From b6523578f1cab2d7af3e7ad4aa985b29a9a23f94 Mon Sep 17 00:00:00 2001
From: Venktesh <ve.patel@f5.com>
Date: Fri, 30 Sep 2022 10:20:31 +0100
Subject: [PATCH 1/6] add canary header and update ap waf log pod

---
 tests/suite/test_app_protect_waf_policies.py      | 15 +++++++--------
 tests/suite/test_virtual_server_focused_canary.py |  2 +-
 2 files changed, 8 insertions(+), 9 deletions(-)

diff --git a/tests/suite/test_app_protect_waf_policies.py b/tests/suite/test_app_protect_waf_policies.py
index 1f34c76cfa..57c9783e10 100644
--- a/tests/suite/test_app_protect_waf_policies.py
+++ b/tests/suite/test_app_protect_waf_policies.py
@@ -24,6 +24,7 @@
     get_file_contents,
     get_service_endpoint,
     wait_before_test,
+    get_pod_name_that_contains,
 )
 from suite.vs_vsr_resources_utils import (
     create_v_s_route_from_yaml,
@@ -311,8 +312,8 @@ def test_ap_waf_policy_multi_logs(
         create_items_from_yaml(kube_apis, src_syslog_yaml_additional, test_namespace)
         syslog_dst1 = f"syslog-svc.{test_namespace}"
         syslog_dst2 = f"syslog-svc-1.{test_namespace}"
-        syslog_pod = kube_apis.v1.list_namespaced_pod(test_namespace, label_selector="app=syslog").items
-        syslog_esc_pod = kube_apis.v1.list_namespaced_pod(test_namespace, label_selector="app=syslog-1").items
+        syslog_pod = get_pod_name_that_contains(kube_apis.v1, test_namespace, "syslog")
+        syslog_esc_pod = get_pod_name_that_contains(kube_apis.v1, test_namespace, "syslog-1")
         print(f"Create waf policy")
         create_ap_multilog_waf_policy_from_yaml(
             kube_apis.custom_objects,
@@ -346,20 +347,18 @@ def test_ap_waf_policy_multi_logs(
         print(response.text)
         log_contents = ""
         retry = 0
-        while "ASM:attack_type" not in log_contents and retry <= 30:
-            log_contents = get_file_contents(kube_apis.v1, log_loc, syslog_pod[0].metadata.name, test_namespace)
+        while "ASM:attack_type" not in log_contents and retry <= 60:
+            log_contents = get_file_contents(kube_apis.v1, log_loc, syslog_pod, test_namespace)
             retry += 1
             wait_before_test(1)
-            print(log_contents)
             print(f"Security log not updated, retrying... #{retry}")
 
         log_esc_contents = ""
         retry = 0
-        while "attack_type" not in log_esc_contents and retry <= 30:
-            log_esc_contents = get_file_contents(kube_apis.v1, log_loc, syslog_esc_pod[0].metadata.name, test_namespace)
+        while "attack_type" not in log_esc_contents and retry <= 60:
+            log_esc_contents = get_file_contents(kube_apis.v1, log_loc, syslog_esc_pod, test_namespace)
             retry += 1
             wait_before_test(1)
-            print(log_esc_contents)
             print(f"Security log not updated, retrying... #{retry}")
 
         delete_policy(kube_apis.custom_objects, "waf-policy", test_namespace)
diff --git a/tests/suite/test_virtual_server_focused_canary.py b/tests/suite/test_virtual_server_focused_canary.py
index f503f4c987..c4a3772e7b 100644
--- a/tests/suite/test_virtual_server_focused_canary.py
+++ b/tests/suite/test_virtual_server_focused_canary.py
@@ -60,7 +60,7 @@ def test_several_requests(self, kube_apis, crd_ingress_controller, virtual_serve
         counter_v1, counter_v2 = 0, 0
         for _ in range(100):
             ensure_response_from_backend(
-                virtual_server_setup.backend_1_url, virtual_server_setup.vs_host, check404=True
+                virtual_server_setup.backend_1_url, virtual_server_setup.vs_host, {"x-version": "canary"}, check404=True
             )
             resp = requests.get(
                 virtual_server_setup.backend_1_url,

From 977593208ee3c5f1bd0629684167d199a138d850 Mon Sep 17 00:00:00 2001
From: Venktesh <ve.patel@f5.com>
Date: Fri, 30 Sep 2022 10:23:28 +0100
Subject: [PATCH 2/6] make lint-python

---
 tests/suite/test_app_protect_waf_policies.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/suite/test_app_protect_waf_policies.py b/tests/suite/test_app_protect_waf_policies.py
index 57c9783e10..3e47d6c452 100644
--- a/tests/suite/test_app_protect_waf_policies.py
+++ b/tests/suite/test_app_protect_waf_policies.py
@@ -22,9 +22,9 @@
     create_items_from_yaml,
     delete_items_from_yaml,
     get_file_contents,
+    get_pod_name_that_contains,
     get_service_endpoint,
     wait_before_test,
-    get_pod_name_that_contains,
 )
 from suite.vs_vsr_resources_utils import (
     create_v_s_route_from_yaml,

From 5f1aeb8f3f875ae97ef9eac4dcf7cc1c29ad4358 Mon Sep 17 00:00:00 2001
From: Venktesh <ve.patel@f5.com>
Date: Fri, 30 Sep 2022 10:29:41 +0100
Subject: [PATCH 3/6] change function call location

---
 tests/suite/test_app_protect_integration.py  | 5 ++---
 tests/suite/test_app_protect_waf_policies.py | 4 ++--
 2 files changed, 4 insertions(+), 5 deletions(-)

diff --git a/tests/suite/test_app_protect_integration.py b/tests/suite/test_app_protect_integration.py
index c76a415fde..2a96f86538 100644
--- a/tests/suite/test_app_protect_integration.py
+++ b/tests/suite/test_app_protect_integration.py
@@ -340,9 +340,6 @@ def test_ap_multi_sec_logs(
         syslog_dst = f"syslog-svc.{test_namespace}"
         syslog2_dst = f"syslog2-svc.{test_namespace}"
 
-        syslog_pod = get_pod_name_that_contains(kube_apis.v1, test_namespace, "syslog-")
-        syslog2_pod = get_pod_name_that_contains(kube_apis.v1, test_namespace, "syslog2")
-
         with open(src_ing_yaml) as f:
             doc = yaml.safe_load(f)
 
@@ -369,6 +366,8 @@ def test_ap_multi_sec_logs(
         print("----------------------- Send request ----------------------")
         response = requests.get(appprotect_setup.req_url + "/<script>", headers={"host": ingress_host}, verify=False)
         print(response.text)
+        syslog_pod = get_pod_name_that_contains(kube_apis.v1, test_namespace, "syslog-")
+        syslog2_pod = get_pod_name_that_contains(kube_apis.v1, test_namespace, "syslog2")
         log_contents = ""
         log2_contents = ""
         retry = 0
diff --git a/tests/suite/test_app_protect_waf_policies.py b/tests/suite/test_app_protect_waf_policies.py
index 3e47d6c452..b75c7a00ec 100644
--- a/tests/suite/test_app_protect_waf_policies.py
+++ b/tests/suite/test_app_protect_waf_policies.py
@@ -312,8 +312,6 @@ def test_ap_waf_policy_multi_logs(
         create_items_from_yaml(kube_apis, src_syslog_yaml_additional, test_namespace)
         syslog_dst1 = f"syslog-svc.{test_namespace}"
         syslog_dst2 = f"syslog-svc-1.{test_namespace}"
-        syslog_pod = get_pod_name_that_contains(kube_apis.v1, test_namespace, "syslog")
-        syslog_esc_pod = get_pod_name_that_contains(kube_apis.v1, test_namespace, "syslog-1")
         print(f"Create waf policy")
         create_ap_multilog_waf_policy_from_yaml(
             kube_apis.custom_objects,
@@ -345,6 +343,8 @@ def test_ap_waf_policy_multi_logs(
             headers={"host": virtual_server_setup.vs_host},
         )
         print(response.text)
+        syslog_pod = get_pod_name_that_contains(kube_apis.v1, test_namespace, "syslog")
+        syslog_esc_pod = get_pod_name_that_contains(kube_apis.v1, test_namespace, "syslog-1")
         log_contents = ""
         retry = 0
         while "ASM:attack_type" not in log_contents and retry <= 60:

From 5c45d19893ede1cbdded9822d2b06dd18590e2d3 Mon Sep 17 00:00:00 2001
From: Venktesh <ve.patel@f5.com>
Date: Fri, 30 Sep 2022 13:06:22 +0100
Subject: [PATCH 4/6] Update syslog

---
 tests/data/ap-waf/{syslog-1.yaml => syslog2.yaml} | 12 ++++++------
 tests/suite/test_app_protect_waf_policies.py      |  7 ++++---
 2 files changed, 10 insertions(+), 9 deletions(-)
 rename tests/data/ap-waf/{syslog-1.yaml => syslog2.yaml} (84%)

diff --git a/tests/data/ap-waf/syslog-1.yaml b/tests/data/ap-waf/syslog2.yaml
similarity index 84%
rename from tests/data/ap-waf/syslog-1.yaml
rename to tests/data/ap-waf/syslog2.yaml
index 94ca7ff606..8939d36bba 100644
--- a/tests/data/ap-waf/syslog-1.yaml
+++ b/tests/data/ap-waf/syslog2.yaml
@@ -1,19 +1,19 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: syslog-1
+  name: syslog2
 spec:
   replicas: 1
   selector:
     matchLabels:
-      app: syslog-1
+      app: syslog2
   template:
     metadata:
       labels:
-        app: syslog-1
+        app: syslog2
     spec:
       containers:
-        - name: syslog
+        - name: syslog2
           image: balabit/syslog-ng:3.38.1
           ports:
             - containerPort: 514
@@ -30,11 +30,11 @@ spec:
 apiVersion: v1
 kind: Service
 metadata:
-  name: syslog-svc-1
+  name: syslog2-svc
 spec:
   ports:
     - port: 514
       targetPort: 514
       protocol: TCP
   selector:
-    app: syslog-1
+    app: syslog2
diff --git a/tests/suite/test_app_protect_waf_policies.py b/tests/suite/test_app_protect_waf_policies.py
index b75c7a00ec..6c51197ed7 100644
--- a/tests/suite/test_app_protect_waf_policies.py
+++ b/tests/suite/test_app_protect_waf_policies.py
@@ -304,14 +304,14 @@ def test_ap_waf_policy_multi_logs(
         Test waf policy logs
         """
         src_syslog_yaml = f"{TEST_DATA}/ap-waf/syslog.yaml"
-        src_syslog_yaml_additional = f"{TEST_DATA}/ap-waf/syslog-1.yaml"
+        src_syslog_yaml_additional = f"{TEST_DATA}/ap-waf/syslog2.yaml"
         log_loc = f"/var/log/messages"
         src_log_yaml_escape = f"{TEST_DATA}/ap-waf/logconf-esc.yaml"
         log_esc_name = create_ap_logconf_from_yaml(kube_apis.custom_objects, src_log_yaml_escape, test_namespace)
         create_items_from_yaml(kube_apis, src_syslog_yaml, test_namespace)
         create_items_from_yaml(kube_apis, src_syslog_yaml_additional, test_namespace)
         syslog_dst1 = f"syslog-svc.{test_namespace}"
-        syslog_dst2 = f"syslog-svc-1.{test_namespace}"
+        syslog_dst2 = f"syslog2-svc.{test_namespace}"
         print(f"Create waf policy")
         create_ap_multilog_waf_policy_from_yaml(
             kube_apis.custom_objects,
@@ -344,13 +344,14 @@ def test_ap_waf_policy_multi_logs(
         )
         print(response.text)
         syslog_pod = get_pod_name_that_contains(kube_apis.v1, test_namespace, "syslog")
-        syslog_esc_pod = get_pod_name_that_contains(kube_apis.v1, test_namespace, "syslog-1")
+        syslog_esc_pod = get_pod_name_that_contains(kube_apis.v1, test_namespace, "syslog2")
         log_contents = ""
         retry = 0
         while "ASM:attack_type" not in log_contents and retry <= 60:
             log_contents = get_file_contents(kube_apis.v1, log_loc, syslog_pod, test_namespace)
             retry += 1
             wait_before_test(1)
+
             print(f"Security log not updated, retrying... #{retry}")
 
         log_esc_contents = ""

From 0d05eaeb4b5cfa56bed65a7afe18e886869441a2 Mon Sep 17 00:00:00 2001
From: Venktesh <ve.patel@f5.com>
Date: Fri, 30 Sep 2022 13:07:19 +0100
Subject: [PATCH 5/6] lint

---
 tests/suite/test_app_protect_waf_policies.py | 1 -
 1 file changed, 1 deletion(-)

diff --git a/tests/suite/test_app_protect_waf_policies.py b/tests/suite/test_app_protect_waf_policies.py
index 6c51197ed7..9f95b08a3c 100644
--- a/tests/suite/test_app_protect_waf_policies.py
+++ b/tests/suite/test_app_protect_waf_policies.py
@@ -351,7 +351,6 @@ def test_ap_waf_policy_multi_logs(
             log_contents = get_file_contents(kube_apis.v1, log_loc, syslog_pod, test_namespace)
             retry += 1
             wait_before_test(1)
-
             print(f"Security log not updated, retrying... #{retry}")
 
         log_esc_contents = ""

From 6a6a2750f7b517eb835f138e0937d5e606d79e1d Mon Sep 17 00:00:00 2001
From: Venktesh <ve.patel@f5.com>
Date: Fri, 30 Sep 2022 13:24:29 +0100
Subject: [PATCH 6/6] add status_code check

---
 tests/suite/test_virtual_server_focused_canary.py | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/tests/suite/test_virtual_server_focused_canary.py b/tests/suite/test_virtual_server_focused_canary.py
index c4a3772e7b..4a26917c3e 100644
--- a/tests/suite/test_virtual_server_focused_canary.py
+++ b/tests/suite/test_virtual_server_focused_canary.py
@@ -62,10 +62,14 @@ def test_several_requests(self, kube_apis, crd_ingress_controller, virtual_serve
             ensure_response_from_backend(
                 virtual_server_setup.backend_1_url, virtual_server_setup.vs_host, {"x-version": "canary"}, check404=True
             )
-            resp = requests.get(
-                virtual_server_setup.backend_1_url,
-                headers={"host": virtual_server_setup.vs_host, "x-version": "canary"},
-            )
+            status_code = 502
+            while status_code == 502:
+                resp = requests.get(
+                    virtual_server_setup.backend_1_url,
+                    headers={"host": virtual_server_setup.vs_host, "x-version": "canary"},
+                )
+                status_code = resp.status_code
+
             if upstreams[0] in resp.text in resp.text:
                 counter_v1 = counter_v1 + 1
             elif upstreams[1] in resp.text in resp.text: