(t *testing.T)
| 885 | } |
| 886 | |
| 887 | func (s) TestRBAC_WithBadRouteConfiguration(t *testing.T) { |
| 888 | managementServer, nodeID, bootstrapContents, xdsResolver := setup.ManagementServerAndResolver(t) |
| 889 | // We need to wait for the server to enter SERVING mode before making RPCs |
| 890 | // to avoid flakes due to the server closing connections. |
| 891 | servingCh := make(chan struct{}) |
| 892 | |
| 893 | // Initialize a test gRPC server, assign it to the stub server, and start |
| 894 | // the test service. |
| 895 | opt := xds.ServingModeCallback(func(_ net.Addr, args xds.ServingModeChangeArgs) { |
| 896 | if args.Mode == connectivity.ServingModeServing { |
| 897 | close(servingCh) |
| 898 | } |
| 899 | }) |
| 900 | lis, cleanup2 := setupGRPCServer(t, bootstrapContents, opt) |
| 901 | defer cleanup2() |
| 902 | |
| 903 | ctx, cancel := context.WithTimeout(context.Background(), defaultTestTimeout) |
| 904 | defer cancel() |
| 905 | |
| 906 | host, port, err := hostPortFromListener(lis) |
| 907 | if err != nil { |
| 908 | t.Fatalf("failed to retrieve host and port of server: %v", err) |
| 909 | } |
| 910 | const serviceName = "my-service-fallback" |
| 911 | |
| 912 | // The inbound listener needs a route table that will never match on a VH, |
| 913 | // and thus shouldn't allow incoming RPC's to proceed. |
| 914 | resources := e2e.DefaultClientResources(e2e.ResourceParams{ |
| 915 | DialTarget: serviceName, |
| 916 | NodeID: nodeID, |
| 917 | Host: host, |
| 918 | Port: port, |
| 919 | SecLevel: e2e.SecurityLevelNone, |
| 920 | }) |
| 921 | // Since RBAC support is turned ON, all the RPC's should get denied with |
| 922 | // status code Unavailable due to not matching to a route of type Non |
| 923 | // Forwarding Action (Route Table not configured properly). |
| 924 | inboundLis := serverListenerWithBadRouteConfiguration(t, host, port) |
| 925 | resources.Listeners = append(resources.Listeners, inboundLis) |
| 926 | |
| 927 | // Setup the management server with client and server-side resources. |
| 928 | if err := managementServer.Update(ctx, resources); err != nil { |
| 929 | t.Fatal(err) |
| 930 | } |
| 931 | |
| 932 | select { |
| 933 | case <-ctx.Done(): |
| 934 | t.Fatal("Timeout waiting for the xDS-enabled gRPC server to go SERVING") |
| 935 | case <-servingCh: |
| 936 | } |
| 937 | |
| 938 | cc, err := grpc.NewClient(fmt.Sprintf("xds:///%s", serviceName), grpc.WithTransportCredentials(insecure.NewCredentials()), grpc.WithResolvers(xdsResolver)) |
| 939 | if err != nil { |
| 940 | t.Fatalf("grpc.NewClient() failed: %v", err) |
| 941 | } |
| 942 | defer cc.Close() |
| 943 | |
| 944 | client := testgrpc.NewTestServiceClient(cc) |
nothing calls this directly
no test coverage detected