From 3dfbf32c018cbfcddd8d036763c8dbf71ef01a08 Mon Sep 17 00:00:00 2001 From: Laura Fitzgerald Date: Fri, 3 Nov 2023 14:55:42 +0000 Subject: [PATCH] check dnsnames on certificates rather than on get request --- test/e2e/gateway_single_spoke_test.go | 44 +++++++++++++++------------ test/util/helper.go | 2 +- 2 files changed, 26 insertions(+), 20 deletions(-) diff --git a/test/e2e/gateway_single_spoke_test.go b/test/e2e/gateway_single_spoke_test.go index 22e1eff8b..17534ae83 100644 --- a/test/e2e/gateway_single_spoke_test.go +++ b/test/e2e/gateway_single_spoke_test.go @@ -11,6 +11,7 @@ import ( "strings" "time" + v1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1" cmmetav1 "github.com/jetstack/cert-manager/pkg/apis/meta/v1" . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" @@ -269,6 +270,14 @@ var _ = Describe("Gateway single target cluster", func() { } err = tconfig.HubClient().Delete(ctx, secret) Expect(client.IgnoreNotFound(err)).ToNot(HaveOccurred()) + cert := &v1.Certificate{ + ObjectMeta: metav1.ObjectMeta{ + Name: strings.Join([]string{testID, tconfig.ManagedZone()}, "."), + Namespace: tconfig.HubNamespace(), + }, + } + err = tconfig.HubClient().Delete(ctx, cert) + Expect(client.IgnoreNotFound(err)).ToNot(HaveOccurred()) }) @@ -398,31 +407,28 @@ var _ = Describe("Gateway single target cluster", func() { }).WithContext(ctx).WithTimeout(180 * time.Second).WithPolling(2 * time.Second).ShouldNot(HaveOccurred()) } - By("checking a wildcard cert is present via get request") + By("checking tls certificate") { - dialer := &net.Dialer{Resolver: authoritativeResolver} - dialContext := func(ctx context.Context, network, addr string) (net.Conn, error) { - return dialer.DialContext(ctx, network, addr) - } - http.DefaultTransport.(*http.Transport).DialContext = dialContext - http.DefaultTransport.(*http.Transport).TLSClientConfig = &tls.Config{InsecureSkipVerify: true} - otherHostname = gatewayapi.Hostname(strings.Join([]string{"other", tconfig.ManagedZone()}, ".")) - var resp *http.Response + certList := &v1.CertificateList{} Eventually(func(ctx SpecContext) error { - httpClient := &http.Client{} - resp, err = httpClient.Get("https://" + string(otherHostname)) + err = tconfig.HubClient().List(ctx, certList) if err != nil { - GinkgoWriter.Printf("[debug] GET error: '%s'\n", err) return err } - err = TestCertificate(string(wildcardHostname), resp) - if err != nil { - GinkgoWriter.Printf("[debug] Cert error: '%s'\n", err) - return err + if len(certList.Items) == 0 { + return fmt.Errorf("no certificate found") } - return nil - }).WithTimeout(600 * time.Second).WithPolling(10 * time.Second).WithContext(ctx).ShouldNot(HaveOccurred()) - defer resp.Body.Close() + for _, cert := range certList.Items { + if cert.Labels["gateway"] == testID { + for _, dnsName := range cert.Spec.DNSNames { + if dnsName == string(wildcardHostname) { + return nil + } + } + } + } + return fmt.Errorf("dns names for certificate not as expected") + }).WithContext(ctx).WithTimeout(180 * time.Second).WithPolling(2 * time.Second).ShouldNot(HaveOccurred()) } By("adding/removing listeners tls secrets are added/removed") { diff --git a/test/util/helper.go b/test/util/helper.go index 6fd6a9538..3d43f365b 100644 --- a/test/util/helper.go +++ b/test/util/helper.go @@ -148,5 +148,5 @@ func TestCertificate(dnsName string, resp *http.Response) error { } } } - return fmt.Errorf("wildcard hostname not found in the certificate via get request") + return fmt.Errorf("%s not found in the certificate via get request", dnsName) }