github.com/stefanmcshane/helm@v0.0.0-20221213002717-88a4a2c6e77d/internal/tlsutil/tlsutil_test.go (about) 1 /* 2 Copyright The Helm Authors. 3 4 Licensed under the Apache License, Version 2.0 (the "License"); 5 you may not use this file except in compliance with the License. 6 You may obtain a copy of the License at 7 8 http://www.apache.org/licenses/LICENSE-2.0 9 10 Unless required by applicable law or agreed to in writing, software 11 distributed under the License is distributed on an "AS IS" BASIS, 12 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 See the License for the specific language governing permissions and 14 limitations under the License. 15 */ 16 17 package tlsutil 18 19 import ( 20 "path/filepath" 21 "testing" 22 ) 23 24 const tlsTestDir = "../../testdata" 25 26 const ( 27 testCaCertFile = "rootca.crt" 28 testCertFile = "crt.pem" 29 testKeyFile = "key.pem" 30 ) 31 32 func TestClientConfig(t *testing.T) { 33 opts := Options{ 34 CaCertFile: testfile(t, testCaCertFile), 35 CertFile: testfile(t, testCertFile), 36 KeyFile: testfile(t, testKeyFile), 37 InsecureSkipVerify: false, 38 } 39 40 cfg, err := ClientConfig(opts) 41 if err != nil { 42 t.Fatalf("error building tls client config: %v", err) 43 } 44 45 if got := len(cfg.Certificates); got != 1 { 46 t.Fatalf("expecting 1 client certificates, got %d", got) 47 } 48 if cfg.InsecureSkipVerify { 49 t.Fatalf("insecure skip verify mismatch, expecting false") 50 } 51 if cfg.RootCAs == nil { 52 t.Fatalf("mismatch tls RootCAs, expecting non-nil") 53 } 54 } 55 56 func testfile(t *testing.T, file string) (path string) { 57 var err error 58 if path, err = filepath.Abs(filepath.Join(tlsTestDir, file)); err != nil { 59 t.Fatalf("error getting absolute path to test file %q: %v", file, err) 60 } 61 return path 62 } 63 64 func TestNewClientTLS(t *testing.T) { 65 certFile := testfile(t, testCertFile) 66 keyFile := testfile(t, testKeyFile) 67 caCertFile := testfile(t, testCaCertFile) 68 69 cfg, err := NewClientTLS(certFile, keyFile, caCertFile) 70 if err != nil { 71 t.Error(err) 72 } 73 74 if got := len(cfg.Certificates); got != 1 { 75 t.Fatalf("expecting 1 client certificates, got %d", got) 76 } 77 if cfg.InsecureSkipVerify { 78 t.Fatalf("insecure skip verify mismatch, expecting false") 79 } 80 if cfg.RootCAs == nil { 81 t.Fatalf("mismatch tls RootCAs, expecting non-nil") 82 } 83 84 cfg, err = NewClientTLS("", "", caCertFile) 85 if err != nil { 86 t.Error(err) 87 } 88 89 if got := len(cfg.Certificates); got != 0 { 90 t.Fatalf("expecting 0 client certificates, got %d", got) 91 } 92 if cfg.InsecureSkipVerify { 93 t.Fatalf("insecure skip verify mismatch, expecting false") 94 } 95 if cfg.RootCAs == nil { 96 t.Fatalf("mismatch tls RootCAs, expecting non-nil") 97 } 98 99 cfg, err = NewClientTLS(certFile, keyFile, "") 100 if err != nil { 101 t.Error(err) 102 } 103 104 if got := len(cfg.Certificates); got != 1 { 105 t.Fatalf("expecting 1 client certificates, got %d", got) 106 } 107 if cfg.InsecureSkipVerify { 108 t.Fatalf("insecure skip verify mismatch, expecting false") 109 } 110 if cfg.RootCAs != nil { 111 t.Fatalf("mismatch tls RootCAs, expecting nil") 112 } 113 }