func AssertCertificateHasClientAuthUsage(t *testing.T, cert *x509.Certificate)
AssertCertificateHasClientAuthUsage is a utility function for kubeadm testing that asserts if a given certificate has the expected ExtKeyUsageClientAuth
func AssertCertificateHasCommonName(t *testing.T, cert *x509.Certificate, commonName string)
AssertCertificateHasCommonName is a utility function for kubeadm testing that asserts if a given certificate has the expected SubjectCommonName
func AssertCertificateHasDNSNames(t *testing.T, cert *x509.Certificate, DNSNames ...string)
AssertCertificateHasDNSNames is a utility function for kubeadm testing that asserts if a given certificate has the expected DNSNames
func AssertCertificateHasIPAddresses(t *testing.T, cert *x509.Certificate, IPAddresses ...net.IP)
AssertCertificateHasIPAddresses is a utility function for kubeadm testing that asserts if a given certificate has the expected IPAddresses
func AssertCertificateHasOrganizations(t *testing.T, cert *x509.Certificate, organizations ...string)
AssertCertificateHasOrganizations is a utility function for kubeadm testing that asserts if a given certificate has and only has the expected Subject.Organization
func AssertCertificateHasServerAuthUsage(t *testing.T, cert *x509.Certificate)
AssertCertificateHasServerAuthUsage is a utility function for kubeadm testing that asserts if a given certificate has the expected ExtKeyUsageServerAuth
func AssertCertificateIsSignedByCa(t *testing.T, cert *x509.Certificate, signingCa *x509.Certificate)
AssertCertificateIsSignedByCa is a utility function for kubeadm testing that asserts if a given certificate is signed by the expected CA
func CreateCACert(t *testing.T) (*x509.Certificate, crypto.Signer)
CreateCACert creates a generic CA cert.
func CreateTestCert(t *testing.T, caCert *x509.Certificate, caKey crypto.Signer, altNames certutil.AltNames) (*x509.Certificate, crypto.Signer, *pkiutil.CertConfig)
CreateTestCert makes a generic certificate with the given CA and alternative names.
func SetupCertificateAuthority(t *testing.T) (*x509.Certificate, crypto.Signer)
SetupCertificateAuthority is a utility function for kubeadm testing that creates a CertificateAuthority cert/key pair
func WritePKIFiles(t *testing.T, dir string, files PKIFiles)
WritePKIFiles writes the given files out to the given directory
CertTestCase is a configuration of certificates and whether it's expected to work.
type CertTestCase struct {
Name string
Files PKIFiles
ExpectError bool
}
func GetSparseCertTestCases(t *testing.T) []CertTestCase
GetSparseCertTestCases produces a series of cert configurations and their intended outcomes.
PKIFiles are a list of files that should be created for a test case
type PKIFiles map[string]interface{}