@@ -284,6 +284,43 @@ func TestUpdateRotation(t *testing.T) {
284284 }
285285}
286286
287+ func TestUpdateTwoCerts (t * testing.T ) {
288+ prefix := "kubelet-server"
289+ dir , err := ioutil .TempDir ("" , "k8s-test-certstore-current" )
290+ if err != nil {
291+ t .Fatalf ("Unable to create the test directory %q: %v" , dir , err )
292+ }
293+ defer func () {
294+ if err := os .RemoveAll (dir ); err != nil {
295+ t .Errorf ("Unable to clean up test directory %q: %v" , dir , err )
296+ }
297+ }()
298+ keyFile := filepath .Join (dir , "kubelet.key" )
299+ if err := ioutil .WriteFile (keyFile , storeTwoCertsData .keyPEM , 0600 ); err != nil {
300+ t .Fatalf ("Unable to create the file %q: %v" , keyFile , err )
301+ }
302+ certFile := filepath .Join (dir , "kubelet.crt" )
303+ if err := ioutil .WriteFile (certFile , storeTwoCertsData .certificatePEM , 0600 ); err != nil {
304+ t .Fatalf ("Unable to create the file %q: %v" , certFile , err )
305+ }
306+
307+ s , err := NewFileStore (prefix , dir , dir , certFile , keyFile )
308+ if err != nil {
309+ t .Fatalf ("Got %v while creating a new store." , err )
310+ }
311+
312+ cert , err := s .Update (storeTwoCertsData .certificatePEM , storeTwoCertsData .keyPEM )
313+ if err != nil {
314+ t .Errorf ("Got %v while updating certificate store." , err )
315+ }
316+ if cert == nil {
317+ t .Errorf ("Got nil certificate, expected something real." )
318+ }
319+ if len (cert .Certificate ) != 2 {
320+ t .Fatalf ("Unexpected number of certificates, expected 2, got %v" , len (cert .Certificate ))
321+ }
322+ }
323+
287324func TestUpdateWithBadCertKeyData (t * testing.T ) {
288325 prefix := "kubelet-server"
289326 dir , err := ioutil .TempDir ("" , "k8s-test-certstore-current" )
@@ -394,6 +431,46 @@ func TestCurrentCertKeyFiles(t *testing.T) {
394431 }
395432}
396433
434+ func TestCurrentTwoCerts (t * testing.T ) {
435+ prefix := "kubelet-server"
436+ dir , err := ioutil .TempDir ("" , "k8s-test-certstore-current" )
437+ if err != nil {
438+ t .Fatalf ("Unable to create the test directory %q: %v" , dir , err )
439+ }
440+ defer func () {
441+ if err := os .RemoveAll (dir ); err != nil {
442+ t .Errorf ("Unable to clean up test directory %q: %v" , dir , err )
443+ }
444+ }()
445+ certFile := filepath .Join (dir , "kubelet.crt" )
446+ if err := ioutil .WriteFile (certFile , storeTwoCertsData .certificatePEM , 0600 ); err != nil {
447+ t .Fatalf ("Unable to create the file %q: %v" , certFile , err )
448+ }
449+ keyFile := filepath .Join (dir , "kubelet.key" )
450+ if err := ioutil .WriteFile (keyFile , storeTwoCertsData .keyPEM , 0600 ); err != nil {
451+ t .Fatalf ("Unable to create the file %q: %v" , keyFile , err )
452+ }
453+
454+ store , err := NewFileStore (prefix , dir , dir , certFile , keyFile )
455+ if err != nil {
456+ t .Fatalf ("Failed to initialize certificate store: %v" , err )
457+ }
458+
459+ cert , err := store .Current ()
460+ if err != nil {
461+ t .Fatalf ("Could not load certificate from disk: %v" , err )
462+ }
463+ if cert == nil {
464+ t .Fatalf ("There was no error, but no certificate data was returned." )
465+ }
466+ if cert .Leaf == nil {
467+ t .Fatalf ("Got an empty leaf, expected private data." )
468+ }
469+ if len (cert .Certificate ) != 2 {
470+ t .Fatalf ("Unexpected number of certificates, expected 2, got %v" , len (cert .Certificate ))
471+ }
472+ }
473+
397474func TestCurrentNoFiles (t * testing.T ) {
398475 dir , err := ioutil .TempDir ("" , "k8s-test-certstore-current" )
399476 if err != nil {
0 commit comments