Skip to content

Commit 8617de6

Browse files
munnerzmunnerz
committed
Use real certificate data during integration tests
Signed-off-by: James Munnelly <[email protected]>
1 parent 01e1f30 commit 8617de6

File tree

2 files changed

+27
-6
lines changed

2 files changed

+27
-6
lines changed

test/integration/issuance_test.go

Lines changed: 24 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -39,6 +39,27 @@ import (
3939
testutil "github.com/cert-manager/csi-lib/test/util"
4040
)
4141

42+
// Self signed certificate valid for 'example.com' (and probably expired by the time this is read).
43+
// This is used during test fixtures as the test driver attempts to parse the PEM certificate data,
44+
// so we can't just use any random bytes.
45+
var selfSignedExampleCertificate = []byte(`-----BEGIN CERTIFICATE-----
46+
MIICxjCCAa6gAwIBAgIRAI0W8ofWt2fD+J7Cha10KwwwDQYJKoZIhvcNAQELBQAw
47+
ADAeFw0yMjA5MTMwODI0MDBaFw0yMjEyMTIwODI0MDBaMAAwggEiMA0GCSqGSIb3
48+
DQEBAQUAA4IBDwAwggEKAoIBAQDR2ktXXbuJPZhudwfbwiYuKjb7BfehfuRZtme4
49+
HNvIhf0ABavuK4uRlKAKXRt1SZWMzm6P7NpTSOHjlxoBluZKFsgQbtNYYC8cBOMr
50+
1TuU9UwAD6U4Lw+obWQppwaEYIifdSVWUqphRT2I6EJONEB9ZUr0gHMKJ2sjl163
51+
WseSDyjPHkEM3wmpHpdDfYjNQRZ9sKB4J4/R8maW1IPpzltbryNQMfVJCYA7SjvJ
52+
KZK5cyhabqNVeBhjBSp+UczQVrJ4ruam3i4LFUbu7DVJ/60C8knhFxGJZ5uaPbOd
53+
eStraFOp50S3JbSpymq2m8c02ZsunUYiWCXGoh/UqrfYViVVAgMBAAGjOzA5MA4G
54+
A1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMBkGA1UdEQEB/wQPMA2CC2V4YW1w
55+
bGUuY29tMA0GCSqGSIb3DQEBCwUAA4IBAQCkAvvWIUgdpuukL8nqX3850FtHl8r9
56+
I9oCra4Tv7fxsggFMhIbrVUjzE0NCB/kTjr5j/KFid9TFtbBo7bvYRKI1Qx12y28
57+
CTvY1y5BqFN/lT917B+8lrWyvxsbtQ0Xhvj9JgbLhGQutR4J+ee1sKZTPqP/sSGl
58+
PfY1JD5zWYWXWweLAR9hTp62SL6KVfsTT77jw0foehEKxfJbZY2wkdUS5GFMB8/a
59+
KQ+2l7/qPU8XL8whXEsifoJJ+U66v3cfsH0PIhTV2JKhagljdTVf333JBD/z49qv
60+
vnEIALrtIClFU6D/mTU5wyHhN29llwfjUgJrmYWqoWTZSiwGS6YmZpry
61+
-----END CERTIFICATE-----`)
62+
4263
func TestIssuesCertificate(t *testing.T) {
4364
store := storage.NewMemoryFS()
4465
clock := fakeclock.NewFakeClock(time.Now())
@@ -69,7 +90,7 @@ func TestIssuesCertificate(t *testing.T) {
6990
defer stop()
7091

7192
stopCh := make(chan struct{})
72-
go testutil.IssueOneRequest(t, opts.Client, "certificaterequest-namespace", stopCh, []byte("certificate bytes"), []byte("ca bytes"))
93+
go testutil.IssueOneRequest(t, opts.Client, "certificaterequest-namespace", stopCh, selfSignedExampleCertificate, []byte("ca bytes"))
7394
defer close(stopCh)
7495

7596
tmpDir, err := os.MkdirTemp("", "*")
@@ -98,7 +119,7 @@ func TestIssuesCertificate(t *testing.T) {
98119
if !reflect.DeepEqual(files["ca"], []byte("ca bytes")) {
99120
t.Errorf("unexpected CA data: %v", files["ca"])
100121
}
101-
if !reflect.DeepEqual(files["cert"], []byte("certificate bytes")) {
122+
if !reflect.DeepEqual(files["cert"], selfSignedExampleCertificate) {
102123
t.Errorf("unexpected certificate data: %v", files["cert"])
103124
}
104125
}
@@ -150,7 +171,7 @@ func TestManager_CleansUpOldRequests(t *testing.T) {
150171

151172
// Set up a goroutine that automatically issues all CertificateRequests
152173
stopCh := make(chan struct{})
153-
go testutil.IssueAllRequests(t, opts.Client, "testns", stopCh, []byte("certificate bytes"), []byte("ca bytes"))
174+
go testutil.IssueAllRequests(t, opts.Client, "testns", stopCh, selfSignedExampleCertificate, []byte("ca bytes"))
154175
defer close(stopCh)
155176

156177
// Call NodePublishVolume

test/integration/ready_to_request_test.go

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -81,7 +81,7 @@ func Test_CompletesIfNotReadyToRequest_ContinueOnNotReadyEnabled(t *testing.T) {
8181

8282
// Setup a routine to issue/sign the request IF it is created
8383
stopCh := make(chan struct{})
84-
go testutil.IssueAllRequests(t, opts.Client, "certificaterequest-namespace", stopCh, []byte("certificate bytes"), []byte("ca bytes"))
84+
go testutil.IssueAllRequests(t, opts.Client, "certificaterequest-namespace", stopCh, selfSignedExampleCertificate, []byte("ca bytes"))
8585
defer close(stopCh)
8686

8787
tmpDir, err := os.MkdirTemp("", "*")
@@ -116,7 +116,7 @@ func Test_CompletesIfNotReadyToRequest_ContinueOnNotReadyEnabled(t *testing.T) {
116116
if !reflect.DeepEqual(files["ca"], []byte("ca bytes")) {
117117
return false, fmt.Errorf("unexpected CA data: %v", files["ca"])
118118
}
119-
if !reflect.DeepEqual(files["cert"], []byte("certificate bytes")) {
119+
if !reflect.DeepEqual(files["cert"], selfSignedExampleCertificate) {
120120
return false, fmt.Errorf("unexpected certificate data: %v", files["cert"])
121121
}
122122
return true, nil
@@ -161,7 +161,7 @@ func TestFailsIfNotReadyToRequest_ContinueOnNotReadyDisabled(t *testing.T) {
161161

162162
// Setup a routine to issue/sign the request IF it is created
163163
stopCh := make(chan struct{})
164-
go testutil.IssueAllRequests(t, opts.Client, "certificaterequest-namespace", stopCh, []byte("certificate bytes"), []byte("ca bytes"))
164+
go testutil.IssueAllRequests(t, opts.Client, "certificaterequest-namespace", stopCh, selfSignedExampleCertificate, []byte("ca bytes"))
165165
defer close(stopCh)
166166
tmpDir, err := os.MkdirTemp("", "*")
167167
if err != nil {

0 commit comments

Comments
 (0)