@@ -35,6 +35,7 @@ import (
35
35
"k8s.io/ingress-nginx/internal/ingress/annotations/authreq"
36
36
"k8s.io/ingress-nginx/internal/ingress/annotations/influxdb"
37
37
"k8s.io/ingress-nginx/internal/ingress/annotations/luarestywaf"
38
+ "k8s.io/ingress-nginx/internal/ingress/annotations/modsecurity"
38
39
"k8s.io/ingress-nginx/internal/ingress/annotations/ratelimit"
39
40
"k8s.io/ingress-nginx/internal/ingress/annotations/rewrite"
40
41
"k8s.io/ingress-nginx/internal/ingress/controller/config"
@@ -184,18 +185,18 @@ func TestBuildLuaSharedDictionaries(t *testing.T) {
184
185
},
185
186
}
186
187
187
- config := buildLuaSharedDictionaries (servers , false )
188
- if ! strings .Contains (config , "lua_shared_dict configuration_data" ) {
189
- t .Errorf ("expected to include 'configuration_data' but got %s" , config )
188
+ configuration := buildLuaSharedDictionaries (servers , false )
189
+ if ! strings .Contains (configuration , "lua_shared_dict configuration_data" ) {
190
+ t .Errorf ("expected to include 'configuration_data' but got %s" , configuration )
190
191
}
191
- if strings .Contains (config , "waf_storage" ) {
192
- t .Errorf ("expected to not include 'waf_storage' but got %s" , config )
192
+ if strings .Contains (configuration , "waf_storage" ) {
193
+ t .Errorf ("expected to not include 'waf_storage' but got %s" , configuration )
193
194
}
194
195
195
196
servers [1 ].Locations [0 ].LuaRestyWAF = luarestywaf.Config {Mode : "ACTIVE" }
196
- config = buildLuaSharedDictionaries (servers , false )
197
- if ! strings .Contains (config , "lua_shared_dict waf_storage" ) {
198
- t .Errorf ("expected to configure 'waf_storage', but got %s" , config )
197
+ configuration = buildLuaSharedDictionaries (servers , false )
198
+ if ! strings .Contains (configuration , "lua_shared_dict waf_storage" ) {
199
+ t .Errorf ("expected to configure 'waf_storage', but got %s" , configuration )
199
200
}
200
201
}
201
202
@@ -1212,3 +1213,56 @@ func TestStripLocationModifer(t *testing.T) {
1212
1213
t .Errorf ("Expected '%v' but returned '%v'" , expected , actual )
1213
1214
}
1214
1215
}
1216
+
1217
+ func TestShouldLoadModSecurityModule (t * testing.T ) {
1218
+ // ### Invalid argument type tests ###
1219
+ // The first tests should return false.
1220
+ expected := false
1221
+
1222
+ invalidType := & ingress.Ingress {}
1223
+ actual := shouldLoadModSecurityModule (config.Configuration {}, invalidType )
1224
+ if expected != actual {
1225
+ t .Errorf ("Expected '%v' but returned '%v'" , expected , actual )
1226
+ }
1227
+
1228
+ actual = shouldLoadModSecurityModule (invalidType , []* ingress.Server {})
1229
+ if expected != actual {
1230
+ t .Errorf ("Expected '%v' but returned '%v'" , expected , actual )
1231
+ }
1232
+
1233
+ // ### Functional tests ###
1234
+ actual = shouldLoadModSecurityModule (config.Configuration {}, []* ingress.Server {})
1235
+ if expected != actual {
1236
+ t .Errorf ("Expected '%v' but returned '%v'" , expected , actual )
1237
+ }
1238
+
1239
+ // All further tests should return true.
1240
+ expected = true
1241
+
1242
+ configuration := config.Configuration {EnableModsecurity : true }
1243
+ actual = shouldLoadModSecurityModule (configuration , []* ingress.Server {})
1244
+ if expected != actual {
1245
+ t .Errorf ("Expected '%v' but returned '%v'" , expected , actual )
1246
+ }
1247
+
1248
+ servers := []* ingress.Server {
1249
+ {
1250
+ Locations : []* ingress.Location {
1251
+ {
1252
+ ModSecurity : modsecurity.Config {
1253
+ Enable : true ,
1254
+ },
1255
+ },
1256
+ },
1257
+ },
1258
+ }
1259
+ actual = shouldLoadModSecurityModule (config.Configuration {}, servers )
1260
+ if expected != actual {
1261
+ t .Errorf ("Expected '%v' but returned '%v'" , expected , actual )
1262
+ }
1263
+
1264
+ actual = shouldLoadModSecurityModule (configuration , servers )
1265
+ if expected != actual {
1266
+ t .Errorf ("Expected '%v' but returned '%v'" , expected , actual )
1267
+ }
1268
+ }
0 commit comments