github.com/IBM-Blockchain/fabric-operator@v1.0.4/pkg/initializer/validator/validator_test.go (about) 1 /* 2 * Copyright contributors to the Hyperledger Fabric Operator project 3 * 4 * SPDX-License-Identifier: Apache-2.0 5 * 6 * Licensed under the Apache License, Version 2.0 (the "License"); 7 * you may not use this file except in compliance with the License. 8 * You may obtain a copy of the License at: 9 * 10 * http://www.apache.org/licenses/LICENSE-2.0 11 * 12 * Unless required by applicable law or agreed to in writing, software 13 * distributed under the License is distributed on an "AS IS" BASIS, 14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 * See the License for the specific language governing permissions and 16 * limitations under the License. 17 */ 18 19 package validator_test 20 21 import ( 22 "context" 23 "encoding/base64" 24 "strings" 25 26 . "github.com/onsi/ginkgo/v2" 27 . "github.com/onsi/gomega" 28 corev1 "k8s.io/api/core/v1" 29 "k8s.io/apimachinery/pkg/types" 30 "sigs.k8s.io/controller-runtime/pkg/client" 31 32 current "github.com/IBM-Blockchain/fabric-operator/api/v1beta1" 33 controllermocks "github.com/IBM-Blockchain/fabric-operator/controllers/mocks" 34 initvalidator "github.com/IBM-Blockchain/fabric-operator/pkg/initializer/validator" 35 ) 36 37 const ( 38 testcert = "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUNpVENDQWkrZ0F3SUJBZ0lVRkd3N0RjK0QvZUoyY08wOHd6d2tialIzK1M4d0NnWUlLb1pJemowRUF3SXcKYURFTE1Ba0dBMVVFQmhNQ1ZWTXhGekFWQmdOVkJBZ1REazV2Y25Sb0lFTmhjbTlzYVc1aE1SUXdFZ1lEVlFRSwpFd3RJZVhCbGNteGxaR2RsY2pFUE1BMEdBMVVFQ3hNR1JtRmljbWxqTVJrd0Z3WURWUVFERXhCbVlXSnlhV010ClkyRXRjMlZ5ZG1WeU1CNFhEVEU1TVRBd09URTBNakF3TUZvWERUSXdNVEF3T0RFME1qQXdNRm93YnpFTE1Ba0cKQTFVRUJoTUNWVk14RnpBVkJnTlZCQWdURGs1dmNuUm9JRU5oY205c2FXNWhNUlF3RWdZRFZRUUtFd3RJZVhCbApjbXhsWkdkbGNqRVBNQTBHQTFVRUN4TUdSbUZpY21sak1TQXdIZ1lEVlFRREV4ZFRZV0ZrY3kxTllXTkNiMjlyCkxWQnlieTVzYjJOaGJEQlpNQk1HQnlxR1NNNDlBZ0VHQ0NxR1NNNDlBd0VIQTBJQUJBK0JBRzhZakJvTllabGgKRjFrVHNUbHd6VERDQTJocDhZTXI5Ky8vbEd0NURoSGZVT1c3bkhuSW1USHlPRjJQVjFPcVRuUWhUbWpLYTdaQwpqeU9BUWxLamdhOHdnYXd3RGdZRFZSMFBBUUgvQkFRREFnT29NQjBHQTFVZEpRUVdNQlFHQ0NzR0FRVUZCd01CCkJnZ3JCZ0VGQlFjREFqQU1CZ05WSFJNQkFmOEVBakFBTUIwR0ExVWREZ1FXQkJTbHJjL0lNQkxvMzR0UktvWnEKNTQreDIyYWEyREFmQmdOVkhTTUVHREFXZ0JSWmpxT3RQZWJzSFI2UjBNQUhrNnd4ei85UFZqQXRCZ05WSFJFRQpKakFrZ2hkVFlXRmtjeTFOWVdOQ2IyOXJMVkJ5Ynk1c2IyTmhiSUlKYkc5allXeG9iM04wTUFvR0NDcUdTTTQ5CkJBTUNBMGdBTUVVQ0lRRGR0Y1QwUE9FQXJZKzgwdEhmWUwvcXBiWWoxMGU2eWlPWlpUQ29wY25mUVFJZ1FNQUQKaFc3T0NSUERNd3lqKzNhb015d2hFenFHYy9jRDJSU2V5ekRiRjFFPQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==" 39 testkey = "LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JR0hBZ0VBTUJNR0J5cUdTTTQ5QWdFR0NDcUdTTTQ5QXdFSEJHMHdhd0lCQVFRZ3hRUXdSVFFpVUcwREo1UHoKQTJSclhIUEtCelkxMkxRa0MvbVlveWo1bEhDaFJBTkNBQVN5bE1YLzFqdDlmUGt1RTZ0anpvSTlQbGt4LzZuVQpCMHIvMU56TTdrYnBjUk8zQ3RIeXQ2TXlQR21FOUZUN29pYXphU3J1TW9JTDM0VGdBdUpIOU9ZWQotLS0tLUVORCBQUklWQVRFIEtFWS0tLS0tCg==" 40 ) 41 42 var _ = Describe("validator", func() { 43 var ( 44 validator *initvalidator.Validator 45 instance *current.IBPPeer 46 mockClient *controllermocks.Client 47 48 testCertBytes []byte 49 testKeyBytes []byte 50 ) 51 52 BeforeEach(func() { 53 var err error 54 55 instance = ¤t.IBPPeer{} 56 mockClient = &controllermocks.Client{} 57 58 testCertBytes, err = base64.StdEncoding.DecodeString(testcert) 59 Expect(err).NotTo(HaveOccurred()) 60 testKeyBytes, err = base64.StdEncoding.DecodeString(testkey) 61 Expect(err).NotTo(HaveOccurred()) 62 63 mockClient.GetStub = func(ctx context.Context, t types.NamespacedName, obj client.Object) error { 64 switch obj.(type) { 65 case *corev1.Secret: 66 if strings.Contains(t.Name, "keystore") { 67 s := obj.(*corev1.Secret) 68 s.Data = map[string][]byte{ 69 "key.pem": testKeyBytes, 70 } 71 } else { 72 s := obj.(*corev1.Secret) 73 s.Data = map[string][]byte{ 74 "cert.pem": testCertBytes, 75 } 76 } 77 } 78 return nil 79 } 80 81 validator = &initvalidator.Validator{ 82 Client: mockClient, 83 } 84 }) 85 86 Context("check ecert certs", func() { 87 It("returns an error if secret contains no certs", func() { 88 mockClient.GetStub = func(ctx context.Context, types types.NamespacedName, obj client.Object) error { 89 switch obj.(type) { 90 case *corev1.Secret: 91 s := obj.(*corev1.Secret) 92 s.Data = nil 93 } 94 return nil 95 } 96 97 err := validator.CheckEcertCrypto(instance, instance.GetName()) 98 Expect(err).To(HaveOccurred()) 99 }) 100 101 It("returns no error if a valid cert found in secret", func() { 102 err := validator.CheckEcertCrypto(instance, instance.GetName()) 103 Expect(err).NotTo(HaveOccurred()) 104 }) 105 }) 106 107 Context("check tls certs", func() { 108 It("returns an error if secret contains no certs", func() { 109 mockClient.GetStub = func(ctx context.Context, types types.NamespacedName, obj client.Object) error { 110 switch obj.(type) { 111 case *corev1.Secret: 112 s := obj.(*corev1.Secret) 113 s.Data = nil 114 } 115 return nil 116 } 117 118 err := validator.CheckTLSCrypto(instance, instance.GetName()) 119 Expect(err).To(HaveOccurred()) 120 }) 121 122 It("returns no error if a valid cert found in secret", func() { 123 err := validator.CheckTLSCrypto(instance, instance.GetName()) 124 Expect(err).NotTo(HaveOccurred()) 125 }) 126 }) 127 128 Context("check client auth certs", func() { 129 It("returns an error if secret contains no certs", func() { 130 mockClient.GetStub = func(ctx context.Context, types types.NamespacedName, obj client.Object) error { 131 switch obj.(type) { 132 case *corev1.Secret: 133 s := obj.(*corev1.Secret) 134 s.Data = nil 135 } 136 return nil 137 } 138 139 err := validator.CheckClientAuthCrypto(instance, instance.GetName()) 140 Expect(err).To(HaveOccurred()) 141 }) 142 143 It("returns no error if a valid cert found in secret", func() { 144 err := validator.CheckClientAuthCrypto(instance, instance.GetName()) 145 Expect(err).NotTo(HaveOccurred()) 146 }) 147 }) 148 })