Adds a test for the new calculateNextIssuanceTime func

irbekrm · irbekrm · commit 142d413158a9 · 2023-03-09T10:04:33.000Z
Signed-off-by: irbekrm &lt;irbekrm@gmail.com&gt;
diff --git a/go.mod b/go.mod
@@ -7,6 +7,7 @@ require (
 	github.com/container-storage-interface/spec v1.7.0
 	github.com/go-logr/logr v1.2.3
 	github.com/kubernetes-csi/csi-lib-utils v0.13.0
+	github.com/stretchr/testify v1.8.1
 	golang.org/x/net v0.7.0
 	google.golang.org/grpc v1.53.0
 	k8s.io/apimachinery v0.26.1
@@ -44,6 +45,7 @@ require (
 	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
 	github.com/pkg/errors v0.9.1 // indirect
+	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/prometheus/client_golang v1.14.0 // indirect
 	github.com/prometheus/client_model v0.3.0 // indirect
 	github.com/prometheus/common v0.39.0 // indirect
diff --git a/manager/manager_test.go b/manager/manager_test.go
@@ -2,13 +2,20 @@ package manager
 
 import (
 	"context"
+	"crypto/rand"
+	"crypto/rsa"
+	"crypto/x509"
+	"encoding/pem"
 	"fmt"
+	"math/big"
 	"testing"
 	"time"
 
 	cmapi "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1"
 	cmmeta "github.com/cert-manager/cert-manager/pkg/apis/meta/v1"
 	"github.com/go-logr/logr/testr"
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/util/wait"
@@ -383,6 +390,44 @@ func TestManager_cleanupStaleRequests(t *testing.T) {
 	}
 }
 
+func Test_calculateNextIssuanceTime(t *testing.T) {
+	notBefore := time.Date(1970, time.January, 1, 0, 0, 0, 0, time.UTC)
+	notAfter := time.Date(1970, time.January, 4, 0, 0, 0, 0, time.UTC)
+	pk, err := rsa.GenerateKey(rand.Reader, 2048)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	template := x509.Certificate{
+		SerialNumber:          new(big.Int).Lsh(big.NewInt(1), 128),
+		NotBefore:             notBefore,
+		NotAfter:              notAfter,
+		BasicConstraintsValid: true,
+	}
+
+	derBytes, err := x509.CreateCertificate(rand.Reader, &template, &template, &pk.PublicKey, pk)
+	require.NoError(t, err)
+	certPEM := pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: derBytes})
+
+	tests := map[string]struct {
+		expTime time.Time
+		expErr  bool
+	}{
+		"if no attributes given, return 2/3rd certificate lifetime": {
+			expTime: notBefore.AddDate(0, 0, 2),
+			expErr:  false,
+		},
+	}
+
+	for name, test := range tests {
+		t.Run(name, func(t *testing.T) {
+			renewTime, err := calculateNextIssuanceTime(certPEM)
+			assert.Equal(t, test.expErr, err != nil)
+			assert.Equal(t, test.expTime, renewTime)
+		})
+	}
+}
+
 func cr(crName, crNamespace, nodeID, volumeID string) *cmapi.CertificateRequest {
 	return &cmapi.CertificateRequest{
 		ObjectMeta: metav1.ObjectMeta{
