Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

NLB-5021: Update crossplane to handle GeoIP2 directives #117

Merged
merged 1 commit into from
Aug 1, 2024
Merged

NLB-5021: Update crossplane to handle GeoIP2 directives #117

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions analyze.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,8 @@ package crossplane
// NAP v5
//go:generate sh -c "sh ./scripts/generate/generate.sh --url $NAP_URL --config-path ./scripts/generate/configs/nap_v5_config.json --branch $NAP_V5_BRANCH --path ./src > analyze_appProtectWAFv5_directives.gen.go"

// Update for geoip2
//go:generate sh -c "sh ./scripts/generate/generate.sh --url https://github.com/leev/ngx_http_geoip2_module.git --config-path ./scripts/generate/configs/geoip2_config.json > ./analyze_geoip2_directives.gen.go"
import (
"fmt"
)
Expand Down
35 changes: 35 additions & 0 deletions analyze_geoip2_directives.gen.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions analyze_map.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,7 @@ var mapBodies = map[string]mapParameterMasks{
defaultMasks: ngxConfTake1,
},
"geoip2": {
specialParameterMasks: map[string]uint{"auto_reload": ngxConfTake1},
defaultMasks: ngxConf1More,
},
"otel_exporter": {
Expand Down
32 changes: 32 additions & 0 deletions analyze_map_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -175,6 +175,38 @@ func TestAnalyzeMapBody(t *testing.T) {
},
term: ";",
},
"invalid geoip2": {
mapDirective: "geoip2",
parameter: &Directive{
Directive: "$geoip2_data_city_name",
Args: []string{},
Line: 5,
Block: Directives{},
},
term: ";",
wantErr: &ParseError{What: "invalid number of parameters", BlockCtx: "geoip2"},
},
"valid geoip2 auto_reload": {
mapDirective: "geoip2",
parameter: &Directive{
Directive: "auto_reload",
Args: []string{"5m"},
Line: 5,
Block: Directives{},
},
term: ";",
},
"invalid geoip2 auto_reload": {
mapDirective: "geoip2",
parameter: &Directive{
Directive: "auto_reload",
Args: []string{"5m", "10m"},
Line: 5,
Block: Directives{},
},
term: ";",
wantErr: &ParseError{What: "invalid number of parameters", BlockCtx: "geoip2"},
},
"valid otel_exporter": {
mapDirective: "otel_exporter",
parameter: &Directive{
Expand Down
130 changes: 130 additions & 0 deletions analyze_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2665,3 +2665,133 @@ func TestAnalyze_limit_req_zone(t *testing.T) {
})
}
}

//nolint:funlen
func TestAnalyze_geoip2(t *testing.T) {
t.Parallel()
testcases := map[string]struct {
stmt *Directive
ctx blockCtx
wantErr bool
}{
"geoip2 ok": {
&Directive{
Directive: "geoip2",
Args: []string{"/etc/maxmind-country.mmdb"},
Line: 5,
Block: Directives{
{
Directive: "auto_reload",
Args: []string{"5s"},
Line: 6,
Block: Directives{},
},
{
Directive: "$geoip2_city_name",
Args: []string{"city", "names", "en"},
Line: 7,
Block: Directives{},
},
},
},
blockCtx{"http", "stream"},
false,
},

"geoip2 not ok": {
&Directive{
Directive: "geoip2",
Args: []string{"/etc/maxmind-country.mmdb"},
Line: 5,
Block: Directives{
{
Directive: "auto_reload",
Args: []string{"5s"},
Line: 6,
Block: Directives{},
},
{
Directive: "$geoip2_city_name",
Args: []string{"city", "names", "en"},
Line: 7,
Block: Directives{},
},
},
},
blockCtx{"mgmt"},
true,
},
"geoip2_proxy ok": {
&Directive{
Directive: "geoip2_proxy",
Args: []string{"203.0.113.0/24"},
Line: 5,
},
blockCtx{"http"},
false,
},
"geoip2_proxy args not ok": {
&Directive{
Directive: "geoip2_proxy",
Args: []string{"203.0.113.0/24", "172.0.0.6"},
Line: 5,
},
blockCtx{"http"},
true,
},
"geoip2_proxy not ok": {
&Directive{
Directive: "geoip2_proxy",
Args: []string{"203.0.113.0/24"},
Line: 5,
},
blockCtx{"stream"},
true,
},
"geoip2_proxy_recursive ok": {
&Directive{
Directive: "geoip2_proxy_recursive",
Args: []string{"on"},
Line: 5,
},
blockCtx{"http"},
false,
},
"geoip2_proxy_recursive not ok": {
&Directive{
Directive: "geoip2_proxy_recursive",
Args: []string{"on"},
Line: 5,
},
blockCtx{"stream"},
true,
},
"geoip2_proxy_recursive args not ok": {
&Directive{
Directive: "geoip2_proxy_recursive",
Args: []string{"on", "off"},
Line: 5,
},
blockCtx{"http"},
true,
},
}

for name, tc := range testcases {
tc := tc
t.Run(name, func(t *testing.T) {
t.Parallel()
err := analyze("nginx.conf", tc.stmt, ";", tc.ctx, &ParseOptions{
DirectiveSources: []MatchFunc{MatchNginxPlusLatest, MatchGeoip2Latest},
})

if !tc.wantErr && err != nil {
t.Fatal(err)
}

if tc.wantErr && err == nil {
t.Fatal("expected error, got nil")
}
})
}
}
Loading
Loading