...

Text file src/sigs.k8s.io/gateway-api/conformance/tests/gateway-invalid-tls-certificateref.yaml

Documentation: sigs.k8s.io/gateway-api/conformance/tests 

     1apiVersion: gateway.networking.k8s.io/v1
     2kind: Gateway
     3metadata:
     4  name: gateway-certificate-nonexistent-secret
     5  namespace: gateway-conformance-infra
     6spec:
     7  gatewayClassName: "{GATEWAY_CLASS_NAME}"
     8  listeners:
     9    - name: https
    10      port: 443
    11      protocol: HTTPS
    12      allowedRoutes:
    13        namespaces:
    14          from: All
    15      tls:
    16        certificateRefs:
    17          - group: ""
    18            kind: Secret
    19            name: nonexistent-certificate
    20---
    21apiVersion: gateway.networking.k8s.io/v1
    22kind: Gateway
    23metadata:
    24  name: gateway-certificate-unsupported-group
    25  namespace: gateway-conformance-infra
    26spec:
    27  gatewayClassName: "{GATEWAY_CLASS_NAME}"
    28  listeners:
    29    - name: https
    30      port: 443
    31      protocol: HTTPS
    32      allowedRoutes:
    33        namespaces:
    34          from: All
    35      tls:
    36        certificateRefs:
    37          - group: wrong.group.company.io
    38            kind: Secret
    39            name: tls-validity-checks-certificate
    40---
    41apiVersion: gateway.networking.k8s.io/v1
    42kind: Gateway
    43metadata:
    44  name: gateway-certificate-unsupported-kind
    45  namespace: gateway-conformance-infra
    46spec:
    47  gatewayClassName: "{GATEWAY_CLASS_NAME}"
    48  listeners:
    49    - name: https
    50      port: 443
    51      protocol: HTTPS
    52      allowedRoutes:
    53        namespaces:
    54          from: All
    55      tls:
    56        certificateRefs:
    57          - group: ""
    58            kind: WrongKind
    59            name: tls-validity-checks-certificate
    60---
    61apiVersion: gateway.networking.k8s.io/v1
    62kind: Gateway
    63metadata:
    64  name: gateway-certificate-malformed-secret
    65  namespace: gateway-conformance-infra
    66spec:
    67  gatewayClassName: "{GATEWAY_CLASS_NAME}"
    68  listeners:
    69    - name: https
    70      port: 443
    71      protocol: HTTPS
    72      allowedRoutes:
    73        namespaces:
    74          from: All
    75      tls:
    76        certificateRefs:
    77          - group: ""
    78            kind: Secret
    79            name: malformed-certificate
    80---
    81apiVersion: v1
    82kind: Secret
    83metadata:
    84  name: malformed-certificate
    85  namespace: gateway-conformance-infra
    86data:
    87  # this certificate is invalid because contains an invalid pem (base64 of "Hello world"),
    88  # and the certificate and the key are identical
    89  tls.crt: SGVsbG8gd29ybGQK
    90  tls.key: SGVsbG8gd29ybGQK
    91type: kubernetes.io/tls

View as plain text