From 39cc63a205b070f98083ed9cd32987541a5e8b4a Mon Sep 17 00:00:00 2001
From: Joshua Mathianas <mathianasj@idsysapps.com>
Date: Thu, 16 Jan 2020 11:34:44 -0500
Subject: [PATCH] resolve failing unit tests

Signed-off-by: Joshua Mathianas <mathianasj@gmail.com>
---
 pkg/util/pki/csr.go | 39 +++++++++++++++++++++++++--------------
 1 file changed, 25 insertions(+), 14 deletions(-)

diff --git a/pkg/util/pki/csr.go b/pkg/util/pki/csr.go
index 00f57cebf..7767d42fc 100644
--- a/pkg/util/pki/csr.go
+++ b/pkg/util/pki/csr.go
@@ -134,6 +134,15 @@ func OrganizationForCertificate(crt *v1alpha2.Certificate) []string {
 	return crt.Spec.Organization
 }
 
+// SubjectForCertificate will return the Subject from the Certificate resource or an empty one if it is not set
+func SubjectForCertificate(crt *v1alpha2.Certificate) v1alpha2.X509Subject {
+	if crt.Spec.Subject == nil {
+		return v1alpha2.X509Subject{}
+	}
+
+	return *crt.Spec.Subject
+}
+
 var serialNumberLimit = new(big.Int).Lsh(big.NewInt(1), 128)
 
 func BuildKeyUsages(usages []v1alpha2.KeyUsage, isCA bool) (ku x509.KeyUsage, eku []x509.ExtKeyUsage, err error) {
@@ -167,6 +176,7 @@ func GenerateCSR(crt *v1alpha2.Certificate) (*x509.CertificateRequest, error) {
 	commonName := crt.Spec.CommonName
 	iPAddresses := IPAddressesForCertificate(crt)
 	organization := OrganizationForCertificate(crt)
+	subject := SubjectForCertificate(crt)
 
 	dnsNames, err := DNSNamesForCertificate(crt)
 	if err != nil {
@@ -192,14 +202,14 @@ func GenerateCSR(crt *v1alpha2.Certificate) (*x509.CertificateRequest, error) {
 		SignatureAlgorithm: sigAlgo,
 		PublicKeyAlgorithm: pubKeyAlgo,
 		Subject: pkix.Name{
-			Country:            crt.Spec.Subject.Countries,
+			Country:            subject.Countries,
 			Organization:       organization,
-			OrganizationalUnit: crt.Spec.Subject.OrganizationalUnits,
-			Locality:           crt.Spec.Subject.Localities,
-			Province:           crt.Spec.Subject.Provinces,
-			StreetAddress:      crt.Spec.Subject.StreetAddresses,
-			PostalCode:         crt.Spec.Subject.PostalCodes,
-			SerialNumber:       crt.Spec.Subject.SerialNumber,
+			OrganizationalUnit: subject.OrganizationalUnits,
+			Locality:           subject.Localities,
+			Province:           subject.Provinces,
+			StreetAddress:      subject.StreetAddresses,
+			PostalCode:         subject.PostalCodes,
+			SerialNumber:       subject.SerialNumber,
 			CommonName:         commonName,
 		},
 		DNSNames:    dnsNames,
@@ -219,6 +229,7 @@ func GenerateTemplate(crt *v1alpha2.Certificate) (*x509.Certificate, error) {
 	dnsNames := crt.Spec.DNSNames
 	ipAddresses := IPAddressesForCertificate(crt)
 	organization := OrganizationForCertificate(crt)
+	subject := SubjectForCertificate(crt)
 	keyUsages, extKeyUsages, err := BuildKeyUsages(crt.Spec.Usages, crt.Spec.IsCA)
 	if err != nil {
 		return nil, err
@@ -247,14 +258,14 @@ func GenerateTemplate(crt *v1alpha2.Certificate) (*x509.Certificate, error) {
 		PublicKeyAlgorithm:    pubKeyAlgo,
 		IsCA:                  crt.Spec.IsCA,
 		Subject: pkix.Name{
-			Country:            crt.Spec.Subject.Countries,
+			Country:            subject.Countries,
 			Organization:       organization,
-			OrganizationalUnit: crt.Spec.Subject.OrganizationalUnits,
-			Locality:           crt.Spec.Subject.Localities,
-			Province:           crt.Spec.Subject.Provinces,
-			StreetAddress:      crt.Spec.Subject.StreetAddresses,
-			PostalCode:         crt.Spec.Subject.PostalCodes,
-			SerialNumber:       crt.Spec.Subject.SerialNumber,
+			OrganizationalUnit: subject.OrganizationalUnits,
+			Locality:           subject.Localities,
+			Province:           subject.Provinces,
+			StreetAddress:      subject.StreetAddresses,
+			PostalCode:         subject.PostalCodes,
+			SerialNumber:       subject.SerialNumber,
 			CommonName:         commonName,
 		},
 		NotBefore: time.Now(),