From 368c7659ee1380afb635c9f851d004e40f04e2f9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ma=C3=ABl=20Valais?= Date: Thu, 15 Jul 2021 20:33:56 +0200 Subject: [PATCH] gateway-shim: test: two different secrets create two Certificates MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Maƫl Valais --- pkg/controller/certificate-shim/sync_test.go | 85 ++++++++++++++++++++ 1 file changed, 85 insertions(+) diff --git a/pkg/controller/certificate-shim/sync_test.go b/pkg/controller/certificate-shim/sync_test.go index 280668123..edbc577bf 100644 --- a/pkg/controller/certificate-shim/sync_test.go +++ b/pkg/controller/certificate-shim/sync_test.go @@ -2206,6 +2206,91 @@ func TestSync(t *testing.T) { }, }, }, + { + Name: "if a Gateway contains two listeners with different Secret names, it should create two Certificates", + Issuer: acmeIssuer, + IssuerLister: []runtime.Object{acmeIssuer}, + IngressLike: &gwapi.Gateway{ + ObjectMeta: metav1.ObjectMeta{ + Name: "gateway-name", + Namespace: gen.DefaultTestNamespace, + Annotations: map[string]string{ + cmapi.IngressIssuerNameAnnotationKey: "issuer-name", + cmapi.IssuerKindAnnotationKey: "Issuer", + cmapi.IssuerGroupAnnotationKey: "cert-manager.io", + }, + UID: types.UID("gateway-name"), + }, + Spec: gwapi.GatewaySpec{ + GatewayClassName: "test-gateway", + Listeners: []gwapi.Listener{{ + Hostname: ptrHostname("foo.example.com"), + Port: 443, + Protocol: "HTTPS", + TLS: &gwapi.GatewayTLSConfig{ + Mode: ptrMode(gwapi.TLSModeTerminate), + CertificateRef: &gwapi.LocalObjectReference{ + Group: "core", + Kind: "Secret", + Name: "foo-example-com-tls", + }, + }, + }, { + Hostname: ptrHostname("bar.example.com"), + Port: 443, + Protocol: "HTTPS", + TLS: &gwapi.GatewayTLSConfig{ + Mode: ptrMode(gwapi.TLSModeTerminate), + CertificateRef: &gwapi.LocalObjectReference{ + Group: "core", + Kind: "Secret", + Name: "bar-example-com-tls", + }, + }, + }}, + }, + }, + ExpectedEvents: []string{ + `Normal CreateCertificate Successfully created Certificate "foo-example-com-tls"`, + `Normal CreateCertificate Successfully created Certificate "bar-example-com-tls"`, + }, + ExpectedCreate: []*cmapi.Certificate{ + { + ObjectMeta: metav1.ObjectMeta{ + Name: "foo-example-com-tls", + Namespace: gen.DefaultTestNamespace, + OwnerReferences: buildGatewayOwnerReferences("gateway-name", gen.DefaultTestNamespace), + }, + Spec: cmapi.CertificateSpec{ + DNSNames: []string{"foo.example.com"}, + SecretName: "foo-example-com-tls", + IssuerRef: cmmeta.ObjectReference{ + Name: "issuer-name", + Kind: "Issuer", + Group: "cert-manager.io", + }, + Usages: cmapi.DefaultKeyUsages(), + }, + }, + { + ObjectMeta: metav1.ObjectMeta{ + Name: "bar-example-com-tls", + Namespace: gen.DefaultTestNamespace, + OwnerReferences: buildGatewayOwnerReferences("gateway-name", gen.DefaultTestNamespace), + }, + Spec: cmapi.CertificateSpec{ + DNSNames: []string{"bar.example.com"}, + SecretName: "bar-example-com-tls", + IssuerRef: cmmeta.ObjectReference{ + Name: "issuer-name", + Kind: "Issuer", + Group: "cert-manager.io", + }, + Usages: cmapi.DefaultKeyUsages(), + }, + }, + }, + }, { Name: "Failure to translate the Gateway annotations", Issuer: acmeIssuer,