Fix Eirini being unable to communicate with CC on k8s

Aakash Shah · Sannidhi Jalukar · commit 56797425abdb · 2020-04-20T11:34:38.000-07:00
* When deployed on K8s, istio handles transparently applying mTLS to network traffic.

[#172321999]
diff --git a/lib/cloud_controller/opi/stager_client.rb b/lib/cloud_controller/opi/stager_client.rb
@@ -117,8 +117,13 @@ def get_lifecycle(staging_details, staging_guid, action_builder)
     end
 
     def staging_completion_callback(staging_details)
-      port   = config.get(:tls_port)
-      scheme = 'https'
+      if !!config.get(:kubernetes, :host_url)
+        port   = 80
+        scheme = 'http'
+      else
+        port   = config.get(:tls_port)
+        scheme = 'https'
+      end
 
       auth      = "#{config.get(:internal_api, :auth_user)}:#{CGI.escape(config.get(:internal_api, :auth_password))}"
       host_port = "#{config.get(:internal_service_hostname)}:#{port}"
diff --git a/spec/unit/lib/cloud_controller/opi/stager_client_spec.rb b/spec/unit/lib/cloud_controller/opi/stager_client_spec.rb
@@ -13,11 +13,13 @@
         auth_user: 'internal_user',
         auth_password: 'internal_password'
       },
-      internal_service_hostname: 'api.internal.cf'
+      internal_service_hostname: 'api.internal.cf',
+      kubernetes: kubernetes_config,
     )
   end
   let(:eirini_url) { 'http://eirini.loves.heimdall:777' }
   let(:staging_guid) { 'some_staging_guid' }
+  let(:kubernetes_config) { {} }
 
   let(:staging_details) { stub_staging_details(lifecycle_type) }
   let(:lifecycle_data) { stub_lifecycle_data }
@@ -186,6 +188,22 @@
         }.to_json
         )
       end
+
+      context 'when kubernetes is configured' do
+        let(:kubernetes_config) do
+          {
+            host_url: 'https://master.default.svc.cluster-domain.example',
+          }
+        end
+
+        it 'configures the callback url with http and relies on Istio for mTLS' do
+          stager_client.stage(staging_guid, staging_details)
+          expect(WebMock).to have_requested(:post, "#{eirini_url}/stage/#{staging_guid}").with { |req|
+            parsed_json = JSON.parse(req.body)
+            parsed_json['completion_callback'] == 'http://internal_user:internal_password@api.internal.cf:80/internal/v3/staging//build_completed?start='
+          }
+        end
+      end
     end
   end
 
