Skip to content

Commit

Permalink
ADD HTTP TLS Support (chaos-mesh#3647)
Browse files Browse the repository at this point in the history 
* upgrade tproxy t0 v0.4.7

Signed-off-by: xixi <[email protected]>

* upgrade tproxy t0 v0.5.0

Signed-off-by: xixi <[email protected]>

* bump tproxy to v0.5.3

Signed-off-by: xixi <[email protected]>

* enable controller-manager to get secrets

Signed-off-by: xixi <[email protected]>

* add PodHttpChaosTLS config

Signed-off-by: xixi <[email protected]>

* complete tls support

Signed-off-by: xixi <[email protected]>

* update ctrl server

Signed-off-by: xixi <[email protected]>

* add tproxyconfig.TLSConfig

Signed-off-by: xixi <[email protected]>

* update CHANGELOG

Signed-off-by: xixi <[email protected]>

* rollback some useless ui code change

Signed-off-by: andrewmatilde <[email protected]>

* rollback some useless ui code change

Signed-off-by: andrewmatilde <[email protected]>

* rollback some useless ui code change

Signed-off-by: andrewmatilde <[email protected]>

* add TLS test

Signed-off-by: andrewmatilde <[email protected]>

* update proto

Signed-off-by: andrewmatilde <[email protected]>

* try fix e2e

Signed-off-by: andrewmatilde <[email protected]>

* add missed file

Signed-off-by: andrewmatilde <[email protected]>

* fix port

Signed-off-by: andrewmatilde <[email protected]>

* fix get port

Signed-off-by: andrewmatilde <[email protected]>

* fix crt

Signed-off-by: andrewmatilde <[email protected]>

* add ca to client

Signed-off-by: andrewmatilde <[email protected]>

* add ca to client

Signed-off-by: andrewmatilde <[email protected]>

* update license checker

Signed-off-by: andrewmatilde <[email protected]>

* fix license

Signed-off-by: andrewmatilde <[email protected]>

* remove some omitempty tags

Signed-off-by: andrewmatilde <[email protected]>

* remove some omitempty tags & KeyName -> keyName & better scr

Signed-off-by: andrewmatilde <[email protected]>

* make check

Signed-off-by: andrewmatilde <[email protected]>

* generate install.sh

Signed-off-by: andrewmatilde <[email protected]>

* generate install.sh

Signed-off-by: andrewmatilde <[email protected]>

* fix install.sh

Signed-off-by: andrewmatilde <[email protected]>

Signed-off-by: xixi <[email protected]>
Signed-off-by: andrewmatilde <[email protected]>
Co-authored-by: xixi <[email protected]>
Co-authored-by: Zhou Zhiqiang <[email protected]>
Co-authored-by: Ti Chi Robot <[email protected]>
  • Loading branch information
@Andrewmatilde @Hexilee
@STRRL @ti-chi-bot
4 people authored Nov 20, 2022
1 parent ecbaf49 commit 80a288f
Show file tree
Hide file tree
Showing 43 changed files with 2,506 additions and 173 deletions.
4 changes: 4 additions & 0 deletions .github/.licenserc.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,10 @@ header:
- 'vendor/**'
- '**/go.mod'
- '**/go.sum'
- '**/*.crt'
- '**/*.key'
- '**/*.ext'
- '**/*.csr'
- '.github/workflows/*'
- '.github/ISSUE_TEMPLATE/config.yml'
- '.github/.licenserc.yaml'
Expand Down
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -104,6 +104,7 @@ For more information and how-to, see [RFC: Keep A Changelog](https://github.com/
### Added

- Add support for `PhysicalMachine` in UI [#3624](https://github.com/chaos-mesh/chaos-mesh/pull/3624)
- Add TLS support for HTTPChaos [#3549](https://github.com/chaos-mesh/chaos-mesh/pull/3549)

### Changed

Expand Down
5 changes: 5 additions & 0 deletions api/v1alpha1/httpchaos_types.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -70,6 +70,11 @@ type HTTPChaosSpec struct {
// +optional
ResponseHeaders map[string]string `json:"response_headers,omitempty"`

// TLS is the tls config,
// will override PodHttpChaos if there are multiple HTTPChaos experiments are applied
// +optional
TLS *PodHttpChaosTLS `json:"tls,omitempty"`

// Duration represents the duration of the chaos action.
// +optional
Duration *string `json:"duration,omitempty" webhook:"Duration"`
Expand Down
24 changes: 24 additions & 0 deletions api/v1alpha1/podhttpchaos_types.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,11 @@ type PodHttpChaosSpec struct {
// Rules are a list of injection rule for http request.
// +optional
Rules []PodHttpChaosRule `json:"rules,omitempty"`

// TLS is the tls config,
// will be override if there are multiple HTTPChaos experiments are applied
// +optional
TLS *PodHttpChaosTLS `json:"tls,omitempty"`
}

// PodHttpChaosStatus defines the actual state of PodHttpChaos.
Expand Down Expand Up @@ -181,6 +186,25 @@ const (
PodHttpResponse PodHttpChaosTarget = "Response"
)

// PodHttpChaosTLS contains the tls config for HTTPChaos
type PodHttpChaosTLS struct {
// SecretName represents the name of required secret resource
SecretName string `json:"secretName"`

// SecretNamespace represents the namespace of required secret resource
SecretNamespace string `json:"secretNamespace"`

// CertName represents the data name of cert file in secret, `tls.crt` for example
CertName string `json:"certName"`

// KeyName represents the data name of key file in secret, `tls.key` for example
KeyName string `json:"keyName"`

// CAName represents the data name of ca file in secret, `ca.crt` for example
// +optional
CAName *string `json:"caName,omitempty"`
}

// +kubebuilder:object:root=true

// +chaos-mesh:base
Expand Down
30 changes: 30 additions & 0 deletions api/v1alpha1/zz_generated.deepcopy.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

30 changes: 30 additions & 0 deletions config/crd/bases/chaos-mesh.org_httpchaos.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -258,6 +258,36 @@ spec:
- Request
- Response
type: string
tls:
description: TLS is the tls config, will override PodHttpChaos if
there are multiple HTTPChaos experiments are applied
properties:
caName:
description: CAName represents the data name of ca file in secret,
`ca.crt` for example
type: string
certName:
description: CertName represents the data name of cert file in
secret, `tls.crt` for example
type: string
keyName:
description: KeyName represents the data name of key file in secret,
`tls.key` for example
type: string
secretName:
description: SecretName represents the name of required secret
resource
type: string
secretNamespace:
description: SecretNamespace represents the namespace of required
secret resource
type: string
required:
- certName
- keyName
- secretName
- secretNamespace
type: object
value:
description: Value is required when the mode is set to `FixedMode`
/ `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide
Expand Down
30 changes: 30 additions & 0 deletions config/crd/bases/chaos-mesh.org_podhttpchaos.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -184,6 +184,36 @@ spec:
- target
type: object
type: array
tls:
description: TLS is the tls config, will be override if there are
multiple HTTPChaos experiments are applied
properties:
caName:
description: CAName represents the data name of ca file in secret,
`ca.crt` for example
type: string
certName:
description: CertName represents the data name of cert file in
secret, `tls.crt` for example
type: string
keyName:
description: KeyName represents the data name of key file in secret,
`tls.key` for example
type: string
secretName:
description: SecretName represents the name of required secret
resource
type: string
secretNamespace:
description: SecretNamespace represents the namespace of required
secret resource
type: string
required:
- certName
- keyName
- secretName
- secretNamespace
type: object
type: object
status:
description: PodHttpChaosStatus defines the actual state of PodHttpChaos.
Expand Down
91 changes: 91 additions & 0 deletions config/crd/bases/chaos-mesh.org_schedules.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -706,6 +706,36 @@ spec:
- Request
- Response
type: string
tls:
description: TLS is the tls config, will override PodHttpChaos
if there are multiple HTTPChaos experiments are applied
properties:
caName:
description: CAName represents the data name of ca file in
secret, `ca.crt` for example
type: string
certName:
description: CertName represents the data name of cert file
in secret, `tls.crt` for example
type: string
keyName:
description: KeyName represents the data name of key file
in secret, `tls.key` for example
type: string
secretName:
description: SecretName represents the name of required secret
resource
type: string
secretNamespace:
description: SecretNamespace represents the namespace of required
secret resource
type: string
required:
- certName
- keyName
- secretName
- secretNamespace
type: object
value:
description: Value is required when the mode is set to `FixedMode`
/ `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`,
Expand Down Expand Up @@ -3987,6 +4017,36 @@ spec:
- Request
- Response
type: string
tls:
description: TLS is the tls config, will override PodHttpChaos
if there are multiple HTTPChaos experiments are applied
properties:
caName:
description: CAName represents the data name of
ca file in secret, `ca.crt` for example
type: string
certName:
description: CertName represents the data name of
cert file in secret, `tls.crt` for example
type: string
keyName:
description: KeyName represents the data name of
key file in secret, `tls.key` for example
type: string
secretName:
description: SecretName represents the name of required
secret resource
type: string
secretNamespace:
description: SecretNamespace represents the namespace
of required secret resource
type: string
required:
- certName
- keyName
- secretName
- secretNamespace
type: object
value:
description: Value is required when the mode is set
to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.
Expand Down Expand Up @@ -7046,6 +7106,37 @@ spec:
- Request
- Response
type: string
tls:
description: TLS is the tls config, will override
PodHttpChaos if there are multiple HTTPChaos experiments
are applied
properties:
caName:
description: CAName represents the data name
of ca file in secret, `ca.crt` for example
type: string
certName:
description: CertName represents the data name
of cert file in secret, `tls.crt` for example
type: string
keyName:
description: KeyName represents the data name
of key file in secret, `tls.key` for example
type: string
secretName:
description: SecretName represents the name
of required secret resource
type: string
secretNamespace:
description: SecretNamespace represents the
namespace of required secret resource
type: string
required:
- certName
- keyName
- secretName
- secretNamespace
type: object
value:
description: Value is required when the mode is
set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.
Expand Down
Loading

0 comments on commit 80a288f

Please sign in to comment.