3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-07-09 12:58:22 +02:00
Code Issues Projects Releases Packages Wiki Activity

config: add runtime flags

Browse source
This commit is contained in:
Denis Mishin 2024-04-01 17:29:40 -04:00
parent 84b44ae2e6
commit be9c14fc04
13 changed files with 486 additions and 212 deletions
Download patch file Download diff file Expand all files Collapse all files

18
config/options_test.go
View file

@ -384,7 +384,7 @@ func Test_Checksum(t *testing.T) {
func TestOptionsFromViper(t *testing.T) {
opts := []cmp.Option{
cmpopts.IgnoreFields(Options{}, "CookieSecret", "GRPCInsecure", "GRPCAddr", "DataBrokerURLString", "DataBrokerURLStrings", "AuthorizeURLString", "AuthorizeURLStrings", "DefaultUpstreamTimeout", "CookieExpire", "Services", "Addr", "LogLevel", "KeyFile", "CertFile", "SharedKey", "ReadTimeout", "IdleTimeout", "GRPCClientTimeout", "GRPCClientDNSRoundRobin", "TracingSampleRate", "ProgrammaticRedirectDomainWhitelist"),
cmpopts.IgnoreFields(Options{}, "CookieSecret", "GRPCInsecure", "GRPCAddr", "DataBrokerURLString", "DataBrokerURLStrings", "AuthorizeURLString", "AuthorizeURLStrings", "DefaultUpstreamTimeout", "CookieExpire", "Services", "Addr", "LogLevel", "KeyFile", "CertFile", "SharedKey", "ReadTimeout", "IdleTimeout", "GRPCClientTimeout", "GRPCClientDNSRoundRobin", "TracingSampleRate", "ProgrammaticRedirectDomainWhitelist", "RuntimeFlags"),
cmpopts.IgnoreFields(Policy{}, "EnvoyOpts"),
cmpOptIgnoreUnexported,
}
@ -426,6 +426,22 @@ func TestOptionsFromViper(t *testing.T) {
},
false,
},
{
"good disable header",
[]byte(`{"autocert_dir":"","insecure_server":true,"set_response_headers": {"disable":"true"},"policy":[{"from": "https://from.example","to":"https://to.example"}]}`),
&Options{
Policies: []Policy{{From: "https://from.example", To: mustParseWeightedURLs(t, "https://to.example")}},
CookieName: "_pomerium",
AuthenticateCallbackPath: "/oauth2/callback",
CookieHTTPOnly: true,
InsecureServer: true,
SetResponseHeaders: map[string]string{"disable": "true"},
DataBrokerStorageType: "memory",
EnvoyAdminAccessLogPath: os.DevNull,
EnvoyAdminProfilePath: os.DevNull,
},
false,
},
{"bad url", []byte(`{"policy":[{"from": "https://","to":"https://to.example"}]}`), nil, true},
{"bad policy", []byte(`{"policy":[{"allow_public_unauthenticated_access": "dog","to":"https://to.example"}]}`), nil, true},
{"bad file", []byte(`{''''}`), nil, true},