go.ligato.io/vpp-agent/v3@v3.5.0/cmd/agentctl/cli/config_test.go

go.ligato.io/vpp-agent/v3@v3.5.0/cmd/agentctl/cli/config_test.go (about)

     1  //  Copyright (c) 2019 Cisco and/or its affiliates.
     2  //
     3  //  Licensed under the Apache License, Version 2.0 (the "License");
     4  //  you may not use this file except in compliance with the License.
     5  //  You may obtain a copy of the License at:
     6  //
     7  //      http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  //  Unless required by applicable law or agreed to in writing, software
    10  //  distributed under the License is distributed on an "AS IS" BASIS,
    11  //  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  //  See the License for the specific language governing permissions and
    13  //  limitations under the License.
    14  
    15  package cli
    16  
    17  import (
    18  	"reflect"
    19  	"testing"
    20  )
    21  
    22  func TestAdjustSecurity(t *testing.T) {
    23  	// "want" will be compared with result of calling "adjustSecurity" function  with "insecureTLS" set to true.
    24  	tests := map[string]struct {
    25  		cfg  *TLSConfig
    26  		want *TLSConfig
    27  	}{
    28  		"nil cfg": {
    29  			cfg:  nil,
    30  			want: &TLSConfig{SkipVerify: true},
    31  		},
    32  
    33  		"empty cfg": {
    34  			cfg:  &TLSConfig{},
    35  			want: &TLSConfig{SkipVerify: true},
    36  		},
    37  
    38  		"disabled + dont skip verify": {
    39  			cfg: &TLSConfig{
    40  				Disabled: true, CertFile: "/cert.pem", KeyFile: "/key.pem", CAFile: "/ca.pem", SkipVerify: false,
    41  			},
    42  			want: &TLSConfig{
    43  				Disabled: false, SkipVerify: true,
    44  			},
    45  		},
    46  
    47  		"disabled + skip verify": {
    48  			cfg: &TLSConfig{
    49  				Disabled: true, CertFile: "/cert.pem", KeyFile: "/key.pem", CAFile: "/ca.pem", SkipVerify: true,
    50  			},
    51  			want: &TLSConfig{
    52  				Disabled: false, SkipVerify: true,
    53  			},
    54  		},
    55  
    56  		"not disabled + dont skip verify": {
    57  			cfg: &TLSConfig{
    58  				Disabled: false, CertFile: "/cert.pem", KeyFile: "/key.pem", CAFile: "/ca.pem", SkipVerify: false,
    59  			},
    60  			want: &TLSConfig{
    61  				Disabled: false, CertFile: "/cert.pem", KeyFile: "/key.pem", CAFile: "/ca.pem", SkipVerify: true,
    62  			},
    63  		},
    64  
    65  		"not disabled + skip verify": {
    66  			cfg: &TLSConfig{
    67  				Disabled: false, CertFile: "/cert.pem", KeyFile: "/key.pem", CAFile: "/ca.pem", SkipVerify: true,
    68  			},
    69  			want: &TLSConfig{
    70  				Disabled: false, CertFile: "/cert.pem", KeyFile: "/key.pem", CAFile: "/ca.pem", SkipVerify: true,
    71  			},
    72  		},
    73  	}
    74  
    75  	for name, tc := range tests {
    76  		// Do not expect any changes for case when "insecureTLS" param is false.
    77  		got := adjustSecurity("dummy", false, tc.cfg)
    78  		if !reflect.DeepEqual(tc.cfg, got) {
    79  			t.Fatalf("%s (insecureTLS = false): expected: %v, got: %v", name, tc.cfg, got)
    80  		}
    81  
    82  		got = adjustSecurity("dummy", true, tc.cfg)
    83  		if !reflect.DeepEqual(tc.want, got) {
    84  			t.Fatalf("%s (insecureTLS = true): expected: %v, got: %v", name, tc.want, got)
    85  		}
    86  	}
    87  }