octavia 13.0.0__py3-none-any.whl → 13.0.1__py3-none-any.whl

octavia/tests/unit/amphorae/backends/agent/api_server/test_util.py

@@ -370,13 +370,57 @@ class TestUtil(base.TestCase):
         self.assertEqual([], util.get_haproxy_vip_addresses(LB_ID1))
         mock_cfg_path.assert_called_once_with(LB_ID1)
 
+    @mock.patch('octavia.amphorae.backends.agent.api_server.util.'
+                'keepalived_lvs_cfg_path')
+    def test_get_lvs_vip_addresses(self, mock_cfg_path):
+        FAKE_PATH = 'fake_path'
+        mock_cfg_path.return_value = FAKE_PATH
+        self.useFixture(
+            test_utils.OpenFixture(FAKE_PATH, 'no match')).mock_open()
+
+        # Test with no matching lines in the config file
+        self.assertEqual([], util.get_lvs_vip_addresses(LB_ID1))
+        mock_cfg_path.assert_called_once_with(LB_ID1)
+
+        # Test with 2 matching lines
+        mock_cfg_path.reset_mock()
+        test_data = ('virtual_server_group ipv4-group {\n'
+                     '    203.0.113.43 1\n'
+                     '    203.0.113.44 1\n'
+                     '}\n')
+        self.useFixture(
+            test_utils.OpenFixture(FAKE_PATH, test_data)).mock_open()
+        expected_result = ['203.0.113.43', '203.0.113.44']
+        self.assertEqual(expected_result,
+                         util.get_lvs_vip_addresses(LB_ID1))
+        mock_cfg_path.assert_called_once_with(LB_ID1)
+
+        # Test with 2 groups
+        mock_cfg_path.reset_mock()
+        test_data = ('virtual_server_group ipv4-group {\n'
+                     '    203.0.113.43 1\n'
+                     '}\n'
+                     'virtual_server_group ipv6-group {\n'
+                     '    2d01:27::1 2\n'
+                     '    2d01:27::2 2\n'
+                     '}\n')
+        self.useFixture(
+            test_utils.OpenFixture(FAKE_PATH, test_data)).mock_open()
+        expected_result = ['203.0.113.43', '2d01:27::1', '2d01:27::2']
+        self.assertEqual(expected_result,
+                         util.get_lvs_vip_addresses(LB_ID1))
+        mock_cfg_path.assert_called_once_with(LB_ID1)
+
     @mock.patch('octavia.amphorae.backends.utils.ip_advertisement.'
                 'send_ip_advertisement')
     @mock.patch('octavia.amphorae.backends.utils.network_utils.'
                 'get_interface_name')
     @mock.patch('octavia.amphorae.backends.agent.api_server.util.'
                 'get_haproxy_vip_addresses')
-    def test_send_vip_advertisements(self, mock_get_vip_addrs,
+    @mock.patch('octavia.amphorae.backends.agent.api_server.util.'
+                'get_lvs_vip_addresses')
+    def test_send_vip_advertisements(self, mock_get_lvs_vip_addrs,
+                                     mock_get_vip_addrs,
                                      mock_get_int_name, mock_send_advert):
         mock_get_vip_addrs.side_effect = [[], ['203.0.113.46'],
                                           Exception('boom')]
@@ -385,6 +429,7 @@ class TestUtil(base.TestCase):
         # Test no VIPs
         util.send_vip_advertisements(LB_ID1)
         mock_get_vip_addrs.assert_called_once_with(LB_ID1)
+        mock_get_lvs_vip_addrs.assert_not_called()
         mock_get_int_name.assert_not_called()
         mock_send_advert.assert_not_called()
 
@@ -394,6 +439,7 @@ class TestUtil(base.TestCase):
         mock_send_advert.reset_mock()
         util.send_vip_advertisements(LB_ID1)
         mock_get_vip_addrs.assert_called_once_with(LB_ID1)
+        mock_get_lvs_vip_addrs.assert_not_called()
         mock_get_int_name.assert_called_once_with(
             '203.0.113.46', net_ns=consts.AMPHORA_NAMESPACE)
         mock_send_advert.assert_called_once_with(
@@ -407,6 +453,48 @@ class TestUtil(base.TestCase):
         mock_get_int_name.assert_not_called()
         mock_send_advert.assert_not_called()
 
+    @mock.patch('octavia.amphorae.backends.utils.ip_advertisement.'
+                'send_ip_advertisement')
+    @mock.patch('octavia.amphorae.backends.utils.network_utils.'
+                'get_interface_name')
+    @mock.patch('octavia.amphorae.backends.agent.api_server.util.'
+                'get_haproxy_vip_addresses')
+    @mock.patch('octavia.amphorae.backends.agent.api_server.util.'
+                'get_lvs_vip_addresses')
+    def test_send_vip_advertisements_udp(self, mock_get_lvs_vip_addrs,
+                                         mock_get_vip_addrs,
+                                         mock_get_int_name, mock_send_advert):
+        mock_get_lvs_vip_addrs.side_effect = [[], ['203.0.113.46'],
+                                              Exception('boom')]
+        mock_get_int_name.return_value = 'fake0'
+
+        # Test no VIPs
+        util.send_vip_advertisements(listener_id=LISTENER_ID1)
+        mock_get_lvs_vip_addrs.assert_called_once_with(LISTENER_ID1)
+        mock_get_vip_addrs.assert_not_called()
+        mock_get_int_name.assert_not_called()
+        mock_send_advert.assert_not_called()
+
+        # Test with a VIP
+        mock_get_lvs_vip_addrs.reset_mock()
+        mock_get_int_name.reset_mock()
+        mock_send_advert.reset_mock()
+        util.send_vip_advertisements(listener_id=LISTENER_ID1)
+        mock_get_lvs_vip_addrs.assert_called_once_with(LISTENER_ID1)
+        mock_get_vip_addrs.assert_not_called()
+        mock_get_int_name.assert_called_once_with(
+            '203.0.113.46', net_ns=consts.AMPHORA_NAMESPACE)
+        mock_send_advert.assert_called_once_with(
+            'fake0', '203.0.113.46', net_ns=consts.AMPHORA_NAMESPACE)
+
+        # Test with an exception (should not raise)
+        mock_get_lvs_vip_addrs.reset_mock()
+        mock_get_int_name.reset_mock()
+        mock_send_advert.reset_mock()
+        util.send_vip_advertisements(listener_id=LISTENER_ID1)
+        mock_get_int_name.assert_not_called()
+        mock_send_advert.assert_not_called()
+
     @mock.patch('octavia.amphorae.backends.utils.ip_advertisement.'
                 'send_ip_advertisement')
     @mock.patch('octavia.amphorae.backends.utils.network_utils.'

octavia/tests/unit/amphorae/backends/utils/test_interface.py

@@ -714,7 +714,9 @@ class TestInterface(base.TestCase):
                       table=254,
                       family=socket.AF_INET)])
 
-        mock_check_output.assert_not_called()
+        mock_check_output.assert_has_calls([
+            mock.call(["post-up", "eth1"])
+        ])
 
     @mock.patch('pyroute2.IPRoute.rule')
     @mock.patch('pyroute2.IPRoute.route')

octavia/tests/unit/amphorae/drivers/haproxy/test_rest_api_driver.py

@@ -76,9 +76,9 @@ class TestHAProxyAmphoraDriver(base.TestCase):
         mock_api_version.reset_mock()
         client_mock.reset_mock()
 
-        result = self.driver.get_interface_from_ip(amphora_mock, IP_ADDRESS)
-
-        self.assertIsNone(result)
+        self.assertRaises(
+            exc.NotFound,
+            self.driver.get_interface_from_ip, amphora_mock, IP_ADDRESS)
         mock_api_version.assert_called_once_with(amphora_mock, None)
         client_mock.get_interface.assert_called_once_with(
             amphora_mock, IP_ADDRESS, None, log_error=False)

octavia/tests/unit/amphorae/drivers/keepalived/jinja/test_jinja_cfg.py

@@ -71,7 +71,6 @@ class TestVRRPRestDriver(base.TestCase):
             "}\n"
             "\n"
             "vrrp_instance TESTGROUP {\n"
-            "    state MASTER\n"
             "    interface eth1\n"
             "    virtual_router_id 1\n"
             "    priority 100\n"
@@ -124,7 +123,6 @@ class TestVRRPRestDriver(base.TestCase):
             "}\n"
             "\n"
             "vrrp_instance TESTGROUP {\n"
-            "    state MASTER\n"
             "    interface eth1\n"
             "    virtual_router_id 1\n"
             "    priority 100\n"
@@ -170,7 +168,6 @@ class TestVRRPRestDriver(base.TestCase):
             "}\n"
             "\n"
             "vrrp_instance TESTGROUP {\n"
-            "    state MASTER\n"
             "    interface eth1\n"
             "    virtual_router_id 1\n"
             "    priority 100\n"
@@ -220,7 +217,6 @@ class TestVRRPRestDriver(base.TestCase):
             "}\n"
             "\n"
             "vrrp_instance TESTGROUP {\n"
-            "    state MASTER\n"
             "    interface eth1\n"
             "    virtual_router_id 1\n"
             "    priority 100\n"

octavia/tests/unit/amphorae/drivers/keepalived/test_vrrp_rest_driver.py

@@ -107,6 +107,9 @@ class TestVRRPRestDriver(base.TestCase):
 
         self.keepalived_mixin.start_vrrp_service(self.amphora_mock)
 
+        populate_mock = self.keepalived_mixin._populate_amphora_api_version
+        populate_mock.assert_called_once_with(self.amphora_mock,
+                                              timeout_dict=None)
         self.clients[API_VERSION].start_vrrp.assert_called_once_with(
             self.amphora_mock, timeout_dict=None)
 
@@ -121,6 +124,20 @@ class TestVRRPRestDriver(base.TestCase):
 
         self.clients[API_VERSION].start_vrrp.assert_not_called()
 
+        # With timeout_dict
+        self.clients[API_VERSION].start_vrrp.reset_mock()
+        populate_mock.reset_mock()
+
+        timeout_dict = mock.Mock()
+        self.keepalived_mixin.start_vrrp_service(self.amphora_mock,
+                                                 timeout_dict=timeout_dict)
+
+        populate_mock = self.keepalived_mixin._populate_amphora_api_version
+        populate_mock.assert_called_once_with(self.amphora_mock,
+                                              timeout_dict=timeout_dict)
+        self.clients[API_VERSION].start_vrrp.assert_called_once_with(
+            self.amphora_mock, timeout_dict=timeout_dict)
+
     def test_reload_vrrp_service(self):
 
         self.keepalived_mixin.reload_vrrp_service(self.lb_mock)

octavia/tests/unit/api/common/test_pagination.py

@@ -103,6 +103,16 @@ class TestPaginationHelper(base.TestCase):
         helper.apply(query_mock, models.LoadBalancer)
         self.assertEqual(params, helper.filters)
 
+    @mock.patch('octavia.api.common.pagination.request')
+    def test_filter_with_booleans(self, request_mock):
+        params = {'backup': 'True', 'admin_state_up': 'false'}
+        expected_params = {'backup': True, 'enabled': False}
+        helper = pagination.PaginationHelper(params)
+        query_mock = mock.MagicMock()
+
+        helper.apply(query_mock, models.Member)
+        self.assertEqual(expected_params, helper.filters)
+
     @mock.patch('octavia.api.common.pagination.request')
     def test_filter_mismatched_params(self, request_mock):
         params = {
@@ -227,12 +237,46 @@ class TestPaginationHelper(base.TestCase):
         helper = pagination.PaginationHelper(params)
         links = helper._make_links(model_list)
         self.assertEqual(links[0].rel, "previous")
+        self.assertEqual(
+            links[0].href,
+            ("{base_uri}{path}?limit={limit}&marker={marker}"
+             "&page_reverse=True").format(
+                base_uri=api_base_uri,
+                path=request_mock.path,
+                limit=params['limit'],
+                marker=member1.id
+            ))
+        self.assertEqual(links[1].rel, "next")
         self.assertEqual(
             links[1].href,
             "{base_uri}{path}?limit={limit}&marker={marker}".format(
                 base_uri=api_base_uri,
                 path=request_mock.path,
                 limit=params['limit'],
+                marker=member1.id))
+
+    @mock.patch('octavia.api.common.pagination.request')
+    def test_make_links_with_zero_limit(self, request_mock):
+        request_mock.path = "/lbaas/v2/pools/1/members"
+        request_mock.path_url = "http://localhost" + request_mock.path
+        api_base_uri = "https://127.0.0.1"
+        conf = self.useFixture(oslo_fixture.Config(cfg.CONF))
+        conf.config(group='api_settings', api_base_uri=api_base_uri)
+        member1 = models.Member()
+        member1.id = uuidutils.generate_uuid()
+        model_list = [member1]
+
+        params = {'limit': 0, 'marker': member1.id}
+        helper = pagination.PaginationHelper(params)
+        links = helper._make_links(model_list)
+        self.assertEqual(links[0].rel, "previous")
+        self.assertEqual(
+            links[0].href,
+            ("{base_uri}{path}?limit={limit}&marker={marker}"
+             "&page_reverse=True").format(
+                base_uri=api_base_uri,
+                path=request_mock.path,
+                limit=None,
                 marker=member1.id
             ))
         self.assertEqual(links[1].rel, "next")
@@ -241,5 +285,38 @@ class TestPaginationHelper(base.TestCase):
             "{base_uri}{path}?limit={limit}&marker={marker}".format(
                 base_uri=api_base_uri,
                 path=request_mock.path,
-                limit=params['limit'],
+                limit=None,
+                marker=member1.id))
+
+    @mock.patch('octavia.api.common.pagination.request')
+    def test_make_links_with_negative_limit(self, request_mock):
+        request_mock.path = "/lbaas/v2/pools/1/members"
+        request_mock.path_url = "http://localhost" + request_mock.path
+        api_base_uri = "https://127.0.0.1"
+        conf = self.useFixture(oslo_fixture.Config(cfg.CONF))
+        conf.config(group='api_settings', api_base_uri=api_base_uri)
+        member1 = models.Member()
+        member1.id = uuidutils.generate_uuid()
+        model_list = [member1]
+
+        params = {'limit': -1, 'marker': member1.id}
+        helper = pagination.PaginationHelper(params)
+        links = helper._make_links(model_list)
+        self.assertEqual(links[0].rel, "previous")
+        self.assertEqual(
+            links[0].href,
+            ("{base_uri}{path}?limit={limit}&marker={marker}"
+             "&page_reverse=True").format(
+                base_uri=api_base_uri,
+                path=request_mock.path,
+                limit=None,
+                marker=member1.id
+            ))
+        self.assertEqual(links[1].rel, "next")
+        self.assertEqual(
+            links[1].href,
+            "{base_uri}{path}?limit={limit}&marker={marker}".format(
+                base_uri=api_base_uri,
+                path=request_mock.path,
+                limit=None,
                 marker=member1.id))

octavia/tests/unit/api/v2/types/test_pool.py

@@ -17,8 +17,12 @@ from wsme import exc
 from wsme.rest import json as wsme_json
 from wsme import types as wsme_types
 
+from octavia.api.common import types
+from octavia.api.v2.types import health_monitor as health_monitor_type
+from octavia.api.v2.types import member as member_type
 from octavia.api.v2.types import pool as pool_type
 from octavia.common import constants
+from octavia.common import data_models
 from octavia.tests.unit.api.common import base
 
 
@@ -224,3 +228,70 @@ class TestSessionPersistencePUT(base.BaseTypesTest, TestSessionPersistence):
         body = {"cookie_name": "cookie\nmonster"}
         self.assertRaises(exc.InvalidInput, wsme_json.fromjson, self._type,
                           body)
+
+
+class TestPoolResponse(base.BaseTypesTest):
+
+    _type = pool_type.PoolResponse
+
+    def test_pool_response_with_health_monitor(self):
+        health_monitor_id = uuidutils.generate_uuid()
+        health_monitor_model = data_models.HealthMonitor(id=health_monitor_id)
+        pool_model = data_models.Pool(health_monitor=health_monitor_model)
+        pool = self._type.from_data_model(data_model=pool_model)
+        self.assertEqual(pool.healthmonitor_id, health_monitor_id)
+
+    def test_pool_response_with_members(self):
+        member_id = uuidutils.generate_uuid()
+        members = [data_models.Member(id=member_id)]
+        pool_model = data_models.Pool(members=members)
+        pool = self._type.from_data_model(data_model=pool_model)
+        self.assertIsInstance(pool.members[0], types.IdOnlyType)
+        self.assertEqual(pool.members[0].id, member_id)
+
+    def test_pool_response_with_load_balancer(self):
+        load_balancer_id = uuidutils.generate_uuid()
+        load_balancer = data_models.LoadBalancer(id=load_balancer_id)
+        pool_model = data_models.Pool(load_balancer=load_balancer)
+        pool = self._type.from_data_model(data_model=pool_model)
+        self.assertIsInstance(pool.loadbalancers[0], types.IdOnlyType)
+        self.assertEqual(pool.loadbalancers[0].id, load_balancer_id)
+
+    def test_pool_response_with_session_persistence(self):
+        session_persistence = data_models.SessionPersistence(
+            cookie_name="test"
+        )
+        pool_model = data_models.Pool(session_persistence=session_persistence)
+        pool = self._type.from_data_model(data_model=pool_model)
+        self.assertEqual(pool.session_persistence.cookie_name, "test")
+
+    def test_pool_response_without_children(self):
+        pool = self._type.from_data_model(data_model=data_models.Pool())
+        self.assertEqual(len(pool.loadbalancers), 0)
+        self.assertIsNone(pool.session_persistence)
+        self.assertEqual(len(pool.members), 0)
+        self.assertEqual(len(pool.listeners), 0)
+        self.assertEqual(pool.healthmonitor_id, wsme_types.Unset)
+
+
+class TestPoolFullResponse(base.BaseTypesTest):
+
+    _type = pool_type.PoolFullResponse
+
+    def test_pool_full_response_with_health_monitor(self):
+        health_monitor_model = data_models.HealthMonitor()
+        pool_model = data_models.Pool(health_monitor=health_monitor_model)
+        pool = self._type.from_data_model(data_model=pool_model)
+        self.assertIsInstance(
+            pool.healthmonitor, health_monitor_type.HealthMonitorFullResponse
+        )
+
+    def test_pool_full_response_with_members(self):
+        members = [data_models.Member()]
+        pool_model = data_models.Pool(members=members)
+        pool = self._type.from_data_model(data_model=pool_model)
+        self.assertIsInstance(pool.members[0], member_type.MemberFullResponse)
+
+    def test_pool_full_response_without_children(self):
+        pool = self._type.from_data_model(data_model=data_models.Pool())
+        self.assertIsNone(pool.healthmonitor)

octavia/tests/unit/certificates/manager/test_barbican.py

@@ -15,7 +15,6 @@ from unittest import mock
 import uuid
 
 from barbicanclient.v1 import secrets
-from OpenSSL import crypto
 
 import octavia.certificates.common.barbican as barbican_common
 import octavia.certificates.common.cert as cert
@@ -138,10 +137,11 @@ class TestBarbicanManager(base.TestCase):
                          sorted(data.get_intermediates()))
         self.assertIsNone(data.get_private_key_passphrase())
 
-    @mock.patch('OpenSSL.crypto.load_pkcs12')
+    @mock.patch('cryptography.hazmat.primitives.serialization.pkcs12.'
+                'load_pkcs12')
     def test_get_cert_bad_pkcs12(self, mock_load_pkcs12):
 
-        mock_load_pkcs12.side_effect = [crypto.Error]
+        mock_load_pkcs12.side_effect = [ValueError]
 
         # Mock out the client
         self.bc.secrets.get.return_value = self.secret_pkcs12

octavia/tests/unit/certificates/manager/test_noop.py

@@ -0,0 +1,53 @@
+# Copyright 2023 Red Hat
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+
+from oslo_utils import uuidutils
+
+from octavia.certificates.common import cert
+from octavia.certificates.manager import noop as noop_cert_mgr
+from octavia.tests.common import sample_certs
+import octavia.tests.unit.base as base
+
+
+class TestNoopManager(base.TestCase):
+
+    def setUp(self):
+        super().setUp()
+        self.manager = noop_cert_mgr.NoopCertManager()
+
+    def test_store_cert(self):
+        certificate = self.manager.store_cert(
+            None,
+            sample_certs.X509_CERT,
+            sample_certs.X509_CERT_KEY_ENCRYPTED,
+            sample_certs.X509_IMDS,
+            private_key_passphrase=sample_certs.X509_CERT_KEY_PASSPHRASE)
+        self.assertIsNotNone(certificate)
+        self.assertIsInstance(certificate, cert.Cert)
+
+    def test_get_cert(self):
+        cert_ref = uuidutils.generate_uuid()
+        certificate = self.manager.get_cert(
+            context=None,
+            cert_ref=cert_ref)
+        self.assertIsNotNone(certificate)
+        self.assertIsInstance(certificate, cert.Cert)
+
+    def test_get_secret(self):
+        secret_ref = uuidutils.generate_uuid()
+        secret = self.manager.get_secret(
+            context=None,
+            secret_ref=secret_ref)
+        self.assertIsNotNone(secret)
+        self.assertIsInstance(secret, cert.Cert)

octavia/tests/unit/cmd/test_prometheus_proxy.py

@@ -147,6 +147,7 @@ class TestPrometheusProxyCMD(base.TestCase):
         mock_http.shutdown.assert_called_once()
 
     @mock.patch('threading.Thread')
+    @mock.patch('http.server.ThreadingHTTPServer.__init__')
     @mock.patch('http.server.ThreadingHTTPServer.serve_forever')
     @mock.patch('octavia.amphorae.backends.utils.network_namespace.'
                 'NetworkNamespace.__exit__')
@@ -155,12 +156,18 @@ class TestPrometheusProxyCMD(base.TestCase):
     @mock.patch('octavia.cmd.prometheus_proxy.EXIT_EVENT')
     @mock.patch('octavia.cmd.prometheus_proxy.SignalHandler')
     def test_main(self, mock_signal_handler, mock_exit_event, mock_netns_enter,
-                  mock_netns_exit, mock_serve_forever, mock_thread):
+                  mock_netns_exit, mock_serve_forever, mock_server_init,
+                  mock_thread):
 
         mock_exit_event.is_set.side_effect = [False, False, True]
         mock_netns_enter.side_effect = [Exception('boom'), True]
 
+        mock_server_init.return_value = None
+
         prometheus_proxy.main()
 
         mock_signal_handler.assert_called_once()
+        mock_server_init.assert_called_once_with(
+            ('127.0.0.1', 9102),
+            prometheus_proxy.PrometheusProxy)
         mock_serve_forever.assert_called_once()

octavia/tests/unit/common/jinja/haproxy/combined_listeners/test_jinja_cfg.py

@@ -813,7 +813,6 @@ class TestHaproxyCfg(base.TestCase):
               "    balance roundrobin\n"
               "    cookie SRV insert indirect nocache\n"
               "    timeout check 31s\n"
-              "    option ssl-hello-chk\n"
               "    fullconn {maxconn}\n"
               "    option allbackups\n"
               "    timeout connect 5000\n"
@@ -1331,11 +1330,11 @@ class TestHaproxyCfg(base.TestCase):
               "    timeout connect 5000\n"
               "    timeout server 50000\n"
               "    server sample_member_id_1 10.0.0.99:82 weight 13 "
-              "check inter 30s fall 3 rise 2 cookie sample_member_id_1 "
-              "{opts} alpn {alpn}\n"
+              "check check-alpn {alpn} inter 30s fall 3 rise 2 cookie "
+              "sample_member_id_1 {opts} alpn {alpn}\n"
               "    server sample_member_id_2 10.0.0.98:82 weight 13 "
-              "check inter 30s fall 3 rise 2 cookie sample_member_id_2 "
-              "{opts} alpn {alpn}\n\n").format(
+              "check check-alpn {alpn} inter 30s fall 3 rise 2 cookie "
+              "sample_member_id_2 {opts} alpn {alpn}\n\n").format(
             maxconn=constants.HAPROXY_DEFAULT_MAXCONN,
             opts="ssl crt %s verify none sni ssl_fc_sni" % cert_file_path +
                  " ciphers " + constants.CIPHERS_OWASP_SUITE_B +
@@ -1410,11 +1409,11 @@ class TestHaproxyCfg(base.TestCase):
               "    timeout connect 5000\n"
               "    timeout server 50000\n"
               "    server sample_member_id_1 10.0.0.99:82 weight 13 "
-              "check inter 30s fall 3 rise 2 cookie sample_member_id_1 "
-              "{opts} alpn {alpn}\n"
+              "check check-alpn {alpn} inter 30s fall 3 rise 2 cookie "
+              "sample_member_id_1 {opts} alpn {alpn}\n"
               "    server sample_member_id_2 10.0.0.98:82 weight 13 "
-              "check inter 30s fall 3 rise 2 cookie sample_member_id_2 "
-              "{opts} alpn {alpn}\n\n").format(
+              "check check-alpn {alpn} inter 30s fall 3 rise 2 cookie "
+              "sample_member_id_2 {opts} alpn {alpn}\n\n").format(
             maxconn=constants.HAPROXY_DEFAULT_MAXCONN,
             opts="ssl crt %s verify none sni ssl_fc_sni" % cert_file_path +
                  " ciphers " + constants.CIPHERS_OWASP_SUITE_B,
@@ -1450,11 +1449,11 @@ class TestHaproxyCfg(base.TestCase):
               "    timeout connect 5000\n"
               "    timeout server 50000\n"
               "    server sample_member_id_1 10.0.0.99:82 weight 13 "
-              "check inter 30s fall 3 rise 2 cookie sample_member_id_1 "
-              "{opts} alpn {alpn}\n"
+              "check check-alpn {alpn} inter 30s fall 3 rise 2 cookie "
+              "sample_member_id_1 {opts} alpn {alpn}\n"
               "    server sample_member_id_2 10.0.0.98:82 weight 13 "
-              "check inter 30s fall 3 rise 2 cookie sample_member_id_2 "
-              "{opts} alpn {alpn}\n\n").format(
+              "check check-alpn {alpn} inter 30s fall 3 rise 2 cookie "
+              "sample_member_id_2 {opts} alpn {alpn}\n\n").format(
             maxconn=constants.HAPROXY_DEFAULT_MAXCONN,
             opts="ssl crt %s verify none sni ssl_fc_sni" % cert_file_path +
                  " no-sslv3 no-tlsv10 no-tlsv11",
@@ -1550,11 +1549,11 @@ class TestHaproxyCfg(base.TestCase):
               "    timeout connect 5000\n"
               "    timeout server 50000\n"
               "    server sample_member_id_1 10.0.0.99:82 weight 13 "
-              "check inter 30s fall 3 rise 2 cookie sample_member_id_1 "
-              "{opts} alpn {alpn}\n"
+              "check check-alpn {alpn} inter 30s fall 3 rise 2 cookie "
+              "sample_member_id_1 {opts} alpn {alpn}\n"
               "    server sample_member_id_2 10.0.0.98:82 weight 13 "
-              "check inter 30s fall 3 rise 2 cookie sample_member_id_2 "
-              "{opts} alpn {alpn}\n\n").format(
+              "check check-alpn {alpn} inter 30s fall 3 rise 2 cookie "
+              "sample_member_id_2 {opts} alpn {alpn}\n\n").format(
             maxconn=constants.HAPROXY_DEFAULT_MAXCONN,
             opts="%s %s %s %s %s %s" % (
                 "ssl", "crt", pool_client_cert,

octavia/tests/unit/common/test_config.py

@@ -78,3 +78,38 @@ class TestConfig(base.TestCase):
         self.assertEqual(
             3,
             conf.conf.haproxy_amphora.active_connection_retry_interval)
+
+    def test_handle_neutron_deprecations(self):
+        conf = self.useFixture(oslo_fixture.Config(config.cfg.CONF))
+
+        # The deprecated settings are copied to the new settings
+        conf.config(endpoint='my_endpoint',
+                    endpoint_type='internal',
+                    ca_certificates_file='/path/to/certs',
+                    group='neutron')
+
+        config.handle_neutron_deprecations()
+
+        self.assertEqual('my_endpoint', conf.conf.neutron.endpoint_override)
+        self.assertEqual(['internal'], conf.conf.neutron.valid_interfaces)
+        self.assertEqual('/path/to/certs', conf.conf.neutron.cafile)
+
+    # Test case for https://bugs.launchpad.net/octavia/+bug/2051604
+    def test_handle_neutron_deprecations_with_precedence(self):
+        conf = self.useFixture(oslo_fixture.Config(config.cfg.CONF))
+
+        # The deprecated settings should not override the new settings when
+        # they exist
+        conf.config(endpoint='my_old_endpoint',
+                    endpoint_type='old_type',
+                    ca_certificates_file='/path/to/old_certs',
+                    endpoint_override='my_endpoint',
+                    valid_interfaces=['internal'],
+                    cafile='/path/to/certs',
+                    group='neutron')
+
+        config.handle_neutron_deprecations()
+
+        self.assertEqual('my_endpoint', conf.conf.neutron.endpoint_override)
+        self.assertEqual(['internal'], conf.conf.neutron.valid_interfaces)
+        self.assertEqual('/path/to/certs', conf.conf.neutron.cafile)

octavia/tests/unit/common/test_keystone.py

@@ -52,3 +52,35 @@ class TestKeystoneSession(base.TestCase):
             [call("Overriding [%s].%s with '%s'", 'neutron', 'cafile',
                   'bar')]
         )
+
+    # Test case for https://bugs.launchpad.net/octavia/+bug/2051604
+    @mock.patch("octavia.common.keystone.ks_loading"
+                ".load_auth_from_conf_options")
+    @mock.patch("octavia.common.keystone.LOG")
+    def test_get_auth_neutron_override_endpoint(self,
+                                                mock_log,
+                                                mock_load_auth):
+        opt_mock = mock.MagicMock()
+        opt_mock.dest = "foo"
+        conf = oslo_fixture.Config(cfg.CONF)
+        conf.conf.set_default('endpoint_override', 'default_endpoint',
+                              'service_auth')
+        conf.conf.set_default('endpoint_override', 'new_endpoint',
+                              'neutron')
+
+        mock_load_auth.side_effect = [
+            ks_exceptions.auth_plugins.MissingRequiredOptions(
+                [opt_mock]),
+            None,
+            None
+        ]
+
+        sess = ks.KeystoneSession("neutron")
+        sess.get_auth()
+
+        # [service_auth].endpoint_override should not override
+        # [neutron].endpoint_override
+        self.assertNotIn(
+            call("Overriding [%s].%s with '%s'", 'neutron',
+                 'endpoint_override', 'default_endpoint'),
+            mock_log.debug.mock_calls)