check dnsnames on certificates rather than on get request

Kuadrant · Nov 9, 2023 · 3dfbf32 · 3dfbf32
1 parent f452cc6
commit 3dfbf32
Show file tree

Hide file tree

Showing 2 changed files with 26 additions and 20 deletions.
diff --git a/test/e2e/gateway_single_spoke_test.go b/test/e2e/gateway_single_spoke_test.go
@@ -11,6 +11,7 @@ import (
 	"strings"
 	"time"
 
+	v1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1"
 	cmmetav1 "github.com/jetstack/cert-manager/pkg/apis/meta/v1"
 	. "github.com/onsi/ginkgo/v2"
 	. "github.com/onsi/gomega"
@@ -269,6 +270,14 @@ var _ = Describe("Gateway single target cluster", func() {
 					}
 					err = tconfig.HubClient().Delete(ctx, secret)
 					Expect(client.IgnoreNotFound(err)).ToNot(HaveOccurred())
+					cert := &v1.Certificate{
+						ObjectMeta: metav1.ObjectMeta{
+							Name:      strings.Join([]string{testID, tconfig.ManagedZone()}, "."),
+							Namespace: tconfig.HubNamespace(),
+						},
+					}
+					err = tconfig.HubClient().Delete(ctx, cert)
+					Expect(client.IgnoreNotFound(err)).ToNot(HaveOccurred())
 
 				})
 
@@ -398,31 +407,28 @@ var _ = Describe("Gateway single target cluster", func() {
 						}).WithContext(ctx).WithTimeout(180 * time.Second).WithPolling(2 * time.Second).ShouldNot(HaveOccurred())
 					}
 
-					By("checking a wildcard cert is present via get request")
+					By("checking tls certificate")
 					{
-						dialer := &net.Dialer{Resolver: authoritativeResolver}
-						dialContext := func(ctx context.Context, network, addr string) (net.Conn, error) {
-							return dialer.DialContext(ctx, network, addr)
-						}
-						http.DefaultTransport.(*http.Transport).DialContext = dialContext
-						http.DefaultTransport.(*http.Transport).TLSClientConfig = &tls.Config{InsecureSkipVerify: true}
-						otherHostname = gatewayapi.Hostname(strings.Join([]string{"other", tconfig.ManagedZone()}, "."))
-						var resp *http.Response
+						certList := &v1.CertificateList{}
 						Eventually(func(ctx SpecContext) error {
-							httpClient := &http.Client{}
-							resp, err = httpClient.Get("https://" + string(otherHostname))
+							err = tconfig.HubClient().List(ctx, certList)
 							if err != nil {
-								GinkgoWriter.Printf("[debug] GET error: '%s'\n", err)
 								return err
 							}
-							err = TestCertificate(string(wildcardHostname), resp)
-							if err != nil {
-								GinkgoWriter.Printf("[debug] Cert error: '%s'\n", err)
-								return err
+							if len(certList.Items) == 0 {
+								return fmt.Errorf("no certificate found")
 							}
-							return nil
-						}).WithTimeout(600 * time.Second).WithPolling(10 * time.Second).WithContext(ctx).ShouldNot(HaveOccurred())
-						defer resp.Body.Close()
+							for _, cert := range certList.Items {
+								if cert.Labels["gateway"] == testID {
+									for _, dnsName := range cert.Spec.DNSNames {
+										if dnsName == string(wildcardHostname) {
+											return nil
+										}
+									}
+								}
+							}
+							return fmt.Errorf("dns names for certificate not as expected")
+						}).WithContext(ctx).WithTimeout(180 * time.Second).WithPolling(2 * time.Second).ShouldNot(HaveOccurred())
 					}
 					By("adding/removing listeners tls secrets are added/removed")
 					{

diff --git a/test/util/helper.go b/test/util/helper.go
@@ -148,5 +148,5 @@ func TestCertificate(dnsName string, resp *http.Response) error {
 			}
 		}
 	}
-	return fmt.Errorf("wildcard hostname not found in the certificate via get request")
+	return fmt.Errorf("%s not found in the certificate via get request", dnsName)
 }
-Original file line number
+Diff line change
@@ Expand Up @@
     			}
     		}
     	}
-    	return fmt.Errorf("wildcard hostname not found in the certificate via get request")
+    	return fmt.Errorf("%s not found in the certificate via get request", dnsName)
     }