Content Cache Charm

Merge ~hloeung/content-cache-charm:fixes into content-cache-charm:master

  1. Git
  2. lp:~hloeung/content-cache-charm
  3. fixes
  4. Merge into master
Proposed by Haw Loeung
Status: Merged
Approved by: James Simpson
Approved revision: 638443bfad70b34556adc506a27193ca417b6f14
Merged at revision: d527d38fa781c977cbe19256adfc8198e102ec07
Proposed branch: ~hloeung/content-cache-charm:fixes
Merge into: content-cache-charm:master
Diff against target: 232 lines (+60/-1)
12 files modified
reactive/content_cache.py (+5/-1)
tests/unit/files/config_test_config.txt (+12/-0)
tests/unit/files/content_cache_rendered_haproxy_test_output.txt (+5/-0)
tests/unit/files/content_cache_rendered_haproxy_test_output_auto_maxconns.txt (+5/-0)
tests/unit/files/content_cache_rendered_haproxy_test_output_load_balancing_algorithm.txt (+5/-0)
tests/unit/files/content_cache_rendered_haproxy_test_output_processes_and_threads.txt (+5/-0)
tests/unit/files/content_cache_rendered_haproxy_test_output_processes_and_threads_haproxy2.txt (+5/-0)
tests/unit/files/haproxy_config_rendered_backends_stanzas_test_output.txt (+1/-0)
tests/unit/files/haproxy_config_rendered_test_output.txt (+1/-0)
tests/unit/files/haproxy_config_rendered_test_output2.txt (+1/-0)
tests/unit/files/haproxy_config_rendered_test_output_with_extra_configs.txt (+1/-0)
tests/unit/files/nginx_config_rendered_test_output-site2.local.txt (+14/-0)
Reviewer Review Type Date Requested Status
James Simpson Approve
Canonical IS Reviewers Pending
Review via email: mp+465893@code.launchpad.net

Commit message

Fix duplicate X-F-F headers when more than one location

To post a comment you must log in.
Revision history for this message
🤖 Canonical IS Merge Bot (canonical-is-mergebot) wrote :

This merge proposal is being monitored by mergebot. Change the status to Approved to merge.

Revision history for this message
James Simpson (jsimpso) wrote :

LGTM

review: Approve
Revision history for this message
🤖 Canonical IS Merge Bot (canonical-is-mergebot) wrote :

Change successfully merged at revision d527d38fa781c977cbe19256adfc8198e102ec07

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
diff --git a/reactive/content_cache.py b/reactive/content_cache.py
index ebbb3ab..c110cd2 100644
--- a/reactive/content_cache.py
+++ b/reactive/content_cache.py
@@ -345,7 +345,11 @@ def configure_haproxy(): # NOQA: C901 LP#1825084
345 new_cached_loc_conf['backend-options'] = site_conf.get('haproxy-extra-configs', [])345 new_cached_loc_conf['backend-options'] = site_conf.get('haproxy-extra-configs', [])
346 # Rather than enable haproxy's 'option forwardfor' we want to replace346 # Rather than enable haproxy's 'option forwardfor' we want to replace
347 # the X-F-F header in case it's spoofed.347 # the X-F-F header in case it's spoofed.
348 new_cached_loc_conf['backend-options'].insert(0, 'http-request set-header X-Forwarded-For %[src]')348 if (
349 len(new_cached_loc_conf['backend-options']) == 0
350 or new_cached_loc_conf['backend-options'][0] != 'http-request set-header X-Forwarded-For %[src]'
351 ):
352 new_cached_loc_conf['backend-options'].insert(0, 'http-request set-header X-Forwarded-For %[src]')
349353
350 new_cached_loc_conf['rate-limit'] = loc_conf.get('rate-limit', '')354 new_cached_loc_conf['rate-limit'] = loc_conf.get('rate-limit', '')
351355
diff --git a/tests/unit/files/config_test_config.txt b/tests/unit/files/config_test_config.txt
index eab890b..c4f748b 100644
--- a/tests/unit/files/config_test_config.txt
+++ b/tests/unit/files/config_test_config.txt
@@ -30,14 +30,26 @@ site2.local:
30 - 127.0.1.10:44330 - 127.0.1.10:443
31 - 127.0.1.11:44331 - 127.0.1.11:443
32 - 127.0.1.12:44332 - 127.0.1.12:443
33 backend-options: ['http-request set-header X-Forwarded-For %[src]']
33 /my-local-content/:34 /my-local-content/:
34 extra-config:35 extra-config:
35 - root /var/www/html36 - root /var/www/html
36 /my-local-content2/:37 /my-local-content2/:
37 extra-configs:38 extra-configs:
38 - root /var/www/html39 - root /var/www/html
40 /.well-known/matrix/server:
41 extra-config:
42 - "return 200 '{\"m.server\": \"chat-server.ubuntu.com:443\"}'"
43 /.well-known/matrix/client:
44 extra-config:
45 - "return 200 '{\"m.homeserver\": {\"base_url\": \"https://chat-server.ubuntu.com\"}}'"
39 # Test default site with only a single backend.46 # Test default site with only a single backend.
40 default: True47 default: True
48 haproxy-extra-configs:
49 - http-request set-var(txn.path) path
50 - acl p_matrix var(txn.path) -m beg /.well-known/matrix
51 - http-response set-header Content-Type application/json if p_matrix
52 - http-response set-header Access-Control-Allow-Origin * if p_matrix
4153
42# Test 3: No port, just backends (HTTP), with custom cache-maxconn54# Test 3: No port, just backends (HTTP), with custom cache-maxconn
43site3.local:55site3.local:
diff --git a/tests/unit/files/content_cache_rendered_haproxy_test_output.txt b/tests/unit/files/content_cache_rendered_haproxy_test_output.txt
index c08bb5a..6d6cbed 100644
--- a/tests/unit/files/content_cache_rendered_haproxy_test_output.txt
+++ b/tests/unit/files/content_cache_rendered_haproxy_test_output.txt
@@ -209,12 +209,17 @@ backend backend-cached-site2-local
209 http-request set-header X-Orig-Host %[req.hdr(Host)]209 http-request set-header X-Orig-Host %[req.hdr(Host)]
210 http-request set-header Host site2.local210 http-request set-header Host site2.local
211 http-request set-header X-Forwarded-For %[src]211 http-request set-header X-Forwarded-For %[src]
212 http-request set-var(txn.path) path
213 acl p_matrix var(txn.path) -m beg /.well-known/matrix
214 http-response set-header Content-Type application/json if p_matrix
215 http-response set-header Access-Control-Allow-Origin * if p_matrix
212 balance leastconn216 balance leastconn
213 server server_1 127.0.0.1:6081 check inter 2s rise 2 fall 60 maxconn 3072217 server server_1 127.0.0.1:6081 check inter 2s rise 2 fall 60 maxconn 3072
214218
215backend backend-site2-local219backend backend-site2-local
216 option httpchk GET /check/ HTTP/1.1\r\nHost:\ site2.local\r\nUser-Agent:\ haproxy/httpchk220 option httpchk GET /check/ HTTP/1.1\r\nHost:\ site2.local\r\nUser-Agent:\ haproxy/httpchk
217 http-request set-header Host site2.local221 http-request set-header Host site2.local
222 http-request set-header X-Forwarded-For %[src]
218 option redispatch 1223 option redispatch 1
219 balance leastconn224 balance leastconn
220 server server_1 127.0.1.10:443 check inter 5s rise 2 fall 5 maxconn 1024 ssl sni str(site2.local) check-sni site2.local verify required ca-file ca-certificates.crt225 server server_1 127.0.1.10:443 check inter 5s rise 2 fall 5 maxconn 1024 ssl sni str(site2.local) check-sni site2.local verify required ca-file ca-certificates.crt
diff --git a/tests/unit/files/content_cache_rendered_haproxy_test_output_auto_maxconns.txt b/tests/unit/files/content_cache_rendered_haproxy_test_output_auto_maxconns.txt
index bece830..56189ae 100644
--- a/tests/unit/files/content_cache_rendered_haproxy_test_output_auto_maxconns.txt
+++ b/tests/unit/files/content_cache_rendered_haproxy_test_output_auto_maxconns.txt
@@ -209,12 +209,17 @@ backend backend-cached-site2-local
209 http-request set-header X-Orig-Host %[req.hdr(Host)]209 http-request set-header X-Orig-Host %[req.hdr(Host)]
210 http-request set-header Host site2.local210 http-request set-header Host site2.local
211 http-request set-header X-Forwarded-For %[src]211 http-request set-header X-Forwarded-For %[src]
212 http-request set-var(txn.path) path
213 acl p_matrix var(txn.path) -m beg /.well-known/matrix
214 http-response set-header Content-Type application/json if p_matrix
215 http-response set-header Access-Control-Allow-Origin * if p_matrix
212 balance leastconn216 balance leastconn
213 server server_1 127.0.0.1:6081 check inter 2s rise 2 fall 60 maxconn 3072217 server server_1 127.0.0.1:6081 check inter 2s rise 2 fall 60 maxconn 3072
214218
215backend backend-site2-local219backend backend-site2-local
216 option httpchk GET /check/ HTTP/1.1\r\nHost:\ site2.local\r\nUser-Agent:\ haproxy/httpchk220 option httpchk GET /check/ HTTP/1.1\r\nHost:\ site2.local\r\nUser-Agent:\ haproxy/httpchk
217 http-request set-header Host site2.local221 http-request set-header Host site2.local
222 http-request set-header X-Forwarded-For %[src]
218 option redispatch 1223 option redispatch 1
219 balance leastconn224 balance leastconn
220 server server_1 127.0.1.10:443 check inter 5s rise 2 fall 5 maxconn 1024 ssl sni str(site2.local) check-sni site2.local verify required ca-file ca-certificates.crt225 server server_1 127.0.1.10:443 check inter 5s rise 2 fall 5 maxconn 1024 ssl sni str(site2.local) check-sni site2.local verify required ca-file ca-certificates.crt
diff --git a/tests/unit/files/content_cache_rendered_haproxy_test_output_load_balancing_algorithm.txt b/tests/unit/files/content_cache_rendered_haproxy_test_output_load_balancing_algorithm.txt
index f05826e..032728a 100644
--- a/tests/unit/files/content_cache_rendered_haproxy_test_output_load_balancing_algorithm.txt
+++ b/tests/unit/files/content_cache_rendered_haproxy_test_output_load_balancing_algorithm.txt
@@ -209,12 +209,17 @@ backend backend-cached-site2-local
209 http-request set-header X-Orig-Host %[req.hdr(Host)]209 http-request set-header X-Orig-Host %[req.hdr(Host)]
210 http-request set-header Host site2.local210 http-request set-header Host site2.local
211 http-request set-header X-Forwarded-For %[src]211 http-request set-header X-Forwarded-For %[src]
212 http-request set-var(txn.path) path
213 acl p_matrix var(txn.path) -m beg /.well-known/matrix
214 http-response set-header Content-Type application/json if p_matrix
215 http-response set-header Access-Control-Allow-Origin * if p_matrix
212 balance roundrobin216 balance roundrobin
213 server server_1 127.0.0.1:6081 check inter 2s rise 2 fall 60 maxconn 3072217 server server_1 127.0.0.1:6081 check inter 2s rise 2 fall 60 maxconn 3072
214218
215backend backend-site2-local219backend backend-site2-local
216 option httpchk GET /check/ HTTP/1.1\r\nHost:\ site2.local\r\nUser-Agent:\ haproxy/httpchk220 option httpchk GET /check/ HTTP/1.1\r\nHost:\ site2.local\r\nUser-Agent:\ haproxy/httpchk
217 http-request set-header Host site2.local221 http-request set-header Host site2.local
222 http-request set-header X-Forwarded-For %[src]
218 option redispatch 1223 option redispatch 1
219 balance roundrobin224 balance roundrobin
220 server server_1 127.0.1.10:443 check inter 5s rise 2 fall 5 maxconn 1024 ssl sni str(site2.local) check-sni site2.local verify required ca-file ca-certificates.crt225 server server_1 127.0.1.10:443 check inter 5s rise 2 fall 5 maxconn 1024 ssl sni str(site2.local) check-sni site2.local verify required ca-file ca-certificates.crt
diff --git a/tests/unit/files/content_cache_rendered_haproxy_test_output_processes_and_threads.txt b/tests/unit/files/content_cache_rendered_haproxy_test_output_processes_and_threads.txt
index ddbc8c6..c72b5ee 100644
--- a/tests/unit/files/content_cache_rendered_haproxy_test_output_processes_and_threads.txt
+++ b/tests/unit/files/content_cache_rendered_haproxy_test_output_processes_and_threads.txt
@@ -210,12 +210,17 @@ backend backend-cached-site2-local
210 http-request set-header X-Orig-Host %[req.hdr(Host)]210 http-request set-header X-Orig-Host %[req.hdr(Host)]
211 http-request set-header Host site2.local211 http-request set-header Host site2.local
212 http-request set-header X-Forwarded-For %[src]212 http-request set-header X-Forwarded-For %[src]
213 http-request set-var(txn.path) path
214 acl p_matrix var(txn.path) -m beg /.well-known/matrix
215 http-response set-header Content-Type application/json if p_matrix
216 http-response set-header Access-Control-Allow-Origin * if p_matrix
213 balance leastconn217 balance leastconn
214 server server_1 127.0.0.1:6081 check inter 2s rise 2 fall 60 maxconn 3072218 server server_1 127.0.0.1:6081 check inter 2s rise 2 fall 60 maxconn 3072
215219
216backend backend-site2-local220backend backend-site2-local
217 option httpchk GET /check/ HTTP/1.1\r\nHost:\ site2.local\r\nUser-Agent:\ haproxy/httpchk221 option httpchk GET /check/ HTTP/1.1\r\nHost:\ site2.local\r\nUser-Agent:\ haproxy/httpchk
218 http-request set-header Host site2.local222 http-request set-header Host site2.local
223 http-request set-header X-Forwarded-For %[src]
219 option redispatch 1224 option redispatch 1
220 balance leastconn225 balance leastconn
221 server server_1 127.0.1.10:443 check inter 5s rise 2 fall 5 maxconn 1024 ssl sni str(site2.local) check-sni site2.local verify required ca-file ca-certificates.crt226 server server_1 127.0.1.10:443 check inter 5s rise 2 fall 5 maxconn 1024 ssl sni str(site2.local) check-sni site2.local verify required ca-file ca-certificates.crt
diff --git a/tests/unit/files/content_cache_rendered_haproxy_test_output_processes_and_threads_haproxy2.txt b/tests/unit/files/content_cache_rendered_haproxy_test_output_processes_and_threads_haproxy2.txt
index e48af71..c5251fa 100644
--- a/tests/unit/files/content_cache_rendered_haproxy_test_output_processes_and_threads_haproxy2.txt
+++ b/tests/unit/files/content_cache_rendered_haproxy_test_output_processes_and_threads_haproxy2.txt
@@ -213,6 +213,10 @@ backend backend-cached-site2-local
213 http-request set-header X-Orig-Host %[req.hdr(Host)]213 http-request set-header X-Orig-Host %[req.hdr(Host)]
214 http-request set-header Host site2.local214 http-request set-header Host site2.local
215 http-request set-header X-Forwarded-For %[src]215 http-request set-header X-Forwarded-For %[src]
216 http-request set-var(txn.path) path
217 acl p_matrix var(txn.path) -m beg /.well-known/matrix
218 http-response set-header Content-Type application/json if p_matrix
219 http-response set-header Access-Control-Allow-Origin * if p_matrix
216 balance leastconn220 balance leastconn
217 server server_1 127.0.0.1:6081 check inter 2s rise 2 fall 60 maxconn 3072221 server server_1 127.0.0.1:6081 check inter 2s rise 2 fall 60 maxconn 3072
218222
@@ -220,6 +224,7 @@ backend backend-site2-local
220 option httpchk GET /check/ HTTP/1.1224 option httpchk GET /check/ HTTP/1.1
221 http-check send hdr Host site2.local hdr User-Agent haproxy/httpchk225 http-check send hdr Host site2.local hdr User-Agent haproxy/httpchk
222 http-request set-header Host site2.local226 http-request set-header Host site2.local
227 http-request set-header X-Forwarded-For %[src]
223 retry-on all-retryable-errors228 retry-on all-retryable-errors
224 option redispatch 1229 option redispatch 1
225 balance leastconn230 balance leastconn
diff --git a/tests/unit/files/haproxy_config_rendered_backends_stanzas_test_output.txt b/tests/unit/files/haproxy_config_rendered_backends_stanzas_test_output.txt
index 565c469..48984b1 100644
--- a/tests/unit/files/haproxy_config_rendered_backends_stanzas_test_output.txt
+++ b/tests/unit/files/haproxy_config_rendered_backends_stanzas_test_output.txt
@@ -10,6 +10,7 @@ backend backend-site1-local
10backend backend-site2-local10backend backend-site2-local
11 option httpchk GET /check/ HTTP/1.1\r\nHost:\ site2.local\r\nUser-Agent:\ haproxy/httpchk11 option httpchk GET /check/ HTTP/1.1\r\nHost:\ site2.local\r\nUser-Agent:\ haproxy/httpchk
12 http-request set-header Host site2.local12 http-request set-header Host site2.local
13 http-request set-header X-Forwarded-For %[src]
13 balance leastconn14 balance leastconn
14 server server_1 127.0.1.10:443 check inter 5s rise 2 fall 5 maxconn 1024 ssl sni str(site2.local) check-sni site2.local verify required ca-file ca-certificates.crt15 server server_1 127.0.1.10:443 check inter 5s rise 2 fall 5 maxconn 1024 ssl sni str(site2.local) check-sni site2.local verify required ca-file ca-certificates.crt
15 server server_2 127.0.1.11:443 check inter 5s rise 2 fall 5 maxconn 1024 ssl sni str(site2.local) check-sni site2.local verify required ca-file ca-certificates.crt16 server server_2 127.0.1.11:443 check inter 5s rise 2 fall 5 maxconn 1024 ssl sni str(site2.local) check-sni site2.local verify required ca-file ca-certificates.crt
diff --git a/tests/unit/files/haproxy_config_rendered_test_output.txt b/tests/unit/files/haproxy_config_rendered_test_output.txt
index 4121b07..ba08267 100644
--- a/tests/unit/files/haproxy_config_rendered_test_output.txt
+++ b/tests/unit/files/haproxy_config_rendered_test_output.txt
@@ -126,6 +126,7 @@ backend backend-site1-local
126backend backend-site2-local126backend backend-site2-local
127 option httpchk GET /check/ HTTP/1.1\r\nHost:\ site2.local\r\nUser-Agent:\ haproxy/httpchk127 option httpchk GET /check/ HTTP/1.1\r\nHost:\ site2.local\r\nUser-Agent:\ haproxy/httpchk
128 http-request set-header Host site2.local128 http-request set-header Host site2.local
129 http-request set-header X-Forwarded-For %[src]
129 balance leastconn130 balance leastconn
130 server server_1 127.0.1.10:443 check inter 5s rise 2 fall 5 maxconn 1024 ssl sni str(site2.local) check-sni site2.local verify required ca-file ca-certificates.crt131 server server_1 127.0.1.10:443 check inter 5s rise 2 fall 5 maxconn 1024 ssl sni str(site2.local) check-sni site2.local verify required ca-file ca-certificates.crt
131 server server_2 127.0.1.11:443 check inter 5s rise 2 fall 5 maxconn 1024 ssl sni str(site2.local) check-sni site2.local verify required ca-file ca-certificates.crt132 server server_2 127.0.1.11:443 check inter 5s rise 2 fall 5 maxconn 1024 ssl sni str(site2.local) check-sni site2.local verify required ca-file ca-certificates.crt
diff --git a/tests/unit/files/haproxy_config_rendered_test_output2.txt b/tests/unit/files/haproxy_config_rendered_test_output2.txt
index 22c56ab..a5b3d08 100644
--- a/tests/unit/files/haproxy_config_rendered_test_output2.txt
+++ b/tests/unit/files/haproxy_config_rendered_test_output2.txt
@@ -126,6 +126,7 @@ backend backend-site1-local
126backend backend-site2-local126backend backend-site2-local
127 option httpchk GET /check/ HTTP/1.1\r\nHost:\ site2.local\r\nUser-Agent:\ haproxy/httpchk127 option httpchk GET /check/ HTTP/1.1\r\nHost:\ site2.local\r\nUser-Agent:\ haproxy/httpchk
128 http-request set-header Host site2.local128 http-request set-header Host site2.local
129 http-request set-header X-Forwarded-For %[src]
129 balance leastconn130 balance leastconn
130 server server_1 127.0.1.10:443 check inter 5s rise 2 fall 5 maxconn 1024 ssl sni str(site2.local) check-sni site2.local verify required ca-file ca-certificates.crt131 server server_1 127.0.1.10:443 check inter 5s rise 2 fall 5 maxconn 1024 ssl sni str(site2.local) check-sni site2.local verify required ca-file ca-certificates.crt
131 server server_2 127.0.1.11:443 check inter 5s rise 2 fall 5 maxconn 1024 ssl sni str(site2.local) check-sni site2.local verify required ca-file ca-certificates.crt132 server server_2 127.0.1.11:443 check inter 5s rise 2 fall 5 maxconn 1024 ssl sni str(site2.local) check-sni site2.local verify required ca-file ca-certificates.crt
diff --git a/tests/unit/files/haproxy_config_rendered_test_output_with_extra_configs.txt b/tests/unit/files/haproxy_config_rendered_test_output_with_extra_configs.txt
index 7166d28..0ec24fa 100644
--- a/tests/unit/files/haproxy_config_rendered_test_output_with_extra_configs.txt
+++ b/tests/unit/files/haproxy_config_rendered_test_output_with_extra_configs.txt
@@ -126,6 +126,7 @@ backend backend-site1-local
126backend backend-site2-local126backend backend-site2-local
127 option httpchk GET /check/ HTTP/1.1\r\nHost:\ site2.local\r\nUser-Agent:\ haproxy/httpchk127 option httpchk GET /check/ HTTP/1.1\r\nHost:\ site2.local\r\nUser-Agent:\ haproxy/httpchk
128 http-request set-header Host site2.local128 http-request set-header Host site2.local
129 http-request set-header X-Forwarded-For %[src]
129 balance leastconn130 balance leastconn
130 server server_1 127.0.1.10:443 check inter 5s rise 2 fall 5 maxconn 1024 ssl sni str(site2.local) check-sni site2.local verify required ca-file ca-certificates.crt131 server server_1 127.0.1.10:443 check inter 5s rise 2 fall 5 maxconn 1024 ssl sni str(site2.local) check-sni site2.local verify required ca-file ca-certificates.crt
131 server server_2 127.0.1.11:443 check inter 5s rise 2 fall 5 maxconn 1024 ssl sni str(site2.local) check-sni site2.local verify required ca-file ca-certificates.crt132 server server_2 127.0.1.11:443 check inter 5s rise 2 fall 5 maxconn 1024 ssl sni str(site2.local) check-sni site2.local verify required ca-file ca-certificates.crt
diff --git a/tests/unit/files/nginx_config_rendered_test_output-site2.local.txt b/tests/unit/files/nginx_config_rendered_test_output-site2.local.txt
index 6264b6e..b3392bd 100644
--- a/tests/unit/files/nginx_config_rendered_test_output-site2.local.txt
+++ b/tests/unit/files/nginx_config_rendered_test_output-site2.local.txt
@@ -43,6 +43,20 @@ server {
43 root /var/www/html;43 root /var/www/html;
44 }44 }
4545
46
47 location /.well-known/matrix/server {
48 proxy_cache 9813f9fe7826-cache;
49 add_header X-Cache-Status "$upstream_cache_status from mock-content-cache/0";
50 return 200 '{"m.server": "chat-server.ubuntu.com:443"}';
51 }
52
53
54 location /.well-known/matrix/client {
55 proxy_cache 9813f9fe7826-cache;
56 add_header X-Cache-Status "$upstream_cache_status from mock-content-cache/0";
57 return 200 '{"m.homeserver": {"base_url": "https://chat-server.ubuntu.com"}}';
58 }
59
46 location /_status/content-cache-check {60 location /_status/content-cache-check {
47 stub_status;61 stub_status;
48 }62 }

Subscribers

People subscribed via source and target branches