.plugins.base_plugin" + + +local InvalidSchemaHandler = BasePlugin:extend() + + +InvalidSchemaHandler.PRIORITY = 1000 + + +function InvalidSchemaHandler:new() + InvalidSchemaHandler.super.new(self, "invalid-schema") +end + + +return InvalidSchemaHandler diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/invalid-schema/schema.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/invalid-schema/schema.lua new file mode 100644 index 00000000..6cd01036 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/invalid-schema/schema.lua @@ -0,0 +1,17 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +return { + name = "dummy", + fields = { + { config = { + type = "record", + fields = { + { foo = { type = "bar" }, }, + }, }, }, + }, +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/invalidations/handler.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/invalidations/handler.lua new file mode 100644 index 00000000..13153925 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/invalidations/handler.lua @@ -0,0 +1,32 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local kong = kong +local assert = assert + + +local counts = {} + + +local Invalidations = { + PRIORITY = 0 +} + + +function Invalidations:init_worker() + assert(kong.cluster_events:subscribe("invalidations", function(key) + counts[key] = (counts[key] or 0) + 1 + end)) +end + + +function Invalidations:access(_) + return kong.response.exit(200, counts) +end + + +return Invalidations diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/invalidations/schema.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/invalidations/schema.lua new file mode 100644 index 00000000..a0031ec6 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/invalidations/schema.lua @@ -0,0 +1,34 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local typedefs = require "kong.db.schema.typedefs" + + +return { + name = "invalidations", + fields = { + { + protocols = typedefs.protocols { + default = { + "http", + "https", + "tcp", + "tls", + "grpc", + "grpcs" + }, + }, + }, + { + config = { + type = "record", + fields = { + }, + }, + }, + }, +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/legacy-plugin-bad/handler.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/legacy-plugin-bad/handler.lua new file mode 100644 index 00000000..10026379 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/legacy-plugin-bad/handler.lua @@ -0,0 +1,9 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +return function() end + diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/legacy-plugin-bad/schema.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/legacy-plugin-bad/schema.lua new file mode 100644 index 00000000..e61a9d7d --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/legacy-plugin-bad/schema.lua @@ -0,0 +1,28 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +-- regression test from #4392 + +return { + no_consumer = true, + fields = { + foo = { + -- an underspecified table with no 'schema' will default + -- to a map of string to string + type = "table", + required = false, + -- this default will not match that default + default = { + foo = 123, + bar = "bla", + } + } + }, + self_check = function() + return true + end +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/legacy-plugin-good/handler.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/legacy-plugin-good/handler.lua new file mode 100644 index 00000000..24034423 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/legacy-plugin-good/handler.lua @@ -0,0 +1,22 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local BasePlugin = require "kong.plugins.base_plugin" + + +local LegacyPluginGoodHandler = BasePlugin:extend() + + +LegacyPluginGoodHandler.PRIORITY = 1000 + + +function LegacyPluginGoodHandler:new() + LegacyPluginGoodHandler.super.new(self, "legacy-plugin-good") +end + + +return LegacyPluginGoodHandler diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/legacy-plugin-good/schema.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/legacy-plugin-good/schema.lua new file mode 100644 index 00000000..db367cae --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/legacy-plugin-good/schema.lua @@ -0,0 +1,26 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +return { + no_consumer = true, + fields = { + foo = { + -- an underspecified table with no 'schema' will default + -- to a map of string to string + type = "table", + required = false, + -- this default will match that + default = { + foo = "boo", + bar = "bla", + } + } + }, + self_check = function() + return true + end +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/logger-last/handler.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/logger-last/handler.lua new file mode 100644 index 00000000..3d3cc36a --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/logger-last/handler.lua @@ -0,0 +1,33 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local BasePlugin = require "kong.plugins.base_plugin" +local LoggerHandler = require "spec.fixtures.custom_plugins.kong.plugins.logger.handler" + +local LoggerLastHandler = BasePlugin:extend() + + +LoggerLastHandler.PRIORITY = 0 + + +function LoggerLastHandler:new() + LoggerLastHandler.super.new(self, "logger-last") +end + + +LoggerLastHandler.init_worker = LoggerHandler.init_worker +LoggerLastHandler.certificate = LoggerHandler.certificate +LoggerLastHandler.preread = LoggerHandler.preread +LoggerLastHandler.rewrite = LoggerHandler.rewrite +LoggerLastHandler.access = LoggerHandler.access +LoggerLastHandler.header_filter = LoggerHandler.header_filter +LoggerLastHandler.body_filter = LoggerHandler.body_filter +LoggerLastHandler.log = LoggerHandler.log + + +return LoggerLastHandler + diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/logger-last/schema.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/logger-last/schema.lua new file mode 100644 index 00000000..7a6c9f75 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/logger-last/schema.lua @@ -0,0 +1,8 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +return require "spec.fixtures.custom_plugins.kong.plugins.logger.schema" diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/logger/handler.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/logger/handler.lua new file mode 100644 index 00000000..e2254c8c --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/logger/handler.lua @@ -0,0 +1,78 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local BasePlugin = require "kong.plugins.base_plugin" + + +local LoggerHandler = BasePlugin:extend() + + +LoggerHandler.PRIORITY = 1000 + + +function LoggerHandler:new() + LoggerHandler.super.new(self, "logger") +end + + +function LoggerHandler:init_worker(conf) + LoggerHandler.super.init_worker(self) + + kong.log("init_worker phase") +end + + +function LoggerHandler:certificate(conf) + LoggerHandler.super.certificate(self) + + kong.log("certificate phase") +end + + +function LoggerHandler:preread(conf) + LoggerHandler.super.preread(self) + + kong.log("preread phase") +end + + +function LoggerHandler:rewrite(conf) + LoggerHandler.super.rewrite(self) + + kong.log("rewrite phase") +end + + +function LoggerHandler:access(conf) + LoggerHandler.super.access(self) + + kong.log("access phase") +end + + +function LoggerHandler:header_filter(conf) + LoggerHandler.super.header_filter(self) + + kong.log("header_filter phase") +end + + +function LoggerHandler:body_filter(conf) + LoggerHandler.super.body_filter(self) + + kong.log("body_filter phase") +end + + +function LoggerHandler:log(conf) + LoggerHandler.super.log(self) + + kong.log("log phase") +end + + +return LoggerHandler diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/logger/schema.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/logger/schema.lua new file mode 100644 index 00000000..94fb05dc --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/logger/schema.lua @@ -0,0 +1,24 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local typedefs = require "kong.db.schema.typedefs" + +return { + name = "ctx-tests", + fields = { + { + protocols = typedefs.protocols { default = { "http", "https", "tcp", "tls", "grpc", "grpcs" } }, + }, + { + config = { + type = "record", + fields = { + }, + }, + }, + }, +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/plugin-with-custom-dao/custom_dao.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/plugin-with-custom-dao/custom_dao.lua new file mode 100644 index 00000000..b19c85c7 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/plugin-with-custom-dao/custom_dao.lua @@ -0,0 +1,16 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local CustomDAO = {} + + +function CustomDAO:custom_method() + return self.strategy:custom_method() +end + + +return CustomDAO diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/plugin-with-custom-dao/daos.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/plugin-with-custom-dao/daos.lua new file mode 100644 index 00000000..ac1e3fd7 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/plugin-with-custom-dao/daos.lua @@ -0,0 +1,19 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local typedefs = require "kong.db.schema.typedefs" + +return { + custom_dao = { + dao = "kong.plugins.plugin-with-custom-dao.custom_dao", + name = "custom_dao", + primary_key = { "id" }, + fields = { + { id = typedefs.uuid }, + }, + }, +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/plugin-with-custom-dao/handler.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/plugin-with-custom-dao/handler.lua new file mode 100644 index 00000000..36fac6cc --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/plugin-with-custom-dao/handler.lua @@ -0,0 +1,22 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local BasePlugin = require "kong.plugins.base_plugin" + + +local MyHandler = BasePlugin:extend() + + +MyHandler.PRIORITY = 1000 + + +function MyHandler:new() + MyHandler.super.new(self, "plugin-with-custom-dao") +end + + +return MyHandler diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/plugin-with-custom-dao/schema.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/plugin-with-custom-dao/schema.lua new file mode 100644 index 00000000..d9ec7509 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/plugin-with-custom-dao/schema.lua @@ -0,0 +1,16 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +return { + name = "plugin-with-custom-dao", + fields = { + { config = { + type = "record", + fields = {} + } } + } +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/plugin-with-custom-dao/strategies/cassandra/custom_dao.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/plugin-with-custom-dao/strategies/cassandra/custom_dao.lua new file mode 100644 index 00000000..028df916 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/plugin-with-custom-dao/strategies/cassandra/custom_dao.lua @@ -0,0 +1,14 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local CustomDAO = {} + +function CustomDAO:custom_method() + return "I was implemented for cassandra" +end + +return CustomDAO diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/plugin-with-custom-dao/strategies/postgres/custom_dao.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/plugin-with-custom-dao/strategies/postgres/custom_dao.lua new file mode 100644 index 00000000..e890eb7a --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/plugin-with-custom-dao/strategies/postgres/custom_dao.lua @@ -0,0 +1,14 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local CustomDAO = {} + +function CustomDAO:custom_method() + return "I was implemented for postgres" +end + +return CustomDAO diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/reports-api/api.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/reports-api/api.lua new file mode 100644 index 00000000..6d01be65 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/reports-api/api.lua @@ -0,0 +1,26 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local reports = require "kong.reports" +local constants = require "kong.constants" + + +return { + ["/reports/send-ping"] = { + POST = function(self) + -- if a port was passed, patch it in constants.REPORTS so + -- that tests can change the default reports port + if self.params.port then + constants.REPORTS.STATS_TLS_PORT = self.params.port + end + + reports._sync_counter() + reports.send_ping() + kong.response.exit(200, { message = "ok" }) + end, + }, +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/reports-api/handler.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/reports-api/handler.lua new file mode 100644 index 00000000..5a9b307f --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/reports-api/handler.lua @@ -0,0 +1,21 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local ReportsApiHandler = { + PRIORITY = 1000 +} + +function ReportsApiHandler:preread() + local reports = require "kong.reports" + reports._sync_counter() + reports.send_ping() + ngx.print("ok") + ngx.exit(200) +end + + +return ReportsApiHandler diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/reports-api/schema.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/reports-api/schema.lua new file mode 100644 index 00000000..6b02f605 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/reports-api/schema.lua @@ -0,0 +1,19 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +return { + name = "reports-api", + fields = { + { + config = { + type = "record", + fields = { + } + } + } + } +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/rewriter/handler.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/rewriter/handler.lua new file mode 100644 index 00000000..0be0969f --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/rewriter/handler.lua @@ -0,0 +1,26 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +-- a plugin fixture to test running of the rewrite phase handler. + +local BasePlugin = require "kong.plugins.base_plugin" + +local Rewriter = BasePlugin:extend() + +Rewriter.PRIORITY = 1000 + +function Rewriter:new() + Rewriter.super.new(self, "rewriter") +end + +function Rewriter:rewrite(conf) + Rewriter.super.access(self) + + ngx.req.set_header("rewriter", conf.value) +end + +return Rewriter diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/rewriter/schema.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/rewriter/schema.lua new file mode 100644 index 00000000..d8d60399 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/rewriter/schema.lua @@ -0,0 +1,19 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +return { + name = "rewriter", + fields = { + { config = { + type = "record", + fields = { + { value = { type = "string" }, }, + { extra = { type = "string", default = "extra" }, }, + }, + }, }, + } +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/short-circuit/handler.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/short-circuit/handler.lua new file mode 100644 index 00000000..a623f5df --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/short-circuit/handler.lua @@ -0,0 +1,65 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local BasePlugin = require "kong.plugins.base_plugin" +local cjson = require "cjson" + + +local kong = kong +local req = ngx.req +local exit = ngx.exit +local error = error +local tostring = tostring +local init_worker_called = false + + +local ShortCircuitHandler = BasePlugin:extend() + + +ShortCircuitHandler.PRIORITY = math.huge + + +function ShortCircuitHandler:new() + ShortCircuitHandler.super.new(self, "short-circuit") +end + + +function ShortCircuitHandler:init_worker() + init_worker_called = true +end + + +function ShortCircuitHandler:access(conf) + ShortCircuitHandler.super.access(self) + return kong.response.exit(conf.status, { + status = conf.status, + message = conf.message + }, { + ["Kong-Init-Worker-Called"] = tostring(init_worker_called), + }) +end + + +function ShortCircuitHandler:preread(conf) + ShortCircuitHandler.super.preread(self) + + local tcpsock, err = req.socket(true) + if err then + error(err) + end + + tcpsock:send(cjson.encode({ + status = conf.status, + message = conf.message + })) + + -- TODO: this should really support delayed short-circuiting! + return exit(conf.status) +end + + +return ShortCircuitHandler diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/short-circuit/schema.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/short-circuit/schema.lua new file mode 100644 index 00000000..a73f059f --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/short-circuit/schema.lua @@ -0,0 +1,27 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local typedefs = require "kong.db.schema.typedefs" + + +return { + name = "short-circuit", + fields = { + { + protocols = typedefs.protocols { default = {"http", "https", "tcp", "tls"} } + }, + { + config = { + type = "record", + fields = { + { status = { type = "integer", default = 503 }, }, + { message = { type = "string", default = "short-circuited" }, }, + }, + }, + }, + }, +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/slow-query/api.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/slow-query/api.lua new file mode 100644 index 00000000..33645be2 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/slow-query/api.lua @@ -0,0 +1,30 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +return { + ["/slow-resource"] = { + GET = function(self) + if self.params.prime then + ngx.timer.at(0, function() + local _, err = kong.db.connector:query("SELECT pg_sleep(1)") + if err then + ngx.log(ngx.ERR, err) + end + end) + + return kong.response.exit(204) + end + + local _, err = kong.db.connector:query("SELECT pg_sleep(1)") + if err then + return kong.response.exit(500, { error = err }) + end + + return kong.response.exit(204) + end, + }, +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/slow-query/handler.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/slow-query/handler.lua new file mode 100644 index 00000000..1dff4b24 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/slow-query/handler.lua @@ -0,0 +1,22 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local BasePlugin = require "kong.plugins.base_plugin" + + +local SlowQueryHandler = BasePlugin:extend() + + +SlowQueryHandler.PRIORITY = 1000 + + +function SlowQueryHandler:new() + SlowQueryHandler.super.new(self, "slow-query") +end + + +return SlowQueryHandler diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/slow-query/schema.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/slow-query/schema.lua new file mode 100644 index 00000000..b18bb9dc --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/slow-query/schema.lua @@ -0,0 +1,12 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +return { + fields = { + something = { type = "string" } + } +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/stream-api-echo/api.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/stream-api-echo/api.lua new file mode 100644 index 00000000..70549007 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/stream-api-echo/api.lua @@ -0,0 +1,14 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + + + +return { + _stream = function(data) + return "back: " .. data + end, +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/stream-api-echo/handler.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/stream-api-echo/handler.lua new file mode 100644 index 00000000..b725b482 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/stream-api-echo/handler.lua @@ -0,0 +1,11 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + + +return { + PRIORITY = 1000, +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/stream-api-echo/schema.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/stream-api-echo/schema.lua new file mode 100644 index 00000000..fd470737 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/stream-api-echo/schema.lua @@ -0,0 +1,11 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + + +return { + fields = {} +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/transformations/daos.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/transformations/daos.lua new file mode 100644 index 00000000..f97f1ad3 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/transformations/daos.lua @@ -0,0 +1,58 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local typedefs = require "kong.db.schema.typedefs" + + +return { + { + name = "transformations", + primary_key = { "id" }, + endpoint_key = "name", + fields = { + { id = typedefs.uuid }, + { name = { type = "string" }, }, + { secret = { type = "string", required = false, auto = true }, }, + { hash_secret = { type = "boolean", required = true, default = false }, }, + { meta = { type = "string", required = false, referenceable = true }, }, + }, + transformations = { + { + input = { "hash_secret" }, + needs = { "secret" }, + on_write = function(hash_secret, client_secret) + if not hash_secret then + return {} + end + local hash = assert(ngx.md5(client_secret)) + return { + secret = hash, + } + end, + }, + { + input = { "meta" }, + on_write = function(meta) + if not meta or meta == ngx.null then + return {} + end + return { + meta = string.reverse(meta), + } + end, + on_read = function(meta) + if not meta or meta == ngx.null then + return {} + end + return { + meta = string.reverse(meta), + } + end, + }, + }, + }, +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/transformations/handler.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/transformations/handler.lua new file mode 100644 index 00000000..77b3600f --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/transformations/handler.lua @@ -0,0 +1,10 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +return { + PRIORITY = 1 +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/transformations/migrations/000_base_transformations.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/transformations/migrations/000_base_transformations.lua new file mode 100644 index 00000000..8cff8925 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/transformations/migrations/000_base_transformations.lua @@ -0,0 +1,32 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +return { + postgres = { + up = [[ + CREATE TABLE IF NOT EXISTS "transformations" ( + "id" UUID PRIMARY KEY, + "name" TEXT, + "secret" TEXT, + "hash_secret" BOOLEAN, + "meta" TEXT + ); + ]], + }, + + cassandra = { + up = [[ + CREATE TABLE IF NOT EXISTS transformations ( + id uuid PRIMARY KEY, + name text, + secret text, + hash_secret boolean, + meta text + ); + ]], + }, +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/transformations/migrations/init.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/transformations/migrations/init.lua new file mode 100644 index 00000000..568e1bbc --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/transformations/migrations/init.lua @@ -0,0 +1,10 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +return { + "000_base_transformations", +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/transformations/schema.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/transformations/schema.lua new file mode 100644 index 00000000..96a8a9f9 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/transformations/schema.lua @@ -0,0 +1,19 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +return { + name = "transformations", + fields = { + { + config = { + type = "record", + fields = { + } + } + } + } +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/unique-foreign/daos.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/unique-foreign/daos.lua new file mode 100644 index 00000000..3b763568 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/unique-foreign/daos.lua @@ -0,0 +1,31 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local typedefs = require "kong.db.schema.typedefs" + + +return { + { + name = "unique_foreigns", + primary_key = { "id" }, + admin_api_name = "unique-foreigns", + fields = { + { id = typedefs.uuid }, + { name = { type = "string" }, }, + }, + }, + { + name = "unique_references", + primary_key = { "id" }, + admin_api_name = "unique-references", + fields = { + { id = typedefs.uuid }, + { note = { type = "string" }, }, + { unique_foreign = { type = "foreign", reference = "unique_foreigns", on_delete = "cascade", unique = true }, }, + }, + }, +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/unique-foreign/handler.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/unique-foreign/handler.lua new file mode 100644 index 00000000..77b3600f --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/unique-foreign/handler.lua @@ -0,0 +1,10 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +return { + PRIORITY = 1 +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/unique-foreign/migrations/000_base_unique_foreign.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/unique-foreign/migrations/000_base_unique_foreign.lua new file mode 100644 index 00000000..fec1191f --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/unique-foreign/migrations/000_base_unique_foreign.lua @@ -0,0 +1,40 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +return { + postgres = { + up = [[ + CREATE TABLE IF NOT EXISTS "unique_foreigns" ( + "id" UUID PRIMARY KEY, + "name" TEXT + ); + + CREATE TABLE IF NOT EXISTS "unique_references" ( + "id" UUID PRIMARY KEY, + "note" TEXT, + "unique_foreign_id" UUID UNIQUE REFERENCES "unique_foreigns" ("id") ON DELETE CASCADE + ); + ]], + }, + + cassandra = { + up = [[ + CREATE TABLE IF NOT EXISTS unique_foreigns ( + id uuid PRIMARY KEY, + name text + ); + + CREATE TABLE IF NOT EXISTS unique_references ( + id uuid PRIMARY KEY, + note text, + unique_foreign_id uuid + ); + + CREATE INDEX IF NOT EXISTS ON unique_references(unique_foreign_id); + ]], + }, +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/unique-foreign/migrations/init.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/unique-foreign/migrations/init.lua new file mode 100644 index 00000000..9dc9bec5 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/unique-foreign/migrations/init.lua @@ -0,0 +1,10 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +return { + "000_base_unique_foreign", +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/unique-foreign/schema.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/unique-foreign/schema.lua new file mode 100644 index 00000000..17625d58 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/unique-foreign/schema.lua @@ -0,0 +1,19 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +return { + name = "unique-foreign", + fields = { + { + config = { + type = "record", + fields = { + } + } + } + } +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/with-migrations/daos.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/with-migrations/daos.lua new file mode 100644 index 00000000..27c62132 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/with-migrations/daos.lua @@ -0,0 +1,17 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +return { + foos = { + name = "foos", + primary_key = { "color" }, + fields = { + { color = "string" }, + { shape = "string" }, + }, + }, +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/with-migrations/handler.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/with-migrations/handler.lua new file mode 100644 index 00000000..4210c3ec --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/with-migrations/handler.lua @@ -0,0 +1,22 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local BasePlugin = require "kong.plugins.base_plugin" + + +local WithMigrationHandler = BasePlugin:extend() + + +WithMigrationHandler.PRIORITY = 1000 + + +function WithMigrationHandler:new() + WithMigrationHandler.super.new(self, "with-migration") +end + + +return WithMigrationHandler diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/with-migrations/migrations/000_base_with_migrations.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/with-migrations/migrations/000_base_with_migrations.lua new file mode 100644 index 00000000..dd669b03 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/with-migrations/migrations/000_base_with_migrations.lua @@ -0,0 +1,40 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +return { + postgres = { + up = [[ + CREATE TABLE IF NOT EXISTS "foos" ( + "color" TEXT PRIMARY KEY + ); + + INSERT INTO foos (color) values ('red'); + ]], + }, + + cassandra = { + up = [[ + CREATE TABLE IF NOT EXISTS foos ( + color text PRIMARY KEY + ); + + INSERT INTO foos(color) values('red'); + ]], + up_f = function(connector) + local coordinator = assert(connector:get_stored_connection()) + local _, err = coordinator:execute([[ + INSERT INTO foos(color) values('green'); + ]]) + + if err then + return nil, err + end + + return true + end, + }, +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/with-migrations/migrations/001_14_to_15.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/with-migrations/migrations/001_14_to_15.lua new file mode 100644 index 00000000..c4816f24 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/with-migrations/migrations/001_14_to_15.lua @@ -0,0 +1,109 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +return { + postgres = { + up = [[ + DO $$ + BEGIN + ALTER TABLE IF EXISTS ONLY "foos" ADD "shape" TEXT UNIQUE; + EXCEPTION WHEN DUPLICATE_COLUMN THEN + -- Do nothing, accept existing state + END; + $$; + ]], + + teardown = function(connector, _) + -- update shape in all foos + for row, err in connector:iterate('SELECT * FROM "foos";') do + if err then + return nil, err + end + + local shape = "triangle" + local sql = string.format([[ + UPDATE "foos" SET "shape" = '%s' WHERE "color" = '%s'; + ]], shape, row.color) + assert(connector:query(sql)) + end + + + -- check insertion and update + local count = 0 + for row, err in connector:iterate('SELECT * FROM "foos";') do + if err then + return nil, err + end + + count = count + 1 + assert(row.color == "red", "Wrong color: " .. tostring(row.color)) + assert(row.shape == "triangle", "Wrong shape: " .. tostring(row.shape)) + end + + assert(count == 1, "Expected 1 foo, found " .. tostring(count)) + + return true + end, + }, + + cassandra = { + up = [[ + ALTER TABLE foos ADD shape text; + CREATE INDEX IF NOT EXISTS foos_shape_idx ON foos(shape); + ]], + up_f = function(connector) + local coordinator = assert(connector:get_stored_connection()) + local _, err = coordinator:execute([[ + INSERT INTO foos(color) values('blue'); + ]]) + + if err then + return nil, err + end + + return true + end, + + teardown = function(connector, _) + local coordinator = assert(connector:get_stored_connection()) + -- Update: assing shape=triangle to all foos + for rows, err in coordinator:iterate("SELECT * FROM foos") do + if err then + return nil, err + end + + for _, row in ipairs(rows) do + local shape = "triangle" + local cql = string.format([[ + UPDATE foos SET shape = '%s' WHERE color = '%s' + ]], shape, row.color) + assert(coordinator:execute(cql)) + end + end + + -- final check of insertions/updates + local count = 0 + for rows, err in coordinator:iterate("SELECT * FROM foos") do + if err then + return nil, err + end + + for _, row in ipairs(rows) do + count = count + 1 + assert(row.shape == "triangle", "Wrong shape: " .. tostring(row.shape)) + local c = row.color + assert( + c == "red" or c == "green" or c == "blue", + "Wrong color: " .. tostring(c)) + end + end + assert(count == 3, "Expected 3 foos, found " .. tostring(count)) + + return true + end, + }, +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/with-migrations/migrations/init.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/with-migrations/migrations/init.lua new file mode 100644 index 00000000..20767fcc --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/with-migrations/migrations/init.lua @@ -0,0 +1,11 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +return { + "000_base_with_migrations", + "001_14_to_15", +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/with-migrations/schema.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/with-migrations/schema.lua new file mode 100644 index 00000000..b18bb9dc --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/with-migrations/schema.lua @@ -0,0 +1,12 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +return { + fields = { + something = { type = "string" } + } +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/worker-events/handler.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/worker-events/handler.lua new file mode 100644 index 00000000..615e9c2f --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/worker-events/handler.lua @@ -0,0 +1,71 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local semaphore = require "ngx.semaphore" +local cjson = require "cjson" + + +local ngx = ngx +local kong = kong +local table = table + + +local worker_events = {} +local sema + + +local function load_data() + local ok, err = sema:wait(5) + if ok then + local data = table.remove(worker_events, 1) + if data then + return data + end + + return { + error = "worker event data not found" + } + end + + return { + error = err + } +end + + +local WorkerEventsHandler = { + PRIORITY = 500, +} + + +function WorkerEventsHandler.init_worker() + sema = semaphore.new() + kong.worker_events.register(function(data) + worker_events[#worker_events+1] = { + operation = data.operation, + entity = data.entity, + old_entity = data.old_entity, + } + sema:post() + end, "dao:crud") +end + + +function WorkerEventsHandler:preread() + local data = load_data() + local json = cjson.encode(data) + ngx.print(json) + return ngx.exit(200) +end + + +function WorkerEventsHandler:access() + return kong.response.exit(200, load_data()) +end + + +return WorkerEventsHandler diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/worker-events/schema.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/worker-events/schema.lua new file mode 100644 index 00000000..def78eff --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_plugins/kong/plugins/worker-events/schema.lua @@ -0,0 +1,24 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local typedefs = require "kong.db.schema.typedefs" + +return { + name = "worker-events", + fields = { + { + protocols = typedefs.protocols { default = { "http", "https", "tcp", "tls", "grpc", "grpcs" } }, + }, + { + config = { + type = "record", + fields = { + }, + }, + }, + }, +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_vaults/kong/vaults/mock/init.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_vaults/kong/vaults/mock/init.lua new file mode 100644 index 00000000..1b806a8c --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_vaults/kong/vaults/mock/init.lua @@ -0,0 +1,44 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local env = require "kong.vaults.env" +local http = require "resty.http" + + +local assert = assert +local getenv = os.getenv + + +local function init() + env.init() + assert(getenv("KONG_PROCESS_SECRETS") == nil, "KONG_PROCESS_SECRETS environment variable found") + assert(env.get({}, "KONG_PROCESS_SECRETS") == nil, "KONG_PROCESS_SECRETS environment variable found") +end + + +local function get(conf, resource, version) + local client, err = http.new() + if not client then + return nil, err + end + + client:set_timeouts(20000, 20000, 20000) + assert(client:request_uri("http://mockbin.org/headers", { + headers = { + Accept = "application/json", + }, + })) + + return env.get(conf, resource, version) +end + + +return { + VERSION = "1.0.0", + init = init, + get = get, +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/custom_vaults/kong/vaults/mock/schema.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_vaults/kong/vaults/mock/schema.lua new file mode 100644 index 00000000..d54bf0e0 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/custom_vaults/kong/vaults/mock/schema.lua @@ -0,0 +1,20 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +return { + name = "mock", + fields = { + { + config = { + type = "record", + fields = { + { prefix = { type = "string", match = [[^[%a_][%a%d_]*$]] } }, + }, + }, + }, + }, +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/dc_blueprints.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/dc_blueprints.lua new file mode 100644 index 00000000..b563f2f0 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/dc_blueprints.lua @@ -0,0 +1,102 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local blueprints = require "spec.fixtures.blueprints" +local tablex = require "pl.tablex" + + +local dc_blueprints = {} + + +local null = ngx.null + + +local function reset() + return { + _format_version = "1.1" + } +end + + +local function remove_nulls(tbl) + for k,v in pairs(tbl) do + if v == null then + tbl[k] = nil + elseif type(v) == "table" then + tbl[k] = remove_nulls(v) + end + end + return tbl +end + + +function dc_blueprints.new(db) + local dc_as_db = {} + + local save_dc + local dc = reset() + + for name, _ in pairs(db.daos) do + dc_as_db[name] = { + insert = function(_, tbl) + tbl = tablex.deepcopy(tbl) + if not dc[name] then + dc[name] = {} + end + local schema = db.daos[name].schema + tbl = schema:process_auto_fields(tbl, "insert") + for fname, field in schema:each_field() do + if field.type == "foreign" then + tbl[fname] = type(tbl[fname]) == "table" + and tbl[fname].id + or nil + end + end + table.insert(dc[name], remove_nulls(tbl)) + return tablex.deepcopy(tbl) + end, + update = function(_, id, tbl) + if not dc[name] then + return nil, "not found" + end + tbl = tablex.deepcopy(tbl) + local element + for _, e in ipairs(dc[name]) do + if e.id == id then + element = e + break + end + end + if not element then + return nil, "not found" + end + for k,v in pairs(tbl) do + element[k] = v + end + return element + end + } + end + + local bp = blueprints.new(dc_as_db) + + bp.done = function() + local ret = dc + save_dc = dc + dc = reset() + return ret + end + + bp.reset_back = function() + dc = save_dc + end + + return bp +end + + +return dc_blueprints diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/deprecated_custom_plugin.conf b/kong-versions/2.8.4.3/kong/spec/fixtures/deprecated_custom_plugin.conf new file mode 100644 index 00000000..85ded0fa --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/deprecated_custom_plugin.conf @@ -0,0 +1,6 @@ +admin_listen = 127.0.0.1:9001 +proxy_listen = 0.0.0.0:9000 +prefix = servroot +custom_plugins = ctx-checker +pg_database = kong_tests +cassandra_keyspace = kong_tests diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/forward-proxy-server.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/forward-proxy-server.lua new file mode 100644 index 00000000..5f2f6ce4 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/forward-proxy-server.lua @@ -0,0 +1,127 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local _M = {} + +local split = require("kong.tools.utils").split + +local header_mt = { + __index = function(self, name) + name = name:lower():gsub("_", "-") + return rawget(self, name) + end, + + __newindex = function(self, name, value) + name = name:lower():gsub("_", "-") + rawset(self, name, value) + end, +} + +local function new_headers() + return setmetatable({}, header_mt) +end + +-- This is a very naive forward proxy, which accepts a CONNECT over HTTP, and +-- then starts tunnelling the bytes blind (for end-to-end SSL). +function _M.connect(opts) + local req_sock = ngx.req.socket(true) + req_sock:settimeouts(1000, 1000, 1000) + + -- receive request line + local req_line = req_sock:receive() + ngx.log(ngx.DEBUG, "request line: ", req_line) + + local method, host_port = unpack(split(req_line, " ")) + if method ~= "CONNECT" then + return ngx.exit(400) + end + + local upstream_host, upstream_port = unpack(split(host_port, ":")) + + local headers = new_headers() + + -- receive headers + repeat + local line = req_sock:receive("*l") + local name, value = line:match("^([^:]+):%s*(.+)$") + if name and value then + ngx.log(ngx.DEBUG, "header: ", name, " => ", value) + headers[name] = value + end + until ngx.re.find(line, "^\\s*$", "jo") + + + local basic_auth = opts and opts.basic_auth + if basic_auth then + ngx.log(ngx.DEBUG, "checking proxy-authorization...") + + local found = headers["proxy-authorization"] + if not found then + ngx.log(ngx.NOTICE, "client did not send proxy-authorization header") + ngx.print("HTTP/1.1 401 Unauthorized\r\n\r\n") + return ngx.exit(ngx.OK) + end + + local auth = ngx.re.gsub(found, [[^Basic\s*]], "", "oji") + + if auth ~= basic_auth then + ngx.log(ngx.NOTICE, "client sent incorrect proxy-authorization") + ngx.print("HTTP/1.1 403 Forbidden\r\n\r\n") + return ngx.exit(ngx.OK) + end + + ngx.log(ngx.DEBUG, "accepted basic proxy-authorization") + end + + + -- Connect to requested upstream + local upstream_sock = ngx.socket.tcp() + upstream_sock:settimeouts(1000, 1000, 1000) + local ok, err = upstream_sock:connect(upstream_host, upstream_port) + if not ok then + ngx.log(ngx.ERR, "connect to upstream ", upstream_host, ":", upstream_port, + " failed: ", err) + return ngx.exit(504) + end + + -- Tell the client we are good to go + ngx.print("HTTP/1.1 200 OK\n\n") + ngx.flush() + + -- 10Kb in either direction should be plenty + local max_bytes = 10 * 1024 + + repeat + local req_data = req_sock:receiveany(max_bytes) + if req_data then + ngx.log(ngx.DEBUG, "client RCV ", #req_data, " bytes") + + local bytes, err = upstream_sock:send(req_data) + if bytes then + ngx.log(ngx.DEBUG, "upstream SND ", bytes, " bytes") + elseif err then + ngx.log(ngx.ERR, "upstream SND failed: ", err) + end + end + + local res_data = upstream_sock:receiveany(max_bytes) + if res_data then + ngx.log(ngx.DEBUG, "upstream RCV ", #res_data, " bytes") + + local bytes, err = req_sock:send(res_data) + if bytes then + ngx.log(ngx.DEBUG, "client SND: ", bytes, " bytes") + elseif err then + ngx.log(ngx.ERR, "client SND failed: ", err) + end + end + until not req_data and not res_data -- request socket should be closed + + upstream_sock:close() +end + +return _M diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/go/go-hello.go b/kong-versions/2.8.4.3/kong/spec/fixtures/go/go-hello.go new file mode 100644 index 00000000..f55099a1 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/go/go-hello.go @@ -0,0 +1,79 @@ +/* +A "hello world" plugin in Go, +which reads a request header and sets a response header. +*/ +package main + +import ( + "fmt" + "github.com/Kong/go-pdk" + "github.com/Kong/go-pdk/server" +) + +type Config struct { + Message string +} + +func New() interface{} { + return &Config{} +} + +func main() { + server.StartServer(New, "0.1", 1) +} + +func (conf Config) Access(kong *pdk.PDK) { + host, err := kong.Request.GetHeader("host") + if err != nil { + kong.Log.Err(err.Error()) + } + message := conf.Message + if message == "" { + message = "hello" + } + kong.Response.SetHeader("x-hello-from-go", fmt.Sprintf("Go says %s to %s", message, host)) + kong.Ctx.SetShared("shared_msg", message) +} + +func (conf Config) Log(kong *pdk.PDK) { + access_start, err := kong.Nginx.GetCtxFloat("KONG_ACCESS_START") + if err != nil { + kong.Log.Err(err.Error()) + } + kong.Log.Debug("access_start: ", access_start) + + header_value, err := kong.Request.GetHeader("X-Loose-Data") + if err != nil { + kong.Log.Err(err.Error()) + } + kong.Log.Debug("request_header: ", header_value) + + header_value, err = kong.Response.GetHeader("X-Powered-By") + if err != nil { + kong.Log.Err(err.Error()) + } + kong.Log.Debug("response_header: ", header_value) + + shared_msg, err := kong.Ctx.GetSharedString("shared_msg") + if err != nil { + kong.Log.Err(err.Error()) + } + + kong.Log.Debug("shared_msg: ", shared_msg) + + serialized, err := kong.Log.Serialize() + if err != nil { + kong.Log.Err(err.Error()) + } + + kong.Log.Debug("serialized:", serialized) +} + +func (conf Config) Response(kong *pdk.PDK) { + srvr, err := kong.ServiceResponse.GetHeader("Server") + if err != nil { + kong.Log.Err(err.Error()) + } + + kong.Response.SetHeader("x-hello-from-go-at-response", fmt.Sprintf("got from server '%s'", srvr)) +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/go/go.mod b/kong-versions/2.8.4.3/kong/spec/fixtures/go/go.mod new file mode 100644 index 00000000..def3ac47 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/go/go.mod @@ -0,0 +1,5 @@ +module go-plugins + +go 1.13 + +require github.com/Kong/go-pdk v0.7.1 diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/go/go.sum b/kong-versions/2.8.4.3/kong/spec/fixtures/go/go.sum new file mode 100644 index 00000000..382f9ec5 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/go/go.sum @@ -0,0 +1,84 @@ +cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= +github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/Kong/go-pdk v0.7.1 h1:DWpmvuafH/35xws0VsXPyiGVtQmUuICnok9Hqolgdgg= +github.com/Kong/go-pdk v0.7.1/go.mod h1:48+yltNveiFYTo6/I1AnmGn3m8goSQbtkfamH1zkwhw= +github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= +github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= +github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8= +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= +github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= +github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= +github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= +github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= +github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= +github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= +github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= +github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= +github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= +github.com/golang/protobuf v1.4.3 h1:JjCZWpVbqXDqFVmTfYWEVTMIYrL/NPdPSCHPJ0T/raM= +github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= +github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= +github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= +github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= +github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.0 h1:/QaMHBdZ26BB3SSst0Iwl10Epc+xhTquomWX0oZEB6w= +github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/testify v1.5.1 h1:nOGnQDM7FYENwehXlg/kFVnos3rEvtKTjRvOWSzb6H4= +github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= +github.com/ugorji/go v1.2.1 h1:dz+JxTe7GZQdErTo7SREc1jQj/hFP1k7jyIAwODoW+k= +github.com/ugorji/go v1.2.1/go.mod h1:cSVypSfTLm2o9fKxXvQgn3rMmkPXovcWor6Qn5tbFmI= +github.com/ugorji/go/codec v1.2.1 h1:/TRfW3XKkvWvmAYyCUaQlhoCDGjcvNR8xVVA/l5p/jQ= +github.com/ugorji/go/codec v1.2.1/go.mod h1:s/WxCRi46t8rA+fowL40EnmD7ec0XhR7ZypxeBNdzsM= +golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= +golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= +golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= +golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= +golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= +golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= +golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543 h1:E7g+9GITq07hpfrRu66IVDexMakfv52eLZ2CXBWiKr4= +golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= +google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= +google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= +google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= +google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= +google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= +google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= +google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= +google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= +google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= +google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= +google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE= +google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo= +google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +google.golang.org/protobuf v1.25.0 h1:Ejskq+SyPohKW+1uil0JJMtmHCgJPJ/qWTxr8qp+R4c= +google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= +gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/direct_imports.proto b/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/direct_imports.proto new file mode 100644 index 00000000..1a4bb350 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/direct_imports.proto @@ -0,0 +1,7 @@ +syntax = "proto3"; + +import "helloworld.proto"; + +service Own { + rpc Open(hello.HelloRequest) returns (hello.HelloResponse); +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/google/api/annotations.proto b/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/google/api/annotations.proto new file mode 100644 index 00000000..85c361b4 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/google/api/annotations.proto @@ -0,0 +1,31 @@ +// Copyright (c) 2015, Google Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.api; + +import "google/api/http.proto"; +import "google/protobuf/descriptor.proto"; + +option go_package = "google.golang.org/genproto/googleapis/api/annotations;annotations"; +option java_multiple_files = true; +option java_outer_classname = "AnnotationsProto"; +option java_package = "com.google.api"; +option objc_class_prefix = "GAPI"; + +extend google.protobuf.MethodOptions { + // See `HttpRule`. + HttpRule http = 72295728; +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/google/api/http.proto b/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/google/api/http.proto new file mode 100644 index 00000000..2bd3a19b --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/google/api/http.proto @@ -0,0 +1,318 @@ +// Copyright 2018 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.api; + +option cc_enable_arenas = true; +option go_package = "google.golang.org/genproto/googleapis/api/annotations;annotations"; +option java_multiple_files = true; +option java_outer_classname = "HttpProto"; +option java_package = "com.google.api"; +option objc_class_prefix = "GAPI"; + + +// Defines the HTTP configuration for an API service. It contains a list of +// [HttpRule][google.api.HttpRule], each specifying the mapping of an RPC method +// to one or more HTTP REST API methods. +message Http { + // A list of HTTP configuration rules that apply to individual API methods. + // + // **NOTE:** All service configuration rules follow "last one wins" order. + repeated HttpRule rules = 1; + + // When set to true, URL path parmeters will be fully URI-decoded except in + // cases of single segment matches in reserved expansion, where "%2F" will be + // left encoded. + // + // The default behavior is to not decode RFC 6570 reserved characters in multi + // segment matches. + bool fully_decode_reserved_expansion = 2; +} + +// `HttpRule` defines the mapping of an RPC method to one or more HTTP +// REST API methods. The mapping specifies how different portions of the RPC +// request message are mapped to URL path, URL query parameters, and +// HTTP request body. The mapping is typically specified as an +// `google.api.http` annotation on the RPC method, +// see "google/api/annotations.proto" for details. +// +// The mapping consists of a field specifying the path template and +// method kind. The path template can refer to fields in the request +// message, as in the example below which describes a REST GET +// operation on a resource collection of messages: +// +// +// service Messaging { +// rpc GetMessage(GetMessageRequest) returns (Message) { +// option (google.api.http).get = "/v1/messages/{message_id}/{sub.subfield}"; +// } +// } +// message GetMessageRequest { +// message SubMessage { +// string subfield = 1; +// } +// string message_id = 1; // mapped to the URL +// SubMessage sub = 2; // `sub.subfield` is url-mapped +// } +// message Message { +// string text = 1; // content of the resource +// } +// +// The same http annotation can alternatively be expressed inside the +// `GRPC API Configuration` YAML file. +// +// http: +// rules: +// - selector: .Messaging.GetMessage +// get: /v1/messages/{message_id}/{sub.subfield} +// +// This definition enables an automatic, bidrectional mapping of HTTP +// JSON to RPC. Example: +// +// HTTP | RPC +// -----|----- +// `GET /v1/messages/123456/foo` | `GetMessage(message_id: "123456" sub: SubMessage(subfield: "foo"))` +// +// In general, not only fields but also field paths can be referenced +// from a path pattern. Fields mapped to the path pattern cannot be +// repeated and must have a primitive (non-message) type. +// +// Any fields in the request message which are not bound by the path +// pattern automatically become (optional) HTTP query +// parameters. Assume the following definition of the request message: +// +// +// service Messaging { +// rpc GetMessage(GetMessageRequest) returns (Message) { +// option (google.api.http).get = "/v1/messages/{message_id}"; +// } +// } +// message GetMessageRequest { +// message SubMessage { +// string subfield = 1; +// } +// string message_id = 1; // mapped to the URL +// int64 revision = 2; // becomes a parameter +// SubMessage sub = 3; // `sub.subfield` becomes a parameter +// } +// +// +// This enables a HTTP JSON to RPC mapping as below: +// +// HTTP | RPC +// -----|----- +// `GET /v1/messages/123456?revision=2&sub.subfield=foo` | `GetMessage(message_id: "123456" revision: 2 sub: SubMessage(subfield: "foo"))` +// +// Note that fields which are mapped to HTTP parameters must have a +// primitive type or a repeated primitive type. Message types are not +// allowed. In the case of a repeated type, the parameter can be +// repeated in the URL, as in `...?param=A¶m=B`. +// +// For HTTP method kinds which allow a request body, the `body` field +// specifies the mapping. Consider a REST update method on the +// message resource collection: +// +// +// service Messaging { +// rpc UpdateMessage(UpdateMessageRequest) returns (Message) { +// option (google.api.http) = { +// put: "/v1/messages/{message_id}" +// body: "message" +// }; +// } +// } +// message UpdateMessageRequest { +// string message_id = 1; // mapped to the URL +// Message message = 2; // mapped to the body +// } +// +// +// The following HTTP JSON to RPC mapping is enabled, where the +// representation of the JSON in the request body is determined by +// protos JSON encoding: +// +// HTTP | RPC +// -----|----- +// `PUT /v1/messages/123456 { "text": "Hi!" }` | `UpdateMessage(message_id: "123456" message { text: "Hi!" })` +// +// The special name `*` can be used in the body mapping to define that +// every field not bound by the path template should be mapped to the +// request body. This enables the following alternative definition of +// the update method: +// +// service Messaging { +// rpc UpdateMessage(Message) returns (Message) { +// option (google.api.http) = { +// put: "/v1/messages/{message_id}" +// body: "*" +// }; +// } +// } +// message Message { +// string message_id = 1; +// string text = 2; +// } +// +// +// The following HTTP JSON to RPC mapping is enabled: +// +// HTTP | RPC +// -----|----- +// `PUT /v1/messages/123456 { "text": "Hi!" }` | `UpdateMessage(message_id: "123456" text: "Hi!")` +// +// Note that when using `*` in the body mapping, it is not possible to +// have HTTP parameters, as all fields not bound by the path end in +// the body. This makes this option more rarely used in practice of +// defining REST APIs. The common usage of `*` is in custom methods +// which don't use the URL at all for transferring data. +// +// It is possible to define multiple HTTP methods for one RPC by using +// the `additional_bindings` option. Example: +// +// service Messaging { +// rpc GetMessage(GetMessageRequest) returns (Message) { +// option (google.api.http) = { +// get: "/v1/messages/{message_id}" +// additional_bindings { +// get: "/v1/users/{user_id}/messages/{message_id}" +// } +// }; +// } +// } +// message GetMessageRequest { +// string message_id = 1; +// string user_id = 2; +// } +// +// +// This enables the following two alternative HTTP JSON to RPC +// mappings: +// +// HTTP | RPC +// -----|----- +// `GET /v1/messages/123456` | `GetMessage(message_id: "123456")` +// `GET /v1/users/me/messages/123456` | `GetMessage(user_id: "me" message_id: "123456")` +// +// # Rules for HTTP mapping +// +// The rules for mapping HTTP path, query parameters, and body fields +// to the request message are as follows: +// +// 1. The `body` field specifies either `*` or a field path, or is +// omitted. If omitted, it indicates there is no HTTP request body. +// 2. Leaf fields (recursive expansion of nested messages in the +// request) can be classified into three types: +// (a) Matched in the URL template. +// (b) Covered by body (if body is `*`, everything except (a) fields; +// else everything under the body field) +// (c) All other fields. +// 3. URL query parameters found in the HTTP request are mapped to (c) fields. +// 4. Any body sent with an HTTP request can contain only (b) fields. +// +// The syntax of the path template is as follows: +// +// Template = "/" Segments [ Verb ] ; +// Segments = Segment { "/" Segment } ; +// Segment = "*" | "**" | LITERAL | Variable ; +// Variable = "{" FieldPath [ "=" Segments ] "}" ; +// FieldPath = IDENT { "." IDENT } ; +// Verb = ":" LITERAL ; +// +// The syntax `*` matches a single path segment. The syntax `**` matches zero +// or more path segments, which must be the last part of the path except the +// `Verb`. The syntax `LITERAL` matches literal text in the path. +// +// The syntax `Variable` matches part of the URL path as specified by its +// template. A variable template must not contain other variables. If a variable +// matches a single path segment, its template may be omitted, e.g. `{var}` +// is equivalent to `{var=*}`. +// +// If a variable contains exactly one path segment, such as `"{var}"` or +// `"{var=*}"`, when such a variable is expanded into a URL path, all characters +// except `[-_.~0-9a-zA-Z]` are percent-encoded. Such variables show up in the +// Discovery Document as `{var}`. +// +// If a variable contains one or more path segments, such as `"{var=foo/*}"` +// or `"{var=**}"`, when such a variable is expanded into a URL path, all +// characters except `[-_.~/0-9a-zA-Z]` are percent-encoded. Such variables +// show up in the Discovery Document as `{+var}`. +// +// NOTE: While the single segment variable matches the semantics of +// [RFC 6570](https://tools.ietf.org/html/rfc6570) Section 3.2.2 +// Simple String Expansion, the multi segment variable **does not** match +// RFC 6570 Reserved Expansion. The reason is that the Reserved Expansion +// does not expand special characters like `?` and `#`, which would lead +// to invalid URLs. +// +// NOTE: the field paths in variables and in the `body` must not refer to +// repeated fields or map fields. +message HttpRule { + // Selects methods to which this rule applies. + // + // Refer to [selector][google.api.DocumentationRule.selector] for syntax details. + string selector = 1; + + // Determines the URL pattern is matched by this rules. This pattern can be + // used with any of the {get|put|post|delete|patch} methods. A custom method + // can be defined using the 'custom' field. + oneof pattern { + // Used for listing and getting information about resources. + string get = 2; + + // Used for updating a resource. + string put = 3; + + // Used for creating a resource. + string post = 4; + + // Used for deleting a resource. + string delete = 5; + + // Used for updating a resource. + string patch = 6; + + // The custom pattern is used for specifying an HTTP method that is not + // included in the `pattern` field, such as HEAD, or "*" to leave the + // HTTP method unspecified for this rule. The wild-card rule is useful + // for services that provide content to Web (HTML) clients. + CustomHttpPattern custom = 8; + } + + // The name of the request field whose value is mapped to the HTTP body, or + // `*` for mapping all fields not captured by the path pattern to the HTTP + // body. NOTE: the referred field must not be a repeated field and must be + // present at the top-level of request message type. + string body = 7; + + // Optional. The name of the response field whose value is mapped to the HTTP + // body of response. Other response fields are ignored. When + // not set, the response message will be used as HTTP body of response. + string response_body = 12; + + // Additional HTTP bindings for the selector. Nested bindings must + // not contain an `additional_bindings` field themselves (that is, + // the nesting may only be one level deep). + repeated HttpRule additional_bindings = 11; +} + +// A custom pattern is used for defining custom HTTP verb. +message CustomHttpPattern { + // The name of this custom HTTP verb. + string kind = 1; + + // The path matched by this custom verb. + string path = 2; +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/google/api/httpbody.proto b/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/google/api/httpbody.proto new file mode 100644 index 00000000..4428515c --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/google/api/httpbody.proto @@ -0,0 +1,78 @@ +// Copyright 2018 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +syntax = "proto3"; + +package google.api; + +import "google/protobuf/any.proto"; + +option cc_enable_arenas = true; +option go_package = "google.golang.org/genproto/googleapis/api/httpbody;httpbody"; +option java_multiple_files = true; +option java_outer_classname = "HttpBodyProto"; +option java_package = "com.google.api"; +option objc_class_prefix = "GAPI"; + +// Message that represents an arbitrary HTTP body. It should only be used for +// payload formats that can't be represented as JSON, such as raw binary or +// an HTML page. +// +// +// This message can be used both in streaming and non-streaming API methods in +// the request as well as the response. +// +// It can be used as a top-level request field, which is convenient if one +// wants to extract parameters from either the URL or HTTP template into the +// request fields and also want access to the raw HTTP body. +// +// Example: +// +// message GetResourceRequest { +// // A unique request id. +// string request_id = 1; +// +// // The raw HTTP body is bound to this field. +// google.api.HttpBody http_body = 2; +// } +// +// service ResourceService { +// rpc GetResource(GetResourceRequest) returns (google.api.HttpBody); +// rpc UpdateResource(google.api.HttpBody) returns +// (google.protobuf.Empty); +// } +// +// Example with streaming methods: +// +// service CaldavService { +// rpc GetCalendar(stream google.api.HttpBody) +// returns (stream google.api.HttpBody); +// rpc UpdateCalendar(stream google.api.HttpBody) +// returns (stream google.api.HttpBody); +// } +// +// Use of this type only changes how the request and response bodies are +// handled, all other features will continue to work unchanged. +message HttpBody { + // The HTTP Content-Type header value specifying the content type of the body. + string content_type = 1; + + // The HTTP request/response body as raw binary. + bytes data = 2; + + // Application specific response metadata. Must be set in the first response + // for streaming APIs. + repeated google.protobuf.Any extensions = 3; +} \ No newline at end of file diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/google/protobuf/any.proto b/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/google/protobuf/any.proto new file mode 100644 index 00000000..49329425 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/google/protobuf/any.proto @@ -0,0 +1,154 @@ +// Protocol Buffers - Google's data interchange format +// Copyright 2008 Google Inc. All rights reserved. +// https://developers.google.com/protocol-buffers/ +// +// Redistribution and use in source and binary forms, with or without +// modification, are permitted provided that the following conditions are +// met: +// +// * Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// * Redistributions in binary form must reproduce the above +// copyright notice, this list of conditions and the following disclaimer +// in the documentation and/or other materials provided with the +// distribution. +// * Neither the name of Google Inc. nor the names of its +// contributors may be used to endorse or promote products derived from +// this software without specific prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +syntax = "proto3"; + +package google.protobuf; + +option csharp_namespace = "Google.Protobuf.WellKnownTypes"; +option go_package = "github.com/golang/protobuf/ptypes/any"; +option java_package = "com.google.protobuf"; +option java_outer_classname = "AnyProto"; +option java_multiple_files = true; +option objc_class_prefix = "GPB"; + +// `Any` contains an arbitrary serialized protocol buffer message along with a +// URL that describes the type of the serialized message. +// +// Protobuf library provides support to pack/unpack Any values in the form +// of utility functions or additional generated methods of the Any type. +// +// Example 1: Pack and unpack a message in C++. +// +// Foo foo = ...; +// Any any; +// any.PackFrom(foo); +// ... +// if (any.UnpackTo(&foo)) { +// ... +// } +// +// Example 2: Pack and unpack a message in Java. +// +// Foo foo = ...; +// Any any = Any.pack(foo); +// ... +// if (any.is(Foo.class)) { +// foo = any.unpack(Foo.class); +// } +// +// Example 3: Pack and unpack a message in Python. +// +// foo = Foo(...) +// any = Any() +// any.Pack(foo) +// ... +// if any.Is(Foo.DESCRIPTOR): +// any.Unpack(foo) +// ... +// +// Example 4: Pack and unpack a message in Go +// +// foo := &pb.Foo{...} +// any, err := ptypes.MarshalAny(foo) +// ... +// foo := &pb.Foo{} +// if err := ptypes.UnmarshalAny(any, foo); err != nil { +// ... +// } +// +// The pack methods provided by protobuf library will by default use +// 'type.googleapis.com/full.type.name' as the type URL and the unpack +// methods only use the fully qualified type name after the last '/' +// in the type URL, for example "foo.bar.com/x/y.z" will yield type +// name "y.z". +// +// +// JSON +// ==== +// The JSON representation of an `Any` value uses the regular +// representation of the deserialized, embedded message, with an +// additional field `@type` which contains the type URL. Example: +// +// package google.profile; +// message Person { +// string first_name = 1; +// string last_name = 2; +// } +// +// { +// "@type": "type.googleapis.com/google.profile.Person", +// "firstName": , +// "lastName": +// } +// +// If the embedded message type is well-known and has a custom JSON +// representation, that representation will be embedded adding a field +// `value` which holds the custom JSON in addition to the `@type` +// field. Example (for message [google.protobuf.Duration][]): +// +// { +// "@type": "type.googleapis.com/google.protobuf.Duration", +// "value": "1.212s" +// } +// +message Any { + // A URL/resource name that uniquely identifies the type of the serialized + // protocol buffer message. The last segment of the URL's path must represent + // the fully qualified name of the type (as in + // `path/google.protobuf.Duration`). The name should be in a canonical form + // (e.g., leading "." is not accepted). + // + // In practice, teams usually precompile into the binary all types that they + // expect it to use in the context of Any. However, for URLs which use the + // scheme `http`, `https`, or no scheme, one can optionally set up a type + // server that maps type URLs to message definitions as follows: + // + // * If no scheme is provided, `https` is assumed. + // * An HTTP GET on the URL must yield a [google.protobuf.Type][] + // value in binary format, or produce an error. + // * Applications are allowed to cache lookup results based on the + // URL, or have them precompiled into a binary to avoid any + // lookup. Therefore, binary compatibility needs to be preserved + // on changes to types. (Use versioned type names to manage + // breaking changes.) + // + // Note: this functionality is not currently available in the official + // protobuf release, and it is not used for type URLs beginning with + // type.googleapis.com. + // + // Schemes other than `http`, `https` (or the empty scheme) might be + // used with implementation specific semantics. + // + string type_url = 1; + + // Must be a valid serialized protocol buffer of the above specified type. + bytes value = 2; +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/google/protobuf/api.proto b/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/google/protobuf/api.proto new file mode 100644 index 00000000..f37ee2fa --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/google/protobuf/api.proto @@ -0,0 +1,210 @@ +// Protocol Buffers - Google's data interchange format +// Copyright 2008 Google Inc. All rights reserved. +// https://developers.google.com/protocol-buffers/ +// +// Redistribution and use in source and binary forms, with or without +// modification, are permitted provided that the following conditions are +// met: +// +// * Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// * Redistributions in binary form must reproduce the above +// copyright notice, this list of conditions and the following disclaimer +// in the documentation and/or other materials provided with the +// distribution. +// * Neither the name of Google Inc. nor the names of its +// contributors may be used to endorse or promote products derived from +// this software without specific prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +syntax = "proto3"; + +package google.protobuf; + +import "google/protobuf/source_context.proto"; +import "google/protobuf/type.proto"; + +option csharp_namespace = "Google.Protobuf.WellKnownTypes"; +option java_package = "com.google.protobuf"; +option java_outer_classname = "ApiProto"; +option java_multiple_files = true; +option objc_class_prefix = "GPB"; +option go_package = "google.golang.org/genproto/protobuf/api;api"; + +// Api is a light-weight descriptor for an API Interface. +// +// Interfaces are also described as "protocol buffer services" in some contexts, +// such as by the "service" keyword in a .proto file, but they are different +// from API Services, which represent a concrete implementation of an interface +// as opposed to simply a description of methods and bindings. They are also +// sometimes simply referred to as "APIs" in other contexts, such as the name of +// this message itself. See https://cloud.google.com/apis/design/glossary for +// detailed terminology. +message Api { + + // The fully qualified name of this interface, including package name + // followed by the interface's simple name. + string name = 1; + + // The methods of this interface, in unspecified order. + repeated Method methods = 2; + + // Any metadata attached to the interface. + repeated Option options = 3; + + // A version string for this interface. If specified, must have the form + // `major-version.minor-version`, as in `1.10`. If the minor version is + // omitted, it defaults to zero. If the entire version field is empty, the + // major version is derived from the package name, as outlined below. If the + // field is not empty, the version in the package name will be verified to be + // consistent with what is provided here. + // + // The versioning schema uses [semantic + // versioning](http://semver.org) where the major version number + // indicates a breaking change and the minor version an additive, + // non-breaking change. Both version numbers are signals to users + // what to expect from different versions, and should be carefully + // chosen based on the product plan. + // + // The major version is also reflected in the package name of the + // interface, which must end in `v`, as in + // `google.feature.v1`. For major versions 0 and 1, the suffix can + // be omitted. Zero major versions must only be used for + // experimental, non-GA interfaces. + // + // + string version = 4; + + // Source context for the protocol buffer service represented by this + // message. + SourceContext source_context = 5; + + // Included interfaces. See [Mixin][]. + repeated Mixin mixins = 6; + + // The source syntax of the service. + Syntax syntax = 7; +} + +// Method represents a method of an API interface. +message Method { + + // The simple name of this method. + string name = 1; + + // A URL of the input message type. + string request_type_url = 2; + + // If true, the request is streamed. + bool request_streaming = 3; + + // The URL of the output message type. + string response_type_url = 4; + + // If true, the response is streamed. + bool response_streaming = 5; + + // Any metadata attached to the method. + repeated Option options = 6; + + // The source syntax of this method. + Syntax syntax = 7; +} + +// Declares an API Interface to be included in this interface. The including +// interface must redeclare all the methods from the included interface, but +// documentation and options are inherited as follows: +// +// - If after comment and whitespace stripping, the documentation +// string of the redeclared method is empty, it will be inherited +// from the original method. +// +// - Each annotation belonging to the service config (http, +// visibility) which is not set in the redeclared method will be +// inherited. +// +// - If an http annotation is inherited, the path pattern will be +// modified as follows. Any version prefix will be replaced by the +// version of the including interface plus the [root][] path if +// specified. +// +// Example of a simple mixin: +// +// package google.acl.v1; +// service AccessControl { +// // Get the underlying ACL object. +// rpc GetAcl(GetAclRequest) returns (Acl) { +// option (google.api.http).get = "/v1/{resource=**}:getAcl"; +// } +// } +// +// package google.storage.v2; +// service Storage { +// rpc GetAcl(GetAclRequest) returns (Acl); +// +// // Get a data record. +// rpc GetData(GetDataRequest) returns (Data) { +// option (google.api.http).get = "/v2/{resource=**}"; +// } +// } +// +// Example of a mixin configuration: +// +// apis: +// - name: google.storage.v2.Storage +// mixins: +// - name: google.acl.v1.AccessControl +// +// The mixin construct implies that all methods in `AccessControl` are +// also declared with same name and request/response types in +// `Storage`. A documentation generator or annotation processor will +// see the effective `Storage.GetAcl` method after inherting +// documentation and annotations as follows: +// +// service Storage { +// // Get the underlying ACL object. +// rpc GetAcl(GetAclRequest) returns (Acl) { +// option (google.api.http).get = "/v2/{resource=**}:getAcl"; +// } +// ... +// } +// +// Note how the version in the path pattern changed from `v1` to `v2`. +// +// If the `root` field in the mixin is specified, it should be a +// relative path under which inherited HTTP paths are placed. Example: +// +// apis: +// - name: google.storage.v2.Storage +// mixins: +// - name: google.acl.v1.AccessControl +// root: acls +// +// This implies the following inherited HTTP annotation: +// +// service Storage { +// // Get the underlying ACL object. +// rpc GetAcl(GetAclRequest) returns (Acl) { +// option (google.api.http).get = "/v2/acls/{resource=**}:getAcl"; +// } +// ... +// } +message Mixin { + // The fully qualified name of the interface which is included. + string name = 1; + + // If non-empty specifies a path under which inherited HTTP paths + // are rooted. + string root = 2; +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/google/protobuf/descriptor.proto b/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/google/protobuf/descriptor.proto new file mode 100644 index 00000000..ed08fcbc --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/google/protobuf/descriptor.proto @@ -0,0 +1,883 @@ +// Protocol Buffers - Google's data interchange format +// Copyright 2008 Google Inc. All rights reserved. +// https://developers.google.com/protocol-buffers/ +// +// Redistribution and use in source and binary forms, with or without +// modification, are permitted provided that the following conditions are +// met: +// +// * Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// * Redistributions in binary form must reproduce the above +// copyright notice, this list of conditions and the following disclaimer +// in the documentation and/or other materials provided with the +// distribution. +// * Neither the name of Google Inc. nor the names of its +// contributors may be used to endorse or promote products derived from +// this software without specific prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +// Author: kenton@google.com (Kenton Varda) +// Based on original Protocol Buffers design by +// Sanjay Ghemawat, Jeff Dean, and others. +// +// The messages in this file describe the definitions found in .proto files. +// A valid .proto file can be translated directly to a FileDescriptorProto +// without any other information (e.g. without reading its imports). + + +syntax = "proto2"; + +package google.protobuf; +option go_package = "github.com/golang/protobuf/protoc-gen-go/descriptor;descriptor"; +option java_package = "com.google.protobuf"; +option java_outer_classname = "DescriptorProtos"; +option csharp_namespace = "Google.Protobuf.Reflection"; +option objc_class_prefix = "GPB"; +option cc_enable_arenas = true; + +// descriptor.proto must be optimized for speed because reflection-based +// algorithms don't work during bootstrapping. +option optimize_for = SPEED; + +// The protocol compiler can output a FileDescriptorSet containing the .proto +// files it parses. +message FileDescriptorSet { + repeated FileDescriptorProto file = 1; +} + +// Describes a complete .proto file. +message FileDescriptorProto { + optional string name = 1; // file name, relative to root of source tree + optional string package = 2; // e.g. "foo", "foo.bar", etc. + + // Names of files imported by this file. + repeated string dependency = 3; + // Indexes of the public imported files in the dependency list above. + repeated int32 public_dependency = 10; + // Indexes of the weak imported files in the dependency list. + // For Google-internal migration only. Do not use. + repeated int32 weak_dependency = 11; + + // All top-level definitions in this file. + repeated DescriptorProto message_type = 4; + repeated EnumDescriptorProto enum_type = 5; + repeated ServiceDescriptorProto service = 6; + repeated FieldDescriptorProto extension = 7; + + optional FileOptions options = 8; + + // This field contains optional information about the original source code. + // You may safely remove this entire field without harming runtime + // functionality of the descriptors -- the information is needed only by + // development tools. + optional SourceCodeInfo source_code_info = 9; + + // The syntax of the proto file. + // The supported values are "proto2" and "proto3". + optional string syntax = 12; +} + +// Describes a message type. +message DescriptorProto { + optional string name = 1; + + repeated FieldDescriptorProto field = 2; + repeated FieldDescriptorProto extension = 6; + + repeated DescriptorProto nested_type = 3; + repeated EnumDescriptorProto enum_type = 4; + + message ExtensionRange { + optional int32 start = 1; + optional int32 end = 2; + + optional ExtensionRangeOptions options = 3; + } + repeated ExtensionRange extension_range = 5; + + repeated OneofDescriptorProto oneof_decl = 8; + + optional MessageOptions options = 7; + + // Range of reserved tag numbers. Reserved tag numbers may not be used by + // fields or extension ranges in the same message. Reserved ranges may + // not overlap. + message ReservedRange { + optional int32 start = 1; // Inclusive. + optional int32 end = 2; // Exclusive. + } + repeated ReservedRange reserved_range = 9; + // Reserved field names, which may not be used by fields in the same message. + // A given name may only be reserved once. + repeated string reserved_name = 10; +} + +message ExtensionRangeOptions { + // The parser stores options it doesn't recognize here. See above. + repeated UninterpretedOption uninterpreted_option = 999; + + // Clients can define custom options in extensions of this message. See above. + extensions 1000 to max; +} + +// Describes a field within a message. +message FieldDescriptorProto { + enum Type { + // 0 is reserved for errors. + // Order is weird for historical reasons. + TYPE_DOUBLE = 1; + TYPE_FLOAT = 2; + // Not ZigZag encoded. Negative numbers take 10 bytes. Use TYPE_SINT64 if + // negative values are likely. + TYPE_INT64 = 3; + TYPE_UINT64 = 4; + // Not ZigZag encoded. Negative numbers take 10 bytes. Use TYPE_SINT32 if + // negative values are likely. + TYPE_INT32 = 5; + TYPE_FIXED64 = 6; + TYPE_FIXED32 = 7; + TYPE_BOOL = 8; + TYPE_STRING = 9; + // Tag-delimited aggregate. + // Group type is deprecated and not supported in proto3. However, Proto3 + // implementations should still be able to parse the group wire format and + // treat group fields as unknown fields. + TYPE_GROUP = 10; + TYPE_MESSAGE = 11; // Length-delimited aggregate. + + // New in version 2. + TYPE_BYTES = 12; + TYPE_UINT32 = 13; + TYPE_ENUM = 14; + TYPE_SFIXED32 = 15; + TYPE_SFIXED64 = 16; + TYPE_SINT32 = 17; // Uses ZigZag encoding. + TYPE_SINT64 = 18; // Uses ZigZag encoding. + }; + + enum Label { + // 0 is reserved for errors + LABEL_OPTIONAL = 1; + LABEL_REQUIRED = 2; + LABEL_REPEATED = 3; + }; + + optional string name = 1; + optional int32 number = 3; + optional Label label = 4; + + // If type_name is set, this need not be set. If both this and type_name + // are set, this must be one of TYPE_ENUM, TYPE_MESSAGE or TYPE_GROUP. + optional Type type = 5; + + // For message and enum types, this is the name of the type. If the name + // starts with a '.', it is fully-qualified. Otherwise, C++-like scoping + // rules are used to find the type (i.e. first the nested types within this + // message are searched, then within the parent, on up to the root + // namespace). + optional string type_name = 6; + + // For extensions, this is the name of the type being extended. It is + // resolved in the same manner as type_name. + optional string extendee = 2; + + // For numeric types, contains the original text representation of the value. + // For booleans, "true" or "false". + // For strings, contains the default text contents (not escaped in any way). + // For bytes, contains the C escaped value. All bytes >= 128 are escaped. + // TODO(kenton): Base-64 encode? + optional string default_value = 7; + + // If set, gives the index of a oneof in the containing type's oneof_decl + // list. This field is a member of that oneof. + optional int32 oneof_index = 9; + + // JSON name of this field. The value is set by protocol compiler. If the + // user has set a "json_name" option on this field, that option's value + // will be used. Otherwise, it's deduced from the field's name by converting + // it to camelCase. + optional string json_name = 10; + + optional FieldOptions options = 8; +} + +// Describes a oneof. +message OneofDescriptorProto { + optional string name = 1; + optional OneofOptions options = 2; +} + +// Describes an enum type. +message EnumDescriptorProto { + optional string name = 1; + + repeated EnumValueDescriptorProto value = 2; + + optional EnumOptions options = 3; + + // Range of reserved numeric values. Reserved values may not be used by + // entries in the same enum. Reserved ranges may not overlap. + // + // Note that this is distinct from DescriptorProto.ReservedRange in that it + // is inclusive such that it can appropriately represent the entire int32 + // domain. + message EnumReservedRange { + optional int32 start = 1; // Inclusive. + optional int32 end = 2; // Inclusive. + } + + // Range of reserved numeric values. Reserved numeric values may not be used + // by enum values in the same enum declaration. Reserved ranges may not + // overlap. + repeated EnumReservedRange reserved_range = 4; + + // Reserved enum value names, which may not be reused. A given name may only + // be reserved once. + repeated string reserved_name = 5; +} + +// Describes a value within an enum. +message EnumValueDescriptorProto { + optional string name = 1; + optional int32 number = 2; + + optional EnumValueOptions options = 3; +} + +// Describes a service. +message ServiceDescriptorProto { + optional string name = 1; + repeated MethodDescriptorProto method = 2; + + optional ServiceOptions options = 3; +} + +// Describes a method of a service. +message MethodDescriptorProto { + optional string name = 1; + + // Input and output type names. These are resolved in the same way as + // FieldDescriptorProto.type_name, but must refer to a message type. + optional string input_type = 2; + optional string output_type = 3; + + optional MethodOptions options = 4; + + // Identifies if client streams multiple client messages + optional bool client_streaming = 5 [default=false]; + // Identifies if server streams multiple server messages + optional bool server_streaming = 6 [default=false]; +} + + +// =================================================================== +// Options + +// Each of the definitions above may have "options" attached. These are +// just annotations which may cause code to be generated slightly differently +// or may contain hints for code that manipulates protocol messages. +// +// Clients may define custom options as extensions of the *Options messages. +// These extensions may not yet be known at parsing time, so the parser cannot +// store the values in them. Instead it stores them in a field in the *Options +// message called uninterpreted_option. This field must have the same name +// across all *Options messages. We then use this field to populate the +// extensions when we build a descriptor, at which point all protos have been +// parsed and so all extensions are known. +// +// Extension numbers for custom options may be chosen as follows: +// * For options which will only be used within a single application or +// organization, or for experimental options, use field numbers 50000 +// through 99999. It is up to you to ensure that you do not use the +// same number for multiple options. +// * For options which will be published and used publicly by multiple +// independent entities, e-mail protobuf-global-extension-registry@google.com +// to reserve extension numbers. Simply provide your project name (e.g. +// Objective-C plugin) and your project website (if available) -- there's no +// need to explain how you intend to use them. Usually you only need one +// extension number. You can declare multiple options with only one extension +// number by putting them in a sub-message. See the Custom Options section of +// the docs for examples: +// https://developers.google.com/protocol-buffers/docs/proto#options +// If this turns out to be popular, a web service will be set up +// to automatically assign option numbers. + + +message FileOptions { + + // Sets the Java package where classes generated from this .proto will be + // placed. By default, the proto package is used, but this is often + // inappropriate because proto packages do not normally start with backwards + // domain names. + optional string java_package = 1; + + + // If set, all the classes from the .proto file are wrapped in a single + // outer class with the given name. This applies to both Proto1 + // (equivalent to the old "--one_java_file" option) and Proto2 (where + // a .proto always translates to a single class, but you may want to + // explicitly choose the class name). + optional string java_outer_classname = 8; + + // If set true, then the Java code generator will generate a separate .java + // file for each top-level message, enum, and service defined in the .proto + // file. Thus, these types will *not* be nested inside the outer class + // named by java_outer_classname. However, the outer class will still be + // generated to contain the file's getDescriptor() method as well as any + // top-level extensions defined in the file. + optional bool java_multiple_files = 10 [default=false]; + + // This option does nothing. + optional bool java_generate_equals_and_hash = 20 [deprecated=true]; + + // If set true, then the Java2 code generator will generate code that + // throws an exception whenever an attempt is made to assign a non-UTF-8 + // byte sequence to a string field. + // Message reflection will do the same. + // However, an extension field still accepts non-UTF-8 byte sequences. + // This option has no effect on when used with the lite runtime. + optional bool java_string_check_utf8 = 27 [default=false]; + + + // Generated classes can be optimized for speed or code size. + enum OptimizeMode { + SPEED = 1; // Generate complete code for parsing, serialization, + // etc. + CODE_SIZE = 2; // Use ReflectionOps to implement these methods. + LITE_RUNTIME = 3; // Generate code using MessageLite and the lite runtime. + } + optional OptimizeMode optimize_for = 9 [default=SPEED]; + + // Sets the Go package where structs generated from this .proto will be + // placed. If omitted, the Go package will be derived from the following: + // - The basename of the package import path, if provided. + // - Otherwise, the package statement in the .proto file, if present. + // - Otherwise, the basename of the .proto file, without extension. + optional string go_package = 11; + + + + // Should generic services be generated in each language? "Generic" services + // are not specific to any particular RPC system. They are generated by the + // main code generators in each language (without additional plugins). + // Generic services were the only kind of service generation supported by + // early versions of google.protobuf. + // + // Generic services are now considered deprecated in favor of using plugins + // that generate code specific to your particular RPC system. Therefore, + // these default to false. Old code which depends on generic services should + // explicitly set them to true. + optional bool cc_generic_services = 16 [default=false]; + optional bool java_generic_services = 17 [default=false]; + optional bool py_generic_services = 18 [default=false]; + optional bool php_generic_services = 42 [default=false]; + + // Is this file deprecated? + // Depending on the target platform, this can emit Deprecated annotations + // for everything in the file, or it will be completely ignored; in the very + // least, this is a formalization for deprecating files. + optional bool deprecated = 23 [default=false]; + + // Enables the use of arenas for the proto messages in this file. This applies + // only to generated classes for C++. + optional bool cc_enable_arenas = 31 [default=false]; + + + // Sets the objective c class prefix which is prepended to all objective c + // generated classes from this .proto. There is no default. + optional string objc_class_prefix = 36; + + // Namespace for generated classes; defaults to the package. + optional string csharp_namespace = 37; + + // By default Swift generators will take the proto package and CamelCase it + // replacing '.' with underscore and use that to prefix the types/symbols + // defined. When this options is provided, they will use this value instead + // to prefix the types/symbols defined. + optional string swift_prefix = 39; + + // Sets the php class prefix which is prepended to all php generated classes + // from this .proto. Default is empty. + optional string php_class_prefix = 40; + + // Use this option to change the namespace of php generated classes. Default + // is empty. When this option is empty, the package name will be used for + // determining the namespace. + optional string php_namespace = 41; + + + // Use this option to change the namespace of php generated metadata classes. + // Default is empty. When this option is empty, the proto file name will be used + // for determining the namespace. + optional string php_metadata_namespace = 44; + + // Use this option to change the package of ruby generated classes. Default + // is empty. When this option is not set, the package name will be used for + // determining the ruby package. + optional string ruby_package = 45; + + // The parser stores options it doesn't recognize here. + // See the documentation for the "Options" section above. + repeated UninterpretedOption uninterpreted_option = 999; + + // Clients can define custom options in extensions of this message. + // See the documentation for the "Options" section above. + extensions 1000 to max; + + reserved 38; +} + +message MessageOptions { + // Set true to use the old proto1 MessageSet wire format for extensions. + // This is provided for backwards-compatibility with the MessageSet wire + // format. You should not use this for any other reason: It's less + // efficient, has fewer features, and is more complicated. + // + // The message must be defined exactly as follows: + // message Foo { + // option message_set_wire_format = true; + // extensions 4 to max; + // } + // Note that the message cannot have any defined fields; MessageSets only + // have extensions. + // + // All extensions of your type must be singular messages; e.g. they cannot + // be int32s, enums, or repeated messages. + // + // Because this is an option, the above two restrictions are not enforced by + // the protocol compiler. + optional bool message_set_wire_format = 1 [default=false]; + + // Disables the generation of the standard "descriptor()" accessor, which can + // conflict with a field of the same name. This is meant to make migration + // from proto1 easier; new code should avoid fields named "descriptor". + optional bool no_standard_descriptor_accessor = 2 [default=false]; + + // Is this message deprecated? + // Depending on the target platform, this can emit Deprecated annotations + // for the message, or it will be completely ignored; in the very least, + // this is a formalization for deprecating messages. + optional bool deprecated = 3 [default=false]; + + // Whether the message is an automatically generated map entry type for the + // maps field. + // + // For maps fields: + // map map_field = 1; + // The parsed descriptor looks like: + // message MapFieldEntry { + // option map_entry = true; + // optional KeyType key = 1; + // optional ValueType value = 2; + // } + // repeated MapFieldEntry map_field = 1; + // + // Implementations may choose not to generate the map_entry=true message, but + // use a native map in the target language to hold the keys and values. + // The reflection APIs in such implementions still need to work as + // if the field is a repeated message field. + // + // NOTE: Do not set the option in .proto files. Always use the maps syntax + // instead. The option should only be implicitly set by the proto compiler + // parser. + optional bool map_entry = 7; + + reserved 8; // javalite_serializable + reserved 9; // javanano_as_lite + + // The parser stores options it doesn't recognize here. See above. + repeated UninterpretedOption uninterpreted_option = 999; + + // Clients can define custom options in extensions of this message. See above. + extensions 1000 to max; +} + +message FieldOptions { + // The ctype option instructs the C++ code generator to use a different + // representation of the field than it normally would. See the specific + // options below. This option is not yet implemented in the open source + // release -- sorry, we'll try to include it in a future version! + optional CType ctype = 1 [default = STRING]; + enum CType { + // Default mode. + STRING = 0; + + CORD = 1; + + STRING_PIECE = 2; + } + // The packed option can be enabled for repeated primitive fields to enable + // a more efficient representation on the wire. Rather than repeatedly + // writing the tag and type for each element, the entire array is encoded as + // a single length-delimited blob. In proto3, only explicit setting it to + // false will avoid using packed encoding. + optional bool packed = 2; + + // The jstype option determines the JavaScript type used for values of the + // field. The option is permitted only for 64 bit integral and fixed types + // (int64, uint64, sint64, fixed64, sfixed64). A field with jstype JS_STRING + // is represented as JavaScript string, which avoids loss of precision that + // can happen when a large value is converted to a floating point JavaScript. + // Specifying JS_NUMBER for the jstype causes the generated JavaScript code to + // use the JavaScript "number" type. The behavior of the default option + // JS_NORMAL is implementation dependent. + // + // This option is an enum to permit additional types to be added, e.g. + // goog.math.Integer. + optional JSType jstype = 6 [default = JS_NORMAL]; + enum JSType { + // Use the default type. + JS_NORMAL = 0; + + // Use JavaScript strings. + JS_STRING = 1; + + // Use JavaScript numbers. + JS_NUMBER = 2; + } + + // Should this field be parsed lazily? Lazy applies only to message-type + // fields. It means that when the outer message is initially parsed, the + // inner message's contents will not be parsed but instead stored in encoded + // form. The inner message will actually be parsed when it is first accessed. + // + // This is only a hint. Implementations are free to choose whether to use + // eager or lazy parsing regardless of the value of this option. However, + // setting this option true suggests that the protocol author believes that + // using lazy parsing on this field is worth the additional bookkeeping + // overhead typically needed to implement it. + // + // This option does not affect the public interface of any generated code; + // all method signatures remain the same. Furthermore, thread-safety of the + // interface is not affected by this option; const methods remain safe to + // call from multiple threads concurrently, while non-const methods continue + // to require exclusive access. + // + // + // Note that implementations may choose not to check required fields within + // a lazy sub-message. That is, calling IsInitialized() on the outer message + // may return true even if the inner message has missing required fields. + // This is necessary because otherwise the inner message would have to be + // parsed in order to perform the check, defeating the purpose of lazy + // parsing. An implementation which chooses not to check required fields + // must be consistent about it. That is, for any particular sub-message, the + // implementation must either *always* check its required fields, or *never* + // check its required fields, regardless of whether or not the message has + // been parsed. + optional bool lazy = 5 [default=false]; + + // Is this field deprecated? + // Depending on the target platform, this can emit Deprecated annotations + // for accessors, or it will be completely ignored; in the very least, this + // is a formalization for deprecating fields. + optional bool deprecated = 3 [default=false]; + + // For Google-internal migration only. Do not use. + optional bool weak = 10 [default=false]; + + + // The parser stores options it doesn't recognize here. See above. + repeated UninterpretedOption uninterpreted_option = 999; + + // Clients can define custom options in extensions of this message. See above. + extensions 1000 to max; + + reserved 4; // removed jtype +} + +message OneofOptions { + // The parser stores options it doesn't recognize here. See above. + repeated UninterpretedOption uninterpreted_option = 999; + + // Clients can define custom options in extensions of this message. See above. + extensions 1000 to max; +} + +message EnumOptions { + + // Set this option to true to allow mapping different tag names to the same + // value. + optional bool allow_alias = 2; + + // Is this enum deprecated? + // Depending on the target platform, this can emit Deprecated annotations + // for the enum, or it will be completely ignored; in the very least, this + // is a formalization for deprecating enums. + optional bool deprecated = 3 [default=false]; + + reserved 5; // javanano_as_lite + + // The parser stores options it doesn't recognize here. See above. + repeated UninterpretedOption uninterpreted_option = 999; + + // Clients can define custom options in extensions of this message. See above. + extensions 1000 to max; +} + +message EnumValueOptions { + // Is this enum value deprecated? + // Depending on the target platform, this can emit Deprecated annotations + // for the enum value, or it will be completely ignored; in the very least, + // this is a formalization for deprecating enum values. + optional bool deprecated = 1 [default=false]; + + // The parser stores options it doesn't recognize here. See above. + repeated UninterpretedOption uninterpreted_option = 999; + + // Clients can define custom options in extensions of this message. See above. + extensions 1000 to max; +} + +message ServiceOptions { + + // Note: Field numbers 1 through 32 are reserved for Google's internal RPC + // framework. We apologize for hoarding these numbers to ourselves, but + // we were already using them long before we decided to release Protocol + // Buffers. + + // Is this service deprecated? + // Depending on the target platform, this can emit Deprecated annotations + // for the service, or it will be completely ignored; in the very least, + // this is a formalization for deprecating services. + optional bool deprecated = 33 [default=false]; + + // The parser stores options it doesn't recognize here. See above. + repeated UninterpretedOption uninterpreted_option = 999; + + // Clients can define custom options in extensions of this message. See above. + extensions 1000 to max; +} + +message MethodOptions { + + // Note: Field numbers 1 through 32 are reserved for Google's internal RPC + // framework. We apologize for hoarding these numbers to ourselves, but + // we were already using them long before we decided to release Protocol + // Buffers. + + // Is this method deprecated? + // Depending on the target platform, this can emit Deprecated annotations + // for the method, or it will be completely ignored; in the very least, + // this is a formalization for deprecating methods. + optional bool deprecated = 33 [default=false]; + + // Is this method side-effect-free (or safe in HTTP parlance), or idempotent, + // or neither? HTTP based RPC implementation may choose GET verb for safe + // methods, and PUT verb for idempotent methods instead of the default POST. + enum IdempotencyLevel { + IDEMPOTENCY_UNKNOWN = 0; + NO_SIDE_EFFECTS = 1; // implies idempotent + IDEMPOTENT = 2; // idempotent, but may have side effects + } + optional IdempotencyLevel idempotency_level = + 34 [default=IDEMPOTENCY_UNKNOWN]; + + // The parser stores options it doesn't recognize here. See above. + repeated UninterpretedOption uninterpreted_option = 999; + + // Clients can define custom options in extensions of this message. See above. + extensions 1000 to max; +} + + +// A message representing a option the parser does not recognize. This only +// appears in options protos created by the compiler::Parser class. +// DescriptorPool resolves these when building Descriptor objects. Therefore, +// options protos in descriptor objects (e.g. returned by Descriptor::options(), +// or produced by Descriptor::CopyTo()) will never have UninterpretedOptions +// in them. +message UninterpretedOption { + // The name of the uninterpreted option. Each string represents a segment in + // a dot-separated name. is_extension is true iff a segment represents an + // extension (denoted with parentheses in options specs in .proto files). + // E.g.,{ ["foo", false], ["bar.baz", true], ["qux", false] } represents + // "foo.(bar.baz).qux". + message NamePart { + required string name_part = 1; + required bool is_extension = 2; + } + repeated NamePart name = 2; + + // The value of the uninterpreted option, in whatever type the tokenizer + // identified it as during parsing. Exactly one of these should be set. + optional string identifier_value = 3; + optional uint64 positive_int_value = 4; + optional int64 negative_int_value = 5; + optional double double_value = 6; + optional bytes string_value = 7; + optional string aggregate_value = 8; +} + +// =================================================================== +// Optional source code info + +// Encapsulates information about the original source file from which a +// FileDescriptorProto was generated. +message SourceCodeInfo { + // A Location identifies a piece of source code in a .proto file which + // corresponds to a particular definition. This information is intended + // to be useful to IDEs, code indexers, documentation generators, and similar + // tools. + // + // For example, say we have a file like: + // message Foo { + // optional string foo = 1; + // } + // Let's look at just the field definition: + // optional string foo = 1; + // ^ ^^ ^^ ^ ^^^ + // a bc de f ghi + // We have the following locations: + // span path represents + // [a,i) [ 4, 0, 2, 0 ] The whole field definition. + // [a,b) [ 4, 0, 2, 0, 4 ] The label (optional). + // [c,d) [ 4, 0, 2, 0, 5 ] The type (string). + // [e,f) [ 4, 0, 2, 0, 1 ] The name (foo). + // [g,h) [ 4, 0, 2, 0, 3 ] The number (1). + // + // Notes: + // - A location may refer to a repeated field itself (i.e. not to any + // particular index within it). This is used whenever a set of elements are + // logically enclosed in a single code segment. For example, an entire + // extend block (possibly containing multiple extension definitions) will + // have an outer location whose path refers to the "extensions" repeated + // field without an index. + // - Multiple locations may have the same path. This happens when a single + // logical declaration is spread out across multiple places. The most + // obvious example is the "extend" block again -- there may be multiple + // extend blocks in the same scope, each of which will have the same path. + // - A location's span is not always a subset of its parent's span. For + // example, the "extendee" of an extension declaration appears at the + // beginning of the "extend" block and is shared by all extensions within + // the block. + // - Just because a location's span is a subset of some other location's span + // does not mean that it is a descendent. For example, a "group" defines + // both a type and a field in a single declaration. Thus, the locations + // corresponding to the type and field and their components will overlap. + // - Code which tries to interpret locations should probably be designed to + // ignore those that it doesn't understand, as more types of locations could + // be recorded in the future. + repeated Location location = 1; + message Location { + // Identifies which part of the FileDescriptorProto was defined at this + // location. + // + // Each element is a field number or an index. They form a path from + // the root FileDescriptorProto to the place where the definition. For + // example, this path: + // [ 4, 3, 2, 7, 1 ] + // refers to: + // file.message_type(3) // 4, 3 + // .field(7) // 2, 7 + // .name() // 1 + // This is because FileDescriptorProto.message_type has field number 4: + // repeated DescriptorProto message_type = 4; + // and DescriptorProto.field has field number 2: + // repeated FieldDescriptorProto field = 2; + // and FieldDescriptorProto.name has field number 1: + // optional string name = 1; + // + // Thus, the above path gives the location of a field name. If we removed + // the last element: + // [ 4, 3, 2, 7 ] + // this path refers to the whole field declaration (from the beginning + // of the label to the terminating semicolon). + repeated int32 path = 1 [packed=true]; + + // Always has exactly three or four elements: start line, start column, + // end line (optional, otherwise assumed same as start line), end column. + // These are packed into a single field for efficiency. Note that line + // and column numbers are zero-based -- typically you will want to add + // 1 to each before displaying to a user. + repeated int32 span = 2 [packed=true]; + + // If this SourceCodeInfo represents a complete declaration, these are any + // comments appearing before and after the declaration which appear to be + // attached to the declaration. + // + // A series of line comments appearing on consecutive lines, with no other + // tokens appearing on those lines, will be treated as a single comment. + // + // leading_detached_comments will keep paragraphs of comments that appear + // before (but not connected to) the current element. Each paragraph, + // separated by empty lines, will be one comment element in the repeated + // field. + // + // Only the comment content is provided; comment markers (e.g. //) are + // stripped out. For block comments, leading whitespace and an asterisk + // will be stripped from the beginning of each line other than the first. + // Newlines are included in the output. + // + // Examples: + // + // optional int32 foo = 1; // Comment attached to foo. + // // Comment attached to bar. + // optional int32 bar = 2; + // + // optional string baz = 3; + // // Comment attached to baz. + // // Another line attached to baz. + // + // // Comment attached to qux. + // // + // // Another line attached to qux. + // optional double qux = 4; + // + // // Detached comment for corge. This is not leading or trailing comments + // // to qux or corge because there are blank lines separating it from + // // both. + // + // // Detached comment for corge paragraph 2. + // + // optional string corge = 5; + // /* Block comment attached + // * to corge. Leading asterisks + // * will be removed. */ + // /* Block comment attached to + // * grault. */ + // optional int32 grault = 6; + // + // // ignored detached comments. + optional string leading_comments = 3; + optional string trailing_comments = 4; + repeated string leading_detached_comments = 6; + } +} + +// Describes the relationship between generated code and its original source +// file. A GeneratedCodeInfo message is associated with only one generated +// source file, but may contain references to different source .proto files. +message GeneratedCodeInfo { + // An Annotation connects some span of text in generated code to an element + // of its generating .proto file. + repeated Annotation annotation = 1; + message Annotation { + // Identifies the element in the original source .proto file. This field + // is formatted the same as SourceCodeInfo.Location.path. + repeated int32 path = 1 [packed=true]; + + // Identifies the filesystem path to the original source .proto. + optional string source_file = 2; + + // Identifies the starting offset in bytes in the generated code + // that relates to the identified object. + optional int32 begin = 3; + + // Identifies the ending offset in bytes in the generated code that + // relates to the identified offset. The end offset should be one past + // the last relevant byte (so the length of the text = end - begin). + optional int32 end = 4; + } +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/google/protobuf/duration.proto b/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/google/protobuf/duration.proto new file mode 100644 index 00000000..975fce41 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/google/protobuf/duration.proto @@ -0,0 +1,117 @@ +// Protocol Buffers - Google's data interchange format +// Copyright 2008 Google Inc. All rights reserved. +// https://developers.google.com/protocol-buffers/ +// +// Redistribution and use in source and binary forms, with or without +// modification, are permitted provided that the following conditions are +// met: +// +// * Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// * Redistributions in binary form must reproduce the above +// copyright notice, this list of conditions and the following disclaimer +// in the documentation and/or other materials provided with the +// distribution. +// * Neither the name of Google Inc. nor the names of its +// contributors may be used to endorse or promote products derived from +// this software without specific prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +syntax = "proto3"; + +package google.protobuf; + +option csharp_namespace = "Google.Protobuf.WellKnownTypes"; +option cc_enable_arenas = true; +option go_package = "github.com/golang/protobuf/ptypes/duration"; +option java_package = "com.google.protobuf"; +option java_outer_classname = "DurationProto"; +option java_multiple_files = true; +option objc_class_prefix = "GPB"; + +// A Duration represents a signed, fixed-length span of time represented +// as a count of seconds and fractions of seconds at nanosecond +// resolution. It is independent of any calendar and concepts like "day" +// or "month". It is related to Timestamp in that the difference between +// two Timestamp values is a Duration and it can be added or subtracted +// from a Timestamp. Range is approximately +-10,000 years. +// +// # Examples +// +// Example 1: Compute Duration from two Timestamps in pseudo code. +// +// Timestamp start = ...; +// Timestamp end = ...; +// Duration duration = ...; +// +// duration.seconds = end.seconds - start.seconds; +// duration.nanos = end.nanos - start.nanos; +// +// if (duration.seconds < 0 && duration.nanos > 0) { +// duration.seconds += 1; +// duration.nanos -= 1000000000; +// } else if (durations.seconds > 0 && duration.nanos < 0) { +// duration.seconds -= 1; +// duration.nanos += 1000000000; +// } +// +// Example 2: Compute Timestamp from Timestamp + Duration in pseudo code. +// +// Timestamp start = ...; +// Duration duration = ...; +// Timestamp end = ...; +// +// end.seconds = start.seconds + duration.seconds; +// end.nanos = start.nanos + duration.nanos; +// +// if (end.nanos < 0) { +// end.seconds -= 1; +// end.nanos += 1000000000; +// } else if (end.nanos >= 1000000000) { +// end.seconds += 1; +// end.nanos -= 1000000000; +// } +// +// Example 3: Compute Duration from datetime.timedelta in Python. +// +// td = datetime.timedelta(days=3, minutes=10) +// duration = Duration() +// duration.FromTimedelta(td) +// +// # JSON Mapping +// +// In JSON format, the Duration type is encoded as a string rather than an +// object, where the string ends in the suffix "s" (indicating seconds) and +// is preceded by the number of seconds, with nanoseconds expressed as +// fractional seconds. For example, 3 seconds with 0 nanoseconds should be +// encoded in JSON format as "3s", while 3 seconds and 1 nanosecond should +// be expressed in JSON format as "3.000000001s", and 3 seconds and 1 +// microsecond should be expressed in JSON format as "3.000001s". +// +// +message Duration { + + // Signed seconds of the span of time. Must be from -315,576,000,000 + // to +315,576,000,000 inclusive. Note: these bounds are computed from: + // 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years + int64 seconds = 1; + + // Signed fractions of a second at nanosecond resolution of the span + // of time. Durations less than one second are represented with a 0 + // `seconds` field and a positive or negative `nanos` field. For durations + // of one second or more, a non-zero value for the `nanos` field must be + // of the same sign as the `seconds` field. Must be from -999,999,999 + // to +999,999,999 inclusive. + int32 nanos = 2; +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/google/protobuf/empty.proto b/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/google/protobuf/empty.proto new file mode 100644 index 00000000..03cacd23 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/google/protobuf/empty.proto @@ -0,0 +1,52 @@ +// Protocol Buffers - Google's data interchange format +// Copyright 2008 Google Inc. All rights reserved. +// https://developers.google.com/protocol-buffers/ +// +// Redistribution and use in source and binary forms, with or without +// modification, are permitted provided that the following conditions are +// met: +// +// * Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// * Redistributions in binary form must reproduce the above +// copyright notice, this list of conditions and the following disclaimer +// in the documentation and/or other materials provided with the +// distribution. +// * Neither the name of Google Inc. nor the names of its +// contributors may be used to endorse or promote products derived from +// this software without specific prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +syntax = "proto3"; + +package google.protobuf; + +option csharp_namespace = "Google.Protobuf.WellKnownTypes"; +option go_package = "github.com/golang/protobuf/ptypes/empty"; +option java_package = "com.google.protobuf"; +option java_outer_classname = "EmptyProto"; +option java_multiple_files = true; +option objc_class_prefix = "GPB"; +option cc_enable_arenas = true; + +// A generic empty message that you can re-use to avoid defining duplicated +// empty messages in your APIs. A typical example is to use it as the request +// or the response type of an API method. For instance: +// +// service Foo { +// rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); +// } +// +// The JSON representation for `Empty` is empty JSON object `{}`. +message Empty {} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/google/protobuf/field_mask.proto b/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/google/protobuf/field_mask.proto new file mode 100644 index 00000000..76e09f39 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/google/protobuf/field_mask.proto @@ -0,0 +1,252 @@ +// Protocol Buffers - Google's data interchange format +// Copyright 2008 Google Inc. All rights reserved. +// https://developers.google.com/protocol-buffers/ +// +// Redistribution and use in source and binary forms, with or without +// modification, are permitted provided that the following conditions are +// met: +// +// * Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// * Redistributions in binary form must reproduce the above +// copyright notice, this list of conditions and the following disclaimer +// in the documentation and/or other materials provided with the +// distribution. +// * Neither the name of Google Inc. nor the names of its +// contributors may be used to endorse or promote products derived from +// this software without specific prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +syntax = "proto3"; + +package google.protobuf; + +option csharp_namespace = "Google.Protobuf.WellKnownTypes"; +option java_package = "com.google.protobuf"; +option java_outer_classname = "FieldMaskProto"; +option java_multiple_files = true; +option objc_class_prefix = "GPB"; +option go_package = "google.golang.org/genproto/protobuf/field_mask;field_mask"; + +// `FieldMask` represents a set of symbolic field paths, for example: +// +// paths: "f.a" +// paths: "f.b.d" +// +// Here `f` represents a field in some root message, `a` and `b` +// fields in the message found in `f`, and `d` a field found in the +// message in `f.b`. +// +// Field masks are used to specify a subset of fields that should be +// returned by a get operation or modified by an update operation. +// Field masks also have a custom JSON encoding (see below). +// +// # Field Masks in Projections +// +// When used in the context of a projection, a response message or +// sub-message is filtered by the API to only contain those fields as +// specified in the mask. For example, if the mask in the previous +// example is applied to a response message as follows: +// +// f { +// a : 22 +// b { +// d : 1 +// x : 2 +// } +// y : 13 +// } +// z: 8 +// +// The result will not contain specific values for fields x,y and z +// (their value will be set to the default, and omitted in proto text +// output): +// +// +// f { +// a : 22 +// b { +// d : 1 +// } +// } +// +// A repeated field is not allowed except at the last position of a +// paths string. +// +// If a FieldMask object is not present in a get operation, the +// operation applies to all fields (as if a FieldMask of all fields +// had been specified). +// +// Note that a field mask does not necessarily apply to the +// top-level response message. In case of a REST get operation, the +// field mask applies directly to the response, but in case of a REST +// list operation, the mask instead applies to each individual message +// in the returned resource list. In case of a REST custom method, +// other definitions may be used. Where the mask applies will be +// clearly documented together with its declaration in the API. In +// any case, the effect on the returned resource/resources is required +// behavior for APIs. +// +// # Field Masks in Update Operations +// +// A field mask in update operations specifies which fields of the +// targeted resource are going to be updated. The API is required +// to only change the values of the fields as specified in the mask +// and leave the others untouched. If a resource is passed in to +// describe the updated values, the API ignores the values of all +// fields not covered by the mask. +// +// If a repeated field is specified for an update operation, the existing +// repeated values in the target resource will be overwritten by the new values. +// Note that a repeated field is only allowed in the last position of a `paths` +// string. +// +// If a sub-message is specified in the last position of the field mask for an +// update operation, then the existing sub-message in the target resource is +// overwritten. Given the target message: +// +// f { +// b { +// d : 1 +// x : 2 +// } +// c : 1 +// } +// +// And an update message: +// +// f { +// b { +// d : 10 +// } +// } +// +// then if the field mask is: +// +// paths: "f.b" +// +// then the result will be: +// +// f { +// b { +// d : 10 +// } +// c : 1 +// } +// +// However, if the update mask was: +// +// paths: "f.b.d" +// +// then the result would be: +// +// f { +// b { +// d : 10 +// x : 2 +// } +// c : 1 +// } +// +// In order to reset a field's value to the default, the field must +// be in the mask and set to the default value in the provided resource. +// Hence, in order to reset all fields of a resource, provide a default +// instance of the resource and set all fields in the mask, or do +// not provide a mask as described below. +// +// If a field mask is not present on update, the operation applies to +// all fields (as if a field mask of all fields has been specified). +// Note that in the presence of schema evolution, this may mean that +// fields the client does not know and has therefore not filled into +// the request will be reset to their default. If this is unwanted +// behavior, a specific service may require a client to always specify +// a field mask, producing an error if not. +// +// As with get operations, the location of the resource which +// describes the updated values in the request message depends on the +// operation kind. In any case, the effect of the field mask is +// required to be honored by the API. +// +// ## Considerations for HTTP REST +// +// The HTTP kind of an update operation which uses a field mask must +// be set to PATCH instead of PUT in order to satisfy HTTP semantics +// (PUT must only be used for full updates). +// +// # JSON Encoding of Field Masks +// +// In JSON, a field mask is encoded as a single string where paths are +// separated by a comma. Fields name in each path are converted +// to/from lower-camel naming conventions. +// +// As an example, consider the following message declarations: +// +// message Profile { +// User user = 1; +// Photo photo = 2; +// } +// message User { +// string display_name = 1; +// string address = 2; +// } +// +// In proto a field mask for `Profile` may look as such: +// +// mask { +// paths: "user.display_name" +// paths: "photo" +// } +// +// In JSON, the same mask is represented as below: +// +// { +// mask: "user.displayName,photo" +// } +// +// # Field Masks and Oneof Fields +// +// Field masks treat fields in oneofs just as regular fields. Consider the +// following message: +// +// message SampleMessage { +// oneof test_oneof { +// string name = 4; +// SubMessage sub_message = 9; +// } +// } +// +// The field mask can be: +// +// mask { +// paths: "name" +// } +// +// Or: +// +// mask { +// paths: "sub_message" +// } +// +// Note that oneof type names ("test_oneof" in this case) cannot be used in +// paths. +// +// ## Field Mask Verification +// +// The implementation of any API method which has a FieldMask type field in the +// request should verify the included field paths, and return an +// `INVALID_ARGUMENT` error if any path is duplicated or unmappable. +message FieldMask { + // The set of field mask paths. + repeated string paths = 1; +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/google/protobuf/source_context.proto b/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/google/protobuf/source_context.proto new file mode 100644 index 00000000..f3b2c966 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/google/protobuf/source_context.proto @@ -0,0 +1,48 @@ +// Protocol Buffers - Google's data interchange format +// Copyright 2008 Google Inc. All rights reserved. +// https://developers.google.com/protocol-buffers/ +// +// Redistribution and use in source and binary forms, with or without +// modification, are permitted provided that the following conditions are +// met: +// +// * Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// * Redistributions in binary form must reproduce the above +// copyright notice, this list of conditions and the following disclaimer +// in the documentation and/or other materials provided with the +// distribution. +// * Neither the name of Google Inc. nor the names of its +// contributors may be used to endorse or promote products derived from +// this software without specific prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +syntax = "proto3"; + +package google.protobuf; + +option csharp_namespace = "Google.Protobuf.WellKnownTypes"; +option java_package = "com.google.protobuf"; +option java_outer_classname = "SourceContextProto"; +option java_multiple_files = true; +option objc_class_prefix = "GPB"; +option go_package = "google.golang.org/genproto/protobuf/source_context;source_context"; + +// `SourceContext` represents information about the source of a +// protobuf element, like the file in which it is defined. +message SourceContext { + // The path-qualified name of the .proto file that contained the associated + // protobuf element. For example: `"google/protobuf/source_context.proto"`. + string file_name = 1; +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/google/protobuf/struct.proto b/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/google/protobuf/struct.proto new file mode 100644 index 00000000..7d7808e7 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/google/protobuf/struct.proto @@ -0,0 +1,96 @@ +// Protocol Buffers - Google's data interchange format +// Copyright 2008 Google Inc. All rights reserved. +// https://developers.google.com/protocol-buffers/ +// +// Redistribution and use in source and binary forms, with or without +// modification, are permitted provided that the following conditions are +// met: +// +// * Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// * Redistributions in binary form must reproduce the above +// copyright notice, this list of conditions and the following disclaimer +// in the documentation and/or other materials provided with the +// distribution. +// * Neither the name of Google Inc. nor the names of its +// contributors may be used to endorse or promote products derived from +// this software without specific prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +syntax = "proto3"; + +package google.protobuf; + +option csharp_namespace = "Google.Protobuf.WellKnownTypes"; +option cc_enable_arenas = true; +option go_package = "github.com/golang/protobuf/ptypes/struct;structpb"; +option java_package = "com.google.protobuf"; +option java_outer_classname = "StructProto"; +option java_multiple_files = true; +option objc_class_prefix = "GPB"; + + +// `Struct` represents a structured data value, consisting of fields +// which map to dynamically typed values. In some languages, `Struct` +// might be supported by a native representation. For example, in +// scripting languages like JS a struct is represented as an +// object. The details of that representation are described together +// with the proto support for the language. +// +// The JSON representation for `Struct` is JSON object. +message Struct { + // Unordered map of dynamically typed values. + map fields = 1; +} + +// `Value` represents a dynamically typed value which can be either +// null, a number, a string, a boolean, a recursive struct value, or a +// list of values. A producer of value is expected to set one of that +// variants, absence of any variant indicates an error. +// +// The JSON representation for `Value` is JSON value. +message Value { + // The kind of value. + oneof kind { + // Represents a null value. + NullValue null_value = 1; + // Represents a double value. + double number_value = 2; + // Represents a string value. + string string_value = 3; + // Represents a boolean value. + bool bool_value = 4; + // Represents a structured value. + Struct struct_value = 5; + // Represents a repeated `Value`. + ListValue list_value = 6; + } +} + +// `NullValue` is a singleton enumeration to represent the null value for the +// `Value` type union. +// +// The JSON representation for `NullValue` is JSON `null`. +enum NullValue { + // Null value. + NULL_VALUE = 0; +} + +// `ListValue` is a wrapper around a repeated field of values. +// +// The JSON representation for `ListValue` is JSON array. +message ListValue { + // Repeated field of dynamically typed values. + repeated Value values = 1; +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/google/protobuf/timestamp.proto b/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/google/protobuf/timestamp.proto new file mode 100644 index 00000000..eafb3fa0 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/google/protobuf/timestamp.proto @@ -0,0 +1,135 @@ +// Protocol Buffers - Google's data interchange format +// Copyright 2008 Google Inc. All rights reserved. +// https://developers.google.com/protocol-buffers/ +// +// Redistribution and use in source and binary forms, with or without +// modification, are permitted provided that the following conditions are +// met: +// +// * Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// * Redistributions in binary form must reproduce the above +// copyright notice, this list of conditions and the following disclaimer +// in the documentation and/or other materials provided with the +// distribution. +// * Neither the name of Google Inc. nor the names of its +// contributors may be used to endorse or promote products derived from +// this software without specific prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +syntax = "proto3"; + +package google.protobuf; + +option csharp_namespace = "Google.Protobuf.WellKnownTypes"; +option cc_enable_arenas = true; +option go_package = "github.com/golang/protobuf/ptypes/timestamp"; +option java_package = "com.google.protobuf"; +option java_outer_classname = "TimestampProto"; +option java_multiple_files = true; +option objc_class_prefix = "GPB"; + +// A Timestamp represents a point in time independent of any time zone +// or calendar, represented as seconds and fractions of seconds at +// nanosecond resolution in UTC Epoch time. It is encoded using the +// Proleptic Gregorian Calendar which extends the Gregorian calendar +// backwards to year one. It is encoded assuming all minutes are 60 +// seconds long, i.e. leap seconds are "smeared" so that no leap second +// table is needed for interpretation. Range is from +// 0001-01-01T00:00:00Z to 9999-12-31T23:59:59.999999999Z. +// By restricting to that range, we ensure that we can convert to +// and from RFC 3339 date strings. +// See [https://www.ietf.org/rfc/rfc3339.txt](https://www.ietf.org/rfc/rfc3339.txt). +// +// # Examples +// +// Example 1: Compute Timestamp from POSIX `time()`. +// +// Timestamp timestamp; +// timestamp.set_seconds(time(NULL)); +// timestamp.set_nanos(0); +// +// Example 2: Compute Timestamp from POSIX `gettimeofday()`. +// +// struct timeval tv; +// gettimeofday(&tv, NULL); +// +// Timestamp timestamp; +// timestamp.set_seconds(tv.tv_sec); +// timestamp.set_nanos(tv.tv_usec * 1000); +// +// Example 3: Compute Timestamp from Win32 `GetSystemTimeAsFileTime()`. +// +// FILETIME ft; +// GetSystemTimeAsFileTime(&ft); +// UINT64 ticks = (((UINT64)ft.dwHighDateTime) << 32) | ft.dwLowDateTime; +// +// // A Windows tick is 100 nanoseconds. Windows epoch 1601-01-01T00:00:00Z +// // is 11644473600 seconds before Unix epoch 1970-01-01T00:00:00Z. +// Timestamp timestamp; +// timestamp.set_seconds((INT64) ((ticks / 10000000) - 11644473600LL)); +// timestamp.set_nanos((INT32) ((ticks % 10000000) * 100)); +// +// Example 4: Compute Timestamp from Java `System.currentTimeMillis()`. +// +// long millis = System.currentTimeMillis(); +// +// Timestamp timestamp = Timestamp.newBuilder().setSeconds(millis / 1000) +// .setNanos((int) ((millis % 1000) * 1000000)).build(); +// +// +// Example 5: Compute Timestamp from current time in Python. +// +// timestamp = Timestamp() +// timestamp.GetCurrentTime() +// +// # JSON Mapping +// +// In JSON format, the Timestamp type is encoded as a string in the +// [RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) format. That is, the +// format is "{year}-{month}-{day}T{hour}:{min}:{sec}[.{frac_sec}]Z" +// where {year} is always expressed using four digits while {month}, {day}, +// {hour}, {min}, and {sec} are zero-padded to two digits each. The fractional +// seconds, which can go up to 9 digits (i.e. up to 1 nanosecond resolution), +// are optional. The "Z" suffix indicates the timezone ("UTC"); the timezone +// is required. A proto3 JSON serializer should always use UTC (as indicated by +// "Z") when printing the Timestamp type and a proto3 JSON parser should be +// able to accept both UTC and other timezones (as indicated by an offset). +// +// For example, "2017-01-15T01:30:15.01Z" encodes 15.01 seconds past +// 01:30 UTC on January 15, 2017. +// +// In JavaScript, one can convert a Date object to this format using the +// standard [toISOString()](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Date/toISOString] +// method. In Python, a standard `datetime.datetime` object can be converted +// to this format using [`strftime`](https://docs.python.org/2/library/time.html#time.strftime) +// with the time format spec '%Y-%m-%dT%H:%M:%S.%fZ'. Likewise, in Java, one +// can use the Joda Time's [`ISODateTimeFormat.dateTime()`]( +// http://www.joda.org/joda-time/apidocs/org/joda/time/format/ISODateTimeFormat.html#dateTime-- +// ) to obtain a formatter capable of generating timestamps in this format. +// +// +message Timestamp { + + // Represents seconds of UTC time since Unix epoch + // 1970-01-01T00:00:00Z. Must be from 0001-01-01T00:00:00Z to + // 9999-12-31T23:59:59Z inclusive. + int64 seconds = 1; + + // Non-negative fractions of a second at nanosecond resolution. Negative + // second values with fractions must still have non-negative nanos values + // that count forward in time. Must be from 0 to 999,999,999 + // inclusive. + int32 nanos = 2; +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/google/protobuf/type.proto b/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/google/protobuf/type.proto new file mode 100644 index 00000000..624c15ee --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/google/protobuf/type.proto @@ -0,0 +1,187 @@ +// Protocol Buffers - Google's data interchange format +// Copyright 2008 Google Inc. All rights reserved. +// https://developers.google.com/protocol-buffers/ +// +// Redistribution and use in source and binary forms, with or without +// modification, are permitted provided that the following conditions are +// met: +// +// * Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// * Redistributions in binary form must reproduce the above +// copyright notice, this list of conditions and the following disclaimer +// in the documentation and/or other materials provided with the +// distribution. +// * Neither the name of Google Inc. nor the names of its +// contributors may be used to endorse or promote products derived from +// this software without specific prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +syntax = "proto3"; + +package google.protobuf; + +import "google/protobuf/any.proto"; +import "google/protobuf/source_context.proto"; + +option csharp_namespace = "Google.Protobuf.WellKnownTypes"; +option cc_enable_arenas = true; +option java_package = "com.google.protobuf"; +option java_outer_classname = "TypeProto"; +option java_multiple_files = true; +option objc_class_prefix = "GPB"; +option go_package = "google.golang.org/genproto/protobuf/ptype;ptype"; + +// A protocol buffer message type. +message Type { + // The fully qualified message name. + string name = 1; + // The list of fields. + repeated Field fields = 2; + // The list of types appearing in `oneof` definitions in this type. + repeated string oneofs = 3; + // The protocol buffer options. + repeated Option options = 4; + // The source context. + SourceContext source_context = 5; + // The source syntax. + Syntax syntax = 6; +} + +// A single field of a message type. +message Field { + // Basic field types. + enum Kind { + // Field type unknown. + TYPE_UNKNOWN = 0; + // Field type double. + TYPE_DOUBLE = 1; + // Field type float. + TYPE_FLOAT = 2; + // Field type int64. + TYPE_INT64 = 3; + // Field type uint64. + TYPE_UINT64 = 4; + // Field type int32. + TYPE_INT32 = 5; + // Field type fixed64. + TYPE_FIXED64 = 6; + // Field type fixed32. + TYPE_FIXED32 = 7; + // Field type bool. + TYPE_BOOL = 8; + // Field type string. + TYPE_STRING = 9; + // Field type group. Proto2 syntax only, and deprecated. + TYPE_GROUP = 10; + // Field type message. + TYPE_MESSAGE = 11; + // Field type bytes. + TYPE_BYTES = 12; + // Field type uint32. + TYPE_UINT32 = 13; + // Field type enum. + TYPE_ENUM = 14; + // Field type sfixed32. + TYPE_SFIXED32 = 15; + // Field type sfixed64. + TYPE_SFIXED64 = 16; + // Field type sint32. + TYPE_SINT32 = 17; + // Field type sint64. + TYPE_SINT64 = 18; + }; + + // Whether a field is optional, required, or repeated. + enum Cardinality { + // For fields with unknown cardinality. + CARDINALITY_UNKNOWN = 0; + // For optional fields. + CARDINALITY_OPTIONAL = 1; + // For required fields. Proto2 syntax only. + CARDINALITY_REQUIRED = 2; + // For repeated fields. + CARDINALITY_REPEATED = 3; + }; + + // The field type. + Kind kind = 1; + // The field cardinality. + Cardinality cardinality = 2; + // The field number. + int32 number = 3; + // The field name. + string name = 4; + // The field type URL, without the scheme, for message or enumeration + // types. Example: `"type.googleapis.com/google.protobuf.Timestamp"`. + string type_url = 6; + // The index of the field type in `Type.oneofs`, for message or enumeration + // types. The first type has index 1; zero means the type is not in the list. + int32 oneof_index = 7; + // Whether to use alternative packed wire representation. + bool packed = 8; + // The protocol buffer options. + repeated Option options = 9; + // The field JSON name. + string json_name = 10; + // The string value of the default value of this field. Proto2 syntax only. + string default_value = 11; +} + +// Enum type definition. +message Enum { + // Enum type name. + string name = 1; + // Enum value definitions. + repeated EnumValue enumvalue = 2; + // Protocol buffer options. + repeated Option options = 3; + // The source context. + SourceContext source_context = 4; + // The source syntax. + Syntax syntax = 5; +} + +// Enum value definition. +message EnumValue { + // Enum value name. + string name = 1; + // Enum value number. + int32 number = 2; + // Protocol buffer options. + repeated Option options = 3; +} + +// A protocol buffer option, which can be attached to a message, field, +// enumeration, etc. +message Option { + // The option's name. For protobuf built-in options (options defined in + // descriptor.proto), this is the short name. For example, `"map_entry"`. + // For custom options, it should be the fully-qualified name. For example, + // `"google.api.http"`. + string name = 1; + // The option's value packed in an Any message. If the value is a primitive, + // the corresponding wrapper type defined in google/protobuf/wrappers.proto + // should be used. If the value is an enum, it should be stored as an int32 + // value using the google.protobuf.Int32Value type. + Any value = 2; +} + +// The syntax in which a protocol buffer element is defined. +enum Syntax { + // Syntax `proto2`. + SYNTAX_PROTO2 = 0; + // Syntax `proto3`. + SYNTAX_PROTO3 = 1; +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/google/protobuf/wrappers.proto b/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/google/protobuf/wrappers.proto new file mode 100644 index 00000000..01947639 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/google/protobuf/wrappers.proto @@ -0,0 +1,118 @@ +// Protocol Buffers - Google's data interchange format +// Copyright 2008 Google Inc. All rights reserved. +// https://developers.google.com/protocol-buffers/ +// +// Redistribution and use in source and binary forms, with or without +// modification, are permitted provided that the following conditions are +// met: +// +// * Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// * Redistributions in binary form must reproduce the above +// copyright notice, this list of conditions and the following disclaimer +// in the documentation and/or other materials provided with the +// distribution. +// * Neither the name of Google Inc. nor the names of its +// contributors may be used to endorse or promote products derived from +// this software without specific prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +// Wrappers for primitive (non-message) types. These types are useful +// for embedding primitives in the `google.protobuf.Any` type and for places +// where we need to distinguish between the absence of a primitive +// typed field and its default value. + +syntax = "proto3"; + +package google.protobuf; + +option csharp_namespace = "Google.Protobuf.WellKnownTypes"; +option cc_enable_arenas = true; +option go_package = "github.com/golang/protobuf/ptypes/wrappers"; +option java_package = "com.google.protobuf"; +option java_outer_classname = "WrappersProto"; +option java_multiple_files = true; +option objc_class_prefix = "GPB"; + +// Wrapper message for `double`. +// +// The JSON representation for `DoubleValue` is JSON number. +message DoubleValue { + // The double value. + double value = 1; +} + +// Wrapper message for `float`. +// +// The JSON representation for `FloatValue` is JSON number. +message FloatValue { + // The float value. + float value = 1; +} + +// Wrapper message for `int64`. +// +// The JSON representation for `Int64Value` is JSON string. +message Int64Value { + // The int64 value. + int64 value = 1; +} + +// Wrapper message for `uint64`. +// +// The JSON representation for `UInt64Value` is JSON string. +message UInt64Value { + // The uint64 value. + uint64 value = 1; +} + +// Wrapper message for `int32`. +// +// The JSON representation for `Int32Value` is JSON number. +message Int32Value { + // The int32 value. + int32 value = 1; +} + +// Wrapper message for `uint32`. +// +// The JSON representation for `UInt32Value` is JSON number. +message UInt32Value { + // The uint32 value. + uint32 value = 1; +} + +// Wrapper message for `bool`. +// +// The JSON representation for `BoolValue` is JSON `true` and `false`. +message BoolValue { + // The bool value. + bool value = 1; +} + +// Wrapper message for `string`. +// +// The JSON representation for `StringValue` is JSON string. +message StringValue { + // The string value. + string value = 1; +} + +// Wrapper message for `bytes`. +// +// The JSON representation for `BytesValue` is JSON string. +message BytesValue { + // The bytes value. + bytes value = 1; +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/hello.proto b/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/hello.proto new file mode 100644 index 00000000..273a41fb --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/hello.proto @@ -0,0 +1,21 @@ +// from https://github.com/moul/pb +// based on https://grpc.io/docs/guides/concepts.html + +syntax = "proto2"; + +package hello; + +service HelloService { + rpc SayHello(HelloRequest) returns (HelloResponse); + rpc LotsOfReplies(HelloRequest) returns (stream HelloResponse); + rpc LotsOfGreetings(stream HelloRequest) returns (HelloResponse); + rpc BidiHello(stream HelloRequest) returns (stream HelloResponse); +} + +message HelloRequest { + optional string greeting = 1; +} + +message HelloResponse { + required string reply = 1; +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/helloworld.proto b/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/helloworld.proto new file mode 100644 index 00000000..6967b3ab --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/helloworld.proto @@ -0,0 +1,35 @@ +syntax = "proto3"; + +package hello; + +service HelloService { + rpc SayHello(HelloRequest) returns (HelloResponse) { + option (google.api.http) = { + // https://github.com/googleapis/googleapis/blob/master/google/api/http.proto + // HTTP | gRPC + // -----|----- + // `GET /v1/messages/123456` | `HelloRequest(greeting: "123456")` + get: "/v1/messages/{greeting}" + additional_bindings { + get: "/v1/messages/legacy/{greeting=**}" + } + post: "/v1/messages/" + body: "*" + } + }; + + // define a gRPC method that's not implemented in grpcbin + rpc UnknownMethod(HelloRequest) returns (HelloResponse) { + option (google.api.http) = { + get: "/v1/unknown/{greeting}" + } + }; +} + +message HelloRequest { + required string greeting = 1; +} + +message HelloResponse { + required string reply = 1; +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/second_level_imports.proto b/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/second_level_imports.proto new file mode 100644 index 00000000..7edce70a --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/second_level_imports.proto @@ -0,0 +1,7 @@ +syntax = "proto3"; + +import "direct_imports.proto"; + +service Added { + rpc Final(hello.HelloRequest) returns (hello.HelloResponse); +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/target/go.mod b/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/target/go.mod new file mode 100644 index 00000000..24a43b89 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/target/go.mod @@ -0,0 +1,10 @@ +module target + +go 1.15 + +require ( + github.com/golang/protobuf v1.5.2 + google.golang.org/genproto v0.0.0-20210716133855-ce7ef5c701ea + google.golang.org/grpc v1.39.0 + google.golang.org/protobuf v1.27.1 +) diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/target/go.sum b/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/target/go.sum new file mode 100644 index 00000000..780a5f3f --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/target/go.sum @@ -0,0 +1,170 @@ +cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= +cloud.google.com/go v0.34.0 h1:eOI3/cP2VTU6uZLDYAoic+eyzzB9YyGmJ7eIjl8rOPg= +cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= +github.com/BurntSushi/toml v0.3.1 h1:WXkYYl6Yr3qBf1K79EBnL4mak0OimBfB0XUf9Vl28OQ= +github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/antihax/optional v1.0.0 h1:xK2lYat7ZLaVVcIuj82J8kIro4V6kDe0AUDFboUCwcg= +github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY= +github.com/census-instrumentation/opencensus-proto v0.2.1 h1:glEXhBS5PSLLv4IXzLA5yPRVX4bilULVyxxbrfOtDAk= +github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= +github.com/client9/misspell v0.3.4 h1:ta993UF76GwbvJcIo3Y68y/M3WxlpEHPWIGDkJYwzJI= +github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= +github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= +github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403 h1:cqQfy1jclcSy/FwLjemeg3SR1yaINm74aQyupQ0Bl8M= +github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= +github.com/cncf/xds/go v0.0.0-20210312221358-fbca930ec8ed h1:OZmjad4L3H8ncOIR8rnb5MREYqG8ixi5+WbeUsquF0c= +github.com/cncf/xds/go v0.0.0-20210312221358-fbca930ec8ed/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8= +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= +github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= +github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= +github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= +github.com/envoyproxy/go-control-plane v0.9.9-0.20210512163311-63b5d3c536b0 h1:dulLQAYQFYtG5MTplgNGHWuV2D+OBD+Z8lmDBmbLg+s= +github.com/envoyproxy/go-control-plane v0.9.9-0.20210512163311-63b5d3c536b0/go.mod h1:hliV/p42l8fGbc6Y9bQ70uLwIvmJyVE5k4iMKlh8wCQ= +github.com/envoyproxy/protoc-gen-validate v0.1.0 h1:EQciDnbrYxy13PgWoY8AqoxGiPrpgBZ1R8UNe3ddc+A= +github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= +github.com/ghodss/yaml v1.0.0 h1:wQHKEahhL6wmXdzwWG11gIVCkOv05bNOh+Rxn0yngAk= +github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= +github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b h1:VKtxabqXZkF25pY9ekfRL6a582T4P37/31XEstQ5p58= +github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= +github.com/golang/mock v1.1.1 h1:G5FRp8JnTd7RQH5kemVNlMeyXQAztQ3mOWV95KxsXH8= +github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= +github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= +github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= +github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= +github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= +github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= +github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= +github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= +github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= +github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= +github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= +github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw= +github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= +github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= +github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= +github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= +github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.5 h1:Khx7svrCpmxxtHBq5j2mp/xVjsi8hQMfNLvJFAlrGgU= +github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/uuid v1.1.2 h1:EVhdT+1Kseyi1/pUmXKaFxYsDNy9RQYkMWRH68J/W7Y= +github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/grpc-ecosystem/grpc-gateway v1.16.0 h1:gmcG1KaJ57LophUzW0Hy8NmPhnMZb4M0+kPpLofRdBo= +github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4 h1:gQz4mCbXsO+nc9n1hCxHcGA3Zx3Eo+UHZoInFGUIXNM= +github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= +github.com/rogpeppe/fastuuid v1.2.0 h1:Ppwyp6VYCF1nvBTXL3trRso7mXMlRrw9ooo375wvi2s= +github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= +github.com/stretchr/objx v0.1.0 h1:4G4v2dO3VZwixGIRoQ5Lfboy6nUhCyYzaqnIAPPhYs4= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/testify v1.5.1 h1:nOGnQDM7FYENwehXlg/kFVnos3rEvtKTjRvOWSzb6H4= +github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= +github.com/yuin/goldmark v1.3.5 h1:dPmz1Snjq0kmkz159iL7S6WzdahUTHnHB5M56WFVifs= +github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= +go.opentelemetry.io/proto/otlp v0.7.0 h1:rwOQPCuKAKmwGKq2aVNnYIibI6wnV7EvzgfTCzcdGg8= +go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI= +golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9 h1:psW17arqaxU48Z5kZ0CQnkZWQJsqcURM6tKiBApRjXI= +golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/exp v0.0.0-20190121172915-509febef88a4 h1:c2HOrn5iMezYjSlGPncknSEr/8x5LELb/ilJbXi9DEA= +golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= +golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= +golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= +golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/lint v0.0.0-20210508222113-6edffad5e616 h1:VLliZ0d+/avPrXXH+OakdXhpJuEoBZuwh1m2j7U6Iug= +golang.org/x/lint v0.0.0-20210508222113-6edffad5e616/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= +golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= +golang.org/x/mod v0.4.2 h1:Gz96sIWK3OalVv/I/qNygP42zyoKp3xptRVCWRFEBvo= +golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= +golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4 h1:4nGaVu0QrbjT/AK2PRLuQfQuh6DJve+pELhqTdAj3x0= +golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= +golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= +golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d h1:TzXSXBo42m9gQenoE3b9BGiEpg5IG2JkU5FkPIawgtw= +golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= +golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20210220032951-036812b2e83c h1:5KslGYwFpkhGh+Q16bwMP3cOontH8FOep7tGV86Y7SQ= +golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210510120138-977fb7262007 h1:gG67DSER+11cZvqIMb8S8bt0vZtiN6xWYARwirrOSfE= +golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1 h1:v+OssWQX+hTHEmOBgwxdZxK4zHq3yOs8F9J7mk0PY8E= +golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= +golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.5 h1:i6eZZ+zk0SOf0xgBpEpPD18qWcJda6q1sxt3S0kzyUQ= +golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= +golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= +golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.1.4 h1:cVngSRcfgyZCzys3KYOpCFa+4dqX/Oub9tAq00ttGVs= +golang.org/x/tools v0.1.4/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= +golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE= +golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= +google.golang.org/appengine v1.4.0 h1:/wp5JvzpHIxhs/dumFmF7BXTf3Z+dd4uXta4kVyO508= +google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= +google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= +google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= +google.golang.org/genproto v0.0.0-20200513103714-09dca8ec2884/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= +google.golang.org/genproto v0.0.0-20210716133855-ce7ef5c701ea h1:8ZyCcgugUqamxp/vZSEJw9CMy7VZlSWYJLLJPi/dSDA= +google.golang.org/genproto v0.0.0-20210716133855-ce7ef5c701ea/go.mod h1:AxrInvYm1dci+enl5hChSFPOmmUF1+uAa/UsgNRWd7k= +google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= +google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= +google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY= +google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= +google.golang.org/grpc v1.33.1/go.mod h1:fr5YgcSWrqhRRxogOsw7RzIpsmvOZ6IcH4kBYTpR3n0= +google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= +google.golang.org/grpc v1.39.0 h1:Klz8I9kdtkIN6EpHHUOMLCYhTn/2WAe5a0s1hcBkdTI= +google.golang.org/grpc v1.39.0/go.mod h1:PImNr+rS9TWYb2O4/emRugxiyHZ5JyHW5F+RPnDzfrE= +google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= +google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= +google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= +google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE= +google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo= +google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= +google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= +google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= +google.golang.org/protobuf v1.27.1 h1:SnqbnDw1V7RiZcXPx5MEeqPv2s79L9i7BJUlG/+RurQ= +google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.3 h1:fvjTMHxHEw/mxHbtzPi3JCcKXQRAnQTBRo6YCJSVHKI= +gopkg.in/yaml.v2 v2.2.3/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc h1:/hemPrYIhOhy8zYrNj+069zDB68us2sMGsfkFJO0iZs= +honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/target/grpc-target.go b/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/target/grpc-target.go new file mode 100644 index 00000000..860281eb --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/target/grpc-target.go @@ -0,0 +1,61 @@ +package main + +import ( + "context" + "fmt" + "log" + "net" + "time" + + "google.golang.org/grpc" + "google.golang.org/protobuf/types/known/timestamppb" + pb "target/targetservice" +) + +const ( + port = ":15010" +) + +type server struct { + pb.UnimplementedBouncerServer +} + +func (s *server) SayHello(ctx context.Context, in *pb.HelloRequest) (*pb.HelloResponse, error) { + return &pb.HelloResponse{ + Reply: fmt.Sprintf("hello %s", in.GetGreeting()), + }, nil +} + +func (s *server) BounceIt(ctx context.Context, in *pb.BallIn) (*pb.BallOut, error) { + w := in.GetWhen().AsTime() + now := in.GetNow().AsTime() + ago := now.Sub(w) + + reply := fmt.Sprintf("hello %s", in.GetMessage()) + time_message := fmt.Sprintf("%s was %v ago", w.Format(time.RFC3339), ago.Truncate(time.Second)) + + return &pb.BallOut{ + Reply: reply, + TimeMessage: time_message, + Now: timestamppb.New(now), + }, nil +} + +func (s *server) GrowTail(ctx context.Context, in *pb.Body) (*pb.Body, error) { + in.Tail.Count += 1 + + return in, nil +} + +func main() { + lis, err := net.Listen("tcp", port) + if err != nil { + log.Fatalf("failed to listen: %v", err) + } + s := grpc.NewServer() + pb.RegisterBouncerServer(s, &server{}) + log.Printf("server listening at %v", lis.Addr()) + if err := s.Serve(lis); err != nil { + log.Fatalf("failed to serve: %v", err) + } +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/target/targetservice/targetservice.pb.go b/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/target/targetservice/targetservice.pb.go new file mode 100644 index 00000000..1a11c5dd --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/target/targetservice/targetservice.pb.go @@ -0,0 +1,591 @@ +// Code generated by protoc-gen-go. DO NOT EDIT. +// versions: +// protoc-gen-go v1.25.0 +// protoc v3.6.1 +// source: targetservice.proto + +package targetservice + +import ( + proto "github.com/golang/protobuf/proto" + timestamp "github.com/golang/protobuf/ptypes/timestamp" + _ "google.golang.org/genproto/googleapis/api/annotations" + protoreflect "google.golang.org/protobuf/reflect/protoreflect" + protoimpl "google.golang.org/protobuf/runtime/protoimpl" + reflect "reflect" + sync "sync" +) + +const ( + // Verify that this generated code is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) + // Verify that runtime/protoimpl is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) +) + +// This is a compile-time assertion that a sufficiently up-to-date version +// of the legacy proto package is being used. +const _ = proto.ProtoPackageIsVersion4 + +type HelloRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Greeting string `protobuf:"bytes,1,opt,name=greeting,proto3" json:"greeting,omitempty"` +} + +func (x *HelloRequest) Reset() { + *x = HelloRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_targetservice_proto_msgTypes[0] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *HelloRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*HelloRequest) ProtoMessage() {} + +func (x *HelloRequest) ProtoReflect() protoreflect.Message { + mi := &file_targetservice_proto_msgTypes[0] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use HelloRequest.ProtoReflect.Descriptor instead. +func (*HelloRequest) Descriptor() ([]byte, []int) { + return file_targetservice_proto_rawDescGZIP(), []int{0} +} + +func (x *HelloRequest) GetGreeting() string { + if x != nil { + return x.Greeting + } + return "" +} + +type HelloResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Reply string `protobuf:"bytes,1,opt,name=reply,proto3" json:"reply,omitempty"` +} + +func (x *HelloResponse) Reset() { + *x = HelloResponse{} + if protoimpl.UnsafeEnabled { + mi := &file_targetservice_proto_msgTypes[1] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *HelloResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*HelloResponse) ProtoMessage() {} + +func (x *HelloResponse) ProtoReflect() protoreflect.Message { + mi := &file_targetservice_proto_msgTypes[1] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use HelloResponse.ProtoReflect.Descriptor instead. +func (*HelloResponse) Descriptor() ([]byte, []int) { + return file_targetservice_proto_rawDescGZIP(), []int{1} +} + +func (x *HelloResponse) GetReply() string { + if x != nil { + return x.Reply + } + return "" +} + +type BallIn struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Message string `protobuf:"bytes,1,opt,name=message,proto3" json:"message,omitempty"` + When *timestamp.Timestamp `protobuf:"bytes,2,opt,name=when,proto3" json:"when,omitempty"` + Now *timestamp.Timestamp `protobuf:"bytes,3,opt,name=now,proto3" json:"now,omitempty"` +} + +func (x *BallIn) Reset() { + *x = BallIn{} + if protoimpl.UnsafeEnabled { + mi := &file_targetservice_proto_msgTypes[2] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *BallIn) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*BallIn) ProtoMessage() {} + +func (x *BallIn) ProtoReflect() protoreflect.Message { + mi := &file_targetservice_proto_msgTypes[2] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use BallIn.ProtoReflect.Descriptor instead. +func (*BallIn) Descriptor() ([]byte, []int) { + return file_targetservice_proto_rawDescGZIP(), []int{2} +} + +func (x *BallIn) GetMessage() string { + if x != nil { + return x.Message + } + return "" +} + +func (x *BallIn) GetWhen() *timestamp.Timestamp { + if x != nil { + return x.When + } + return nil +} + +func (x *BallIn) GetNow() *timestamp.Timestamp { + if x != nil { + return x.Now + } + return nil +} + +type BallOut struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Reply string `protobuf:"bytes,1,opt,name=reply,proto3" json:"reply,omitempty"` + TimeMessage string `protobuf:"bytes,2,opt,name=time_message,json=timeMessage,proto3" json:"time_message,omitempty"` + Now *timestamp.Timestamp `protobuf:"bytes,3,opt,name=now,proto3" json:"now,omitempty"` +} + +func (x *BallOut) Reset() { + *x = BallOut{} + if protoimpl.UnsafeEnabled { + mi := &file_targetservice_proto_msgTypes[3] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *BallOut) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*BallOut) ProtoMessage() {} + +func (x *BallOut) ProtoReflect() protoreflect.Message { + mi := &file_targetservice_proto_msgTypes[3] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use BallOut.ProtoReflect.Descriptor instead. +func (*BallOut) Descriptor() ([]byte, []int) { + return file_targetservice_proto_rawDescGZIP(), []int{3} +} + +func (x *BallOut) GetReply() string { + if x != nil { + return x.Reply + } + return "" +} + +func (x *BallOut) GetTimeMessage() string { + if x != nil { + return x.TimeMessage + } + return "" +} + +func (x *BallOut) GetNow() *timestamp.Timestamp { + if x != nil { + return x.Now + } + return nil +} + +type Limb struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Count int32 `protobuf:"varint,1,opt,name=count,proto3" json:"count,omitempty"` + Endings string `protobuf:"bytes,2,opt,name=endings,proto3" json:"endings,omitempty"` +} + +func (x *Limb) Reset() { + *x = Limb{} + if protoimpl.UnsafeEnabled { + mi := &file_targetservice_proto_msgTypes[4] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *Limb) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*Limb) ProtoMessage() {} + +func (x *Limb) ProtoReflect() protoreflect.Message { + mi := &file_targetservice_proto_msgTypes[4] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use Limb.ProtoReflect.Descriptor instead. +func (*Limb) Descriptor() ([]byte, []int) { + return file_targetservice_proto_rawDescGZIP(), []int{4} +} + +func (x *Limb) GetCount() int32 { + if x != nil { + return x.Count + } + return 0 +} + +func (x *Limb) GetEndings() string { + if x != nil { + return x.Endings + } + return "" +} + +type Body struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` + Hands *Limb `protobuf:"bytes,2,opt,name=hands,proto3" json:"hands,omitempty"` + Legs *Limb `protobuf:"bytes,3,opt,name=legs,proto3" json:"legs,omitempty"` + Tail *Limb `protobuf:"bytes,4,opt,name=tail,proto3" json:"tail,omitempty"` +} + +func (x *Body) Reset() { + *x = Body{} + if protoimpl.UnsafeEnabled { + mi := &file_targetservice_proto_msgTypes[5] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *Body) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*Body) ProtoMessage() {} + +func (x *Body) ProtoReflect() protoreflect.Message { + mi := &file_targetservice_proto_msgTypes[5] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use Body.ProtoReflect.Descriptor instead. +func (*Body) Descriptor() ([]byte, []int) { + return file_targetservice_proto_rawDescGZIP(), []int{5} +} + +func (x *Body) GetName() string { + if x != nil { + return x.Name + } + return "" +} + +func (x *Body) GetHands() *Limb { + if x != nil { + return x.Hands + } + return nil +} + +func (x *Body) GetLegs() *Limb { + if x != nil { + return x.Legs + } + return nil +} + +func (x *Body) GetTail() *Limb { + if x != nil { + return x.Tail + } + return nil +} + +var File_targetservice_proto protoreflect.FileDescriptor + +var file_targetservice_proto_rawDesc = []byte{ + 0x0a, 0x13, 0x74, 0x61, 0x72, 0x67, 0x65, 0x74, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, + 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0d, 0x74, 0x61, 0x72, 0x67, 0x65, 0x74, 0x73, 0x65, 0x72, + 0x76, 0x69, 0x63, 0x65, 0x1a, 0x1c, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x61, 0x70, 0x69, + 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x70, 0x72, 0x6f, + 0x74, 0x6f, 0x1a, 0x1f, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, + 0x62, 0x75, 0x66, 0x2f, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x2e, 0x70, 0x72, + 0x6f, 0x74, 0x6f, 0x22, 0x2a, 0x0a, 0x0c, 0x48, 0x65, 0x6c, 0x6c, 0x6f, 0x52, 0x65, 0x71, 0x75, + 0x65, 0x73, 0x74, 0x12, 0x1a, 0x0a, 0x08, 0x67, 0x72, 0x65, 0x65, 0x74, 0x69, 0x6e, 0x67, 0x18, + 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x67, 0x72, 0x65, 0x65, 0x74, 0x69, 0x6e, 0x67, 0x22, + 0x25, 0x0a, 0x0d, 0x48, 0x65, 0x6c, 0x6c, 0x6f, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, + 0x12, 0x14, 0x0a, 0x05, 0x72, 0x65, 0x70, 0x6c, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, + 0x05, 0x72, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x80, 0x01, 0x0a, 0x06, 0x42, 0x61, 0x6c, 0x6c, 0x49, + 0x6e, 0x12, 0x18, 0x0a, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x18, 0x01, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x12, 0x2e, 0x0a, 0x04, 0x77, + 0x68, 0x65, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, + 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, + 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x04, 0x77, 0x68, 0x65, 0x6e, 0x12, 0x2c, 0x0a, 0x03, 0x6e, + 0x6f, 0x77, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, + 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, + 0x74, 0x61, 0x6d, 0x70, 0x52, 0x03, 0x6e, 0x6f, 0x77, 0x22, 0x70, 0x0a, 0x07, 0x42, 0x61, 0x6c, + 0x6c, 0x4f, 0x75, 0x74, 0x12, 0x14, 0x0a, 0x05, 0x72, 0x65, 0x70, 0x6c, 0x79, 0x18, 0x01, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x05, 0x72, 0x65, 0x70, 0x6c, 0x79, 0x12, 0x21, 0x0a, 0x0c, 0x74, 0x69, + 0x6d, 0x65, 0x5f, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, + 0x52, 0x0b, 0x74, 0x69, 0x6d, 0x65, 0x4d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x12, 0x2c, 0x0a, + 0x03, 0x6e, 0x6f, 0x77, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, + 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, + 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x03, 0x6e, 0x6f, 0x77, 0x22, 0x36, 0x0a, 0x04, 0x4c, + 0x69, 0x6d, 0x62, 0x12, 0x14, 0x0a, 0x05, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, + 0x28, 0x05, 0x52, 0x05, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x18, 0x0a, 0x07, 0x65, 0x6e, 0x64, + 0x69, 0x6e, 0x67, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x65, 0x6e, 0x64, 0x69, + 0x6e, 0x67, 0x73, 0x22, 0x97, 0x01, 0x0a, 0x04, 0x42, 0x6f, 0x64, 0x79, 0x12, 0x12, 0x0a, 0x04, + 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, + 0x12, 0x29, 0x0a, 0x05, 0x68, 0x61, 0x6e, 0x64, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, + 0x13, 0x2e, 0x74, 0x61, 0x72, 0x67, 0x65, 0x74, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, + 0x4c, 0x69, 0x6d, 0x62, 0x52, 0x05, 0x68, 0x61, 0x6e, 0x64, 0x73, 0x12, 0x27, 0x0a, 0x04, 0x6c, + 0x65, 0x67, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x13, 0x2e, 0x74, 0x61, 0x72, 0x67, + 0x65, 0x74, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x4c, 0x69, 0x6d, 0x62, 0x52, 0x04, + 0x6c, 0x65, 0x67, 0x73, 0x12, 0x27, 0x0a, 0x04, 0x74, 0x61, 0x69, 0x6c, 0x18, 0x04, 0x20, 0x01, + 0x28, 0x0b, 0x32, 0x13, 0x2e, 0x74, 0x61, 0x72, 0x67, 0x65, 0x74, 0x73, 0x65, 0x72, 0x76, 0x69, + 0x63, 0x65, 0x2e, 0x4c, 0x69, 0x6d, 0x62, 0x52, 0x04, 0x74, 0x61, 0x69, 0x6c, 0x32, 0xb3, 0x03, + 0x0a, 0x07, 0x42, 0x6f, 0x75, 0x6e, 0x63, 0x65, 0x72, 0x12, 0x9f, 0x01, 0x0a, 0x08, 0x53, 0x61, + 0x79, 0x48, 0x65, 0x6c, 0x6c, 0x6f, 0x12, 0x1b, 0x2e, 0x74, 0x61, 0x72, 0x67, 0x65, 0x74, 0x73, + 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x48, 0x65, 0x6c, 0x6c, 0x6f, 0x52, 0x65, 0x71, 0x75, + 0x65, 0x73, 0x74, 0x1a, 0x1c, 0x2e, 0x74, 0x61, 0x72, 0x67, 0x65, 0x74, 0x73, 0x65, 0x72, 0x76, + 0x69, 0x63, 0x65, 0x2e, 0x48, 0x65, 0x6c, 0x6c, 0x6f, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, + 0x65, 0x22, 0x58, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x52, 0x12, 0x17, 0x2f, 0x76, 0x31, 0x2f, 0x6d, + 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x73, 0x2f, 0x7b, 0x67, 0x72, 0x65, 0x65, 0x74, 0x69, 0x6e, + 0x67, 0x7d, 0x3a, 0x01, 0x2a, 0x5a, 0x34, 0x12, 0x21, 0x2f, 0x76, 0x31, 0x2f, 0x6d, 0x65, 0x73, + 0x73, 0x61, 0x67, 0x65, 0x73, 0x2f, 0x6c, 0x65, 0x67, 0x61, 0x63, 0x79, 0x2f, 0x7b, 0x67, 0x72, + 0x65, 0x65, 0x74, 0x69, 0x6e, 0x67, 0x3d, 0x2a, 0x2a, 0x7d, 0x5a, 0x0f, 0x22, 0x0d, 0x2f, 0x76, + 0x31, 0x2f, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x73, 0x2f, 0x12, 0x6a, 0x0a, 0x0d, 0x55, + 0x6e, 0x6b, 0x6e, 0x6f, 0x77, 0x6e, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x12, 0x1b, 0x2e, 0x74, + 0x61, 0x72, 0x67, 0x65, 0x74, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x48, 0x65, 0x6c, + 0x6c, 0x6f, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1c, 0x2e, 0x74, 0x61, 0x72, 0x67, + 0x65, 0x74, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x48, 0x65, 0x6c, 0x6c, 0x6f, 0x52, + 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x1e, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x18, 0x12, + 0x16, 0x2f, 0x76, 0x31, 0x2f, 0x75, 0x6e, 0x6b, 0x6e, 0x6f, 0x77, 0x6e, 0x2f, 0x7b, 0x67, 0x72, + 0x65, 0x65, 0x74, 0x69, 0x6e, 0x67, 0x7d, 0x12, 0x4d, 0x0a, 0x08, 0x42, 0x6f, 0x75, 0x6e, 0x63, + 0x65, 0x49, 0x74, 0x12, 0x15, 0x2e, 0x74, 0x61, 0x72, 0x67, 0x65, 0x74, 0x73, 0x65, 0x72, 0x76, + 0x69, 0x63, 0x65, 0x2e, 0x42, 0x61, 0x6c, 0x6c, 0x49, 0x6e, 0x1a, 0x16, 0x2e, 0x74, 0x61, 0x72, + 0x67, 0x65, 0x74, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x42, 0x61, 0x6c, 0x6c, 0x4f, + 0x75, 0x74, 0x22, 0x12, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x0c, 0x22, 0x07, 0x2f, 0x62, 0x6f, 0x75, + 0x6e, 0x63, 0x65, 0x3a, 0x01, 0x2a, 0x12, 0x4b, 0x0a, 0x08, 0x47, 0x72, 0x6f, 0x77, 0x54, 0x61, + 0x69, 0x6c, 0x12, 0x13, 0x2e, 0x74, 0x61, 0x72, 0x67, 0x65, 0x74, 0x73, 0x65, 0x72, 0x76, 0x69, + 0x63, 0x65, 0x2e, 0x42, 0x6f, 0x64, 0x79, 0x1a, 0x13, 0x2e, 0x74, 0x61, 0x72, 0x67, 0x65, 0x74, + 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x2e, 0x42, 0x6f, 0x64, 0x79, 0x22, 0x15, 0x82, 0xd3, + 0xe4, 0x93, 0x02, 0x0f, 0x12, 0x0d, 0x2f, 0x76, 0x31, 0x2f, 0x67, 0x72, 0x6f, 0x77, 0x2f, 0x74, + 0x61, 0x69, 0x6c, 0x42, 0x11, 0x5a, 0x0f, 0x2e, 0x2f, 0x74, 0x61, 0x72, 0x67, 0x65, 0x74, 0x73, + 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, +} + +var ( + file_targetservice_proto_rawDescOnce sync.Once + file_targetservice_proto_rawDescData = file_targetservice_proto_rawDesc +) + +func file_targetservice_proto_rawDescGZIP() []byte { + file_targetservice_proto_rawDescOnce.Do(func() { + file_targetservice_proto_rawDescData = protoimpl.X.CompressGZIP(file_targetservice_proto_rawDescData) + }) + return file_targetservice_proto_rawDescData +} + +var file_targetservice_proto_msgTypes = make([]protoimpl.MessageInfo, 6) +var file_targetservice_proto_goTypes = []interface{}{ + (*HelloRequest)(nil), // 0: targetservice.HelloRequest + (*HelloResponse)(nil), // 1: targetservice.HelloResponse + (*BallIn)(nil), // 2: targetservice.BallIn + (*BallOut)(nil), // 3: targetservice.BallOut + (*Limb)(nil), // 4: targetservice.Limb + (*Body)(nil), // 5: targetservice.Body + (*timestamp.Timestamp)(nil), // 6: google.protobuf.Timestamp +} +var file_targetservice_proto_depIdxs = []int32{ + 6, // 0: targetservice.BallIn.when:type_name -> google.protobuf.Timestamp + 6, // 1: targetservice.BallIn.now:type_name -> google.protobuf.Timestamp + 6, // 2: targetservice.BallOut.now:type_name -> google.protobuf.Timestamp + 4, // 3: targetservice.Body.hands:type_name -> targetservice.Limb + 4, // 4: targetservice.Body.legs:type_name -> targetservice.Limb + 4, // 5: targetservice.Body.tail:type_name -> targetservice.Limb + 0, // 6: targetservice.Bouncer.SayHello:input_type -> targetservice.HelloRequest + 0, // 7: targetservice.Bouncer.UnknownMethod:input_type -> targetservice.HelloRequest + 2, // 8: targetservice.Bouncer.BounceIt:input_type -> targetservice.BallIn + 5, // 9: targetservice.Bouncer.GrowTail:input_type -> targetservice.Body + 1, // 10: targetservice.Bouncer.SayHello:output_type -> targetservice.HelloResponse + 1, // 11: targetservice.Bouncer.UnknownMethod:output_type -> targetservice.HelloResponse + 3, // 12: targetservice.Bouncer.BounceIt:output_type -> targetservice.BallOut + 5, // 13: targetservice.Bouncer.GrowTail:output_type -> targetservice.Body + 10, // [10:14] is the sub-list for method output_type + 6, // [6:10] is the sub-list for method input_type + 6, // [6:6] is the sub-list for extension type_name + 6, // [6:6] is the sub-list for extension extendee + 0, // [0:6] is the sub-list for field type_name +} + +func init() { file_targetservice_proto_init() } +func file_targetservice_proto_init() { + if File_targetservice_proto != nil { + return + } + if !protoimpl.UnsafeEnabled { + file_targetservice_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*HelloRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_targetservice_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*HelloResponse); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_targetservice_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*BallIn); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_targetservice_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*BallOut); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_targetservice_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*Limb); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_targetservice_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*Body); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + } + type x struct{} + out := protoimpl.TypeBuilder{ + File: protoimpl.DescBuilder{ + GoPackagePath: reflect.TypeOf(x{}).PkgPath(), + RawDescriptor: file_targetservice_proto_rawDesc, + NumEnums: 0, + NumMessages: 6, + NumExtensions: 0, + NumServices: 1, + }, + GoTypes: file_targetservice_proto_goTypes, + DependencyIndexes: file_targetservice_proto_depIdxs, + MessageInfos: file_targetservice_proto_msgTypes, + }.Build() + File_targetservice_proto = out.File + file_targetservice_proto_rawDesc = nil + file_targetservice_proto_goTypes = nil + file_targetservice_proto_depIdxs = nil +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/target/targetservice/targetservice_grpc.pb.go b/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/target/targetservice/targetservice_grpc.pb.go new file mode 100644 index 00000000..7eb5f4d2 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/target/targetservice/targetservice_grpc.pb.go @@ -0,0 +1,211 @@ +// Code generated by protoc-gen-go-grpc. DO NOT EDIT. + +package targetservice + +import ( + context "context" + grpc "google.golang.org/grpc" + codes "google.golang.org/grpc/codes" + status "google.golang.org/grpc/status" +) + +// This is a compile-time assertion to ensure that this generated file +// is compatible with the grpc package it is being compiled against. +// Requires gRPC-Go v1.32.0 or later. +const _ = grpc.SupportPackageIsVersion7 + +// BouncerClient is the client API for Bouncer service. +// +// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream. +type BouncerClient interface { + SayHello(ctx context.Context, in *HelloRequest, opts ...grpc.CallOption) (*HelloResponse, error) + // define a gRPC method that's not implemented in the target + UnknownMethod(ctx context.Context, in *HelloRequest, opts ...grpc.CallOption) (*HelloResponse, error) + BounceIt(ctx context.Context, in *BallIn, opts ...grpc.CallOption) (*BallOut, error) + GrowTail(ctx context.Context, in *Body, opts ...grpc.CallOption) (*Body, error) +} + +type bouncerClient struct { + cc grpc.ClientConnInterface +} + +func NewBouncerClient(cc grpc.ClientConnInterface) BouncerClient { + return &bouncerClient{cc} +} + +func (c *bouncerClient) SayHello(ctx context.Context, in *HelloRequest, opts ...grpc.CallOption) (*HelloResponse, error) { + out := new(HelloResponse) + err := c.cc.Invoke(ctx, "/targetservice.Bouncer/SayHello", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *bouncerClient) UnknownMethod(ctx context.Context, in *HelloRequest, opts ...grpc.CallOption) (*HelloResponse, error) { + out := new(HelloResponse) + err := c.cc.Invoke(ctx, "/targetservice.Bouncer/UnknownMethod", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *bouncerClient) BounceIt(ctx context.Context, in *BallIn, opts ...grpc.CallOption) (*BallOut, error) { + out := new(BallOut) + err := c.cc.Invoke(ctx, "/targetservice.Bouncer/BounceIt", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *bouncerClient) GrowTail(ctx context.Context, in *Body, opts ...grpc.CallOption) (*Body, error) { + out := new(Body) + err := c.cc.Invoke(ctx, "/targetservice.Bouncer/GrowTail", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +// BouncerServer is the server API for Bouncer service. +// All implementations must embed UnimplementedBouncerServer +// for forward compatibility +type BouncerServer interface { + SayHello(context.Context, *HelloRequest) (*HelloResponse, error) + // define a gRPC method that's not implemented in the target + UnknownMethod(context.Context, *HelloRequest) (*HelloResponse, error) + BounceIt(context.Context, *BallIn) (*BallOut, error) + GrowTail(context.Context, *Body) (*Body, error) + mustEmbedUnimplementedBouncerServer() +} + +// UnimplementedBouncerServer must be embedded to have forward compatible implementations. +type UnimplementedBouncerServer struct { +} + +func (UnimplementedBouncerServer) SayHello(context.Context, *HelloRequest) (*HelloResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method SayHello not implemented") +} +func (UnimplementedBouncerServer) UnknownMethod(context.Context, *HelloRequest) (*HelloResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method UnknownMethod not implemented") +} +func (UnimplementedBouncerServer) BounceIt(context.Context, *BallIn) (*BallOut, error) { + return nil, status.Errorf(codes.Unimplemented, "method BounceIt not implemented") +} +func (UnimplementedBouncerServer) GrowTail(context.Context, *Body) (*Body, error) { + return nil, status.Errorf(codes.Unimplemented, "method GrowTail not implemented") +} +func (UnimplementedBouncerServer) mustEmbedUnimplementedBouncerServer() {} + +// UnsafeBouncerServer may be embedded to opt out of forward compatibility for this service. +// Use of this interface is not recommended, as added methods to BouncerServer will +// result in compilation errors. +type UnsafeBouncerServer interface { + mustEmbedUnimplementedBouncerServer() +} + +func RegisterBouncerServer(s grpc.ServiceRegistrar, srv BouncerServer) { + s.RegisterService(&Bouncer_ServiceDesc, srv) +} + +func _Bouncer_SayHello_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(HelloRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(BouncerServer).SayHello(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/targetservice.Bouncer/SayHello", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(BouncerServer).SayHello(ctx, req.(*HelloRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Bouncer_UnknownMethod_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(HelloRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(BouncerServer).UnknownMethod(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/targetservice.Bouncer/UnknownMethod", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(BouncerServer).UnknownMethod(ctx, req.(*HelloRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Bouncer_BounceIt_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(BallIn) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(BouncerServer).BounceIt(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/targetservice.Bouncer/BounceIt", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(BouncerServer).BounceIt(ctx, req.(*BallIn)) + } + return interceptor(ctx, in, info, handler) +} + +func _Bouncer_GrowTail_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(Body) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(BouncerServer).GrowTail(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/targetservice.Bouncer/GrowTail", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(BouncerServer).GrowTail(ctx, req.(*Body)) + } + return interceptor(ctx, in, info, handler) +} + +// Bouncer_ServiceDesc is the grpc.ServiceDesc for Bouncer service. +// It's only intended for direct use with grpc.RegisterService, +// and not to be introspected or modified (even as a copy) +var Bouncer_ServiceDesc = grpc.ServiceDesc{ + ServiceName: "targetservice.Bouncer", + HandlerType: (*BouncerServer)(nil), + Methods: []grpc.MethodDesc{ + { + MethodName: "SayHello", + Handler: _Bouncer_SayHello_Handler, + }, + { + MethodName: "UnknownMethod", + Handler: _Bouncer_UnknownMethod_Handler, + }, + { + MethodName: "BounceIt", + Handler: _Bouncer_BounceIt_Handler, + }, + { + MethodName: "GrowTail", + Handler: _Bouncer_GrowTail_Handler, + }, + }, + Streams: []grpc.StreamDesc{}, + Metadata: "targetservice.proto", +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/targetservice.proto b/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/targetservice.proto new file mode 100644 index 00000000..89273600 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/grpc/targetservice.proto @@ -0,0 +1,81 @@ +syntax = "proto3"; + +package targetservice; + +import "google/api/annotations.proto"; +import "google/protobuf/timestamp.proto"; + +option go_package = "./targetservice"; + +service Bouncer { + rpc SayHello(HelloRequest) returns (HelloResponse) { + option (google.api.http) = { + // https://github.com/googleapis/googleapis/blob/master/google/api/http.proto + // HTTP | gRPC + // -----|----- + // `GET /v1/messages/123456` | `HelloRequest(greeting: "123456")` + get: "/v1/messages/{greeting}" + additional_bindings { + get: "/v1/messages/legacy/{greeting=**}" + additional_bindings { + post: "/v1/messages/" + } + } + body: "*" + }; + }; + + // define a gRPC method that's not implemented in the target + rpc UnknownMethod(HelloRequest) returns (HelloResponse) { + option (google.api.http) = { + get: "/v1/unknown/{greeting}" + }; + }; + + rpc BounceIt (BallIn) returns (BallOut) { + option (google.api.http) = { + post: "/bounce" + body: "*" + }; + } + + rpc GrowTail(Body) returns (Body) { + option (google.api.http) = { + get: "/v1/grow/tail" + }; + } +} + + +message HelloRequest { + string greeting = 1; +} + +message HelloResponse { + string reply = 1; +} + + +message BallIn { + string message = 1; + google.protobuf.Timestamp when = 2; + google.protobuf.Timestamp now = 3; +} + +message BallOut { + string reply = 1; + string time_message = 2; + google.protobuf.Timestamp now = 3; +} + +message Limb { + int32 count = 1; + string endings = 2; +} + +message Body { + string name = 1; + Limb hands = 2; + Limb legs = 3; + Limb tail = 4; +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/headers.conf b/kong-versions/2.8.4.3/kong/spec/fixtures/headers.conf new file mode 100644 index 00000000..16121d48 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/headers.conf @@ -0,0 +1,30 @@ +# 1st digit is 9 for our test instances +admin_listen = 127.0.0.1:9001 +proxy_listen = 0.0.0.0:9000, 0.0.0.0:9443 ssl + +ssl_cert = spec/fixtures/kong_spec.crt +ssl_cert_key = spec/fixtures/kong_spec.key + +admin_ssl_cert = spec/fixtures/kong_spec.crt +admin_ssl_cert_key = spec/fixtures/kong_spec.key + +database = postgres +pg_host = 127.0.0.1 +pg_port = 5432 +pg_timeout = 10000 +pg_database = kong_tests +cassandra_keyspace = kong_tests +cassandra_timeout = 10000 +anonymous_reports = off + +dns_hostsfile = spec/fixtures/hosts + +nginx_main_worker_processes = 1 +nginx_main_worker_rlimit_nofile = NONE +nginx_events_worker_connections = NONE +nginx_events_multi_accept = off + +prefix = servroot +log_level = debug + +headers = server_tokens, X-Kong-Proxy-Latency diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/hosts b/kong-versions/2.8.4.3/kong/spec/fixtures/hosts new file mode 100644 index 00000000..75721cd5 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/hosts @@ -0,0 +1 @@ +127.0.0.1 localhost diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/https_server.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/https_server.lua new file mode 100644 index 00000000..bd8a6298 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/https_server.lua @@ -0,0 +1,248 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local https_server = {} +https_server.__index = https_server + + +local fmt = string.format +local mock_srv_tpl_file = require "spec.fixtures.mock_webserver_tpl" +local ngx = require "ngx" +local pl_dir = require "pl.dir" +local pl_file = require "pl.file" +local pl_template = require "pl.template" +local pl_path = require "pl.path" +local pl_text = require "pl.text" +local uuid = require "resty.jit-uuid" + + +-- we need this to get random UUIDs +math.randomseed(os.time()) + + +local tmp_root = os.getenv("TMPDIR") or "/tmp" +local host_regex = [[([a-z0-9\-._~%!$&'()*+,;=]+@)?([a-z0-9\-._~%]+|\[[a-z0-9\-._~%!$&'()*+,;=:]+\])(:?[0-9]+)*]] + + +local function create_temp_dir(copy_cert_and_key) + local tmp_name = fmt("nginx_%s", uuid()) + local tmp_path = fmt("%s/%s", tmp_root, tmp_name) + local _, err = pl_path.mkdir(tmp_path) + if err then + return nil, err + end + + local _, err = pl_path.mkdir(tmp_path .. "/logs") + if err then + return nil, err + end + + if copy_cert_and_key then + local status = pl_dir.copyfile("./spec/fixtures/kong_spec.crt", tmp_path) + if not status then + return nil, "could not copy cert" + end + + status = pl_dir.copyfile("./spec/fixtures/kong_spec.key", tmp_path) + if not status then + return nil, "could not copy private key" + end + end + + return tmp_path +end + + +local function create_conf(params) + local tpl, err = pl_template.compile(mock_srv_tpl_file) + if err then + return nil, err + end + + local compiled_tpl = pl_text.Template(tpl:render(params, { ipairs = ipairs })) + local conf_filename = params.base_path .. "/nginx.conf" + local conf, err = io.open (conf_filename, "w") + if err then + return nil, err + end + + conf:write(compiled_tpl:substitute(params)) + conf:close() + + return conf_filename +end + + +local function count_results(logs_dir) + local results = { + ["ok"] = 0, + ["fail"] = 0, + ["total"] = 0, + ["status_ok"] = 0, + ["status_fail"] = 0, + ["status_total"] = 0 + } + local error_log_filename = logs_dir .. "/error.log" + + for line in io.lines(error_log_filename) do + local m = ngx.re.match(line, [[^.*\[COUNT\] (.+) (\d\d\d)\,.*\, host: \"(.+)\"$]]) + if m then + local location = m[1] + local status = m[2] + local host = m[3] + if host then + local host_no_port = ngx.re.match(m[3], host_regex) + if host_no_port then + host = host_no_port[2] + end + else + host = "nonamehost" + end + if results[host] == nil then + results[host] = { + ["ok"] = 0, + ["fail"] = 0, + ["status_ok"] = 0, + ["status_fail"] = 0, + } + end + + if location == "slash" then + if status == "200" then + results.ok = results.ok + 1 + results[host].ok = results[host].ok + 1 + else + results.fail = results.fail + 1 + results[host].fail = results[host].fail + 1 + end + results.total = results.ok + results.fail + elseif location == "status" then + if status == "200" then + results.status_ok = results.status_ok + 1 + results[host].status_ok = results[host].status_ok + 1 + else + results.status_fail = results.status_fail + 1 + results[host].status_fail = results[host].status_fail + 1 + end + results.status_total = results.status_ok + results.status_fail + end + end + end + + return results +end + + +function https_server.start(self) + if not pl_path.exists(tmp_root) or not pl_path.isdir(tmp_root) then + error("could not get a temporary path", 2) + end + + local err + self.base_path, err = create_temp_dir(self.protocol == "https") + if err then + error(fmt("could not create temp dir: %s", err), 2) + end + + local conf_params = { + base_path = self.base_path, + delay = self.delay, + cert_path = "./", + check_hostname = self.check_hostname, + logs_dir = self.logs_dir, + host = self.host, + hosts = self.hosts, + http_port = self.http_port, + protocol = self.protocol, + worker_num = self.worker_num, + } + + local file, err = create_conf(conf_params) + if err then + error(fmt("could not create conf: %s", err), 2) + end + + local status = os.execute("nginx -c " .. file .. " -p " .. self.base_path) + if not status then + error("failed starting nginx") + end +end + + +function https_server.shutdown(self) + local pid_filename = self.base_path .. "/logs/nginx.pid" + local pid_file = io.open (pid_filename, "r") + if pid_file then + local pid, err = pid_file:read() + if err then + error(fmt("could not read pid file: %s", tostring(err)), 2) + end + + local kill_nginx_cmd = fmt("kill -s TERM %s", tostring(pid)) + local status = os.execute(kill_nginx_cmd) + if not status then + error(fmt("could not kill nginx test server. %s was not removed", self.base_path), 2) + end + + local pidfile_removed + local watchdog = 0 + repeat + pidfile_removed = pl_file.access_time(pid_filename) == nil + if not pidfile_removed then + ngx.sleep(0.01) + watchdog = watchdog + 1 + if(watchdog > 100) then + error("could not stop nginx", 2) + end + end + until(pidfile_removed) + end + + local count, err = count_results(self.base_path .. "/" .. self.logs_dir) + if err then + -- not a fatal error + print(fmt("could not count results: %s", tostring(err))) + end + + local _, err = pl_dir.rmtree(self.base_path) + if err then + print(fmt("could not remove %s: %s", self.base_path, tostring(err))) + end + + return count +end + + +function https_server.new(port, hostname, protocol, check_hostname, workers, delay) + local self = setmetatable({}, https_server) + local host + local hosts + + if type(hostname) == "table" then + hosts = hostname + host = "" + for _, h in ipairs(hostname) do + host = fmt("%s %s", host, h) + end + else + hosts = {hostname} + host = hostname + end + + self.check_hostname = check_hostname or false + self.delay = tonumber(delay) or 0 + self.host = host or "localhost" + self.hosts = hosts + self.http_port = port + self.logs_dir = "logs" + self.protocol = protocol or "http" + self.worker_num = workers or 2 + + return self +end + +return https_server diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/invalid-module.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/invalid-module.lua new file mode 100644 index 00000000..e40e5929 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/invalid-module.lua @@ -0,0 +1,12 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +-- Invalid module (syntax error) for utils.load_module_if_exists unit tests. +-- Assert that load_module_if_exists throws an error helps for development, where one could +-- be confused as to the reason why his or her plugin doesn't load. (not implemented or has an error) + +local a = "hello", diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/invalid.conf b/kong-versions/2.8.4.3/kong/spec/fixtures/invalid.conf new file mode 100644 index 00000000..297dfe0a --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/invalid.conf @@ -0,0 +1,2 @@ +pg_ssl = on +cassandra_repl_strategy = foo diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/invalid_nginx_directives.conf b/kong-versions/2.8.4.3/kong/spec/fixtures/invalid_nginx_directives.conf new file mode 100644 index 00000000..46738cc2 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/invalid_nginx_directives.conf @@ -0,0 +1 @@ +nginx_http_random_directive = value diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/kong_clustering.crt b/kong-versions/2.8.4.3/kong/spec/fixtures/kong_clustering.crt new file mode 100644 index 00000000..a92d31ca --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/kong_clustering.crt @@ -0,0 +1,23 @@ +-----BEGIN CERTIFICATE----- +MIIDzTCCArWgAwIBAgIUMmq4W4is+P02LXKinUdLoPjFuDYwDQYJKoZIhvcNAQEL +BQAwdjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcM +DVNhbiBGcmFuY2lzY28xIDAeBgNVBAoMF0tvbmcgQ2x1c3RlcmluZyBUZXN0aW5n +MRgwFgYDVQQDDA9rb25nX2NsdXN0ZXJpbmcwHhcNMTkxMTEzMDU0NTA1WhcNMjkx +MTEwMDU0NTA1WjB2MQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEW +MBQGA1UEBwwNU2FuIEZyYW5jaXNjbzEgMB4GA1UECgwXS29uZyBDbHVzdGVyaW5n +IFRlc3RpbmcxGDAWBgNVBAMMD2tvbmdfY2x1c3RlcmluZzCCASIwDQYJKoZIhvcN +AQEBBQADggEPADCCAQoCggEBALr7evXK3nLxW98lXDWUcyNRCKDzUVX5Rlm7ny0a +qVIh+qRUT7XGHFnDznl7s1gEkcxLtuMnKBV7Ic2jVTzKluZZFJD5H2plP7flpVu/ +byvpBNguERFDC2mbnlX7TSRhhWjlYTgFS2KiFP1OjYjim6vemszobDsCg2gRs0Mh +A7XwsVvPSFNfnAOPTpyLRGtN3ShEA0LKjBkjg2u67MPAfg1y8/8Tm3h/kqfOciMT +5ax2J1Ll/9/oCWX9qW6gNmnnUGNlBpcAZk3pzh6n1coRnVaysoCPYPgd9u1KoBkt +uTQJOn1Qi3OWPZzyiLGRa/X0tGx/5QQDnLr6GyDjwPcC09sCAwEAAaNTMFEwHQYD +VR0OBBYEFNNvhlhHAsJtBZejHystlPa/CoP2MB8GA1UdIwQYMBaAFNNvhlhHAsJt +BZejHystlPa/CoP2MA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEB +AHQpVBYGfFPFTRY/HvtWdXROgW358m9rUC5E4SfTJ8JLWpCB4J+hfjQ+mASTFb1V +5FS8in8S/u1MgeU65RC1/xt6Rof7Tu/Cx2SusPWo0YGyN0E9mwr2c91JsIgDO03Y +gtDiavyw3tAPVo5n2U3y5Hf46bfT5TLZ2yFnUJcKRZ0CeX6YAJA5dwG182xOn02r +kkh9T1bO72pQHi15QxnQ9Gc4Mi5gjuxX4/Xyag5KyEXnniTb7XquW+JKP36RfhnU +DGoEEUNU5UYwIzh910NM0UZubu5Umya1JVumoDqAi1lf2DHhKwDNAhmozYqE1vJJ ++e1C9/9oqok3CRyLDe+VJ7M= +-----END CERTIFICATE----- diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/kong_clustering.key b/kong-versions/2.8.4.3/kong/spec/fixtures/kong_clustering.key new file mode 100644 index 00000000..67e3d9f3 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/kong_clustering.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC6+3r1yt5y8Vvf +JVw1lHMjUQig81FV+UZZu58tGqlSIfqkVE+1xhxZw855e7NYBJHMS7bjJygVeyHN +o1U8ypbmWRSQ+R9qZT+35aVbv28r6QTYLhERQwtpm55V+00kYYVo5WE4BUtiohT9 +To2I4pur3prM6Gw7AoNoEbNDIQO18LFbz0hTX5wDj06ci0RrTd0oRANCyowZI4Nr +uuzDwH4NcvP/E5t4f5KnznIjE+WsdidS5f/f6All/aluoDZp51BjZQaXAGZN6c4e +p9XKEZ1WsrKAj2D4HfbtSqAZLbk0CTp9UItzlj2c8oixkWv19LRsf+UEA5y6+hsg +48D3AtPbAgMBAAECggEBALoFVt8RZR2VYYEu+f2UIrgP9jWp3FFcHdFIB6Qn0iwU +AfdaqbJ91da4JsJVfqciZKqK6Pg0DHzSc17SEArawiWImh1guxBuimW54jjUyxU0 +Tc2EhxZVTRVT7MI9sRFws/kXuxCws7784UTg0Y5NY/IpFHinAoXyiikO8vjl73sg +trN5mQGNTE/c8lEs7pUAFWX9zuNbmV0m1q25lHDgbkAD76/9X26lLCK1A5e2iCj3 +MME6/2GlSy3hrtSY7mCiR1GktvnK+yidXXJSkGMNCSopQARfcAlMvcCDav5ODxTz +mB+A47oxGKBTdc9gGF44dR15y5E1kRAvTtaAIzpc14ECgYEA4u9uZkZS0gEiiA5K +pOm/lnBp6bloGg9RlsOO5waE8DiGZgkwWuDwsncxUB1SvLd28MgxZzNQClncS98J +viJzdAVzauMpn3Iqrdtk9drGzEeuxibic1FKMf1URGwKnlcsDHaeKAGyRQgO2Q7l +Oy7EwtRmUKBUA3RCIqLSoiEi6NcCgYEA0u4a2abgYdyR1QMavgevqCGhuqu1Aa2Y +rbD3TmIfGVubI2YZeFSyhC/7Jx+5HofQj5cpMRgASxzKXqrCXuyb+Q+u23kHogfQ +cO1yO2GzjlA3FVHTK28t9EDPTOgHWQt3q7iS1s44VHwXDOpEQJ2onKKohvcP5WTf +LO0T2K9NOJ0CgYEAtX9nHXc6/+iWdJhxjKnCaBBqNNrrboQ37ctj/FOTeQjMPMk2 +mkhzWVjI4NlC9doJz5NdJ7u7VTv/W9L7WMz256EAaUlbXcGSbtAcVCFwg6sFFke9 +Lxuhqo+AmOSMLY1sll88KKUKrfk+3szx+z5xcZ0sY2mHJ+gQiOEOc0rrP6sCgYBi +Ksi6RU0mnoYMki5PBLq+0DA59ZH/XvCw3ayrgUUiAx1XwzvVYe3XUZFc6wm36NOr +EFnubFIuow6YMnbVwN7yclcZ8+EWivZ6qDfC5Tyw3ipUtMlH7K2BgOw5yb8ptQmU +FQnaCQ30W/BKZXkwbW+8voMalT+DroejnA7hiOyyjQKBgFLi6x6w76fTgQ7Ts8x0 +eATLOrvdvfotuLyMSsQLbljXyJznCTNrOGfYTua/Ifgkn4LpnoOkkxvVbj/Eugc7 +WeXBG+gbEi25GZUktrZWP1uc6s8aXH6rjYJP8iXnUpFHmQAPGuGiFnfB5MxlSns9 +9SKBXe7AvKGknGf7zg8WLKJZ +-----END PRIVATE KEY----- diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/kong_clustering_ca.crt b/kong-versions/2.8.4.3/kong/spec/fixtures/kong_clustering_ca.crt new file mode 100644 index 00000000..c16572e0 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/kong_clustering_ca.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDLTCCAhWgAwIBAgIUBEI9LAuIcrg6fFLxC+Qo8SaEvfswDQYJKoZIhvcNAQEL +BQAwHjEcMBoGA1UEAwwTa29uZ19jbHVzdGVyaW5nX3BraTAeFw0yMDAyMTkxODIw +MzlaFw0zMDAyMTYxODIxMDlaMB4xHDAaBgNVBAMME2tvbmdfY2x1c3RlcmluZ19w +a2kwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqJdBsqWhTxA0k83N1 +9KvV6Z9YBee4BnYhQiOe8HgL8+d/SS/Ri35Ue+rZ5YbGu0im2KwzpsIEc5dw2/Tm +eL5QL7rGnPeEQlRNufP27lI07M5XVsQx3VeZ41lhVFBwr03XQCOdozkeimriZryd +WElslevdH4htxALDobK+HaSWl8FR8kJWlflaXuoOH0A4SQf2djo3/kmRkok5OXZz +oeActuO5tE8/EveykABNyC4HOOfHSFCrm4dzVTskEZsJKEgQGqXNG30S5SmP6keS +4npcgVTYV8DQinwY3lpwGb5f62nCFYbiu7M41e3ly+J9UP+qxmI9Qm1QG3rlVCtF +wCJbAgMBAAGjYzBhMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0G +A1UdDgQWBBRdgggWza66a1dWqUDM05ANj+BUJDAfBgNVHSMEGDAWgBRdgggWza66 +a1dWqUDM05ANj+BUJDANBgkqhkiG9w0BAQsFAAOCAQEAt9nD9jNxF0d08ioqY92R +MR4WXa7Lp0jZUavLevXl+xhSXUo/ovUARHXs9qJ8SA/8u6eADtUQNGs0D03OSpD+ +klY4FmbcfJSBSXjOgwUz4hUVnUk/MESmLOKRMfqAW9oToBqWa/sdh9B8UzXLeM7c +DPazf0K9AcaITUuwltDIFkQH80DiRZnoOk6nag/eBkK4nI42UZCvrg0ffRq4HY43 +jvb4EpIOf3i6PfkWznxwPq4UJLoj3NGhPwBzxZEpyfu5bvXFB4sSww9RMwu+w/fT ++wjt04CbQf286zWgOcGShJYBzNZ2EKQji6dC5PBpBO/iidddnxxCKnF/04ivSBME +6g== +-----END CERTIFICATE----- diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/kong_clustering_client.crt b/kong-versions/2.8.4.3/kong/spec/fixtures/kong_clustering_client.crt new file mode 100644 index 00000000..b5853359 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/kong_clustering_client.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDSTCCAjGgAwIBAgIUYr7mGItDJ+hOGVdVQSYBgacnKqIwDQYJKoZIhvcNAQEL +BQAwHjEcMBoGA1UEAwwTa29uZ19jbHVzdGVyaW5nX3BraTAeFw0yMDAyMTkxODI1 +NDhaFw0zMDAyMTIxNDI2MThaMCwxKjAoBgNVBAMMIWNsaWVudC5rb25nX2NsdXN0 +ZXJpbmdfcGtpLmRvbWFpbjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB +AMv1wKHhIy7RrHr/MFNYzZXyCEcdc0/b+BxFzhgdy8n3KI2rR60WtVulCGItbr35 +Dj3NxfRHTTAF1BvlbCg+A4bEOz3lfuuD1NQHRbLK+j2mH+GuHmUMV9fP9jf7SfbL +zGR1zdj+d/xQHe3oSsEW3LQ/vjnWpFmVA8LFE6xYKQQtKqPHxJ+/hnohqcW2RiOJ +EW7oAgjB/HWgwg1kgshEaAhouWWSzI2uEilxHEPtsTcSJCd1bxO0oU61jYa1dkwX ++CWhW/CDoyiCWzxr97lavyW02xRwvcDvTbpXD3sFQScp36quZ1Igr3iWGniKCaQa +hZ4/OA7TGlhbOf5Bu4RihTECAwEAAaNxMG8wDgYDVR0PAQH/BAQDAgOoMB0GA1Ud +JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUaeNNIcyO/C7B4L0F +BQC/2ZILhiowHwYDVR0jBBgwFoAUXYIIFs2uumtXVqlAzNOQDY/gVCQwDQYJKoZI +hvcNAQELBQADggEBAKUBSjBESwRwgyhSLmZU6LWbVmezmGmkTdTmaArwN4SZL0Vm +gBJSatBN+MHuqzgnUxvgLIGmZLCMfL1rW6ERv/sOXWV6QTN+91RoGFf9zGBJ+tmH +oXs+qps9Ge8zV+W63DoNqRKOkU9TrEWYt9kAQE/y6zTCMtmwRBaSAWurlwO6FZcF +D9apy74B7RNjM3L0NF4Nj9z5O44drWPIcBpd+26sVQuUkyda2MCyLItla7OSHAWl +FgDQt1Bmx1ByL1PeogKBQ/2elwsw0hn8jqNLDu0YuNEdUz4h6oGxdPsh1zJeGT7l +u/Jqwu+kkQgZk8UIiKV7A9cGXD88W3+ABpf5IX8= +-----END CERTIFICATE----- diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/kong_clustering_client.key b/kong-versions/2.8.4.3/kong/spec/fixtures/kong_clustering_client.key new file mode 100644 index 00000000..f4abb659 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/kong_clustering_client.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEowIBAAKCAQEAy/XAoeEjLtGsev8wU1jNlfIIRx1zT9v4HEXOGB3LyfcojatH +rRa1W6UIYi1uvfkOPc3F9EdNMAXUG+VsKD4DhsQ7PeV+64PU1AdFssr6PaYf4a4e +ZQxX18/2N/tJ9svMZHXN2P53/FAd7ehKwRbctD++OdakWZUDwsUTrFgpBC0qo8fE +n7+GeiGpxbZGI4kRbugCCMH8daDCDWSCyERoCGi5ZZLMja4SKXEcQ+2xNxIkJ3Vv +E7ShTrWNhrV2TBf4JaFb8IOjKIJbPGv3uVq/JbTbFHC9wO9NulcPewVBJynfqq5n +UiCveJYaeIoJpBqFnj84DtMaWFs5/kG7hGKFMQIDAQABAoIBAECRRPE6P5QTxoGN +hbPs+fBNFbfFp/qRDWON6aeSzy/ZsZnfrioqdTFU9ml2Loevb4W7Pb6OT+4y+in2 +oB3BPAaO2p5Gp75RFrAkuTjXrw6TJ6afI3ojxS9J441nXMvnSoZHEOpv7HYQutjU +381uumHJiCPxQkglt3ISR58YratnPFKKO21p9JRXBVDGefLhR9cFjhvRixsxF+DU +y9l0X6hBq/VXtozzLMYpsUwLtzc6+FWIz+pLv5Y+JGtONx5IdaTW5z/VFLMNZHdP +9cwwYKdR9dm5c37a1HKuHOZvBVAWRwjaC+uaF8IoyrGteAA9HMjCvR+jz9VST+nG +CVGaN1ECgYEA3+OCeOcdWA2dolWlHPcSkR0BEpHmKlxSYjShJVa1JvW9C91rXw/E +5jeCtTBmMOT/6OT/SEtaSHtMfuWSknig8OfHO0zO1N5t4+xgmp47vWUFR2fHK5PF +GoqAYYPmYOZdSAsqE+9Rm7gzjDhriCRl6vvr0gV1bbn3BtyrCJo3XR0CgYEA6TaF +qDhAoNQlC/GuC0JcrcxZzH2WecdSjncEPFv5xsvzc7K6Y1ptRx+9ntC8x0VyLHJJ +RL2fPOC3HmGIVko/JS9b8kjciymwRzsQBsq3mDHzloqBAnJI3w1nzibAKfc9Azsp +ZsZsLK+PWTkx5QR/cl+Avw8K7z+Wil4pfxUdUCUCgYEAnyXgRwUybLcxCIYM2qwe +vJx7eLHRhOcfgMOckSgzmUAxY8+/VVGmS2fGN/nximweJXUyqjc2NDPBSqryJ8Ar +11NK4jJVDCgYwV3zxbUZDiZTPFDe2XEvORCe9bKG/vaB9IZLIOSLhD/KFLC+b4ZA +FGuDVEWhFaCNookV4wWMuVkCgYAQ+VjtD3sUuZwgrGyAgUoBlFgM3C8xmeJWYC88 +vW0GnR2RFDcguBowDQ1eG89BqbpPpdnTWQHYCnsJiQvFTA4ghLvqfIcg0d30sUXP +WL3YI/qYwGf3Z54KLg2aIZPm+gnEzG+M/XAuKHEEi3coNhWYm37haRTgqP4qAASB +LWY+yQKBgEN/zl6yTDg1iCGt/QlZWTdeQEWvCSrdaGjqvsFXlWoNsnf20zXiS/rU +NATB1+T74kKIohYiagcgYt4H4P8wXX7rEFhCi+aYtz5ZRmjrD0hrbJkqmR+VPBJP +SIHDqpgwRx0gXFoCV3JWl9dvHWUFl/FgRD55oCe1C8lxqZNpt2Fu +-----END RSA PRIVATE KEY----- diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/kong_clustering_server.crt b/kong-versions/2.8.4.3/kong/spec/fixtures/kong_clustering_server.crt new file mode 100644 index 00000000..7abc701e --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/kong_clustering_server.crt @@ -0,0 +1,30 @@ +-----BEGIN CERTIFICATE----- +MIIFOTCCAyGgAwIBAgIUGIGEUNv1gzJpSkoCZbKcsjmuQxcwDQYJKoZIhvcNAQEL +BQAwLDEqMCgGA1UEAwwhc2VydmVyLmtvbmdfY2x1c3RlcmluZ19wa2kuZG9tYWlu +MB4XDTIwMTIwODA5NDU1M1oXDTMwMTIwNjA5NDU1M1owLDEqMCgGA1UEAwwhc2Vy +dmVyLmtvbmdfY2x1c3RlcmluZ19wa2kuZG9tYWluMIICIjANBgkqhkiG9w0BAQEF +AAOCAg8AMIICCgKCAgEA3SvUdI94oqmGXkv3YBws8wxITBJ+f/ri+dTBlKSaw0/b +2MRaP8zkhGywuQd9owVv0q9XfTUJChbmzAKwS4oC/Kk0oJ6/xD5Xv/6KtRHCydtG +Yn3o/INzE6gJJ8f+pAotvTZfLRs7O4nfJHYpKlnpJsUG31RR66yiVOd09c5dQyQg +CjcLH35Jv4vIIyQN6QXVZAf3QVYgF193bqoFEaL5OZH4i4Y5PMevaCOLl7f4NXy4 +XEHbvRtBUuN4EISai7Riyx00M60a/ocmWzJr3PtBFYu4t5hIiReNuoQAJxAmqvLb +RXh5ti3LOgNel1kjlcKXaDWGMeIAj4T5IgRikMPosEhdUU7CIlTcGJFj03e9uUNY +VW7SfTopDLdbFrblYqrqPO7djQ7XI5iHGyP3EJHkKWpbT6YGCRd5+bWp4qwRHHjZ +xyxK5lx3tVbhd6ZXqlj/+7fiEn5W6fVGUyRjb+SPavpihgal2G/yeJrY4JYeHTSj +nWQ0P5dIGHVBgDWzcUpSJmTmuayQ/+lU2+zc2UWfhFqmgyArR4QlzzNMDU0362qb +amxN+VOsHMJ2XJWETB44IfgW3qv5oVoOuZdl6883TmE4oSzWzyG/HKBvujBMOSIQ +u5PPDXQrweuoWx7mHhIaSNy4/v4BtpZ7Y3IUxbWXA5W7Voe16E9v+Aos3lx6Si8C +AwEAAaNTMFEwHQYDVR0OBBYEFA2pU/tVp1+iXxS1pAQJSVY807rfMB8GA1UdIwQY +MBaAFA2pU/tVp1+iXxS1pAQJSVY807rfMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZI +hvcNAQELBQADggIBAE9wnFNn/D6qB9CYfT6AU7+Xza6i+a1pKOkPheU9LSRWUKNh +Qz0+N2qdV3mozBC1kjT3XW5LRxE8NpQjGG6oZ+Caa6VR9RQZkLihYxqGtgociVT1 +N34tWzy6ck1UAsMpy9QwvFUE0udgpR1NSbYjFElMQmOM5Pr5phr4r0+mDljX2ro3 +I5m5NZ/W9jaICrxqS3GnP91a5V2TcLmwSZGiC2TOqJLhi0zc+Jfkscr6hik3P2Bc +kzSbM4A+6lo5nE7221/CRFg/hQXx8dxfySCl3eHQYjuBSQAsYyVSO5DFmaX+KJE6 +4Wg5sMRcmMDRa/sQhDJiBH1+RQMtJRUPDwds0y6WIK4pfONJjiCeE0/3PLpem5qE +/h3AJjoYWnJ0hTkjnR26OW7bWrwuo/RVMQq3An78TsQWyr1SDazPpjfFYwxZk722 +sgYkIuCZ3I+rW+cAw9VvrT3gh7QFpEb3Yuh5ehr6srl/jD2p/WeVBYQwHJKpgxGF +13t3DXbzAVdNDy/M1gJxfHyDTe3kxs03BckMz+fd19EQhlVd4ZI+14xm2kr+ULKg ++pDTdg5TpcgqcfpG55sHWm5G2059fkEk/z/8ABtB4v4fcKA7ZmrUcDlpSQd/ejjt +obN+e+Dq0Rm5Rb5oI/wHHd6JLW1TqLEH6w6ZyNsOjofiJWSSJTC75eH4HJgl +-----END CERTIFICATE----- diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/kong_clustering_server.key b/kong-versions/2.8.4.3/kong/spec/fixtures/kong_clustering_server.key new file mode 100644 index 00000000..2add6a0e --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/kong_clustering_server.key @@ -0,0 +1,52 @@ +-----BEGIN PRIVATE KEY----- +MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQDdK9R0j3iiqYZe +S/dgHCzzDEhMEn5/+uL51MGUpJrDT9vYxFo/zOSEbLC5B32jBW/Sr1d9NQkKFubM +ArBLigL8qTSgnr/EPle//oq1EcLJ20Zifej8g3MTqAknx/6kCi29Nl8tGzs7id8k +dikqWekmxQbfVFHrrKJU53T1zl1DJCAKNwsffkm/i8gjJA3pBdVkB/dBViAXX3du +qgURovk5kfiLhjk8x69oI4uXt/g1fLhcQdu9G0FS43gQhJqLtGLLHTQzrRr+hyZb +Mmvc+0EVi7i3mEiJF426hAAnECaq8ttFeHm2Lcs6A16XWSOVwpdoNYYx4gCPhPki +BGKQw+iwSF1RTsIiVNwYkWPTd725Q1hVbtJ9OikMt1sWtuViquo87t2NDtcjmIcb +I/cQkeQpaltPpgYJF3n5tanirBEceNnHLErmXHe1VuF3pleqWP/7t+ISflbp9UZT +JGNv5I9q+mKGBqXYb/J4mtjglh4dNKOdZDQ/l0gYdUGANbNxSlImZOa5rJD/6VTb +7NzZRZ+EWqaDICtHhCXPM0wNTTfraptqbE35U6wcwnZclYRMHjgh+Bbeq/mhWg65 +l2XrzzdOYTihLNbPIb8coG+6MEw5IhC7k88NdCvB66hbHuYeEhpI3Lj+/gG2lntj +chTFtZcDlbtWh7XoT2/4CizeXHpKLwIDAQABAoICAQDAYZWl5f47D1avw0hkM13t +8+sXMKcUT3kLc0MHNr7f0SEcRn9yK5lCjwCRkbB5EwuXqaliYbWBLzaGkngi3OOI +Pu5mIHASFWBiwtiIc/CJgNCSb48vxm9c07dTASXALpJmmVrkc2Fsgpq0rotUKW0i +qhM2Q7QWWc3CKKqV/XEmK9Aq0oI8XK9ti/sEhiILZWWeY0dxb6bubb4HZqCOHMLI +ju4w/wnekptC7FhKGl4uuFPs++RVc9W4ceBIDfAYQUoF/1se8B4g9BIrFYq5Z1vP +j/+Ww0Gk7fX8HUG8uNHJtQGCRi8ohmDWD4RCBelsJR1qKdSWo011iWbjbgkGf0Jw +JiiU9yJBMjXhedEnsrQnqRzqL/+GSX8MciHMmzaHlrIYiinEaVRsZ+m2Tq3KiE8v +VVD39gZCbEkN4swu+FdHEpdL4FQBslz29SOixKmBadK+S3ZNK3Q2SodIVP9DYcod +Oga1LoZeVkNSFMalcal2PmgT6IfIZHC/i5yAF40xV/SESg5QZNVWUCFnnjR5UxEN +Gn9LxXBHoJlh1SSI7Mf7OSSBC/n3JY8XOoY364v1OkqsMYvgnz1CbruRNDI76Bc+ +Rl9jRImmqO89jgNMzQpcCOAeb/fNnjYqCb19J/Bke1c/c0cw1pvJvPxGgWJ/MqLu +/pIQjMY2tqO3wAzBrmAsYQKCAQEA8CSpxsSyIE2xGMkfasAQ9axMohd76xqskpUR +Uw+XR7yAwh1qrGKGa9rXai3tjTvMVRjIk23z+yJf1NhwTp77ssFyOBDIJAm8+bkJ +zRBwIWKFQytZKLM8BhxJvrMAn81YbgXmhoz0A5felqzAfILZP0Wghm0NWdIz81E4 +hcspKuwcxMh5HH7xKhBfX9hko3zo6qzgCl+drRZBSBkPRguKZE0/bCZWY5rb1c1w +PgDWgjknkBFamo8UWFYrkwVf9X1ARtMOGRaYzoEHt9ME0It3p7wisP7BYzLbQBLk +ca5rQztccmgUrSII2BqeBXkYx0OSLow/pgQcVD59Do5ck7CNJwKCAQEA68Z3qTmf +NmI3cHkkP5flMT4xkloaMSaUu+wZbqKBpxbahazSTO6cayXUDEDkDGIO1XjJxhtF +/FNQ7lgQCsUXxmF78caNhtE1vjo4zXdgf9yVkSM3wBmZTOWssFYbG2sgelz3yHjm +mAztj9cvrnrenJeqZTYx0SNsqBwccy12WGek6cgk+bQLARXWctOwJ+d0RWRaqfab +tU2/2Dg4H53w8sNG7AXQ6ELq9tIHkykHs5T3mmYFft2NMgO2Wqfy5yPWckhJlO/P +D+ZLUCETCB153yf9N9KUjlZRDoIhn9G2JoEuDw1UMyj79c2H1KChdNwCLaJ4RfqI +CEJq87H4mskPuQKCAQB9wqWKq52hHy68jS8/x1/aWKY1SNkjcW+owBo3hnWyIrzH +a4JezqYYu52ORIkgKo3Cjt0ToERiY0kOfV6rPcUQgxAe3mMBxHvLx6SjWJVwVlj1 +qTDjCKJJjOztym5sQayqybpFAnITo6f0/nk7e4bsBLmhTGDuhg+gwAs6vf9MNCSI +xXfvfWcsoTBhUEC8AYE0zN3zcMlxSLNdX4pJI2gRSQcKyzT4qrOvzwuV3Ph5cBcQ +8pWhVYbRECd3shvjwvkzXfoHF3dkxdvV39OopzE9jWAZkwCRw6NgdcRe6HnR1rd+ +TpVtaeJ50c6pjRZ13CQk7luyxHpVf/gb9F/1FEOHAoIBABcajaNBiD52BWS6Gjk5 +EzZuF8F1ntduJmj7y8oxlm7fKG6s7ranMyC0xkClIzOrcDSu72bASW1eZLHWY0wK +4DeKWfDpOfkaCyAm6GYJ6qTc4rMkNlRWrdUBNJja9zEKoFYdQhKc9ku0CJttxLhe +Re4mVoYwd1U9GWqnxonqzIwBLAHUoPrvD5z9nNQHtl1SquwZ12CMT9nGUqRHbgh7 +G59OT2bVcxEvbYLeNevPu3d3g4PXt3YlE67w+i+MAZtwwZTVTJCRp0KxmHOzqf/D +k6uwaXnM4s3H242GZvEYRbckNXU4IyYYQAhoKYVGcEvZO0VphEunLylQCNb0e53/ +UdECggEBALgTFFed9iTiZxvFeT8p/Xq7WIOyf82A/stvPDlm4Hyl+7nQ3oxqp05D +B+tPtjPE33rjfwhevd0OZVF6DAB792E9x6Ln1khlsbgdSuASJNHkrj12Ib8WVib5 +U+O5Ps9s3+VHe53C0e2nP+SNv8UdCu41liudQtmrZnCfKEYaXs/Yysd/LYsp2hbe +0NYhG84WeLajumVI0CbENkkPioOOJUbo8ytIPgtWgbEFuy9DZUcSCwrg7UoWqoqL +qGe7eYuHDetoxuA2men4mgBLLEeo1DqlW9BIO1qz2LOU4EW/0AlLgGMVwBI7Z/fj +VzlV/SRWxLEaQCujgP/IFVniA+r/yw0= +-----END PRIVATE KEY----- diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/kong_spec.crt b/kong-versions/2.8.4.3/kong/spec/fixtures/kong_spec.crt new file mode 100644 index 00000000..773f85e8 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/kong_spec.crt @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE----- +MIICwTCCAiqgAwIBAgIJAOloHn/ZJQw8MA0GCSqGSIb3DQEBCwUAMHgxCzAJBgNV +BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1TYW4gRnJhbmNp +c2NvMRIwEAYDVQQKDAlLb25nIFNwZWMxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRIw +EAYDVQQDDAlsb2NhbGhvc3QwHhcNMTgwOTI2MTQ0MTE2WhcNMzgwOTIxMTQ0MTE2 +WjB4MQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN +U2FuIEZyYW5jaXNjbzESMBAGA1UECgwJS29uZyBTcGVjMRQwEgYDVQQLDAtFbmdp +bmVlcmluZzESMBAGA1UEAwwJbG9jYWxob3N0MIGfMA0GCSqGSIb3DQEBAQUAA4GN +ADCBiQKBgQC/QqEXsZFIY/hHqtMro+hkhHwbydvPHGhe/rqiOHXUVGnjJ9bBgrk6 +iLFnu7L0OxsMPdckxjCLFYO2nGERlAN1wXxw0cLLUF0v1sOhJT+57pBfTgmfzLvp +iLLOWMhayRcjZWJdHGcKUG3xh6o8MghdZIVoewlyqzViRXvR3U1VYwIDAQABo1Mw +UTAdBgNVHQ4EFgQUgIzN48PLQMbLWg4muR2QZqhJXicwHwYDVR0jBBgwFoAUgIzN +48PLQMbLWg4muR2QZqhJXicwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsF +AAOBgQArRbblXU7zocrHf5rVrFTWJsaA2aSSJ4CmY1SGRQVyAUzyJXX+Koe+qkP/ +iEnA4TUWZfGQOkN5E8ybUxOWv7+6GBjMooLf7WAj5TCtyfOSFASIBrFNGevL4GgH +J65KdKlncizFAjSxk1KMRBXMGYDyeBGHARvAVKaknDTD7CReEg== +-----END CERTIFICATE----- diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/kong_spec.key b/kong-versions/2.8.4.3/kong/spec/fixtures/kong_spec.key new file mode 100644 index 00000000..bc53f87f --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/kong_spec.key @@ -0,0 +1,16 @@ +-----BEGIN PRIVATE KEY----- +MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAL9CoRexkUhj+Eeq +0yuj6GSEfBvJ288caF7+uqI4ddRUaeMn1sGCuTqIsWe7svQ7Gww91yTGMIsVg7ac +YRGUA3XBfHDRwstQXS/Ww6ElP7nukF9OCZ/Mu+mIss5YyFrJFyNlYl0cZwpQbfGH +qjwyCF1khWh7CXKrNWJFe9HdTVVjAgMBAAECgYAZn4eNcRCRrjL5Bv27fv4HWWh3 +IJf+K0QgVegTC5VdmOGGuTOgQS8nlGCQESlsZu68uRw1pQej2oIG2PR4Mmg0Bvkv +XKYdO0TY98nWIjWSrR6y/Yt/RoiXDfLa8d0cqb734kh7kPuQHpCCpEWcKRMb8jdp +LIpS21TVUkUz4LwYIQJBAO+4PlDVV2r54VYaJLeSv5qHMYna57b+mGaHC0SMKav4 +np7OxWhCEkXzQXO4Qjnqimr96pGlbOnFZbpAVw+S1GUCQQDMP99LPD0oJ9Gw+y/N +Ud1xRQGOk8/vQYcO/PfGNXhoPST8rnraimdb+/5t+alM7UbdcMRbWgKO8j3h0FoX +UnInAkBUid0wFIynpUfaXY3lT1NS46qMuy5MUqzcO3O10NhBVYRa7QChK+vVz1ud +u7VfR19ZLAK1KmmmZ37gmCAb1eQhAkEAvQM+uHj+f3KZ8pYBHphrvK6HSlIvUtHp +Ek23XY2N56jt2Yf92M/L5qvEQDGSIsZRlgsNKxyY0YALFDWjqYF6cQJAfDJi8Uya +jc9UZeMLtQi3eLugwB/Qx6p1xhjj358Hhprg7rFtqbZNA0IHJYuTx6W+2CXT2GpW +t842/FWkibh8xg== +-----END PRIVATE KEY----- diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/migrations/kong/db/migrations/core/000_base.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/migrations/kong/db/migrations/core/000_base.lua new file mode 100644 index 00000000..0da77c45 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/migrations/kong/db/migrations/core/000_base.lua @@ -0,0 +1,42 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +return { + postgres = { + up = [[ + CREATE TABLE IF NOT EXISTS "cluster_events" ( + "id" UUID PRIMARY KEY, + "node_id" UUID NOT NULL, + "at" TIMESTAMP WITH TIME ZONE NOT NULL, + "nbf" TIMESTAMP WITH TIME ZONE, + "expire_at" TIMESTAMP WITH TIME ZONE NOT NULL, + "channel" TEXT, + "data" TEXT + ); + CREATE TABLE IF NOT EXISTS "consumers" ( + "id" UUID PRIMARY KEY + ); + ]] + }, + cassandra = { + up = [[ + CREATE TABLE IF NOT EXISTS cluster_events( + channel text, + at timestamp, + node_id uuid, + id uuid, + data text, + nbf timestamp, + PRIMARY KEY (channel, at, node_id, id) + ) WITH default_time_to_live = 86400; + CREATE TABLE IF NOT EXISTS consumers ( + id uuid, + PRIMARY KEY (id) + ); + ]], + } +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/migrations/kong/db/migrations/core/001_14_to_15.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/migrations/kong/db/migrations/core/001_14_to_15.lua new file mode 100644 index 00000000..a2925661 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/migrations/kong/db/migrations/core/001_14_to_15.lua @@ -0,0 +1,17 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +return { + postgres = { + up = [[ + ]], + }, + cassandra = { + up = [[ + ]], + } +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/migrations/kong/db/migrations/core/init.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/migrations/kong/db/migrations/core/init.lua new file mode 100644 index 00000000..5c4163d3 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/migrations/kong/db/migrations/core/init.lua @@ -0,0 +1,10 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +return { + "000_base", +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/migrations/kong/enterprise_edition/db/migrations/enterprise/000_base.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/migrations/kong/enterprise_edition/db/migrations/enterprise/000_base.lua new file mode 100644 index 00000000..ad4e633b --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/migrations/kong/enterprise_edition/db/migrations/enterprise/000_base.lua @@ -0,0 +1,33 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +return { + postgres = { + up = [[ + CREATE TABLE IF NOT EXISTS workspaces ( + id UUID PRIMARY KEY, + name TEXT UNIQUE, + comment TEXT, + created_at TIMESTAMP WITHOUT TIME ZONE DEFAULT timezone('utc'::text, ('now'::text)::timestamp(0) with time zone), + meta JSON DEFAULT '{}'::json, + config JSON DEFAULT '{"portal":false}'::json + ); + ]] + }, + cassandra = { + up = [[ + CREATE TABLE IF NOT EXISTS workspaces( + id uuid PRIMARY KEY, + name text, + comment text, + created_at timestamp, + meta text, + config text + ); + ]], + } +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/migrations/kong/enterprise_edition/db/migrations/enterprise/006_1301_to_1500.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/migrations/kong/enterprise_edition/db/migrations/enterprise/006_1301_to_1500.lua new file mode 100644 index 00000000..1824b4e1 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/migrations/kong/enterprise_edition/db/migrations/enterprise/006_1301_to_1500.lua @@ -0,0 +1,15 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +return { + postgres = { + up = [[ ]], + }, + cassandra = { + up = [[ ]], + } +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/migrations/kong/enterprise_edition/db/migrations/enterprise/init.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/migrations/kong/enterprise_edition/db/migrations/enterprise/init.lua new file mode 100644 index 00000000..3edb511d --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/migrations/kong/enterprise_edition/db/migrations/enterprise/init.lua @@ -0,0 +1,11 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +return { + "000_base", + "006_1301_to_1500", +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/mock_upstream.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/mock_upstream.lua new file mode 100644 index 00000000..03f89a3e --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/mock_upstream.lua @@ -0,0 +1,426 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local utils = require "kong.tools.utils" +local cjson_safe = require "cjson.safe" +local cjson = require "cjson" +local ws_server = require "resty.websocket.server" +local pl_stringx = require "pl.stringx" +local pl_file = require "pl.file" + + +local kong = { + table = require("kong.pdk.table").new() +} + +local ocsp_status = "good" + +local function parse_multipart_form_params(body, content_type) + if not content_type then + return nil, 'missing content-type' + end + + local m, err = ngx.re.match(content_type, "boundary=(.+)", "oj") + if not m or not m[1] or err then + return nil, "could not find boundary in content type " .. content_type .. + "error: " .. tostring(err) + end + + local boundary = m[1] + local parts_split = utils.split(body, '--' .. boundary) + local params = {} + local part, from, to, part_value, part_name, part_headers, first_header + for i = 1, #parts_split do + part = pl_stringx.strip(parts_split[i]) + + if part ~= '' and part ~= '--' then + from, to, err = ngx.re.find(part, '^\\r$', 'ojm') + if err or (not from and not to) then + return nil, nil, "could not find part body. Error: " .. tostring(err) + end + + part_value = part:sub(to + 2, #part) -- +2: trim leading line jump + part_headers = part:sub(1, from - 1) + first_header = utils.split(part_headers, '\\n')[1] + if pl_stringx.startswith(first_header:lower(), "content-disposition") then + local m, err = ngx.re.match(first_header, 'name="(.*?)"', "oj") + + if err or not m or not m[1] then + return nil, "could not parse part name. Error: " .. tostring(err) + end + + part_name = m[1] + else + return nil, "could not find part name in: " .. part_headers + end + + params[part_name] = part_value + end + end + + return params +end + + +local function send_text_response(text, content_type, headers) + headers = headers or {} + content_type = content_type or "text/plain" + + text = ngx.req.get_method() == "HEAD" and "" or tostring(text) + + ngx.header["X-Powered-By"] = "mock_upstream" + ngx.header["Server"] = "mock-upstream/1.0.0" + ngx.header["Content-Length"] = #text + 1 + ngx.header["Content-Type"] = content_type + + for header,value in pairs(headers) do + if type(value) == "table" then + ngx.header[header] = table.concat(value, ", ") + else + ngx.header[header] = value + end + end + + return ngx.say(text) +end + + +local function filter_access_by_method(method) + if ngx.req.get_method() ~= method then + ngx.status = ngx.HTTP_NOT_ALLOWED + send_text_response("Method not allowed for the requested URL") + return ngx.exit(ngx.OK) + end +end + + +local function find_http_credentials(authorization_header) + if not authorization_header then + return + end + + local iterator, iter_err = ngx.re.gmatch(authorization_header, + "\\s*[Bb]asic\\s*(.+)") + if not iterator then + ngx.log(ngx.ERR, iter_err) + return + end + + local m, err = iterator() + + if err then + ngx.log(ngx.ERR, err) + return + end + + if m and m[1] then + local decoded_basic = ngx.decode_base64(m[1]) + + if decoded_basic then + local user_pass = utils.split(decoded_basic, ":") + return user_pass[1], user_pass[2] + end + end +end + + +local function filter_access_by_basic_auth(expected_username, + expected_password) + local headers = ngx.req.get_headers() + + local username, password = + find_http_credentials(headers["proxy-authorization"]) + + if not username then + username, password = + find_http_credentials(headers["authorization"]) + end + + if username ~= expected_username or password ~= expected_password then + ngx.header["WWW-Authenticate"] = "mock_upstream" + ngx.header["X-Powered-By"] = "mock_upstream" + return ngx.exit(ngx.HTTP_UNAUTHORIZED) + end +end + + +local function get_ngx_vars() + local var = ngx.var + return { + uri = var.uri, + host = var.host, + hostname = var.hostname, + https = var.https, + scheme = var.scheme, + is_args = var.is_args, + server_addr = var.server_addr, + server_port = var.server_port, + server_name = var.server_name, + server_protocol = var.server_protocol, + remote_addr = var.remote_addr, + remote_port = var.remote_port, + realip_remote_addr = var.realip_remote_addr, + realip_remote_port = var.realip_remote_port, + binary_remote_addr = var.binary_remote_addr, + request = var.request, + request_uri = var.request_uri, + request_time = var.request_time, + request_length = var.request_length, + request_method = var.request_method, + bytes_received = var.bytes_received, + ssl_server_name = var.ssl_server_name or "no SNI", + } +end + + +local function get_body_data() + local req = ngx.req + + req.read_body() + local data = req.get_body_data() + if data then + return data + end + + local file_path = req.get_body_file() + if file_path then + local file = io.open(file_path, "r") + data = file:read("*all") + file:close() + return data + end + + return "" +end + +local function get_post_data(content_type) + local text = get_body_data() + local kind = "unknown" + local params = cjson_safe.null + local err + + if type(content_type) == "string" then + if content_type:find("application/x-www-form-urlencoded", nil, true) then + + kind = "form" + params, err = ngx.req.get_post_args() + + elseif content_type:find("multipart/form-data", nil, true) then + kind = "multipart-form" + params, err = parse_multipart_form_params(text, content_type) + + elseif content_type:find("application/json", nil, true) then + kind = "json" + params, err = cjson_safe.decode(text) + end + + params = params or cjson_safe.null + + if err then + kind = kind .. " (error)" + err = tostring(err) + end + end + + return { text = text, kind = kind, params = params, error = err } +end + + +local function get_default_json_response() + local headers = ngx.req.get_headers(0) + local vars = get_ngx_vars() + + return { + headers = headers, + post_data = get_post_data(headers["Content-Type"]), + url = ("%s://%s:%s%s"):format(vars.scheme, vars.host, + vars.server_port, vars.request_uri), + uri_args = ngx.req.get_uri_args(), + vars = vars, + } +end + + +local function send_default_json_response(extra_fields, response_headers) + local tbl = kong.table.merge(get_default_json_response(), extra_fields) + return send_text_response(cjson.encode(tbl), + "application/json", response_headers) +end + + +local function serve_web_sockets() + local wb, err = ws_server:new({ + timeout = 5000, + max_payload_len = 65535, + }) + + if not wb then + ngx.log(ngx.ERR, "failed to open websocket: ", err) + return ngx.exit(444) + end + + while true do + local data, typ, err = wb:recv_frame() + if wb.fatal then + ngx.log(ngx.ERR, "failed to receive frame: ", err) + return ngx.exit(444) + end + + if data then + if typ == "close" then + break + end + + if typ == "ping" then + local bytes, err = wb:send_pong(data) + if not bytes then + ngx.log(ngx.ERR, "failed to send pong: ", err) + return ngx.exit(444) + end + + elseif typ == "pong" then + ngx.log(ngx.INFO, "client ponged") + + elseif typ == "text" then + local bytes, err = wb:send_text(data) + if not bytes then + ngx.log(ngx.ERR, "failed to send text: ", err) + return ngx.exit(444) + end + end + + else + local bytes, err = wb:send_ping() + if not bytes then + ngx.log(ngx.ERR, "failed to send ping: ", err) + return ngx.exit(444) + end + end + end + + wb:send_close() +end + + +local function get_logger() + local logger = ngx.shared.kong_mock_upstream_loggers + if not logger then + error("missing 'kong_mock_upstream_loggers' shm declaration") + end + + return logger +end + + +local function store_log(logname) + ngx.req.read_body() + + local raw_entries = ngx.req.get_body_data() + local logger = get_logger() + + local entries = cjson.decode(raw_entries) + if #entries == 0 then + -- backwards-compatibility for `conf.queue_size == 1` + entries = { entries } + end + + local log_req_headers = ngx.req.get_headers() + local log_req_params = ngx.req.get_uri_args() + + for i = 1, #entries do + local store = { + entry = entries[i], + log_req_headers = log_req_headers, + log_req_params = log_req_params, + } + + assert(logger:rpush(logname, cjson.encode(store))) + assert(logger:incr(logname .. "|count", 1, 0)) + end + + ngx.status = 200 +end + + +local function retrieve_log(logname) + local logger = get_logger() + local len = logger:llen(logname) + local entries = {} + + for i = 1, len do + local encoded_stored = assert(logger:lpop(logname)) + local stored = cjson.decode(encoded_stored) + entries[i] = stored.entry + entries[i].log_req_headers = stored.log_req_headers + entries[i].log_req_params = stored.log_req_params + assert(logger:rpush(logname, encoded_stored)) + end + + local count, err = logger:get(logname .. "|count") + if err then + error(err) + end + + ngx.status = 200 + ngx.say(cjson.encode({ + entries = entries, + count = count, + })) +end + + +local function count_log(logname) + local logger = get_logger() + local count = assert(logger:get(logname .. "|count")) + + ngx.status = 200 + ngx.say(count) +end + + +local function reset_log(logname) + local logger = get_logger() + logger:delete(logname) + logger:delete(logname .. "|count") +end + + +local function handle_ocsp() + if ocsp_status == "good" then + ngx.print(pl_file.read(ngx.config.prefix() .. "/../spec/fixtures/ocsp_certs/resp-good.dat")) + + elseif ocsp_status == "revoked" then + ngx.print(pl_file.read(ngx.config.prefix() .. "/../spec/fixtures/ocsp_certs/resp-revoked.dat")) + + elseif ocsp_status == "error" then + ngx.exit(500) + + else + assert("unknown ocsp_status:" ..ocsp_status) + end +end + + +local function set_ocsp(status) + ocsp_status = status +end + + +return { + get_default_json_response = get_default_json_response, + filter_access_by_method = filter_access_by_method, + filter_access_by_basic_auth = filter_access_by_basic_auth, + send_text_response = send_text_response, + send_default_json_response = send_default_json_response, + serve_web_sockets = serve_web_sockets, + store_log = store_log, + retrieve_log = retrieve_log, + count_log = count_log, + reset_log = reset_log, + handle_ocsp = handle_ocsp, + set_ocsp = set_ocsp, +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/mock_webserver_tpl.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/mock_webserver_tpl.lua new file mode 100644 index 00000000..3958418f --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/mock_webserver_tpl.lua @@ -0,0 +1,193 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +return [[daemon on; +worker_processes ${worker_num}; +error_log ${base_path}/${logs_dir}/error.log info; +pid ${base_path}/${logs_dir}/nginx.pid; +worker_rlimit_nofile 8192; + +events { + worker_connections 1024; +} + +http { + lua_shared_dict server_values 512k; + + init_worker_by_lua_block { + local server_values = ngx.shared.server_values +# for _, prefix in ipairs(hosts) do + server_values:set("$(prefix)_healthy", true) + server_values:set("$(prefix)_timeout", false) + ngx.log(ngx.INFO, "Creating entries for $(prefix) in shm") +# end + } + + default_type application/json; + access_log ${base_path}/${logs_dir}/access.log; + sendfile on; + tcp_nopush on; + server_names_hash_bucket_size 128; + + server { +# if protocol ~= 'https' then + listen 127.0.0.1:${http_port}; + listen [::1]:${http_port}; +# else + listen 127.0.0.1:${http_port} ssl http2; + listen [::1]:${http_port} ssl http2; + ssl_certificate ${cert_path}/kong_spec.crt; + ssl_certificate_key ${cert_path}/kong_spec.key; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_ciphers HIGH:!aNULL:!MD5; +#end +# if check_hostname then + server_name ${host}; +#end + + location = /healthy { + access_by_lua_block { + local host = ngx.req.get_headers()["host"] or "localhost" + local host_no_port = ngx.re.match(host, [=[([a-z0-9\-._~%!$&'()*+,;=]+@)?([a-z0-9\-._~%]+|\[[a-z0-9\-._~%!$&'()*+,;=:]+\])(:?[0-9]+)*]=]) + if host_no_port == nil then + return ngx.exit(ngx.HTTP_INTERNAL_SERVER_ERROR) + else + host = host_no_port[2] + if host == "[0000:0000:0000:0000:0000:0000:0000:0001]" then + host = "[::1]" + end + end + ngx.shared.server_values:set(host .. "_healthy", true) + ngx.shared.server_values:set(host .. "_timeout", false) + ngx.log(ngx.INFO, "Host ", host, " is now healthy") + } + + content_by_lua_block { + ngx.say("server ", ngx.var.server_name, " is now healthy") + return ngx.exit(ngx.HTTP_OK) + } + } + + location = /unhealthy { + access_by_lua_block { + local host = ngx.req.get_headers()["host"] or "localhost" + local host_no_port = ngx.re.match(host, [=[([a-z0-9\-._~%!$&'()*+,;=]+@)?([a-z0-9\-._~%]+|\[[a-z0-9\-._~%!$&'()*+,;=:]+\])(:?[0-9]+)*]=]) + if host_no_port == nil then + return ngx.exit(ngx.HTTP_INTERNAL_SERVER_ERROR) + else + host = host_no_port[2] + if host == "[0000:0000:0000:0000:0000:0000:0000:0001]" then + host = "[::1]" + end + end + ngx.shared.server_values:set(host .. "_healthy", false) + ngx.log(ngx.INFO, "Host ", host, " is now unhealthy") + } + + content_by_lua_block { + ngx.say("server ", ngx.var.server_name, " is now unhealthy") + return ngx.exit(ngx.HTTP_OK) + } + } + + location = /timeout { + access_by_lua_block { + local host = ngx.req.get_headers()["host"] or "localhost" + local host_no_port = ngx.re.match(host, [=[([a-z0-9\-._~%!$&'()*+,;=]+@)?([a-z0-9\-._~%]+|\[[a-z0-9\-._~%!$&'()*+,;=:]+\])(:?[0-9]+)*]=]) + if host_no_port == nil then + return ngx.exit(ngx.HTTP_INTERNAL_SERVER_ERROR) + else + host = host_no_port[2] + if host == "[0000:0000:0000:0000:0000:0000:0000:0001]" then + host = "[::1]" + end + end + ngx.shared.server_values:set(host .. "_timeout", true) + ngx.log(ngx.INFO, "Host ", host, " is timeouting now") + } + + content_by_lua_block { + ngx.say("server ", ngx.var.server_name, " is timeouting now") + return ngx.exit(ngx.HTTP_OK) + } + } + + location = /status { + access_by_lua_block { + local i = require 'inspect' + ngx.log(ngx.ERR, "INSPECT status (headers): ", i(ngx.req.get_headers())) + local host = ngx.req.get_headers()["host"] or "localhost" + local host_no_port = ngx.re.match(host, [=[([a-z0-9\-._~%!$&'()*+,;=]+@)?([a-z0-9\-._~%]+|\[[a-z0-9\-._~%!$&'()*+,;=:]+\])(:?[0-9]+)*]=]) + if host_no_port == nil then + return ngx.exit(ngx.HTTP_INTERNAL_SERVER_ERROR) + else + host = host_no_port[2] + if host == "[0000:0000:0000:0000:0000:0000:0000:0001]" then + host = "[::1]" + end + end + local server_values = ngx.shared.server_values + + local status = server_values:get(host .. "_healthy") and + ngx.HTTP_OK or ngx.HTTP_INTERNAL_SERVER_ERROR + + if server_values:get(host .. "_timeout") == true then + ngx.log(ngx.INFO, "Host ", host, " timeouting...") + ngx.log(ngx.INFO, "[COUNT] status 599") + ngx.sleep(0.5) + else + ngx.log(ngx.INFO, "[COUNT] status ", status) + end + + ngx.exit(status) + } + } + + location / { + access_by_lua_block { + local cjson = require("cjson") + local server_values = ngx.shared.server_values + local host = ngx.req.get_headers()["host"] or "localhost" + local host_no_port = ngx.re.match(host, [=[([a-z0-9\-._~%!$&'()*+,;=]+@)?([a-z0-9\-._~%]+|\[[a-z0-9\-._~%!$&'()*+,;=:]+\])(:?[0-9]+)*]=]) + ngx.log(ngx.ERR, "host no port: ", require'inspect'(host_no_port)) + if host_no_port == nil then + return ngx.exit(ngx.HTTP_INTERNAL_SERVER_ERROR) + else + host = host_no_port[2] + if host == "[0000:0000:0000:0000:0000:0000:0000:0001]" then + host = "[::1]" + end + end + local status + + local status = server_values:get(host .. "_healthy") and + ngx.HTTP_OK or ngx.HTTP_INTERNAL_SERVER_ERROR + + if server_values:get(host .. "_timeout") == true then + -- not this status actually, but it is used to count failures + ngx.log(ngx.INFO, "[COUNT] slash 599") + ngx.sleep(0.5) + else + ngx.log(ngx.INFO, "[COUNT] slash ", status) + end + + ngx.sleep(${delay}/1000) + ngx.exit(status) + } + } + } +# if check_hostname then + server { + listen 127.0.0.1:${http_port} default_server; + listen [::1]:${http_port} default_server; + server_name _; + return 400; + } +# end + +} +]] diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/mocker.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/mocker.lua new file mode 100644 index 00000000..2080c57d --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/mocker.lua @@ -0,0 +1,68 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local mocker = {} + +-- Setup mocks, which are undone in a finally() block +-- @param finally The `finally` function, that needs to be passed in because +-- Busted generates it dynamically. +-- @param args A table containing three optional fields: +-- * modules: an array of pairs (module name, module content). +-- This allows modules to be declared in order. +-- * kong: a mock of the kong global (which will fallback to the default one +-- via metatable) +-- * ngx: a mock of the ngx global (which will fallback to the default one +-- via metatable) +function mocker.setup(finally, args) + + local mocked_modules = {} + local _ngx = _G.ngx + local _kong = _G.kong + + local function mock_module(name, tbl) + local old_module = require(name) + mocked_modules[name] = true + package.loaded[name] = setmetatable(tbl or {}, { + __index = old_module, + }) + end + + if args.ngx then + _G.ngx = setmetatable(args.ngx, { __index = _ngx }) + end + + if args.kong then + _G.kong = setmetatable(args.kong, { __index = _kong }) + end + + if args.modules then + for _, pair in ipairs(args.modules) do + mock_module(pair[1], pair[2]) + end + end + + finally(function() + _G.ngx = _ngx + _G.kong = _kong + + for k in pairs(mocked_modules) do + package.loaded[k] = nil + end + end) +end + + +function mocker.table_where_every_key_returns(value) + return setmetatable({}, { + __index = function() + return value + end + }) +end + + +return mocker diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/mocks/lua-resty-dns/resty/dns/resolver.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/mocks/lua-resty-dns/resty/dns/resolver.lua new file mode 100644 index 00000000..f7169ff3 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/mocks/lua-resty-dns/resty/dns/resolver.lua @@ -0,0 +1,121 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +-- Mock for the underlying 'resty.dns.resolver' library +-- (so NOT the Kong dns client) + +-- this file should be in the Kong working directory (prefix) +local MOCK_RECORD_FILENAME = "dns_mock_records.json" + + +local LOG_PREFIX = "[mock_dns_resolver] " +local cjson = require "cjson.safe" + +-- first thing is to get the original (non-mock) resolver +local resolver +do + local function get_source_path() + -- find script path remember to strip off the starting @ + -- should be like: 'spec/fixtures/mocks/lua-resty-dns/resty/dns/resolver.lua' + return debug.getinfo(2, "S").source:sub(2) --only works in a function, hence the wrapper + end + local path = get_source_path() + + -- module part is like: 'resty.dns.resolver' + local module_part = select(1,...) + + -- create the packagepath part, like: 'spec/fixtures/mocks/lua-resty-dns/?.lua' + path = path:gsub(module_part:gsub("%.", "/"), "?") .. ";" -- prefix path, so semi-colon at end + + -- grab current paths + local old_paths = package.path + + -- drop the element that picked this mock from the path + local s, e = old_paths:find(path, 1, true) + package.path = old_paths:sub(1, s-1) .. old_paths:sub(e + 1, -1) + + -- With the mock out of the path, require the module again to get the original. + -- Problem is that package.loaded contains a userdata now, because we're in + -- the middle of loading that same module name. So swap it. + local swap + swap, package.loaded[module_part] = package.loaded[module_part], nil + resolver = require(module_part) + package.loaded[module_part] = swap + + -- restore the package path + package.path = old_paths +end + + +-- load and cache the mock-records +local get_mock_records +do + local mock_file + get_mock_records = function() + if mock_file then + return mock_file.records, mock_file.mocks_only + end + + local is_file = require("pl.path").isfile + local prefix = ((kong or {}).configuration or {}).prefix + if not prefix then + -- we might be invoked before the Kong config was loaded, so exit early + -- and do not set _mock_records yet. + return {} + end + + local filename = prefix .. "/" .. MOCK_RECORD_FILENAME + + mock_file = {} + if not is_file(filename) then + -- no mock records set up, return empty default + ngx.log(ngx.DEBUG, LOG_PREFIX, "bypassing mock, no mock records found") + return mock_file + end + + -- there is a file with mock records available, go load it + local f = assert(io.open(filename)) + local json_file = assert(f:read("*a")) + f:close() + + mock_file = assert(cjson.decode(json_file)) + return mock_file.records, mock_file.mocks_only + end +end + + +-- patch the actual query method +local old_query = resolver.query +resolver.query = function(self, name, options, tries) + local mock_records, mocks_only = get_mock_records() + local qtype = (options or {}).qtype or resolver.TYPE_A + + local answer = (mock_records[qtype] or {})[name] + if answer then + -- we actually have a mock answer, return it + ngx.log(ngx.DEBUG, LOG_PREFIX, "serving '", name, "' from mocks") + return answer, nil, tries + end + + if not mocks_only then + -- no mock, so invoke original resolver + local a, b, c = old_query(self, name, options, tries) + return a, b, c + end +end + +do + local semaphore = require "ngx.semaphore" + local old_post = semaphore.post + function semaphore.post(self, n) + old_post(self, n) + ngx.sleep(0) + end +end + + +return resolver diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/mtls_certs/ca.crt b/kong-versions/2.8.4.3/kong/spec/fixtures/mtls_certs/ca.crt new file mode 100644 index 00000000..6b5555eb --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/mtls_certs/ca.crt @@ -0,0 +1,33 @@ +-----BEGIN CERTIFICATE----- +MIIFoTCCA4mgAwIBAgIUQDBLwIychoRbVRO44IzBBk9R4oYwDQYJKoZIhvcNAQEL +BQAwWDELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFTATBgNVBAoM +DEtvbmcgVGVzdGluZzEdMBsGA1UEAwwUS29uZyBUZXN0aW5nIFJvb3QgQ0EwHhcN +MTkwNTAyMTkzNDQyWhcNMzkwNDI3MTkzNDQyWjBYMQswCQYDVQQGEwJVUzETMBEG +A1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMS29uZyBUZXN0aW5nMR0wGwYDVQQD +DBRLb25nIFRlc3RpbmcgUm9vdCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCC +AgoCggIBAMp6IggUp3aSNRbLAac8oOkrbUnFuxtlKGYgg8vfA2UU71qTktigdwO6 +Kod0/M+daO3RDqJJXQL2rD14NDO3MaextICanoQSEe+nYyMFUIk+QplXLD3fbshU +nHoJcMS2w0x4cm1os4ebxR2Evndo6luz39ivcjau+BL+9iBAYL1g6+eGOjcSy7ft +1nAMvbxcQ7dmbAH2KP6OmF8cok+eQWVqXEjqtVx5GDMDlj1BjX6Kulmh/vhNi3Hr +NEi+kPrw/YtRgnqnN0sv3NnAyKnantxy7w0TDicFjiBsSIhjB5aUfWYErBR+Nj/m +uumwc/kRJcHWklqDzxrZKCIyOyWcE5Dyjjr46cnF8HxhYwgZcwkmgTtaXOLpBMlo +XUTgOQrWpm9HYg2vOJMMA/ZPUJ2tJ34/4RgiA00EJ5xG8r24suZmT775l+XFLFzp +Ihxvs3BMbrWsXlcZkI5neNk7Q/1jLoBhWeTYjMpUS7bJ/49YVGQZFs3xu2IcLqeD +5WsB1i+EqBAI0jm4vWEynsyX+kS2BqAiDtCsS6WYT2q00DTeP5eIHh/vHsm75jJ+ +yUEb1xFxGnNevLKNTcHUeXxPUnowdC6wqFnaJm7l09qVGDom7tLX9i6MCojgpAP0 +hMpBxzh8jLxHh+zZQdiORSFdYxNnlnWwbic2GUJruiQVLuhpseenAgMBAAGjYzBh +MB0GA1UdDgQWBBQHT/IIheEC2kdBxI/TfGqUxWJw9zAfBgNVHSMEGDAWgBQHT/II +heEC2kdBxI/TfGqUxWJw9zAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB +hjANBgkqhkiG9w0BAQsFAAOCAgEAqXZjy4EltJCRtBmN0ohAHPWqH4ZJQCI2HrM3 +wHB6c4oPWcJ+M2PfmYPUJo9VMjvn4S3sZuAysyoHduvRdGDnElW4wglL1xxpoUOx +FqoZUoYWV8hDFmUTWM5b4CtJxOPdTAd8VgypulM3iUEzBQrjR6tnMOdkiFMOmVag +0/Nnr+Tcfk/crMCx3xsVnisYjJoQBFBH4UY+gWE/V/MS1Sya4/qTbuuCUq+Qym5P +r8TkWAJlg7iVVLbZ2j94VUdpiQPWJEGMtJck/NEmOTruhhQlT7c1u/lqXCGj7uci +LmhLsBVmdtWT9AWS8Rl7Qo5GXbjxKIaP3IM9axhDLm8WHwPRLx7DuIFEc+OBxJhz +wkr0g0yLS0AMZpaC6UGbWX01ed10U01mQ/qPU5uZiB0GvruwsYWZsyL1QXUeqLz3 +/KKrx3XsXjtBu3ZG4LAnwuxfeZCNw9ofg8CqF9c20ko+7tZAv6DCu9UL+2oZnEyQ +CboRDwpnAlQ7qJVSp2xMgunO3xxVMlhD5LZpEJz1lRT0nQV3uuLpMYNM4FS9OW/X +MZSzwHhDdCTDWtc/iRszimOnYYV8Y0ubJcb59uhwcsHmdfnwL9DVO6X5xyzb8wsf +wWaPbub8SN2jKnT0g6ZWuca4VwEo1fRaBkzSZDqXwhkBDWP8UBqLXMXWHdZaT8NK +0NEO74c= +-----END CERTIFICATE----- diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/mtls_certs/ca.key b/kong-versions/2.8.4.3/kong/spec/fixtures/mtls_certs/ca.key new file mode 100644 index 00000000..22f7391c --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/mtls_certs/ca.key @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKAIBAAKCAgEAynoiCBSndpI1FssBpzyg6SttScW7G2UoZiCDy98DZRTvWpOS +2KB3A7oqh3T8z51o7dEOokldAvasPXg0M7cxp7G0gJqehBIR76djIwVQiT5CmVcs +Pd9uyFSceglwxLbDTHhybWizh5vFHYS+d2jqW7Pf2K9yNq74Ev72IEBgvWDr54Y6 +NxLLt+3WcAy9vFxDt2ZsAfYo/o6YXxyiT55BZWpcSOq1XHkYMwOWPUGNfoq6WaH+ ++E2Lces0SL6Q+vD9i1GCeqc3Sy/c2cDIqdqe3HLvDRMOJwWOIGxIiGMHlpR9ZgSs +FH42P+a66bBz+RElwdaSWoPPGtkoIjI7JZwTkPKOOvjpycXwfGFjCBlzCSaBO1pc +4ukEyWhdROA5Ctamb0diDa84kwwD9k9Qna0nfj/hGCIDTQQnnEbyvbiy5mZPvvmX +5cUsXOkiHG+zcExutaxeVxmQjmd42TtD/WMugGFZ5NiMylRLtsn/j1hUZBkWzfG7 +Yhwup4PlawHWL4SoEAjSObi9YTKezJf6RLYGoCIO0KxLpZhParTQNN4/l4geH+8e +ybvmMn7JQRvXEXEac168so1NwdR5fE9SejB0LrCoWdombuXT2pUYOibu0tf2LowK +iOCkA/SEykHHOHyMvEeH7NlB2I5FIV1jE2eWdbBuJzYZQmu6JBUu6Gmx56cCAwEA +AQKCAgBh8MQHbp42r7B4bwhEsgIP5868kaXZMYxiIjY+ZojI22CQSrQMj0oihmnO +Dhu//Z9k8ewHOj+AkHtuXHe70FB3knECiEhHEEqWxzwgE5EKYhBrBgzDfRGkW7E5 +ItnmfZVopxaKr8uvu/yUM8LCFgDPDOopcWxo4SfkYGoD3cAtuvVBj98XBsN+G9DP +cIpS07p5u1RheoYH5Ef2Me6dXqq5eMJdDxNdQMIg4wpIZS4hWM+dTcv8pd3e4+vt +iCivCeVK/8mCtOH9P5Cv0B4Ac1zGu93AUEhXPcurCVXoiyZ/gyJJN9dZLlflfyFI +qu7eOpot8jHnEL0cepB8Qhn0LlQTuv6rjJqmnl3tJA3S6rcM/mOjihkk1uo7JdDK +vH498XR5qZPDlXZ8PVu3nI5EgXpmFIcCBuuVFS5QI63NZ32YqoGYXK37K7C9lQsL +L/iR+YpwuQqDmM+UEETjBCIMKvxghFH0ICR041yg9tkjRhNKCAGc6n70wQDUq57s +jjZmTQ4ZydxCsWVjLo7fCcoyQ9B7IUGPUUn8WavPUwtz1kG6VK7RDGa0KtgCD0vc +iEwbWi9uwkZdoZdHcB8qLgCPjMGgRJLOyJ67xQ0RP+r+WkhUAjYcaucFonyyBhtv +OrqNyEM3SEpgrzgttyyg+dP/cDvPbp4NXoxKAMyd8c7mjPploQKCAQEA+BL/qxLe +LTKwe3TKpjAeyTB2iOxoWjtCqe3/xKbTS32Tn/VGwqhXyNeh+FTRhQu7fg5iL2C2 +JCOdYXWxRYIBwUh4HfApkgYzznUAU2vOh653MzW6LsOtDdgYF2cijN1ZFcbRTGpw +eoA6U/cijuglwpTHF7zmRd9rSsv+PZ/fTDgY82MOdeaOUwyKuVyPUpNWfqSwxPd9 +tWEdOYjgq1llPbl1mktR0gYHIdHcSr1By7kmFw3/TQuic5Nm+FDidtfJYO36xFI1 +/CfwGVYeH42iul+KzdlITLAMRm2PAcWFjvxpw78T+xeUNpZlnZSgCIjtpfjywmXb +uQvJoMMEX5PN1wKCAQEA0PIx4sgXiwqASa/foBB0Tk5jG3QWxucpqnLJURZeRqLQ +BmF4WRrjs5V2y6iizegIcNmL0ZfwFBU79HwtAgFiTELLQL2xivhpMVjXL7QHeE4r +A/9+49iO8wu8W/hwKxCDdGqXKyCKtW9b1yfUVB09j29GtApcV9v8KCTmDwYGrHI0 +DcEMtNLUbJvUeWFYFadJNFKxbsBtJPJIrYaiIyv2sL+Y3tZrYES72tTAYhMFwd0r +9ooL5Ufrpuh4pHOxxA0Sh0EVUhNmyoq/ZJZ5wia+WB5NXBSD9JbciC5M4J8BMl/u +Bx5RZbJSoAktYiOzev//6NHUmXsDjg3Kh9P48JVasQKCAQBVjt/k1bYQ6pmZirdV +x+TmSLOpF7gJ3sRoLTB4V30qXR4sHgEQo9Ta7RvstPwqIdjBah6M7pMDNdFSyq+g +JG2Mhvz+flUoCsGVZB7/pn/tpctwuwgClvQ5gR0V/TkaUkEmVJLdAxzV8yGq0eJ2 +XTSgvoVH95uH3712Z5LBGEGAXRyl3LUhDqpplDrIIVdBCJXdSdm5pQ4TH3Jf5Ihw +MH3NYwhfdbi7cd7F2EZc9Jcbtzie3PH/VZLqv5zU6bihelz29Dz3ts7tr6yMYHo1 +Mbk9BDSwOE9KO7GQHLskxkYBAadMnrs6b3Brv0U+qwLizq7//jNjvpOgZ6Nbscbx +W92zAoIBAQCNCK17cavSgggNtNSw6epXYLmssjMdlrKdBlW0kfCYpRTc+bWOD4Ra +lyxUU0Nw0InCAlVJ59B4/cw2PgrzK5P5/avLyz6nmv0F/f1hiZbxMXH/hNlVWbtD +ekxtl8e+iarxTXEz/wchaEUJeSzsicAfrPCAXe3ur+IIBr/yrBKdG4jfL8sv0o7n +sFc+huI522yiEJ8LLn99TLyZxCJ0sxwUOX8qCnj3xe02zBv/Fu/v5yXhh1R4Mo9x +XcDw39bBikFTYi7N86KSXAzMDHWrAxO/ztRQrthSo/G/SeFCTJE2O2IjE+fFSRRU +SV2EvKxM/bbyo49o+YtwuwZVoFKLsYRBAoIBADaL9sx49XTHIIFGqEQP7NLEhs7D +eJgSKP5oQ54J0iaoVpsoxng8DrTBkMVW75hiWzTW75EJnMXrauo/YfAbvsMM//3e +BfRWvYpS5xKcHmXg2QJxy2VpvElHLg5Y2lligEZhO+5Sm2OG/hixBmiFvEvxPEB8 +8YIvYKcRAGA/HgDY9hGWSNsBP7qDXWP5kRm8qnB6zn33TVZMsXwUv6TP0cwsBKf7 +XDbnPBpOQK9nicehY7oscy9yTB9Q3bUHecYLY822ueCwaJgwJWFUH+Xe4u6xIH5l +A/IyIfyOqxjUc34Me+37ehNmbTIxZ1BqLddppm9QsSAD7cDMurfb3pRpju4= +-----END RSA PRIVATE KEY----- diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/mtls_certs/example.com.crt b/kong-versions/2.8.4.3/kong/spec/fixtures/mtls_certs/example.com.crt new file mode 100644 index 00000000..8a3257f9 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/mtls_certs/example.com.crt @@ -0,0 +1,63 @@ +-----BEGIN CERTIFICATE----- +MIIFTDCCAzSgAwIBAgICIAAwDQYJKoZIhvcNAQELBQAwYDELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCkNhbGlmb3JuaWExFTATBgNVBAoMDEtvbmcgVGVzdGluZzElMCMG +A1UEAwwcS29uZyBUZXN0aW5nIEludGVybWlkaWF0ZSBDQTAeFw0xOTA1MDIxOTU1 +MjFaFw0yOTA0MjgxOTU1MjFaME8xCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxp +Zm9ybmlhMRUwEwYDVQQKDAxLb25nIFRlc3RpbmcxFDASBgNVBAMMC2V4YW1wbGUu +Y29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqCozbPPts2H7CsUf +4KlyKwbCOjqUa7ZhBcXfX5KuEHOvAUZfJOlm2TCNbO1wMTI1QHwjn6a9HM1njhBG +4r9HH8CLckF83b247iJQbqUEjjvbb6DMTxjbC7dBunIikv6gUXeWGlRHupy/UEh8 +K0Y2KM2fm+HEbKI6zvjg/wb7zb0agzNaKV6fyEourKL0Xjz8ePm3kH58HaUmqhfk +PPf7GnGW1xk/aIm6tsi9wzj2VBI/T3E5hVnMGrJTYnXh5DoFQrbuLvWtOB6MdZcM +BWN/he8ISvvhKrctjWvUjpWgoZE9bRoMxkzxpHF/agM++WlHJrJ7my3yRHN3LspF +4ER+/QIDAQABo4IBHzCCARswCQYDVR0TBAIwADARBglghkgBhvhCAQEEBAMCBkAw +MwYJYIZIAYb4QgENBCYWJE9wZW5TU0wgR2VuZXJhdGVkIFNlcnZlciBDZXJ0aWZp +Y2F0ZTAdBgNVHQ4EFgQUlpSl7QvKjdvJLx/sI3CXST3SqwowgYEGA1UdIwR6MHiA +FAsOBA6X+G1iTyTwO8Zv0go7jRERoVykWjBYMQswCQYDVQQGEwJVUzETMBEGA1UE +CAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMS29uZyBUZXN0aW5nMR0wGwYDVQQDDBRL +b25nIFRlc3RpbmcgUm9vdCBDQYICEAAwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQM +MAoGCCsGAQUFBwMBMA0GCSqGSIb3DQEBCwUAA4ICAQA6kfAONRKeg0ygcyY8OwVi +y9SGPKnKtOGjF2BSk74UF3bj63kx7utIQ0w5LZA3CwjcE2VzdPx+lQEDy/dbv442 +2bWrc7kG0/Dcr92KoUbzuuI0kPRoM/4rcOb8shKG9txFL1j44a60SWlbvkoNUD88 +vKZy2uSJ++OeQ7vuxrt2UDsfO2jRk74p/ztQibTX/cpwjvHrz2JcLTSxUZXK342x +o7bWl1f7XMn8o7nPtNWHZq418uwFJ6OZO/rLc+FxE+31SnHYJUYC6/TSAg9kGomk +Ws+K453QVoiPsG08Uz1JRjUQWotlEmqFAwax3kmfnrsiKmKy451CcwVAlyEIvnSb +s2hEePHUaJltsatvFNPLnjcsOtqA46zJN0mv63BKuoa9fWAYr81D8wilcPgx534j +KQcSv24cAoWesp/KhERK5G+F5mE0qnlCfMpFJFtfMjh+CDLbR//L4/0KQrSS/eRn +ooeXinTpO5S2WOxk0W96rZMsBL2rBUI2qhfjBW8aQAiew4cMtddxryyUKskDlJPx +bZXB2OmPibOOOTrTrBFkQ+tjKCuPKbOQDsIPTasZQKc2jK0boixXE8AXhN/A+3J4 +muvYnypmWGb0jMLEQT2u+RQzCNDjIOEHBP50XnoEX3jkOgEwknje89VDm/JXcClR +l5HH4/9/AbS7rFCRnphOjQ== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFmjCCA4KgAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwWDELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCkNhbGlmb3JuaWExFTATBgNVBAoMDEtvbmcgVGVzdGluZzEdMBsG +A1UEAwwUS29uZyBUZXN0aW5nIFJvb3QgQ0EwHhcNMTkwNTAyMTk0MDQ4WhcNMjkw +NDI5MTk0MDQ4WjBgMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEV +MBMGA1UECgwMS29uZyBUZXN0aW5nMSUwIwYDVQQDDBxLb25nIFRlc3RpbmcgSW50 +ZXJtaWRpYXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0dnj +oHlJmNM94vQnK2FIIQJm9OAVvyMtAAkBKL7Cxt8G062GHDhq6gjQ9enuNQE0l3Vv +mSAh7N9gNlma6YbRB9VeG54BCuRQwCxveOBiwQvC2qrTzYI34kF/AeflrDOdzuLb +zj5cLADKXGCbGDtrSPKUwdlkuLs3pRr/YAyIQr7zJtlLz+E0GBYp0GWnLs0FiLSP +qSBWllC9u8gt2MiKyNlXw+kZ8lofOehCJzfFr6qagVklPw+8IpU6OGmRLFQVwVhp +zdAJmAGmSo/AGNKGqDdjzC4N2l4uYGH6n2KmY2yxsLBGZgwtLDst3fK4a3Wa5Tj7 +cUwCcGLGtfVTaIXZYbqQ0nGsaYUd/mhx3B3Jk1p3ILZ72nVYowhpj22ipPGal5hp +ABh1MX3s/B+2ybWyDTtSaspcyhsRQsS6axB3DwLOLRy5Xp/kqEdConCtGCsjgm+U +FzdupubXK+KIAmTKXDx8OM7Af/K7kLDfFTre40sEB6fwrWwH8yFojeqkA/Uqhn5S +CzB0o4F3ON0xajsw2dRCziiq7pSe6ALLXetKpBr+xnVbUswH6BANUoDvh9thVPPx +1trkv+OuoJalkruZaT+38+iV9xwdqxnR7PUawqSyvrEAxjqUo7dDPsEuOpx1DJjO +XwRJCUjd7Ux913Iks24BqpPhEQz/rZzJLBApRVsCAwEAAaNmMGQwHQYDVR0OBBYE +FAsOBA6X+G1iTyTwO8Zv0go7jRERMB8GA1UdIwQYMBaAFAdP8giF4QLaR0HEj9N8 +apTFYnD3MBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMA0GCSqG +SIb3DQEBCwUAA4ICAQAWzIvIVM32iurqM451Amz0HNDG9j84cORnnaRR5opFTr3P +EqI3QkgCyP6YOs9t0QSbA4ur9WUzd3c9Ktj3qRRgTE+98JBOPO0rv+Kjj48aANDV +5tcbI9TZ9ap6g0jYr4XNT+KOO7E8QYlpY/wtokudCUDJE9vrsp1on4Bal2gjvCdh +SU0C1lnj6q6kBdQSYHrcjiEIGJH21ayVoNaBVP/fxyCHz472w1xN220dxUI/GqB6 +pjcuy9cHjJHJKJbrkdt2eDRAFP5cILXc3mzUoGUDHY2JA1gtOHV0p4ix9R9AfI9x +snBEFiD8oIpcQay8MJH/z3NLEPLoBW+JaAAs89P+jcppea5N9vbiAkrPi687BFTP +PWPdstyttw6KrvtPQR1+FsVFcGeTjo32/UrckJixdiOEZgHk+deXpp7JoRdcsgzD ++okrsG79/LgS4icLmzNEp0IV36QckEq0+ALKDu6BXvWTkb5DB/FUrovZKJgkYeWj +GKogyrPIXrYi725Ff306124kLbxiA+6iBbKUtCutQnvut78puC6iP+a2SrfsbUJ4 +qpvBFOY29Mlww88oWNGTA8QeW84Y1EJbRkHavzSsMFB73sxidQW0cHNC5t9RCKAQ +uibeZgK1Yk7YQKXdvbZvXwrgTcAjCdbppw2L6e0Uy+OGgNjnIps8K460SdaIiA== +-----END CERTIFICATE----- diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/mtls_certs/example.com.key b/kong-versions/2.8.4.3/kong/spec/fixtures/mtls_certs/example.com.key new file mode 100644 index 00000000..c8ad8f2e --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/mtls_certs/example.com.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAqCozbPPts2H7CsUf4KlyKwbCOjqUa7ZhBcXfX5KuEHOvAUZf +JOlm2TCNbO1wMTI1QHwjn6a9HM1njhBG4r9HH8CLckF83b247iJQbqUEjjvbb6DM +TxjbC7dBunIikv6gUXeWGlRHupy/UEh8K0Y2KM2fm+HEbKI6zvjg/wb7zb0agzNa +KV6fyEourKL0Xjz8ePm3kH58HaUmqhfkPPf7GnGW1xk/aIm6tsi9wzj2VBI/T3E5 +hVnMGrJTYnXh5DoFQrbuLvWtOB6MdZcMBWN/he8ISvvhKrctjWvUjpWgoZE9bRoM +xkzxpHF/agM++WlHJrJ7my3yRHN3LspF4ER+/QIDAQABAoIBACHkx5KpI3qpP+ju +zDsCzAECDrmfvvRqwOlh9WCU9sJYHqi6H0kYReN2lrqirJ8tyG/j1WZDPBCHEd0f +SLpA5TvwGesAagNjTteoUN/MILvuMo8wMJ2sm9GjsPq8MF3CNlvVJ4rM+9wP5btv +sJ8kOpxEvWu0uFtQ41t97BNau/u+UtMk3oNCYBhiUWDg0rWPrUeX8cKzFSM8VAt4 +vvsybRHPbBmSLW01xO1Hq5cZdqbN4SxyQC1Ug9gW/afJQNRK7CubpWjOOQAsla0j +ExyBxMMwDLLZfYCQpRn92ZB4x+LiaXqnbrtyfA+GLLjtlUPY6ClpdXa7KSN/mEuE +LIIjiV0CgYEA2YsCt1+Yak+GOX6tSx1YUDz6UpZyOo2OKwqJ+G+SKT7JLT84A5nP +rn6r6UUpNKhK3glpU1A1VJKiFnZ9qJi/gHJcNiSEIcUFHNFflDSmiZc6MyfcIkCZ +xLUCrYHpETubTnB5P5jOhmsA3/uApaAc/Pv5hfSRzQv524k08TRgCU8CgYEAxeSQ +MIRV1SKDYsEdEfXJE+WJLz2rlpR19l/9Wfuc5QVgAgDhFCCvHUX1ULU8yGQUSHqz +DseR3iQF+Jvo3MK7pgC2fH6UePjakWOCXqXey1CpAzUHM/Qhwd451VqAGAT+Pabj +tzPJ0cSC7sszxhwmAzotIUrjZDbuAzwQyRXdh/MCgYEApP2KVNt69H5V9bs+4W5j +MY/d5s9V2VTNE5XNqI+uEfwdhmShLhH08on+BlC+/MH67kXDDT4TBI6lwlWh3kHj +VB7oEuRFFnuf8ghV7ki0WjxJFs1PZucJ+Ke0XTXfN4O2uZoSS4qwcEAtjLLqEjPK +aJEO4WrpPdOsb7WzYpDvmX8CgYEAwPunXZkAN0xkAl8+4S/mup+Ci+5BMiRvcSek +4yaLl5AJU4rV9JH3E74QgHdt4iIu4Yu+qHAYoSBSLmKk0PyakEVrsLakReCxDU2U +aoapYW60k6sX7iNq9CuqDJUoC8R6x1bEBPndG9LeuM6zG8SBkW4farMkU6t5qu/d +kqvfEN8CgYAQphK9AoATrEomLbGwmcW+8JkjU9Sxnq+zo8io75wFAY2cUnQJQEId +zGWwYjwHxXQCNCZ3ZwD7+iYgFHfxbPaiTWELkV2nEpBHQI0cLgzlcEBwo+uoFiYK +33Yxb6EhNFSy7d2GPVZMjIR+KifCIem+i/3BiIlzneuFSRlnKORekQ== +-----END RSA PRIVATE KEY----- diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/mtls_certs/example2.com.crt b/kong-versions/2.8.4.3/kong/spec/fixtures/mtls_certs/example2.com.crt new file mode 100644 index 00000000..85756548 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/mtls_certs/example2.com.crt @@ -0,0 +1,25 @@ +-----BEGIN CERTIFICATE----- +MIIEJzCCAg8CFAQ6oTnLBUHbumx1bxyY9kV0W21BMA0GCSqGSIb3DQEBCwUAMFgx +CzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxLb25n +IFRlc3RpbmcxHTAbBgNVBAMMFEtvbmcgVGVzdGluZyBSb290IENBMB4XDTIwMDQx +MzIzNDg0MVoXDTMwMDQxMTIzNDg0MVowSDELMAkGA1UEBhMCVVMxCzAJBgNVBAgM +AkNBMRUwEwYDVQQKDAxLb25nIFRlc3RpbmcxFTATBgNVBAMMDGV4YW1wbGUyLmNv +bTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK+kZhxdN8PA3SW9cXiv +xgtANq57PIWNnSDsg9Yxn0/+JKR45pSU+SKYtZUJJJuOdkv4IIJLm6uG6LbOPUDO +g9EaV0Zw7RQtbY6EDFDFzeyq0/Mwl9wLJtXf0fPsXGyFIdeelBjzoSVsGGJKPWbP +rlUtSHCrpFX53NTPnNVUJz9V6CdzZJgbyoiWP7ggKJeRPq6jCW5pt+cd+sR4+EPh +daBmEVWeifLEKCbBvsQaOGfU1aVG1AlX0RpLBkTxOOFIIk/3dgWOsrek2ofjku4F +g0MeWmD8oXOHUX2JxO77/BbLDQt0lzD27y/EkDoqy6mMAH85/LTYrU+P0WsEyexg +CHcCAwEAATANBgkqhkiG9w0BAQsFAAOCAgEAwWAxQjQOoGxU5LQu4ZmsCkps9y0B +kNj8MUpLcFmK+02VIUh3hM4vuB6Gct2Ph+6zqCge3oqTXltU0Bs2MTwAKs/scsxq +Mtanz4W00UlmG3QdgHaEs196tYQ8cKIaGZsNBv15VgBBduUG478pKqYE8bJKBbw7 +1Ym390hSPo0dNe7jLFXx6AaJvlEYh09P4FgfkXuY5VVTGXfN7XgJI073pLRY6iGH +Qd+Egymh86AQtnoNpmqSCMNcjRVAyR8Ti3qnyro8ruZCnNYHieGeh/ZsZvhGDeWX +v4YXjW2NDQ5+Ok6Gtvhf/l6RSrnXLbZtv8NStqwQJ+ydu05BJglZ/7Sb0uQYVNq2 +H8V+MtApFT6fG6ANM6hadNFG+p8Hwz6k4BLrc9ZxeWYKWIIusqExR9JIlGzEjvFJ +6NmNjm3eZE9Ue4YgURj1KTr53wAso4LbJpz/zuZS+m9PMz7n8fRL25/Z5b/92L3a +w0vsxUJyTDeMvYf8oT6OkxNVJ0zBRZNtEg5AJKdP6nU53V998jHP9vUisrU2ALhu +Jw3QiWiDKnRtx8PiiRx7dWo+Xwn9+xVypytqNz3w/XJlOjMwOg73q399w+vMiFTl +qdr7eYvaQBGOZVc3OdiP8afyVxlhHBowUoi8G+iPbgOsARHv/j4UeMVyIThzxv73 +a2EQ5BzyOzQ81H4= +-----END CERTIFICATE----- diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/mtls_certs/example2.com.key b/kong-versions/2.8.4.3/kong/spec/fixtures/mtls_certs/example2.com.key new file mode 100644 index 00000000..05c29251 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/mtls_certs/example2.com.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAr6RmHF03w8DdJb1xeK/GC0A2rns8hY2dIOyD1jGfT/4kpHjm +lJT5Ipi1lQkkm452S/gggkubq4bots49QM6D0RpXRnDtFC1tjoQMUMXN7KrT8zCX +3Asm1d/R8+xcbIUh156UGPOhJWwYYko9Zs+uVS1IcKukVfnc1M+c1VQnP1XoJ3Nk +mBvKiJY/uCAol5E+rqMJbmm35x36xHj4Q+F1oGYRVZ6J8sQoJsG+xBo4Z9TVpUbU +CVfRGksGRPE44UgiT/d2BY6yt6Tah+OS7gWDQx5aYPyhc4dRfYnE7vv8FssNC3SX +MPbvL8SQOirLqYwAfzn8tNitT4/RawTJ7GAIdwIDAQABAoIBAHMJzgdN1rRToYSS +a7uMBL5htG7bMGyYsA1cW4zyu1F9NyqyNPOkDvjl5ChU8LEhwcFIJqKwOqlBlzIE +KoJDwHo4MmlklSLeDh+FxTsyEwmraV6iuRPaCfmSusR0TqSVHfFHX+Bn0WfdQKs/ +zK+F3rzTB9sj0GKvYD/SKvpeP8Zuu9EBqo4N7PU3VHwDq5t32Ut/+M5XWtulsQcs +qXr2R3agj/DnODANT6Dn/mJboTrYOSV18S/Yw/+OnWBcLzlT5sj0aLgrtXvIputv +9caux4HklAQr29+lKB8nBTfjhXnBntMaEgqCVJ3ri83MuEfVDhmjwo6PnX22/J0h +2XbCyUECgYEA2v8m+CTBTjdAqOuje34+UiWRzT2P9OFONV8nYgzEcQW5JkUoFCun +KgQQIvjCsX4jY6/8w/IPF1ieTconZYJUWSyMZFtBBDCVif1GZRiiM2C4Zcero1KV +U0V3wZcnYkzafzIHkqFUYZwamvdKWVI4c6F5MhSEKCgcbgKKI52TEokCgYEAzVHr +KjQt+dqNkbipYoGH2ywLdcogDwKoyUFbgcvz/q625gu4am025wF25yRKExm7Dyjx +eCQC+KOsBfJSc78fG5R6KPIDK1JrpUEGSCeqFICiqGv9kUzPf5zeGZVf9cU4tyPT +5wYUEM7NX8VRoasZ4OUvYyYBw1Cx8vMdvQn/gv8CgYAIhxcFYqkEWrJx4XskO+5B +VKUw0MziREO/YE0wTD76B7cF/ntpDaocwLvAIN+z+a13HEtDdhGQXysK7GxMT57p +OgrdfZAykZHBJdOv7B2k0odbr0LHwVd/Pp1DNJecBFId0dzpoM6gXmvKzQZgJAt+ +tTL6+EGNLsKspfyrFl+7wQKBgQDAt2VuJbAJ1xQOdS+4IDCujfbrxp60uCBJVylW ++WK56LAP2WxtqLlhtsQuTKeiqgIkRp/vzo1jZ+0tX7f4oKnIL2NCT3aeESys3g3R +aDmCKQOD5mkJGvmgpFLr3INHoqiLbfuV2uS2qgWnIQRwJLOTnksOWzxIYdPFYGDH +cTz9bQKBgQDGv929DUinrKXe/uKJHLAcq+MjmF/+kZU9yn+svq6SSdplqp7xbXX4 +3T5HCWqD4Sy+PVzGaDg5YfXC8yaFPPfY0/35T2FoQEiCAPQO+07Smg6RqJ3yVpIm +LTsbLleJTc8CX0bI4SukQ7MVQsiHimzyEzx3eyLt1S8aBdJuRFZ2mg== +-----END RSA PRIVATE KEY----- diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/nginx-directives.conf b/kong-versions/2.8.4.3/kong/spec/fixtures/nginx-directives.conf new file mode 100644 index 00000000..c7a73f59 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/nginx-directives.conf @@ -0,0 +1,8 @@ +nginx_http_variables_hash_bucket_size = 128 +nginx_stream_variables_hash_bucket_size = 128 +nginx_http_lua_shared_dict = custom_cache 5m +nginx_stream_lua_shared_dict = custom_cache 5m +nginx_proxy_proxy_bind = 127.0.0.1 +nginx_sproxy_proxy_bind = 127.0.0.1 +nginx_admin_server_tokens = off +nginx_status_client_body_buffer_size = 8k diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/ocsp_certs/ca-chain.crt b/kong-versions/2.8.4.3/kong/spec/fixtures/ocsp_certs/ca-chain.crt new file mode 100644 index 00000000..9c3449c5 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/ocsp_certs/ca-chain.crt @@ -0,0 +1,65 @@ +-----BEGIN CERTIFICATE----- +MIIFmTCCA4GgAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwXjELMAkGA1UEBhMCVVMx +CzAJBgNVBAgMAkNBMQswCQYDVQQHDAJTRjENMAsGA1UECgwES29uZzEUMBIGA1UE +CwwLRW5naW5lZXJpbmcxEDAOBgNVBAMMB3Jvb3RfY2EwHhcNMjEwMzA0MTEyMjM1 +WhcNNDEwMjI3MTEyMjM1WjBZMQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExDTAL +BgNVBAoMBEtvbmcxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA9pbnRl +cm1lZGlhdGVfY2EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDXcXvt +kyiEY7Nr8VeEF2KTpGkEwPLNoLW9eNpFH0bFlKcmM/+IocSUErD091SCf0fGCRuo +8bISb4MVa5esq8XMUSR63cDmz2IbWOtvNir4wLfAoUuA4JBhubaSyaslXLf376QT +sYDjLH9jQ3rFYskz9hrlX1HFFmm0hlDnuqr1w0GF+6PxPdxRKkdvKexPuQp3qaVZ +dzKvFcGuCu7nuqemb37CBBkdRAgVUj37pXBIcc5p5h8PVAU24r7pAaYppDmmZMWa +uTSjz4K/PTh5GzG+snf8iH+EpTLGUqPElR+ABP8YiNrQQzgA91lPjwLqp6D34sMT +7xvk4Ri1cOpOsNA4hCdFPilzolMQ6Zpz0ELI25vBt8qY57JMlsUjaY2PR1gI+pE+ +jc52e18Bt/axNnbgxoxTQWPcw27mUs7H4+1WiZufhzz59obgWRnoCom0Fb6RN9Rl +8ezl+h30+Dgk8ftiFm/fI1BttL6dihveSP/xvuMYRFyT0F1ZNZhgME218cOB5hZN +dKOFynRgI4SfCeMNSy3KnrBoPYE3P/f1ljBbrR5x/xQE0V5iWFJwZwWexO0+Hf7h +Aaql5dcwsMIjf8MfHKuQOfZauUmPxu0EbM4NiQu5GEK/9rGEIO51Tlo237l6k4tF +oKCj3EUZ9cM02CROKGDM6vfkyeyGDbuDPGmdLwIDAQABo2YwZDAdBgNVHQ4EFgQU +xTAm/Gj7/9K32+Wdc0BOHFKRFeEwHwYDVR0jBBgwFoAU9NE7mu7p9CqGxLNWl7km +VfMeEO0wEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZI +hvcNAQELBQADggIBAKFvNX1Wv7lOsYvDGOCmIrJEDdjW2Q60p23v1U/R9Wv7xo7X +2SRuQvqKd3AB/9dCSgaaXKHwYgTPIS8NwUJ0SMvSwrnnRpZS5qkOB9JgRgAX5Ebd +eyupB2AumZ1BGaw2gqPYHm8zxu3N2yw2pVV9LJ2nM+IPTqiQrYCV7BxNpAd/v9OA +EC9XbKhPqdJ4bD6dGg7w5iBPadb6amAKkGutKjjB+AC/lJlM9bMEGd6RP0ywptQx +jAfY0VTElLsN30Q6pn31Xf4UzZk4xzyW04GaPFcJVoHTWSl969p0k0L/WAMakDHB +/g4VvkMTFDoH1Mi7ohakHnMC9XQbMVj2t/EE3XLiD4gcNEyCjXczIxDYJRYe2X3f +51vQNR921P1KUNTooGusltMmHuWBnT046o9rp/2uQvHm2y/qv1kCPHTiP7vhb/TG +2JCc+3LZ621EjH5jRvL60Pji4RnGGqLDBykLK68dymHVfrSAi+ZCx6PNxSm0Ydm6 +ZM1Vb8lD2EwEm20qKWM484ItWcVHgWEWDvaMjh0iIq45LA0KmN47iUN8X6rmdulZ +MDSnSYwJfRt1DdyUC0nDWMQaW1JOQxQxoJCoDmiLwv9BIeNB8LNJEU0FTOPc8xhf +VdlbjNIC1fs2OMWOc3A1hAFlf+vU8UYLRgYhLiAhFT2iwhBksSzGURY7eKqM +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFrTCCA5WgAwIBAgIUFQe9z25yjw26iWzS+P7+hz1zx6AwDQYJKoZIhvcNAQEL +BQAwXjELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAkNBMQswCQYDVQQHDAJTRjENMAsG +A1UECgwES29uZzEUMBIGA1UECwwLRW5naW5lZXJpbmcxEDAOBgNVBAMMB3Jvb3Rf +Y2EwHhcNMjEwMzA0MTEyMjM0WhcNNDEwMjI3MTEyMjM0WjBeMQswCQYDVQQGEwJV +UzELMAkGA1UECAwCQ0ExCzAJBgNVBAcMAlNGMQ0wCwYDVQQKDARLb25nMRQwEgYD +VQQLDAtFbmdpbmVlcmluZzEQMA4GA1UEAwwHcm9vdF9jYTCCAiIwDQYJKoZIhvcN +AQEBBQADggIPADCCAgoCggIBAKKjido39I5SEmPhme0Z+hG0buOylXg+jmqHpJ/K +rs+dSq/PsJCjSke81eOP2MFa5duyBxdnXmMJwZYxuQ91bKxdzWVE9ZgCJgNJYsB6 +y5+Fe7ypERwa2ebS/M99FFJ3EzpF017XdsgnSfVh1GEQOZkWQ1+7YrEUEgtwN5lO +MVUmj1EfoL+jQ/zwxwdxpLu3dh3Ica3szmx3YxqIPRnpyoYYqbktjL63gmFCjLeW +zEXdVZyoisdaA4iZ9e/wmuLR2/F4cbZ0SjU7QULZ2Zt/SCrs3CaJ3/ZAa6s84kjg +JBMav+GxbvATSuWQEajiVQrkW9HvXD/NUQBCzzZsOfpzn0044Ls7XvWDCCXs+xtG +Uhd5cJfmlcbHbZ9PU1xTBqdbwiRX+XlmX7CJRcfgnYnU/B3m5IheA1XKYhoXikgv +geRwq5uZ8Z2E/WONmFts46MLSmH43Ft+gIXA1u1g3eDHkU2bx9u592lZoluZtL3m +bmebyk+5bd0GdiHjBGvDSCf/fgaWROgGO9e0PBgdsngHEFmRspipaH39qveM1Cdh +83q4I96BRmjU5tvFXydFCvp8ABpZz9Gj0h8IRP+bK5ukU46YrEIxQxjBee1c1AAb +oatRJSJc2J6zSYXRnQfwf5OkhpmVYc+1TAyqPBfixa2TQ7OOhXxDYsJHAb7WySKP +lfonAgMBAAGjYzBhMB0GA1UdDgQWBBT00Tua7un0KobEs1aXuSZV8x4Q7TAfBgNV +HSMEGDAWgBT00Tua7un0KobEs1aXuSZV8x4Q7TAPBgNVHRMBAf8EBTADAQH/MA4G +A1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAgI8CSmjvzQgmnzcNwqX5 +o+KBWEMHJEqQfowaZE7o6xkvEljb1YHRDE0hlwUtD1vbKUthoHD8Mqim3No5z4J0 +dEE+mXQ3zlJWKl5gqHs9KtcLhk51mf4VJ2TW8Z7AoE2OjWSnycLNdlpqUvxzCQOn +CIhvyDfs4OV1RYywbfiLLmzTCYT7Mt5ye1ZafoRNZ37DCnI/uqoOaMb+a6VaE+0F +ZXlDonXmy54QUmt6foSG/+kYaqdVLribsE6H+GpePmPTKKOvgE1RutR5+nvMJUB3 ++zMQSPVVYLzizwV+Tq9il81qNQB2hZGvM8iSRraBNn8mwpx7M6kcoJ4gvCA3kHCI +rmuuzlhkNcmZYh0uG378CzhdEOV+JMmuCh4xt2SbQIr5Luqm/+Xoq4tDplKoUVkC +DScxPoFNoi9bZYW/ppcaeX5KT3Gt0JBaCfD7d0CtbUp/iPS1HtgXTIL9XiYPipsV +oPLtqvfeORl6aUuqs1xX8HvZrSgcld51+r8X31YIs6feYTFvlbfP0/Jhf2Cs0K/j +jhC0sGVdWO1C0akDlEBfuE5YMrehjYrrOnEavtTi9+H0vNaB+BGAJHIAj+BGj5C7 +0EkbQdEyhB0pliy9qzbPtN5nt+y0I1lgN9VlFMub6r1u5novNzuVm+5ceBrxG+ga +T6nsr9aTE1yghO6GTWEPssw= +-----END CERTIFICATE----- diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/ocsp_certs/ca.crt b/kong-versions/2.8.4.3/kong/spec/fixtures/ocsp_certs/ca.crt new file mode 100644 index 00000000..a33350b0 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/ocsp_certs/ca.crt @@ -0,0 +1,33 @@ +-----BEGIN CERTIFICATE----- +MIIFrTCCA5WgAwIBAgIUFQe9z25yjw26iWzS+P7+hz1zx6AwDQYJKoZIhvcNAQEL +BQAwXjELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAkNBMQswCQYDVQQHDAJTRjENMAsG +A1UECgwES29uZzEUMBIGA1UECwwLRW5naW5lZXJpbmcxEDAOBgNVBAMMB3Jvb3Rf +Y2EwHhcNMjEwMzA0MTEyMjM0WhcNNDEwMjI3MTEyMjM0WjBeMQswCQYDVQQGEwJV +UzELMAkGA1UECAwCQ0ExCzAJBgNVBAcMAlNGMQ0wCwYDVQQKDARLb25nMRQwEgYD +VQQLDAtFbmdpbmVlcmluZzEQMA4GA1UEAwwHcm9vdF9jYTCCAiIwDQYJKoZIhvcN +AQEBBQADggIPADCCAgoCggIBAKKjido39I5SEmPhme0Z+hG0buOylXg+jmqHpJ/K +rs+dSq/PsJCjSke81eOP2MFa5duyBxdnXmMJwZYxuQ91bKxdzWVE9ZgCJgNJYsB6 +y5+Fe7ypERwa2ebS/M99FFJ3EzpF017XdsgnSfVh1GEQOZkWQ1+7YrEUEgtwN5lO +MVUmj1EfoL+jQ/zwxwdxpLu3dh3Ica3szmx3YxqIPRnpyoYYqbktjL63gmFCjLeW +zEXdVZyoisdaA4iZ9e/wmuLR2/F4cbZ0SjU7QULZ2Zt/SCrs3CaJ3/ZAa6s84kjg +JBMav+GxbvATSuWQEajiVQrkW9HvXD/NUQBCzzZsOfpzn0044Ls7XvWDCCXs+xtG +Uhd5cJfmlcbHbZ9PU1xTBqdbwiRX+XlmX7CJRcfgnYnU/B3m5IheA1XKYhoXikgv +geRwq5uZ8Z2E/WONmFts46MLSmH43Ft+gIXA1u1g3eDHkU2bx9u592lZoluZtL3m +bmebyk+5bd0GdiHjBGvDSCf/fgaWROgGO9e0PBgdsngHEFmRspipaH39qveM1Cdh +83q4I96BRmjU5tvFXydFCvp8ABpZz9Gj0h8IRP+bK5ukU46YrEIxQxjBee1c1AAb +oatRJSJc2J6zSYXRnQfwf5OkhpmVYc+1TAyqPBfixa2TQ7OOhXxDYsJHAb7WySKP +lfonAgMBAAGjYzBhMB0GA1UdDgQWBBT00Tua7un0KobEs1aXuSZV8x4Q7TAfBgNV +HSMEGDAWgBT00Tua7un0KobEs1aXuSZV8x4Q7TAPBgNVHRMBAf8EBTADAQH/MA4G +A1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAgI8CSmjvzQgmnzcNwqX5 +o+KBWEMHJEqQfowaZE7o6xkvEljb1YHRDE0hlwUtD1vbKUthoHD8Mqim3No5z4J0 +dEE+mXQ3zlJWKl5gqHs9KtcLhk51mf4VJ2TW8Z7AoE2OjWSnycLNdlpqUvxzCQOn +CIhvyDfs4OV1RYywbfiLLmzTCYT7Mt5ye1ZafoRNZ37DCnI/uqoOaMb+a6VaE+0F +ZXlDonXmy54QUmt6foSG/+kYaqdVLribsE6H+GpePmPTKKOvgE1RutR5+nvMJUB3 ++zMQSPVVYLzizwV+Tq9il81qNQB2hZGvM8iSRraBNn8mwpx7M6kcoJ4gvCA3kHCI +rmuuzlhkNcmZYh0uG378CzhdEOV+JMmuCh4xt2SbQIr5Luqm/+Xoq4tDplKoUVkC +DScxPoFNoi9bZYW/ppcaeX5KT3Gt0JBaCfD7d0CtbUp/iPS1HtgXTIL9XiYPipsV +oPLtqvfeORl6aUuqs1xX8HvZrSgcld51+r8X31YIs6feYTFvlbfP0/Jhf2Cs0K/j +jhC0sGVdWO1C0akDlEBfuE5YMrehjYrrOnEavtTi9+H0vNaB+BGAJHIAj+BGj5C7 +0EkbQdEyhB0pliy9qzbPtN5nt+y0I1lgN9VlFMub6r1u5novNzuVm+5ceBrxG+ga +T6nsr9aTE1yghO6GTWEPssw= +-----END CERTIFICATE----- diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/ocsp_certs/index.txt b/kong-versions/2.8.4.3/kong/spec/fixtures/ocsp_certs/index.txt new file mode 100644 index 00000000..d9c4e670 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/ocsp_certs/index.txt @@ -0,0 +1,3 @@ +V 310302112235Z 1000 unknown /C=US/ST=CA/L=SF/O=Kong/OU=Engineering/CN=ocsp +V 310302112337Z 1001 unknown /C=US/ST=CA/L=SF/O=Kong/OU=Engineering/CN=kong_clustering +V 310302112425Z 1002 unknown /C=US/ST=CA/L=SF/O=Kong/OU=Engineering/CN=kong_data_plane diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/ocsp_certs/index.txt.revoked b/kong-versions/2.8.4.3/kong/spec/fixtures/ocsp_certs/index.txt.revoked new file mode 100644 index 00000000..adc8959a --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/ocsp_certs/index.txt.revoked @@ -0,0 +1,3 @@ +V 310302112235Z 1000 unknown /C=US/ST=CA/L=SF/O=Kong/OU=Engineering/CN=ocsp +V 310302112337Z 1001 unknown /C=US/ST=CA/L=SF/O=Kong/OU=Engineering/CN=kong_clustering +R 310302112425Z 210304112822Z 1002 unknown /C=US/ST=CA/L=SF/O=Kong/OU=Engineering/CN=kong_data_plane diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/ocsp_certs/kong_clustering.crt b/kong-versions/2.8.4.3/kong/spec/fixtures/ocsp_certs/kong_clustering.crt new file mode 100644 index 00000000..43ae9de2 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/ocsp_certs/kong_clustering.crt @@ -0,0 +1,63 @@ +-----BEGIN CERTIFICATE----- +MIIFYzCCA0ugAwIBAgICEAEwDQYJKoZIhvcNAQELBQAwWTELMAkGA1UEBhMCVVMx +CzAJBgNVBAgMAkNBMQ0wCwYDVQQKDARLb25nMRQwEgYDVQQLDAtFbmdpbmVlcmlu +ZzEYMBYGA1UEAwwPaW50ZXJtZWRpYXRlX2NhMB4XDTIxMDMwNDExMjMzN1oXDTMx +MDMwMjExMjMzN1owZjELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAkNBMQswCQYDVQQH +DAJTRjENMAsGA1UECgwES29uZzEUMBIGA1UECwwLRW5naW5lZXJpbmcxGDAWBgNV +BAMMD2tvbmdfY2x1c3RlcmluZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC +ggEBANaCyZeJxFogkiIBjNBTZcztOsW/8vfljzK/m6Yi589hbrTw2CgDGBl+3Pnl +3AA8bkpAG0Tl0TjB3h/hij5Ywopd/dDEeNAhjvlBNiDMy2cN93t3XvGyp7w4hF9u +yaUiJgyTH7AjuCDO01jvj8GT31cfNDBMBwjQF0AltsGScZhanwy82fHUZzvpHMr6 +OQ+riBwb2rXKHoSCukxbs/Y1HfPxmpNShWDPXFFMbsujPRT6meVcCKQuThIWLdwA +KvJYSYC3gTHQyadjwTF9nLZgMu6cWxTheWXXZ/sF4tZ1DPQCjd/1Pdi/TwEawAUa +vOHP7ArfB2vHOX59bJgJbFyGB3ECAwEAAaOCASYwggEiMAkGA1UdEwQCMAAwEQYJ +YIZIAYb4QgEBBAQDAgZAMDMGCWCGSAGG+EIBDQQmFiRPcGVuU1NMIEdlbmVyYXRl +ZCBTZXJ2ZXIgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFCOojCEbuBGgdyxoUfYTEyYU +ioxGMIGIBgNVHSMEgYAwfoAUxTAm/Gj7/9K32+Wdc0BOHFKRFeGhYqRgMF4xCzAJ +BgNVBAYTAlVTMQswCQYDVQQIDAJDQTELMAkGA1UEBwwCU0YxDTALBgNVBAoMBEtv +bmcxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRAwDgYDVQQDDAdyb290X2NhggIQADAO +BgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDQYJKoZIhvcNAQEL +BQADggIBAHJmrqebjeI7dz34cJBZH0iKTv/dHqinck4u2Dnol85SUICDAlIk1ZDm ++VHA7ZH3ittPjWbiR8N8CJ+GW+2zfcenM+9BfCm95FJ8K/4vU9Xrx/NZH621NELm +fneD/rFWahf+KT9J7H9SeR3oIiecsDEDM0RAFrqU3innLAnWoTKDNQukjBGUrTnm +3YPv6+MAUHl1AaZpX4yEtakevQHxY0Kfpt0U1iZbvL5jeC9HuswTFCplARI5qnxG +0RhRveApQ6Im0clUKx8eqG2Iez4clSNLGJEsUpvyr3CwbyOU/9UneK98hbf13rww +DPoYT1U6JMEJuKBuL1qDECH8UUF0X41KEPP9s+dgBcAXE/gaD89hjIzOhbkDXbLO +L8511Fr466Gcab05FBGupXjnJ63EB3Ct4TAkRS6W8IrOtWRPOtOCbRJtSKqcZnfE +F8UCklCfIHaM7y8JClVLWSIjaOtg2UVJqCJnEMo+5h4WLnkGfBZr7VAJRKPKC3Vt +jfKbOUcWcMJxR+UWWu+9A/kMb97cAXuSwZRyeeKAnMzQHWYMx6Bo/m2JHWwhlsf+ +vX6mp4C+FeyoXejP1cZBVkMh1JsRKWHAxbGLQkrYHhTKwYudLvsXURatJ0i+BNjI +QmBTKAfIh2q6qJDRcsDURDsvBD46f2p/kzg08+f5eQv+cMx2ryAq +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFmTCCA4GgAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwXjELMAkGA1UEBhMCVVMx +CzAJBgNVBAgMAkNBMQswCQYDVQQHDAJTRjENMAsGA1UECgwES29uZzEUMBIGA1UE +CwwLRW5naW5lZXJpbmcxEDAOBgNVBAMMB3Jvb3RfY2EwHhcNMjEwMzA0MTEyMjM1 +WhcNNDEwMjI3MTEyMjM1WjBZMQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExDTAL +BgNVBAoMBEtvbmcxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA9pbnRl +cm1lZGlhdGVfY2EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDXcXvt +kyiEY7Nr8VeEF2KTpGkEwPLNoLW9eNpFH0bFlKcmM/+IocSUErD091SCf0fGCRuo +8bISb4MVa5esq8XMUSR63cDmz2IbWOtvNir4wLfAoUuA4JBhubaSyaslXLf376QT +sYDjLH9jQ3rFYskz9hrlX1HFFmm0hlDnuqr1w0GF+6PxPdxRKkdvKexPuQp3qaVZ +dzKvFcGuCu7nuqemb37CBBkdRAgVUj37pXBIcc5p5h8PVAU24r7pAaYppDmmZMWa +uTSjz4K/PTh5GzG+snf8iH+EpTLGUqPElR+ABP8YiNrQQzgA91lPjwLqp6D34sMT +7xvk4Ri1cOpOsNA4hCdFPilzolMQ6Zpz0ELI25vBt8qY57JMlsUjaY2PR1gI+pE+ +jc52e18Bt/axNnbgxoxTQWPcw27mUs7H4+1WiZufhzz59obgWRnoCom0Fb6RN9Rl +8ezl+h30+Dgk8ftiFm/fI1BttL6dihveSP/xvuMYRFyT0F1ZNZhgME218cOB5hZN +dKOFynRgI4SfCeMNSy3KnrBoPYE3P/f1ljBbrR5x/xQE0V5iWFJwZwWexO0+Hf7h +Aaql5dcwsMIjf8MfHKuQOfZauUmPxu0EbM4NiQu5GEK/9rGEIO51Tlo237l6k4tF +oKCj3EUZ9cM02CROKGDM6vfkyeyGDbuDPGmdLwIDAQABo2YwZDAdBgNVHQ4EFgQU +xTAm/Gj7/9K32+Wdc0BOHFKRFeEwHwYDVR0jBBgwFoAU9NE7mu7p9CqGxLNWl7km +VfMeEO0wEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZI +hvcNAQELBQADggIBAKFvNX1Wv7lOsYvDGOCmIrJEDdjW2Q60p23v1U/R9Wv7xo7X +2SRuQvqKd3AB/9dCSgaaXKHwYgTPIS8NwUJ0SMvSwrnnRpZS5qkOB9JgRgAX5Ebd +eyupB2AumZ1BGaw2gqPYHm8zxu3N2yw2pVV9LJ2nM+IPTqiQrYCV7BxNpAd/v9OA +EC9XbKhPqdJ4bD6dGg7w5iBPadb6amAKkGutKjjB+AC/lJlM9bMEGd6RP0ywptQx +jAfY0VTElLsN30Q6pn31Xf4UzZk4xzyW04GaPFcJVoHTWSl969p0k0L/WAMakDHB +/g4VvkMTFDoH1Mi7ohakHnMC9XQbMVj2t/EE3XLiD4gcNEyCjXczIxDYJRYe2X3f +51vQNR921P1KUNTooGusltMmHuWBnT046o9rp/2uQvHm2y/qv1kCPHTiP7vhb/TG +2JCc+3LZ621EjH5jRvL60Pji4RnGGqLDBykLK68dymHVfrSAi+ZCx6PNxSm0Ydm6 +ZM1Vb8lD2EwEm20qKWM484ItWcVHgWEWDvaMjh0iIq45LA0KmN47iUN8X6rmdulZ +MDSnSYwJfRt1DdyUC0nDWMQaW1JOQxQxoJCoDmiLwv9BIeNB8LNJEU0FTOPc8xhf +VdlbjNIC1fs2OMWOc3A1hAFlf+vU8UYLRgYhLiAhFT2iwhBksSzGURY7eKqM +-----END CERTIFICATE----- diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/ocsp_certs/kong_clustering.key b/kong-versions/2.8.4.3/kong/spec/fixtures/ocsp_certs/kong_clustering.key new file mode 100644 index 00000000..77e81fde --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/ocsp_certs/kong_clustering.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEA1oLJl4nEWiCSIgGM0FNlzO06xb/y9+WPMr+bpiLnz2FutPDY +KAMYGX7c+eXcADxuSkAbROXROMHeH+GKPljCil390MR40CGO+UE2IMzLZw33e3de +8bKnvDiEX27JpSImDJMfsCO4IM7TWO+PwZPfVx80MEwHCNAXQCW2wZJxmFqfDLzZ +8dRnO+kcyvo5D6uIHBvatcoehIK6TFuz9jUd8/Gak1KFYM9cUUxuy6M9FPqZ5VwI +pC5OEhYt3AAq8lhJgLeBMdDJp2PBMX2ctmAy7pxbFOF5Zddn+wXi1nUM9AKN3/U9 +2L9PARrABRq84c/sCt8Ha8c5fn1smAlsXIYHcQIDAQABAoIBAGXOrN6/A/HCg5ig +I7S74BTigoJYF3iP+uabCcRPzLUgCOrXY7+ZuFZhX387GK8D/1Q+GLMaX7IQUNvQ +r0vn1GzXLx9mH/Cn/LNPv+DRUbgXaN2wSd9say9po2mnqww0qNpO+TsfuMPZZXVQ +PWoiRF2U8a/6ZVxJZr+LJrG4TzF+8gyHoUJrlncob8ma5EQKOR3HzMxfJx9OrjQW +ISu+g2D+0qpaiPGlEUOMKBnrFhVCd5LUaCKM1F7qTe08hvyywqp7CJ4rw2loa+4W +cdl2UTl01lTke3uEPsBdtvpwQ0DAvFyXgA09LmnwRjHtPzHjNxnkGE2qz14sctBi +OXt2KAECgYEA+qGxJ5tYkqob+JTvrAQp1zD9ECs9ElVbJZwZ5Z/lhxMBJ07v11Ku +++M9rSUjhWcYbd2gfGEkxXzSK9yYc4ryzDvCREuNmGxYs52VnaBlKPY3T/h046/9 +S0NivzApCTVK+CYdntT4XNyn9+WGO7zq7x6FQkSsFuj2lnfHrahq0i0CgYEA2xsI +KMYMe0NTJFNzhfFQMzkSU1R1+TvhaXjpqfneeizF4plYxrZOtOb3vzriWepB70de +4atsoxZUfqS34RKkLX1WyuoLm3WtpJHHmhUfj18PlIMu0gXrisUZM8evltTOyRsg +mn+V/nZeXn34tZARbJ4rAMrmOKIz/z0OCtZ6yNUCgYEArb6ZiNNwO3whl9nnrF/W +gY88X5EZ7TOu1Au7CCwoedL64b0fFy4CkCuf/f/Y+AnYLZGOR6swSpeVO0LZjH+u +gVaL/bxClH/HnfyIU5V1i0fkYFPk9FJ0TVCRi+hfCjsflZcWwZzx764n4voCbDcy +xkFqL95bTiaBix3OFtzB8KECgYEAuyhbDuEllkELCxORsY9Qz4Bnq/CQmWXSBVM4 +XW5H4RrPqeENWSgvEQ3eAGZfJSkaSzcu0BurP5/6avdu7n4K6aSP9+J2KcQaoGG6 +G18Bx2kPGO/5lYNjEPWNspJW5cNAI77dWbu0N1mLALIgOY8nox10ZEfs4eGEAvl3 +PkC5P0UCgYBh1qnXWvj5KT0pt7p2X7ayg2FHunNHO1QLpFBWhhgQlyvLns/toQWc +XXKogwiMZ8D6g3eex8vZ25K01JNn7uQUDUNVhzyUcSjfVFB1Bc9dLdNfIYvL4adz +BTZ7TjBYdScSIhjHKbaLwimHcNllYqz3vJ6hAK9YFVt5sI+/EixHmQ== +-----END RSA PRIVATE KEY----- diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/ocsp_certs/kong_data_plane.crt b/kong-versions/2.8.4.3/kong/spec/fixtures/ocsp_certs/kong_data_plane.crt new file mode 100644 index 00000000..4f30d968 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/ocsp_certs/kong_data_plane.crt @@ -0,0 +1,62 @@ +-----BEGIN CERTIFICATE----- +MIIFOjCCAyKgAwIBAgICEAIwDQYJKoZIhvcNAQELBQAwWTELMAkGA1UEBhMCVVMx +CzAJBgNVBAgMAkNBMQ0wCwYDVQQKDARLb25nMRQwEgYDVQQLDAtFbmdpbmVlcmlu +ZzEYMBYGA1UEAwwPaW50ZXJtZWRpYXRlX2NhMB4XDTIxMDMwNDExMjQyNVoXDTMx +MDMwMjExMjQyNVowZjELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAkNBMQswCQYDVQQH +DAJTRjENMAsGA1UECgwES29uZzEUMBIGA1UECwwLRW5naW5lZXJpbmcxGDAWBgNV +BAMMD2tvbmdfZGF0YV9wbGFuZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC +ggEBAK8wCJuLAIZa+hihNEOx/YBSx+05lXXgoNirVuJjmUhx80oZQsrUnCA3PPe0 +snkUfUTpe0g1P1YPMDQBoXK+MffpanTL2e5EIkD+T1ti9EkTZg+jnjdGaAZ27Y70 +9k6KTb/rFj1Lezswdo86WlXpxcbCFyHlMO590pCPpQ/VpQodqn9bTPPoTKTHlL4q +8no26rb16t7wBVrbADOu7lzcIZYB2xLslM5B8fk7jzIBPMb3uQxh+AhKn2bw07jv +unPMHJK64alfUwqRk9krd/1WICSm51eKi400kefrtzXRwtxjr72EmOCnZdHr2A0O +7ZKlHhZolVXaACghMd4IRI/eUD8CAwEAAaOB/jCB+zAJBgNVHRMEAjAAMBEGCWCG +SAGG+EIBAQQEAwIFoDAzBglghkgBhvhCAQ0EJhYkT3BlblNTTCBHZW5lcmF0ZWQg +Q2xpZW50IENlcnRpZmljYXRlMB0GA1UdDgQWBBSpSKxdiN8o9qYMOy158lXYg2MI +qTAfBgNVHSMEGDAWgBTFMCb8aPv/0rfb5Z1zQE4cUpEV4TAOBgNVHQ8BAf8EBAMC +BeAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMDcGCCsGAQUFBwEBBCsw +KTAnBggrBgEFBQcwAYYbaHR0cDovLzEyNy4wLjAuMToxNTU1NS9vY3NwMA0GCSqG +SIb3DQEBCwUAA4ICAQCxdljA6Yxg7DLCs0RDZwzjHf4/H7SO888v7Tad+mbQcIzI +dzxEaAcXf0qvDsDEPcE8n3vKDC9kHm3wKFJqK04Clc6Su+BLvGwVO0TTi9yC5X0j +OFQQQAeth6ByJh7fqXkY4qkER7aunN77tpdmz4/m19we8U3DO/oQm87Fu89l6hMH +942rpu4uSz2J0d+PpnXulLOJx0xLWv8ARmJkGD8oWUrVMmeeq9q1Yz41Oyyf37Xn +iGUMLC1ejDTBw89wuMuqD9smka9stMdC/7mQWJJqz/Ww16MqGwqLvcK2WZzvU6jE +V42n0Zdq/rnPV63B/NZgwGEpfqWqZj5K0NfjboCoRmS70vWurFlP/oeaYZBoCoUW +cMiw8lnS53fFtX5Mt8gV4NLzoy5a4Q6qoZMzuudcabmEKMNONBp8phkqosSgkDKY +wJvhK1mYdWf3VcX2mjyW3j/shTXlKibesNZAR2XiKqEFqTkqFY6Dx+wpvsNIyvHw +ZWLwa71ZONVhVgt5Hu6w/u+hzrL22v/s9ticVx1jJ6lopppiXf/0Ex4EHjZI5h3w +Sdj2fCBsv05FWJqFadMY6gt92/pmyA1HL7S5rK5odoDviRGQxsCvBax2Vv4WDrIh +tcGGGUZ4nLeWPOqb9e8fJKJtILvQ9x4qRMmeYKMAkflsbjDNw6g612D3TV2WXQ== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFmTCCA4GgAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwXjELMAkGA1UEBhMCVVMx +CzAJBgNVBAgMAkNBMQswCQYDVQQHDAJTRjENMAsGA1UECgwES29uZzEUMBIGA1UE +CwwLRW5naW5lZXJpbmcxEDAOBgNVBAMMB3Jvb3RfY2EwHhcNMjEwMzA0MTEyMjM1 +WhcNNDEwMjI3MTEyMjM1WjBZMQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExDTAL +BgNVBAoMBEtvbmcxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA9pbnRl +cm1lZGlhdGVfY2EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDXcXvt +kyiEY7Nr8VeEF2KTpGkEwPLNoLW9eNpFH0bFlKcmM/+IocSUErD091SCf0fGCRuo +8bISb4MVa5esq8XMUSR63cDmz2IbWOtvNir4wLfAoUuA4JBhubaSyaslXLf376QT +sYDjLH9jQ3rFYskz9hrlX1HFFmm0hlDnuqr1w0GF+6PxPdxRKkdvKexPuQp3qaVZ +dzKvFcGuCu7nuqemb37CBBkdRAgVUj37pXBIcc5p5h8PVAU24r7pAaYppDmmZMWa +uTSjz4K/PTh5GzG+snf8iH+EpTLGUqPElR+ABP8YiNrQQzgA91lPjwLqp6D34sMT +7xvk4Ri1cOpOsNA4hCdFPilzolMQ6Zpz0ELI25vBt8qY57JMlsUjaY2PR1gI+pE+ +jc52e18Bt/axNnbgxoxTQWPcw27mUs7H4+1WiZufhzz59obgWRnoCom0Fb6RN9Rl +8ezl+h30+Dgk8ftiFm/fI1BttL6dihveSP/xvuMYRFyT0F1ZNZhgME218cOB5hZN +dKOFynRgI4SfCeMNSy3KnrBoPYE3P/f1ljBbrR5x/xQE0V5iWFJwZwWexO0+Hf7h +Aaql5dcwsMIjf8MfHKuQOfZauUmPxu0EbM4NiQu5GEK/9rGEIO51Tlo237l6k4tF +oKCj3EUZ9cM02CROKGDM6vfkyeyGDbuDPGmdLwIDAQABo2YwZDAdBgNVHQ4EFgQU +xTAm/Gj7/9K32+Wdc0BOHFKRFeEwHwYDVR0jBBgwFoAU9NE7mu7p9CqGxLNWl7km +VfMeEO0wEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZI +hvcNAQELBQADggIBAKFvNX1Wv7lOsYvDGOCmIrJEDdjW2Q60p23v1U/R9Wv7xo7X +2SRuQvqKd3AB/9dCSgaaXKHwYgTPIS8NwUJ0SMvSwrnnRpZS5qkOB9JgRgAX5Ebd +eyupB2AumZ1BGaw2gqPYHm8zxu3N2yw2pVV9LJ2nM+IPTqiQrYCV7BxNpAd/v9OA +EC9XbKhPqdJ4bD6dGg7w5iBPadb6amAKkGutKjjB+AC/lJlM9bMEGd6RP0ywptQx +jAfY0VTElLsN30Q6pn31Xf4UzZk4xzyW04GaPFcJVoHTWSl969p0k0L/WAMakDHB +/g4VvkMTFDoH1Mi7ohakHnMC9XQbMVj2t/EE3XLiD4gcNEyCjXczIxDYJRYe2X3f +51vQNR921P1KUNTooGusltMmHuWBnT046o9rp/2uQvHm2y/qv1kCPHTiP7vhb/TG +2JCc+3LZ621EjH5jRvL60Pji4RnGGqLDBykLK68dymHVfrSAi+ZCx6PNxSm0Ydm6 +ZM1Vb8lD2EwEm20qKWM484ItWcVHgWEWDvaMjh0iIq45LA0KmN47iUN8X6rmdulZ +MDSnSYwJfRt1DdyUC0nDWMQaW1JOQxQxoJCoDmiLwv9BIeNB8LNJEU0FTOPc8xhf +VdlbjNIC1fs2OMWOc3A1hAFlf+vU8UYLRgYhLiAhFT2iwhBksSzGURY7eKqM +-----END CERTIFICATE----- diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/ocsp_certs/kong_data_plane.key b/kong-versions/2.8.4.3/kong/spec/fixtures/ocsp_certs/kong_data_plane.key new file mode 100644 index 00000000..79ea99e4 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/ocsp_certs/kong_data_plane.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEowIBAAKCAQEArzAIm4sAhlr6GKE0Q7H9gFLH7TmVdeCg2KtW4mOZSHHzShlC +ytScIDc897SyeRR9ROl7SDU/Vg8wNAGhcr4x9+lqdMvZ7kQiQP5PW2L0SRNmD6Oe +N0ZoBnbtjvT2TopNv+sWPUt7OzB2jzpaVenFxsIXIeUw7n3SkI+lD9WlCh2qf1tM +8+hMpMeUviryejbqtvXq3vAFWtsAM67uXNwhlgHbEuyUzkHx+TuPMgE8xve5DGH4 +CEqfZvDTuO+6c8wckrrhqV9TCpGT2St3/VYgJKbnV4qLjTSR5+u3NdHC3GOvvYSY +4Kdl0evYDQ7tkqUeFmiVVdoAKCEx3ghEj95QPwIDAQABAoIBACkcGXj+pnHg2X18 +HrqgAv/g7R+C+sq9mqEdm/bmLmssqk3CHcVhHP4GWF08XwFAyKCqNY7dR+6XA9XA +aDV34lvtv1iHGa3q+SrNQqwMTYz0a2fSGmeYMwMJV3fLjh0iIVqe/QoHM3TRS5ES +vW4ZvJqGo00F7nSYvBfGTZKorODxb3CIjFXTlJZ1u/+YDVswWv3+XrqXKponoedr +Zl8SCf7iqLz6cIPGnx6joIR/e7LK9eDBfgV8bxfsyulby51f06V/cBTQk4l8Qjeb +Z+iFJzZxDuxq219JLWYqKH/JIAchvPoov1PBfEZXK4fKunAR/mw6j4OL/X5H+Dj1 +ziFjbyECgYEA51NHPMiChIRJ4poaTE99CPPcJek3rIAP83+BSRm0e38hibfB7p3C +FpPhtWlMMM6YRAJsVkYrLWTtdl2nZbw3AuH46MM03nTbEgueQ2ry4hofzUKQfe5Y +VyQccFQvQx1XF8lFML0TIEZ1ID38G8oNhme/fk5eHsR7Bn8Pi8XlpY8CgYEAwd/S +qbTph05yCTYGeqqsMh+hUq9oqLvcYJDd7lStJjLlt6b8jEjZspePTHTtcL2vOwx3 +hmA4PQR2Rnc4M4nl8zMHSySk7m7dR9w01uORzk2BzWb2XHy+SdtwFWS+2bKJBWuf +DAtlQzvfF07ccxZfQQTjMGVkhnsDMinriWCxMlECgYBJTRNSyHrLQRwkiQ5yRfHq +B1QoUzmIGOB1GV8/abzOMV/QQwFZ+nWJL/0iviYdhSmsy1PHFt8RuFyi2FR2IWkR +Kcf1Af5by42rrzDMTjR+vyZ6pXAh54fovRGh6ps7Wi3B5M5e/lr0LD9rIxkjOSiG +AZQlkvGyMDKHwXWMpf36MwKBgGDMslBNpfQK9OEoel+w670zEcdJEYZ+FfCZJFYl +LTbPXuctlxcsIJYNGl1gXFVYQC/Jb7xGOo4stilEyWjiR1AAgHnCWB88d3uztSY+ +BcTt6gt2hzdyiUgzKmlkHe5wN/3e2FCZN/wz3pWyqFtGJlU+bXjyhximPthDGflD +r/WhAoGBAKFWK2lmVTiChupq3nihccggW0Dvk1NBLF+OTOGdkPDmNhypMJ7e1OhE +4KYHCmGKFPvg1M0+CQzqop4lxTzFz8NI/Pt/HkWbkbmRyHE2p2cUY4zGIfF9/nwq +vS/uKrJbHMqXyu/pa3HzmFtWrMoXd8/yCdSGwaNDK4ZCiP+hVMQ3 +-----END RSA PRIVATE KEY----- diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/ocsp_certs/ocsp.crt b/kong-versions/2.8.4.3/kong/spec/fixtures/ocsp_certs/ocsp.crt new file mode 100644 index 00000000..21930086 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/ocsp_certs/ocsp.crt @@ -0,0 +1,33 @@ +-----BEGIN CERTIFICATE----- +MIIFpTCCA42gAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwWTELMAkGA1UEBhMCVVMx +CzAJBgNVBAgMAkNBMQ0wCwYDVQQKDARLb25nMRQwEgYDVQQLDAtFbmdpbmVlcmlu +ZzEYMBYGA1UEAwwPaW50ZXJtZWRpYXRlX2NhMB4XDTIxMDMwNDExMjIzNVoXDTMx +MDMwMjExMjIzNVowWzELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAkNBMQswCQYDVQQH +DAJTRjENMAsGA1UECgwES29uZzEUMBIGA1UECwwLRW5naW5lZXJpbmcxDTALBgNV +BAMMBG9jc3AwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDOlydfksGd +jK5CI2yNdsqpA9/Zr6eksPE0BOkbb1LdrqNyI2pRw9D8tpEY6AqaaYwQQyVDA54U +BKE0L/PiqpACm4nKWv1XNsRK+REhEw8V4aqgkt8oyVz2w22mXq+DH8+iCmlpap1N +ZfLXpKz0ZS47uvhFscs3N8bohWI92EHrMxp3JKbmWdoE/NnyAF9wV1WvYpfdpcDT +BKwxO7lW7cgIB3kArtvGLLrtkVhR/js/B+Ff9CLugImGrNnSXfiXOMeLhui1U4v2 +aYEM+BN5TC8PTIoLwo96SRoBnZBoZ215liJiF3peVQNnR1NCYmJ6jQjtBXC4/wz9 +ganFdYF9+WSzSrBHiwIe7Nn7ARdRAtJPvOUBvaj3/zNpNCfikqcvGSTgJ1ixw0oO +8o+UvWThQCGfB34FkG3oAl0y7SEpFKU6+8IWqPoM7Kdm0ZFUKXA2G7RNl5gH/o/B +qVJyx31OvvZZoc3OyTInRpxNdhrWRaJppYw8xxv4mudedf48CToFGQjsWumVkjlU +VdPSVP4VbgrOeVwwas7YBONES7oqkKnvjmLHqAYdalMLyopSuvnb3X96Fp6L2Oms +FuNo6/7AUBVQtm0I08uCRWhP2CPeca1fERgTbO/puECMW3XqNAhyBB5e20uxcB/E +h3qgu4y2xcn6Za1aQ30+RUB5n7DST0odEQIDAQABo3UwczAJBgNVHRMEAjAAMB0G +A1UdDgQWBBRnqkgve+lZRPAGhX4AwHIMJl++gzAfBgNVHSMEGDAWgBTFMCb8aPv/ +0rfb5Z1zQE4cUpEV4TAOBgNVHQ8BAf8EBAMCB4AwFgYDVR0lAQH/BAwwCgYIKwYB +BQUHAwkwDQYJKoZIhvcNAQELBQADggIBACuoaNr7uVBIfDFo6jdLqtiVAOKsUxO9 +EDoBIpGGiLOk3/NZxKUG2+xhsuAwZxPIVxifkg64qlLmMzZMrWFzOvkvRDYnU2se +s/1sbOC3h+Xm5G5HjRhwmHczXUljyZySz0m8UHWeJ49zkDVIGzEBXrRnzBtji1N2 +9PddIz8zhqMtP33nKTo9m1kkkdoA3cZ/fcM21doZ6+ZimtRcOOz7BgQLOwPupq0L +9DxBjJYwPrXj5IRaib0rZQ+kdjPNgggCryvJCk/27dKAwFe4rWLmFYQ+fgY2N2DL +djXtxDxZ8Gw3x+GM5agI/BUhTscx4AvscZZr7brSPPmW5Q8nAE6NJQtanuT0VCuU +VoRwNuTs0w4uTXyS7TwXDvfSrQqQLI+O7BWDnJT02FYmakT5CFsf7zqJzsbhSqq7 +11qK32MBN6q7QvH9SZi6A1jK2UgGiZSCZxF8OFQGJxaf5VBL6naP2NlPSeCZUZ5X +eWVqE/lXi4LLUIWTwGdjbfkY72FFWThZoxtS+lM/CGVjVWS9gwABL+jiirZL++qQ +y9IzzULMyxd6Xl3/eEzwT8kYjgwUQ2KWnjaHSBxHssJiRyHUhl0cUXuLGiW5fsHE +TG6WevipP7qdOiIttLzFyC60pLR7v+vW5VrRXGR1kzou5N1ESi/ixl7PY9fg+wp0 +cWEwPQGHYdE/ +-----END CERTIFICATE----- diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/ocsp_certs/ocsp.key b/kong-versions/2.8.4.3/kong/spec/fixtures/ocsp_certs/ocsp.key new file mode 100644 index 00000000..5d0bf2cc --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/ocsp_certs/ocsp.key @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKAIBAAKCAgEAzpcnX5LBnYyuQiNsjXbKqQPf2a+npLDxNATpG29S3a6jciNq +UcPQ/LaRGOgKmmmMEEMlQwOeFAShNC/z4qqQApuJylr9VzbESvkRIRMPFeGqoJLf +KMlc9sNtpl6vgx/PogppaWqdTWXy16Ss9GUuO7r4RbHLNzfG6IViPdhB6zMadySm +5lnaBPzZ8gBfcFdVr2KX3aXA0wSsMTu5Vu3ICAd5AK7bxiy67ZFYUf47PwfhX/Qi +7oCJhqzZ0l34lzjHi4botVOL9mmBDPgTeUwvD0yKC8KPekkaAZ2QaGdteZYiYhd6 +XlUDZ0dTQmJieo0I7QVwuP8M/YGpxXWBfflks0qwR4sCHuzZ+wEXUQLST7zlAb2o +9/8zaTQn4pKnLxkk4CdYscNKDvKPlL1k4UAhnwd+BZBt6AJdMu0hKRSlOvvCFqj6 +DOynZtGRVClwNhu0TZeYB/6PwalScsd9Tr72WaHNzskyJ0acTXYa1kWiaaWMPMcb ++JrnXnX+PAk6BRkI7FrplZI5VFXT0lT+FW4KznlcMGrO2ATjREu6KpCp745ix6gG +HWpTC8qKUrr5291/ehaei9jprBbjaOv+wFAVULZtCNPLgkVoT9gj3nGtXxEYE2zv +6bhAjFt16jQIcgQeXttLsXAfxId6oLuMtsXJ+mWtWkN9PkVAeZ+w0k9KHRECAwEA +AQKCAgBz7ytvXQI+kfYws4R1ltaAJuZ2WTbxG0Mg+CiA9uY/9YNPyEQgAo3DZAjl +O0LICLdLYQMGKn+JqFd22/o3l5Qdgn+/CXTmfpuFn2RXdUSf+PYyCnolf2smJ+He +3YANS8rPmpwxRl1kU/QFxCozNJzPdEtjgTUTlb+QOVo6bqP/g7w0ZGMtHftVlTgR +sNfeSYSSWffzsNMXGKYxMtz9xY7dwqPLGFXJTszQCSLRUKSa6Kc3m+AGjCehZlsO +zSF2a6y/xkPNjkcbT3XWe1kiVviJ02Ac3WB7NY7cnTmu/WvYMcK13YsUaQzx5nr4 +5BFzyLXbnZP2nVsC4MMPRrQWp+A0Iwu8TJVrb5tUhEoVXGkkj4aUc6awX9g8OTii +5JhQ2le2BazrCWCXtIfrhbcPyORyGizHqtzXqqVbtLUU6AgRyscWeIFf7v1nxP0K +PgzFwzTMT8CH4t/CnkV4S9blj+S3JZY+MrmcliSAVz5+45mY3h7+A2vvMrBFnwiw +5273HZyOCcRdfyufuDGt6vaAC+pgnRuno19i+Q7Mfsp6W3HiutfuNXJwG4YXTLba +JL47QzOXO5DiJ9AczKo/c0lXMw/K/OkcV7QB5qi+9ynoY42sQFdin1mNW03KwZru +Yo40wkXfAMAX/0i0dAKmf2ubG8/g1YcHg+NIAr+HQ6SjLuukYQKCAQEA82vIpCt4 +0iW9uOvvF6PpB/PwnUKTwjJYtVlk92TJ/zNhW50MylMMk5Hj4NC2rbH4yBgjHxAn +jyhYqVi+mrsqidZGXgzmDuS19moqikFV70gFuaf+HbJN4ow3SbvTd5dv4Vv7UKbc +v/jblLM3Zx5kNBZNP9hoo65o7kywcH38lCxOOr4RheJOCUL0YZmGd+S9BFQgfbur +dITTHJ1t4g5zYFSevPM+CbkEIUWgOZrdqjhxGsH1SVTGtzR5qwzWiG3tPKe0nwWb +gejPDrMCzYJm2kd01/WRmkqZU/sAJr7R1iQzrwe9PJmH9BOezyfYremieXqfD4xs +t7OJD1lxutb//QKCAQEA2UQjaISYnwyVYQPSBiS4FiH5Cn5kTd9jX33Qxy/QUbHJ +4MaKNq5N6hwb0nCg52kZdOCzLqpX6wVAxHBL3ouKFYFHVk0b1oaoGMb4pxx5EnEZ +0z18VH+VgfluZH5/ARRwwlB40naqGQq5XlRL+xCm0lcnkqp2/Ie86qwaO+vyYUf0 +L3BcshuWjbVI1aPS81j5lelxpZwBOUAm//tNyPV1KJDRhjV784MxcpH7lNgtrRVf +4woAZnEu9OnAZcoRHm7IsWnwu3lH7h7rU+WMy163dztKzEzZ6fTZYFemyZV5XQ4N +q1FwQkav+puSMKZWB6atORY6GormpMK7VZR1XhhLpQKCAQEA0sqThRbgGZr1IB2v +fhlCwtBLnOL6cUCH8QLonBN7mLM1q8/kM5CXY3MCkrwqdV+YwC2mvE+Q8jdOD9f5 +tqQ9wf78EJW640rLCAgHrpHFiOAllRAUzkKJj5U8i21LQlSxXcX5a24T22n1PF+1 +qmZ2/2QQoSkV9CgkVbezUrbG8skrNVNCeV3vlbWVSq9X8prx073GJRtO7ifXaQAr +F4bMAq9Ehvtcza6aFPXmOfwR2EXoK/OqJUZ0jlGyypzjamFG/y97CfohH+4q39/E +nZI+3ubiF+FfpOzUuhSxnNvBel7/IqLhDIknYgVbkKhAytl3CRtWgnBn9OxT1Cbw +hYuJQQKCAQBVXL0gsoAYdWQ3cr3Q5hphr8VeRxx3sB4mBZPCvtl1T4oGw1rIcyFv +qs2Pl+rQIO38itA7tHfIgg7ZX1mfvWlqW5nAoZkfZ1aiLYLCfaBgC4nfAhhYRqxi +HbMuzrhtny9SWTWvUyovnpQIKMyVfwxcNhv5Nvp664XhGe9QvbpEWHXrMZVp8Qbs +9F4CelRGgh3FtauOKsYcTUVFa+I64529a3C270qc+V2zKwISkAEaMPy0glh3515Q +oYqTM5oYP+SgOAR6VANb3lANbXIs8TDaKrSPol432piRjr6cExtU4VGjjuKxV36K +0xbUAHZqmSUT+dSoWwyVjWD3FdYrOxZ1AoIBADwwUIdheYJbVVlcRZclm1pDoVCB +bzh57GLKQ7KLj+gGp2AoizUKRELLKI844HZ70d2hghEcWei0sfzExRGq61yaNfHa +lf3SiS6eJ7ivRHWwtrUXTOfO5LcVGzVLp4TMXvl4uZMrHVSB7vGJsDpoRaCK8hKf +/f3d2lPRWcRQU9Gyc4hQE6daH0pVxrwqnWjmPvf9AIxs9vf6RVGR3y3dyccJeiph +vC2sZv29dDlfWHSBun0vZzd+Xk73Qn3hSMM083FZrJWhqdzaOA0NfpdYgVxfn5Q+ +B1BYbv02WurCQwdWsCiDiLrXEc4HQT/fY+cV41fBrE2Kb4g565qd93Rh80w= +-----END RSA PRIVATE KEY----- diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/ocsp_certs/resp-good.dat b/kong-versions/2.8.4.3/kong/spec/fixtures/ocsp_certs/resp-good.dat new file mode 100644 index 00000000..0004e5f8 Binary files /dev/null and b/kong-versions/2.8.4.3/kong/spec/fixtures/ocsp_certs/resp-good.dat differ diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/ocsp_certs/resp-revoked.dat b/kong-versions/2.8.4.3/kong/spec/fixtures/ocsp_certs/resp-revoked.dat new file mode 100644 index 00000000..9744f11d Binary files /dev/null and b/kong-versions/2.8.4.3/kong/spec/fixtures/ocsp_certs/resp-revoked.dat differ diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/perf/terraform/equinix-metal/.gitignore b/kong-versions/2.8.4.3/kong/spec/fixtures/perf/terraform/equinix-metal/.gitignore new file mode 100644 index 00000000..cbd4daf5 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/perf/terraform/equinix-metal/.gitignore @@ -0,0 +1,8 @@ +.terraform* +!.terraform-version +terraform.tfstate* +*.deb +output +id_rsa +license.json +cm-* diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/perf/terraform/equinix-metal/README.md b/kong-versions/2.8.4.3/kong/spec/fixtures/perf/terraform/equinix-metal/README.md new file mode 100644 index 00000000..33266d29 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/perf/terraform/equinix-metal/README.md @@ -0,0 +1,5 @@ +Perf test terraform driver expects: +- `id_rsa` as the private key present +- `kong-ip`, `kong-internal-ip`, `worker-ip` and `worker-internal-ip` +to present in terraform output. If instance has no private IP, +use `-ip` as `-internal-ip` is also accepted. diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/perf/terraform/equinix-metal/main.tf b/kong-versions/2.8.4.3/kong/spec/fixtures/perf/terraform/equinix-metal/main.tf new file mode 100644 index 00000000..5303ace6 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/perf/terraform/equinix-metal/main.tf @@ -0,0 +1,26 @@ +terraform { + required_version = ">= 0.14" + + required_providers { + local = { + version = "~> 1.2" + } + null = { + version = "~> 2.1" + } + metal = { + source = "equinix/metal" + version = "~> 3.2" + } + tls = { + version = "~> 2.0" + } + random = { + version = "3.1.0" + } + } +} + +provider "metal" { + auth_token = var.metal_auth_token +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/perf/terraform/equinix-metal/metal.tf b/kong-versions/2.8.4.3/kong/spec/fixtures/perf/terraform/equinix-metal/metal.tf new file mode 100644 index 00000000..42110a4f --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/perf/terraform/equinix-metal/metal.tf @@ -0,0 +1,48 @@ +resource "metal_ssh_key" "key" { + name = "key1" + public_key = tls_private_key.key.public_key_openssh +} + +resource "metal_device" "kong" { + hostname = "kong-test-${random_string.ident.result}" + plan = var.metal_plan + facilities = [var.metal_region] + operating_system = var.metal_os + billing_cycle = "hourly" + project_id = var.metal_project_id + depends_on = [ + metal_ssh_key.key, + null_resource.key_chown, + ] +} + +resource "metal_device" "worker" { + hostname = "worker-${random_string.ident.result}" + plan = var.metal_plan + facilities = [var.metal_region] + operating_system = var.metal_os + billing_cycle = "hourly" + project_id = var.metal_project_id + depends_on = [ + metal_ssh_key.key, + null_resource.key_chown, + ] + + provisioner "file" { + connection { + type = "ssh" + user = "root" + host = self.access_public_ipv4 + private_key = file(local_file.key_priv.filename) + } + + source = "scripts/wrk.lua" + destination = "/root/wrk.lua" + } +} + +resource "random_string" "ident" { + length = 4 + special = false +} + diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/perf/terraform/equinix-metal/output.tf b/kong-versions/2.8.4.3/kong/spec/fixtures/perf/terraform/equinix-metal/output.tf new file mode 100644 index 00000000..7b29dd8f --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/perf/terraform/equinix-metal/output.tf @@ -0,0 +1,16 @@ +output "kong-ip" { + value = metal_device.kong.access_public_ipv4 +} + +output "kong-internal-ip" { + value = metal_device.kong.access_private_ipv4 +} + +output "worker-ip" { + value = metal_device.worker.access_public_ipv4 +} + +output "worker-internal-ip" { + value = metal_device.worker.access_private_ipv4 +} + diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/perf/terraform/equinix-metal/scripts/wrk.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/perf/terraform/equinix-metal/scripts/wrk.lua new file mode 100644 index 00000000..d8cd38b6 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/perf/terraform/equinix-metal/scripts/wrk.lua @@ -0,0 +1,54 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +-- luacheck: ignore +--This script is executed in conjuction with the wrk benchmarking tool via demo.sh +math.randomseed(os.time()) -- Generate PRNG seed +local rand = math.random -- Cache random method + +-- Get env vars for consumer and api count or assign defaults +local consumer_count = os.getenv("KONG_DEMO_CONSUMER_COUNT") or 5 +local service_count = os.getenv("KONG_DEMO_SERVICE_COUNT") or 5 +local workspace_count = os.getenv("KONG_DEMO_WORKSPACE_COUNT") or 1 +local route_per_service = os.getenv("KONG_DEMO_ROUTE_PER_SERVICE") or 5 + +function request() + -- generate random URLs, some of which may yield non-200 response codes + local random_consumer = rand(consumer_count) + local random_service = rand(service_count) + local random_route = rand(route_per_service) + -- Concat the url parts + if workspace_count == 1 then + url_path = string.format("/s%s-r%s?apikey=consumer-%s", random_service, random_route, random_consumer) + else + random_workspace = rand(workspace_count) + url_path = string.format("/w%s-s%s-r%s?apikey=consumer-%s", random_workspace, random_service, random_route, random_consumer) + end + -- Return the request object with the current URL path + return wrk.format(nil, url_path, headers) +end + +--[[function done(summary, latency, requests) + local file = io.open("output.csv", "a") + file:write(string.format( + "%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d\n", + os.time(), + latency.min, + latency.max, + latency.mean, + latency:percentile(50), + latency:percentile(90), + latency:percentile(99), + summary.duration, + summary.requests, + summary.errors.connect, + summary.errors.read, + summary.errors.write, + summary.errors.status, + summary.errors.timeout + )) +end]] diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/perf/terraform/equinix-metal/ssh.tf b/kong-versions/2.8.4.3/kong/spec/fixtures/perf/terraform/equinix-metal/ssh.tf new file mode 100644 index 00000000..0dba6c03 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/perf/terraform/equinix-metal/ssh.tf @@ -0,0 +1,13 @@ +resource "local_file" "key_priv" { + content = tls_private_key.key.private_key_pem + filename = "./id_rsa" +} + +resource "null_resource" "key_chown" { + provisioner "local-exec" { + command = "chmod 400 ./id_rsa" + } + + depends_on = [local_file.key_priv] +} + diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/perf/terraform/equinix-metal/tls.tf b/kong-versions/2.8.4.3/kong/spec/fixtures/perf/terraform/equinix-metal/tls.tf new file mode 100644 index 00000000..1ee3f01a --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/perf/terraform/equinix-metal/tls.tf @@ -0,0 +1,4 @@ +resource "tls_private_key" "key" { + algorithm = "RSA" +} + diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/perf/terraform/equinix-metal/variables.tf b/kong-versions/2.8.4.3/kong/spec/fixtures/perf/terraform/equinix-metal/variables.tf new file mode 100644 index 00000000..196cc460 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/perf/terraform/equinix-metal/variables.tf @@ -0,0 +1,28 @@ +variable "metal_auth_token" { + type = string + description = "The pre-existing Metal auth token" +} + +variable "metal_project_id" { + type = string + description = "The pre-existing Metal project ID under which to create the devices" +} + +variable "metal_plan" { + type = string + description = "The Metal device plan on which to create the kong and worker devices" + default = "baremetal_1" +} + +variable "metal_region" { + type = string + description = "The Metal region in which to create the devices" + default = "sjc1" +} + +variable "metal_os" { + type = string + description = "The OS to install on the Metal devices" + default = "ubuntu_20_04" +} + diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/prometheus/metrics.conf b/kong-versions/2.8.4.3/kong/spec/fixtures/prometheus/metrics.conf new file mode 100644 index 00000000..ea86d9a7 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/prometheus/metrics.conf @@ -0,0 +1,18 @@ +server { + server_name kong_prometheus_exporter; + listen 0.0.0.0:9542; + + location / { + default_type text/plain; + content_by_lua_block { + local serve = require "kong.plugins.prometheus.serve" + serve.prometheus_server() + } + } + + location /nginx_status { + internal; + access_log off; + stub_status; + } +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/redis_cluster/redis-cluster-compose.yaml b/kong-versions/2.8.4.3/kong/spec/fixtures/redis_cluster/redis-cluster-compose.yaml new file mode 100644 index 00000000..f16334e1 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/redis_cluster/redis-cluster-compose.yaml @@ -0,0 +1,64 @@ +version: '3.5' +name: redis-cluster +services: + rc-node-1: + image: redis:7.0.2 + volumes: + - rc-node-1-data:/data + ports: + - "6381:6381" + command: redis-server --port 6381 --cluster-enabled yes --cluster-port 16381 --cluster-config-file rc-node-1.conf --cluster-node-timeout 5000 --appendonly yes --cluster-announce-port 6381 --cluster-announce-bus-port 16381 --daemonize no --loglevel debug + rc-node-2: + image: redis:7.0.2 + volumes: + - rc-node-2-data:/data + ports: + - "6382:6382" + command: redis-server --port 6382 --cluster-enabled yes --cluster-port 16382 --cluster-config-file rc-node-2.conf --cluster-node-timeout 5000 --appendonly yes --cluster-announce-port 6382 --cluster-announce-bus-port 16382 --daemonize no --loglevel debug + rc-node-3: + image: redis:7.0.2 + volumes: + - rc-node-3-data:/data + ports: + - "6383:6383" + command: redis-server --port 6383 --cluster-enabled yes --cluster-port 16383 --cluster-config-file rc-node-3.conf --cluster-node-timeout 5000 --appendonly yes --cluster-announce-port 6383 --cluster-announce-bus-port 16383 --daemonize no --loglevel debug + rc-node-4: + image: redis:7.0.2 + volumes: + - rc-node-4-data:/data + ports: + - "6384:6384" + command: redis-server --port 6384 --cluster-enabled yes --cluster-port 16384 --cluster-config-file rc-node-4.conf --cluster-node-timeout 5000 --appendonly yes --cluster-announce-port 6384 --cluster-announce-bus-port 16384 --daemonize no --loglevel debug + rc-node-5: + image: redis:7.0.2 + volumes: + - rc-node-5-data:/data + ports: + - "6385:6385" + command: redis-server --port 6385 --cluster-enabled yes --cluster-port 16385 --cluster-config-file rc-node-5.conf --cluster-node-timeout 5000 --appendonly yes --cluster-announce-port 6385 --cluster-announce-bus-port 16385 --daemonize no --loglevel debug + rc-node-6: + image: redis:7.0.2 + volumes: + - rc-node-6-data:/data + ports: + - "6386:6386" + command: redis-server --port 6386 --cluster-enabled yes --cluster-port 16386 --cluster-config-file rc-node-6.conf --cluster-node-timeout 5000 --appendonly yes --cluster-announce-port 6386 --cluster-announce-bus-port 16386 --daemonize no --loglevel debug + create-cluster: + image: redis:7.0.2 + command: redis-cli --cluster create rc-node-1:6381 rc-node-2:6382 rc-node-3:6383 rc-node-4:6384 rc-node-5:6385 rc-node-6:6386 --cluster-replicas 1 --cluster-yes + depends_on: + - rc-node-1 + - rc-node-2 + - rc-node-3 + - rc-node-4 + - rc-node-5 + - rc-node-6 + +volumes: + rc-node-1-data: + rc-node-2-data: + rc-node-3-data: + rc-node-4-data: + rc-node-5-data: + rc-node-6-data: + diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/reload.conf b/kong-versions/2.8.4.3/kong/spec/fixtures/reload.conf new file mode 100644 index 00000000..4f48721e --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/reload.conf @@ -0,0 +1,3 @@ +prefix = servroot +nginx_main_worker_processes = 1 +proxy_listen = 0.0.0.0:9000 diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/router_path_handling_tests.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/router_path_handling_tests.lua new file mode 100644 index 00000000..f2548db5 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/router_path_handling_tests.lua @@ -0,0 +1,212 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local utils = require "kong.tools.utils" + +-- The following tests are used by unit and integration tests +-- to test the router path handling. Putting them here avoids +-- copy-pasting them in several places. +-- +-- The tests can obtain this table by requiring +-- "spec.fixtures.router_path_handling_tests" +-- +-- The rows are sorted by service_path, route_path, strip_path, path_handling and request_path. +-- +-- Notes: +-- * The tests are parsed into a hash form at the end +-- of this file before they are returned. +-- * Before a test can be executed, it needs to be "expanded". +-- For example, a test with {"v0", "v1"} must be converted +-- into two tests, one with "v0" and one with "v1". Each line +-- can be expanded using the `line:expand()` method. + +local tests = { + -- service_path route_path strip_path path_handling request_path expected_path + { "/", "/", {false, true}, {"v0", "v1"}, "/", "/", }, + { "/", "/", {false, true}, {"v0", "v1"}, "/route", "/route", }, + { "/", "/", {false, true}, {"v0", "v1"}, "/route/", "/route/", }, + { "/", "/", {false, true}, {"v0", "v1"}, "/routereq", "/routereq", }, + { "/", "/", {false, true}, {"v0", "v1"}, "/route/req", "/route/req", }, -- 5 + -- service_path route_path strip_path path_handling request_path expected_path + { "/", "/route", false, {"v0", "v1"}, "/route", "/route", }, + { "/", "/route", false, {"v0", "v1"}, "/route/", "/route/", }, + { "/", "/route", false, {"v0", "v1"}, "/routereq", "/routereq", }, + { "/", "/route", true, {"v0", "v1"}, "/route", "/", }, + { "/", "/route", true, {"v0", "v1"}, "/route/", "/", }, + { "/", "/route", true, {"v0", "v1"}, "/routereq", "/req", }, -- 11 + -- service_path route_path strip_path path_handling request_path expected_path + { "/", "/route/", false, {"v0", "v1"}, "/route/", "/route/", }, + { "/", "/route/", false, {"v0", "v1"}, "/route/req", "/route/req", }, + { "/", "/route/", true, {"v0", "v1"}, "/route/", "/", }, + { "/", "/route/", true, {"v0", "v1"}, "/route/req", "/req", }, -- 15 + -- service_path route_path strip_path path_handling request_path expected_path + { "/srv", "/rou", false, "v0", "/roureq", "/srv/roureq", }, + { "/srv", "/rou", false, "v1", "/roureq", "/srvroureq", }, + { "/srv", "/rou", true, "v0", "/roureq", "/srv/req", }, + { "/srv", "/rou", true, "v1", "/roureq", "/srvreq", }, -- 19 + -- service_path route_path strip_path path_handling request_path expected_path + { "/srv/", "/rou", false, {"v0", "v1"}, "/rou", "/srv/rou", }, + { "/srv/", "/rou", true, "v0", "/rou", "/srv", }, + { "/srv/", "/rou", true, "v1", "/rou", "/srv/", }, -- 22 + -- service_path route_path strip_path path_handling request_path expected_path + { "/service", "/", {false, true}, {"v0", "v1"}, "/", "/service", }, + { "/service", "/", {false, true}, "v0", "/route", "/service/route", }, + { "/service", "/", {false, true}, "v1", "/route", "/serviceroute", }, + { "/service", "/", {false, true}, "v0", "/route/", "/service/route/", }, + { "/service", "/", {false, true}, "v1", "/route/", "/serviceroute/", }, -- 27 + -- service_path route_path strip_path path_handling request_path expected_path + { "/service", "/", {false, true}, "v0", "/routereq", "/service/routereq", }, + { "/service", "/", {false, true}, "v1", "/routereq", "/serviceroutereq", }, + { "/service", "/", {false, true}, "v0", "/route/req", "/service/route/req", }, + { "/service", "/", {false, true}, "v1", "/route/req", "/serviceroute/req", }, -- 31 + -- service_path route_path strip_path path_handling request_path expected_path + { "/service", "/route", false, "v0", "/route", "/service/route", }, + { "/service", "/route", false, "v1", "/route", "/serviceroute", }, + { "/service", "/route", false, "v0", "/route/", "/service/route/", }, + { "/service", "/route", false, "v1", "/route/", "/serviceroute/", }, + { "/service", "/route", false, "v0", "/routereq", "/service/routereq", }, + { "/service", "/route", false, "v1", "/routereq", "/serviceroutereq", }, + { "/service", "/route", true, {"v0", "v1"}, "/route", "/service", }, + { "/service", "/route", true, {"v0", "v1"}, "/route/", "/service/", }, + { "/service", "/route", true, "v0", "/routereq", "/service/req", }, + { "/service", "/route", true, "v1", "/routereq", "/servicereq", }, -- 41 + -- service_path route_path strip_path path_handling request_path expected_path + { "/service", "/route/", false, "v0", "/route/", "/service/route/", }, + { "/service", "/route/", false, "v1", "/route/", "/serviceroute/", }, + { "/service", "/route/", false, "v0", "/route/req", "/service/route/req", }, + { "/service", "/route/", false, "v1", "/route/req", "/serviceroute/req", }, + { "/service", "/route/", true, "v0", "/route/", "/service/", }, + { "/service", "/route/", true, "v1", "/route/", "/service", }, + { "/service", "/route/", true, "v0", "/route/req", "/service/req", }, + { "/service", "/route/", true, "v1", "/route/req", "/servicereq", }, -- 49 + -- service_path route_path strip_path path_handling request_path expected_path + { "/service/", "/", {false, true}, "v0", "/route/", "/service/route/", }, + { "/service/", "/", {false, true}, "v1", "/route/", "/service/route/", }, + { "/service/", "/", {false, true}, {"v0", "v1"}, "/", "/service/", }, + { "/service/", "/", {false, true}, {"v0", "v1"}, "/route", "/service/route", }, + { "/service/", "/", {false, true}, {"v0", "v1"}, "/routereq", "/service/routereq", }, + { "/service/", "/", {false, true}, {"v0", "v1"}, "/route/req", "/service/route/req", }, -- 55 + -- service_path route_path strip_path path_handling request_path expected_path + { "/service/", "/route", false, {"v0", "v1"}, "/route", "/service/route", }, + { "/service/", "/route", false, {"v0", "v1"}, "/route/", "/service/route/", }, + { "/service/", "/route", false, {"v0", "v1"}, "/routereq", "/service/routereq", }, + { "/service/", "/route", true, "v0", "/route", "/service", }, + { "/service/", "/route", true, "v1", "/route", "/service/", }, + { "/service/", "/route", true, {"v0", "v1"}, "/route/", "/service/", }, + { "/service/", "/route", true, {"v0", "v1"}, "/routereq", "/service/req", }, -- 62 + -- service_path route_path strip_path path_handling request_path expected_path + { "/service/", "/route/", false, {"v0", "v1"}, "/route/", "/service/route/", }, + { "/service/", "/route/", false, {"v0", "v1"}, "/route/req", "/service/route/req", }, + { "/service/", "/route/", true, {"v0", "v1"}, "/route/", "/service/", }, + { "/service/", "/route/", true, {"v0", "v1"}, "/route/req", "/service/req", }, -- 66 + -- service_path route_path strip_path path_handling request_path expected_path + -- The following cases match on host (not paths) + { "/", nil, {false, true}, {"v0", "v1"}, "/", "/", }, + { "/", nil, {false, true}, {"v0", "v1"}, "/route", "/route", }, + { "/", nil, {false, true}, {"v0", "v1"}, "/route/", "/route/", }, -- 69 + -- service_path route_path strip_path path_handling request_path expected_path + { "/service", nil, {false, true}, {"v0", "v1"}, "/", "/service", }, + { "/service", nil, {false, true}, "v0", "/route", "/service/route", }, + { "/service", nil, {false, true}, "v1", "/route", "/serviceroute", }, + { "/service", nil, {false, true}, "v0", "/route/", "/service/route/", }, + { "/service", nil, {false, true}, "v1", "/route/", "/serviceroute/", }, -- 74 + -- service_path route_path strip_path path_handling request_path expected_path + { "/service/", nil, {false, true}, {"v0", "v1"}, "/", "/service/", }, + { "/service/", nil, {false, true}, {"v0", "v1"}, "/route", "/service/route", }, + { "/service/", nil, {false, true}, {"v0", "v1"}, "/route/", "/service/route/", }, -- 77 + -- service_path route_path strip_path path_handling request_path expected_path + { "/service", "/route", true, "v0", "/route./req", "/service/req", }, + { "/service", "/route", true, "v1", "/route./req", "/servicereq", }, + { "/service/", "/route", true, {"v0", "v1"}, "/route./req", "/service/req", }, -- 80 + -- service_path route_path strip_path path_handling request_path expected_path + { "/service", "/route", true, "v0", "/route%2E/req", "/service/req", }, + { "/service", "/route", true, "v1", "/route%2E/req", "/servicereq", }, + { "/service/", "/route", true, {"v0", "v1"}, "/route%2E/req", "/service/req", }, + { "/service", "/route", true, "v0", "/route%2e/req", "/service/req", }, + { "/service", "/route", true, "v1", "/route%2e/req", "/servicereq", }, + { "/service/", "/route", true, {"v0", "v1"}, "/route%2e/req", "/service/req", }, -- 86 + -- service_path route_path strip_path path_handling request_path expected_path + { "/service", "/route", true, "v0", "/route../req", "/service/req", }, + { "/service", "/route", true, "v1", "/route../req", "/servicereq", }, + { "/service/", "/route", true, {"v0", "v1"}, "/route../req", "/service/req", }, -- 89 + -- service_path route_path strip_path path_handling request_path expected_path + { "/service", "/route", true, "v0", "/route%2E%2E/req", "/service/req", }, + { "/service", "/route", true, "v1", "/route%2E%2E/req", "/servicereq", }, + { "/service/", "/route", true, {"v0", "v1"}, "/route%2E%2E/req", "/service/req", }, + { "/service", "/route", true, "v0", "/route%2e%2E/req", "/service/req", }, + { "/service", "/route", true, "v1", "/route%2e%2E/req", "/servicereq", }, + { "/service/", "/route", true, {"v0", "v1"}, "/route%2e%2E/req", "/service/req", }, -- 95 + -- service_path route_path strip_path path_handling request_path expected_path + { "/service", "/route", false, "v0", "/route./req", "/service/route./req", }, + { "/service", "/route", false, "v1", "/route./req", "/serviceroute./req", }, + { "/service/", "/route", false, {"v0", "v1"}, "/route./req", "/service/route./req", }, -- 98 + -- service_path route_path strip_path path_handling request_path expected_path + { "/service", "/route", false, "v0", "/route%2E/req", "/service/route./req", }, + { "/service", "/route", false, "v1", "/route%2E/req", "/serviceroute./req", }, + { "/service/", "/route", false, {"v0", "v1"}, "/route%2E/req", "/service/route./req", }, + { "/service", "/route", false, "v0", "/route%2e/req", "/service/route./req", }, + { "/service", "/route", false, "v1", "/route%2e/req", "/serviceroute./req", }, + { "/service/", "/route", false, {"v0", "v1"}, "/route%2e/req", "/service/route./req", }, -- 104 + -- service_path route_path strip_path path_handling request_path expected_path + { "/service", "/route", false, "v0", "/route../req", "/service/route../req", }, + { "/service", "/route", false, "v1", "/route../req", "/serviceroute../req", }, + { "/service/", "/route", false, {"v0", "v1"}, "/route../req", "/service/route../req", }, -- 107 + -- service_path route_path strip_path path_handling request_path expected_path + { "/service", "/route", false, "v0", "/route%2E%2E/req", "/service/route../req", }, + { "/service", "/route", false, "v1", "/route%2E%2E/req", "/serviceroute../req", }, + { "/service/", "/route", false, {"v0", "v1"}, "/route%2E%2E/req", "/service/route../req", }, + { "/service", "/route", false, "v0", "/route%2e%2E/req", "/service/route../req", }, + { "/service", "/route", false, "v1", "/route%2e%2E/req", "/serviceroute../req", }, + { "/service/", "/route", false, {"v0", "v1"}, "/route%2e%2E/req", "/service/route../req", }, -- 113 +} + + +local function expand(root_test) + local expanded_tests = { root_test } + + for _, field_name in ipairs({ "strip_path", "path_handling" }) do + local new_tests = {} + for _, test in ipairs(expanded_tests) do + if type(test[field_name]) == "table" then + for _, field_value in ipairs(test[field_name]) do + local et = utils.deep_copy(test) + et[field_name] = field_value + new_tests[#new_tests + 1] = et + end + + else + new_tests[#new_tests + 1] = test + end + end + expanded_tests = new_tests + end + + return expanded_tests +end + + +local tests_mt = { + __index = { + expand = expand + } +} + + +local parsed_tests = {} +for i = 1, #tests do + local test = tests[i] + parsed_tests[i] = setmetatable({ + service_path = test[1], + route_path = test[2], + strip_path = test[3], + path_handling = test[4], + request_path = test[5], + expected_path = test[6], + }, tests_mt) +end + +return parsed_tests diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/sam-app/.gitignore b/kong-versions/2.8.4.3/kong/spec/fixtures/sam-app/.gitignore new file mode 100644 index 00000000..4808264d --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/sam-app/.gitignore @@ -0,0 +1,244 @@ + +# Created by https://www.gitignore.io/api/osx,linux,python,windows,pycharm,visualstudiocode + +### Linux ### +*~ + +# temporary files which can be created if a process still has a handle open of a deleted file +.fuse_hidden* + +# KDE directory preferences +.directory + +# Linux trash folder which might appear on any partition or disk +.Trash-* + +# .nfs files are created when an open file is removed but is still being accessed +.nfs* + +### OSX ### +*.DS_Store +.AppleDouble +.LSOverride + +# Icon must end with two \r +Icon + +# Thumbnails +._* + +# Files that might appear in the root of a volume +.DocumentRevisions-V100 +.fseventsd +.Spotlight-V100 +.TemporaryItems +.Trashes +.VolumeIcon.icns +.com.apple.timemachine.donotpresent + +# Directories potentially created on remote AFP share +.AppleDB +.AppleDesktop +Network Trash Folder +Temporary Items +.apdisk + +### PyCharm ### +# Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio and Webstorm +# Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839 + +# User-specific stuff: +.idea/**/workspace.xml +.idea/**/tasks.xml +.idea/dictionaries + +# Sensitive or high-churn files: +.idea/**/dataSources/ +.idea/**/dataSources.ids +.idea/**/dataSources.xml +.idea/**/dataSources.local.xml +.idea/**/sqlDataSources.xml +.idea/**/dynamic.xml +.idea/**/uiDesigner.xml + +# Gradle: +.idea/**/gradle.xml +.idea/**/libraries + +# CMake +cmake-build-debug/ + +# Mongo Explorer plugin: +.idea/**/mongoSettings.xml + +## File-based project format: +*.iws + +## Plugin-specific files: + +# IntelliJ +/out/ + +# mpeltonen/sbt-idea plugin +.idea_modules/ + +# JIRA plugin +atlassian-ide-plugin.xml + +# Cursive Clojure plugin +.idea/replstate.xml + +# Ruby plugin and RubyMine +/.rakeTasks + +# Crashlytics plugin (for Android Studio and IntelliJ) +com_crashlytics_export_strings.xml +crashlytics.properties +crashlytics-build.properties +fabric.properties + +### PyCharm Patch ### +# Comment Reason: https://github.com/joeblau/gitignore.io/issues/186#issuecomment-215987721 + +# *.iml +# modules.xml +# .idea/misc.xml +# *.ipr + +# Sonarlint plugin +.idea/sonarlint + +### Python ### +# Byte-compiled / optimized / DLL files +__pycache__/ +*.py[cod] +*$py.class + +# C extensions +*.so + +# Distribution / packaging +.Python +build/ +develop-eggs/ +dist/ +downloads/ +eggs/ +.eggs/ +lib/ +lib64/ +parts/ +sdist/ +var/ +wheels/ +*.egg-info/ +.installed.cfg +*.egg + +# PyInstaller +# Usually these files are written by a python script from a template +# before PyInstaller builds the exe, so as to inject date/other infos into it. +*.manifest +*.spec + +# Installer logs +pip-log.txt +pip-delete-this-directory.txt + +# Unit test / coverage reports +htmlcov/ +.tox/ +.coverage +.coverage.* +.cache +.pytest_cache/ +nosetests.xml +coverage.xml +*.cover +.hypothesis/ + +# Translations +*.mo +*.pot + +# Flask stuff: +instance/ +.webassets-cache + +# Scrapy stuff: +.scrapy + +# Sphinx documentation +docs/_build/ + +# PyBuilder +target/ + +# Jupyter Notebook +.ipynb_checkpoints + +# pyenv +.python-version + +# celery beat schedule file +celerybeat-schedule.* + +# SageMath parsed files +*.sage.py + +# Environments +.env +.venv +env/ +venv/ +ENV/ +env.bak/ +venv.bak/ + +# Spyder project settings +.spyderproject +.spyproject + +# Rope project settings +.ropeproject + +# mkdocs documentation +/site + +# mypy +.mypy_cache/ + +### VisualStudioCode ### +.vscode/* +!.vscode/settings.json +!.vscode/tasks.json +!.vscode/launch.json +!.vscode/extensions.json +.history + +### Windows ### +# Windows thumbnail cache files +Thumbs.db +ehthumbs.db +ehthumbs_vista.db + +# Folder config file +Desktop.ini + +# Recycle Bin used on file shares +$RECYCLE.BIN/ + +# Windows Installer files +*.cab +*.msi +*.msm +*.msp + +# Windows shortcuts +*.lnk + +# Build folder + +*/build/* + +# End of https://www.gitignore.io/api/osx,linux,python,windows,pycharm,visualstudiocode \ No newline at end of file diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/sam-app/README.md b/kong-versions/2.8.4.3/kong/spec/fixtures/sam-app/README.md new file mode 100644 index 00000000..03499479 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/sam-app/README.md @@ -0,0 +1,130 @@ +# sam-app + +This project contains source code and supporting files for a serverless application that you can deploy with the SAM CLI. It includes the following files and folders. + +- hello_world - Code for the application's Lambda function. +- events - Invocation events that you can use to invoke the function. +- tests - Unit tests for the application code. +- template.yaml - A template that defines the application's AWS resources. + +The application uses several AWS resources, including Lambda functions and an API Gateway API. These resources are defined in the `template.yaml` file in this project. You can update the template to add AWS resources through the same deployment process that updates your application code. + +If you prefer to use an integrated development environment (IDE) to build and test your application, you can use the AWS Toolkit. +The AWS Toolkit is an open source plug-in for popular IDEs that uses the SAM CLI to build and deploy serverless applications on AWS. The AWS Toolkit also adds a simplified step-through debugging experience for Lambda function code. See the following links to get started. + +* [CLion](https://docs.aws.amazon.com/toolkit-for-jetbrains/latest/userguide/welcome.html) +* [GoLand](https://docs.aws.amazon.com/toolkit-for-jetbrains/latest/userguide/welcome.html) +* [IntelliJ](https://docs.aws.amazon.com/toolkit-for-jetbrains/latest/userguide/welcome.html) +* [WebStorm](https://docs.aws.amazon.com/toolkit-for-jetbrains/latest/userguide/welcome.html) +* [Rider](https://docs.aws.amazon.com/toolkit-for-jetbrains/latest/userguide/welcome.html) +* [PhpStorm](https://docs.aws.amazon.com/toolkit-for-jetbrains/latest/userguide/welcome.html) +* [PyCharm](https://docs.aws.amazon.com/toolkit-for-jetbrains/latest/userguide/welcome.html) +* [RubyMine](https://docs.aws.amazon.com/toolkit-for-jetbrains/latest/userguide/welcome.html) +* [DataGrip](https://docs.aws.amazon.com/toolkit-for-jetbrains/latest/userguide/welcome.html) +* [VS Code](https://docs.aws.amazon.com/toolkit-for-vscode/latest/userguide/welcome.html) +* [Visual Studio](https://docs.aws.amazon.com/toolkit-for-visual-studio/latest/user-guide/welcome.html) + +## Deploy the sample application + +The Serverless Application Model Command Line Interface (SAM CLI) is an extension of the AWS CLI that adds functionality for building and testing Lambda applications. It uses Docker to run your functions in an Amazon Linux environment that matches Lambda. It can also emulate your application's build environment and API. + +To use the SAM CLI, you need the following tools. + +* SAM CLI - [Install the SAM CLI](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/serverless-sam-cli-install.html) +* [Python 3 installed](https://www.python.org/downloads/) +* Docker - [Install Docker community edition](https://hub.docker.com/search/?type=edition&offering=community) + +To build and deploy your application for the first time, run the following in your shell: + +```bash +sam build --use-container +sam deploy --guided +``` + +The first command will build the source of your application. The second command will package and deploy your application to AWS, with a series of prompts: + +* **Stack Name**: The name of the stack to deploy to CloudFormation. This should be unique to your account and region, and a good starting point would be something matching your project name. +* **AWS Region**: The AWS region you want to deploy your app to. +* **Confirm changes before deploy**: If set to yes, any change sets will be shown to you before execution for manual review. If set to no, the AWS SAM CLI will automatically deploy application changes. +* **Allow SAM CLI IAM role creation**: Many AWS SAM templates, including this example, create AWS IAM roles required for the AWS Lambda function(s) included to access AWS services. By default, these are scoped down to minimum required permissions. To deploy an AWS CloudFormation stack which creates or modifies IAM roles, the `CAPABILITY_IAM` value for `capabilities` must be provided. If permission isn't provided through this prompt, to deploy this example you must explicitly pass `--capabilities CAPABILITY_IAM` to the `sam deploy` command. +* **Save arguments to samconfig.toml**: If set to yes, your choices will be saved to a configuration file inside the project, so that in the future you can just re-run `sam deploy` without parameters to deploy changes to your application. + +You can find your API Gateway Endpoint URL in the output values displayed after deployment. + +## Use the SAM CLI to build and test locally + +Build your application with the `sam build --use-container` command. + +```bash +sam-app$ sam build --use-container +``` + +The SAM CLI installs dependencies defined in `hello_world/requirements.txt`, creates a deployment package, and saves it in the `.aws-sam/build` folder. + +Test a single function by invoking it directly with a test event. An event is a JSON document that represents the input that the function receives from the event source. Test events are included in the `events` folder in this project. + +Run functions locally and invoke them with the `sam local invoke` command. + +```bash +sam-app$ sam local invoke HelloWorldFunction --event events/event.json +``` + +The SAM CLI can also emulate your application's API. Use the `sam local start-api` to run the API locally on port 3000. + +```bash +sam-app$ sam local start-api +sam-app$ curl http://localhost:3000/ +``` + +The SAM CLI reads the application template to determine the API's routes and the functions that they invoke. The `Events` property on each function's definition includes the route and method for each path. + +```yaml + Events: + HelloWorld: + Type: Api + Properties: + Path: /hello + Method: get +``` + +## Add a resource to your application +The application template uses AWS Serverless Application Model (AWS SAM) to define application resources. AWS SAM is an extension of AWS CloudFormation with a simpler syntax for configuring common serverless application resources such as functions, triggers, and APIs. For resources not included in [the SAM specification](https://github.com/awslabs/serverless-application-model/blob/master/versions/2016-10-31.md), you can use standard [AWS CloudFormation](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html) resource types. + +## Fetch, tail, and filter Lambda function logs + +To simplify troubleshooting, SAM CLI has a command called `sam logs`. `sam logs` lets you fetch logs generated by your deployed Lambda function from the command line. In addition to printing the logs on the terminal, this command has several nifty features to help you quickly find the bug. + +`NOTE`: This command works for all AWS Lambda functions; not just the ones you deploy using SAM. + +```bash +sam-app$ sam logs -n HelloWorldFunction --stack-name sam-app --tail +``` + +You can find more information and examples about filtering Lambda function logs in the [SAM CLI Documentation](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/serverless-sam-cli-logging.html). + +## Tests + +Tests are defined in the `tests` folder in this project. Use PIP to install the test dependencies and run tests. + +```bash +sam-app$ pip install -r tests/requirements.txt --user +# unit test +sam-app$ python -m pytest tests/unit -v +# integration test, requiring deploying the stack first. +# Create the env variable AWS_SAM_STACK_NAME with the name of the stack we are testing +sam-app$ AWS_SAM_STACK_NAME= python -m pytest tests/integration -v +``` + +## Cleanup + +To delete the sample application that you created, use the AWS CLI. Assuming you used your project name for the stack name, you can run the following: + +```bash +aws cloudformation delete-stack --stack-name sam-app +``` + +## Resources + +See the [AWS SAM developer guide](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/what-is-sam.html) for an introduction to SAM specification, the SAM CLI, and serverless application concepts. + +Next, you can use AWS Serverless Application Repository to deploy ready to use Apps that go beyond hello world samples and learn how authors developed their applications: [AWS Serverless Application Repository main page](https://aws.amazon.com/serverless/serverlessrepo/) diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/sam-app/__init__.py b/kong-versions/2.8.4.3/kong/spec/fixtures/sam-app/__init__.py new file mode 100644 index 00000000..e69de29b diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/sam-app/events/event.json b/kong-versions/2.8.4.3/kong/spec/fixtures/sam-app/events/event.json new file mode 100644 index 00000000..a6197dea --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/sam-app/events/event.json @@ -0,0 +1,62 @@ +{ + "body": "{\"message\": \"hello world\"}", + "resource": "/hello", + "path": "/hello", + "httpMethod": "GET", + "isBase64Encoded": false, + "queryStringParameters": { + "foo": "bar" + }, + "pathParameters": { + "proxy": "/path/to/resource" + }, + "stageVariables": { + "baz": "qux" + }, + "headers": { + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8", + "Accept-Encoding": "gzip, deflate, sdch", + "Accept-Language": "en-US,en;q=0.8", + "Cache-Control": "max-age=0", + "CloudFront-Forwarded-Proto": "https", + "CloudFront-Is-Desktop-Viewer": "true", + "CloudFront-Is-Mobile-Viewer": "false", + "CloudFront-Is-SmartTV-Viewer": "false", + "CloudFront-Is-Tablet-Viewer": "false", + "CloudFront-Viewer-Country": "US", + "Host": "1234567890.execute-api.us-east-1.amazonaws.com", + "Upgrade-Insecure-Requests": "1", + "User-Agent": "Custom User Agent String", + "Via": "1.1 08f323deadbeefa7af34d5feb414ce27.cloudfront.net (CloudFront)", + "X-Amz-Cf-Id": "cDehVQoZnx43VYQb9j2-nvCh-9z396Uhbp027Y2JvkCPNLmGJHqlaA==", + "X-Forwarded-For": "127.0.0.1, 127.0.0.2", + "X-Forwarded-Port": "443", + "X-Forwarded-Proto": "https" + }, + "requestContext": { + "accountId": "123456789012", + "resourceId": "123456", + "stage": "prod", + "requestId": "c6af9ac6-7b61-11e6-9a41-93e8deadbeef", + "requestTime": "09/Apr/2015:12:34:56 +0000", + "requestTimeEpoch": 1428582896000, + "identity": { + "cognitoIdentityPoolId": null, + "accountId": null, + "cognitoIdentityId": null, + "caller": null, + "accessKey": null, + "sourceIp": "127.0.0.1", + "cognitoAuthenticationType": null, + "cognitoAuthenticationProvider": null, + "userArn": null, + "userAgent": "Custom User Agent String", + "user": null + }, + "path": "/prod/hello", + "resourcePath": "/hello", + "httpMethod": "POST", + "apiId": "1234567890", + "protocol": "HTTP/1.1" + } +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/sam-app/hello_world/__init__.py b/kong-versions/2.8.4.3/kong/spec/fixtures/sam-app/hello_world/__init__.py new file mode 100644 index 00000000..e69de29b diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/sam-app/hello_world/app.py b/kong-versions/2.8.4.3/kong/spec/fixtures/sam-app/hello_world/app.py new file mode 100644 index 00000000..f416e2d9 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/sam-app/hello_world/app.py @@ -0,0 +1,42 @@ +import json + +# import requests + + +def lambda_handler(event, context): + """Sample pure Lambda function + + Parameters + ---------- + event: dict, required + API Gateway Lambda Proxy Input Format + + Event doc: https://docs.aws.amazon.com/apigateway/latest/developerguide/set-up-lambda-proxy-integrations.html#api-gateway-simple-proxy-for-lambda-input-format + + context: object, required + Lambda Context runtime methods and attributes + + Context doc: https://docs.aws.amazon.com/lambda/latest/dg/python-context-object.html + + Returns + ------ + API Gateway Lambda Proxy Output Format: dict + + Return doc: https://docs.aws.amazon.com/apigateway/latest/developerguide/set-up-lambda-proxy-integrations.html + """ + + # try: + # ip = requests.get("http://checkip.amazonaws.com/") + # except requests.RequestException as e: + # # Send some context about this error to Lambda Logs + # print(e) + + # raise e + + return { + "statusCode": 201, + "body": json.dumps({ + "message": "hello world", + # "location": ip.text.replace("\n", "") + }), + } diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/sam-app/hello_world/requirements.txt b/kong-versions/2.8.4.3/kong/spec/fixtures/sam-app/hello_world/requirements.txt new file mode 100644 index 00000000..663bd1f6 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/sam-app/hello_world/requirements.txt @@ -0,0 +1 @@ +requests \ No newline at end of file diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/sam-app/template.yaml b/kong-versions/2.8.4.3/kong/spec/fixtures/sam-app/template.yaml new file mode 100644 index 00000000..5c2605ec --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/sam-app/template.yaml @@ -0,0 +1,41 @@ +AWSTemplateFormatVersion: '2010-09-09' +Transform: AWS::Serverless-2016-10-31 +Description: > + sam-app + + Sample SAM Template for sam-app + +# More info about Globals: https://github.com/awslabs/serverless-application-model/blob/master/docs/globals.rst +Globals: + Function: + Timeout: 3 + +Resources: + HelloWorldFunction: + Type: AWS::Serverless::Function # More info about Function Resource: https://github.com/awslabs/serverless-application-model/blob/master/versions/2016-10-31.md#awsserverlessfunction + Properties: + CodeUri: hello_world/ + Handler: app.lambda_handler + Runtime: python3.9 + Architectures: + - x86_64 + Events: + HelloWorld: + Type: Api # More info about API Event Source: https://github.com/awslabs/serverless-application-model/blob/master/versions/2016-10-31.md#api + Properties: + Path: /hello + Method: get + +Outputs: + # ServerlessRestApi is an implicit API created out of Events key under Serverless::Function + # Find out more about other implicit resources you can reference within SAM + # https://github.com/awslabs/serverless-application-model/blob/master/docs/internals/generated_resources.rst#api + HelloWorldApi: + Description: "API Gateway endpoint URL for Prod stage for Hello World function" + Value: !Sub "https://${ServerlessRestApi}.execute-api.${AWS::Region}.amazonaws.com/Prod/hello/" + HelloWorldFunction: + Description: "Hello World Lambda Function ARN" + Value: !GetAtt HelloWorldFunction.Arn + HelloWorldFunctionIamRole: + Description: "Implicit IAM Role created for Hello World function" + Value: !GetAtt HelloWorldFunctionRole.Arn diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/sam-app/tests/__init__.py b/kong-versions/2.8.4.3/kong/spec/fixtures/sam-app/tests/__init__.py new file mode 100644 index 00000000..e69de29b diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/sam-app/tests/integration/__init__.py b/kong-versions/2.8.4.3/kong/spec/fixtures/sam-app/tests/integration/__init__.py new file mode 100644 index 00000000..e69de29b diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/sam-app/tests/integration/test_api_gateway.py b/kong-versions/2.8.4.3/kong/spec/fixtures/sam-app/tests/integration/test_api_gateway.py new file mode 100644 index 00000000..b96e8033 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/sam-app/tests/integration/test_api_gateway.py @@ -0,0 +1,45 @@ +import os + +import boto3 +import pytest +import requests + +""" +Make sure env variable AWS_SAM_STACK_NAME exists with the name of the stack we are going to test. +""" + + +class TestApiGateway: + + @pytest.fixture() + def api_gateway_url(self): + """ Get the API Gateway URL from Cloudformation Stack outputs """ + stack_name = os.environ.get("AWS_SAM_STACK_NAME") + + if stack_name is None: + raise ValueError('Please set the AWS_SAM_STACK_NAME environment variable to the name of your stack') + + client = boto3.client("cloudformation") + + try: + response = client.describe_stacks(StackName=stack_name) + except Exception as e: + raise Exception( + f"Cannot find stack {stack_name} \n" f'Please make sure a stack with the name "{stack_name}" exists' + ) from e + + stacks = response["Stacks"] + stack_outputs = stacks[0]["Outputs"] + api_outputs = [output for output in stack_outputs if output["OutputKey"] == "HelloWorldApi"] + + if not api_outputs: + raise KeyError(f"HelloWorldAPI not found in stack {stack_name}") + + return api_outputs[0]["OutputValue"] # Extract url from stack outputs + + def test_api_gateway(self, api_gateway_url): + """ Call the API Gateway endpoint and check the response """ + response = requests.get(api_gateway_url) + + assert response.status_code == 200 + assert response.json() == {"message": "hello world"} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/sam-app/tests/requirements.txt b/kong-versions/2.8.4.3/kong/spec/fixtures/sam-app/tests/requirements.txt new file mode 100644 index 00000000..b9cf27ab --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/sam-app/tests/requirements.txt @@ -0,0 +1,3 @@ +pytest +boto3 +requests diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/sam-app/tests/unit/__init__.py b/kong-versions/2.8.4.3/kong/spec/fixtures/sam-app/tests/unit/__init__.py new file mode 100644 index 00000000..e69de29b diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/sam-app/tests/unit/test_handler.py b/kong-versions/2.8.4.3/kong/spec/fixtures/sam-app/tests/unit/test_handler.py new file mode 100644 index 00000000..d98ce574 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/sam-app/tests/unit/test_handler.py @@ -0,0 +1,72 @@ +import json + +import pytest + +from hello_world import app + + +@pytest.fixture() +def apigw_event(): + """ Generates API GW Event""" + + return { + "body": '{ "test": "body"}', + "resource": "/{proxy+}", + "requestContext": { + "resourceId": "123456", + "apiId": "1234567890", + "resourcePath": "/{proxy+}", + "httpMethod": "POST", + "requestId": "c6af9ac6-7b61-11e6-9a41-93e8deadbeef", + "accountId": "123456789012", + "identity": { + "apiKey": "", + "userArn": "", + "cognitoAuthenticationType": "", + "caller": "", + "userAgent": "Custom User Agent String", + "user": "", + "cognitoIdentityPoolId": "", + "cognitoIdentityId": "", + "cognitoAuthenticationProvider": "", + "sourceIp": "127.0.0.1", + "accountId": "", + }, + "stage": "prod", + }, + "queryStringParameters": {"foo": "bar"}, + "headers": { + "Via": "1.1 08f323deadbeefa7af34d5feb414ce27.cloudfront.net (CloudFront)", + "Accept-Language": "en-US,en;q=0.8", + "CloudFront-Is-Desktop-Viewer": "true", + "CloudFront-Is-SmartTV-Viewer": "false", + "CloudFront-Is-Mobile-Viewer": "false", + "X-Forwarded-For": "127.0.0.1, 127.0.0.2", + "CloudFront-Viewer-Country": "US", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8", + "Upgrade-Insecure-Requests": "1", + "X-Forwarded-Port": "443", + "Host": "1234567890.execute-api.us-east-1.amazonaws.com", + "X-Forwarded-Proto": "https", + "X-Amz-Cf-Id": "aaaaaaaaaae3VYQb9jd-nvCd-de396Uhbp027Y2JvkCPNLmGJHqlaA==", + "CloudFront-Is-Tablet-Viewer": "false", + "Cache-Control": "max-age=0", + "User-Agent": "Custom User Agent String", + "CloudFront-Forwarded-Proto": "https", + "Accept-Encoding": "gzip, deflate, sdch", + }, + "pathParameters": {"proxy": "/examplepath"}, + "httpMethod": "POST", + "stageVariables": {"baz": "qux"}, + "path": "/examplepath", + } + + +def test_lambda_handler(apigw_event): + + ret = app.lambda_handler(apigw_event, "") + data = json.loads(ret["body"]) + + assert ret["statusCode"] == 200 + assert "message" in ret["body"] + assert data["message"] == "hello world" diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/shm-stub.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/shm-stub.lua new file mode 100644 index 00000000..7bc077a9 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/shm-stub.lua @@ -0,0 +1,108 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + + +-- DICT Proxy +-- https://github.com/bsm/fakengx/blob/master/fakengx.lua + +local SharedDict = {} + +local function set(data, key, value) + data[key] = { + value = value, + info = {expired = false} + } +end + +function SharedDict:new() + return setmetatable({data = {}}, {__index = self}) +end + +function SharedDict:get(key) + return self.data[key] and self.data[key].value, nil +end + +function SharedDict:set(key, value) + set(self.data, key, value) + return true, nil, false +end + +SharedDict.safe_set = SharedDict.set + +function SharedDict:add(key, value) + if self.data[key] ~= nil then + return false, "exists", false + end + + set(self.data, key, value) + return true, nil, false +end + +function SharedDict:replace(key, value) + if self.data[key] == nil then + return false, "not found", false + end + + set(self.data, key, value) + return true, nil, false +end + +function SharedDict:delete(key) + if self.data[key] ~= nil then + self.data[key] = nil + end +end + +function SharedDict:incr(key, value, init) + if not self.data[key] then + if not init then + return nil, "not found" + else + self.data[key].value = init + end + elseif type(self.data[key]) ~= "number" then + return nil, "not a number" + end + + self.data[key].value = self.data[key].value + value + return self.data[key].value, nil +end + +function SharedDict:flush_all() + for _, item in pairs(self.data) do + item.info.expired = true + end +end + +function SharedDict:flush_expired(n) + local data = self.data + local flushed = 0 + + for key, item in pairs(self.data) do + if item.info.expired then + data[key] = nil + flushed = flushed + 1 + if n and flushed == n then + break + end + end + end + + self.data = data + + return flushed +end + +local shared_mt = { + __index = function(self, key) + if rawget(self, key) == nil then + self[key] = SharedDict:new() + end + return self[key] + end +} +return setmetatable({}, shared_mt) diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/ssl.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/ssl.lua new file mode 100644 index 00000000..29c5dadc --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/ssl.lua @@ -0,0 +1,738 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +return { + --[[ + Version: 1 (0x0) + Issuer: C = US, ST = California, L = San Francisco, O = Kong, OU = Core, CN = ssl-example.com + Validity + Not Before: Apr 24 14:36:29 2020 GMT + Not After : Feb 7 14:36:29 2294 GMT + + Note: Version 1 was accomplished by using a openssl.cnf file + with the x509_extensions line commented out. + See https://stackoverflow.com/questions/26788244/how-to-create-a-legacy-v1-or-v2-x-509-cert-for-testing + and this line's commit message for more info + --]] + cert = [[-----BEGIN CERTIFICATE----- +MIIFbTCCA1UCFGjFyapVZYpvpKuYDJbLA1YJip++MA0GCSqGSIb3DQEBCwUAMHIx +CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4g +RnJhbmNpc2NvMQ0wCwYDVQQKEwRLb25nMQ0wCwYDVQQLEwRDb3JlMRgwFgYDVQQD +Ew9zc2wtZXhhbXBsZS5jb20wIBcNMjAwNDI0MTQzNjI5WhgPMjI5NDAyMDcxNDM2 +MjlaMHIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQH +Ew1TYW4gRnJhbmNpc2NvMQ0wCwYDVQQKEwRLb25nMQ0wCwYDVQQLEwRDb3JlMRgw +FgYDVQQDEw9zc2wtZXhhbXBsZS5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAw +ggIKAoICAQDDd3IZRGgdL34RY1MiAE2ItnJNbZGPQD9XE32D/I1cDCAXjI/MQrvn +iSJhnnc/8F2y7/tzJ2GZIk0C8Fz7MRWDXHCBt9byOHU0Jhppj/cRyWqlI7GrvyZy +QAiyOh/97ZN52xwXqiFDRXCd43PIgPhie6rcJkdYbppg8ETwMbjZcslcX6EUJzLU +q/I0BscqbqfiAa8viJ0a1bSWINABKWYr5KqpiRfLWsTJmMthWgh5kaLtMZS3m/AM +IrrKJJY2klvyO6TeXkHuZwm1day4NxhInxZl5H8NNbLgHz+W/8g6vgo2Oafy0crA +hS7iK0oJZMgK25p7VDbi8BXf9kqZeq17Vcj9uB8JxC4oTjy6XT9HGTAJ3yJ0TtLP +p8dayJt6fbNgcuHKkiZJAJfg6ecl2jXxYW7aO9oqcIA3btsl1TJbnzpMK8zeQK1H +Aw7ryQ8qdhKboZUe09iwcyjxyzxieymS387/O6Stnu3UXoPnig9exx8zOgkcZfFa +yhrtEbS74lwcyWwnSmjq/tUw1+QbzoTEJDeMyFnZjOJT5GbauFadF7o/GSbCurWb +yh2G/s5S6v+xa7zw7xdO8ECEUKXws4IiGSui3raZWt+B57uBFQqUefDV6H6MevPk +8aMTC3f9fhp28lbbjfZBI3JiwtaVSV11kJfwmzOcj198nmZlRHotMQIDAQABMA0G +CSqGSIb3DQEBCwUAA4ICAQC51hH6cZrn+n8LiHlDaT/JFys3kKOQ4OpdpCUyUYzI +VYFnG/espH8LKzAiui4/LQjwygTkmNdp12GzIUsZItvpia2J4hsi7xNm/uKOhHwG +B1FViDF8FKOEihyMsZVAHIBj54RjuQ+WLbuQCjajX4PrK2La6lhWMn4cyvFWXCYB +A28Vrz/jXgXCXEct4+b2gZApOJ2H8qAyJv8JtFOptbB5mUZz3u3PW8/bTwG901/L +P9rWLq4AXT+UyPwBNs/lG4XXGc5uBfQjHkvamNKQP3usZuxAygdOEz6vJh9i0nyX +2b/+F/GLi8ZZwllapmp8c3WdsJkycBJ22VLS/LFNNvkz4sbT1dw5w1A7XJhiVDDZ +Dt9HMqK5qb4GAbaWwS+HPC63vrP6Ltw4QiAhC5x3bRujJ9CscRTVHXxMNw9b1TkQ +8AGgEFZKtbhirmv2/MQv+T57LQgnFPWNJWwv3YjJOIzDLEOeOxHMFV3Po5R5B2eP +qhLqmwYS6tQ/ih5BnlbZPBrArdVvsVCWLjQRy9qgetBlh+c65cL4HUAe/BxpXQSK +OoNpTQYMpSXlERwqm2/LN8rJl3XFlGtSH2xHucX8V3eN1bPURegkfplgPI+HDZDp +LAhXzHSQgW+cvcEL9Jafm5e5kRqDei4VSJteBfo+X/eTp0WnGJOYv0uJqwUJheNe +IQ== +-----END CERTIFICATE-----]], + key = [[-----BEGIN RSA PRIVATE KEY----- +MIIJKAIBAAKCAgEAw3dyGURoHS9+EWNTIgBNiLZyTW2Rj0A/VxN9g/yNXAwgF4yP +zEK754kiYZ53P/Bdsu/7cydhmSJNAvBc+zEVg1xwgbfW8jh1NCYaaY/3EclqpSOx +q78mckAIsjof/e2TedscF6ohQ0VwneNzyID4Ynuq3CZHWG6aYPBE8DG42XLJXF+h +FCcy1KvyNAbHKm6n4gGvL4idGtW0liDQASlmK+SqqYkXy1rEyZjLYVoIeZGi7TGU +t5vwDCK6yiSWNpJb8juk3l5B7mcJtXWsuDcYSJ8WZeR/DTWy4B8/lv/IOr4KNjmn +8tHKwIUu4itKCWTICtuae1Q24vAV3/ZKmXqte1XI/bgfCcQuKE48ul0/RxkwCd8i +dE7Sz6fHWsiben2zYHLhypImSQCX4OnnJdo18WFu2jvaKnCAN27bJdUyW586TCvM +3kCtRwMO68kPKnYSm6GVHtPYsHMo8cs8Ynspkt/O/zukrZ7t1F6D54oPXscfMzoJ +HGXxWsoa7RG0u+JcHMlsJ0po6v7VMNfkG86ExCQ3jMhZ2YziU+Rm2rhWnRe6Pxkm +wrq1m8odhv7OUur/sWu88O8XTvBAhFCl8LOCIhkrot62mVrfgee7gRUKlHnw1eh+ +jHrz5PGjEwt3/X4advJW2432QSNyYsLWlUlddZCX8JsznI9ffJ5mZUR6LTECAwEA +AQKCAgEAlp18ctHOM+b7imRxk3qOQ/DpxJXQGoTUCcG/7qr1Nd81/09VInytk6yM +rJHRq5gIazAWHlZTEw9mLgSOcRQSUqUxIBNLcltknGlb4smHBNKh9Vu6tO9WraR/ +zu2Q5zZgc/4M+IMknFRugYrZFb+jJSfLsVVhllerZ1TcmgSGPi//zsj1MrU9qrhP +qh0q7JxVioXnuoXXIO1Y+HGSNcLzspDBnF9B0XVAu2KcHIimjR5WX9Tbllt3LbK5 +Ibftc2F1rgKdeKdCwHPu/D8PduclNBg5xwu5hrFBAwexFSZE4Fa9QalNq4JSa+R0 +Ctx2cSSSLCOpNqzemiGLiYabVwY7k7tsYjgO/+t9wRYEIZ3SNm2sydK1+6Hebu2Q +Ibagh78ysEW+3kM2Tto8njUgoYB4i8VJENfTyVVLLYOIbdRifZGCxXkkBjyF9H0L +S3mfytKHH8Bjd0jpf0U6QiaY/5XXBljQ2yQFAk2Nk03eP3mncJoaiNhHeq9WiNir +NL+uJo/F9FAxG3q4W1j0EwWszZdAhHZYRELuV7EX1tXgLM6tOPKa28i9MFVxK172 +hyiSQqWLhtvoU3exf5WZ4gWHPk6b7QKhyaeRjUkcClXIkbYSOL2FnrZRVDC4UHYD +rEqpBzIGFF6tfchQ5r2/IbSvRldMW+btaehHK1K46onYFhmu61ECggEBAOzBBbxu +92OQQO7G4KcRflJZ4gRve2BOHsqsDS90jfY42tESJEp04LfN5iBxr2PRIz/l0pbX +14vHSxuaqZqAKcxn/cDIXbhMCPTvzCmF1y6pbG2hh+ki5531rZqUN3RKamRMPS4+ +9xbRo6wynIWMC0EX66Odw0cZKxW89U1avLR6Izy19aCO+/nMZ+qZztle5xprj1rG +4eYyYfY4/R/ZdvHdcfR3Rp7MiCBxeQZo1nyLXgqoGvsppntKAD8p49VNrqqA92hO +uCJ4+sUAU9VPzxk8SOACi56lSm3BkvnErIbG0b9WM5Kj5O01HoX3N4n6s7fefZ6X +uCc3/3ZW43ZfUHUCggEBANNbNc1l3axheTnZbPPrhp8bQ67MjQZqSQ1pqNf/CoA8 +vmrZEDml2UnuqijI6DWWEtPP2+VoWt4CA8xLX11x+w27Ov9ho/CUnuvg+ufn6w4t +czyiYmQK2nIBJfZAYuCYN0VOwZoOseu1mfIBvLHLwGgWe6lWMuC3wFgHDPz1AgYH +jH7uUGKNCRXBkzUqSTS6VSX/056fY6xEGU0EgDfKLjlucDkdhqukDDHjOCCCLtCT +tApc+LVnB0OyMojxnaArW7rgSEmz5CWm9TGCS6WdZ6aZtlgUNbGVp8znrabM3JuV +k3ZtJ4TTb+nS32NPEgnFTOdvKbR4jOJTZMn/51iz0k0CggEANAGCfQ3zEc/SM6FE +H+7bzMMpvseuVk1Svjpk+xOjS37ZsitGBYT/B+EWt/HBETATiim1xKTNGEtC2GF0 ++BdHFzuQphRdYepx3Tv/oO9hgUJ+Kubcr/2W2z/oTphYRhdCn52PouT56e1LArxr +XXqRzk6u2FYDW07QBApp6AASi6J4sxFVT1uZRhn8ibAXm/AY29jcuJgPbz2J/0gt +ch2W3zJBoe3BeYh8LoQ+jYXh96G1mqmqo5lWlKaAv184SNazk4iY0DTahdgFXdjg +kW7ikyyG5Y4plUPBwbJP0sW9EC4ETP9mfMO7uc99UPgpHwoPCEi7V2cEcLkASMJ1 +XL87MQKCAQAP8pTnr6T/SceM3uQCr6XTwYnk2ZhWgJSMh4lu6taPAIZZp5E62FHB +61k5hJdI288F3mw4LhyVHc/NjW5fracEzTjRZjupfn1TTQGBmBU7V6CXVaVY6Ry8 +d2u23frX+YRKHXwsNKmmIGjCQvFK9RXKhM/F4jQqkpLX0YhgWdhSPiWSukakeQHT +e2yxGUS2zsx39oqwMFSj/etuzUUjcIT2XmfnV1v+/XzSEtP8V/ZSVKLEGWnGvkRl +DkAT5y8+k6bzPdMWhJVVZfigSLWOhIb6oiSJFtVKVgF4S47lxBVtQ+cBi5Dsy8to ++DlU0/WHeTSpTdD2xhXTSfmT6FQ7dC4NAoIBAF+V7Ntyb2mSHhJkSA4Sw/pKdz+I +qL4jTdwm9Vjh9Vi4Gqcy1AoE/nzxIj0c+qaZzp+3L3ssAApKOS+BY3Y7Iqr82+X2 +1P3oTnJYZjG8mxyxeMguT824CjgWZvkd6Q0jSz8H4nLaeYlpG2jIov10voBJd5Zw +NqY0sKkTzDVvl/l1k+Dp+hxUzAFfxIgU3x3qs/fPw9ahoI0oBH/+Xmg6vGg9T+te +N7D4w5wpK/SHbjZBvSNp5kNlnqfDPjmfAwlGW1J6CBDcWWaEHWIcc4n3l2bCg3At +LTLKB76sourXcEDVvZA6xrYv9GJukUqmc5SlHhJZQOhu48ITKXH18U7iuy8= +-----END RSA PRIVATE KEY-----]], + + key_encrypted = { + -- openssl pkcs8 -v1 PBE-SHA1-3DES -topk8 -in 1.crt -passout pass:foobar + standard = [[-----BEGIN ENCRYPTED PRIVATE KEY----- +MIIJajAcBgoqhkiG9w0BDAEDMA4ECG8hq5qM1tTYAgIIAASCCUh/UgGOrRj5QQT6 +O1SyC87rmUohZPwutRqyPamsCiMH8PT8dfUrQfv4zjxWe/laxQIMxmdH1+o4bSTG +HbnexX0QO+ZNVmEuq1AxBtK1VU1SQJ3smPun9foTb83haIDFcFdKtrDup0cr9tri +HCEnVelGlYdUXwz8HDH54IApdeF/z4U5W0IFON+T1zqDtWkfuBdz8ZGTLjoTdNmy +loI7s0ydi8m4BONkSACTkuHH78vdC9yf1u1nAcVKYHy6jVjdVNT8lCrSKT4L4HGJ +WLLROFQimvT0QxJCH2T2jPPEPZa1MNLowilzctNt/8XkJNnh51Jb7AFDLzwTh+oB +eA/93IS6ShejqBo08XdVf2XRM837zufOYktqXjBvF6XGCHuL++vcD+mvJI5omVJQ +KpeCwPSjJ0xpup9edmTsPlmeCPzqYtgOWHqzaiH3lb6f6IC1MieJX88UxJol0sCs +mNesymP0IYcEMEtwwTIU7Hwig4vUsd93M0sSRZVc/qHe5lM8rT0tjWkl9hyQxPUA +VvDOXInuLmTJB/2nyz2r5/2uioVJ6o4yYML7mVo7IW/UJTyFQwYRnyYNbvNJ5k+0 +vZEob1FIF91o1Uiv9cmJj4cCudIEcki8XpdFK5Zviyrw2gMXGrdinS72f8WptDOX +dbioJfWl5FIdEUZoRUkiBZfS2Zzy5hdWiyVm4zTSXvzPDa0a+GpbZrXPbAmwq+vq +e/HOZWicZu3rVyNLU1dytuLHQ9LB6nbSATcSQOCJqe+fVKUkYkv8O3F1FOmOebOy +v3sY9TmFAZYQtNd4D8ObP6qDMvCMMAD+/JGcpOdo48rQI2CWnwu4LfSqbFN1eCJu +6E9oKITDZTfbCDKZDCJgWyquJqLLPJADcuB08Gl9w+Gao0E/1ED5kUlplE+ak+8R +1yGLY6Jcdn2v0NoOVPEGTvhfnoKSrL6B6+Q9zuK0w7upcM3HjlXpDqnSeUf+neSq +MftvIkvxZ3rXLhj4qs2PuvjPfVuceYBxndLcX+nDICt8nbsrYcYg2dpDGHwOuTkA ++b6k050NTBtYblv4xY8aspCpaSPyne3VDOFkxXvmu3EpxiVFJxCu3l6aDT/NpoU8 +UG+xDI03o/bOdyvc7J6bgXKSjr97u24eATuin9ifCPkAmQ8IdHsFupNZyC0WEKvS +YSGG40aZ84to4GfbYfvT9MojE6Ejc5PCOpAvhh4LJJX5KF7gCb66B8Nno54k5qwU +0niCIwoytq1SedHWvxsbVhSiAMnRkmLzuZZ/6KR8iDnSy0bhOkXw+9zJDyxPGcsJ +q6u4GVe8ogpcT0f2sOfRPsVxAA7cIxDEUuIQbEXAb+3ROEE689wHTkDxkKxShDSj +pw8xSH3TSf9hMbFjhTX8mIVSrSlo5sWcSalCGLGE+3jaG/o6vqsHFGsh7KVagWmh +Ad+UzeCvC6NDX9h4KZyPNjcUganFNCWJZ6HHqkTUqLY3/qupwJN1wOe/62bU652+ +4r1JY2GQJQHjI1sFU/cJ61ylxSVSzUpQjFUxOJ4gTGhhjPAGzEpmvDFXIbDiW4cS +3CRpottd3tTzc3RGSDck7aVKl7R38fuWzsFdDug7+Duac/jafqhVp7wL11643ztP +/zskQnMwOQPtXb2Gopw0vSMHIcqXF/TTARddqYahICpygys60WslN4FfnRgoz+se +X6ot2SZM25Z6EhHhYaNVLTWQuEzU+iXMqgVOZ+KIui2ue+DgCFBPdk9Gp4Q5kbWo +mUw+/6kjoTCzbJBX/KLyCG4MDoTgpnxOznWfWxKvtTEKIokKRQYpJuXdl1pgEp1p +DTE+lVmhl2dWYEMkbWv5omJine4QbOjt21lL2WZjsMiqy0kAjOIh7tz39zOrN43W +RqviyRe0FvT8tGLba2EaGkYfWLuiKVNTSWOrdSNus4cK+Q78THZL+d/agJgXrLHw +/COY6yKmOmjYEXkQl7Fb2JJrygO+PLdARzk27RwZtIhfJyD01ZabVuasMce8BhNh +bU4ulJPu0bJ0xzDfo0ikHpVCGF6W0tl+zl3aILT02coJ11GpBi8Se69PlwdctHMS +ZbGaaetCK1xXstzdcs9cELI8FQ1LS/n82KqZtnTXKy8g1O2JXoK+9xFiERftpiCi +P3Fb8KYcMcKHisWCB8BfJ3Qodb125u0YkezqJgpqvtClRT862qb8kvamMoB8NzGT +OZa8uwgwoqt4S32ewenaSLwzuvOziEkVLedfWgbKeAHxuiZhLi5S9qt3hFGORQTi +KUtVlSM7v42IP8RuD3GKrZ1uV3x6RY2vTkGuT45n9UDn++Q2RFdrpuI/w7xYNzMA +FZxVrpoZeMHiXl195fFYXgUffyY2ibLJiUb2+ItecFGSzLDL5pxo3oKqKpIZuJEL +QGp+MMpoKcxPUGfv78NTG7hCmpLf99k52i0kYQJBcLGSmnLTM6X3nIl7PEUHTUFU +VlLALjf5aPZcFOAidhHm+feOTNOPMm5MMInf1k2ibPzxQBOZxnf4Ux57/x/lL7PN +XG0CDDHbiEJ117pd8tpVHbkY/FnqaqjV/VZHnpg7r69+iTH6ipnokUnv3TmTywsG +0FlytnqlSc+qi9zpg3igwzpkJ2G3HityojgHH2eNNDAOyYqW788DdIC8X3FTnxcH +iAuXslNWNOkjabn/vCGUHNj5zyfKydIeOsMfaG2H7rSYBRl4XsQCbnx7QtofO/WR +n85YNSfvSwBHpAg6UPAB772mf43dSJnptWwar4uH/xqaAqeH/hgmMQyzl399HYfw +5ug95OGRv8a1NuDHoVAI7UozOnY5OqQ2N+OEl993OiZJoFuX9SqIeM9Y67TWs40/ +/GmQfIaq4hVzSGuPavRmkhymOOjxcm0LFVatEXBe/iyGpwB4WiGarSFxeIeGrHTT +3xi+D0OMdwyG5XHQQy2LJnmhFBOU53+CPQ0ecJrLPbHdzqgEmz2d3mRwZFvBSi56 +srwdhdiFQcEdIh+CessZXIGa1ZHKFphOd93fF7bfCQk0Z9+K+kwWIfUz72hu/Dr4 +xTcKT5qkvIHl7shuWK8QC8EpDubvViM14YGns6EtR4JttY1BLZxHyndEe0p9XlJQ +s29ceQZQEs5DYKLB9YefjxANOh8EZTmJ+BKfA/xvanySnHNRi3NojxjdbJiPKBsd +sSy16GdFKZJctce6KPU= +-----END ENCRYPTED PRIVATE KEY-----]], + --openssl rsa -aes256 -in 1.crt -passout pass:foobar + legacy = [[-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-256-CBC,1D2DCF88CB6CDBE43D63D794511BABA6 + +qaDyxn/sXGGouYjFTEu3vlq1lshJPR0mvBhVbuSPA04fkGFXOSg0Gykg4WFyEb84 +fuWhG7WPzNeWRsBEJQavn6R2faM4Axhe6xov4hY7u7++axCTUUe+25b9lNSsKHUL +MakYwwUPbMFzcbEIQzyAgBqH0Uorvd9Fp8co1yYMZiVtOHI/vlTNwYXX0T8/bWxN +62X85R3G0aFj+WkQUh4irahG+J6cg/EwKfz4TvEjVrO0sz544qd6iZDoct5juHuW ++rNSrpc3LRxmFTDn9IgjO6JvwK+ik5Hc1X3NMTPhfbnFPRiPuaAaxOX9dLYo1DOf +ZlgwQH6gsZDfIDnxkNtyOOzgdtdnCpy8E/3robL3iZ7gqlNeLpX75D7OQR6jJe6O +EmCjWYPtmp4Bcs71BpJGwDZOplpDEaxgJRnYE+Er3IgQ0o6eb2zpeDt6RSCk/FTu +j045Mjrd/kf8jofLdzUNt/6ZvjliRV/FYl7I8lfLrycLev9aG52m81f7qenUCmMA +GgaotKQK+X04ohq0Di0hKfglP5vW1aw5Z7I0qOKPC1Wr1S+7UNCWUrFZ7nXf6nAn +SiwcaOoKWm8CikaVtWoPqD28OC6Kb3R5pIXTa7VBM4nIf9+Am/3M74wneZkUG00t +tbVk5Rh+a/46SlBsVLaZ/A7/mChW7pobKlbnIob7xvDlWbjVe7iDH7jBZfTn6mmh +mBdrpPO2LZ5wrWNr6m7AxhU9WqufVQqyaLQ8qPG6C6j3l7I4nTamwfde1/gXGeiO +/BAhXvW/onOvLhGsTIj/rXjk/unix+UtbH7GxEb8RSupOn733f5qGoGPLocMtFud +/WsUuHK0fBOs6LjuDEgL7Rrcm+U2N5wwEKbqNxhMuT4Di5gSPwRYbEFLMCqENlJ5 +6CsLdkDc1f4GWNsdguoZOBtYT5zuaD7xbl8Z3M7ZxI8JEJzhC0IhhFJX8CvumyeG +rxVrcEVgQ1B22iZfDa1mwZBPdeJ3Ncknx6+RwpIFlfr8wQIABbVIIKa1SkHCxlib +OxqrKO6WzH1x1KLRgUbiC3Ql+kzdXVqqc/2vg0imY1xRz+rWq/fxro5dweAlz2y9 ++1ZIy58PsVFOYJ2VqP4v7Z2ydpIlP//ZJe+y2xypxMgxQ/kG41Oyerw+bB2wNNS+ +jkANfMnwHQMwQEGvCZJUGnP80utija5nDmCb5Js6G3qzkibnuN/iyvg0VPAVMB0p +4vbQGUe+Y5tuBY1WqtYw9p+b5kGCFu+rLaHweqDcROGKRdWn99CiU//SNT5wmT50 +WCdv8YzTFWvmE0Nv9oAP00cjjsLGyhQNbj4lhfKEyKSmModfIJ5wUOEcEZUZEBj7 +8USqRpPQR2Ih5Z9e92pmi/OlmzEKuARZ6f2YMpFyuDei6IvPQD0BKV5Ca4Uvm8gh +wLCb84Gw2N4NoziOjyDVOuGWhffpWIRFJ6wupnY8hly6t4rg/4NRKOBmnDl4SU1c +I/qj+00Ow43blYFyGwvtuCt7GnquNJR1bPUnv32S0tMK6RS45wTVH/85MpmmF70Z +ikh+LyRO0C/31EBWAc/KQms3KfUrXxkbvwfMrqnYL3M+Co8H+t95Fax96wAF0cd0 +JoOzSomL5HPRwbiLbXMufo5DKkfhdCNe+a6YRkxP9wmR2H1/H0c1Yjj1acnq8p11 +MxfJ2vHk1yV9MLXHsRgs3nCEqmqnJs/I5LeGEYn2Tw2A7jt7tpDkc96gEINeCCX6 +2V2BEiBWBOfWaKQzg2iALQzsPXMDgveKeaT3dAuANNJyrR80oRl8Q+HVL3REcucH +i8A6UCuD2WmZKU6oWW3cY1ropRbNUXJLQ3w6WfPkrVDNbd+/iXbFyT5Q+losWEJk +6fPV/vIm5MPtnfNsCEjDgwbF9WtBw6+UCAbBqKWLoPSCIshduSWmGnzgvJFMaEMO +/6zb5p7qroN5OgpeHX07/xnUi0H+hxArAPmGovPktoDZXdBkVNxmT9a80hJphupE +fNW9/GtvNTTXsPs9HVp3CogKWoa7hnbzQbYIOtx6NoghZr4oCS46cr+iPgT/v9Km +sFmkTjrljtp8J9+Ywqm406gClhpMDRjj3D0z5H6nMZW6Z/aA7oECCDOos+CdRE9F +guaNEgG8d6NrmzQVs1+mW0HTUim1UuxjC1Yn0LXZ+SkYfKx16tvbV+eil0O9xxX0 +dM9gq/cJpmMGl22Epy5TpbpPqUliqRQMkkdZzax+1AAgAU1X5S5KnJqZaAZ/tJnU +Icv/halkNyY5e1VqXMY/pMWtVbkA9zHCPAEAkJ0LV4Y+HotIjri8maGPVa7F9nZn +hto9G6UYfJ33Fe/+5xUPm6hBn3Z28eqephnnDLJfLIARl3t0/4VHka86L+nvZ/ka +/luhMCRXlyzzYI6ItDShpNe0xXfd5L3GijXmblgrlaAVg7MUMNcH5f4+MEiKkBqu +3KJaoQ+MbbWOgPtW2WzQTgXImD+h9JMxStcXym29sv98SziCpLgEwy2D85yLaSqz +X9N5oo6rlij/eHfpiMKfIwLGryFwVylO1JuPYOievxZWgT3t2dRpHEisgdI0jjmk +ZvgnuOq5gw7+yjGB/1slA2D3A+pztu9yfX3xOf1oTOyF3ntoFvoZtQGWHvzqxaNf +lJ3NFOV7HHJqJ897YtdMRjMgL/mv4Wgzw8YQpzsom3u0cufUDeqDMAMXNMNEN0nL +D9gQDTFKyy0Y3kfULmjUwHo4r0mwYMSocM4/cajJzQs68Qpy1yFLVVryjBfP6l45 +aqjwGyZFOgbdz3BdVuYq9uU3PHiV/Xi+9oaNzbhPKwiwe+tpaNM4NdJ7EdbVb3i5 +/CtEyKK147HdOAYGcbqDYFU7hcdLbA95tRX8zkz5NG684b1i5SCSbln+4iwZXWBZ +loKPqZHrVD4qqSBFHBfvdaiUtNZIZH2bwUO5qt5goYD3egSrizNtNgzJ7nKl4PD1 +y7tnTMtP11OKqgrnls9s0LcuMNtv5Euq1o+U+vnMet6AZkC7+6g6UqPhoY6UTtB9 +X7w/9lDdh4lb64T24N6JxYlDo41gZ6r+4AA3bkr2LCDDx0mRpZzhZljXKhZvdRed +tGJP909NhlRM6C3t8qZkFDiFvGBI+wK4Bf5bdazt/n3i4powjlgUEorwB1fDBYSK +-----END RSA PRIVATE KEY-----]], + }, + key_passphrase = "foobar", + + -- Issuer: C = US, ST = California, O = Kong Testing, CN = Kong Testing Intermidiate CA + -- Validity + -- Not Before: May 2 20:03:11 2019 GMT + -- Not After : Apr 28 20:03:11 2029 GMT + -- Subject: C = US, ST = California, O = Kong Testing, CN = foo@example.com + -- X509v3 Key Usage: critical + -- Digital Signature, Non Repudiation, Key Encipherment + -- X509v3 Extended Key Usage: + -- TLS Web Client Authentication, E-mail Protection + -- X509v3 Subject Alternative Name: + -- email:foo@example.com, email:bar@example.com + -- Issuer: C = US, ST = California, O = Kong Testing, CN = Kong Testing Intermidiate CA + -- Validity + -- Not Before: May 2 20:03:11 2019 GMT + -- Not After : Apr 28 20:03:11 2029 GMT + -- Subject: C = US, ST = California, O = Kong Testing, CN = foo@example.com + -- X509v3 Key Usage: critical + -- Digital Signature, Non Repudiation, Key Encipherment + -- X509v3 Extended Key Usage: + -- TLS Web Client Authentication, E-mail Protection + -- X509v3 Subject Alternative Name: + -- email:foo@example.com, email:bar@example.com + --[[ + Signature Algorithm: ecdsa-with-SHA256 + Issuer: C = US, ST = California, L = San Francisco, O = Kong, OU = Core, CN = ssl-example.com + Validity + Not Before: Nov 18 16:17:30 2020 GMT + Not After : Sep 3 16:17:30 2294 GMT + --]] + cert_ecdsa = [[-----BEGIN CERTIFICATE----- +MIICPDCCAeGgAwIBAgIUOIK1sCtPyUL5h7vHdxpN5PhpukMwCgYIKoZIzj0EAwIw +cjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDVNh +biBGcmFuY2lzY28xDTALBgNVBAoMBEtvbmcxDTALBgNVBAsMBENvcmUxGDAWBgNV +BAMMD3NzbC1leGFtcGxlLmNvbTAgFw0yMDExMTgxNjE3MzBaGA8yMjk0MDkwMzE2 +MTczMFowcjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNV +BAcMDVNhbiBGcmFuY2lzY28xDTALBgNVBAoMBEtvbmcxDTALBgNVBAsMBENvcmUx +GDAWBgNVBAMMD3NzbC1leGFtcGxlLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEH +A0IABDFm7D+CfVzbkRyRTR/2DI4o1sOxDCdc1UEdbQkA5e6j5b4smyuW4xlZjVwV +CXeADYvtpBaykzZ+NC5Zlf3EAkWjUzBRMB0GA1UdDgQWBBQcXSBVifOMnYaC632X +NzdazHkuEjAfBgNVHSMEGDAWgBQcXSBVifOMnYaC632XNzdazHkuEjAPBgNVHRMB +Af8EBTADAQH/MAoGCCqGSM49BAMCA0kAMEYCIQDbSwXZ15UJ0hX/7KTKxd/mER7b +s5oBurNijw1iPMyi+wIhALixa/LN3i+AykB4Jxj89scpXilIH+6q5fJI9exuaLtv +-----END CERTIFICATE-----]], + key_ecdsa = [[-----BEGIN EC PRIVATE KEY----- +MHcCAQEEIDCpckzH9Z6YpE48cmSIqcNXDZ29peoeMkFP2NqZb/MUoAoGCCqGSM49 +AwEHoUQDQgAEMWbsP4J9XNuRHJFNH/YMjijWw7EMJ1zVQR1tCQDl7qPlviybK5bj +GVmNXBUJd4ANi+2kFrKTNn40LlmV/cQCRQ== +-----END EC PRIVATE KEY-----]], + + --[[ + Issuer: C = US, ST = California, O = Kong Testing, CN = Kong Testing Intermidiate CA + Validity + Not Before: May 2 20:03:11 2019 GMT + Not After : Apr 28 20:03:11 2029 GMT + Subject: C = US, ST = California, O = Kong Testing, CN = foo@example.com + X509v3 Key Usage: critical + Digital Signature, Non Repudiation, Key Encipherment + X509v3 Extended Key Usage: + TLS Web Client Authentication, E-mail Protection + X509v3 Subject Alternative Name: + email:foo@example.com, email:bar@example.com + --]] + cert_client = [[-----BEGIN CERTIFICATE----- +MIIFIjCCAwqgAwIBAgICIAEwDQYJKoZIhvcNAQELBQAwYDELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCkNhbGlmb3JuaWExFTATBgNVBAoMDEtvbmcgVGVzdGluZzElMCMG +A1UEAwwcS29uZyBUZXN0aW5nIEludGVybWlkaWF0ZSBDQTAeFw0xOTA1MDIyMDAz +MTFaFw0yOTA0MjgyMDAzMTFaMFMxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxp +Zm9ybmlhMRUwEwYDVQQKDAxLb25nIFRlc3RpbmcxGDAWBgNVBAMMD2Zvb0BleGFt +cGxlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJldMxsZHDxA +RpbSXdIFZiTf8D0dYgsPnsmx5tVjA/zrVBSVBPO9KunaXNm4Z6JWmUwenzFGbzWP +NLfbLn4khuoczzqSru5XfbyH1HrD0cd5lkf44Dw1/otfIFDBleiR/OWEiAxwS4zi +xIajNyvLr3gC5dv+F+JuWpW1yVQxybIDQWoI25xpd3+ZkXO+OLkToo+YpuwIDlUj +6Rkm5kbqoxDpaDihA2bsAqjNG7G+SHthaNyACsQsU/t6BHSWzHumScN0CxJ+TeVH +fTZklelItZ6YP0B0RQjzvSGA423UgALzqJglGPe8UDjm3BMlg2xhTfnfy1J6Vmbt +5jx6FOXUARsCAwEAAaOB8jCB7zAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIF +oDAzBglghkgBhvhCAQ0EJhYkT3BlblNTTCBHZW5lcmF0ZWQgQ2xpZW50IENlcnRp +ZmljYXRlMB0GA1UdDgQWBBRTzNOmhGRXaZamxVfnlKXarIOEmDAfBgNVHSMEGDAW +gBQLDgQOl/htYk8k8DvGb9IKO40RETAOBgNVHQ8BAf8EBAMCBeAwHQYDVR0lBBYw +FAYIKwYBBQUHAwIGCCsGAQUFBwMEMCsGA1UdEQQkMCKBD2Zvb0BleGFtcGxlLmNv +bYEPYmFyQGV4YW1wbGUuY29tMA0GCSqGSIb3DQEBCwUAA4ICAQBziDuVjU0I1CwO +b1Cx2TJpzi3l5FD/ozrMZT6F3EpkJFGZWgXrsXHz/0qKTrsbB2m3/fcyd0lwQ5Lh +fz8X1HPrwXa3BqZskNu1vOUNiqAYWvQ5gtbpweJ96LzMSYVGLK78NigYTtK+Rgq3 +As5CVfLXDBburrQNGyRTsilCQDNBvIpib0eqg/HJCNDFMPrBzTMPpUutyatfpFH2 +UwTiVBfA14YYDxZaetYWeksy28XH6Uj0ylyz67VHND+gBMmQNLXQHJTIDh8JuIf2 +ec6o4HrtyyuRE3urNQmcPMAokacm4NKw2+og6Rg1VS/pckaSPOlSEmNnKFiXStv+ +AVd77NGriUWDFCmnrFNOPOIS019W0oOk6YMwTUDSa86Ii6skCtBLHmp/cingkTWg +7KEbdT1uVVPgseC2AFpQ1BWJOjjtyW3GWuxERIhuab9/ckTz6BuIiuK7mfsvPBrn +BqjZyt9WAx8uaWMS/ZrmIj3fUXefaPtl27jMSsiU5oi2vzFu0xiXJb6Jr7RQxD3O +XRnycL/chWnp7eVV1TQS+XzZ3ZZQIjckDWX4E+zGo4o9pD1YC0eytbIlSuqYVr/t +dZmD2gqju3Io9EXPDlRDP2VIX9q1euF9caz1vpLCfV+F8wVPtZe5p6JbNugdgjix +nDZ2sD2xGXy6/fNG75oHveYo6MREFw== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFmjCCA4KgAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwWDELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCkNhbGlmb3JuaWExFTATBgNVBAoMDEtvbmcgVGVzdGluZzEdMBsG +A1UEAwwUS29uZyBUZXN0aW5nIFJvb3QgQ0EwHhcNMTkwNTAyMTk0MDQ4WhcNMjkw +NDI5MTk0MDQ4WjBgMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEV +MBMGA1UECgwMS29uZyBUZXN0aW5nMSUwIwYDVQQDDBxLb25nIFRlc3RpbmcgSW50 +ZXJtaWRpYXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0dnj +oHlJmNM94vQnK2FIIQJm9OAVvyMtAAkBKL7Cxt8G062GHDhq6gjQ9enuNQE0l3Vv +mSAh7N9gNlma6YbRB9VeG54BCuRQwCxveOBiwQvC2qrTzYI34kF/AeflrDOdzuLb +zj5cLADKXGCbGDtrSPKUwdlkuLs3pRr/YAyIQr7zJtlLz+E0GBYp0GWnLs0FiLSP +qSBWllC9u8gt2MiKyNlXw+kZ8lofOehCJzfFr6qagVklPw+8IpU6OGmRLFQVwVhp +zdAJmAGmSo/AGNKGqDdjzC4N2l4uYGH6n2KmY2yxsLBGZgwtLDst3fK4a3Wa5Tj7 +cUwCcGLGtfVTaIXZYbqQ0nGsaYUd/mhx3B3Jk1p3ILZ72nVYowhpj22ipPGal5hp +ABh1MX3s/B+2ybWyDTtSaspcyhsRQsS6axB3DwLOLRy5Xp/kqEdConCtGCsjgm+U +FzdupubXK+KIAmTKXDx8OM7Af/K7kLDfFTre40sEB6fwrWwH8yFojeqkA/Uqhn5S +CzB0o4F3ON0xajsw2dRCziiq7pSe6ALLXetKpBr+xnVbUswH6BANUoDvh9thVPPx +1trkv+OuoJalkruZaT+38+iV9xwdqxnR7PUawqSyvrEAxjqUo7dDPsEuOpx1DJjO +XwRJCUjd7Ux913Iks24BqpPhEQz/rZzJLBApRVsCAwEAAaNmMGQwHQYDVR0OBBYE +FAsOBA6X+G1iTyTwO8Zv0go7jRERMB8GA1UdIwQYMBaAFAdP8giF4QLaR0HEj9N8 +apTFYnD3MBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMA0GCSqG +SIb3DQEBCwUAA4ICAQAWzIvIVM32iurqM451Amz0HNDG9j84cORnnaRR5opFTr3P +EqI3QkgCyP6YOs9t0QSbA4ur9WUzd3c9Ktj3qRRgTE+98JBOPO0rv+Kjj48aANDV +5tcbI9TZ9ap6g0jYr4XNT+KOO7E8QYlpY/wtokudCUDJE9vrsp1on4Bal2gjvCdh +SU0C1lnj6q6kBdQSYHrcjiEIGJH21ayVoNaBVP/fxyCHz472w1xN220dxUI/GqB6 +pjcuy9cHjJHJKJbrkdt2eDRAFP5cILXc3mzUoGUDHY2JA1gtOHV0p4ix9R9AfI9x +snBEFiD8oIpcQay8MJH/z3NLEPLoBW+JaAAs89P+jcppea5N9vbiAkrPi687BFTP +PWPdstyttw6KrvtPQR1+FsVFcGeTjo32/UrckJixdiOEZgHk+deXpp7JoRdcsgzD ++okrsG79/LgS4icLmzNEp0IV36QckEq0+ALKDu6BXvWTkb5DB/FUrovZKJgkYeWj +GKogyrPIXrYi725Ff306124kLbxiA+6iBbKUtCutQnvut78puC6iP+a2SrfsbUJ4 +qpvBFOY29Mlww88oWNGTA8QeW84Y1EJbRkHavzSsMFB73sxidQW0cHNC5t9RCKAQ +uibeZgK1Yk7YQKXdvbZvXwrgTcAjCdbppw2L6e0Uy+OGgNjnIps8K460SdaIiA== +-----END CERTIFICATE-----]], + key_client = [[-----BEGIN RSA PRIVATE KEY----- +MIIEpgIBAAKCAQEAmV0zGxkcPEBGltJd0gVmJN/wPR1iCw+eybHm1WMD/OtUFJUE +870q6dpc2bhnolaZTB6fMUZvNY80t9sufiSG6hzPOpKu7ld9vIfUesPRx3mWR/jg +PDX+i18gUMGV6JH85YSIDHBLjOLEhqM3K8uveALl2/4X4m5albXJVDHJsgNBagjb +nGl3f5mRc744uROij5im7AgOVSPpGSbmRuqjEOloOKEDZuwCqM0bsb5Ie2Fo3IAK +xCxT+3oEdJbMe6ZJw3QLEn5N5Ud9NmSV6Ui1npg/QHRFCPO9IYDjbdSAAvOomCUY +97xQOObcEyWDbGFN+d/LUnpWZu3mPHoU5dQBGwIDAQABAoIBAQCLqQzeM3q7/4iI +1l+r31DKacgbz4M2MW5XnJNqZTX/f8pcx+vvjqfiuADwH/b4JcaKRCSSOeMSMiw+ +9fGb2+WkksHARE3bLH+LTWKYvXRvI/FP73s8Oato/iKuh+vdE/zqgktmkGisjuGK +/l1Cm8VaE8GBGh5kDDyfsyD5dDGJ0fYzJkfQqygd5B5TSaWflQsB//AXvHzkNy+G +RHbrMl7t9rDCTtwnefSEJIEwAZerGKV0p+VlRy23mQLwxTxJ5jEjVvcFIMalnD4R +nKaZYb3LgkCCTQ5Lw/xrkdAEJwfafhdu1CmvKelv1qpcz1vJdrFSfX5NOYS/93jI +aKJT8Nm5AoGBAMmOOUTvbUd9nlbZXYGLTsoy+qA+OhLkB59krddH4mFoRvbggD6U +Y/h7O/fA4spqtts+aVoEh/jyuwGTxMn0NPLjD0G8YZr1A4GUx1hgEQ1NIWvRlXrX +s1bgIlaOc14hOpKf0to3mIovyhRm8PaDbQfHWfyl4yKtFgKiO4OCMK0/AoGBAMLK +e9C5sedDKt8ESycaXnui1hA4WQkeMdXFflnabuhE29dkC7kDFEVurlmsQb3zFa0V +dF40niT7xYqzdEJIbaZ3JZIrSFhnPSSBna+B1FjMhTVb/5sjPJS87BvjVYiZd5GY +5Az4RgSlU3PlsaiuR95NH1vDxHXb5GcMs/EfnEklAoGBAIVFe2yve+yXjUkT9RYh +TPm596pZOwEeskOcyK3epDuQPcwj6eh3Khs1MRPDALKjGUGi5PpWoKnlpe2HDcoT +pacsp/vpWgiiFa1q+NzguKW46G5oaJSPZ8/75/ifvHzzL82fzEXqGPzWWKJg5te5 +UzCfikraTXOySyl2qC9uuEz1AoGBAILH8eNMmb48YW9EcbS6Ro9Z38EaI+U0SZ9O +LqvjNS1q9fMiL6CzCYwoaJS6S5VdvMLtsaiCSV9pTtL182uBN2VZf3co6jS4c9ur +zpQEZe6Mui7+KpodSVJPmXKL6mSBLT8q2IpAsrnxyhr5L5OiF4yQWSqCQMgkr6/k +XnfYklSlAoGBAKBePjIdBGLy3ckdlTfbuTeO3kp2eZFBDtGzxP515+LcoRfOjd8T +ZDX/porUMcgbtIF/B4SNso+8D/aHTCg3QAo6nDjFFjUBHhftgy+GP3BFfMvjqou6 +utJFRkc3FvrrkkeWHnyDQrPmAHjar94/xq1k1Vo+KQHQVQOrvtQt6KXK +-----END RSA PRIVATE KEY-----]], + + --[[ + Issuer: C = US, ST = California, O = Kong Testing, CN = Kong Testing Root CA + Validity + Not Before: Apr 13 23:48:41 2020 GMT + Not After : Apr 11 23:48:41 2030 GMT + Subject: C = US, ST = CA, O = Kong Testing, CN = example2.com + --]] + cert_client2 = [[-----BEGIN CERTIFICATE----- +MIIEJzCCAg8CFAQ6oTnLBUHbumx1bxyY9kV0W21BMA0GCSqGSIb3DQEBCwUAMFgx +CzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxLb25n +IFRlc3RpbmcxHTAbBgNVBAMMFEtvbmcgVGVzdGluZyBSb290IENBMB4XDTIwMDQx +MzIzNDg0MVoXDTMwMDQxMTIzNDg0MVowSDELMAkGA1UEBhMCVVMxCzAJBgNVBAgM +AkNBMRUwEwYDVQQKDAxLb25nIFRlc3RpbmcxFTATBgNVBAMMDGV4YW1wbGUyLmNv +bTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK+kZhxdN8PA3SW9cXiv +xgtANq57PIWNnSDsg9Yxn0/+JKR45pSU+SKYtZUJJJuOdkv4IIJLm6uG6LbOPUDO +g9EaV0Zw7RQtbY6EDFDFzeyq0/Mwl9wLJtXf0fPsXGyFIdeelBjzoSVsGGJKPWbP +rlUtSHCrpFX53NTPnNVUJz9V6CdzZJgbyoiWP7ggKJeRPq6jCW5pt+cd+sR4+EPh +daBmEVWeifLEKCbBvsQaOGfU1aVG1AlX0RpLBkTxOOFIIk/3dgWOsrek2ofjku4F +g0MeWmD8oXOHUX2JxO77/BbLDQt0lzD27y/EkDoqy6mMAH85/LTYrU+P0WsEyexg +CHcCAwEAATANBgkqhkiG9w0BAQsFAAOCAgEAwWAxQjQOoGxU5LQu4ZmsCkps9y0B +kNj8MUpLcFmK+02VIUh3hM4vuB6Gct2Ph+6zqCge3oqTXltU0Bs2MTwAKs/scsxq +Mtanz4W00UlmG3QdgHaEs196tYQ8cKIaGZsNBv15VgBBduUG478pKqYE8bJKBbw7 +1Ym390hSPo0dNe7jLFXx6AaJvlEYh09P4FgfkXuY5VVTGXfN7XgJI073pLRY6iGH +Qd+Egymh86AQtnoNpmqSCMNcjRVAyR8Ti3qnyro8ruZCnNYHieGeh/ZsZvhGDeWX +v4YXjW2NDQ5+Ok6Gtvhf/l6RSrnXLbZtv8NStqwQJ+ydu05BJglZ/7Sb0uQYVNq2 +H8V+MtApFT6fG6ANM6hadNFG+p8Hwz6k4BLrc9ZxeWYKWIIusqExR9JIlGzEjvFJ +6NmNjm3eZE9Ue4YgURj1KTr53wAso4LbJpz/zuZS+m9PMz7n8fRL25/Z5b/92L3a +w0vsxUJyTDeMvYf8oT6OkxNVJ0zBRZNtEg5AJKdP6nU53V998jHP9vUisrU2ALhu +Jw3QiWiDKnRtx8PiiRx7dWo+Xwn9+xVypytqNz3w/XJlOjMwOg73q399w+vMiFTl +qdr7eYvaQBGOZVc3OdiP8afyVxlhHBowUoi8G+iPbgOsARHv/j4UeMVyIThzxv73 +a2EQ5BzyOzQ81H4= +-----END CERTIFICATE-----]], + key_client2 = [[-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAr6RmHF03w8DdJb1xeK/GC0A2rns8hY2dIOyD1jGfT/4kpHjm +lJT5Ipi1lQkkm452S/gggkubq4bots49QM6D0RpXRnDtFC1tjoQMUMXN7KrT8zCX +3Asm1d/R8+xcbIUh156UGPOhJWwYYko9Zs+uVS1IcKukVfnc1M+c1VQnP1XoJ3Nk +mBvKiJY/uCAol5E+rqMJbmm35x36xHj4Q+F1oGYRVZ6J8sQoJsG+xBo4Z9TVpUbU +CVfRGksGRPE44UgiT/d2BY6yt6Tah+OS7gWDQx5aYPyhc4dRfYnE7vv8FssNC3SX +MPbvL8SQOirLqYwAfzn8tNitT4/RawTJ7GAIdwIDAQABAoIBAHMJzgdN1rRToYSS +a7uMBL5htG7bMGyYsA1cW4zyu1F9NyqyNPOkDvjl5ChU8LEhwcFIJqKwOqlBlzIE +KoJDwHo4MmlklSLeDh+FxTsyEwmraV6iuRPaCfmSusR0TqSVHfFHX+Bn0WfdQKs/ +zK+F3rzTB9sj0GKvYD/SKvpeP8Zuu9EBqo4N7PU3VHwDq5t32Ut/+M5XWtulsQcs +qXr2R3agj/DnODANT6Dn/mJboTrYOSV18S/Yw/+OnWBcLzlT5sj0aLgrtXvIputv +9caux4HklAQr29+lKB8nBTfjhXnBntMaEgqCVJ3ri83MuEfVDhmjwo6PnX22/J0h +2XbCyUECgYEA2v8m+CTBTjdAqOuje34+UiWRzT2P9OFONV8nYgzEcQW5JkUoFCun +KgQQIvjCsX4jY6/8w/IPF1ieTconZYJUWSyMZFtBBDCVif1GZRiiM2C4Zcero1KV +U0V3wZcnYkzafzIHkqFUYZwamvdKWVI4c6F5MhSEKCgcbgKKI52TEokCgYEAzVHr +KjQt+dqNkbipYoGH2ywLdcogDwKoyUFbgcvz/q625gu4am025wF25yRKExm7Dyjx +eCQC+KOsBfJSc78fG5R6KPIDK1JrpUEGSCeqFICiqGv9kUzPf5zeGZVf9cU4tyPT +5wYUEM7NX8VRoasZ4OUvYyYBw1Cx8vMdvQn/gv8CgYAIhxcFYqkEWrJx4XskO+5B +VKUw0MziREO/YE0wTD76B7cF/ntpDaocwLvAIN+z+a13HEtDdhGQXysK7GxMT57p +OgrdfZAykZHBJdOv7B2k0odbr0LHwVd/Pp1DNJecBFId0dzpoM6gXmvKzQZgJAt+ +tTL6+EGNLsKspfyrFl+7wQKBgQDAt2VuJbAJ1xQOdS+4IDCujfbrxp60uCBJVylW ++WK56LAP2WxtqLlhtsQuTKeiqgIkRp/vzo1jZ+0tX7f4oKnIL2NCT3aeESys3g3R +aDmCKQOD5mkJGvmgpFLr3INHoqiLbfuV2uS2qgWnIQRwJLOTnksOWzxIYdPFYGDH +cTz9bQKBgQDGv929DUinrKXe/uKJHLAcq+MjmF/+kZU9yn+svq6SSdplqp7xbXX4 +3T5HCWqD4Sy+PVzGaDg5YfXC8yaFPPfY0/35T2FoQEiCAPQO+07Smg6RqJ3yVpIm +LTsbLleJTc8CX0bI4SukQ7MVQsiHimzyEzx3eyLt1S8aBdJuRFZ2mg== +-----END RSA PRIVATE KEY-----]], + + --[[ + Issuer: C=US, ST=California, L=San Francisco, O=Mashape, OU=Kong, CN=ssl-alt.com + Validity + Not Before: May 24 23:46:58 2017 GMT + Not After : Jun 23 23:46:58 2017 GMT + Subject: C=US, ST=California, L=San Francisco, O=Mashape, OU=Kong, CN=ssl-alt.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (4096 bit) + --]] + cert_alt = [[-----BEGIN CERTIFICATE----- +MIIFXjCCA0YCCQCsb6B5OWdHXDANBgkqhkiG9w0BAQsFADBxMQswCQYDVQQGEwJV +UzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzEQ +MA4GA1UECgwHTWFzaGFwZTENMAsGA1UECwwES29uZzEUMBIGA1UEAwwLc3NsLWFs +dC5jb20wHhcNMTcwNTI0MjM0NjU4WhcNMTcwNjIzMjM0NjU4WjBxMQswCQYDVQQG +EwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNj +bzEQMA4GA1UECgwHTWFzaGFwZTENMAsGA1UECwwES29uZzEUMBIGA1UEAwwLc3Ns +LWFsdC5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC4SEsrn5zj +f2w/mT9zxw9RZJxIo325HPHUV27U1gX5YFnCGdA6znvzd+GzUwohJMFhH7X7k3+g +NhXZlUaxJ01N98QBmNH6GfzAoZexny+QGRU7/jkziQMH1A94yXBxQa5cfg3WA4ti +JaIDZHRTVLDTvONm4a1GUuU6p6aUarZznCzzvkCqPzSBamHMu2jMWmozdVwPQufH +mzJLbNLa7TVjVnalKgAdnXz8Rdnivb8pRVj8ASJU+iGQBCaXRAtRm4Hd0PAdJPXH +6ObregxF0uhwDlHr2FbmdYjWKf6WB5xz18LVreWF07VN5AHsa+H/wMYOpuInmiYt +9Xzl3h8dt8KiFwaMf4jYyNRRyLZhJEM8F7pSAuTLXTcluK79hWhliwO7DFKGbrJY +YDQoLQFX6E0xyfYXXnaNTVuiu9503wwX2+IoomUEFXQ0TJ1+9gBg855Jx6Xw5/Zb +njQS9ayYl5HlGzWKR+Dul13JgDDMYSqvI69tTmL1JOdufopmFUr50C0TPdp2cQlP +gHXhqMbAua+EcpPiBSk9mQ0jY2CpRczos5Ais4TV8r71VEqJgaTVd39tG63/q/ig +XFvoPRzi53/tBWy3cVroEvsajNzObuQcwW7b70AULnp0VFDhrRuAsQ9ULXOi6gMP +K0hyONTdXijtHk6ndEFH9qpYMXQOmpCYtQIDAQABMA0GCSqGSIb3DQEBCwUAA4IC +AQCvuEsqWpgRqLgvfJXgoLRpoeADG3OlY0ikuOaW+dPapbC9WC02Sa0f7Iy6gED7 +8UFGUorZVYKKTuR8SJk27Q/vVKV7Ljtj9mkIRcBPWpePr08qzVBd3xrSONPVwRgU +cORI2xNFaz0NwtKOHZ7MIQ8SJbvlqCHYUrl165eIJIiUF2hyzMv4Ymg8Vb0gwGtG +DEibtQweiMZ17STlZ/q1qW5q9nlEvIUNHb8uno77r+l7LdBNWfSwwme+TQHXfR8q +UzMzLvgKJQzkayaNQI9BD+Ztm0BcYzC72MrHfpTyM3PndbL5Kkws40XZ5bmwgbYn +JsIUW1cGxBUc3+lVVQUO4zpihO5oQXwV5LcMkIfYEc1VA1LfqmveXB8/5bGTsHVX +HVWGNNB6Eb5t+jlGRWE61KU79kw3jBuhG/MXSsjeR3rPX6mqoVMNtPzMuG7V9f+a +bbsKp5oLfDPw1D7x7HgBDH7wlbovXavbF/7gqApdssYqtPqVC9MekYAOhC63tuuP +oBthw0f9wa7vQc50VLSIOAUZbgg3Qpic+abkUpLLqPH2nIp0ffBAZ054+u7GkMwQ +daRqH/ssQmfPQxd1l4x8mynx876bgWrg2y6EJoM1N5zCoA2C1hloDL4EApJHCmP2 +OoLwADN8ov3ctgXUAv9wgYkJHkQ7TO1dRpvuIzXc/oJA1w== +-----END CERTIFICATE-----]], + + key_alt = [[-----BEGIN RSA PRIVATE KEY----- +MIIJKAIBAAKCAgEAuEhLK5+c439sP5k/c8cPUWScSKN9uRzx1Fdu1NYF+WBZwhnQ +Os5783fhs1MKISTBYR+1+5N/oDYV2ZVGsSdNTffEAZjR+hn8wKGXsZ8vkBkVO/45 +M4kDB9QPeMlwcUGuXH4N1gOLYiWiA2R0U1Sw07zjZuGtRlLlOqemlGq2c5ws875A +qj80gWphzLtozFpqM3VcD0Lnx5syS2zS2u01Y1Z2pSoAHZ18/EXZ4r2/KUVY/AEi +VPohkAQml0QLUZuB3dDwHST1x+jm63oMRdLocA5R69hW5nWI1in+lgecc9fC1a3l +hdO1TeQB7Gvh/8DGDqbiJ5omLfV85d4fHbfCohcGjH+I2MjUUci2YSRDPBe6UgLk +y103Jbiu/YVoZYsDuwxShm6yWGA0KC0BV+hNMcn2F152jU1borvedN8MF9viKKJl +BBV0NEydfvYAYPOeScel8Of2W540EvWsmJeR5Rs1ikfg7pddyYAwzGEqryOvbU5i +9STnbn6KZhVK+dAtEz3adnEJT4B14ajGwLmvhHKT4gUpPZkNI2NgqUXM6LOQIrOE +1fK+9VRKiYGk1Xd/bRut/6v4oFxb6D0c4ud/7QVst3Fa6BL7Gozczm7kHMFu2+9A +FC56dFRQ4a0bgLEPVC1zouoDDytIcjjU3V4o7R5Op3RBR/aqWDF0DpqQmLUCAwEA +AQKCAgBn/HtWaWHJSdzWYm5YsYnmPuSlZIQMEdYwIQosVXzXhFQB4DkNBfkRoKMe +YoxDuY7ZdGBnTork58AaoE5cprXLejUDRa2u+D0UodqMYywentjJmqHCf9zS7Qmx ++dFWR17RWFwMWMGtJ1ktmuC9KPwC7wJOyqfRF/O7zmCEPVcpE4aWH9QzfSjuog3/ +zfzL23U0BlRlVDaf/uY5g3XUDahjnqWie3nHPFgLrorNlI6rBjO5OBacZuzLbFwu +XToZ2atFdKIZgAKkxLqRQ7RrLiD1Ik99yvz2XHpThyzekfrpr2WE1/S9OIKFKlUf +iJzliWz5VZgmCqjipDTPLTDXvxq3EJDGbOlsD3eLXGeIufbQY4SqV73rth+0gER4 +m0S7cGjUuUASvtoX0pyxFwlZ3/DISMDKvGDGvx3FlYhDs/8D54C9nuuYXpCflw/g +8+C6uIF4zIcQ4JNI9RKQDlUYCTKiz8klCzXQxVy4HVyPVYWQxXfNYVkyQjf7PxQi +Xr1TwgE2snGjxqfWbuEnqTz2LADGUjtTwwZcOkur3CAAKqd86Keka6ZUaAe8IM+D +xuUDH/v3cH8qb5PDZ2OIoVTJk3DDr2NZ3JOX55UV7AutWFYTCRhX3qNY9aQ8iol7 +AjfMIRzB6uupMgbpCuuAYlvDtSxNK2hPFWlO24ybqh15F8NkoQKCAQEA6UWA5Lgc +E4+b7Yr9vqFqoTlpWmPBvPR1F4GolOOxs2R3pL45Uqc8afgQPXSB/vGH9o4asF6X +8XfqRNyObTzSvbwuOMw1G1lTMPiWVHY2MNs4fZwEoCdVJJSYJorEJlyPRxsZ86xD +ltGsa7RiLUk2IoYrocgrMz6MN03eNET5mVu1eLb59fMSwEoer6CY2n8kE56SvsaK +3ulwaJeKBUWWXsoZ+e7NWx55sPQ/95F2exk9aCGdRUsFMM+vjunIq+7jq5DyL/O0 +Jqe9g4QTGLTT9DydKZhjvPlnW51Ehl42nwoQNSpCwHmR9qfV/lqjU21tnwJ0lAEd +AuVaRyMfyLE/3QKCAQEAyjzalPsVBNL+/9Tl4dabR0VpP00oTl1g8fguke8sE+ay +BKwipAQHoCvFufB/wmTR/H2U7ogGhwUWxkjeJIk44BAqI2wbq4HdKE1Yo2k2QB6m +VkWOqdf47OKupTOhxIeNrRapCQ5r44LVjK7jgvMvbOJ9OGZm+/5IgkoYgRK4jOYk +h89iM3g5bEQ4zgugQP85ghQQ9pwwAy3d/06V2auCJo4pitjluKctB5HtXubTJSMl +axRpVQ8fhtlC8MUpDx1v8OZRkxQIa82VR9v8cUM0Zlw8t1vOz/W8ECzyfJtsFMUC +ykMTTBmpt9+sAXaCR0Mwo3GJABrsSn2z5vGmiKEauQKCAQBoxisKkBcsQgiLPS6T +fPTjzWGgk8XlFPeywy3xEgQyyyFiAX7FvQ/JmP3SXI428E1dVJ5wMUyVzIKQw2/F +aNhPGEK6iB4iVpCjIkSDU0Ur1IsfAACj3obDk2pzhUhs4o4IJggWBn2lNC/5gF/I +b2W9Q/49ACdHMQTRokv3tjNVyndL7QOAkNkPPTtjLwL4wLp3hXXr8klVrgwrLkVz +8LmFgckBFV1vW9TUwiApFlDdIY0PRGnbQcLnFaGI00Cq2PWxjbz6BMAZzKW2eJAL +PM0mmkMM98F0k6D06UJqB88IyABXoM+ym+gPnXrkb9mEE1Z1YSjzgTyCnHlcEk6o +WdSRAoIBACg1bSgNu6IX6UcoJwR9zKWg8Un6pzbdbfbt5yRwrwzN4zr2lnSRsIpx +6YAMhvo5XV6cAU5jkRirNFn8Bt6wwbQawqYESoQQ782hgywKMRUSgvPIJJM0M3O1 +pg+GcnVGli6BwN3iFiVHz/mGlAlnHFjDty3NflA/wF7XKIQRGsw4va6a1uVw08no +znp46UXC+MYaAz1k1E7tgaPPFhAO/3N29F98vD+4TUWiB9XEgtpxYHEnv8F/nj8L +VznTmVQ+ABGfWTyq0PnOCA4feNN0DykC0beK81V5gAifRx7rL9P5T5KzP1T0DUBX +ojUwQLq2aycz3Y89yxkMYQZbqUak8VECggEBAMj0qzxSPrboxNOwKRcpGGhRFscJ +K/4iNG165/q2btZiDZ9BiUO8WZGR8Ww50fZb21fIJBaU+znLaDiY6b4UDc0H4d0H +vt9bkm9BmNkdbHlDR++7XcRIuq1w4EDtgvDqT8oCuW8mWOt+oqnQof3MOO0Z0AbI +Ksbcnvk0qf75vZUVPoPCoIAuex23PxWhewb3BM9ifeRr4EUjWWH9+iJ0ucnGHndq +MRz5bk6HBaxa2Twpa6yra+pobyWhRyU/X40wV7nUs3wd1vZNMjn0i8vXwnT6zdNv +11htsJRdoyo2gXnVNMWN1D+8QTozSXFTTyM2LG4k06Dw3dAl5KHQjKWX+ac= +-----END RSA PRIVATE KEY-----]], + + --[[ + Signature Algorithm: ecdsa-with-SHA256 + Issuer: C = US, ST = California, L = San Francisco, O = Kong, OU = Core, CN = ssl-example.com + Validity + Not Before: Nov 18 16:49:53 2020 GMT + Not After : Sep 3 16:49:53 2294 GMT + --]] + cert_alt_ecdsa = [[-----BEGIN CERTIFICATE----- +MIICOjCCAeGgAwIBAgIUbsAIMsTeD3F1oNLKOyRabSN6O9EwCgYIKoZIzj0EAwIw +cjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDVNh +biBGcmFuY2lzY28xDTALBgNVBAoMBEtvbmcxDTALBgNVBAsMBENvcmUxGDAWBgNV +BAMMD3NzbC1leGFtcGxlLmNvbTAgFw0yMDExMTgxNjQ5NTNaGA8yMjk0MDkwMzE2 +NDk1M1owcjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNV +BAcMDVNhbiBGcmFuY2lzY28xDTALBgNVBAoMBEtvbmcxDTALBgNVBAsMBENvcmUx +GDAWBgNVBAMMD3NzbC1leGFtcGxlLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEH +A0IABCwjAZ7WZIwBJQOER5LB6g554ecpBVUnHKjYq8xiWU2+giX5pg4ros6rf3tv +MMkc3aPYz87B7bwQlZ0Z2NC7iUujUzBRMB0GA1UdDgQWBBQzR6or+QaEVZxXrX5/ +BhgA7y5mjTAfBgNVHSMEGDAWgBQzR6or+QaEVZxXrX5/BhgA7y5mjTAPBgNVHRMB +Af8EBTADAQH/MAoGCCqGSM49BAMCA0cAMEQCIEDzO105JmNu3RLib3DyIZ4TqDTF +/iEr+t+W6+rZqiHuAiBvhIxGlLfkypQa9p4iNKRLmFcEk/S/shQ4d0hzd9SDbg== +-----END CERTIFICATE-----]], + key_alt_ecdsa = [[-----BEGIN EC PRIVATE KEY----- +MHcCAQEEIECo5oNJH83ZUFUm3SfjRHyPyRU5pJ5D1V0zk4KtrlNZoAoGCCqGSM49 +AwEHoUQDQgAELCMBntZkjAElA4RHksHqDnnh5ykFVSccqNirzGJZTb6CJfmmDiui +zqt/e28wyRzdo9jPzsHtvBCVnRnY0LuJSw== +-----END EC PRIVATE KEY-----]], + + --[[ + Issuer: C = US, ST = California, L = San Francico, O = Kong Inc., CN = ssl-alt-alt.com + Validity + Not Before: Nov 18 07:28:56 2018 GMT + Not After : Dec 18 07:28:56 2018 GMT + Subject: C = US, ST = California, L = San Francico, O = Kong Inc., CN = ssl-alt-alt.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + --]] + cert_alt_alt = [[-----BEGIN CERTIFICATE----- +MIIDpDCCAoygAwIBAgIJAIAQMZH+2V26MA0GCSqGSIb3DQEBCwUAMGcxCzAJBgNV +BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQHDAxTYW4gRnJhbmNp +Y28xEjAQBgNVBAoMCUtvbmcgSW5jLjEYMBYGA1UEAwwPc3NsLWFsdC1hbHQuY29t +MB4XDTE4MTExODA3Mjg1NloXDTE4MTIxODA3Mjg1NlowZzELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCkNhbGlmb3JuaWExFTATBgNVBAcMDFNhbiBGcmFuY2ljbzESMBAG +A1UECgwJS29uZyBJbmMuMRgwFgYDVQQDDA9zc2wtYWx0LWFsdC5jb20wggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCngZ5grKAV5bR/FRSkIiR9Y54OWMt +endztlp3scp4vTVci4mMOhsSMkTJSpxOieOWACCKpHksux8kUJjOgJ12p9FrWII4 +SYj3+5R+I8ujD3zmx3IDol8UIFsCuibVhN9FKDcVHySPtNGwIM0NnjuVm2fl79hU +ILNmtOq/GoUbScecaMnKzFZy+VUPXRIdQtHOUUteVdppFrx2EPP+Az9l2CN75CRi +VjwxTA8REkYm9C2okVdj38JodiBnkO1z0aEIlQD8qKgG86C+YF7qTlSzUtoOHvkt +Km+PoKoMlDvcZ/ItXz7b2I+x3jhsnVETGTXV8jHIRncl+o7jKV5H/gxDAgMBAAGj +UzBRMB0GA1UdDgQWBBR2h+rYF8B91WE7tUpeCST8TOQrUjAfBgNVHSMEGDAWgBR2 +h+rYF8B91WE7tUpeCST8TOQrUjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEB +CwUAA4IBAQARP3bVbTHYlB/V6Ws0jvjJtRGs6RkIB8Hvwcn9hltoKpgdRcrkpkCI +50jmipO2ssP5uEhhBuS3D53K3GEYWJJh35MW7iAzJw1+Yn+/00/1nwhoaYvjbxv+ +k5rtGHIR8oj8Uf0ijh+ah508cavls/jotQXqkGkkg3QNDJ/2H+QmxMtAM5VJ/dU9 +66IeVk1e/y4wBMFyCzMQQ/HluLmOXlrhttEgwpcCfm4/dksRPav5nPi75OqabI0V +bpTBKoI0Llp45GWNeQyF9kPV3wTDF0UmzZnkD95hoe4CHZV7dsUGS8YfM9Wv6Cvh +wcqsNL5LjIUJiNuykV2pruOsf5IoCKlG +-----END CERTIFICATE-----]], + + key_alt_alt = [[-----BEGIN PRIVATE KEY----- +MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDCngZ5grKAV5bR +/FRSkIiR9Y54OWMtendztlp3scp4vTVci4mMOhsSMkTJSpxOieOWACCKpHksux8k +UJjOgJ12p9FrWII4SYj3+5R+I8ujD3zmx3IDol8UIFsCuibVhN9FKDcVHySPtNGw +IM0NnjuVm2fl79hUILNmtOq/GoUbScecaMnKzFZy+VUPXRIdQtHOUUteVdppFrx2 +EPP+Az9l2CN75CRiVjwxTA8REkYm9C2okVdj38JodiBnkO1z0aEIlQD8qKgG86C+ +YF7qTlSzUtoOHvktKm+PoKoMlDvcZ/ItXz7b2I+x3jhsnVETGTXV8jHIRncl+o7j +KV5H/gxDAgMBAAECggEBAJhVXTgLZ3EyHimrWs1tuJiXHrdYJBta+tkl6VY7YgJ0 +B6qyxi1u5fWuR01QC10mbW/iFZav+vFaXpvsQk+ROK/B2BgwJW2tkXqZ/7dkiWbP +HrL9dm8Fz2pPkS1nTDJhWOom+kacI+AgZul4I0j/jCAkjoTa4fenyQUho4WGWp3q +GIVcawNfprrXObMUgs+31eps3A/iza7w3eBuH4aR2npW6DtBr3KPwH9H1yBLpOqq +E7vY/oyfndKyMMdJGk9Ql8AN5SA4B/r2t5nw+liRUUxIj+yWf5q5pj2FftBo2Ldn +0JGWKXDUTdniLzK+akynRv5o1GFR0SeK7TLRzASfavECgYEA+nojt54CTglUOPCY +rpoM898SypItYJOhlvE/HlfmsLmRMpkCAIYo7yCtCTdRC9gd9FPxEJIAC/P3MzTa +KlVfwXqlFIC+oflfIkF8I5Zw4JsqqF+aqEY4b2xTLfxnfK5gMID2rRstUVQO1BiE +Jb6KzB/67e1yokGgKLIeGsOkqdcCgYEAxuiTVt1RZzqOKTvKYLd8tANzm+lwD6Dd +kpVl3xZcHEVd/nWfdtR8VZ+V+mbe71Hn7ZX/UBBktLeB6djd0cdd8jIOCkvhW/aw +vLm2VAM7J6H5Up92q9Jtpid+993fbd07d7peO+boMYzPW0f7wqU0PL+ZK9R9FdS2 +cHaTcFvrW3UCgYEA6DRa8FqXoGidn7vMj/FYmKzw6sLhNmsmnpw/+41Z2/PsW4/l +fz7gq+8K+0RA6k4MVvmKveXcDTi6rsoMhrpm7yMX7w37rIVWYJd80jEhq9etkDIx +Wlbe8szlv/gCqF+v5Mdp58kOFhtrM80WlTczzVDIe9JpN2rHY3Lc3csJ2DkCgYEA +hCAHhyLaKNT3i6JAyz/24OiOCdnlaywzImSE18xVgR3+0sE1HM0GjiXEjSF6IsRo +aCREBN3u1zAyZrB8oBVrbS8crnA7EUhrm+FMoL/IsongQKbWQEo2NbF0oJdMDAFx +uBUe9XFreUaMkpjdPi1Y5qVqzHeIY1D5ovjQ9UjJrOUCgYA/GJPhcZbEz4MgokqE +CCWCLF6Ia5fehznO6VrbKZUUklURFIaw6Uc+DIbGpJZZwVt9l7R3x2pJlF1NlaCJ +IqGzqSWne1tW86drBcfSip714wsZOoF8PT6iUCa0LC1sum1P4vS2cnRw8jXwIL6g +gEuhDrQHJ5V1U/Qc1HrqWYH4cA== +-----END PRIVATE KEY-----]], + + --[[ + Signature Algorithm: ecdsa-with-SHA256 + Issuer: C = US, ST = California, L = San Francisco, O = Kong, OU = Core, CN = ssl-alt-alt.com + Validity + Not Before: Nov 25 14:47:53 2020 GMT + Not After : Sep 10 14:47:53 2294 GMT + Subject: C = US, ST = California, L = San Francisco, O = Kong, OU = Core, CN = ssl-alt-alt.com + --]] + cert_alt_alt_ecdsa = [[-----BEGIN CERTIFICATE----- +MIICPDCCAeGgAwIBAgIUUN+dYLgQkk8az6KLufNic5LFKrYwCgYIKoZIzj0EAwIw +cjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDVNh +biBGcmFuY2lzY28xDTALBgNVBAoMBEtvbmcxDTALBgNVBAsMBENvcmUxGDAWBgNV +BAMMD3NzbC1hbHQtYWx0LmNvbTAgFw0yMDExMjUxNDQ3NTNaGA8yMjk0MDkxMDE0 +NDc1M1owcjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNV +BAcMDVNhbiBGcmFuY2lzY28xDTALBgNVBAoMBEtvbmcxDTALBgNVBAsMBENvcmUx +GDAWBgNVBAMMD3NzbC1hbHQtYWx0LmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEH +A0IABKnmBOy/odm9rUNVTz2vMzGtXVnodngWFY7wf2W99aLcDLz32WNg10oYdGKW +MuPCtO6vwWGgOi+/mYSToEU7U0qjUzBRMB0GA1UdDgQWBBQtbY0EZpt9Nlf2spRC +IfphGjYmijAfBgNVHSMEGDAWgBQtbY0EZpt9Nlf2spRCIfphGjYmijAPBgNVHRMB +Af8EBTADAQH/MAoGCCqGSM49BAMCA0kAMEYCIQC7MFmBMdan3DIsgzLDDwTOLkOI ++Vj2qMdBL4XRWt9c6gIhAMAbZ8M3kMTxPuI+bjZ31Zuu+bGg0Quo4EgU8yMmhJLt +-----END CERTIFICATE-----]], + + key_alt_alt_ecdsa = [[-----BEGIN EC PRIVATE KEY----- +MHcCAQEEILefTUI90Vsu3JV1WZVrYgl82HbAICC/9/sMIL6j1RThoAoGCCqGSM49 +AwEHoUQDQgAEqeYE7L+h2b2tQ1VPPa8zMa1dWeh2eBYVjvB/Zb31otwMvPfZY2DX +Shh0YpYy48K07q/BYaA6L7+ZhJOgRTtTSg== +-----END EC PRIVATE KEY-----]], + + --[[ + Issuer: C = US, ST = California, O = Kong Testing, CN = Kong Testing Root CA + Validity + Not Before: May 2 19:34:42 2019 GMT + Not After : Apr 27 19:34:42 2039 GMT + Subject: C = US, ST = California, O = Kong Testing, CN = Kong Testing Root CA + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Key Usage: critical + Digital Signature, Certificate Sign, CRL Sign + --]] + cert_ca = [[-----BEGIN CERTIFICATE----- +MIIFoTCCA4mgAwIBAgIUQDBLwIychoRbVRO44IzBBk9R4oYwDQYJKoZIhvcNAQEL +BQAwWDELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFTATBgNVBAoM +DEtvbmcgVGVzdGluZzEdMBsGA1UEAwwUS29uZyBUZXN0aW5nIFJvb3QgQ0EwHhcN +MTkwNTAyMTkzNDQyWhcNMzkwNDI3MTkzNDQyWjBYMQswCQYDVQQGEwJVUzETMBEG +A1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMS29uZyBUZXN0aW5nMR0wGwYDVQQD +DBRLb25nIFRlc3RpbmcgUm9vdCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCC +AgoCggIBAMp6IggUp3aSNRbLAac8oOkrbUnFuxtlKGYgg8vfA2UU71qTktigdwO6 +Kod0/M+daO3RDqJJXQL2rD14NDO3MaextICanoQSEe+nYyMFUIk+QplXLD3fbshU +nHoJcMS2w0x4cm1os4ebxR2Evndo6luz39ivcjau+BL+9iBAYL1g6+eGOjcSy7ft +1nAMvbxcQ7dmbAH2KP6OmF8cok+eQWVqXEjqtVx5GDMDlj1BjX6Kulmh/vhNi3Hr +NEi+kPrw/YtRgnqnN0sv3NnAyKnantxy7w0TDicFjiBsSIhjB5aUfWYErBR+Nj/m +uumwc/kRJcHWklqDzxrZKCIyOyWcE5Dyjjr46cnF8HxhYwgZcwkmgTtaXOLpBMlo +XUTgOQrWpm9HYg2vOJMMA/ZPUJ2tJ34/4RgiA00EJ5xG8r24suZmT775l+XFLFzp +Ihxvs3BMbrWsXlcZkI5neNk7Q/1jLoBhWeTYjMpUS7bJ/49YVGQZFs3xu2IcLqeD +5WsB1i+EqBAI0jm4vWEynsyX+kS2BqAiDtCsS6WYT2q00DTeP5eIHh/vHsm75jJ+ +yUEb1xFxGnNevLKNTcHUeXxPUnowdC6wqFnaJm7l09qVGDom7tLX9i6MCojgpAP0 +hMpBxzh8jLxHh+zZQdiORSFdYxNnlnWwbic2GUJruiQVLuhpseenAgMBAAGjYzBh +MB0GA1UdDgQWBBQHT/IIheEC2kdBxI/TfGqUxWJw9zAfBgNVHSMEGDAWgBQHT/II +heEC2kdBxI/TfGqUxWJw9zAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB +hjANBgkqhkiG9w0BAQsFAAOCAgEAqXZjy4EltJCRtBmN0ohAHPWqH4ZJQCI2HrM3 +wHB6c4oPWcJ+M2PfmYPUJo9VMjvn4S3sZuAysyoHduvRdGDnElW4wglL1xxpoUOx +FqoZUoYWV8hDFmUTWM5b4CtJxOPdTAd8VgypulM3iUEzBQrjR6tnMOdkiFMOmVag +0/Nnr+Tcfk/crMCx3xsVnisYjJoQBFBH4UY+gWE/V/MS1Sya4/qTbuuCUq+Qym5P +r8TkWAJlg7iVVLbZ2j94VUdpiQPWJEGMtJck/NEmOTruhhQlT7c1u/lqXCGj7uci +LmhLsBVmdtWT9AWS8Rl7Qo5GXbjxKIaP3IM9axhDLm8WHwPRLx7DuIFEc+OBxJhz +wkr0g0yLS0AMZpaC6UGbWX01ed10U01mQ/qPU5uZiB0GvruwsYWZsyL1QXUeqLz3 +/KKrx3XsXjtBu3ZG4LAnwuxfeZCNw9ofg8CqF9c20ko+7tZAv6DCu9UL+2oZnEyQ +CboRDwpnAlQ7qJVSp2xMgunO3xxVMlhD5LZpEJz1lRT0nQV3uuLpMYNM4FS9OW/X +MZSzwHhDdCTDWtc/iRszimOnYYV8Y0ubJcb59uhwcsHmdfnwL9DVO6X5xyzb8wsf +wWaPbub8SN2jKnT0g6ZWuca4VwEo1fRaBkzSZDqXwhkBDWP8UBqLXMXWHdZaT8NK +0NEO74c= +-----END CERTIFICATE-----]], + + key_ca = [[-----BEGIN RSA PRIVATE KEY----- +MIIJKAIBAAKCAgEAynoiCBSndpI1FssBpzyg6SttScW7G2UoZiCDy98DZRTvWpOS +2KB3A7oqh3T8z51o7dEOokldAvasPXg0M7cxp7G0gJqehBIR76djIwVQiT5CmVcs +Pd9uyFSceglwxLbDTHhybWizh5vFHYS+d2jqW7Pf2K9yNq74Ev72IEBgvWDr54Y6 +NxLLt+3WcAy9vFxDt2ZsAfYo/o6YXxyiT55BZWpcSOq1XHkYMwOWPUGNfoq6WaH+ ++E2Lces0SL6Q+vD9i1GCeqc3Sy/c2cDIqdqe3HLvDRMOJwWOIGxIiGMHlpR9ZgSs +FH42P+a66bBz+RElwdaSWoPPGtkoIjI7JZwTkPKOOvjpycXwfGFjCBlzCSaBO1pc +4ukEyWhdROA5Ctamb0diDa84kwwD9k9Qna0nfj/hGCIDTQQnnEbyvbiy5mZPvvmX +5cUsXOkiHG+zcExutaxeVxmQjmd42TtD/WMugGFZ5NiMylRLtsn/j1hUZBkWzfG7 +Yhwup4PlawHWL4SoEAjSObi9YTKezJf6RLYGoCIO0KxLpZhParTQNN4/l4geH+8e +ybvmMn7JQRvXEXEac168so1NwdR5fE9SejB0LrCoWdombuXT2pUYOibu0tf2LowK +iOCkA/SEykHHOHyMvEeH7NlB2I5FIV1jE2eWdbBuJzYZQmu6JBUu6Gmx56cCAwEA +AQKCAgBh8MQHbp42r7B4bwhEsgIP5868kaXZMYxiIjY+ZojI22CQSrQMj0oihmnO +Dhu//Z9k8ewHOj+AkHtuXHe70FB3knECiEhHEEqWxzwgE5EKYhBrBgzDfRGkW7E5 +ItnmfZVopxaKr8uvu/yUM8LCFgDPDOopcWxo4SfkYGoD3cAtuvVBj98XBsN+G9DP +cIpS07p5u1RheoYH5Ef2Me6dXqq5eMJdDxNdQMIg4wpIZS4hWM+dTcv8pd3e4+vt +iCivCeVK/8mCtOH9P5Cv0B4Ac1zGu93AUEhXPcurCVXoiyZ/gyJJN9dZLlflfyFI +qu7eOpot8jHnEL0cepB8Qhn0LlQTuv6rjJqmnl3tJA3S6rcM/mOjihkk1uo7JdDK +vH498XR5qZPDlXZ8PVu3nI5EgXpmFIcCBuuVFS5QI63NZ32YqoGYXK37K7C9lQsL +L/iR+YpwuQqDmM+UEETjBCIMKvxghFH0ICR041yg9tkjRhNKCAGc6n70wQDUq57s +jjZmTQ4ZydxCsWVjLo7fCcoyQ9B7IUGPUUn8WavPUwtz1kG6VK7RDGa0KtgCD0vc +iEwbWi9uwkZdoZdHcB8qLgCPjMGgRJLOyJ67xQ0RP+r+WkhUAjYcaucFonyyBhtv +OrqNyEM3SEpgrzgttyyg+dP/cDvPbp4NXoxKAMyd8c7mjPploQKCAQEA+BL/qxLe +LTKwe3TKpjAeyTB2iOxoWjtCqe3/xKbTS32Tn/VGwqhXyNeh+FTRhQu7fg5iL2C2 +JCOdYXWxRYIBwUh4HfApkgYzznUAU2vOh653MzW6LsOtDdgYF2cijN1ZFcbRTGpw +eoA6U/cijuglwpTHF7zmRd9rSsv+PZ/fTDgY82MOdeaOUwyKuVyPUpNWfqSwxPd9 +tWEdOYjgq1llPbl1mktR0gYHIdHcSr1By7kmFw3/TQuic5Nm+FDidtfJYO36xFI1 +/CfwGVYeH42iul+KzdlITLAMRm2PAcWFjvxpw78T+xeUNpZlnZSgCIjtpfjywmXb +uQvJoMMEX5PN1wKCAQEA0PIx4sgXiwqASa/foBB0Tk5jG3QWxucpqnLJURZeRqLQ +BmF4WRrjs5V2y6iizegIcNmL0ZfwFBU79HwtAgFiTELLQL2xivhpMVjXL7QHeE4r +A/9+49iO8wu8W/hwKxCDdGqXKyCKtW9b1yfUVB09j29GtApcV9v8KCTmDwYGrHI0 +DcEMtNLUbJvUeWFYFadJNFKxbsBtJPJIrYaiIyv2sL+Y3tZrYES72tTAYhMFwd0r +9ooL5Ufrpuh4pHOxxA0Sh0EVUhNmyoq/ZJZ5wia+WB5NXBSD9JbciC5M4J8BMl/u +Bx5RZbJSoAktYiOzev//6NHUmXsDjg3Kh9P48JVasQKCAQBVjt/k1bYQ6pmZirdV +x+TmSLOpF7gJ3sRoLTB4V30qXR4sHgEQo9Ta7RvstPwqIdjBah6M7pMDNdFSyq+g +JG2Mhvz+flUoCsGVZB7/pn/tpctwuwgClvQ5gR0V/TkaUkEmVJLdAxzV8yGq0eJ2 +XTSgvoVH95uH3712Z5LBGEGAXRyl3LUhDqpplDrIIVdBCJXdSdm5pQ4TH3Jf5Ihw +MH3NYwhfdbi7cd7F2EZc9Jcbtzie3PH/VZLqv5zU6bihelz29Dz3ts7tr6yMYHo1 +Mbk9BDSwOE9KO7GQHLskxkYBAadMnrs6b3Brv0U+qwLizq7//jNjvpOgZ6Nbscbx +W92zAoIBAQCNCK17cavSgggNtNSw6epXYLmssjMdlrKdBlW0kfCYpRTc+bWOD4Ra +lyxUU0Nw0InCAlVJ59B4/cw2PgrzK5P5/avLyz6nmv0F/f1hiZbxMXH/hNlVWbtD +ekxtl8e+iarxTXEz/wchaEUJeSzsicAfrPCAXe3ur+IIBr/yrBKdG4jfL8sv0o7n +sFc+huI522yiEJ8LLn99TLyZxCJ0sxwUOX8qCnj3xe02zBv/Fu/v5yXhh1R4Mo9x +XcDw39bBikFTYi7N86KSXAzMDHWrAxO/ztRQrthSo/G/SeFCTJE2O2IjE+fFSRRU +SV2EvKxM/bbyo49o+YtwuwZVoFKLsYRBAoIBADaL9sx49XTHIIFGqEQP7NLEhs7D +eJgSKP5oQ54J0iaoVpsoxng8DrTBkMVW75hiWzTW75EJnMXrauo/YfAbvsMM//3e +BfRWvYpS5xKcHmXg2QJxy2VpvElHLg5Y2lligEZhO+5Sm2OG/hixBmiFvEvxPEB8 +8YIvYKcRAGA/HgDY9hGWSNsBP7qDXWP5kRm8qnB6zn33TVZMsXwUv6TP0cwsBKf7 +XDbnPBpOQK9nicehY7oscy9yTB9Q3bUHecYLY822ueCwaJgwJWFUH+Xe4u6xIH5l +A/IyIfyOqxjUc34Me+37ehNmbTIxZ1BqLddppm9QsSAD7cDMurfb3pRpju4= +-----END RSA PRIVATE KEY-----]], +} diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/stress_generator.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/stress_generator.lua new file mode 100644 index 00000000..dab93e6d --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/stress_generator.lua @@ -0,0 +1,151 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local stress_generator = {} +stress_generator.__index = stress_generator + + +local cjson = require "cjson" +local pl_file = require "pl.file" +local pl_path = require "pl.path" +local uuid = require "resty.jit-uuid" + + +local fmt = string.format +local tmp_root = os.getenv("TMPDIR") or "/tmp" + + +-- we need this to get random UUIDs +math.randomseed(os.time()) + + +local attack_cmds = { + ["http"] = "GET http://%s:%d%s", +} + + +function stress_generator.is_running(self) + if self.finish_time == nil or self.finish_time <= os.time() then + return false + end + + return true +end + + +function stress_generator.get_results(self) + if self.results ~= nil then + return self.results + end + + if self.results_filename == nil then + return nil, "stress_generator was not run yet" + end + + if stress_generator:is_running() then + return nil, "stress_generator results not available yet" + end + + local report_cmd = fmt("vegeta report -type=json %s 2>&1", self.results_filename) + local report_pipe = io.popen(report_cmd) + local output = report_pipe:read('*all') + report_pipe:close() + + if pl_path.exists(self.results_filename) then + pl_file.delete(self.results_filename) + end + + + local vegeta_results = cjson.decode(output) + local results = { + ["successes"] = 0, + ["remote_failures"] = 0, + ["proxy_failures"] = 0, + ["failures"] = 0, + } + + vegeta_results.status_codes = vegeta_results.status_codes or {} + + for status, count in pairs(vegeta_results.status_codes) do + if status == "200" then + results.successes = count + elseif status == "502" or status == "504" then + results.remote_failures = results.remote_failures + count + results.failures = results.failures + count + elseif status == "500" or status == "503" then + results.proxy_failures = results.proxy_failures + count + results.failures = results.failures + count + else + results.failures = results.failures + count + end + end + + self.results = results + + if self.debug then + -- show pretty results + local report_cmd = fmt("vegeta report %s 2>&1", self.results_filename) + local report_pipe = io.popen(report_cmd) + local output = report_pipe:read('*all') + report_pipe:close() + print(output) + end + + return self.results +end + + +function stress_generator.run(self, uri, headers, duration, rate) + if stress_generator:is_running() then + return nil, "already running" + end + + self.results_filename = fmt("%s/vegeta_%s", tmp_root, uuid()) + + duration = duration or 1 + rate = rate or 100 + local attack_cmd = fmt(attack_cmds[self.protocol], self.host, self.port, uri) + local req_headers = "" + + for name, value in pairs(headers) do + req_headers = fmt("-header=%s:%s %s", name, value, req_headers) + end + + local vegeta_cmd = fmt( + "echo %s | vegeta attack %s -rate=%d -duration=%ds -workers=%d -timeout=5s -output=%s", + attack_cmd, req_headers, rate, duration, self.workers, self.results_filename) + + self.pipe = io.popen(vegeta_cmd) + -- we will rely on vegeta's duration + self.finish_time = os.time() + duration +end + + +function stress_generator.new(protocol, host, port, workers, debug) + if io.popen == nil then + error("stress_generator is not supported in this platform", 2) + end + + local self = setmetatable({}, stress_generator) + + protocol = protocol or "http" + + if protocol ~= "http" then + error("stress_generator supports only http") + end + + self.debug = debug == true + self.host = host or "127.0.0.1" + self.port = port or "80" + self.protocol = protocol + self.workers = workers or 10 + + return self +end + + +return stress_generator diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/to-strip.conf b/kong-versions/2.8.4.3/kong/spec/fixtures/to-strip.conf new file mode 100644 index 00000000..635afdcb --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/to-strip.conf @@ -0,0 +1,11 @@ +database = cassandra # strip me +log_level = debug # strip this + # comment too +pg_ssl = off # Toggles client-server TLS connections + # between Kong and PostgreSQL. + +pg_password = test\#123 # do not strip an escaped octothorpe + +cassandra_data_centers = dc1:2, dc2:3 , dc3:4 + +plugins = foobar,hello-world diff --git a/kong-versions/2.8.4.3/kong/spec/fixtures/valid-module.lua b/kong-versions/2.8.4.3/kong/spec/fixtures/valid-module.lua new file mode 100644 index 00000000..51c53187 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/fixtures/valid-module.lua @@ -0,0 +1,15 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +-- Valid module (exposing data and having a global variable) for utils.load_module_if_exists unit tests. +-- Assert that load_module_if_exists returns a module if it was valid + +local _M = { + exposed = "All your base are belong to us." +} + +return _M diff --git a/kong-versions/2.8.4.3/kong/spec/helpers.lua b/kong-versions/2.8.4.3/kong/spec/helpers.lua new file mode 100644 index 00000000..d37609a2 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/helpers.lua @@ -0,0 +1,3278 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +------------------------------------------------------------------ +-- Collection of utilities to help testing Kong features and plugins. +-- +-- @copyright Copyright 2016-2022 Kong Inc. All rights reserved. +-- @license [Apache 2.0](https://opensource.org/licenses/Apache-2.0) +-- @module spec.helpers + +local BIN_PATH = "bin/kong" +local TEST_CONF_PATH = os.getenv("KONG_SPEC_TEST_CONF_PATH") or "spec/kong_tests.conf" +local CUSTOM_PLUGIN_PATH = "./spec/fixtures/custom_plugins/?.lua" +-- XXX EE custom plugins for enterprise tests +local CUSTOM_EE_PLUGIN_PATH = "./spec-ee/fixtures/custom_plugins/?.lua;./spec-ee/fixtures/custom_plugins/?/init.lua" +local CUSTOM_VAULT_PATH = "./spec/fixtures/custom_vaults/?.lua;./spec/fixtures/custom_vaults/?/init.lua" +local DNS_MOCK_LUA_PATH = "./spec/fixtures/mocks/lua-resty-dns/?.lua" +local GO_PLUGIN_PATH = "./spec/fixtures/go" +local GRPC_TARGET_SRC_PATH = "./spec/fixtures/grpc/target/" +local MOCK_UPSTREAM_PROTOCOL = "http" +local MOCK_UPSTREAM_SSL_PROTOCOL = "https" +local MOCK_UPSTREAM_HOST = "127.0.0.1" +local MOCK_UPSTREAM_HOSTNAME = "localhost" +local MOCK_UPSTREAM_PORT = 15555 +local MOCK_UPSTREAM_SSL_PORT = 15556 +local MOCK_UPSTREAM_STREAM_PORT = 15557 +local MOCK_UPSTREAM_STREAM_SSL_PORT = 15558 +local MOCK_GRPC_UPSTREAM_PROTO_PATH = "./spec/fixtures/grpc/hello.proto" +local BLACKHOLE_HOST = "10.255.255.255" +local KONG_VERSION = require("kong.meta")._VERSION +local PLUGINS_LIST + +local consumers_schema_def = require "kong.db.schema.entities.consumers" +local services_schema_def = require "kong.db.schema.entities.services" +local plugins_schema_def = require "kong.db.schema.entities.plugins" +local routes_schema_def = require "kong.db.schema.entities.routes" +local prefix_handler = require "kong.cmd.utils.prefix_handler" +local dc_blueprints = require "spec.fixtures.dc_blueprints" +local conf_loader = require "kong.conf_loader" +local kong_global = require "kong.global" +local Blueprints = require "spec.fixtures.blueprints" +local pl_stringx = require "pl.stringx" +local constants = require "kong.constants" +local pl_tablex = require "pl.tablex" +local pl_utils = require "pl.utils" +local pl_path = require "pl.path" +local pl_file = require "pl.file" +local version = require "version" +local pl_dir = require "pl.dir" +local pl_Set = require "pl.Set" +local Schema = require "kong.db.schema" +local Entity = require "kong.db.schema.entity" +local cjson = require "cjson.safe" +local utils = require "kong.tools.utils" +local http = require "resty.http" +local nginx_signals = require "kong.cmd.utils.nginx_signals" +local log = require "kong.cmd.utils.log" +local DB = require "kong.db" +local singletons = require "kong.singletons" +local ffi = require "ffi" +local invoke_plugin = require "kong.enterprise_edition.invoke_plugin" +local portal_router = require "kong.portal.router" +local rbac = require "kong.rbac" +local ssl = require "ngx.ssl" +local ws_client = require "resty.websocket.client" +local table_clone = require "table.clone" +local https_server = require "spec.fixtures.https_server" +local stress_generator = require "spec.fixtures.stress_generator" +local resty_signal = require "resty.signal" +local lfs = require "lfs" + +-- XXX EE +local dist_constants = require "kong.enterprise_edition.distributions_constants" +local kong_vitals = require "kong.vitals" +-- EE + +ffi.cdef [[ + int setenv(const char *name, const char *value, int overwrite); + int unsetenv(const char *name); +]] + + +local kong_exec -- forward declaration + + +log.set_lvl(log.levels.quiet) -- disable stdout logs in tests + +-- Add to package path so dao helpers can insert custom plugins +-- (while running from the busted environment) +do + local paths = {} + table.insert(paths, os.getenv("KONG_LUA_PACKAGE_PATH")) + table.insert(paths, CUSTOM_PLUGIN_PATH) + -- XXX EE custom plugins for enterprise tests + table.insert(paths, CUSTOM_EE_PLUGIN_PATH) + table.insert(paths, CUSTOM_VAULT_PATH) + table.insert(paths, package.path) + package.path = table.concat(paths, ";") +end + +--- Returns the OpenResty version. +-- Extract the current OpenResty version in use and returns +-- a numerical representation of it. +-- Ex: `1.11.2.2` -> `11122` +-- @function openresty_ver_num +local function openresty_ver_num() + local nginx_bin = assert(nginx_signals.find_nginx_bin()) + local _, _, _, stderr = pl_utils.executeex(string.format("%s -V", nginx_bin)) + + local a, b, c, d = string.match(stderr or "", "openresty/(%d+)%.(%d+)%.(%d+)%.(%d+)") + if not a then + error("could not execute 'nginx -V': " .. stderr) + end + + return tonumber(a .. b .. c .. d) +end + +--- Unindent a multi-line string for proper indenting in +-- square brackets. +-- @function unindent +-- @usage +-- local u = helpers.unindent +-- +-- u[[ +-- hello world +-- foo bar +-- ]] +-- +-- -- will return: "hello world\nfoo bar" +local function unindent(str, concat_newlines, spaced_newlines) + str = string.match(str, "(.-%S*)%s*$") + if not str then + return "" + end + + local level = math.huge + local prefix = "" + local len + + str = str:match("^%s") and "\n" .. str or str + for pref in str:gmatch("\n(%s+)") do + len = #prefix + + if len < level then + level = len + prefix = pref + end + end + + local repl = concat_newlines and "" or "\n" + repl = spaced_newlines and " " or repl + + return (str:gsub("^\n%s*", ""):gsub("\n" .. prefix, repl):gsub("\n$", ""):gsub("\\r", "\r")) +end + + +--- Set an environment variable +-- @function setenv +-- @param env (string) name of the environment variable +-- @param value the value to set +-- @return true on success, false otherwise +local function setenv(env, value) + assert(type(env) == "string", "env must be a string") + assert(type(value) == "string", "value must be a string") + return ffi.C.setenv(env, value, 1) == 0 +end + + +--- Unset an environment variable +-- @function unsetenv +-- @param env (string) name of the environment variable +-- @return true on success, false otherwise +local function unsetenv(env) + assert(type(env) == "string", "env must be a string") + return ffi.C.unsetenv(env) == 0 +end + + +--- Write a yaml file. +-- @function make_yaml_file +-- @param content (string) the yaml string to write to the file, if omitted the +-- current database contents will be written using `kong config db_export`. +-- @param filename (optional) if not provided, a temp name will be created +-- @return filename of the file written +local function make_yaml_file(content, filename) + local filename = filename or pl_path.tmpname() .. ".yml" + if content then + local fd = assert(io.open(filename, "w")) + assert(fd:write(unindent(content))) + assert(fd:write("\n")) -- ensure last line ends in newline + assert(fd:close()) + else + assert(kong_exec("config db_export --conf "..TEST_CONF_PATH.." "..filename)) + end + return filename +end + + +--------------- +-- Conf and DAO +--------------- +local conf = assert(conf_loader(TEST_CONF_PATH)) + +_G.kong = kong_global.new() +kong_global.init_pdk(_G.kong, conf, nil) -- nil: latest PDK +ngx.ctx.KONG_PHASE = kong_global.phases.access +_G.kong.core_cache = { + get = function(self, key, opts, func, ...) + if key == constants.CLUSTER_ID_PARAM_KEY then + return "123e4567-e89b-12d3-a456-426655440000" + end + + return func(...) + end +} + +local db = assert(DB.new(conf)) +assert(db:init_connector()) +db.plugins:load_plugin_schemas(conf.loaded_plugins) +db.vaults:load_vault_schemas(conf.loaded_vaults) +local blueprints = assert(Blueprints.new(db)) +local dcbp +local config_yml + + +kong.db = db +singletons.db = db + + +local cache + +--- Gets the ml_cache instance. +-- @function get_cache +-- @param db the database object +-- @return ml_cache instance +local function get_cache(db) + if not cache then + local worker_events = assert(kong_global.init_worker_events()) + local cluster_events = assert(kong_global.init_cluster_events(conf, db)) + cache = assert(kong_global.init_cache(conf, + cluster_events, + worker_events + )) + end + + return cache +end + + +kong.cache = get_cache(db) +singletons.cache = kong.cache + +cache._busted_hooked = false + +local function clear_cache_on_file_end(file) + if _G.kong and + _G.kong.cache and + _G.kong.cache.mlcache and + _G.kong.cache.mlcache.lru and + _G.kong.cache.mlcache.lru.free_queue and + _G.kong.cache.mlcache.lru.cache_queue + then + _G.kong.cache.mlcache.lru.free_queue = nil + _G.kong.cache.mlcache.lru.cache_queue = nil + end +end + +local function register_busted_hook(opts) + local busted = require("busted") + if not cache or cache._busted_hooked then + return + end + + cache._busted_hooked = true + + busted.subscribe({'file', 'end' }, clear_cache_on_file_end) +end + +register_busted_hook() + +local vitals +local function get_vitals(db) + if not vitals then + vitals = kong_vitals.new({ + db = db, + ttl_seconds = 3600, + ttl_minutes = 24 * 60, + ttl_days = 30, + }) + end + + return vitals +end + +kong.vitals = get_vitals(db) + +--- Iterator over DB strategies. +-- @function each_strategy +-- @param strategies (optional string array) explicit list of strategies to use, +-- defaults to `{ "postgres", "cassandra" }`. +-- @see all_strategies +-- @usage +-- -- repeat all tests for each strategy +-- for _, strategy_name in helpers.each_strategy() do +-- describe("my test set [#" .. strategy .. "]", function() +-- +-- -- add your tests here +-- +-- end) +-- end +local function each_strategy() -- luacheck: ignore -- required to trick ldoc into processing for docs +end + +--- Iterator over all strategies, the DB ones and the DB-less one. +-- To test with DB-less, check the example. +-- @function all_strategies +-- @param strategies (optional string array) explicit list of strategies to use, +-- defaults to `{ "postgres", "cassandra", "off" }`. +-- @see each_strategy +-- @see make_yaml_file +-- @usage +-- -- example of using DB-less testing +-- +-- -- use "all_strategies" to iterate over; "postgres", "cassandra", "off" +-- for _, strategy in helpers.all_strategies() do +-- describe(PLUGIN_NAME .. ": (access) [#" .. strategy .. "]", function() +-- +-- lazy_setup(function() +-- +-- -- when calling "get_db_utils" with "strategy=off", we still use +-- -- "postgres" so we can write the test setup to the database. +-- local bp = helpers.get_db_utils( +-- strategy == "off" and "postgres" or strategy, +-- nil, { PLUGIN_NAME }) +-- +-- -- Inject a test route, when "strategy=off" it will still be written +-- -- to Postgres. +-- local route1 = bp.routes:insert({ +-- hosts = { "test1.com" }, +-- }) +-- +-- -- start kong +-- assert(helpers.start_kong({ +-- -- set the strategy +-- database = strategy, +-- nginx_conf = "spec/fixtures/custom_nginx.template", +-- plugins = "bundled," .. PLUGIN_NAME, +-- +-- -- The call to "make_yaml_file" will write the contents of +-- -- the database to a temporary file, which filename is returned. +-- -- But only when "strategy=off". +-- declarative_config = strategy == "off" and helpers.make_yaml_file() or nil, +-- +-- -- the below lines can be omitted, but are just to prove that the test +-- -- really runs DB-less despite that Postgres was used as intermediary +-- -- storage. +-- pg_host = strategy == "off" and "unknownhost.konghq.com" or nil, +-- cassandra_contact_points = strategy == "off" and "unknownhost.konghq.com" or nil, +-- })) +-- end) +-- +-- ... rest of your test file +local function all_strategies() -- luacheck: ignore -- required to trick ldoc into processing for docs +end + +do + local def_db_strategies = {"postgres", "cassandra"} + local def_all_strategies = {"postgres", "cassandra", "off"} + local env_var = os.getenv("KONG_DATABASE") + if env_var then + def_db_strategies = { env_var } + def_all_strategies = { env_var } + end + local db_available_strategies = pl_Set(def_db_strategies) + local all_available_strategies = pl_Set(def_all_strategies) + + local function iter(strategies, i) + i = i + 1 + local strategy = strategies[i] + if strategy then + return i, strategy + end + end + + each_strategy = function(strategies) + if not strategies then + return iter, def_db_strategies, 0 + end + + for i = #strategies, 1, -1 do + if not db_available_strategies[strategies[i]] then + table.remove(strategies, i) + end + end + return iter, strategies, 0 + end + + all_strategies = function(strategies) + if not strategies then + return iter, def_all_strategies, 0 + end + + for i = #strategies, 1, -1 do + if not all_available_strategies[strategies[i]] then + table.remove(strategies, i) + end + end + return iter, strategies, 0 + end +end + +local function truncate_tables(db, tables) + if not tables then + return + end + + for _, t in ipairs(tables) do + if db[t] and db[t].schema and not db[t].schema.legacy then + db[t]:truncate() + end + end +end + +local function bootstrap_database(db) + local schema_state = assert(db:schema_state()) + if schema_state.needs_bootstrap then + assert(db:schema_bootstrap()) + end + + if schema_state.new_migrations then + assert(db:run_migrations(schema_state.new_migrations, { + run_up = true, + run_teardown = true, + })) + end +end + +--- Gets the database utility helpers and prepares the database for a testrun. +-- This will a.o. bootstrap the datastore and truncate the existing data that +-- migth be in it. The BluePrint returned can be used to create test entities +-- in the database. +-- @function get_db_utils +-- @param strategy (optional) the database strategy to use, will default to the +-- strategy in the test configuration. +-- @param tables (optional) tables to truncate, this can be used to accelarate +-- tests if only a few tables are used. By default all tables will be truncated. +-- @param plugins (optional) array of plugins to mark as loaded. Since kong will load all the bundled plugins by default, this is useful for mostly for marking custom plugins as loaded. +-- @return BluePrint, DB +-- @usage +-- local PLUGIN_NAME = "my_fancy_plugin" +-- local bp = helpers.get_db_utils("postgres", nil, { PLUGIN_NAME }) +-- +-- -- Inject a test route. No need to create a service, there is a default +-- -- service which will echo the request. +-- local route1 = bp.routes:insert({ +-- hosts = { "test1.com" }, +-- }) +-- -- add the plugin to test to the route we created +-- bp.plugins:insert { +-- name = PLUGIN_NAME, +-- route = { id = route1.id }, +-- config = {}, +-- } +local function get_db_utils(strategy, tables, plugins, vaults) + strategy = strategy or conf.database + if tables ~= nil and type(tables) ~= "table" then + error("arg #2 must be a list of tables to truncate", 2) + end + if plugins ~= nil and type(plugins) ~= "table" then + error("arg #3 must be a list of plugins to enable", 2) + end + + if plugins then + for _, plugin in ipairs(plugins) do + conf.loaded_plugins[plugin] = true + end + end + + if vaults ~= nil and type(vaults) ~= "table" then + error("arg #4 must be a list of vaults to enable", 2) + end + + if vaults then + for _, vault in ipairs(vaults) do + conf.loaded_vaults[vault] = true + end + end + + -- Clean workspaces from the context - otherwise, migrations will fail, + -- as some of them have dao calls + -- If `no_truncate` is falsey, `dao:truncate` and `db:truncate` are called, + -- and these set the workspace back again to the new `default` workspace + ngx.ctx.workspace = nil + + -- DAO (DB module) + local db = assert(DB.new(conf, strategy)) + assert(db:init_connector()) + + bootstrap_database(db) + + do + local database = conf.database + conf.database = strategy + conf.database = database + end + + db:truncate("plugins") + assert(db.plugins:load_plugin_schemas(conf.loaded_plugins)) + assert(db.vaults:load_vault_schemas(conf.loaded_vaults)) + + -- XXX EE + singletons.invoke_plugin = invoke_plugin.new { + loaded_plugins = db.plugins:get_handlers(), + kong_global = kong_global, + } + + -- cleanup the tags table, since it will be hacky and + -- not necessary to implement "truncate trigger" in Cassandra + db:truncate("tags") + + -- initialize portal router + singletons.portal_router = portal_router.new(db) + + _G.kong.db = db + + -- cleanup tables + if not tables then + assert(db:truncate()) + + else + tables[#tables + 1] = "workspaces" + truncate_tables(db, tables) + end + + -- blueprints + local bp + if strategy ~= "off" then + bp = assert(Blueprints.new(db)) + dcbp = nil + else + bp = assert(dc_blueprints.new(db)) + dcbp = bp + end + + if plugins then + for _, plugin in ipairs(plugins) do + conf.loaded_plugins[plugin] = false + end + end + + rbac.register_dao_hooks(db) + + if vaults then + for _, vault in ipairs(vaults) do + conf.loaded_vaults[vault] = false + end + end + + if strategy ~= "off" then + local workspaces = require "kong.workspaces" + workspaces.upsert_default(db) + end + + -- calculation can only happen here because this function + -- initializes the kong.db instance + PLUGINS_LIST = assert(kong.db.plugins:get_handlers()) + table.sort(PLUGINS_LIST, function(a, b) + return a.name:lower() < b.name:lower() + end) + + PLUGINS_LIST = pl_tablex.map(function(p) + return { name = p.name, version = p.handler.VERSION, } + end, PLUGINS_LIST) + + return bp, db +end + +----------------- +-- Custom helpers +----------------- +local resty_http_proxy_mt = setmetatable({}, { __index = http }) +resty_http_proxy_mt.__index = resty_http_proxy_mt + +local pack = function(...) return { n = select("#", ...), ... } end +local unpack = function(t) return unpack(t, 1, t.n) end + +--- Prints all returned parameters. +-- Simple debugging aid, it will pass all received parameters, hence will not +-- influence the flow of the code. See also `fail`. +-- @function intercept +-- @see fail +-- @usage -- modify +-- local a,b = some_func(c,d) +-- -- into +-- local a,b = intercept(some_func(c,d)) +local function intercept(...) + local args = pack(...) + print(require("pl.pretty").write(args)) + return unpack(args) +end + + +-- Prepopulate Schema's cache +Schema.new(consumers_schema_def) +Schema.new(services_schema_def) +Schema.new(routes_schema_def) + +local plugins_schema = assert(Entity.new(plugins_schema_def)) + + +--- Validate a plugin configuration against a plugin schema. +-- @function validate_plugin_config_schema +-- @param config The configuration to validate. This is not the full schema, +-- only the `config` sub-object needs to be passed. +-- @param schema_def The schema definition +-- @return the validated schema, or nil+error +local function validate_plugin_config_schema(config, schema_def) + assert(plugins_schema:new_subschema(schema_def.name, schema_def)) + local entity = { + id = utils.uuid(), + name = schema_def.name, + config = config + } + local entity_to_insert, err = plugins_schema:process_auto_fields(entity, "insert") + if err then + return nil, err + end + local _, err = plugins_schema:validate_insert(entity_to_insert) + if err then return + nil, err + end + return entity_to_insert +end + + +-- Case insensitive lookup function, returns the value and the original key. Or +-- if not found nil and the search key +-- @usage -- sample usage +-- local test = { SoMeKeY = 10 } +-- print(lookup(test, "somekey")) --> 10, "SoMeKeY" +-- print(lookup(test, "NotFound")) --> nil, "NotFound" +local function lookup(t, k) + local ok = k + if type(k) ~= "string" then + return t[k], k + else + k = k:lower() + end + for key, value in pairs(t) do + if tostring(key):lower() == k then + return value, key + end + end + return nil, ok +end + + + +--- http_client. +-- An http-client class to perform requests. +-- +-- * Based on [lua-resty-http](https://github.com/pintsized/lua-resty-http) but +-- with some modifications +-- +-- * Additional convenience methods will be injected for the following methods; +-- "get", "post", "put", "patch", "delete". Each of these methods comes with a +-- built-in assert. The signature of the functions is `client:get(path, opts)`. +-- +-- * Body will be formatted according to the "Content-Type" header, see `http_client:send`. +-- +-- * Query parameters will be added, see `http_client:send`. +-- +-- @section http_client +-- @usage +-- -- example usage of the client +-- local client = helpers.get_proxy_client() +-- -- no need to check for `nil+err` since it is already wrapped in an assert +-- +-- local opts = { +-- headers = { +-- ["My-Header"] = "my header value" +-- } +-- } +-- local result = client:get("/services/foo", opts) +-- -- the 'get' is wrapped in an assert, so again no need to check for `nil+err` + + +--- Send a http request. +-- Based on [lua-resty-http](https://github.com/pintsized/lua-resty-http). +-- +-- * If `opts.body` is a table and "Content-Type" header contains +-- `application/json`, `www-form-urlencoded`, or `multipart/form-data`, then it +-- will automatically encode the body according to the content type. +-- +-- * If `opts.query` is a table, a query string will be constructed from it and +-- appended to the request path (assuming none is already present). +-- +-- * instead of this generic function there are also shortcut functions available +-- for every method, eg. `client:get`, `client:post`, etc. See `http_client`. +-- +-- @function http_client:send +-- @param opts table with options. See [lua-resty-http](https://github.com/pintsized/lua-resty-http) +function resty_http_proxy_mt:send(opts) + local cjson = require "cjson" + local utils = require "kong.tools.utils" + + opts = opts or {} + + -- build body + local headers = opts.headers or {} + local content_type, content_type_name = lookup(headers, "Content-Type") + content_type = content_type or "" + local t_body_table = type(opts.body) == "table" + if string.find(content_type, "application/json") and t_body_table then + opts.body = cjson.encode(opts.body) + elseif string.find(content_type, "www-form-urlencoded", nil, true) and t_body_table then + opts.body = utils.encode_args(opts.body, true, opts.no_array_indexes) + elseif string.find(content_type, "multipart/form-data", nil, true) and t_body_table then + local form = opts.body + local boundary = "8fd84e9444e3946c" + local body = "" + + for k, v in pairs(form) do + body = body .. "--" .. boundary .. "\r\nContent-Disposition: form-data; name=\"" .. k .. "\"\r\n\r\n" .. tostring(v) .. "\r\n" + end + + if body ~= "" then + body = body .. "--" .. boundary .. "--\r\n" + end + + local clength = lookup(headers, "content-length") + if not clength and not opts.dont_add_content_length then + headers["content-length"] = #body + end + + if not content_type:find("boundary=") then + headers[content_type_name] = content_type .. "; boundary=" .. boundary + end + + opts.body = body + end + + -- build querystring (assumes none is currently in 'opts.path') + if type(opts.query) == "table" then + local qs = utils.encode_args(opts.query) + opts.path = opts.path .. "?" .. qs + opts.query = nil + end + + local res, err = self:request(opts) + if res then + -- wrap the read_body() so it caches the result and can be called multiple + -- times + local reader = res.read_body + res.read_body = function(self) + if not self._cached_body and not self._cached_error then + self._cached_body, self._cached_error = reader(self) + end + return self._cached_body, self._cached_error + end + end + + return res, err +end + +-- Implements http_client:get("path", [options]), as well as post, put, etc. +-- These methods are equivalent to calling http_client:send, but are shorter +-- They also come with a built-in assert +for _, method_name in ipairs({"get", "post", "put", "patch", "delete"}) do + resty_http_proxy_mt[method_name] = function(self, path, options) + local full_options = kong.table.merge({ method = method_name:upper(), path = path}, options) + return assert(self:send(full_options)) + end +end + + +--- Creates a http client from options. +-- Instead of using this client, you'll probably want to use the pre-configured +-- clients available as `proxy_client`, `admin_client`, etc. because these come +-- pre-configured and connected to the underlying Kong test instance. +-- +-- @function http_client_opts +-- @param options connection and other options +-- @return http client +-- @see http_client:send +-- @see proxy_client +-- @see proxy_ssl_client +-- @see admin_client +-- @see admin_ssl_client +local function http_client_opts(options) + if not options.scheme then + options = utils.deep_copy(options) + options.scheme = "http" + if options.port == 443 then + options.scheme = "https" + else + options.scheme = "http" + end + end + + local self = setmetatable(assert(http.new()), resty_http_proxy_mt) + local _, err = self:connect(options) + if err then + error("Could not connect to " .. options.host or "unknown" .. ":" .. options.port or "unknown" .. ": " .. err) + end + + if options.connect_timeout and + options.send_timeout and + options.read_timeout + then + self:set_timeouts(options.connect_timeout, options.send_timeout, options.read_timeout) + else + self:set_timeout(options.timeout or 10000) + end + + return self +end + + +--- Creates a http client. +-- Instead of using this client, you'll probably want to use the pre-configured +-- clients available as `proxy_client`, `admin_client`, etc. because these come +-- pre-configured and connected to the underlying Kong test instance. +-- +-- @function http_client +-- @param host hostname to connect to +-- @param port port to connect to +-- @param timeout in seconds +-- @return http client +-- @see http_client:send +-- @see proxy_client +-- @see proxy_ssl_client +-- @see admin_client +-- @see admin_ssl_client +local function http_client(host, port, timeout) + if type(host) == "table" then + return http_client_opts(host) + end + + return http_client_opts({ + host = host, + port = port, + timeout = timeout, + }) +end + + +--- Returns the proxy port. +-- @function get_proxy_port +-- @param ssl (boolean) if `true` returns the ssl port +-- @param http2 (boolean) if `true` returns the http2 port +local function get_proxy_port(ssl, http2) + if ssl == nil then ssl = false end + for _, entry in ipairs(conf.proxy_listeners) do + if entry.ssl == ssl and (http2 == nil or entry.http2 == http2) then + return entry.port + end + end + error("No proxy port found for ssl=" .. tostring(ssl), 2) +end + + +--- Returns the proxy ip. +-- @function get_proxy_ip +-- @param ssl (boolean) if `true` returns the ssl ip address +-- @param http2 (boolean) if `true` returns the http2 ip address +local function get_proxy_ip(ssl, http2) + if ssl == nil then ssl = false end + for _, entry in ipairs(conf.proxy_listeners) do + if entry.ssl == ssl and (http2 == nil or entry.http2 == http2) then + return entry.ip + end + end + error("No proxy ip found for ssl=" .. tostring(ssl), 2) +end + + +--- returns a pre-configured `http_client` for the Kong proxy port. +-- @function proxy_client +-- @param timeout (optional, number) the timeout to use +-- @param forced_port (optional, number) if provided will override the port in +-- the Kong configuration with this port +local function proxy_client(timeout, forced_port) + local proxy_ip = get_proxy_ip(false) + local proxy_port = get_proxy_port(false) + assert(proxy_ip, "No http-proxy found in the configuration") + return http_client_opts({ + scheme = "http", + host = proxy_ip, + port = forced_port or proxy_port, + timeout = timeout or 60000, + }) +end + + +--- returns a pre-configured `http_client` for the Kong SSL proxy port. +-- @function proxy_ssl_client +-- @param timeout (optional, number) the timeout to use +-- @param sni (optional, string) the sni to use +local function proxy_ssl_client(timeout, sni) + local proxy_ip = get_proxy_ip(true, true) + local proxy_port = get_proxy_port(true, true) + assert(proxy_ip, "No https-proxy found in the configuration") + local client = http_client_opts({ + scheme = "https", + host = proxy_ip, + port = proxy_port, + timeout = timeout or 60000, + ssl_verify = false, + ssl_server_name = sni, + }) + return client +end + + +--- returns a pre-configured `http_client` for the Kong admin port. +-- @function admin_client +-- @param timeout (optional, number) the timeout to use +-- @param forced_port (optional, number) if provided will override the port in +-- the Kong configuration with this port +local function admin_client(timeout, forced_port) + local admin_ip, admin_port + for _, entry in ipairs(conf.admin_listeners) do + if entry.ssl == false then + admin_ip = entry.ip + admin_port = entry.port + end + end + assert(admin_ip, "No http-admin found in the configuration") + return http_client_opts({ + scheme = "http", + host = admin_ip, + port = forced_port or admin_port, + timeout = timeout or 60000 + }) +end + +--- returns a pre-configured `http_client` for the Kong admin SSL port. +-- @function admin_ssl_client +-- @param timeout (optional, number) the timeout to use +local function admin_ssl_client(timeout) + local admin_ip, admin_port + for _, entry in ipairs(conf.proxy_listeners) do + if entry.ssl == true then + admin_ip = entry.ip + admin_port = entry.port + end + end + assert(admin_ip, "No https-admin found in the configuration") + local client = http_client_opts({ + scheme = "https", + host = admin_ip, + port = admin_port, + timeout = timeout or 60000, + }) + return client +end + + +---------------- +-- HTTP2 and GRPC clients +-- @section Shell-helpers + + +-- Generate grpcurl flags from a table of `flag-value`. If `value` is not a +-- string, value is ignored and `flag` is passed as is. +local function gen_grpcurl_opts(opts_t) + local opts_l = {} + + for opt, val in pairs(opts_t) do + if val ~= false then + opts_l[#opts_l + 1] = opt .. " " .. (type(val) == "string" and val or "") + end + end + + return table.concat(opts_l, " ") +end + + +--- Creates an HTTP/2 client, based on the lua-http library. +-- @function http2_client +-- @param host hostname to connect to +-- @param port port to connect to +-- @param tls boolean indicating whether to establish a tls session +-- @return http2 client +local function http2_client(host, port, tls) + local host = assert(host) + local port = assert(port) + tls = tls or false + + -- if Kong/lua-pack is loaded, unload it first + -- so lua-http can use implementation from compat53.string + package.loaded.string.unpack = nil + package.loaded.string.pack = nil + + local request = require "http.request" + local req = request.new_from_uri({ + scheme = tls and "https" or "http", + host = host, + port = port, + }) + req.version = 2 + req.tls = tls + + if tls then + local http_tls = require "http.tls" + local openssl_ctx = require "openssl.ssl.context" + local n_ctx = http_tls.new_client_context() + n_ctx:setVerify(openssl_ctx.VERIFY_NONE) + req.ctx = n_ctx + end + + local meta = getmetatable(req) or {} + + meta.__call = function(req, opts) + local headers = opts and opts.headers + local timeout = opts and opts.timeout + + for k, v in pairs(headers or {}) do + req.headers:upsert(k, v) + end + + local headers, stream = req:go(timeout) + local body = stream:get_body_as_string() + return body, headers + end + + return setmetatable(req, meta) +end + + +--- returns a pre-configured cleartext `http2_client` for the Kong proxy port. +-- @function proxy_client_h2c +-- @return http2 client +local function proxy_client_h2c() + local proxy_ip = get_proxy_ip(false, true) + local proxy_port = get_proxy_port(false, true) + assert(proxy_ip, "No http-proxy found in the configuration") + return http2_client(proxy_ip, proxy_port) +end + + +--- returns a pre-configured TLS `http2_client` for the Kong SSL proxy port. +-- @function proxy_client_h2 +-- @return http2 client +local function proxy_client_h2() + local proxy_ip = get_proxy_ip(true, true) + local proxy_port = get_proxy_port(true, true) + assert(proxy_ip, "No https-proxy found in the configuration") + return http2_client(proxy_ip, proxy_port, true) +end + +local exec -- forward declaration + +--- Creates a gRPC client, based on the grpcurl CLI. +-- @function grpc_client +-- @param host hostname to connect to +-- @param port port to connect to +-- @param opts table with options supported by grpcurl +-- @return grpc client +local function grpc_client(host, port, opts) + local host = assert(host) + local port = assert(tostring(port)) + + opts = opts or {} + if not opts["-proto"] then + opts["-proto"] = MOCK_GRPC_UPSTREAM_PROTO_PATH + end + + return setmetatable({ + opts = opts, + cmd_template = string.format("bin/grpcurl %%s %s:%s %%s", host, port) + + }, { + __call = function(t, args) + local service = assert(args.service) + local body = args.body + + local t_body = type(body) + if t_body ~= "nil" then + if t_body == "table" then + body = cjson.encode(body) + end + + args.opts["-d"] = string.format("'%s'", body) + end + + local opts = gen_grpcurl_opts(pl_tablex.merge(t.opts, args.opts, true)) + local ok, _, out, err = exec(string.format(t.cmd_template, opts, service), true) + + if ok then + return ok, ("%s%s"):format(out or "", err or "") + else + return nil, ("%s%s"):format(out or "", err or "") + end + end + }) +end + + +--- returns a pre-configured `grpc_client` for the Kong proxy port. +-- @function proxy_client_grpc +-- @param host hostname to connect to +-- @param port port to connect to +-- @return grpc client +local function proxy_client_grpc(host, port) + local proxy_ip = host or get_proxy_ip(false, true) + local proxy_port = port or get_proxy_port(false, true) + assert(proxy_ip, "No http-proxy found in the configuration") + return grpc_client(proxy_ip, proxy_port, {["-plaintext"] = true}) +end + +--- returns a pre-configured `grpc_client` for the Kong SSL proxy port. +-- @function proxy_client_grpcs +-- @param host hostname to connect to +-- @param port port to connect to +-- @return grpc client +local function proxy_client_grpcs(host, port) + local proxy_ip = host or get_proxy_ip(true, true) + local proxy_port = port or get_proxy_port(true, true) + assert(proxy_ip, "No https-proxy found in the configuration") + return grpc_client(proxy_ip, proxy_port, {["-insecure"] = true}) +end + + +--- +-- TCP/UDP server helpers +-- +-- @section servers + + +--- Starts a local TCP server. +-- Accepts a single connection (or multiple, if given `opts.requests`) +-- and then closes, echoing what was received (last read, in case +-- of multiple requests). +-- +-- +-- Options: +-- +-- * `opts.timeout`: time after which the server exits, defaults to 360 seconds. +-- +-- * `opts.requests`: the number of requests to accept, before exiting. Default 1. +-- +-- * `opts.tls`: boolean, make it a ssl server if truthy. +-- +-- * `opts.prefix`: string, a prefix to add to the echoed data received. +-- @function tcp_server +-- @param port (number) The port where the server will be listening on +-- @param opts (table) options defining the server's behavior +-- @return A thread object (from the `llthreads2` Lua package) +-- @see kill_tcp_server +local function tcp_server(port, opts) + local threads = require "llthreads2.ex" + opts = opts or {} + local thread = threads.new({ + function(port, opts) + local socket = require "socket" + local server = assert(socket.tcp()) + server:settimeout(opts.timeout or 60) + assert(server:setoption("reuseaddr", true)) + assert(server:bind("*", port)) + assert(server:listen()) + local line + local oks, fails = 0, 0 + local handshake_done = false + local n = opts.requests or 1 + for _ = 1, n + 1 do + local client, err + if opts.timeout then + client, err = server:accept() + if err == "timeout" then + line = "timeout" + break + + else + assert(client, err) + end + + else + client = assert(server:accept()) + end + + if opts.tls and handshake_done then + local ssl = require "spec.helpers.ssl" + + local params = { + mode = "server", + protocol = "any", + key = "spec/fixtures/kong_spec.key", + certificate = "spec/fixtures/kong_spec.crt", + } + + client = assert(ssl.wrap(client, params)) + client:dohandshake() + end + + line, err = client:receive() + if err == "closed" then + fails = fails + 1 + + else + if not handshake_done then + assert(line == "\\START") + client:send("\\OK\n") + handshake_done = true + + else + if line == "@DIE@" then + client:send(string.format("%d:%d\n", oks, fails)) + client:close() + break + end + + oks = oks + 1 + + client:send((opts.prefix or "") .. line .. "\n") + end + + client:close() + end + end + server:close() + return line + end + }, port, opts) + + local thr = thread:start() + + -- not necessary for correctness because we do the handshake, + -- but avoids harmless "connection error" messages in the wait loop + -- in case the client is ready before the server below. + ngx.sleep(0.001) + + local sock = ngx.socket.tcp() + sock:settimeout(0.01) + while true do + if sock:connect("localhost", port) then + sock:send("\\START\n") + local ok = sock:receive() + sock:close() + if ok == "\\OK" then + break + end + end + end + sock:close() + + return thr +end + + +--- Stops a local TCP server. +-- A server previously created with `tcp_server` can be stopped prematurely by +-- calling this function. +-- @function kill_tcp_server +-- @param port the port the TCP server is listening on. +-- @return oks, fails; the number of successes and failures processed by the server +-- @see tcp_server +local function kill_tcp_server(port) + local sock = ngx.socket.tcp() + assert(sock:connect("localhost", port)) + assert(sock:send("@DIE@\n")) + local str = assert(sock:receive()) + assert(sock:close()) + local oks, fails = str:match("(%d+):(%d+)") + return tonumber(oks), tonumber(fails) +end + + +--- Starts a local HTTP server. +-- Accepts a single connection and then closes. Sends a 200 ok, 'Connection: +-- close' response. +-- If the request received has path `/delay` then the response will be delayed +-- by 2 seconds. +-- @function http_server +-- @param `port` The port the server will be listening on +-- @return A thread object (from the `llthreads2` Lua package) +local function http_server(port, ...) + local threads = require "llthreads2.ex" + local thread = threads.new({ + function(port) + local socket = require "socket" + local server = assert(socket.tcp()) + assert(server:setoption('reuseaddr', true)) + assert(server:bind("*", port)) + assert(server:listen()) + local client = assert(server:accept()) + + local lines = {} + local line, err + while #lines < 7 do + line, err = client:receive() + if err then + break + else + table.insert(lines, line) + end + end + + if #lines > 0 and lines[1] == "GET /delay HTTP/1.0" then + ngx.sleep(2) + end + + if err then + server:close() + error(err) + end + + client:send("HTTP/1.1 200 OK\r\nConnection: close\r\n\r\n") + client:close() + server:close() + return lines + end + }, port) + + return thread:start(...) +end + + +--- Starts a local UDP server. +-- Reads the specified number of packets and then closes. +-- The server-thread return values depend on `n`: +-- +-- * `n = 1`; returns the received packet (string), or `nil + err` +-- +-- * `n > 1`; returns `data + err`, where `data` will always be a table with the +-- received packets. So `err` must explicitly be checked for errors. +-- @function udp_server +-- @param `port` The port the server will be listening on (default `MOCK_UPSTREAM_PORT`) +-- @param `n` The number of packets that will be read (default 1) +-- @param `timeout` Timeout per read (default 360) +-- @return A thread object (from the `llthreads2` Lua package) +local function udp_server(port, n, timeout) + local threads = require "llthreads2.ex" + + local thread = threads.new({ + function(port, n, timeout) + local socket = require "socket" + local server = assert(socket.udp()) + server:settimeout(timeout or 360) + server:setoption("reuseaddr", true) + server:setsockname("127.0.0.1", port) + local err + local data = {} + local handshake_done = false + local i = 0 + while i < n do + local pkt, rport + pkt, err, rport = server:receivefrom() + if not pkt then + break + end + if pkt == "KONG_UDP_HELLO" then + if not handshake_done then + handshake_done = true + server:sendto("KONG_UDP_READY", "127.0.0.1", rport) + end + else + i = i + 1 + data[i] = pkt + err = nil -- upon succes it would contain the remote ip address + end + end + server:close() + return (n > 1 and data or data[1]), err + end + }, port or MOCK_UPSTREAM_PORT, n or 1, timeout) + thread:start() + + local socket = require "socket" + local handshake = socket.udp() + handshake:settimeout(0.01) + handshake:setsockname("127.0.0.1", 0) + while true do + handshake:sendto("KONG_UDP_HELLO", "127.0.0.1", port) + local data = handshake:receive() + if data == "KONG_UDP_READY" then + break + end + end + handshake:close() + + return thread +end + +-------------------- +-- Custom assertions +-- +-- @section assertions + +local say = require "say" +local luassert = require "luassert.assert" + + +--- Waits until a specific condition is met. +-- The check function will repeatedly be called (with a fixed interval), until +-- the condition is met. Throws an error on timeout. +-- +-- NOTE: this is a regular Lua function, not a Luassert assertion. +-- @function wait_until +-- @param f check function that should return `truthy` when the condition has +-- been met +-- @param timeout (optional) maximum time to wait after which an error is +-- thrown, defaults to 5. +-- @param step (optional) interval between checks, defaults to 0.05. +-- @return nothing. It returns when the condition is met, or throws an error +-- when it times out. +-- @usage +-- -- wait 10 seconds for a file "myfilename" to appear +-- helpers.wait_until(function() return file_exist("myfilename") end, 10) +local function wait_until(f, timeout, step) + if type(f) ~= "function" then + error("arg #1 must be a function", 2) + end + + if timeout ~= nil and type(timeout) ~= "number" then + error("arg #2 must be a number", 2) + end + + if step ~= nil and type(step) ~= "number" then + error("arg #3 must be a number", 2) + end + + ngx.update_time() + + timeout = timeout or 5 + step = step or 0.05 + + local tstart = ngx.time() + local texp = tstart + timeout + local ok, res, err + + repeat + ok, res, err = pcall(f) + ngx.sleep(step) + ngx.update_time() + until not ok or res or ngx.time() >= texp + + if not ok then + -- report error from `f`, such as assert gone wrong + error(tostring(res), 2) + elseif not res and err then + -- report a failure for `f` to meet its condition + -- and eventually an error return value which could be the cause + error("wait_until() timeout: " .. tostring(err) .. " (after delay: " .. timeout .. "s)", 2) + elseif not res then + -- report a failure for `f` to meet its condition + error("wait_until() timeout (after delay " .. timeout .. "s)", 2) + end +end + + +--- Waits until no Lua error occurred +-- The check function will repeatedly be called (with a fixed interval), until +-- there is no Lua error occurred +-- +-- NOTE: this is a regular Lua function, not a Luassert assertion. +-- @function pwait_until +-- @param f check function +-- @param timeout (optional) maximum time to wait after which an error is +-- thrown, defaults to 5. +-- @param step (optional) interval between checks, defaults to 0.05. +-- @return nothing. It returns when the condition is met, or throws an error +-- when it times out. +local function pwait_until(f, timeout, step) + wait_until(function() + return pcall(f) + end, timeout, step) +end + + +--- Waits for invalidation of a cached key by polling the mgt-api +-- and waiting for a 404 response. Throws an error on timeout. +-- +-- NOTE: this is a regular Lua function, not a Luassert assertion. +-- @function wait_for_invalidation +-- @param key (string) the cache-key to check +-- @param timeout (optional) in seconds (for default see `wait_until`). +-- @return nothing. It returns when the key is invalidated, or throws an error +-- when it times out. +-- @usage +-- local cache_key = "abc123" +-- helpers.wait_for_invalidation(cache_key, 10) +local function wait_for_invalidation(key, timeout) + -- TODO: this code is duplicated all over the codebase, + -- search codebase for "/cache/" endpoint + local api_client = admin_client() + wait_until(function() + local res = api_client:get("/cache/" .. key) + res:read_body() + return res.status == 404 + end, timeout) +end + + +--- Waits for a file to meet a certain condition +-- The check function will repeatedly be called (with a fixed interval), until +-- there is no Lua error occurred +-- +-- NOTE: this is a regular Lua function, not a Luassert assertion. +-- @function wait_for_file +-- @tparam string mode one of: +-- +-- "file", "directory", "link", "socket", "named pipe", "char device", "block device", "other" +-- +-- @tparam string path the file path +-- @tparam[opt=10] number timeout maximum seconds to wait +local function wait_for_file(mode, path, timeout) + pwait_until(function() + local result, err = lfs.attributes(path, "mode") + local msg = string.format("failed to wait for the mode (%s) of '%s': %s", + mode, path, tostring(err)) + assert(result == mode, msg) + end, timeout or 10) +end + + +local wait_for_file_contents +do + --- Wait until a file exists and is non-empty. + -- + -- If, after the timeout is reached, the file does not exist, is not + -- readable, or is empty, an assertion error will be raised. + -- + -- @function wait_for_file_contents + -- @param fname the filename to wait for + -- @param timeout (optional) maximum time to wait after which an error is + -- thrown, defaults to 10. + -- @return contents the file contents, as a string + function wait_for_file_contents(fname, timeout) + assert(type(fname) == "string", + "filename must be a string") + + timeout = timeout or 10 + assert(type(timeout) == "number" and timeout >= 0, + "timeout must be nil or a number >= 0") + + local data = pl_file.read(fname) + if data and #data > 0 then + return data + end + + pcall(wait_until, function() + data = pl_file.read(fname) + return data and #data > 0 + end, timeout) + + assert(data, "file (" .. fname .. ") does not exist or is not readable" + .. " after " .. tostring(timeout) .. " seconds") + + assert(#data > 0, "file (" .. fname .. ") exists but is empty after " .. + tostring(timeout) .. " seconds") + + return data + end +end + + +--- Generic modifier "response". +-- Will set a "response" value in the assertion state, so following +-- assertions will operate on the value set. +-- @function response +-- @param response_obj results from `http_client:send` function (or any of the +-- shortcuts `client:get`, `client:post`, etc). +-- @usage +-- local res = client:get("/request", { .. request options here ..}) +-- local response_length = assert.response(res).has.header("Content-Length") +local function modifier_response(state, arguments, level) + assert(arguments.n > 0, + "response modifier requires a response object as argument") + + local res = arguments[1] + + assert(type(res) == "table" and type(res.read_body) == "function", + "response modifier requires a response object as argument, got: " .. tostring(res)) + + rawset(state, "kong_response", res) + rawset(state, "kong_request", nil) + + return state +end +luassert:register("modifier", "response", modifier_response) + + +--- Generic modifier "request". +-- Will set a "request" value in the assertion state, so following +-- assertions will operate on the value set. +-- +-- The request must be inside a 'response' from the `mock_upstream`. If a request +-- is send to the `mock_upstream` endpoint `"/request"`, it will echo the request +-- received in the body of the response. +-- @function request +-- @param response_obj results from `http_client:send` function (or any of the +-- shortcuts `client:get`, `client:post`, etc). +-- @usage +-- local res = client:post("/request", { +-- headers = { ["Content-Type"] = "application/json" }, +-- body = { hello = "world" }, +-- }) +-- local request_length = assert.request(res).has.header("Content-Length") +local function modifier_request(state, arguments, level) + local generic = "The assertion 'request' modifier takes a http response" + .. " object as input to decode the json-body returned by" + .. " mock_upstream, to retrieve the proxied request." + + local res = arguments[1] + + assert(type(res) == "table" and type(res.read_body) == "function", + "Expected a http response object, got '" .. tostring(res) .. "'. " .. generic) + + local body, request, err + body = assert(res:read_body()) + request, err = cjson.decode(body) + + assert(request, "Expected the http response object to have a json encoded body," + .. " but decoding gave error '" .. tostring(err) .. "'. Obtained body: " + .. body .. "\n." .. generic) + + + if lookup((res.headers or {}),"X-Powered-By") ~= "mock_upstream" then + error("Could not determine the response to be from mock_upstream") + end + + rawset(state, "kong_request", request) + rawset(state, "kong_response", nil) + + return state +end +luassert:register("modifier", "request", modifier_request) + + +--- Generic fail assertion. A convenience function for debugging tests, always +-- fails. It will output the values it was called with as a table, with an `n` +-- field to indicate the number of arguments received. See also `intercept`. +-- @function fail +-- @param ... any set of parameters to be displayed with the failure +-- @see intercept +-- @usage +-- assert.fail(some, value) +local function fail(state, args) + local out = {} + for k,v in pairs(args) do out[k] = v end + args[1] = out + args.n = 1 + return false +end +say:set("assertion.fail.negative", [[ +Fail assertion was called with the following parameters (formatted as a table); +%s +]]) +luassert:register("assertion", "fail", fail, + "assertion.fail.negative", + "assertion.fail.negative") + + +--- Assertion to check whether a value lives in an array. +-- @function contains +-- @param expected The value to search for +-- @param array The array to search for the value +-- @param pattern (optional) If truthy, then `expected` is matched as a Lua string +-- pattern +-- @return the array index at which the value was found +-- @usage +-- local arr = { "one", "three" } +-- local i = assert.contains("one", arr) --> passes; i == 1 +-- local i = assert.contains("two", arr) --> fails +-- local i = assert.contains("ee$", arr, true) --> passes; i == 2 +local function contains(state, args) + local expected, arr, pattern = unpack(args) + local found + for i = 1, #arr do + if (pattern and string.match(arr[i], expected)) or arr[i] == expected then + found = i + break + end + end + return found ~= nil, {found} +end +say:set("assertion.contains.negative", [[ +Expected array to contain element. +Expected to contain: +%s +]]) +say:set("assertion.contains.positive", [[ +Expected array to not contain element. +Expected to not contain: +%s +]]) +luassert:register("assertion", "contains", contains, + "assertion.contains.negative", + "assertion.contains.positive") + +local deep_sort do + local function deep_compare(a, b) + if a == nil then + a = "" + end + + if b == nil then + b = "" + end + + deep_sort(a) + deep_sort(b) + + if type(a) ~= type(b) then + return type(a) < type(b) + end + + if type(a) == "table" then + return deep_compare(a[1], b[1]) + end + + return a < b + end + + function deep_sort(t) + if type(t) == "table" then + for _, v in pairs(t) do + deep_sort(v) + end + table.sort(t, deep_compare) + end + + return t + end +end + + +--- Assertion to check the status-code of a http response. +-- @function status +-- @param expected the expected status code +-- @param response (optional) results from `http_client:send` function, +-- alternatively use `response`. +-- @return the response body as a string, for a json body see `jsonbody`. +-- @usage +-- local res = assert(client:send { .. your request params here .. }) +-- local body = assert.has.status(200, res) -- or alternativly +-- local body = assert.response(res).has.status(200) -- does the same +local function res_status(state, args) + assert(not rawget(state, "kong_request"), + "Cannot check statuscode against a request object," + .. " only against a response object") + + local expected = args[1] + local res = args[2] or rawget(state, "kong_response") + + assert(type(expected) == "number", + "Expected response code must be a number value. Got: " .. tostring(expected)) + assert(type(res) == "table" and type(res.read_body) == "function", + "Expected a http_client response. Got: " .. tostring(res)) + + if expected ~= res.status then + local body, err = res:read_body() + if not body then body = "Error reading body: " .. err end + table.insert(args, 1, pl_stringx.strip(body)) + table.insert(args, 1, res.status) + table.insert(args, 1, expected) + args.n = 3 + + if res.status == 500 then + -- on HTTP 500, we can try to read the server's error logs + -- for debugging purposes (very useful for travis) + local str = pl_file.read(conf.nginx_err_logs) + if not str then + return false -- no err logs to read in this prefix + end + + local str_t = pl_stringx.splitlines(str) + local first_line = #str_t - math.min(60, #str_t) + 1 + local msg_t = {"\nError logs (" .. conf.nginx_err_logs .. "):"} + for i = first_line, #str_t do + msg_t[#msg_t+1] = str_t[i] + end + + table.insert(args, 4, table.concat(msg_t, "\n")) + args.n = 4 + end + + return false + else + local body, err = res:read_body() + local output = body + if not output then output = "Error reading body: " .. err end + output = pl_stringx.strip(output) + table.insert(args, 1, output) + table.insert(args, 1, res.status) + table.insert(args, 1, expected) + args.n = 3 + return true, {pl_stringx.strip(body)} + end +end +say:set("assertion.res_status.negative", [[ +Invalid response status code. +Status expected: +%s +Status received: +%s +Body: +%s +%s]]) +say:set("assertion.res_status.positive", [[ +Invalid response status code. +Status not expected: +%s +Status received: +%s +Body: +%s +%s]]) +luassert:register("assertion", "status", res_status, + "assertion.res_status.negative", "assertion.res_status.positive") +luassert:register("assertion", "res_status", res_status, + "assertion.res_status.negative", "assertion.res_status.positive") + + +--- Checks and returns a json body of an http response/request. Only checks +-- validity of the json, does not check appropriate headers. Setting the target +-- to check can be done through the `request` and `response` modifiers. +-- +-- For a non-json body, see the `status` assertion. +-- @function jsonbody +-- @return the decoded json as a table +-- @usage +-- local res = assert(client:send { .. your request params here .. }) +-- local json_table = assert.response(res).has.jsonbody() +local function jsonbody(state, args) + assert(args[1] == nil and rawget(state, "kong_request") or rawget(state, "kong_response"), + "the `jsonbody` assertion does not take parameters. " .. + "Use the `response`/`require` modifiers to set the target to operate on") + + if rawget(state, "kong_response") then + local body = rawget(state, "kong_response"):read_body() + local json, err = cjson.decode(body) + if not json then + table.insert(args, 1, "Error decoding: " .. tostring(err) .. "\nResponse body:" .. body) + args.n = 1 + return false + end + return true, {json} + + else + local r = rawget(state, "kong_request") + if r.post_data + and (r.post_data.kind == "json" or r.post_data.kind == "json (error)") + and r.post_data.params + then + local pd = r.post_data + return true, { { params = pd.params, data = pd.text, error = pd.error, kind = pd.kind } } + + else + error("No json data found in the request") + end + end +end +say:set("assertion.jsonbody.negative", [[ +Expected response body to contain valid json. Got: +%s +]]) +say:set("assertion.jsonbody.positive", [[ +Expected response body to not contain valid json. Got: +%s +]]) +luassert:register("assertion", "jsonbody", jsonbody, + "assertion.jsonbody.negative", + "assertion.jsonbody.positive") + + +--- Asserts that a named header in a `headers` subtable exists. +-- Header name comparison is done case-insensitive. +-- @function header +-- @param name header name to look for (case insensitive). +-- @see response +-- @see request +-- @return value of the header +-- @usage +-- local res = client:get("/request", { .. request options here ..}) +-- local resp_header_value = assert.response(res).has.header("Content-Length") +-- local req_header_value = assert.request(res).has.header("Content-Length") +local function res_header(state, args) + local header = args[1] + local res = args[2] or rawget(state, "kong_request") or rawget(state, "kong_response") + assert(type(res) == "table" and type(res.headers) == "table", + "'header' assertion input does not contain a 'headers' subtable") + local value = lookup(res.headers, header) + table.insert(args, 1, res.headers) + table.insert(args, 1, header) + args.n = 2 + if not value then + return false + end + return true, {value} +end +say:set("assertion.res_header.negative", [[ +Expected header: +%s +But it was not found in: +%s +]]) +say:set("assertion.res_header.positive", [[ +Did not expected header: +%s +But it was found in: +%s +]]) +luassert:register("assertion", "header", res_header, + "assertion.res_header.negative", + "assertion.res_header.positive") + + +--- +-- An assertion to look for a query parameter in a query string. +-- Parameter name comparison is done case-insensitive. +-- @function queryparam +-- @param name name of the query parameter to look up (case insensitive) +-- @return value of the parameter +-- @usage +-- local res = client:get("/request", { +-- query = { hello = "world" }, +-- }) +-- local param_value = assert.request(res).has.queryparam("hello") +local function req_query_param(state, args) + local param = args[1] + local req = rawget(state, "kong_request") + assert(req, "'queryparam' assertion only works with a request object") + local params + if type(req.uri_args) == "table" then + params = req.uri_args + + else + error("No query parameters found in request object") + end + local value = lookup(params, param) + table.insert(args, 1, params) + table.insert(args, 1, param) + args.n = 2 + if not value then + return false + end + return true, {value} +end +say:set("assertion.req_query_param.negative", [[ +Expected query parameter: +%s +But it was not found in: +%s +]]) +say:set("assertion.req_query_param.positive", [[ +Did not expected query parameter: +%s +But it was found in: +%s +]]) +luassert:register("assertion", "queryparam", req_query_param, + "assertion.req_query_param.negative", + "assertion.req_query_param.positive") + + +--- +-- Adds an assertion to look for a urlencoded form parameter in a request. +-- Parameter name comparison is done case-insensitive. Use the `request` modifier to set +-- the request to operate on. +-- @function formparam +-- @param name name of the form parameter to look up (case insensitive) +-- @return value of the parameter +-- @usage +-- local r = assert(proxy_client:post("/request", { +-- body = { +-- hello = "world", +-- }, +-- headers = { +-- host = "mock_upstream", +-- ["Content-Type"] = "application/x-www-form-urlencoded", +-- }, +-- }) +-- local value = assert.request(r).has.formparam("hello") +-- assert.are.equal("world", value) +local function req_form_param(state, args) + local param = args[1] + local req = rawget(state, "kong_request") + assert(req, "'formparam' assertion can only be used with a mock_upstream request object") + + local value + if req.post_data + and (req.post_data.kind == "form" or req.post_data.kind == "multipart-form") + then + value = lookup(req.post_data.params or {}, param) + else + error("Could not determine the request to be from either mock_upstream") + end + + table.insert(args, 1, req) + table.insert(args, 1, param) + args.n = 2 + if not value then + return false + end + return true, {value} +end +say:set("assertion.req_form_param.negative", [[ +Expected url encoded form parameter: +%s +But it was not found in request: +%s +]]) +say:set("assertion.req_form_param.positive", [[ +Did not expected url encoded form parameter: +%s +But it was found in request: +%s +]]) +luassert:register("assertion", "formparam", req_form_param, + "assertion.req_form_param.negative", + "assertion.req_form_param.positive") + + +--- +-- Assertion to ensure a value is greater than a base value. +-- @function is_gt +-- @param base the base value to compare against +-- @param value the value that must be greater than the base value +local function is_gt(state, arguments) + local expected = arguments[1] + local value = arguments[2] + + arguments[1] = value + arguments[2] = expected + + return value > expected +end +say:set("assertion.gt.negative", [[ +Given value (%s) should be greater than expected value (%s) +]]) +say:set("assertion.gt.positive", [[ +Given value (%s) should not be greater than expected value (%s) +]]) +luassert:register("assertion", "gt", is_gt, + "assertion.gt.negative", + "assertion.gt.positive") + +--- Generic modifier "certificate". +-- Will set a "certificate" value in the assertion state, so following +-- assertions will operate on the value set. +-- @function certificate +-- @param cert The cert text +-- @see cn +-- @usage +-- assert.certificate(cert).has.cn("ssl-example.com") +local function modifier_certificate(state, arguments, level) + local generic = "The assertion 'certficate' modifier takes a cert text" + .. " as input to validate certificate parameters" + .. " against." + local cert = arguments[1] + assert(type(cert) == "string", + "Expected a certificate text, got '" .. tostring(cert) .. "'. " .. generic) + rawset(state, "kong_certificate", cert) + return state +end +luassert:register("modifier", "certificate", modifier_certificate) + +--- Assertion to check whether a CN is matched in an SSL cert. +-- @function cn +-- @param expected The CN value +-- @param cert The cert text +-- @return the CN found in the cert +-- @see certificate +-- @usage +-- assert.cn("ssl-example.com", cert) +-- +-- -- alternative: +-- assert.certificate(cert).has.cn("ssl-example.com") +local function assert_cn(state, args) + local expected = args[1] + if args[2] and rawget(state, "kong_certificate") then + error("assertion 'cn' takes either a 'certificate' modifier, or 2 parameters, not both") + end + local cert = args[2] or rawget(state, "kong_certificate") + local cn = string.match(cert, "CN%s*=%s*([^%s,]+)") + args[2] = cn or "(CN not found in certificate)" + args.n = 2 + return cn == expected +end +say:set("assertion.cn.negative", [[ +Expected certificate to have the given CN value. +Expected CN: +%s +Got instead: +%s +]]) +say:set("assertion.cn.positive", [[ +Expected certificate to not have the given CN value. +Expected CN to not be: +%s +Got instead: +%s +]]) +luassert:register("assertion", "cn", assert_cn, + "assertion.cn.negative", + "assertion.cn.positive") + + +do + --- Generic modifier "logfile" + -- Will set an "errlog_path" value in the assertion state. + -- @function logfile + -- @param path A path to the log file (defaults to the test prefix's + -- errlog). + -- @see line + -- @see clean_logfile + -- @usage + -- assert.logfile("./my/logfile.log").has.no.line("[error]", true) + local function modifier_errlog(state, args) + local errlog_path = args[1] or conf.nginx_err_logs + + assert(type(errlog_path) == "string", "logfile modifier expects nil, or " .. + "a string as argument, got: " .. + type(errlog_path)) + + rawset(state, "errlog_path", errlog_path) + + return state + end + + luassert:register("modifier", "errlog", modifier_errlog) -- backward compat + luassert:register("modifier", "logfile", modifier_errlog) + + + --- Assertion checking if any line from a file matches the given regex or + -- substring. + -- @function line + -- @param regex The regex to evaluate against each line. + -- @param plain If true, the regex argument will be considered as a plain + -- string. + -- @param timeout An optional timeout after which the assertion will fail if + -- reached. + -- @param fpath An optional path to the file (defaults to the filelog + -- modifier) + -- @see logfile + -- @see clean_logfile + -- @usage + -- helpers.clean_logfile() + -- + -- -- run some tests here + -- + -- assert.logfile().has.no.line("[error]", true) + local function match_line(state, args) + local regex = args[1] + local plain = args[2] + local timeout = args[3] or 2 + local fpath = args[4] or rawget(state, "errlog_path") + + assert(type(regex) == "string", + "Expected the regex argument to be a string") + assert(type(fpath) == "string", + "Expected the file path argument to be a string") + assert(type(timeout) == "number" and timeout > 0, + "Expected the timeout argument to be a positive number") + + local pok = pcall(wait_until, function() + local logs = pl_file.read(fpath) + local from, _, err + + for line in logs:gmatch("[^\r\n]+") do + if plain then + from = string.find(line, regex, nil, true) + + else + from, _, err = ngx.re.find(line, regex) + if err then + error(err) + end + end + + if from then + table.insert(args, 1, line) + table.insert(args, 1, regex) + args.n = 2 + return true + end + end + end, timeout) + + table.insert(args, 1, fpath) + args.n = args.n + 1 + + return pok + end + + say:set("assertion.match_line.negative", unindent [[ + Expected file at: + %s + To match: + %s + ]]) + say:set("assertion.match_line.positive", unindent [[ + Expected file at: + %s + To not match: + %s + But matched line: + %s + ]]) + luassert:register("assertion", "line", match_line, + "assertion.match_line.negative", + "assertion.match_line.positive") +end + + +---------------- +-- DNS-record mocking. +-- These function allow to create mock dns records that the test Kong instance +-- will use to resolve names. The created mocks are injected by the `start_kong` +-- function. +-- @usage +-- -- Create a new DNS mock and add some DNS records +-- local fixtures = { +-- dns_mock = helpers.dns_mock.new { mocks_only = true } +-- } +-- +-- fixtures.dns_mock:SRV { +-- name = "my.srv.test.com", +-- target = "a.my.srv.test.com", +-- port = 80, +-- } +-- fixtures.dns_mock:SRV { +-- name = "my.srv.test.com", -- adding same name again: record gets 2 entries! +-- target = "b.my.srv.test.com", -- a.my.srv.test.com and b.my.srv.test.com +-- port = 8080, +-- } +-- fixtures.dns_mock:A { +-- name = "a.my.srv.test.com", +-- address = "127.0.0.1", +-- } +-- fixtures.dns_mock:A { +-- name = "b.my.srv.test.com", +-- address = "127.0.0.1", +-- } +-- @section DNS-mocks + + +local dns_mock = {} +do + dns_mock.__index = dns_mock + dns_mock.__tostring = function(self) + -- fill array to prevent json encoding errors + local out = { + mocks_only = self.mocks_only, + records = {} + } + for i = 1, 33 do + out.records[i] = self[i] or {} + end + local json = assert(cjson.encode(out)) + return json + end + + + local TYPE_A, TYPE_AAAA, TYPE_CNAME, TYPE_SRV = 1, 28, 5, 33 + + + --- Creates a new DNS mock. + -- The options table supports the following fields: + -- + -- - `mocks_only`: boolean, if set to `true` then only mock records will be + -- returned. If `falsy` it will fall through to an actual DNS lookup. + -- @function dns_mock.new + -- @param options table with mock options + -- @return dns_mock object + -- @usage + -- local mock = helpers.dns_mock.new { mocks_only = true } + function dns_mock.new(options) + return setmetatable(options or {}, dns_mock) + end + + + --- Adds an SRV record to the DNS mock. + -- Fields `name`, `target`, and `port` are required. Other fields get defaults: + -- + -- * `weight`; 20 + -- * `ttl`; 600 + -- * `priority`; 20 + -- @param rec the mock DNS record to insert + -- @return true + function dns_mock:SRV(rec) + if self == dns_mock then + error("can't operate on the class, you must create an instance", 2) + end + if getmetatable(self or {}) ~= dns_mock then + error("SRV method must be called using the colon notation", 2) + end + assert(rec, "Missing record parameter") + local name = assert(rec.name, "No name field in SRV record") + + self[TYPE_SRV] = self[TYPE_SRV] or {} + local query_answer = self[TYPE_SRV][name] + if not query_answer then + query_answer = {} + self[TYPE_SRV][name] = query_answer + end + + table.insert(query_answer, { + type = TYPE_SRV, + name = name, + target = assert(rec.target, "No target field in SRV record"), + port = assert(rec.port, "No port field in SRV record"), + weight = rec.weight or 10, + ttl = rec.ttl or 600, + priority = rec.priority or 20, + class = rec.class or 1 + }) + return true + end + + + --- Adds an A record to the DNS mock. + -- Fields `name` and `address` are required. Other fields get defaults: + -- + -- * `ttl`; 600 + -- @param rec the mock DNS record to insert + -- @return true + function dns_mock:A(rec) + if self == dns_mock then + error("can't operate on the class, you must create an instance", 2) + end + if getmetatable(self or {}) ~= dns_mock then + error("A method must be called using the colon notation", 2) + end + assert(rec, "Missing record parameter") + local name = assert(rec.name, "No name field in A record") + + self[TYPE_A] = self[TYPE_A] or {} + local query_answer = self[TYPE_A][name] + if not query_answer then + query_answer = {} + self[TYPE_A][name] = query_answer + end + + table.insert(query_answer, { + type = TYPE_A, + name = name, + address = assert(rec.address, "No address field in A record"), + ttl = rec.ttl or 600, + class = rec.class or 1 + }) + return true + end + + + --- Adds an AAAA record to the DNS mock. + -- Fields `name` and `address` are required. Other fields get defaults: + -- + -- * `ttl`; 600 + -- @param rec the mock DNS record to insert + -- @return true + function dns_mock:AAAA(rec) + if self == dns_mock then + error("can't operate on the class, you must create an instance", 2) + end + if getmetatable(self or {}) ~= dns_mock then + error("AAAA method must be called using the colon notation", 2) + end + assert(rec, "Missing record parameter") + local name = assert(rec.name, "No name field in AAAA record") + + self[TYPE_AAAA] = self[TYPE_AAAA] or {} + local query_answer = self[TYPE_AAAA][name] + if not query_answer then + query_answer = {} + self[TYPE_AAAA][name] = query_answer + end + + table.insert(query_answer, { + type = TYPE_AAAA, + name = name, + address = assert(rec.address, "No address field in AAAA record"), + ttl = rec.ttl or 600, + class = rec.class or 1 + }) + return true + end + + + --- Adds a CNAME record to the DNS mock. + -- Fields `name` and `cname` are required. Other fields get defaults: + -- + -- * `ttl`; 600 + -- @param rec the mock DNS record to insert + -- @return true + function dns_mock:CNAME(rec) + if self == dns_mock then + error("can't operate on the class, you must create an instance", 2) + end + if getmetatable(self or {}) ~= dns_mock then + error("CNAME method must be called using the colon notation", 2) + end + assert(rec, "Missing record parameter") + local name = assert(rec.name, "No name field in CNAME record") + + self[TYPE_CNAME] = self[TYPE_CNAME] or {} + local query_answer = self[TYPE_CNAME][name] + if not query_answer then + query_answer = {} + self[TYPE_CNAME][name] = query_answer + end + + table.insert(query_answer, { + type = TYPE_CNAME, + name = name, + cname = assert(rec.cname, "No cname field in CNAME record"), + ttl = rec.ttl or 600, + class = rec.class or 1 + }) + return true + end +end + + +---------------- +-- Shell helpers +-- @section Shell-helpers + +--- Execute a command. +-- Modified version of `pl.utils.executeex()` so the output can directly be +-- used on an assertion. +-- @function execute +-- @param cmd command string to execute +-- @param pl_returns (optional) boolean: if true, this function will +-- return the same values as Penlight's executeex. +-- @return if `pl_returns` is true, returns four return values +-- (ok, code, stdout, stderr); if `pl_returns` is false, +-- returns either (false, stderr) or (true, stderr, stdout). +function exec(cmd, pl_returns) + local ok, code, stdout, stderr = pl_utils.executeex(cmd) + if pl_returns then + return ok, code, stdout, stderr + end + if not ok then + stdout = nil -- don't return 3rd value if fail because of busted's `assert` + end + return ok, stderr, stdout +end + + +--- Execute a Kong command. +-- @function kong_exec +-- @param cmd Kong command to execute, eg. `start`, `stop`, etc. +-- @param env (optional) table with kong parameters to set as environment +-- variables, overriding the test config (each key will automatically be +-- prefixed with `KONG_` and be converted to uppercase) +-- @param pl_returns (optional) boolean: if true, this function will +-- return the same values as Penlight's `executeex`. +-- @param env_vars (optional) a string prepended to the command, so +-- that arbitrary environment variables may be passed +-- @return if `pl_returns` is true, returns four return values +-- (ok, code, stdout, stderr); if `pl_returns` is false, +-- returns either (false, stderr) or (true, stderr, stdout). +function kong_exec(cmd, env, pl_returns, env_vars) + cmd = cmd or "" + env = env or {} + + -- Insert the Lua path to the custom-plugin fixtures + do + local function cleanup(t) + if t then + t = pl_stringx.strip(t) + if t:sub(-1,-1) == ";" then + t = t:sub(1, -2) + end + end + return t ~= "" and t or nil + end + local paths = {} + table.insert(paths, cleanup(CUSTOM_PLUGIN_PATH)) + table.insert(paths, cleanup(CUSTOM_VAULT_PATH)) + table.insert(paths, cleanup(env.lua_package_path)) + table.insert(paths, cleanup(conf.lua_package_path)) + env.lua_package_path = table.concat(paths, ";") + -- note; the nginx config template will add a final ";;", so no need to + -- include that here + end + + if not env.plugins then + env.plugins = "bundled,dummy,cache,rewriter,error-handler-log," .. + "error-generator,error-generator-last," .. + "short-circuit" + end + + -- build Kong environment variables + env_vars = env_vars or "" + for k, v in pairs(env) do + env_vars = string.format("%s KONG_%s='%s'", env_vars, k:upper(), v) + end + + return exec(env_vars .. " " .. BIN_PATH .. " " .. cmd, pl_returns) +end + + +--- Prepares the Kong environment. +-- Creates the working directory if it does not exist. +-- @param prefix (optional) path to the working directory, if omitted the test +-- configuration will be used +-- @function prepare_prefix +local function prepare_prefix(prefix) + return pl_dir.makepath(prefix or conf.prefix) +end + + +--- Cleans the Kong environment. +-- Deletes the working directory if it exists. +-- @param prefix (optional) path to the working directory, if omitted the test +-- configuration will be used +-- @function clean_prefix +local function clean_prefix(prefix) + prefix = prefix or conf.prefix + if pl_path.exists(prefix) then + pl_dir.rmtree(prefix) + end +end + + +-- Reads the pid from a pid file and returns it, or nil + err +local function get_pid_from_file(pid_path) + local pid + local fd, err = io.open(pid_path) + if not fd then + return nil, err + end + + pid = fd:read("*l") + fd:close() + + return pid +end + + +local function pid_dead(pid, timeout) + local max_time = ngx.now() + (timeout or 10) + + repeat + if not pl_utils.execute("ps -p " .. pid .. " >/dev/null 2>&1") then + return true + end + -- still running, wait some more + ngx.sleep(0.05) + until ngx.now() >= max_time + + return false +end + +-- Waits for the termination of a pid. +-- @param pid_path Filename of the pid file. +-- @param timeout (optional) in seconds, defaults to 10. +local function wait_pid(pid_path, timeout, is_retry) + local pid = get_pid_from_file(pid_path) + + if pid then + if pid_dead(pid, timeout) then + return + end + + if is_retry then + return + end + + -- Timeout reached: kill with SIGKILL + pl_utils.execute("kill -9 " .. pid .. " >/dev/null 2>&1") + + -- Sanity check: check pid again, but don't loop. + wait_pid(pid_path, timeout, true) + end +end + + +--- Return the actual configuration running at the given prefix. +-- It may differ from the default, as it may have been modified +-- by the `env` table given to start_kong. +-- @function get_running_conf +-- @param prefix (optional) The prefix path where the kong instance is running, +-- defaults to the prefix in the default config. +-- @return The conf table of the running instance, or nil + error. +local function get_running_conf(prefix) + local default_conf = conf_loader(nil, {prefix = prefix or conf.prefix}) + return conf_loader.load_config_file(default_conf.kong_env) +end + + +--- Clears the logfile. Will overwrite the logfile with an empty file. +-- @function clean_logfile +-- @param logfile (optional) filename to clear, defaults to the current +-- error-log file +-- @return nothing +-- @see line +local function clean_logfile(logfile) + logfile = logfile or (get_running_conf() or conf).nginx_err_logs + os.execute(":> " .. logfile) +end + + +--- Return the actual Kong version the tests are running against. +-- See [version.lua](https://github.com/kong/version.lua) for the format. This +-- is mostly useful for testing plugins that should work with multiple Kong versions. +-- @function get_version +-- @return a `version` object +-- @usage +-- local version = require 'version' +-- if helpers.get_version() < version("0.15.0") then +-- -- do something +-- end +local function get_version() + return version(select(3, assert(kong_exec("version")))) +end + + +local function render_fixtures(conf, env, prefix, fixtures) + + if fixtures and (fixtures.http_mock or fixtures.stream_mock) then + -- prepare the prefix so we get the full config in the + -- hidden `.kong_env` file, including test specified env vars etc + assert(kong_exec("prepare --conf " .. conf, env)) + local render_config = assert(conf_loader(prefix .. "/.kong_env", nil, + { from_kong_env = true })) + + for _, mocktype in ipairs { "http_mock", "stream_mock" } do + + for filename, contents in pairs(fixtures[mocktype] or {}) do + -- render the file using the full configuration + contents = assert(prefix_handler.compile_conf(render_config, contents)) + + -- write file to prefix + filename = prefix .. "/" .. filename .. "." .. mocktype + assert(pl_utils.writefile(filename, contents)) + end + end + end + + if fixtures and fixtures.dns_mock then + -- write the mock records to the prefix + assert(getmetatable(fixtures.dns_mock) == dns_mock, + "expected dns_mock to be of a helpers.dns_mock class") + assert(pl_utils.writefile(prefix .. "/dns_mock_records.json", + tostring(fixtures.dns_mock))) + + -- add the mock resolver to the path to ensure the records are loaded + if env.lua_package_path then + env.lua_package_path = DNS_MOCK_LUA_PATH .. ";" .. env.lua_package_path + else + env.lua_package_path = DNS_MOCK_LUA_PATH + end + else + -- remove any old mocks if they exist + os.remove(prefix .. "/dns_mock_records.json") + end + + return true +end + + +local function build_go_plugins(path) + if pl_path.exists(pl_path.join(path, "go.mod")) then + local ok, _, _, stderr = pl_utils.executeex(string.format( + "cd %s; go mod tidy; go mod download", path)) + assert(ok, stderr) + end + for _, go_source in ipairs(pl_dir.getfiles(path, "*.go")) do + local ok, _, _, stderr = pl_utils.executeex(string.format( + "cd %s; go build %s", + path, pl_path.basename(go_source) + )) + assert(ok, stderr) + end +end + +local function isnewer(path_a, path_b) + if not pl_path.exists(path_a) then + return true + end + if not pl_path.exists(path_b) then + return false + end + return assert(pl_path.getmtime(path_b)) > assert(pl_path.getmtime(path_a)) +end + +local function make(workdir, specs) + workdir = pl_path.normpath(workdir or pl_path.currentdir()) + + for _, spec in ipairs(specs) do + local targetpath = pl_path.join(workdir, spec.target) + for _, src in ipairs(spec.src) do + local srcpath = pl_path.join(workdir, src) + if isnewer(targetpath, srcpath) then + local ok, _, _, stderr = pl_utils.executeex(string.format("cd %s; %s", workdir, spec.cmd)) + assert(ok, stderr) + if isnewer(targetpath, srcpath) then + error(string.format("couldn't make %q newer than %q", targetpath, srcpath)) + end + break + end + end + end + + return true +end + +local grpc_target_proc +local function start_grpc_target() + local ngx_pipe = require "ngx.pipe" + assert(make(GRPC_TARGET_SRC_PATH, { + { + target = "targetservice/targetservice.pb.go", + src = { "../targetservice.proto" }, + cmd = "protoc --go_out=. --go-grpc_out=. -I ../ ../targetservice.proto", + }, + { + target = "targetservice/targetservice_grpc.pb.go", + src = { "../targetservice.proto" }, + cmd = "protoc --go_out=. --go-grpc_out=. -I ../ ../targetservice.proto", + }, + { + target = "target", + src = { "grpc-target.go", "targetservice/targetservice.pb.go", "targetservice/targetservice_grpc.pb.go" }, + cmd = "go mod tidy && go mod download all && go build", + }, + })) + grpc_target_proc = assert(ngx_pipe.spawn({ GRPC_TARGET_SRC_PATH .. "/target" }, { + merge_stderr = true, + })) + + return true +end + +local function stop_grpc_target() + if grpc_target_proc then + grpc_target_proc:kill(resty_signal.signum("QUIT")) + grpc_target_proc = nil + end +end + +local function get_grpc_target_port() + return 15010 +end + + +--- Start the Kong instance to test against. +-- The fixtures passed to this function can be 3 types: +-- +-- * DNS mocks +-- +-- * Nginx server blocks to be inserted in the http module +-- +-- * Nginx server blocks to be inserted in the stream module +-- @function start_kong +-- @param env table with Kong configuration parameters (and values) +-- @param tables list of database tables to truncate before starting +-- @param preserve_prefix (boolean) if truthy, the prefix will not be cleaned +-- before starting +-- @param fixtures tables with fixtures, dns, http and stream mocks. +-- @return return values from `execute` +-- @usage +-- -- example mocks +-- -- Create a new DNS mock and add some DNS records +-- local fixtures = { +-- http_mock = {}, +-- stream_mock = {}, +-- dns_mock = helpers.dns_mock.new() +-- } +-- +-- fixtures.dns_mock:A { +-- name = "a.my.srv.test.com", +-- address = "127.0.0.1", +-- } +-- +-- -- The blocks below will be rendered by the Kong template renderer, like other +-- -- custom Kong templates. Hence the `${{xxxx}}` values. +-- -- Multiple mocks can be added each under their own filename ("my_server_block" below) +-- fixtures.http_mock.my_server_block = [[ +-- server { +-- server_name my_server; +-- listen 10001 ssl; +-- +-- ssl_certificate ${{SSL_CERT}}; +-- ssl_certificate_key ${{SSL_CERT_KEY}}; +-- ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; +-- +-- location ~ "/echobody" { +-- content_by_lua_block { +-- ngx.req.read_body() +-- local echo = ngx.req.get_body_data() +-- ngx.status = status +-- ngx.header["Content-Length"] = #echo + 1 +-- ngx.say(echo) +-- } +-- } +-- } +-- ]] +-- +-- fixtures.stream_mock.my_server_block = [[ +-- server { +-- -- insert stream server config here +-- } +-- ]] +-- +-- assert(helpers.start_kong( {database = "postgres"}, nil, nil, fixtures)) +local function start_kong(env, tables, preserve_prefix, fixtures) + if tables ~= nil and type(tables) ~= "table" then + error("arg #2 must be a list of tables to truncate") + end + env = env or {} + local prefix = env.prefix or conf.prefix + + -- go plugins are enabled + -- compile fixture go plugins if any setting mentions it + for _,v in pairs(env) do + if type(v) == "string" and v:find(GO_PLUGIN_PATH) then + build_go_plugins(GO_PLUGIN_PATH) + break + end + end + + -- note: set env var "KONG_TEST_DONT_CLEAN" !! the "_TEST" will be dropped + if not (preserve_prefix or os.getenv("KONG_DONT_CLEAN")) then + clean_prefix(prefix) + end + + local ok, err = prepare_prefix(prefix) + if not ok then return nil, err end + + truncate_tables(db, tables) + + local nginx_conf = "" + if env.nginx_conf then + nginx_conf = " --nginx-conf " .. env.nginx_conf + end + + if dcbp and not env.declarative_config and not env.declarative_config_string then + if not config_yml then + config_yml = prefix .. "/config.yml" + local cfg = dcbp.done() + local declarative = require "kong.db.declarative" + local ok, err = declarative.to_yaml_file(cfg, config_yml) + if not ok then + return nil, err + end + end + env = utils.deep_copy(env) + env.declarative_config = config_yml + end + + assert(render_fixtures(TEST_CONF_PATH .. nginx_conf, env, prefix, fixtures)) + + return kong_exec("start --conf " .. TEST_CONF_PATH .. nginx_conf, env) +end + + +-- Stop the Kong test instance. +-- @function stop_kong +-- @param prefix (optional) the prefix where the test instance runs, defaults to the test configuration. +-- @param preserve_prefix (boolean) if truthy, the prefix will not be deleted after stopping +-- @param preserve_dc +-- @return true or nil+err +local function stop_kong(prefix, preserve_prefix, preserve_dc) + prefix = prefix or conf.prefix + + local running_conf, err = get_running_conf(prefix) + if not running_conf then + return nil, err + end + + local pid, err = get_pid_from_file(running_conf.nginx_pid) + if not pid then + return nil, err + end + + local ok, _, _, err = pl_utils.executeex("kill -TERM " .. pid) + if not ok then + return nil, err + end + + wait_pid(running_conf.nginx_pid) + + -- note: set env var "KONG_TEST_DONT_CLEAN" !! the "_TEST" will be dropped + if not (preserve_prefix or os.getenv("KONG_DONT_CLEAN")) then + clean_prefix(prefix) + end + + if not preserve_dc then + config_yml = nil + end + ngx.ctx.workspace = nil + + return true +end + + +--- Restart Kong. Reusing declarative config when using `database=off`. +-- @function restart_kong +-- @param env see `start_kong` +-- @param tables see `start_kong` +-- @param fixtures see `start_kong` +-- @return true or nil+err +local function restart_kong(env, tables, fixtures) + stop_kong(env.prefix, true, true) + return start_kong(env, tables, true, fixtures) +end + +--- Wait until no common workers. +-- This will wait until all the worker PID's listed have gone (others may have appeared). If an `expected_total` is specified, it will also wait until the new workers have reached this number. +-- @function wait_until_no_common_workers +-- @tparam table workers an array of worker PID's (the return value of `get_kong_workers`) +-- @tparam[opt] number expected_total the expected total workers count +-- @tparam[opt] table wait_opts options to use, the available fields are: +-- @tparam[opt] number wait_opts.timeout timeout passed to `wait_until` +-- @tparam[opt] number wait_opts.step step passed to `wait_until` +local function wait_until_no_common_workers(workers, expected_total, wait_opts) + local strategy = conf.database + if strategy == "cassandra" then + ngx.sleep(0.5) + end + wait_opts = wait_opts or {} + wait_until(function() + local pok, admin_client = pcall(admin_client) + if not pok then + return false + end + local res = assert(admin_client:send { + method = "GET", + path = "/", + }) + luassert.res_status(200, res) + local json = cjson.decode(luassert.res_status(200, res)) + admin_client:close() + + local new_workers = json.pids.workers + local total = 0 + local common = 0 + if new_workers then + for _, v in ipairs(new_workers) do + total = total + 1 + for _, v_old in ipairs(workers) do + if v == v_old then + common = common + 1 + break + end + end + end + end + return common == 0 and total == (expected_total or total) + end, wait_opts.timeout, wait_opts.step) +end + + +--- Gets the Kong workers PID's. +-- Will wait for a successful call to the admin-api for a maximum of 10 seconds, +-- before returning a timeout. +-- @function get_kong_workers +-- @return array of worker PID's +local function get_kong_workers() + local workers + wait_until(function() + local pok, admin_client = pcall(admin_client) + if not pok then + return false + end + local res = admin_client:send { + method = "GET", + path = "/", + } + if not res or res.status ~= 200 then + return false + end + local body = luassert.res_status(200, res) + local json = cjson.decode(body) + + admin_client:close() + workers = json.pids.workers + return true + end, 10) + return workers +end + + +--- Reload Kong and wait all workers are restarted. +local function reload_kong(...) + local workers = get_kong_workers() + local ok, err = kong_exec(...) + if ok then + wait_until_no_common_workers(workers, 1) + end + return ok, err +end + +--- Simulate a Hybrid mode DP and connect to the CP specified in `opts`. +-- @function clustering_client +-- @param opts Options to use, the `host`, `port`, `cert` and `cert_key` fields +-- are required. +-- Other fields that can be overwritten are: +-- `node_hostname`, `node_id`, `node_version`, `node_plugins_list`. If absent, +-- they are automatically filled. +-- @return msg if handshake succeeded and initial message received from CP or nil, err +local function clustering_client(opts) + assert(opts.host) + assert(opts.port) + assert(opts.cert) + assert(opts.cert_key) + + local c = assert(ws_client:new()) + local uri = "wss://" .. opts.host .. ":" .. opts.port .. + "/v1/outlet?node_id=" .. (opts.node_id or utils.uuid()) .. + "&node_hostname=" .. (opts.node_hostname or kong.node.get_hostname()) .. + "&node_version=" .. (opts.node_version or KONG_VERSION) + + local conn_opts = { + ssl_verify = false, -- needed for busted tests as CP certs are not trusted by the CLI + client_cert = assert(ssl.parse_pem_cert(assert(pl_file.read(opts.cert)))), + client_priv_key = assert(ssl.parse_pem_priv_key(assert(pl_file.read(opts.cert_key)))), + server_name = "kong_clustering", + } + + local res, err = c:connect(uri, conn_opts) + if not res then + return nil, err + end + local payload = assert(cjson.encode({ type = "basic_info", + plugins = opts.node_plugins_list or + PLUGINS_LIST, + })) + assert(c:send_binary(payload)) + + assert(c:send_ping(string.rep("0", 32))) + + local data, typ, err + data, typ, err = c:recv_frame() + c:close() + + if typ == "binary" then + local odata = assert(utils.inflate_gzip(data)) + local msg = assert(cjson.decode(odata)) + return msg + + elseif typ == "pong" then + return "PONG" + end + + return nil, "unknown frame from CP: " .. (typ or err) +end + + +--- Create a temporary directory, and return its path. +-- @function tmpdir +-- @return string path to the temporary directory +local function tmpdir() + local handle = assert(io.popen("mktemp -d")) + local path = handle:read("*a") + handle:close() + return path:sub(1, #path - 1) +end + + +---------------- +-- Variables/constants +-- @section exported-fields + + +--- Below is a list of fields/constants exported on the `helpers` module table: +-- @table helpers +-- @field dir The [`pl.dir` module of Penlight](http://tieske.github.io/Penlight/libraries/pl.dir.html) +-- @field path The [`pl.path` module of Penlight](http://tieske.github.io/Penlight/libraries/pl.path.html) +-- @field file The [`pl.file` module of Penlight](http://tieske.github.io/Penlight/libraries/pl.file.html) +-- @field utils The [`pl.utils` module of Penlight](http://tieske.github.io/Penlight/libraries/pl.utils.html) +-- @field test_conf The Kong test configuration. See also `get_running_conf` which might be slightly different. +-- @field test_conf_path The configuration file in use. +-- @field mock_upstream_hostname +-- @field mock_upstream_protocol +-- @field mock_upstream_host +-- @field mock_upstream_port +-- @field mock_upstream_url Base url constructed from the components +-- @field mock_upstream_ssl_protocol +-- @field mock_upstream_ssl_host +-- @field mock_upstream_ssl_port +-- @field mock_upstream_ssl_url Base url constructed from the components +-- @field mock_upstream_stream_port +-- @field mock_upstream_stream_ssl_port +-- @field mock_grpc_upstream_proto_path +-- @field redis_host The hostname for a Redis instance if available. Port should be `6379`. + +---------- +-- Exposed +---------- +-- @export + return { + -- Penlight + dir = pl_dir, + path = pl_path, + file = pl_file, + utils = pl_utils, + + -- Kong testing properties + db = db, + blueprints = blueprints, + get_db_utils = get_db_utils, + get_cache = get_cache, + bootstrap_database = bootstrap_database, + bin_path = BIN_PATH, + test_conf = conf, + test_conf_path = TEST_CONF_PATH, + go_plugin_path = GO_PLUGIN_PATH, + mock_upstream_hostname = MOCK_UPSTREAM_HOSTNAME, + mock_upstream_protocol = MOCK_UPSTREAM_PROTOCOL, + mock_upstream_host = MOCK_UPSTREAM_HOST, + mock_upstream_port = MOCK_UPSTREAM_PORT, + mock_upstream_url = MOCK_UPSTREAM_PROTOCOL .. "://" .. + MOCK_UPSTREAM_HOST .. ':' .. + MOCK_UPSTREAM_PORT, + + mock_upstream_ssl_protocol = MOCK_UPSTREAM_SSL_PROTOCOL, + mock_upstream_ssl_host = MOCK_UPSTREAM_HOST, + mock_upstream_ssl_port = MOCK_UPSTREAM_SSL_PORT, + mock_upstream_ssl_url = MOCK_UPSTREAM_SSL_PROTOCOL .. "://" .. + MOCK_UPSTREAM_HOST .. ':' .. + MOCK_UPSTREAM_SSL_PORT, + + mock_upstream_stream_port = MOCK_UPSTREAM_STREAM_PORT, + mock_upstream_stream_ssl_port = MOCK_UPSTREAM_STREAM_SSL_PORT, + mock_grpc_upstream_proto_path = MOCK_GRPC_UPSTREAM_PROTO_PATH, + + redis_host = os.getenv("KONG_SPEC_REDIS_HOST") or "127.0.0.1", + + blackhole_host = BLACKHOLE_HOST, + + -- Kong testing helpers + execute = exec, + dns_mock = dns_mock, + kong_exec = kong_exec, + get_version = get_version, + get_running_conf = get_running_conf, + http_client = http_client, + grpc_client = grpc_client, + http2_client = http2_client, + wait_until = wait_until, + pwait_until = pwait_until, + wait_pid = wait_pid, + wait_for_file = wait_for_file, + wait_for_file_contents = wait_for_file_contents, + tcp_server = tcp_server, + udp_server = udp_server, + kill_tcp_server = kill_tcp_server, + http_server = http_server, + get_proxy_ip = get_proxy_ip, + get_proxy_port = get_proxy_port, + proxy_client = proxy_client, + proxy_client_grpc = proxy_client_grpc, + proxy_client_grpcs = proxy_client_grpcs, + proxy_client_h2c = proxy_client_h2c, + proxy_client_h2 = proxy_client_h2, + admin_client = admin_client, + proxy_ssl_client = proxy_ssl_client, + admin_ssl_client = admin_ssl_client, + prepare_prefix = prepare_prefix, + clean_prefix = clean_prefix, + clean_logfile = clean_logfile, + wait_for_invalidation = wait_for_invalidation, + each_strategy = each_strategy, + all_strategies = all_strategies, + validate_plugin_config_schema = validate_plugin_config_schema, + clustering_client = clustering_client, + tmpdir = tmpdir, + https_server = https_server, + stress_generator = stress_generator, + + -- miscellaneous + intercept = intercept, + openresty_ver_num = openresty_ver_num(), + unindent = unindent, + make_yaml_file = make_yaml_file, + setenv = setenv, + unsetenv = unsetenv, + deep_sort = deep_sort, + + -- launching Kong subprocesses + start_kong = start_kong, + stop_kong = stop_kong, + restart_kong = restart_kong, + reload_kong = reload_kong, + get_kong_workers = get_kong_workers, + wait_until_no_common_workers = wait_until_no_common_workers, + + start_grpc_target = start_grpc_target, + stop_grpc_target = stop_grpc_target, + get_grpc_target_port = get_grpc_target_port, + + -- Only use in CLI tests from spec/02-integration/01-cmd + kill_all = function(prefix, timeout) + local kill = require "kong.cmd.utils.kill" + + local running_conf = get_running_conf(prefix) + if not running_conf then return end + + -- kill kong_tests.conf service + local pid_path = running_conf.nginx_pid + if pl_path.exists(pid_path) then + kill.kill(pid_path, "-TERM") + wait_pid(pid_path, timeout) + end + end, + + with_current_ws = function(ws,fn, db) + local old_ws = ngx.ctx.workspace + ngx.ctx.workspace = nil + ws = ws or {db.workspaces:select_by_name("default")} + ngx.ctx.workspace = ws[1] and ws[1].id + local res = fn() + ngx.ctx.workspace = old_ws + return res + end, + + signal = function(prefix, signal, pid_path) + local kill = require "kong.cmd.utils.kill" + + if not pid_path then + local running_conf = get_running_conf(prefix) + if not running_conf then + error("no config file found at prefix: " .. prefix) + end + + pid_path = running_conf.nginx_pid + end + + return kill.kill(pid_path, signal) + end, + + -- send signal to all Nginx workers, not including the master + signal_workers = function(prefix, signal, pid_path) + if not pid_path then + local running_conf = get_running_conf(prefix) + if not running_conf then + error("no config file found at prefix: " .. prefix) + end + + pid_path = running_conf.nginx_pid + end + + local cmd = string.format("pkill %s -P `cat %s`", signal, pid_path) + local _, code = pl_utils.execute(cmd) + + if not pid_dead(pid_path) then + return false + end + + return code + end, + -- returns the plugins and version list that is used by Hybrid mode tests + get_plugins_list = function() + assert(PLUGINS_LIST, "plugin list has not been initialized yet, " .. + "you must call get_db_utils first") + return table_clone(PLUGINS_LIST) + end, + get_available_port = function() + local socket = require("socket") + local server = assert(socket.bind("*", 0)) + local _, port = server:getsockname() + server:close() + return tonumber(port) + end, + + -- XXX EE + is_enterprise_plugin = function(plugin_name) + for _, ee_plugin_name in pairs(dist_constants.plugins) do + if ee_plugin_name == plugin_name then + return true + end + end + return false + end, + -- EE +} diff --git a/kong-versions/2.8.4.3/kong/spec/helpers/dns.lua b/kong-versions/2.8.4.3/kong/spec/helpers/dns.lua new file mode 100644 index 00000000..96c965f3 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/helpers/dns.lua @@ -0,0 +1,145 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +-- test helper methods + +local _M = {} + + +if ngx then + _M.gettime = ngx.now + _M.sleep = ngx.sleep +else + local socket = require("socket") + _M.gettime = socket.gettime + _M.sleep = socket.sleep +end +local gettime = _M.gettime + + +-- iterator over different balancer types +-- @return algorithm_name, balancer_module +function _M.balancer_types() + local b_types = { + -- algorithm name + { "consistent-hashing", "consistent_hashing" }, + { "round-robin", "round_robin" }, + { "least-connections", "least_connections" }, + } + local i = 0 + return function() + i = i + 1 + if b_types[i] then + return b_types[i][1], require("resty.dns.balancer." .. b_types[i][2]) + end + end +end + + +-- expires a record now +function _M.dnsExpire(record) + record.expire = gettime() - 1 +end + + +-- creates an SRV record in the cache +function _M.dnsSRV(client, records, staleTtl) + local dnscache = client.getcache() + -- if single table, then insert into a new list + if not records[1] then records = { records } end + + for _, record in ipairs(records) do + record.type = client.TYPE_SRV + + -- check required input + assert(record.target, "target field is required for SRV record") + assert(record.name, "name field is required for SRV record") + assert(record.port, "port field is required for SRV record") + record.name = record.name:lower() + + -- optionals, insert defaults + record.weight = record.weight or 10 + record.ttl = record.ttl or 600 + record.priority = record.priority or 20 + record.class = record.class or 1 + end + -- set timeouts + records.touch = gettime() + records.expire = gettime() + records[1].ttl + + -- create key, and insert it + local key = records[1].type..":"..records[1].name + dnscache:set(key, records, records[1].ttl + (staleTtl or 4)) + -- insert last-succesful lookup type + dnscache:set(records[1].name, records[1].type) + return records +end + + +-- creates an A record in the cache +function _M.dnsA(client, records, staleTtl) + local dnscache = client.getcache() + -- if single table, then insert into a new list + if not records[1] then records = { records } end + + for _, record in ipairs(records) do + record.type = client.TYPE_A + + -- check required input + assert(record.address, "address field is required for A record") + assert(record.name, "name field is required for A record") + record.name = record.name:lower() + + -- optionals, insert defaults + record.ttl = record.ttl or 600 + record.class = record.class or 1 + end + -- set timeouts + records.touch = gettime() + records.expire = gettime() + records[1].ttl + + -- create key, and insert it + local key = records[1].type..":"..records[1].name + dnscache:set(key, records, records[1].ttl + (staleTtl or 4)) + -- insert last-succesful lookup type + dnscache:set(records[1].name, records[1].type) + return records +end + + +-- creates an AAAA record in the cache +function _M.dnsAAAA(client, records, staleTtl) + local dnscache = client.getcache() + -- if single table, then insert into a new list + if not records[1] then records = { records } end + + for _, record in ipairs(records) do + record.type = client.TYPE_AAAA + + -- check required input + assert(record.address, "address field is required for AAAA record") + assert(record.name, "name field is required for AAAA record") + record.name = record.name:lower() + + -- optionals, insert defaults + record.ttl = record.ttl or 600 + record.class = record.class or 1 + end + -- set timeouts + records.touch = gettime() + records.expire = gettime() + records[1].ttl + + -- create key, and insert it + local key = records[1].type..":"..records[1].name + dnscache:set(key, records, records[1].ttl + (staleTtl or 4)) + -- insert last-succesful lookup type + dnscache:set(records[1].name, records[1].type) + return records +end + + +return _M diff --git a/kong-versions/2.8.4.3/kong/spec/helpers/perf.lua b/kong-versions/2.8.4.3/kong/spec/helpers/perf.lua new file mode 100644 index 00000000..aabb1acb --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/helpers/perf.lua @@ -0,0 +1,444 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local pl_tablex = require("pl.tablex") + +local logger = require("spec.helpers.perf.logger") +local utils = require("spec.helpers.perf.utils") +local git = require("spec.helpers.perf.git") + +local my_logger = logger.new_logger("[controller]") + +utils.register_busted_hook() + +-- how many times for each "driver" operation +local RETRY_COUNT = 3 +local DRIVER +local DRIVER_NAME +local DATA_PLANE + +-- Real user facing functions +local driver_functions = { + "start_upstreams", "start_kong", "stop_kong", "setup", "teardown", + "get_start_load_cmd", "get_start_stapxx_cmd", "get_wait_stapxx_cmd", + "generate_flamegraph", "save_error_log", +} + +local function check_driver_sanity(mod) + if type(mod) ~= "table" then + error("Driver must return a table") + end + + for _, func in ipairs(driver_functions) do + if not mod[func] then + error("Driver " .. debug.getinfo(mod.new, "S").source .. + " must implement function " .. func, 2) + end + end +end + +local known_drivers = { "docker", "local", "terraform" } +--- Unset an environment variable +-- @function use_driver +-- @param name string name of the driver to use +-- @param opts[optional] table config parameters passed to the driver +-- @return nothing. Throws an error if any. +local function use_driver(name, opts) + name = name or "docker" + + if not pl_tablex.find(known_drivers, name) then + local err = ("Unknown perf test driver \"%s\", expect one of \"%s\""):format( + name, table.concat(known_drivers, "\", \"") + ) + error(err, 2) + end + + local pok, mod = pcall(require, "spec.helpers.perf.drivers." .. name) + + if not pok then + error(("Unable to load perf test driver %s: %s"):format(name, mod)) + end + + check_driver_sanity(mod) + + DRIVER = mod.new(opts) + DRIVER_NAME = name +end + +--- Set driver operation retry count +-- @function set_retry_count +-- @param try number the retry time for each driver operation +-- @return nothing. +local function set_retry_count(try) + if type(try) ~= "number" then + error("expect a number, got " .. type(try)) + end + RETRY_COUNT = try +end + +local function invoke_driver(method, ...) + if not DRIVER then + error("No driver selected, call use_driver first", 2) + end + local happy + local r, err + for i=1, RETRY_COUNT do + r, err = DRIVER[method](DRIVER, ...) + if not r then + my_logger.warn("failed in ", method, ": ", err or "nil", ", tries: ", i) + else + happy = true + break + end + end + if not happy then + error(method .. " finally failed after " .. RETRY_COUNT .. " tries", 2) + end + return r +end + +local _M = { + use_driver = use_driver, + set_retry_count = set_retry_count, + + new_logger = logger.new_logger, + set_log_level = logger.set_log_level, + + setenv = utils.setenv, + unsetenv = utils.unsetenv, + execute = utils.execute, + wait_output = utils.wait_output, + + git_checkout = git.git_checkout, + git_restore = git.git_restore, + get_kong_version = git.get_kong_version, +} + +--- Start the upstream (nginx) with given conf +-- @function start_upstream +-- @param conf string the Nginx nginx snippet under server{} context +-- @return upstream_uri as string +function _M.start_upstream(conf) + return invoke_driver("start_upstreams", conf, 1)[1] +end + +--- Start the upstream (nginx) with given conf with multiple ports +-- @function start_upstream +-- @param conf string the Nginx nginx snippet under server{} context +-- @param port_count number number of ports the upstream listens to +-- @return upstream_uri as string or table if port_count is more than 1 +function _M.start_upstreams(conf, port_count) + return invoke_driver("start_upstreams", conf, port_count) +end + +local function dp_conf_from_cp_conf(kong_conf) + local dp_conf = {} + for k, v in pairs(kong_conf) do + dp_conf[k] = v + end + dp_conf['role'] = 'data_plane' + dp_conf['database'] = 'off' + dp_conf['cluster_control_plane'] = 'kong-cp:8005' + dp_conf['cluster_telemetry_endpoint'] = 'kong-cp:8006' + + return dp_conf +end + +--- Start Kong in hybrid mode with given version and conf +-- @function start_hybrid_kong +-- @param version string Kong version +-- @param kong_confs table Kong configuration as a lua table +-- @return nothing. Throws an error if any. +function _M.start_hybrid_kong(version, kong_confs) + if DRIVER_NAME ~= 'docker' then + error("Hybrid support only availabe in Docker driver") + end + local kong_confs = kong_confs or {} + + kong_confs['cluster_cert'] = '/kong_clustering.crt' + kong_confs['cluster_cert_key'] = '/kong_clustering.key' + kong_confs['role'] = 'control_plane' + + local control_plane = _M.start_kong(version, kong_confs, { container_id = 'cp'}) + local driver_confs = { dns = { ['kong-cp'] = control_plane }, container_id = 'dp' } + DATA_PLANE = _M.start_kong(version, dp_conf_from_cp_conf(kong_confs), driver_confs) + + if not utils.wait_output("docker logs -f " .. DATA_PLANE, " [DB cache] purging (local) cache") then + return false, "timeout waiting for DP having it's entities ready (5s)" + end +end + +--- Start Kong with given version and conf +-- @function start_kong +-- @param version string Kong version +-- @param kong_confs table Kong configuration as a lua table +-- @param driver_confs table driver configuration as a lua table +-- @return nothing. Throws an error if any. +function _M.start_kong(version, kong_confs, driver_confs) + return invoke_driver("start_kong", version, kong_confs or {}, driver_confs or {}) +end + +--- Stop Kong +-- @function stop_kong +-- @return nothing. Throws an error if any. +function _M.stop_kong() + return invoke_driver("stop_kong") +end + +--- Setup env vars and return the configured helpers utility +-- @function setup +-- @return table the `helpers` utility as if it's require("spec.helpers") +function _M.setup() + return invoke_driver("setup") +end + +--- Cleanup all the stuff +-- @function teardown +-- @param full[optional] boolean teardown all stuff, including those will +-- make next test spin up faster +-- @return nothing. Throws an error if any. +function _M.teardown(full) + return invoke_driver("teardown", full) +end + +local load_thread +local load_should_stop + +--- Start to send load to Kong +-- @function start_load +-- @param opts.path[optional] string request path, default to / +-- @param opts.uri[optional] string base URI except path, default to http://kong-ip:kong-port/ +-- @param opts.connections[optional] number connection count, default to 1000 +-- @param opts.threads[optional] number request thread count, default to 5 +-- @param opts.duration[optional] number perf test duration in seconds, default to 10 +-- @param opts.script[optional] string content of wrk script, default to nil +-- @return nothing. Throws an error if any. +function _M.start_load(opts) + if load_thread then + error("load is already started, stop it using wait_result() first", 2) + end + + local path = opts.path or "" + -- strip leading / + if path:sub(1, 1) == "/" then + path = path:sub(2) + end + + local load_cmd_stub = "wrk -c " .. (opts.connections or 1000) .. + " -t " .. (opts.threads or 5) .. + " -d " .. (opts.duration or 10) .. + " %s " .. -- script place holder + " %s/" .. path + + local load_cmd = invoke_driver("get_start_load_cmd", load_cmd_stub, opts.script, opts.uri, DATA_PLANE) + load_should_stop = false + + load_thread = ngx.thread.spawn(function() + return utils.execute(load_cmd, + { + stop_signal = function() if load_should_stop then return 9 end end, + }) + end) +end + +local stapxx_thread +local stapxx_should_stop + +--- Start to send load to Kong +-- @function start_stapxx +-- @param sample_name string stapxx sample name +-- @param ... string extra arguments passed to stapxx script +-- @return nothing. Throws an error if any. +function _M.start_stapxx(sample_name, ...) + if stapxx_thread then + error("stapxx is already started, stop it using wait_result() first", 2) + end + + local start_cmd = invoke_driver("get_start_stapxx_cmd", sample_name, ...) + stapxx_should_stop = false + + stapxx_thread = ngx.thread.spawn(function() + return utils.execute(start_cmd, + { + stop_signal = function() if stapxx_should_stop then return 3 end end, + }) + end) + + local wait_cmd = invoke_driver("get_wait_stapxx_cmd") + if not utils.wait_output(wait_cmd, "stap_", 30) then + return false, "timeout waiting systemtap probe to load" + end + + return true +end + +--- Wait the load test to finish and get result +-- @function wait_result +-- @return string the test report text +function _M.wait_result(opts) + if not load_thread then + error("load haven't been started or already collected, " .. + "start it using start_load() first", 2) + end + + -- local timeout = opts and opts.timeout or 3 + -- local ok, res, err + + -- ngx.update_time() + -- local s = ngx.now() + -- while not found and ngx.now() - s <= timeout do + -- ngx.update_time() + -- ngx.sleep(0.1) + -- if coroutine.status(self.load_thread) ~= "running" then + -- break + -- end + -- end + -- print(coroutine.status(self.load_thread), coroutine.running(self.load_thread)) + + -- if coroutine.status(self.load_thread) == "running" then + -- self.load_should_stop = true + -- return false, "timeout waiting for load to stop (" .. timeout .. "s)" + -- end + + if stapxx_thread then + local ok, res, err = ngx.thread.wait(stapxx_thread) + stapxx_should_stop = true + stapxx_thread = nil + if not ok or err then + my_logger.warn("failed to wait stapxx to finish: ", + (res or "nil"), + " err: " .. (err or "nil")) + end + my_logger.debug("stap++ output: ", res) + end + + local ok, res, err = ngx.thread.wait(load_thread) + load_should_stop = true + load_thread = nil + + if not ok or err then + error("failed to wait result: " .. (res or "nil") .. + " err: " .. (err or "nil")) + end + + return res +end + +local function sum(t) + local s = 0 + for _, i in ipairs(t) do + if type(i) == "number" then + s = s + i + end + end + + return s +end + +-- Note: could also use custom lua code in wrk +local nan = 0/0 +local function parse_wrk_result(r) + local rps = string.match(r, "Requests/sec:%s+([%d%.]+)") + rps = tonumber(rps) + local count = string.match(r, "([%d]+)%s+requests in") + count = tonumber(count) + -- Note: doesn't include case where unit is us: Latency 0.00us 0.00us 0.00us -nan% + local lat_avg, avg_m, lat_max, max_m = string.match(r, "Latency%s+([%d%.]+)(m?)s%s+[%d%.]+m?s%s+([%d%.]+)(m?)s") + lat_avg = tonumber(lat_avg or nan) * (avg_m == "m" and 1 or 1000) + lat_max = tonumber(lat_max or nan) * (max_m == "m" and 1 or 1000) + return rps, count, lat_avg, lat_max +end + +--- Compute average of RPS and latency from multiple wrk output +-- @results table the table holds raw wrk outputs +-- @return string. The human readable result of average RPS and latency +function _M.combine_results(results) + local count = #results + if count == 0 then + return "(no results)" + end + + local rpss = table.new(count, 0) + local latencies_avg = table.new(count, 0) + local latencies_max = table.new(count, 0) + local count = 0 + + for i, result in ipairs(results) do + local r, c, la, lm = parse_wrk_result(result) + rpss[i] = r + count = count + c + latencies_avg[i] = la * c + latencies_max[i] = lm + end + + local rps = sum(rpss) / 3 + local latency_avg = sum(latencies_avg) / count + local latency_max = math.max(unpack(latencies_max)) + + return ([[ +RPS Avg: %3.2f +Latency Avg: %3.2fms Max: %3.2fms + ]]):format(rps, latency_avg, latency_max) +end + +--- Wait until the systemtap probe is loaded +-- @function wait_stap_probe +function _M.wait_stap_probe(timeout) + return invoke_driver("wait_stap_probe", timeout or 20) +end + +--- Generate the flamegraph and return SVG +-- @function generate_flamegraph +-- @param title the title for flamegraph +-- @param opts the command line options string(not table) for flamegraph.pl +-- @return Nothing. Throws an error if any. +function _M.generate_flamegraph(filename, title, opts) + if not filename then + error("filename must be specified for generate_flamegraph") + end + if string.sub(filename, #filename-3, #filename):lower() ~= ".svg" then + filename = filename .. ".svg" + end + + if not title then + title = "Flame graph" + end + + -- If current test is git-based, also attach the Kong binary package + -- version it based on + if git.is_git_repo() and git.is_git_based() then + title = title .. " (based on " .. git.get_kong_version() .. ")" + end + + local out = invoke_driver("generate_flamegraph", title, opts) + + local f, err = io.open(filename, "w") + if not f then + error("failed to open " .. filename .. " for writing flamegraph: " .. err) + end + + f:write(out) + f:close() + + my_logger.debug("flamegraph written to ", filename) +end + + +--- Save Kong error log locally +-- @function save_error_log +-- @return Nothing. Throws an error if any. +function _M.save_error_log(filename) + if not filename then + error("filename must be specified for save_error_log") + end + + invoke_driver("save_error_log", filename) + + my_logger.debug("Kong error log written to ", filename) +end + +return _M diff --git a/kong-versions/2.8.4.3/kong/spec/helpers/perf/drivers/docker.lua b/kong-versions/2.8.4.3/kong/spec/helpers/perf/drivers/docker.lua new file mode 100644 index 00000000..7ee8bd23 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/helpers/perf/drivers/docker.lua @@ -0,0 +1,374 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local perf = require("spec.helpers.perf") +local tools = require("kong.tools.utils") +local helpers + +local _M = {} +local mt = {__index = _M} + +local UPSTREAM_PORT = 18088 + +function _M.new(opts) + return setmetatable({ + opts = opts, + log = perf.new_logger("[docker]"), + psql_ct_id = nil, + kong_ct_ids = {}, + worker_ct_id = nil, + }, mt) +end + +local function start_container(cid) + if not cid then + return false, "container does not exist" + end + + local _, err = perf.execute("docker start " .. cid) + if err then + return false, "docker start:" .. err + end + + local out, err = perf.execute("docker inspect --format='{{.State.Running}}' " .. cid) + if err then + return false, "docker inspect:" .. err + end + + if out:gsub("\n", "") ~= "true" then + local out, err = perf.execute("docker logs -n5 " .. cid) + if err then + return false, "docker logs:" .. err + end + return false, out + end + + return true +end + +local function create_container(self, args, img) + local out, err = perf.execute("docker images --format '{{.Repository}}:{{.Tag}}' " .. img) + -- plain pattern find + if err or not out:find(img, nil, true) then + local _, err = perf.execute("docker pull " .. img, { logger = self.log.log_exec }) + if err then + return false, err + end + end + + args = args or "" + out, err = perf.execute("docker create " .. args .. " " .. img) + if err then + return false, err + end + local cid = out:match("^[a-f0-9]+$") + if not cid then + return false, "invalid container ID " .. cid + end + return cid +end + +local function get_container_port(cid, ct_port) + local out, err = perf.execute( + "docker inspect " .. + "--format='{{range $p, $conf := .NetworkSettings.Ports}}" .. + "{{if eq $p \"" .. ct_port .. "\" }}{{(index $conf 0).HostPort}}{{end}}" .. + "{{end}}' " .. cid) + if err then + return false, "docker inspect:" .. err .. ": " .. (out or "nil") + end + + return tonumber(out) +end + +local function get_container_vip(cid) + local out, err = perf.execute("docker inspect --format='{{.NetworkSettings.Networks.bridge.IPAddress}}' " .. cid) + if err then + return false, "docker inspect:" .. err .. ": " .. (out or "nil") + end + + return out +end + +function _M:teardown() + local ct_ids = {"worker_ct_id", "psql_ct_id" } + for _, cid in ipairs(ct_ids) do + if self[cid] then + perf.execute("docker rm -f " .. self[cid], { logger = self.log.log_exec }) + self[cid] = nil + end + end + + for conf_id, kong_ct_id in pairs(self.kong_ct_ids) do + perf.execute("docker rm -f " .. kong_ct_id, { logger = self.log.log_exec }) + self.kong_ct_ids[conf_id] = nil + end + + perf.git_restore() + + return true +end + +local function inject_kong_admin_client(self, helpers) + helpers.admin_client = function(timeout) + if not self.kong_ct_id then + error("helpers.admin_client can only be called after perf.start_kong") + end + local admin_port, err = get_container_port(self.kong_ct_id, "8001/tcp") + if not admin_port then + error("failed to get kong admin port: " .. (err or "nil")) + end + return helpers.http_client("127.0.0.1", admin_port, timeout or 60000) + end + return helpers +end + +function _M:setup() + if not self.psql_ct_id then + local cid, err = create_container(self, "-p5432 " .. + "-e POSTGRES_HOST_AUTH_METHOD=trust -e POSTGRES_DB=kong_tests " .. + "-e POSTGRES_USER=kong ", + "postgres:11") + if err then + return false, "error running docker create when creating kong container: " .. err + end + self.psql_ct_id = cid + end + + self.log.info("psql container ID is ", self.psql_ct_id) + local ok, err = start_container(self.psql_ct_id) + if not ok then + return false, "psql is not running: " .. err + end + + local psql_port, err = get_container_port(self.psql_ct_id, "5432/tcp") + if not psql_port then + return false, "failed to get psql port: " .. (err or "nil") + end + + -- wait + if not perf.wait_output("docker logs -f " .. self.psql_ct_id, "is ready to accept connections") then + return false, "timeout waiting psql to start (5s)" + end + + self.log.info("psql is started to listen at port ", psql_port) + perf.setenv("KONG_PG_PORT", ""..psql_port) + + ngx.sleep(3) -- TODO: less flaky + + -- reload the spec.helpers module, since it may have been loaded with + -- a different set of env vars + package.loaded["spec.helpers"] = nil + helpers = require("spec.helpers") + + return inject_kong_admin_client(self, helpers) +end + +function _M:start_upstreams(conf, port_count) + if not conf then + error("upstream conf is not defined", 2) + end + + local listeners = {} + for i=1,port_count do + listeners[i] = ("listen %d reuseport;"):format(UPSTREAM_PORT+i-1) + end + listeners = table.concat(listeners, "\n") + + if not self.worker_ct_id then + local _, err = perf.execute( + "docker build --progress plain -t perf-test-upstream -", + { + logger = self.log.log_exec, + stdin = ([[ + FROM nginx:alpine + RUN apk update && apk add wrk + RUN echo -e '\ + server {\ + %s\ + access_log off;\ + location =/health { \ + return 200; \ + } \ + %s \ + }' > /etc/nginx/conf.d/perf-test.conf + + # copy paste + ENTRYPOINT ["/docker-entrypoint.sh"] + + STOPSIGNAL SIGQUIT + + CMD ["nginx", "-g", "daemon off;"] + ]]):format(listeners:gsub("\n", "\\n"), conf:gsub("\n", "\\n")) + } + ) + if err then + return false, err + end + + local cid, err = create_container(self, "-p " .. UPSTREAM_PORT, "perf-test-upstream") + if err then + return false, "error running docker create when creating upstream: " .. err + end + self.worker_ct_id = cid + end + + self.log.info("worker container ID is ", self.worker_ct_id) + + local ok, err = start_container(self.worker_ct_id) + if not ok then + return false, "worker is not running: " .. err + end + ngx.sleep(3) -- TODO: less flaky + + local worker_vip, err = get_container_vip(self.worker_ct_id) + if err then + return false, "unable to read worker container's private IP: " .. err + end + + self.log.info("worker is started") + + local uris = {} + for i=1,port_count do + uris[i] = "http://" .. worker_vip .. ":" .. UPSTREAM_PORT+i-1 + end + return uris +end + +function _M:_hydrate_kong_configuration(kong_conf, driver_conf) + local config = '' + for k, v in pairs(kong_conf) do + config = string.format("%s -e KONG_%s=%s", config, k:upper(), v) + end + config = config .. " -e KONG_PROXY_ACCESS_LOG=/dev/null -p 8001 -e KONG_ADMIN_LISTEN=0.0.0.0:8001 " + + -- adds database configuration + if kong_conf['database'] == nil then + config = config .. " --link " .. self.psql_ct_id .. ":postgres " .. + "-e KONG_PG_HOST=postgres " .. + "-e KONG_PG_DATABASE=kong_tests " + end + + if driver_conf['dns'] ~= nil then + for name, address in pairs(driver_conf['dns']) do + config = string.format("%s --link %s:%s", config, address, name) + end + end + + return config +end + +function _M:start_kong(version, kong_conf, driver_conf) + if not version then + error("Kong version is not defined", 2) + end + + local use_git + local image = "kong" + local kong_conf_id = driver_conf['container_id'] or 'default' + + if version:startswith("git:") then + perf.git_checkout(version:sub(#("git:")+1)) + use_git = true + version = perf.get_kong_version() + self.log.debug("current git hash resolves to docker version ", version) + elseif version:match("rc") or version:match("beta") then + image = "kong/kong" + end + + if self.kong_ct_ids[kong_conf_id] == nil then + local config = self:_hydrate_kong_configuration(kong_conf, driver_conf) + local cid, err = create_container(self, config, image .. ":" .. version) + if err then + return false, "error running docker create when creating kong container: " .. err + end + self.kong_ct_ids[kong_conf_id] = cid + perf.execute("docker cp ./spec/fixtures/kong_clustering.crt " .. cid .. ":/") + perf.execute("docker cp ./spec/fixtures/kong_clustering.key " .. cid .. ":/") + + if use_git then + perf.execute("docker cp ./kong " .. cid .. ":/usr/local/share/lua/5.1/") + end + end + + self.log.info("starting kong container with ID ", self.kong_ct_ids[kong_conf_id]) + local ok, err = start_container(self.kong_ct_ids[kong_conf_id]) + if not ok then + return false, "kong is not running: " .. err + end + + self.log.debug("docker logs -f " .. self.kong_ct_ids[kong_conf_id], " start worker process") + -- wait + if not perf.wait_output("docker logs -f " .. self.kong_ct_ids[kong_conf_id], " start worker process") then + return false, "timeout waiting kong to start (5s)" + end + + return self.kong_ct_ids[kong_conf_id] +end + +function _M:stop_kong() + for conf_id, kong_ct_id in pairs(self.kong_ct_ids) do + if not perf.execute("docker stop " .. kong_ct_id) then + return false + end + end + + return true +end + +function _M:get_start_load_cmd(stub, script, uri, kong_id) + if not uri then + if not kong_id then + kong_id = self.kong_ct_ids[next(self.kong_ct_ids)] -- pick the first one + end + local kong_vip, err = get_container_vip(kong_id) + if err then + return false, "unable to read kong container's private IP: " .. err + end + uri = string.format("http://%s:8000", kong_vip) + end + + local script_path + if script then + script_path = string.format("/tmp/wrk-%s.lua", tools.random_string()) + local out, err = perf.execute(string.format( + "docker exec -i %s tee %s", self.worker_ct_id, script_path), + { + stdin = script, + }) + if err then + return false, "failed to write script in container: " .. (out or err) + end + end + + script_path = script_path and ("-s " .. script_path) or "" + + return "docker exec " .. self.worker_ct_id .. " " .. + stub:format(script_path, uri) +end + +function _M:get_start_stapxx_cmd() + error("SystemTap support not yet implemented in docker driver") +end + +function _M:get_wait_stapxx_cmd() + error("SystemTap support not yet implemented in docker driver") +end + +function _M:generate_flamegraph() + error("SystemTap support not yet implemented in docker driver") +end + +function _M:save_error_log(path) + for _, kong_ct_id in pairs(self.kong_ct_ids) do + perf.execute("docker logs " .. kong_ct_id .. " 2>'" .. path .. "-" .. kong_ct_id .. "'", + { logger = self.log.log_exec }) + end + return true +end + +return _M diff --git a/kong-versions/2.8.4.3/kong/spec/helpers/perf/drivers/local.lua b/kong-versions/2.8.4.3/kong/spec/helpers/perf/drivers/local.lua new file mode 100644 index 00000000..a2d6edf9 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/helpers/perf/drivers/local.lua @@ -0,0 +1,275 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local perf = require("spec.helpers.perf") +local pl_path = require("pl.path") +local tools = require("kong.tools.utils") +local helpers + +local _M = {} +local mt = {__index = _M} + +local UPSTREAM_PORT = 62412 + +local WRK_SCRIPT_PREFIX = "/tmp/perf-wrk-" +local KONG_ERROR_LOG_PATH = "/tmp/error.log" + +function _M.new(opts) + return setmetatable({ + opts = opts, + log = perf.new_logger("[local]"), + upstream_nginx_pid = nil, + nginx_bin = nil, + wrk_bin = nil, + git_head = nil, + git_stashed = false, + systemtap_sanity_checked = false, + systemtap_dest_path = nil, + }, mt) +end + +function _M:setup() + local bin + for _, test in ipairs({"nginx", "/usr/local/openresty/nginx/sbin/nginx"}) do + bin, _ = perf.execute("which " .. test) + if bin then + self.nginx_bin = bin + break + end + end + + if not self.nginx_bin then + return nil, "nginx binary not found, either install nginx package or Kong" + end + + bin = perf.execute("which wrk") + if not bin then + return nil, "wrk binary not found" + end + self.wrk_bin = bin + + bin = perf.execute("which git") + if not bin then + return nil, "git binary not found" + end + + package.loaded["spec.helpers"] = nil + helpers = require("spec.helpers") + return helpers +end + +function _M:teardown() + if self.upstream_nginx_pid then + local _, err = perf.execute("kill " .. self.upstream_nginx_pid) + if err then + return false, "stopping upstream: " .. err + end + self.upstream_nginx_pid = nil + end + + perf.git_restore() + + perf.execute("rm -vf " .. WRK_SCRIPT_PREFIX .. "*.lua", + { logger = self.log.log_exec }) + + return self:stop_kong() +end + +function _M:start_upstreams(conf, port_count) + local listeners = {} + for i=1,port_count do + listeners[i] = ("listen %d reuseport;"):format(UPSTREAM_PORT+i-1) + end + listeners = table.concat(listeners, "\n") + + local nginx_conf_path = "/tmp/perf-test-nginx.conf" + local nginx_prefix = "/tmp/perf-test-nginx" + + pl_path.mkdir(nginx_prefix) + pl_path.mkdir(nginx_prefix .. "/logs") + + local f = io.open(nginx_conf_path, "w") + f:write(([[ + events {} + pid nginx.pid; + error_log error.log; + http { + access_log off; + server { + %s + %s + } + } + ]]):format(listeners, conf)) + f:close() + + local res, err = perf.execute("nginx -c " .. nginx_conf_path .. + " -p " .. nginx_prefix, + { logger = self.log.log_exec }) + + if err then + return false, "failed to start nginx: " .. err .. ": " .. (res or "nil") + end + + f = io.open(nginx_prefix .. "/nginx.pid") + local pid = f:read() + f:close() + if not tonumber(pid) then + return false, "pid is not a number: " .. pid + end + + self.upstream_nginx_pid = pid + + self.log.info("upstream started at PID: " .. pid) + + local uris = {} + for i=1,port_count do + uris[i] = "http://127.0.0.1:" .. UPSTREAM_PORT+i-1 + end + return uris +end + +function _M:start_kong(version, kong_conf, driver_conf) + if not version:startswith("git:") then + return nil, "\"local\" driver only support testing between git commits, " .. + "version should be prefixed with \"git:\"" + end + + version = version:sub(#("git:")+1) + + perf.git_checkout(version) + + -- cleanup log file + perf.execute("echo > /tmp/kong_error.log") + + kong_conf = kong_conf or {} + kong_conf['proxy_access_log'] = "/dev/null" + kong_conf['proxy_error_log'] = KONG_ERROR_LOG_PATH + kong_conf['admin_error_log'] = KONG_ERROR_LOG_PATH + + return helpers.start_kong(kong_conf) +end + +function _M:stop_kong() + helpers.stop_kong() + return true +end + +function _M:get_start_load_cmd(stub, script, uri) + if not uri then + uri = string.format("http://%s:%s", + helpers.get_proxy_ip(), + helpers.get_proxy_port()) + end + + local script_path + if script then + script_path = WRK_SCRIPT_PREFIX .. tools.random_string() .. ".lua" + local f = assert(io.open(script_path, "w")) + assert(f:write(script)) + assert(f:close()) + end + + script_path = script_path and ("-s " .. script_path) or "" + + return stub:format(script_path, uri) +end + +local function check_systemtap_sanity(self) + local bin, _ = perf.execute("which stap") + if not bin then + return nil, "systemtap binary not found" + end + + -- try compile the kernel module + local out, err = perf.execute("sudo stap -ve 'probe begin { print(\"hello\\n\"); exit();}'") + if err then + return nil, "systemtap failed to compile kernel module: " .. (out or "nil") .. + " err: " .. (err or "nil") .. "\n Did you install gcc and kernel headers?" + end + + local cmds = { + "stat /tmp/stapxx || git clone https://github.com/Kong/stapxx /tmp/stapxx", + "stat /tmp/perf-ost || git clone https://github.com/openresty/openresty-systemtap-toolkit /tmp/perf-ost", + "stat /tmp/perf-fg || git clone https://github.com/brendangregg/FlameGraph /tmp/perf-fg" + } + for _, cmd in ipairs(cmds) do + local _, err = perf.execute(cmd, { logger = self.log.log_exec }) + if err then + return nil, cmd .. " failed: " .. err + end + end + + return true +end + +function _M:get_start_stapxx_cmd(sample, ...) + if not self.systemtap_sanity_checked then + local ok, err = check_systemtap_sanity(self) + if not ok then + return nil, err + end + self.systemtap_sanity_checked = true + end + + -- find one of kong's child process hopefully it's a worker + -- (does kong have cache loader/manager?) + local pid, err = perf.execute("pid=$(cat servroot/pids/nginx.pid);" .. + "cat /proc/$pid/task/$pid/children | awk '{print $1}'") + if not pid then + return nil, "failed to get Kong worker PID: " .. (err or "nil") + end + + local args = table.concat({...}, " ") + + self.systemtap_dest_path = "/tmp/" .. tools.random_string() + return "sudo /tmp/stapxx/stap++ /tmp/stapxx/samples/" .. sample .. + " --skip-badvars -D MAXSKIPPED=1000000 -x " .. pid .. + " " .. args .. + " > " .. self.systemtap_dest_path .. ".bt" +end + +function _M:get_wait_stapxx_cmd(timeout) + return "lsmod | grep stap_" +end + +function _M:generate_flamegraph(title, opts) + local path = self.systemtap_dest_path + self.systemtap_dest_path = nil + + local f = io.open(path .. ".bt") + if not f or f:seek("end") == 0 then + return nil, "systemtap output is empty, possibly no sample are captured" + end + f:close() + + local cmds = { + "/tmp/perf-ost/fix-lua-bt " .. path .. ".bt > " .. path .. ".fbt", + "/tmp/perf-fg/stackcollapse-stap.pl " .. path .. ".fbt > " .. path .. ".cbt", + "/tmp/perf-fg/flamegraph.pl --title='" .. title .. "' " .. (opts or "") .. " " .. path .. ".cbt > " .. path .. ".svg", + } + local err + for _, cmd in ipairs(cmds) do + _, err = perf.execute(cmd, { logger = self.log.log_exec }) + if err then + return nil, cmd .. " failed: " .. err + end + end + + local out, _ = perf.execute("cat " .. path .. ".svg") + + perf.execute("rm " .. path .. ".*") + + return out +end + +function _M:save_error_log(path) + return perf.execute("mv " .. KONG_ERROR_LOG_PATH .. " '" .. path .. "'", + { logger = self.log.log_exec }) +end + +return _M diff --git a/kong-versions/2.8.4.3/kong/spec/helpers/perf/drivers/terraform.lua b/kong-versions/2.8.4.3/kong/spec/helpers/perf/drivers/terraform.lua new file mode 100644 index 00000000..a6ebad47 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/helpers/perf/drivers/terraform.lua @@ -0,0 +1,457 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local perf = require("spec.helpers.perf") +local pl_path = require("pl.path") +local cjson = require("cjson") +local tools = require("kong.tools.utils") +math.randomseed(os.time()) + +local _M = {} +local mt = {__index = _M} + +local UPSTREAM_PORT = 8088 +local KONG_ADMIN_PORT +local PG_PASSWORD = tools.random_string() +local KONG_ERROR_LOG_PATH = "/tmp/error.log" +-- threshold for load_avg / nproc, not based on specific research, +-- just a arbitrary number to ensure test env is normalized +local LOAD_NORMALIZED_THRESHOLD = 0.2 + +function _M.new(opts) + local provider = opts and opts.provider or "equinix-metal" + local work_dir = "./spec/fixtures/perf/terraform/" .. provider + if not pl_path.exists(work_dir) then + error("Hosting provider " .. provider .. " unsupported: expect " .. work_dir .. " to exists", 2) + end + + local tfvars = "" + if opts and opts.tfvars then + for k, v in pairs(opts.tfvars) do + tfvars = string.format("%s -var '%s=%s' ", tfvars, k, v) + end + end + + return setmetatable({ + opts = opts, + log = perf.new_logger("[terraform]"), + ssh_log = perf.new_logger("[terraform][ssh]"), + provider = provider, + work_dir = work_dir, + tfvars = tfvars, + kong_ip = nil, + kong_internal_ip = nil, + worker_ip = nil, + worker_internal_ip = nil, + systemtap_sanity_checked = false, + systemtap_dest_path = nil, + }, mt) +end + +local function ssh_execute_wrap(self, ip, cmd) + -- to quote a ', one need to finish the current ', quote the ' then start a new ' + cmd = string.gsub(cmd, "'", "'\\''") + return "ssh " .. + "-o IdentityFile=" .. self.work_dir .. "/id_rsa " .. -- TODO: no hardcode + "-o TCPKeepAlive=yes -o ServerAliveInterval=300 " .. + -- turn on connection multiplexing + "-o ControlPath=" .. self.work_dir .. "/cm-%r@%h:%p " .. + "-o ControlMaster=auto -o ControlPersist=10m " .. + -- no interactive prompt for saving hostkey + "-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no " .. + "root@" .. ip .. " '" .. cmd .. "'" +end + +-- if remote_ip is set, run remotely; else run on host machine +local function execute_batch(self, remote_ip, cmds, continue_on_error) + for _, cmd in ipairs(cmds) do + if remote_ip then + cmd = ssh_execute_wrap(self, remote_ip, cmd) + end + local _, err = perf.execute(cmd, { + logger = (remote_ip and self.ssh_log or self.log).log_exec + }) + if err then + if not continue_on_error then + return false, "failed in \"" .. cmd .. "\": ".. (err or "nil") + end + self.log.warn("execute ", cmd, " has error: ", (err or "nil")) + end + end + return true +end + +function _M:setup(opts) + local bin, _ = perf.execute("which terraform") + if not bin then + return nil, "terraform binary not found" + end + + local ok, err + -- terraform apply + self.log.info("Running terraform to provision instances...") + + ok, err = execute_batch(self, nil, { + "terraform version", + "cd " .. self.work_dir .. " && terraform init", + "cd " .. self.work_dir .. " && terraform apply -auto-approve " .. self.tfvars, + }) + if not ok then + return false, err + end + + -- grab outputs + local res, err = perf.execute("cd " .. self.work_dir .. " && terraform show -json") + if err then + return false, "terraform show: " .. err + end + res = cjson.decode(res) + + self.kong_ip = res.values.outputs["kong-ip"].value + self.kong_internal_ip = res.values.outputs["kong-internal-ip"].value + self.worker_ip = res.values.outputs["worker-ip"].value + self.worker_internal_ip = res.values.outputs["worker-internal-ip"].value + + -- install psql docker on kong + ok, err = execute_batch(self, self.kong_ip, { + "apt-get update", "apt-get install -y --force-yes docker.io", + "docker rm -f kong-database || true", -- if exist remove it + "docker run -d -p5432:5432 ".. + "-e POSTGRES_PASSWORD=" .. PG_PASSWORD .. " " .. + "-e POSTGRES_DB=kong_tests " .. + "-e POSTGRES_USER=kong --name=kong-database postgres:11", + }) + if not ok then + return ok, err + end + + -- wait + local cmd = ssh_execute_wrap(self, self.kong_ip, + "docker logs -f kong-database") + if not perf.wait_output(cmd, "is ready to accept connections", 5) then + return false, "timeout waiting psql to start (5s)" + end + -- slightly wait a bit: why? + ngx.sleep(1) + + perf.setenv("KONG_PG_HOST", self.kong_ip) + perf.setenv("KONG_PG_PASSWORD", PG_PASSWORD) + -- self.log.debug("(In a low voice) pg_password is " .. PG_PASSWORD) + + self.log.info("Infra is up! However, executing psql remotely may take a while...") + for i=1, 3 do + package.loaded["spec.helpers"] = nil + local pok, pret = pcall(require, "spec.helpers") + if pok then + pret.admin_client = function(timeout) + return pret.http_client(self.kong_ip, KONG_ADMIN_PORT, timeout or 60000) + end + return pret + end + self.log.warn("unable to load spec.helpers: " .. (pret or "nil") .. ", try " .. i) + ngx.sleep(1) + end + error("Unable to load spec.helpers") +end + +function _M:teardown(full) + if full then + -- terraform destroy + self.log.info("Running terraform to destroy instances...") + + local ok, err = execute_batch(self, nil, { + "terraform version", + "cd " .. self.work_dir .. " && terraform init", + "cd " .. self.work_dir .. " && terraform destroy -auto-approve " .. self.tfvars, + }) + if not ok then + return false, err + end + end + + perf.git_restore() + + -- otherwise do nothing + return true +end + +function _M:start_upstreams(conf, port_count) + conf = conf or "" + local listeners = {} + for i=1,port_count do + listeners[i] = ("listen %d reuseport;"):format(UPSTREAM_PORT+i-1) + end + listeners = table.concat(listeners, "\n") + + conf = ngx.encode_base64(([[ + worker_processes auto; + worker_cpu_affinity auto; + error_log /var/log/nginx/error.log; + pid /run/nginx.pid; + worker_rlimit_nofile 20480; + + events { + accept_mutex off; + worker_connections 10620; + } + + http { + access_log off; + server_tokens off; + keepalive_requests 10000; + tcp_nodelay on; + + server { + %s + location =/health { + return 200; + } + location / { + return 200 " performancetestperformancetestperformancetestperformancetestperformancetest"; + } + %s + } + }]]):format(listeners, conf)):gsub("\n", "") + + local ok, err = execute_batch(self, self.worker_ip, { + "sudo id", + "echo performance | sudo tee /sys/devices/system/cpu/cpu*/cpufreq/scaling_governor", + "sudo apt-get update", "sudo apt-get install -y --force-yes nginx", + -- ubuntu where's wrk in apt? + "wget -nv http://mirrors.kernel.org/ubuntu/pool/universe/w/wrk/wrk_4.1.0-3_amd64.deb -O wrk.deb", + "dpkg -l wrk || (sudo dpkg -i wrk.deb || sudo apt-get -f -y install)", + "echo " .. conf .. " | sudo base64 -d > /etc/nginx/nginx.conf", + "sudo nginx -t", + "sudo systemctl restart nginx", + }) + if not ok then + return nil, err + end + + local uris = {} + for i=1,port_count do + uris[i] = "http://" .. self.worker_internal_ip .. ":" .. UPSTREAM_PORT+i-1 + end + return uris +end + +function _M:start_kong(version, kong_conf, driver_conf) + kong_conf = kong_conf or {} + kong_conf["pg_password"] = PG_PASSWORD + kong_conf["pg_database"] = "kong_tests" + + kong_conf['proxy_access_log'] = "/dev/null" + kong_conf['proxy_error_log'] = KONG_ERROR_LOG_PATH + kong_conf['admin_error_log'] = KONG_ERROR_LOG_PATH + + KONG_ADMIN_PORT = math.floor(math.random()*50000+10240) + kong_conf['admin_listen'] = "0.0.0.0:" .. KONG_ADMIN_PORT + kong_conf['anonymous_reports'] = "off" + + local kong_conf_blob = "" + for k, v in pairs(kong_conf) do + kong_conf_blob = string.format("%s\n%s=%s\n", kong_conf_blob, k, v) + end + kong_conf_blob = ngx.encode_base64(kong_conf_blob):gsub("\n", "") + + local use_git + + if version:startswith("git:") then + perf.git_checkout(version:sub(#("git:")+1)) + use_git = true + + version = perf.get_kong_version() + self.log.debug("current git hash resolves to Kong version ", version) + end + + local download_path + if version:sub(1, 1) == "2" then + if version:match("rc") or version:match("beta") then + download_path = "https://download-stage.konghq.com/gateway-2.x-ubuntu-focal/pool/all/k/kong/kong_" .. + version .. "_amd64.deb" + else + download_path = "https://download.konghq.com/gateway-2.x-ubuntu-focal/pool/all/k/kong/kong_" .. + version .. "_amd64.deb" + end + else + error("Unknown download location for Kong version " .. version) + end + + local ok, err = execute_batch(self, self.kong_ip, { + "echo > " .. KONG_ERROR_LOG_PATH, + "sudo id", + -- set cpu scheduler to performance, it should lock cpufreq to static freq + "echo performance | sudo tee /sys/devices/system/cpu/cpu*/cpufreq/scaling_governor", + -- increase outgoing port range to avoid 99: Cannot assign requested address + "sysctl net.ipv4.ip_local_port_range='10240 65535'", + -- stop and remove kong if installed + "dpkg -l kong && (sudo kong stop; sudo dpkg -r kong) || true", + -- have to do the pkill sometimes, because kong stop allow the process to linger for a while + "sudo pkill -F /usr/local/kong/pids/nginx.pid || true", + -- remove all lua files, not only those installed by package + "rm -rf /usr/local/share/lua/5.1/kong", + "wget -nv " .. download_path .. " -O kong-" .. version .. ".deb", + "sudo dpkg -i kong-" .. version .. ".deb || sudo apt-get -f -y install", + "echo " .. kong_conf_blob .. " | sudo base64 -d > /etc/kong/kong.conf", + "sudo kong check", + }) + if not ok then + return false, err + end + + local ok, err = execute_batch(self, nil, { + -- upload + use_git and ("tar zc kong | " .. ssh_execute_wrap(self, self.kong_ip, + "sudo tar zx -C /usr/local/share/lua/5.1")) or "echo use stock files", + -- start kong + ssh_execute_wrap(self, self.kong_ip, + "ulimit -n 655360; kong start || kong restart") + }) + if not ok then + return false, err + end + + return true +end + +function _M:stop_kong() + local load = perf.execute(ssh_execute_wrap(self, self.kong_ip, + "cat /proc/loadavg")):match("[%d%.]+") + self.log.debug("Kong node end 1m loadavg is ", load) + + return perf.execute(ssh_execute_wrap(self, self.kong_ip, "kong stop"), + { logger = self.ssh_log.log_exec }) +end + +function _M:get_start_load_cmd(stub, script, uri) + if not uri then + uri = string.format("http://%s:8000", self.kong_internal_ip) + end + + local script_path + if script then + script_path = string.format("/tmp/wrk-%s.lua", tools.random_string()) + local out, err = perf.execute( + ssh_execute_wrap(self, self.worker_ip, "tee " .. script_path), + { + stdin = script, + }) + if err then + return false, "failed to write script in remote machine: " .. (out or err) + end + end + + script_path = script_path and ("-s " .. script_path) or "" + + local nproc = tonumber(perf.execute(ssh_execute_wrap(self, self.kong_ip, "nproc"))) + local load, load_normalized + while true do + load = perf.execute(ssh_execute_wrap(self, self.kong_ip, + "cat /proc/loadavg")):match("[%d%.]+") + load_normalized = tonumber(load) / nproc + if load_normalized < LOAD_NORMALIZED_THRESHOLD then + break + end + self.log.info("waiting for Kong node 1m loadavg to drop under ", + nproc * LOAD_NORMALIZED_THRESHOLD) + ngx.sleep(15) + end + self.log.debug("Kong node start 1m loadavg is ", load) + + return ssh_execute_wrap(self, self.worker_ip, + stub:format(script_path, uri)) +end + +local function check_systemtap_sanity(self) + local ok, err = execute_batch(self, self.kong_ip, { + "apt-get install systemtap gcc linux-headers-$(uname -r) -y --force-yes", + "which stap", + "stat /tmp/stapxx || git clone https://github.com/Kong/stapxx /tmp/stapxx", + "stat /tmp/perf-ost || git clone https://github.com/openresty/openresty-systemtap-toolkit /tmp/perf-ost", + "stat /tmp/perf-fg || git clone https://github.com/brendangregg/FlameGraph /tmp/perf-fg" + }) + if not ok then + return false, err + end + + -- try compile the kernel module + local out, err = perf.execute(ssh_execute_wrap(self, self.kong_ip, + "sudo stap -ve 'probe begin { print(\"hello\\n\"); exit();}'")) + if err then + return nil, "systemtap failed to compile kernel module: " .. (out or "nil") .. + " err: " .. (err or "nil") .. "\n Did you install gcc and kernel headers?" + end + + return true +end + +function _M:get_start_stapxx_cmd(sample, ...) + if not self.systemtap_sanity_checked then + local ok, err = check_systemtap_sanity(self) + if not ok then + return nil, err + end + self.systemtap_sanity_checked = true + end + + -- find one of kong's child process hopefully it's a worker + -- (does kong have cache loader/manager?) + local pid, err = perf.execute(ssh_execute_wrap(self, self.kong_ip, + "pid=$(cat /usr/local/kong/pids/nginx.pid); " .. + "cat /proc/$pid/task/$pid/children | awk '{print $1}'")) + if not pid or not tonumber(pid) then + return nil, "failed to get Kong worker PID: " .. (err or "nil") + end + + local args = table.concat({...}, " ") + + self.systemtap_dest_path = "/tmp/" .. tools.random_string() + return ssh_execute_wrap(self, self.kong_ip, + "sudo /tmp/stapxx/stap++ /tmp/stapxx/samples/" .. sample .. + " --skip-badvars -D MAXSKIPPED=1000000 -x " .. pid .. + " " .. args .. + " > " .. self.systemtap_dest_path .. ".bt" + ) +end + +function _M:get_wait_stapxx_cmd(timeout) + return ssh_execute_wrap(self, self.kong_ip, "lsmod | grep stap_") +end + +function _M:generate_flamegraph(title, opts) + local path = self.systemtap_dest_path + self.systemtap_dest_path = nil + + local out, _ = perf.execute(ssh_execute_wrap(self, self.kong_ip, "cat " .. path .. ".bt")) + if not out or #out == 0 then + return nil, "systemtap output is empty, possibly no sample are captured" + end + + local ok, err = execute_batch(self, self.kong_ip, { + "/tmp/perf-ost/fix-lua-bt " .. path .. ".bt > " .. path .. ".fbt", + "/tmp/perf-fg/stackcollapse-stap.pl " .. path .. ".fbt > " .. path .. ".cbt", + "/tmp/perf-fg/flamegraph.pl --title='" .. title .. "' " .. (opts or "") .. " " .. path .. ".cbt > " .. path .. ".svg", + }) + if not ok then + return false, err + end + + local out, _ = perf.execute(ssh_execute_wrap(self, self.kong_ip, "cat " .. path .. ".svg")) + + perf.execute(ssh_execute_wrap(self, self.kong_ip, "rm -v " .. path .. ".*"), + { logger = self.ssh_log.log_exec }) + + return out +end + +function _M:save_error_log(path) + return perf.execute(ssh_execute_wrap(self, self.kong_ip, + "cat " .. KONG_ERROR_LOG_PATH) .. " >'" .. path .. "'", + { logger = self.ssh_log.log_exec }) +end + +return _M diff --git a/kong-versions/2.8.4.3/kong/spec/helpers/perf/git.lua b/kong-versions/2.8.4.3/kong/spec/helpers/perf/git.lua new file mode 100644 index 00000000..18884396 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/helpers/perf/git.lua @@ -0,0 +1,107 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local perf +local logger = require("spec.helpers.perf.logger") + +local my_logger = logger.new_logger("[git]") + +local git_stashed, git_head + +local function git_checkout(version) + -- reload the perf module, for circular dependency issue + perf = require("spec.helpers.perf") + + if not perf.execute("which git") then + error("git binary not found") + end + + local res, err + local hash, _ = perf.execute("git rev-parse HEAD") + if not hash or not hash:match("[a-f0-f]+") then + error("Unable to parse HEAD pointer, is this a git repository?") + end + + -- am i on a named branch/tag? + local n, _ = perf.execute("git rev-parse --abbrev-ref HEAD") + if n and n ~= "HEAD" then + hash = n + end + -- anything to save? + n, err = perf.execute("git status --untracked-files=no --porcelain") + if not err and (n and #n > 0) then + my_logger.info("saving your working directory") + res, err = perf.execute("git stash save kong-perf-test-autosaved") + if err then + error("Cannot save your working directory: " .. err .. (res or "nil")) + end + git_stashed = true + end + + my_logger.debug("switching away from ", hash, " to ", version) + + res, err = perf.execute("git checkout " .. version) + if err then + error("Cannot switch to " .. version .. ":\n" .. res) + end + if not git_head then + git_head = hash + end +end + +local function git_restore() + -- reload the perf module, for circular dependency issue + perf = require("spec.helpers.perf") + + if git_head then + local res, err = perf.execute("git checkout " .. git_head) + if err then + return false, "git checkout: " .. res + end + git_head = nil + + if git_stashed then + local res, err = perf.execute("git stash pop") + if err then + return false, "git stash pop: " .. res + end + git_stashed = false + end + end +end + +local function get_kong_version() + -- unload the module if it's previously loaded + package.loaded["kong.meta"] = nil + + local ok, meta, _ = pcall(require, "kong.meta") + if ok then + return meta._VERSION + end + error("can't read Kong version from kong.meta: " .. (meta or "nil")) +end + +local function is_git_repo() + -- reload the perf module, for circular dependency issue + perf = require("spec.helpers.perf") + + return perf.execute("git status") +end + +-- is this test based on git versions: e.g. have we git checkout versions? +local function is_git_based() + return not not git_head +end + + +return { + git_checkout = git_checkout, + git_restore = git_restore, + get_kong_version = get_kong_version, + is_git_repo = is_git_repo, + is_git_based = is_git_based, +} \ No newline at end of file diff --git a/kong-versions/2.8.4.3/kong/spec/helpers/perf/logger.lua b/kong-versions/2.8.4.3/kong/spec/helpers/perf/logger.lua new file mode 100644 index 00000000..46b9ac37 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/helpers/perf/logger.lua @@ -0,0 +1,69 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local tty = require("kong.cmd.utils.tty") + +local colors + +if not tty.isatty then + colors = setmetatable({}, {__index = function() return "" end}) +else + colors = { green = '\27[32m', yellow = '\27[33m', red = '\27[31m', reset = '\27[0m' } +end + +local LOG_LEVEL = ngx.NOTICE + +-- Some logging helpers +local level_cfg = { + [ngx.DEBUG] = { "debug", colors.green }, + [ngx.INFO] = { "info", "" }, + [ngx.NOTICE] = { "notice", "" }, + [ngx.WARN] = { "warn", colors.yellow }, + [ngx.ERR] = { "error", colors.red }, + [ngx.CRIT] = { "crit", colors.red }, +} + +local function set_log_level(lvl) + if not level_cfg[lvl] then + error("Unknown log level ", lvl, 2) + end + LOG_LEVEL = lvl +end + +local function log(lvl, namespace, ...) + lvl = lvl or ngx.INFO + local lvl_literal, lvl_color = unpack(level_cfg[lvl] or {"info", ""}) + if lvl <= LOG_LEVEL then + ngx.update_time() + local msec = ngx.now() + print(lvl_color, + ("%s%s %8s %s "):format( + ngx.localtime():sub(12), + ("%.3f"):format(msec - math.floor(msec)):sub(2), + ("[%s]"):format(lvl_literal), namespace + ), + table.concat({...}, ""), + colors.reset) + end +end +local function new_logger(namespace) + return setmetatable({ + debug = function(...) log(ngx.DEBUG, namespace, ...) end, + info = function(...) log(ngx.INFO, namespace, ...) end, + warn = function(...) log(ngx.WARN, namespace, ...) end, + err = function(...) log(ngx.ERR, namespace, ...) end, + crit = function(...) log(ngx.CRIT, namespace, ...) end, + log_exec = function(...) log(ngx.DEBUG, namespace, "=> ", ...) end, + }, { + __call = function(self, lvl, ...) log(lvl, namespace, ...) end, + }) +end + +return { + new_logger = new_logger, + set_log_level = set_log_level, +} \ No newline at end of file diff --git a/kong-versions/2.8.4.3/kong/spec/helpers/perf/utils.lua b/kong-versions/2.8.4.3/kong/spec/helpers/perf/utils.lua new file mode 100644 index 00000000..3486c0a3 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/helpers/perf/utils.lua @@ -0,0 +1,183 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local ngx_pipe = require("ngx.pipe") +local ffi = require("ffi") + +string.startswith = function(s, start) -- luacheck: ignore + return s and start and start ~= "" and s:sub(1, #start) == start +end + +string.endswith = function(s, e) -- luacheck: ignore + return s and e and e ~= "" and s:sub(#s-#e+1, #s) == e +end + +--- Spawns a child process and get its exit code and outputs +-- @param opts.stdin string the stdin buffer +-- @param opts.logger function(lvl, _, line) stdout+stderr writer; if not defined, whole +-- stdout and stderr is returned +-- @param opts.stop_signal function return true to abort execution +-- @return stdout+stderr, err if opts.logger not set; bool+err if opts.logger set +local function execute(cmd, opts) + -- my_logger.debug("exec: ", cmd) + + local proc, err = ngx_pipe.spawn(cmd, { + merge_stderr = true, + }) + if not proc then + return false, "failed to start process: " .. err + end + + -- set stdout/stderr read timeout to 1s for faster noticing process exit + -- proc:set_timeouts(write_timeout?, stdout_read_timeout?, stderr_read_timeout?, wait_timeout?) + proc:set_timeouts(nil, 1000, 1000, nil) + if opts and opts.stdin then + proc:write(opts.stdin) + end + proc:shutdown("stdin") + + local log_output = opts and opts.logger + local ret = {} + + while true do + -- is it alive? + local ok = proc:kill(0) + if not ok then + break + end + + local l, err = proc:stdout_read_line() + if l then + if log_output then + log_output(l) + else + table.insert(ret, l) + end + end + if err == "closed" then + break + end + local sig = opts and opts.stop_signal and opts.stop_signal() + if sig then + proc:kill(sig) + break + end + end + local ok, msg, code = proc:wait() + ok = ok and code == 0 + ret = log_output and ok or table.concat(ret, "\n") + if ok then + return ret + else + return ret, ("process exited with code %d: %s"):format(code, msg) + end +end + +--- Execute a command and return until pattern is found in its output +-- @function wait_output +-- @param cmd string the command the execute +-- @param pattern string the pattern to find in stdout and stderr +-- @param timeout number time in seconds to wait for the pattern +-- @return bool whether the pattern is found +local function wait_output(cmd, pattern, timeout) + timeout = timeout or 5 + local found + local co = coroutine.create(function() + while not found do + local line = coroutine.yield("yield") + if line:match(pattern) then + found = true + end + end + end) + + -- start + coroutine.resume(co) + + -- don't kill it, it me finish by itself + ngx.thread.spawn(function() + execute(cmd, { + logger = function(line) + return coroutine.running(co) and coroutine.resume(co, line) + end, + stop_signal = function() if found then return 9 end end, + }) + end) + + ngx.update_time() + local s = ngx.now() + while not found and ngx.now() - s <= timeout do + ngx.update_time() + ngx.sleep(0.1) + end + + return found +end + +ffi.cdef [[ + int setenv(const char *name, const char *value, int overwrite); + int unsetenv(const char *name); +]] + +--- Set an environment variable +-- @function setenv +-- @param env (string) name of the environment variable +-- @param value the value to set +-- @return true on success, false otherwise +local function setenv(env, value) + return ffi.C.setenv(env, value, 1) == 0 +end + + +--- Unset an environment variable +-- @function setenv +-- @param env (string) name of the environment variable +-- @return true on success, false otherwise +local function unsetenv(env) + return ffi.C.unsetenv(env) == 0 +end + +local handler = require("busted.outputHandlers.base")() +local current_test_element + +local function register_busted_hook() + local busted = require("busted") + + handler.testStart = function(element, parent) + current_test_element = element + end + + busted.subscribe({'test', 'start'}, handler.testStart) +end + +local function get_test_descriptor(sanitized) + if current_test_element then + local msg = handler.getFullName(current_test_element) + local common_prefix = "perf test for Kong " + if msg:startswith(common_prefix) then + msg = msg:sub(#common_prefix+1) + end + if sanitized then + msg = msg:gsub("[:/]", "#"):gsub("[ ,]", "_"):gsub("__", "_") + end + return msg + end +end + +local function get_test_output_filename() + return get_test_descriptor(true) +end + +return { + execute = execute, + wait_output = wait_output, + setenv = setenv, + unsetenv = unsetenv, + register_busted_hook = register_busted_hook, + get_test_descriptor = get_test_descriptor, + get_test_output_filename = get_test_output_filename, +} diff --git a/kong-versions/2.8.4.3/kong/spec/helpers/ssl.lua b/kong-versions/2.8.4.3/kong/spec/helpers/ssl.lua new file mode 100644 index 00000000..74438259 --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/helpers/ssl.lua @@ -0,0 +1,282 @@ +-- This software is copyright Kong Inc. and its licensors. +-- Use of the software is subject to the agreement between your organization +-- and Kong Inc. If there is no such agreement, use is governed by and +-- subject to the terms of the Kong Master Software License Agreement found +-- at https://konghq.com/enterprisesoftwarelicense/. +-- [ END OF LICENSE 0867164ffc95e54f04670b5169c09574bdbd9bba ] + +local ffi = require "ffi" +local C = ffi.C +local bit = require "bit" +local format_error = require("resty.openssl.err").format_error +local BORINGSSL = require("resty.openssl.version").BORINGSSL +require "resty.openssl.include.ssl" + +ffi.cdef [[ + typedef struct ssl_method_st SSL_METHOD; + const SSL_METHOD *TLS_method(void); + const SSL_METHOD *TLS_server_method(void); + + SSL_CTX *SSL_CTX_new(const SSL_METHOD *method); + void SSL_CTX_free(SSL_CTX *ctx); + + int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file); + int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type); + + SSL *SSL_new(SSL_CTX *ctx); + void SSL_free(SSL *s); + + long SSL_ctrl(SSL *ssl, int cmd, long larg, void *parg); + long SSL_set_mode(SSL *ssl, long mode); + + int SSL_set_fd(SSL *ssl, int fd); + + void SSL_set_accept_state(SSL *ssl); + + int SSL_do_handshake(SSL *ssl); + int SSL_get_error(const SSL *ssl, int ret); + + int SSL_read(SSL *ssl, void *buf, int num); + int SSL_write(SSL *ssl, const void *buf, int num); + int SSL_shutdown(SSL *ssl); + + + typedef struct pollfd { + int fd; /* file descriptor */ + short events; /* requested events */ + short revents; /* returned events */ + } pollfd; + + int poll(struct pollfd *fds, unsigned long nfds, int timeout); +]] + + +local SSL = {} +local ssl_mt = { __index = SSL } + +local modes = { + SSL_MODE_ENABLE_PARTIAL_WRITE = 0x001, + SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER = 0x002, + SSL_MODE_AUTO_RETRY = 0x004, + SSL_MODE_NO_AUTO_CHAIN = 0x008, + SSL_MODE_RELEASE_BUFFERS = 0x010, + SSL_MODE_SEND_CLIENTHELLO_TIME = 0x020, + SSL_MODE_SEND_SERVERHELLO_TIME = 0x040, + SSL_MODE_SEND_FALLBACK_SCSV = 0x080, + SSL_MODE_ASYNC = 0x100, + SSL_MODE_DTLS_SCTP_LABEL_LENGTH_BUG = 0x400, +} + +local errors = { + SSL_ERROR_NONE = 0, + SSL_ERROR_SSL = 1, + SSL_ERROR_WANT_READ = 2, + SSL_ERROR_WANT_WRITE = 3, + SSL_ERROR_WANT_X509_LOOKUP = 4, + SSL_ERROR_SYSCALL = 5, + SSL_ERROR_ZERO_RETURN = 6, + SSL_ERROR_WANT_CONNECT = 7, + SSL_ERROR_WANT_ACCEPT = 8, + SSL_ERROR_WANT_ASYNC = 9, + SSL_ERROR_WANT_ASYNC_JOB = 10, + SSL_ERROR_WANT_CLIENT_HELLO_CB = 11, + SSL_ERROR_WANT_RETRY_VERIFY = 12, +} + +local errors_literal = {} +for k, v in pairs(errors) do + errors_literal[v] = k +end + +local SOCKET_INVALID = -1 + + +local ssl_set_mode +if BORINGSSL then + ssl_set_mode = function(...) return C.SSL_set_mode(...) end +else + local SSL_CTRL_MODE = 33 + ssl_set_mode = function(ctx, mode) return C.SSL_ctrl(ctx, SSL_CTRL_MODE, mode, nil) end +end + +local SSL_FILETYPE_PEM = 1 + +local function ssl_ctx_new(cfg) + if cfg.protocol and cfg.protocol ~= "any" then + return nil, "protocol other than 'any' is currently not supported" + elseif cfg.mode and cfg.mode ~= "server" then + return nil, "mode other than 'server' is currently not supported" + end + cfg.protocol = nil + cfg.mode = nil + + local ctx = C.SSL_CTX_new(C.TLS_server_method()) + if ctx == nil then + return nil, format_error("SSL_CTX_new") + end + ffi.gc(ctx, C.SSL_CTX_free) + + for k, v in pairs(cfg) do + if k == "certificate" then + if C.SSL_CTX_use_certificate_chain_file(ctx, v) ~= 1 then + return nil, format_error("SSL_CTX_use_certificate_chain_file") + end + elseif k == "key" then -- password protected key is NYI + if C.SSL_CTX_use_PrivateKey_file(ctx, v, SSL_FILETYPE_PEM) ~= 1 then + return nil, format_error("SSL_CTX_use_PrivateKey_file") + end + else + return nil, "unknown option \"" .. k .. "\"" + end + end + + return ctx +end + +local function ssl_new(ssl_ctx) + if not ssl_ctx or not ffi.istype("SSL_CTX*", ssl_ctx) then + return nil, "ssl_new: expect SSL_CTX* as first argument" + end + + local ctx = C.SSL_new(ssl_ctx) + if ctx == nil then + return nil, format_error("SSL_new") + end + ffi.gc(ctx, C.SSL_free) + + C.SSL_set_fd(ctx, SOCKET_INVALID) + ssl_set_mode(ctx, bit.bor(modes.SSL_MODE_ENABLE_PARTIAL_WRITE, + modes.SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER)) + ssl_set_mode(ctx, modes.SSL_MODE_RELEASE_BUFFERS) + + C.SSL_set_accept_state(ctx) -- me is server + + return ctx +end + +function SSL.wrap(sock, cfg) + local ctx, err + if type(cfg) == "table" then + ctx, err = ssl_ctx_new(cfg) + if not ctx then return nil, err end + else + ctx = cfg + end + local s, err = ssl_new(ctx) + if s then + local fd = sock:getfd() + C.SSL_set_fd(s, fd) + sock:setfd(SOCKET_INVALID) + + local self = setmetatable({ + ssl_ctx = ctx, + ctx = s, + fd = fd, + }, ssl_mt) + + return self, nil + end + return nil, err +end + +local function socket_waitfd(fd, events, timeout) + local pfd = ffi.new("pollfd") + pfd.fd = fd + pfd.events = events + pfd.revents = 0 + local ppfd = ffi.new("pollfd[1]", pfd) + + local wait = timeout and 1 or -1 + + while true do + local ret = C.poll(ppfd, 1, wait) + timeout = timeout and timeout - 1 + if ret ~= -1 then + break + end + end +end + +local POLLIN = 1 +local POLLOUT = 2 + +local function handle_ssl_io(self, cb, ...) + local err, code + while true do + err = cb(self.ctx, ...) + code = C.SSL_get_error(self.ctx, err) + if code == errors.SSL_ERROR_NONE then + break + elseif code == errors.SSL_ERROR_WANT_READ then + err = socket_waitfd(self.fd, POLLIN, 10) + if err then return nil, "want read: " .. err end + elseif code == errors.SSL_ERROR_WANT_WRITE then + err = socket_waitfd(self.fd, POLLOUT, 10) + if err then return nil, "want write: " .. err end + elseif code == errors.SSL_ERROR_SYSCALL then + if err == 0 then + return nil, "closed" + end + if C.ERR_peek_error() then + return nil, format_error("SSL_ERROR_SYSCALL") + end + else + return nil, errors_literal[code] or "unknown error" + end + end +end + +function SSL:dohandshake() + return handle_ssl_io(self, C.SSL_do_handshake) +end + + +function SSL:receive(pattern) + if pattern and pattern ~= "*l" then + return nil, "receive pattern other than '*l' is currently not supported" + end + + local buf = ffi.new("char[1024]") + local ret = "" + + while true do + local ok, err = handle_ssl_io(self, C.SSL_read, ffi.cast("void *", buf), 1024) + if err then + if err == "SSL_ERROR_ZERO_RETURN" then + err = "closed" + end + return ok, err + end + + local current = ffi.string(buf) + -- do we need to find \r? + local pos = current:find("\n") + if pos then -- found a newline + ret = ret .. current:sub(1, pos-1) + break + else + ret = ret .. current + end + end + + return ret +end + +function SSL:send(s) + local buf = ffi.new("char[?]", #s+1, s) + local ok, err = handle_ssl_io(self, C.SSL_write, ffi.cast("void *", buf), #s) + if err then + return ok, err + end + + return true +end + +function SSL:close() + if C.SSL_shutdown(self.ctx) ~= 1 then + return nil, format_error("SSL_shutdown") + end + return true +end + +return SSL diff --git a/kong-versions/2.8.4.3/kong/spec/kong_tests.conf b/kong-versions/2.8.4.3/kong/spec/kong_tests.conf new file mode 100644 index 00000000..1a609acc --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/kong_tests.conf @@ -0,0 +1,67 @@ +# 1st digit is 9 for our test instances +admin_api_uri = 127.0.0.1:9001 +admin_listen = 127.0.0.1:9001 +admin_gui_listen = off +enforce_rbac = off +proxy_listen = 0.0.0.0:9000, 0.0.0.0:9443 http2 ssl, 0.0.0.0:9002 http2, 0.0.0.0:9445 http2 ssl +stream_listen = off + +ssl_cert = spec/fixtures/kong_spec.crt +ssl_cert_key = spec/fixtures/kong_spec.key + +admin_ssl_cert = spec/fixtures/kong_spec.crt +admin_ssl_cert_key = spec/fixtures/kong_spec.key + +admin_gui_ssl_cert = spec/fixtures/kong_spec.crt +admin_gui_ssl_cert_key = spec/fixtures/kong_spec.key + +portal = off +portal_gui_listen = 0.0.0.0:9003, 0.0.0.0:9446 ssl +portal_gui_protocol = http +portal_gui_host = 127.0.0.1:9003 +portal_gui_ssl_cert = spec/fixtures/kong_spec.crt +portal_gui_ssl_cert_key = spec/fixtures/kong_spec.key +portal_api_listen = 0.0.0.0:9004, 0.0.0.0:9447 ssl +portal_api_access_log = logs/portal_api_access.log +portal_api_error_log = logs/portal_api_error.log +portal_gui_access_log = logs/portal_gui_access.log +portal_gui_error_log = logs/portal_gui_error.log +proxy_url = http://127.0.0.1:9004 +portal_api_url = http://127.0.0.1:9004 +portal_api_ssl_cert = spec/fixtures/kong_spec.crt +portal_api_ssl_cert_key = spec/fixtures/kong_spec.key + +smtp_mock = on + +database = postgres +pg_host = 127.0.0.1 +pg_port = 5432 +pg_timeout = 10000 +pg_database = kong_tests +# note: this does not trigger readonly mode to be enabled on its own +# for that pg_ro_host is also needed +pg_ro_user = kong_ro +cassandra_keyspace = kong_tests +cassandra_timeout = 10000 +anonymous_reports = on + +dns_hostsfile = spec/fixtures/hosts + +nginx_main_worker_processes = 1 +nginx_main_worker_rlimit_nofile = NONE +nginx_events_worker_connections = NONE +nginx_events_multi_accept = off + +plugins = bundled,dummy,cache,rewriter,error-handler-log,error-generator,error-generator-last,short-circuit + +prefix = servroot +log_level = debug +lua_package_path = ./spec/fixtures/custom_plugins/?.lua;./spec/fixtures/custom_vaults/?.lua;./spec/fixtures/custom_vaults/?/init.lua + +go_plugins_dir = off + +untrusted_lua = sandbox + +# temporarily disable hcv and aws due to loading dns issues +vaults = env + diff --git a/kong-versions/2.8.4.3/kong/spec/ldoc.css b/kong-versions/2.8.4.3/kong/spec/ldoc.css new file mode 100644 index 00000000..f6e3d99f --- /dev/null +++ b/kong-versions/2.8.4.3/kong/spec/ldoc.css @@ -0,0 +1,291 @@ +body { + color: #47555c; + font-size: 16px; + font-family: "Open Sans", sans-serif; + margin: 0; + background: #eff4ff; +} + +a:link { color: #008fee; } +a:visited { color: #008fee; } +a:hover { color: #22a7ff; } + +h1 { font-size:26px; font-weight: normal; } +h2 { font-size:22px; font-weight: normal; } +h3 { font-size:18px; font-weight: normal; } +h4 { font-size:16px; font-weight: bold; } + +hr { + height: 1px; + background: #c1cce4; + border: 0px; + margin: 15px 0; +} + +code, tt { + font-family: monospace; +} +span.parameter { + font-family: monospace; + font-weight: bold; + color: rgb(99, 115, 131); +} +span.parameter:after { + content:":"; +} +span.types:before { + content:"("; +} +span.types:after { + content:")"; +} +.type { + font-weight: bold; font-style:italic +} + +p.name { + font-family: "Andale Mono", monospace; +} + +#navigation { + float: left; + background-color: white; + border-right: 1px solid #d3dbec; + border-bottom: 1px solid #d3dbec; + + width: 14em; + vertical-align: top; + overflow: visible; +} + +#navigation br { + display: none; +} + +#navigation h1 { + background-color: white; + border-bottom: 1px solid #d3dbec; + padding: 15px; + margin-top: 0px; + margin-bottom: 0px; +} + +#navigation h2 { + font-size: 18px; + background-color: white; + border-bottom: 1px solid #d3dbec; + padding-left: 15px; + padding-right: 15px; + padding-top: 10px; + padding-bottom: 10px; + margin-top: 30px; + margin-bottom: 0px; +} + +#content h1 { + background-color: #2c3e67; + color: white; + padding: 15px; + margin: 0px; +} + +#content h2 { + background-color: #6c7ea7; + color: white; + padding: 15px; + padding-top: 15px; + padding-bottom: 15px; + margin-top: 0px; +} + +#content h2 a { + background-color: #6c7ea7; + color: white; + text-decoration: none; +} + +#content h2 a:hover { + text-decoration: underline; +} + +#content h3 { + font-style: italic; + padding-top: 15px; + padding-bottom: 4px; + margin-right: 15px; + margin-left: 15px; + margin-bottom: 5px; + border-bottom: solid 1px #bcd; +} + +#content h4 { + margin-right: 15px; + margin-left: 15px; + border-bottom: solid 1px #bcd; +} + +#content pre { + margin: 15px; +} + +pre { + background-color: rgb(50, 55, 68); + color: white; + border-radius: 3px; + /* border: 1px solid #C0C0C0; /* silver */ + padding: 15px; + overflow: auto; + font-family: "Andale Mono", monospace; +} + +#content ul pre.example { + margin-left: 0px; +} + +table.index { +/* border: 1px #00007f; */ +} +table.index td { text-align: left; vertical-align: top; } + +#navigation ul +{ + font-size:1em; + list-style-type: none; + margin: 1px 1px 10px 1px; + padding-left: 20px; +} + +#navigation li { + text-indent: -1em; + display: block; + margin: 3px 0px 0px 22px; +} + +#navigation li li a { + margin: 0px 3px 0px -1em; +} + +#content { + margin-left: 14em; +} + +#content p { + padding-left: 15px; + padding-right: 15px; +} + +#content table { + padding-left: 15px; + padding-right: 15px; + background-color: white; +} + +#content p, #content table, #content ol, #content ul, #content dl { + max-width: 900px; +} + +#about { + padding: 15px; + padding-left: 16em; + background-color: white; + border-top: 1px solid #d3dbec; + border-bottom: 1px solid #d3dbec; +} + +table.module_list, table.function_list { + border-width: 1px; + border-style: solid; + border-color: #cccccc; + border-collapse: collapse; + margin: 15px; +} +table.module_list td, table.function_list td { + border-width: 1px; + padding-left: 10px; + padding-right: 10px; + padding-top: 5px; + padding-bottom: 5px; + border: solid 1px rgb(193, 204, 228); +} +table.module_list td.name, table.function_list td.name { + background-color: white; min-width: 200px; border-right-width: 0px; +} +table.module_list td.summary, table.function_list td.summary { + background-color: white; width: 100%; border-left-width: 0px; +} + +dl.function { + margin-right: 15px; + margin-left: 15px; + border-bottom: solid 1px rgb(193, 204, 228); + border-left: solid 1px rgb(193, 204, 228); + border-right: solid 1px rgb(193, 204, 228); + background-color: white; +} + +dl.function dt { + color: rgb(99, 123, 188); + font-family: monospace; + border-top: solid 1px rgb(193, 204, 228); + padding: 15px; +} + +dl.function dd { + margin-left: 15px; + margin-right: 15px; + margin-top: 5px; + margin-bottom: 15px; +} + +#content dl.function dd h3 { + margin-top: 0px; + margin-left: 0px; + padding-left: 0px; + font-size: 16px; + color: rgb(128, 128, 128); + border-bottom: solid 1px #def; +} + +#content dl.function dd ul, #content dl.function dd ol { + padding: 0px; + padding-left: 15px; + list-style-type: none; +} + +ul.nowrap { + overflow:auto; + white-space:nowrap; +} + +.section-description { + padding-left: 15px; + padding-right: 15px; +} + +/* stop sublists from having initial vertical space */ +ul ul { margin-top: 0px; } +ol ul { margin-top: 0px; } +ol ol { margin-top: 0px; } +ul ol { margin-top: 0px; } + +/* make the target distinct; helps when we're navigating to a function */ +a:target + * { + background-color: #FF9; +} + + +/* styles for prettification of source */ +pre .comment { color: #bbccaa; } +pre .constant { color: #a8660d; } +pre .escape { color: #844631; } +pre .keyword { color: #ffc090; font-weight: bold; } +pre .library { color: #0e7c6b; } +pre .marker { color: #512b1e; background: #fedc56; font-weight: bold; } +pre .string { color: #8080ff; } +pre .number { color: #f8660d; } +pre .operator { color: #2239a8; font-weight: bold; } +pre .preprocessor, pre .prepro { color: #a33243; } +pre .global { color: #c040c0; } +pre .user-keyword { color: #800080; } +pre .prompt { color: #558817; } +pre .url { color: #272fc2; text-decoration: underline; }