Skip to content

Commit

Permalink
Fix tls domain test
Browse files Browse the repository at this point in the history
  • Loading branch information
@dsimansk
dsimansk committed Aug 23, 2023
1 parent 202fa8e commit f18e936
Showing 1 changed file with 65 additions and 0 deletions.
65 changes: 65 additions & 0 deletions test/e2e/domain_mapping_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,16 @@
package e2e

import (
"bytes"
"crypto/ecdsa"
"crypto/elliptic"
"crypto/rand"
"crypto/x509"
"crypto/x509/pkix"
"encoding/pem"
"math/big"
"os"
"path/filepath"
"testing"
"time"

Expand Down Expand Up @@ -63,6 +73,20 @@ func TestDomain(t *testing.T) {
t.Log("delete domain")
domainDelete(r, domainName)

tempDir := t.TempDir()
defer os.Remove(tempDir)

cert, key := makeCertificateForDomain(t, "newdomain.com")

err = os.WriteFile(filepath.Join(tempDir, "cert"), cert, test.FileModeReadWrite)
assert.NilError(t, err)
err = os.WriteFile(filepath.Join(tempDir, "key"), key, test.FileModeReadWrite)
assert.NilError(t, err)

kubectl = test.NewKubectl(it.Namespace())
_, err = kubectl.Run("create", "secret", "tls", "tls-secret", "--cert="+filepath.Join(tempDir, "cert"), "--key="+filepath.Join(tempDir, "key"))
assert.NilError(t, err)

t.Log("create domain with TLS")
domainCreateWithTls(r, "newdomain.com", "hello", "tls-secret")
time.Sleep(time.Second)
Expand Down Expand Up @@ -128,3 +152,44 @@ func domainDescribe(r *test.KnRunResultCollector, domainName string, tls bool) {
}
assert.Assert(r.T(), util.ContainsAll(out.Stdout, "Name", "Namespace", "URL", "Service", url))
}

func makeCertificateForDomain(t *testing.T, domainName string) (cert []byte, key []byte) {
serialNumberLimit := new(big.Int).Lsh(big.NewInt(1), 128)
serialNumber, err := rand.Int(rand.Reader, serialNumberLimit)
if err != nil {
t.Fatalf("Failed to generate serial number: %v", err)
}
priv, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
if err != nil {
t.Fatalf("Failed to generate private key: %v", err)
}
public := &priv.PublicKey
now := time.Now()
template := x509.Certificate{
SerialNumber: serialNumber,
Subject: pkix.Name{
Organization: []string{"Acme Co"},
},
NotBefore: now,
NotAfter: now.Add(time.Hour * 12),

KeyUsage: x509.KeyUsageDigitalSignature,
ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
BasicConstraintsValid: true,
DNSNames: []string{domainName},
}
derBytes, err := x509.CreateCertificate(rand.Reader, &template, &template, public, priv)
if err != nil {
t.Fatalf("Failed to create certificate: %v", err)
}
var certOut bytes.Buffer
pem.Encode(&certOut, &pem.Block{Type: "CERTIFICATE", Bytes: derBytes})

privBytes, err := x509.MarshalPKCS8PrivateKey(priv)
if err != nil {
t.Fatalf("Failed to marshal private key: %v", err)
}
var keyOut bytes.Buffer
pem.Encode(&keyOut, &pem.Block{Type: "PRIVATE KEY", Bytes: privBytes})
return certOut.Bytes(), keyOut.Bytes()
}

0 comments on commit f18e936

Please sign in to comment.