[
https://issues.apache.org/jira/browse/KNOX-3300?focusedWorklogId=1016652&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-1016652
]
ASF GitHub Bot logged work on KNOX-3300:
----------------------------------------
Author: ASF GitHub Bot
Created on: 21/Apr/26 10:52
Start Date: 21/Apr/26 10:52
Worklog Time Spent: 10m
Work Description: hanicz commented on code in PR #1202:
URL: https://github.com/apache/knox/pull/1202#discussion_r3116867883
##########
.github/workflows/tests/test_health.py:
##########
@@ -92,6 +99,112 @@ def test_health_ping_content_type_is_plain_text(self):
content_type = response.headers.get("Content-Type", "")
self.assertIn("text/plain", content_type)
-if __name__ == '__main__':
- unittest.main()
+class TestHealthGatewayExtended(unittest.TestCase):
+ """Anonymous HEALTH topology: gateway-status, ping variants, metrics keys,
routing."""
+
+ def setUp(self):
+ self.base_url = gateway_base_url()
+
+ def test_health_gateway_status_returns_ok_or_pending_plain_text(self):
+ """gateway-status is 200 text/plain with body OK or PENDING."""
+ url = self.base_url + "gateway/health/v1/gateway-status"
+ r = knox_get(url)
+ self.assertEqual(r.status_code, 200)
+ self.assertIn("text/plain", r.headers.get("Content-Type", ""))
+ self.assertIn(r.text.strip(), ("OK", "PENDING"))
+
+ def test_health_ping_post_returns_ok(self):
+ """POST /v1/ping matches GET semantics for the health service."""
+ url = self.base_url + "gateway/health/v1/ping"
+ r = knox_post(url)
+ self.assertEqual(r.status_code, 200)
+ self.assertEqual(r.text.strip(), "OK")
+
+ def test_health_ping_sets_cache_control_no_store(self):
+ """Ping uses must-revalidate,no-cache,no-store (see PingResource)."""
+ url = self.base_url + "gateway/health/v1/ping"
+ r = knox_get(url)
+ self.assertEqual(r.status_code, 200)
+ cc = r.headers.get("Cache-Control", "")
+ self.assertIn("no-store", cc)
+ self.assertIn("no-cache", cc)
+
+ def test_health_metrics_pretty_includes_all_core_top_level_keys(self):
+ """Pretty metrics JSON includes
timers/histograms/counters/gauges/version/meters."""
+ payload = health_metrics_pretty_dict(self.base_url)
+ self.assertTrue(
+ METRICS_TOP_LEVEL_KEYS.issubset(payload.keys()),
+ msg=f"Missing keys: {METRICS_TOP_LEVEL_KEYS -
set(payload.keys())}",
+ )
+
+ def test_health_metrics_without_pretty_includes_same_top_level_keys(self):
Review Comment:
I think there are test duplications with this new PR. For example we already
have `test_health_metrics_without_pretty_returns_json` which does the same.
Issue Time Tracking
-------------------
Worklog Id: (was: 1016652)
Remaining Estimate: 47.5h (was: 47h 40m)
Time Spent: 0.5h (was: 20m)
> Add Python workflow integration tests for Health API, KnoxLDAP auth,
> KNOXTOKEN, RemoteAuth, and global HSTS
> -----------------------------------------------------------------------------------------------------------
>
> Key: KNOX-3300
> URL: https://issues.apache.org/jira/browse/KNOX-3300
> Project: Apache Knox
> Issue Type: Improvement
> Components: KnoxCLI
> Reporter: Raghav Maheshwari
> Priority: Major
> Original Estimate: 48h
> Time Spent: 0.5h
> Remaining Estimate: 47.5h
>
> Add HTTP integration tests under {{.github/workflows/tests/}} that run
> against the gateway in CI. Tests use {{unittest}} + {{{}pytest{}}},
> {{requests}} (via {{{}common_utils{}}}), and assert behavior through status
> codes, headers, and JSON only.
> h3. Scope (by file / area)
> {{test_health.py}}
> * Health topology — ping: GET/POST {{/gateway/health/v1/ping}} (200, body
> {{{}OK{}}}), {{{}text/plain{}}}, HSTS, Cache-Control (no-cache / no-store).
> * Metrics: {{/gateway/health/v1/metrics}} with and without {{{}pretty{}}};
> JSON shape; core top-level keys (timers, histograms, counters, gauges,
> version, meters); version string; section types
> (timers/histograms/counters/gauges/meters as dicts).
> * Gateway status: {{/gateway/health/v1/gateway-status}} (OK/PENDING, plain
> text, HSTS, cache headers).
> * Routing: unknown topology → 404.
> {{test_knoxauth_preauth_and_paths.py}}
> * KnoxLDAP {{{}auth/api/v1/pre{}}}: unauthenticated and bad credentials →
> 401; POST/GET with guest; GET with admin and LDAP-mapped group headers
> ({{{}longGroupName*{}}}).
> * KnoxLDAP {{{}auth/api/v1/extauthz{}}}: extra path segment → 404 (path not
> ignored).
> {{test_knox_auth_service_and_LDAP.py}}
> * Extauthz guest/admin actor and admin group headers.
> * KNOXTOKEN under knoxldap: JWKS (JSON + {{{}keys{}}}), token v1/v2 with
> guest (access_token, JWT-like shape), v1/v2 without auth → 401.
> * Extauthz without credentials → 401.
> {{test_remote_auth.py}}
> * RemoteAuth {{{}gateway/remoteauth/auth/api/v1/pre{}}}: guest 200 and
> X-Knox-Actor-ID; admin and group headers; bad credentials → 401; POST pre
> with guest → 200; no Authorization → 500 (error path).
> {{test_remoteauth_extauthz_additional_path.py}}
> * RemoteAuth extauthz: guest 200; extra path segments ignored (including
> deep path); admin actor + groups; bad creds → 401; no creds → 500.
> {{test_knox_configs.py}}
> * Global HSTS on 404 for a non-existent gateway path (with Basic auth on the
> request).
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
