Skip to content

Haproxy route policy add authentication#412

Merged
Thanhphan1147 merged 88 commits intomainfrom
haproxy_route_policy_add_authentication
Mar 30, 2026
Merged

Haproxy route policy add authentication#412
Thanhphan1147 merged 88 commits intomainfrom
haproxy_route_policy_add_authentication

Conversation

@Thanhphan1147
Copy link
Copy Markdown
Collaborator

@Thanhphan1147 Thanhphan1147 commented Mar 26, 2026
edited
Loading

Added authentication:

  • Added test_settings_authenticated.py for auth tests, added unit-auth tox environment.
  • Added djangorestframework-simplejwt as a dependency.

Checklist

Thanhphan1147 and others added 30 commits March 17, 2026 15:08
@Thanhphan1147
Implement request API
7b7a688
@Thanhphan1147
update model validation before save and add unit tests
00a3ea7
@Thanhphan1147
Merge branch 'main' into haprox-route-policy-requests-api
77622dd
@Thanhphan1147
use environment variables for secret key
bc11a1f
@Thanhphan1147
Merge branch 'haprox-route-policy-requests-api' of github.com:canonic…
6f1499d 
…al/haproxy-operator into haprox-route-policy-requests-api
@Thanhphan1147
ruff format
6e98d08
@Thanhphan1147
add secret key for testing
f073454
@Thanhphan1147
remove port attribute from test
4842e4a
@Thanhphan1147
add requirements.txt for testing
5b667c0
@Thanhphan1147
reintroduce port field
e719d33
@Thanhphan1147
Add change artifact
597eb66
@Thanhphan1147
run lint with uv
6f51301
@Thanhphan1147
add unit testing
7f245ea
@Thanhphan1147
remove custom test
6254485
@Thanhphan1147
update migration
ad50aa3
@Thanhphan1147
Wrap creation under transaction.atomic
3640143 
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
@Thanhphan1147
Potential fix for pull request finding
adbf18f 
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
@Thanhphan1147
remove unused code
daef5d3
@Thanhphan1147
minor fixes to settings
78e5dc0
@Thanhphan1147
Potential fix for pull request finding
cd93076 
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
@Thanhphan1147
use django serializer
f93e9cb
@Thanhphan1147
update gitignore
4a92e21
@Thanhphan1147
Merge branch 'haprox-route-policy-requests-api' of github.com:canonic…
7b1c9ca 
…al/haproxy-operator into haprox-route-policy-requests-api
@Thanhphan1147
update view to use django rest
22e4aef
@Thanhphan1147
remove python-version
266e20e
@Thanhphan1147
update gitignore
d5db748
@Thanhphan1147
add missing license headers
34ca372
@Thanhphan1147
Add rules engine
3ea5d0e
@Thanhphan1147
update migration
16833e4
@Thanhphan1147
update view
efe9beb
@Thanhphan1147 Thanhphan1147 requested a review from a team as a code owner March 26, 2026 15:08
@Thanhphan1147 Thanhphan1147 changed the base branch from main to haproxy-route-policy-rules-matching March 26, 2026 15:09
Base automatically changed from haproxy-route-policy-rules-matching to main March 30, 2026 12:56
@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Mar 30, 2026

Test results for commit 2a0d45c

Test coverage for 2a0d45c

Name                                       Stmts   Miss Branch BrPart  Cover   Missing
--------------------------------------------------------------------------------------
lib/charms/haproxy/v0/ddos_protection.py     154     51     34      8    64%   157-174, 183-187, 288, 316-318, 323, 326-330, 342-344, 381, 387, 393, 396, 424, 495-498, 510-529
src/charm.py                                  21      0      0      0   100%
src/state.py                                  43      0      0      0   100%
--------------------------------------------------------------------------------------
TOTAL                                        218     51     34      8    73%

Static code analysis report

Run started:2026-03-30 13:50:26.964355+00:00

Test results:
  No issues identified.

Code scanned:
  Total lines of code: 333
  Total lines skipped (#nosec): 0
  Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 0

Run metrics:
  Total issues (by severity):
  	Undefined: 0
  	Low: 0
  	Medium: 0
  	High: 0
  Total issues (by confidence):
  	Undefined: 0
  	Low: 0
  	Medium: 0
  	High: 0
Files skipped (0):

@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Mar 30, 2026

Test results for commit 2a0d45c

Test coverage for 2a0d45c

Name                                         Stmts   Miss Branch BrPart  Cover   Missing
----------------------------------------------------------------------------------------
lib/charms/haproxy/v0/ddos_protection.py       154     42     34      3    72%   157-174, 183-187, 265, 284, 415-418, 422-424, 459-478, 514-529
lib/charms/haproxy/v0/spoe_auth.py             158     55     32      2    59%   203, 304-306, 315, 354-381, 392-402, 441-442, 459-472, 484-501, 522-525, 529-531
lib/charms/haproxy/v1/haproxy_route_tcp.py     385    153     78      8    56%   209, 212, 281, 290-293, 297-300, 318-321, 336, 342-347, 447, 452, 829-832, 836, 863-874, 897-900, 904-906, 926-928, 1042-1083, 1087-1093, 1097, 1166-1195, 1266-1305, 1335-1337, 1362-1364, 1386-1390, 1409-1411, 1429-1431, 1438-1444, 1452-1454, 1462-1463, 1474-1481, 1494-1505, 1513-1534, 1546-1547, 1558-1559, 1570-1573, 1584-1585, 1614-1623, 1639-1642, 1658-1669, 1685-1688, 1706-1717, 1728-1729, 1737-1738, 1746-1747, 1758-1761
lib/charms/haproxy/v2/haproxy_route.py         385     53     98     26    82%   181, 257, 266-269, 294-297, 318-323, 673-674, 860->exit, 867, 893-904, 927-930, 934-936, 955-957, 1129-1135, 1139, 1336->1338, 1340->1342, 1342->1344, 1344->1346, 1346->1348, 1348->1351, 1386, 1394, 1399, 1402, 1427, 1455, 1459, 1463, 1486, 1506, 1515-1516, 1518->exit, 1554-1556, 1576, 1590, 1595-1597
src/charm.py                                   286     69     78     11    71%   100, 228, 236-252, 257, 262, 279, 290, 296-297, 331-351, 455-463, 491-504, 517-522, 531, 544-545, 552, 562, 572, 578-584, 600, 650-653, 659->658, 672-675
src/haproxy.py                                 127     31      6      2    75%   110-116, 136-158, 268-269, 272, 280-286, 314, 344-355, 367-369, 379-380
src/http_interface.py                           73     25      4      0    62%   74, 83, 92, 106-108, 126, 138, 150, 162, 170-175, 187, 194, 202, 217-227
src/state/charm_state.py                        77     15     14      4    79%   93-95, 100-101, 104, 145-150, 159, 208-210, 222-223
src/state/ddos_protection.py                    39      0      2      0   100%
src/state/exception.py                           1      0      0      0   100%
src/state/ha.py                                 30      1      2      1    94%   50
src/state/haproxy_route.py                     197     14     60      5    90%   132, 161-170, 194, 227, 297, 346-348, 365
src/state/haproxy_route_tcp.py                 120     17     42      1    80%   92-94, 109->112, 147-160
src/state/ingress.py                            38      0      4      0   100%
src/state/ingress_per_unit.py                   32      0      4      0   100%
src/state/spoe_auth.py                          26      2      2      0    93%   63-64
src/state/tls.py                                39      7     12      4    78%   74, 77-78, 127-135, 141-142
src/state/validation.py                         46     23      8      1    44%   66-67, 71-98
src/tls_relation.py                             61      3     14      3    92%   86->85, 118-128, 140->142
----------------------------------------------------------------------------------------
TOTAL                                         2274    510    494     71    74%

Static code analysis report

Working... ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 100% 0:00:00
Run started:2026-03-30 13:20:08.552313+00:00

Test results:
  No issues identified.

Code scanned:
  Total lines of code: 10203
  Total lines skipped (#nosec): 13
  Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 10

Run metrics:
  Total issues (by severity):
  	Undefined: 0
  	Low: 0
  	Medium: 0
  	High: 0
  Total issues (by confidence):
  	Undefined: 0
  	Low: 0
  	Medium: 0
  	High: 0
Files skipped (0):

@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Mar 30, 2026

Test results for commit 2a0d45c

Test coverage for 2a0d45c

Name                                    Stmts   Miss  Cover
-----------------------------------------------------------
haproxy_route_policy/__init__.py            0      0   100%
haproxy_route_policy/settings.py           28      1    96%
haproxy_route_policy/test_settings.py       4      0   100%
haproxy_route_policy/urls.py                5      0   100%
manage.py                                  11      2    82%
policy/__init__.py                          0      0   100%
policy/apps.py                              3      0   100%
policy/db_models.py                        49      2    96%
policy/middleware.py                       16      4    75%
policy/migrations/0001_initial.py           7      0   100%
policy/migrations/0002_rule.py              5      0   100%
policy/migrations/__init__.py               0      0   100%
policy/rule_engine.py                      36      1    97%
policy/serializers.py                      25      0   100%
policy/tests/__init__.py                    0      0   100%
policy/tests/test_auth.py                  36     20    44%
policy/tests/test_models.py                85      0   100%
policy/tests/test_rule_engine.py          117      0   100%
policy/tests/test_views.py                201      0   100%
policy/urls.py                              3      0   100%
policy/views.py                            83      6    93%
-----------------------------------------------------------
TOTAL                                     714     36    95%

Static code analysis report

Run started:2026-03-30 13:20:26.698165+00:00

Test results:
  No issues identified.

Code scanned:
  Total lines of code: 1556
  Total lines skipped (#nosec): 1
  Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 0

Run metrics:
  Total issues (by severity):
  	Undefined: 0
  	Low: 0
  	Medium: 0
  	High: 0
  Total issues (by confidence):
  	Undefined: 0
  	Low: 0
  	Medium: 0
  	High: 0
Files skipped (0):

@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Mar 30, 2026

Test results for commit 2a0d45c

Test coverage for 2a0d45c

Name                               Stmts   Miss Branch BrPart  Cover   Missing
------------------------------------------------------------------------------
src/charm.py                          45      9      2      0    77%   65-91, 96-98
src/haproxy_spoe_auth_service.py      44     16      2      0    61%   56-64, 76-82, 93-117
src/state.py                          55     15      6      1    67%   64-66, 79, 125-146
------------------------------------------------------------------------------
TOTAL                                144     40     10      1    68%

Static code analysis report

Run started:2026-03-30 13:06:09.265163

Test results:
  No issues identified.

Code scanned:
  Total lines of code: 409
  Total lines skipped (#nosec): 1
  Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 1

Run metrics:
  Total issues (by severity):
  	Undefined: 0
  	Low: 0
  	Medium: 0
  	High: 0
  Total issues (by confidence):
  	Undefined: 0
  	Low: 0
  	Medium: 0
  	High: 0
Files skipped (0):

@Thanhphan1147 Thanhphan1147 merged commit a523de9 into main Mar 30, 2026
89 checks passed
@Thanhphan1147 Thanhphan1147 deleted the haproxy_route_policy_add_authentication branch March 30, 2026 14:34
Thanhphan1147 added a commit that referenced this pull request Mar 30, 2026
@Thanhphan1147
@github-actions @alithethird
Haproxy route policy add authentication (#412)
c770587 
* Implement request API

* update model validation before save and add unit tests

* use environment variables for secret key

* ruff format

* add secret key for testing

* remove port attribute from test

* add requirements.txt for testing

* reintroduce port field

* Add change artifact

* run lint with uv

* add unit testing

* remove custom test

* update migration

* Wrap creation under `transaction.atomic`

Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>

* Potential fix for pull request finding

Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>

* remove unused code

* minor fixes to settings

* Potential fix for pull request finding

Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>

* use django serializer

* update gitignore

* update view to use django rest

* remove python-version

* update gitignore

* add missing license headers

* Add rules engine

* update migration

* update view

* fix lint

* remove extra tests

* add validation and update tests

* update view

* remove to_dict

* use serializer for get

* use serializer

* remove unused tests

* use filter for delete query

* update tests and move validation to serializer class

* Apply suggestion from @github-actions[bot]

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>

* Update haproxy-route-policy/policy/migrations/0001_initial.py

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>

* Revert "Update haproxy-route-policy/policy/migrations/0001_initial.py"

This reverts commit 10a2708.

* ignore migration files for license header

* remove license header from generated files

* add change artifact

* add envlist to tox commands

* update envlist

* convert pk to uuid for requests

* Add guard against mal-formed uuid and parameter. Add logging configs,  Add middleware to guard against db connection errors

* add validators for port and paths

* add tests for validators

* add note for migration

* ruff format

* remove unused imports

* add static tests

* guard rules API against pk

* update view, middle wares and tests

* refactor tests by parametrizing

* group tests by parameterizing

* refactor Rule model to rename attribute from "value" to "parameters"

* update test name

* update naming

* Add coverage-report as part of unit test suite

* update env list

* implement rule evaluation

* add change artifact

* update imports

* update naming

* update rules matching logic

* update tests

* save request using serializer with the correct instace

* group tests

* update formatting

* Add authentication configuration for django-restframework and adapt tests for auth

* add change artifact

* Add token urls

---------

Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Ali UĞUR <39213991+alithethird@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@seb4stien seb4stien seb4stien approved these changes

@arturo-seijas arturo-seijas arturo-seijas approved these changes

Assignees

No one assigned

Labels

Libraries: Out of sync trivial

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@Thanhphan1147 @seb4stien @arturo-seijas @alithethird