1 package apiext
2
3 import (
4 "testing"
5
6 "github.com/stretchr/testify/require"
7 k8sTypesCoreV1 "k8s.io/api/core/v1"
8
9 "github.com/datawire/dlib/dlog"
10 )
11
12 func TestCA(t *testing.T) {
13 caKey, caKeyBytes, err := genKey()
14 require.NoError(t, err)
15 require.NotNil(t, caKey)
16 require.True(t, len(caKeyBytes) > 0, "caKeyBytes should be non-empty")
17
18 caCertBytes, err := genCACert(caKey)
19 require.NoError(t, err)
20 require.True(t, len(caCertBytes) > 0, "caCertBytes should be non-empty")
21
22 ca, err := parseCA(&k8sTypesCoreV1.Secret{
23 Type: k8sTypesCoreV1.SecretTypeTLS,
24 Data: map[string][]byte{
25 k8sTypesCoreV1.TLSPrivateKeyKey: caKeyBytes,
26 k8sTypesCoreV1.TLSCertKey: caCertBytes,
27 },
28 })
29 require.NoError(t, err)
30 require.NotNil(t, ca)
31
32 ctx := dlog.NewTestContext(t, true)
33
34 a, err := ca.GenServerCert(ctx, "foo")
35 require.NoError(t, err)
36 require.NotNil(t, a)
37
38 b, err := ca.GenServerCert(ctx, "foo")
39 require.NoError(t, err)
40 require.NotNil(t, b)
41
42
43 require.True(t, a == b, "because of caching, certs should be pointer-equal")
44 }
45
View as plain text