From 6a78ba19e6fcdeb9232b4d4c9e6da2f349978b7c Mon Sep 17 00:00:00 2001 From: Shane Hutchins Date: Mon, 18 Jul 2022 12:58:38 -0400 Subject: [PATCH 1/5] Healthcheck improvement --- README.md | 3 ++- server.py | 12 +++++++++++- 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index de8460f..5e19f30 100644 --- a/README.md +++ b/README.md @@ -42,7 +42,8 @@ python server.py ``` ## Integration testing -Every call should provide authorization header with a bearer token verifiable by referenced entitlements service. +Policy service requires OPA and entitlement service to be available. +Every API call (except /health) should provide authorization header with a bearer token verifiable by referenced entitlements service. ### Add policy ``` diff --git a/server.py b/server.py index a8860bd..0bd8a89 100644 --- a/server.py +++ b/server.py @@ -178,7 +178,17 @@ def modify_headers(response): @app.route(conf.SERVICE_BASE_PATH + "/health", methods=['GET']) def health(): - return {'message': 'Healthy'} + """ + Health check endpoint, which depends on OPA being available and healthy. + """ + url = conf.OPA_URL + "/health" + try: + r = requests.get(url) + if r.ok: + return {'message': 'Healthy'} + except Exception as e: + logging.error(f"Connection error to OPA {url}: {e}") + abort(make_response(jsonify(message="NotHealthy - OPA NotHealthy"), 400)) if __name__ == "__main__": for handler in logging.root.handlers[:]: -- GitLab From 67e596abf8d56e4872085d4a9eb88b5bebf1c3d8 Mon Sep 17 00:00:00 2001 From: Shane Hutchins Date: Mon, 18 Jul 2022 13:33:14 -0400 Subject: [PATCH 2/5] Update for unit test and misconfiguration --- server.py | 7 ++++++- tests/unit/test_api.py | 3 ++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/server.py b/server.py index 0bd8a89..6b4e107 100644 --- a/server.py +++ b/server.py @@ -181,7 +181,12 @@ def health(): """ Health check endpoint, which depends on OPA being available and healthy. """ - url = conf.OPA_URL + "/health" + try: + url = conf.OPA_URL + "/health" + except NameError: + logging.error(f"conf.OPA_URL undefined") + abort(make_response(jsonify(message="NotHealthy - OPA configuration issue"), 400)) + try: r = requests.get(url) if r.ok: diff --git a/tests/unit/test_api.py b/tests/unit/test_api.py index 3cfb041..3b56cfe 100644 --- a/tests/unit/test_api.py +++ b/tests/unit/test_api.py @@ -24,8 +24,9 @@ def client(app): return app.test_client() def test_health(): + """Check Health API""" resp = health() - assert resp== {'message': 'Healthy'} + assert resp == {'message': 'Healthy'} or resp == {'message': 'NotHealthy - OPA NotHealthy'} def test_fetch_all_policies(client): "Test case to fetch all the policy" -- GitLab From 519e35a24860565dc4d1a753ed25bc9002e200bb Mon Sep 17 00:00:00 2001 From: Shane Hutchins Date: Mon, 18 Jul 2022 13:36:42 -0400 Subject: [PATCH 3/5] minor fix --- server.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/server.py b/server.py index 6b4e107..67b1d09 100644 --- a/server.py +++ b/server.py @@ -185,7 +185,7 @@ def health(): url = conf.OPA_URL + "/health" except NameError: logging.error(f"conf.OPA_URL undefined") - abort(make_response(jsonify(message="NotHealthy - OPA configuration issue"), 400)) + abort(make_response(jsonify(message="NotHealthy - OPA configuration issue"), 400)) try: r = requests.get(url) -- GitLab From 750f056e901d371697bfd4c9c8694acc353c0faa Mon Sep 17 00:00:00 2001 From: Shane Hutchins Date: Mon, 18 Jul 2022 14:28:06 -0400 Subject: [PATCH 4/5] updating unit test --- server.py | 4 ++-- tests/unit/test_api.py | 8 +++++--- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/server.py b/server.py index 67b1d09..b8f9103 100644 --- a/server.py +++ b/server.py @@ -192,8 +192,8 @@ def health(): if r.ok: return {'message': 'Healthy'} except Exception as e: - logging.error(f"Connection error to OPA {url}: {e}") - abort(make_response(jsonify(message="NotHealthy - OPA NotHealthy"), 400)) + logging.warning(f"Connection error to OPA {url}: {e}") + return {'message': 'NotHealthy - OPA NotHealthy'}, 503 if __name__ == "__main__": for handler in logging.root.handlers[:]: diff --git a/tests/unit/test_api.py b/tests/unit/test_api.py index 3b56cfe..aca30ff 100644 --- a/tests/unit/test_api.py +++ b/tests/unit/test_api.py @@ -1,5 +1,6 @@ import pytest import requests +import json from flask import Response from server import app, health, fetch_all_policies from server import app as flask_app @@ -23,10 +24,11 @@ def client(app): """A test client for the app.""" return app.test_client() -def test_health(): +def test_health(client): """Check Health API""" - resp = health() - assert resp == {'message': 'Healthy'} or resp == {'message': 'NotHealthy - OPA NotHealthy'} + response = client.get(BASE_PATH+"/health") + # Allow 503 for when OPA isn't available in unit testing + assert response.status_code == 200 or response.status_code == 503 def test_fetch_all_policies(client): "Test case to fetch all the policy" -- GitLab From 7d77c89a88f0c7f7662da075a16cbc70f5852a55 Mon Sep 17 00:00:00 2001 From: Shane Hutchins Date: Mon, 18 Jul 2022 14:56:17 -0400 Subject: [PATCH 5/5] updating unit test --- tests/unit/test_api.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/tests/unit/test_api.py b/tests/unit/test_api.py index aca30ff..1a13d07 100644 --- a/tests/unit/test_api.py +++ b/tests/unit/test_api.py @@ -1,6 +1,5 @@ import pytest import requests -import json from flask import Response from server import app, health, fetch_all_policies from server import app as flask_app @@ -62,4 +61,4 @@ def test_fetch_policy(client): # def test_delete_policy(): # "Test case to delete single policy" # response = requests.delete(SERVER_URL+BASE_PATH+"/policies/storageTest") -# assert response.status_code == 200 \ No newline at end of file +# assert response.status_code == 200 -- GitLab