deduplicate logic in CertificateHasCondition, WaitForCertificateReady & add WaitForCertificateReadyUpdate for testing Certificate update operations
Signed-off-by: Inteon <42113979+inteon@users.noreply.github.com>
This commit is contained in:
Inteon
parent
de70e2e917
commit
879108d9e4
@ -96,9 +96,10 @@ func SetIssuerCondition(i cmapi.GenericIssuer, observedGeneration int64, conditi
|
||||
}
|
||||
|
||||
// CertificateHasCondition will return true if the given Certificate has a
|
||||
// condition matching the provided CertificateCondition.
|
||||
// Only the Type and Status field will be used in the comparison, meaning that
|
||||
// this function will return 'true' even if the Reason, Message and
|
||||
// condition matching the provided CertificateCondition with a ObservedGeneration
|
||||
// that is bigger or equal to the ObservedGeneration of the provided CertificateCondition.
|
||||
// Only the Type, Status and ObservedGeneration field will be used in the comparison,
|
||||
// meaning that this function will return 'true' even if the Reason, Message and
|
||||
// LastTransitionTime fields do not match.
|
||||
func CertificateHasCondition(crt *cmapi.Certificate, c cmapi.CertificateCondition) bool {
|
||||
if crt == nil {
|
||||
@ -106,7 +107,7 @@ func CertificateHasCondition(crt *cmapi.Certificate, c cmapi.CertificateConditio
|
||||
}
|
||||
existingConditions := crt.Status.Conditions
|
||||
for _, cond := range existingConditions {
|
||||
if c.Type == cond.Type && c.Status == cond.Status {
|
||||
if c.Type == cond.Type && c.Status == cond.Status && c.ObservedGeneration <= cond.ObservedGeneration {
|
||||
return true
|
||||
}
|
||||
}
|
||||
|
||||
@ -27,6 +27,7 @@ go_library(
|
||||
"//test/e2e/framework/helper/validation/certificates:go_default_library",
|
||||
"//test/e2e/framework/helper/validation/certificatesigningrequests:go_default_library",
|
||||
"//test/e2e/framework/log:go_default_library",
|
||||
"//test/e2e/util:go_default_library",
|
||||
"@com_github_onsi_ginkgo//:go_default_library",
|
||||
"@io_k8s_api//certificates/v1:go_default_library",
|
||||
"@io_k8s_api//core/v1:go_default_library",
|
||||
|
||||
@ -29,7 +29,6 @@ import (
|
||||
corev1 "k8s.io/api/core/v1"
|
||||
|
||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
"k8s.io/apimachinery/pkg/util/wait"
|
||||
|
||||
apiutil "github.com/jetstack/cert-manager/pkg/api/util"
|
||||
cmapi "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1"
|
||||
@ -37,62 +36,50 @@ import (
|
||||
"github.com/jetstack/cert-manager/pkg/util"
|
||||
"github.com/jetstack/cert-manager/pkg/util/pki"
|
||||
"github.com/jetstack/cert-manager/test/e2e/framework/log"
|
||||
e2eutil "github.com/jetstack/cert-manager/test/e2e/util"
|
||||
)
|
||||
|
||||
// WaitForCertificateReady waits for the certificate resource to enter a Ready
|
||||
// state.
|
||||
func (h *Helper) WaitForCertificateReady(ns, name string, timeout time.Duration) (*cmapi.Certificate, error) {
|
||||
var certificate *cmapi.Certificate
|
||||
err := wait.PollImmediate(time.Second, timeout,
|
||||
func() (bool, error) {
|
||||
var err error
|
||||
log.Logf("Waiting for Certificate %v to be ready", name)
|
||||
certificate, err = h.CMClient.CertmanagerV1().Certificates(ns).Get(context.TODO(), name, metav1.GetOptions{})
|
||||
if err != nil {
|
||||
return false, fmt.Errorf("error getting Certificate %v: %v", name, err)
|
||||
}
|
||||
isReady := apiutil.CertificateHasCondition(certificate, cmapi.CertificateCondition{
|
||||
Type: cmapi.CertificateConditionReady,
|
||||
Status: cmmeta.ConditionTrue,
|
||||
})
|
||||
if !isReady {
|
||||
log.Logf("Expected Certificate to have Ready condition 'true' but it has: %v", certificate.Status.Conditions)
|
||||
return false, nil
|
||||
}
|
||||
return true, nil
|
||||
},
|
||||
)
|
||||
|
||||
// return certificate even when error to use for debugging
|
||||
return certificate, err
|
||||
func (h *Helper) handleResult(ns, name string, cert *cmapi.Certificate, err error) (*cmapi.Certificate, error) {
|
||||
if err != nil {
|
||||
log.Logf("Error waiting for Certificate to become Ready: %v", err)
|
||||
h.Kubectl(ns).DescribeResource("certificate", name)
|
||||
h.Kubectl(ns).Describe("order", "challenge")
|
||||
h.describeCertificateRequestFromCertificate(ns, cert)
|
||||
}
|
||||
return cert, err
|
||||
}
|
||||
|
||||
// WaitForCertificateNotReady waits for the certificate resource to enter a
|
||||
// non-Ready state.
|
||||
func (h *Helper) WaitForCertificateNotReady(ns, name string, timeout time.Duration) (*cmapi.Certificate, error) {
|
||||
var certificate *cmapi.Certificate
|
||||
err := wait.PollImmediate(time.Second, timeout,
|
||||
func() (bool, error) {
|
||||
var err error
|
||||
log.Logf("Waiting for Certificate %v to be ready", name)
|
||||
certificate, err = h.CMClient.CertmanagerV1().Certificates(ns).Get(context.TODO(), name, metav1.GetOptions{})
|
||||
if err != nil {
|
||||
return false, fmt.Errorf("error getting Certificate %v: %v", name, err)
|
||||
}
|
||||
isReady := apiutil.CertificateHasCondition(certificate, cmapi.CertificateCondition{
|
||||
Type: cmapi.CertificateConditionReady,
|
||||
Status: cmmeta.ConditionFalse,
|
||||
})
|
||||
if !isReady {
|
||||
log.Logf("Expected Certificate to have Ready condition 'true' but it has: %v", certificate.Status.Conditions)
|
||||
return false, nil
|
||||
}
|
||||
return true, nil
|
||||
},
|
||||
)
|
||||
// WaitForCertificateReady waits for the certificate resource to enter a Ready state.
|
||||
func (h *Helper) WaitForCertificateReady(ns, name string, timeout time.Duration) (*cmapi.Certificate, error) {
|
||||
result, err := e2eutil.WaitForCertificateCondition(h.CMClient.CertmanagerV1().Certificates(ns), name, cmapi.CertificateCondition{
|
||||
Type: cmapi.CertificateConditionReady,
|
||||
Status: cmmeta.ConditionTrue,
|
||||
}, timeout)
|
||||
return h.handleResult(ns, name, result, err)
|
||||
}
|
||||
|
||||
// return certificate even when error to use for debugging
|
||||
return certificate, err
|
||||
// WaitForCertificateReadyUpdate waits for the certificate resource to enter a
|
||||
// Ready state. If the provided cert was in a Ready state already, the function
|
||||
// waits for a state transition to have happened.
|
||||
func (h *Helper) WaitForCertificateReadyUpdate(cert *cmapi.Certificate, timeout time.Duration) (*cmapi.Certificate, error) {
|
||||
result, err := e2eutil.WaitForCertificateCondition(h.CMClient.CertmanagerV1().Certificates(cert.Namespace), cert.Name, cmapi.CertificateCondition{
|
||||
Type: cmapi.CertificateConditionReady,
|
||||
Status: cmmeta.ConditionTrue,
|
||||
ObservedGeneration: cert.Generation,
|
||||
}, timeout)
|
||||
return h.handleResult(cert.Namespace, cert.Name, result, err)
|
||||
}
|
||||
|
||||
// WaitForCertificateReadyUpdate waits for the certificate resource to enter a
|
||||
// Ready=False state. If the provided cert was in a Ready=False state already,
|
||||
// the function waits for a state transition to have happened.
|
||||
func (h *Helper) WaitForCertificateNotReadyUpdate(cert *cmapi.Certificate, timeout time.Duration) (*cmapi.Certificate, error) {
|
||||
result, err := e2eutil.WaitForCertificateCondition(h.CMClient.CertmanagerV1().Certificates(cert.Namespace), cert.Name, cmapi.CertificateCondition{
|
||||
Type: cmapi.CertificateConditionReady,
|
||||
Status: cmmeta.ConditionFalse,
|
||||
ObservedGeneration: cert.Generation,
|
||||
}, timeout)
|
||||
return h.handleResult(cert.Namespace, cert.Name, result, err)
|
||||
}
|
||||
|
||||
// ValidateIssuedCertificate will ensure that the given Certificate has a
|
||||
@ -280,17 +267,6 @@ func (h *Helper) deduplicateExtKeyUsages(us []x509.ExtKeyUsage) []x509.ExtKeyUsa
|
||||
return us
|
||||
}
|
||||
|
||||
func (h *Helper) WaitCertificateIssued(ns, name string, timeout time.Duration) error {
|
||||
certificate, err := h.WaitForCertificateReady(ns, name, timeout)
|
||||
if err != nil {
|
||||
log.Logf("Error waiting for Certificate to become Ready: %v", err)
|
||||
h.Kubectl(ns).DescribeResource("certificate", name)
|
||||
h.Kubectl(ns).Describe("order", "challenge")
|
||||
h.describeCertificateRequestFromCertificate(ns, certificate)
|
||||
}
|
||||
return err
|
||||
}
|
||||
|
||||
func (h *Helper) defaultKeyUsagesToAdd(ns string, issuerRef *cmmeta.ObjectReference) (x509.KeyUsage, []x509.ExtKeyUsage, error) {
|
||||
var issuerSpec *cmapi.IssuerSpec
|
||||
switch issuerRef.Kind {
|
||||
|
||||
@ -47,7 +47,6 @@ func runACMEIssuerTests(eab *cmacme.ACMEExternalAccountBinding) {
|
||||
// unsupportedHTTP01Features is a list of features that are not supported by the ACME
|
||||
// issuer type using HTTP01
|
||||
var unsupportedHTTP01Features = featureset.NewFeatureSet(
|
||||
featureset.IPAddressFeature,
|
||||
featureset.DurationFeature,
|
||||
featureset.WildcardsFeature,
|
||||
featureset.URISANsFeature,
|
||||
@ -79,6 +78,7 @@ func runACMEIssuerTests(eab *cmacme.ACMEExternalAccountBinding) {
|
||||
|
||||
(&certificates.Suite{
|
||||
Name: "ACME HTTP01 Issuer",
|
||||
UseIngressIPAddress: true,
|
||||
CreateIssuerFunc: provisionerHTTP01.createHTTP01Issuer,
|
||||
DeleteIssuerFunc: provisionerHTTP01.delete,
|
||||
UnsupportedFeatures: unsupportedHTTP01Features,
|
||||
@ -94,6 +94,7 @@ func runACMEIssuerTests(eab *cmacme.ACMEExternalAccountBinding) {
|
||||
|
||||
(&certificates.Suite{
|
||||
Name: "ACME HTTP01 ClusterIssuer",
|
||||
UseIngressIPAddress: true,
|
||||
CreateIssuerFunc: provisionerHTTP01.createHTTP01ClusterIssuer,
|
||||
DeleteIssuerFunc: provisionerHTTP01.delete,
|
||||
UnsupportedFeatures: unsupportedHTTP01Features,
|
||||
|
||||
@ -54,6 +54,12 @@ type Suite struct {
|
||||
// nginx-ingress addon.
|
||||
DomainSuffix string
|
||||
|
||||
// UseIngressIPAddress indicates that the IPAddress used
|
||||
// for generating certificates should be the IngressIP.
|
||||
// The ACME tests need this, so the challenges against the
|
||||
// IPAddress will complete successfully.
|
||||
UseIngressIPAddress bool
|
||||
|
||||
// UnsupportedFeatures is a list of features that are not supported by this
|
||||
// invocation of the test suite.
|
||||
// This is useful if a particular issuers explicitly does not support
|
||||
@ -66,9 +72,13 @@ type Suite struct {
|
||||
|
||||
// complete will validate configuration and set default values.
|
||||
func (s *Suite) complete(f *framework.Framework) {
|
||||
// TODO: work out how to fail an entire 'Describe' block so we can validate these are correctly set
|
||||
//Expect(s.Name).NotTo(Equal(""), "Name must be set")
|
||||
//Expect(s.CreateIssuerFunc).NotTo(BeNil(), "CreateIssuerFunc must be set")
|
||||
if s.Name == "" {
|
||||
Fail("Name must be set")
|
||||
}
|
||||
|
||||
if s.CreateIssuerFunc == nil {
|
||||
Fail("CreateIssuerFunc must be set")
|
||||
}
|
||||
|
||||
if s.DomainSuffix == "" {
|
||||
s.DomainSuffix = f.Config.Addons.IngressController.Domain
|
||||
|
||||
@ -44,13 +44,20 @@ func (s *Suite) Define() {
|
||||
ctx := context.Background()
|
||||
f := framework.NewDefaultFramework("certificates")
|
||||
|
||||
// wrap this in a BeforeEach else flags will not have been parsed at
|
||||
// the time that the `complete` function is called.
|
||||
sharedIPAddress := "127.0.0.1"
|
||||
|
||||
BeforeEach(func() {
|
||||
if !s.completed {
|
||||
s.complete(f)
|
||||
if s.completed {
|
||||
return
|
||||
}
|
||||
|
||||
s.complete(f)
|
||||
|
||||
if s.UseIngressIPAddress {
|
||||
sharedIPAddress = f.Config.Addons.ACMEServer.IngressIP
|
||||
}
|
||||
})
|
||||
|
||||
By("Running test suite with the following unsupported features: " + s.UnsupportedFeatures.String())
|
||||
|
||||
s.it(f, "should issue a basic, defaulted certificate for a single distinct DNS Name", func(issuerRef cmmeta.ObjectReference) {
|
||||
@ -70,7 +77,7 @@ func (s *Suite) Define() {
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Waiting for the Certificate to be issued...")
|
||||
err = f.Helper().WaitCertificateIssued(f.Namespace.Name, "testcert", time.Minute*5)
|
||||
_, err = f.Helper().WaitForCertificateReady(f.Namespace.Name, "testcert", time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Validating the issued Certificate...")
|
||||
@ -98,7 +105,7 @@ func (s *Suite) Define() {
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Waiting for the Certificate to be issued...")
|
||||
err = f.Helper().WaitCertificateIssued(f.Namespace.Name, "testcert", time.Minute*5)
|
||||
_, err = f.Helper().WaitForCertificateReady(f.Namespace.Name, "testcert", time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Validating the issued Certificate...")
|
||||
@ -127,7 +134,7 @@ func (s *Suite) Define() {
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Waiting for the Certificate to be issued...")
|
||||
err = f.Helper().WaitCertificateIssued(f.Namespace.Name, "testcert", time.Minute*5)
|
||||
_, err = f.Helper().WaitForCertificateReady(f.Namespace.Name, "testcert", time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Validating the issued Certificate...")
|
||||
@ -159,7 +166,7 @@ func (s *Suite) Define() {
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Waiting for the Certificate to be issued...")
|
||||
err = f.Helper().WaitCertificateIssued(f.Namespace.Name, "testcert", time.Minute*5)
|
||||
_, err = f.Helper().WaitForCertificateReady(f.Namespace.Name, "testcert", time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Validating the issued Certificate...")
|
||||
@ -191,7 +198,7 @@ func (s *Suite) Define() {
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Waiting for the Certificate to be issued...")
|
||||
err = f.Helper().WaitCertificateIssued(f.Namespace.Name, "testcert", time.Minute*5)
|
||||
_, err = f.Helper().WaitForCertificateReady(f.Namespace.Name, "testcert", time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Validating the issued Certificate...")
|
||||
@ -212,7 +219,7 @@ func (s *Suite) Define() {
|
||||
Spec: cmapi.CertificateSpec{
|
||||
SecretName: "testcert-tls",
|
||||
CommonName: cn,
|
||||
IPAddresses: []string{"127.0.0.1"},
|
||||
IPAddresses: []string{sharedIPAddress},
|
||||
IssuerRef: issuerRef,
|
||||
},
|
||||
}
|
||||
@ -221,7 +228,7 @@ func (s *Suite) Define() {
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Waiting for the Certificate to be issued...")
|
||||
err = f.Helper().WaitCertificateIssued(f.Namespace.Name, "testcert", time.Minute*5)
|
||||
_, err = f.Helper().WaitForCertificateReady(f.Namespace.Name, "testcert", time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Validating the issued Certificate...")
|
||||
@ -246,7 +253,7 @@ func (s *Suite) Define() {
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Waiting for the Certificate to be issued...")
|
||||
err = f.Helper().WaitCertificateIssued(f.Namespace.Name, "testcert", time.Minute*5)
|
||||
_, err = f.Helper().WaitForCertificateReady(f.Namespace.Name, "testcert", time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Validating the issued Certificate...")
|
||||
@ -276,7 +283,7 @@ func (s *Suite) Define() {
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Waiting for the Certificate to be issued...")
|
||||
err = f.Helper().WaitCertificateIssued(f.Namespace.Name, "testcert", time.Minute*5)
|
||||
_, err = f.Helper().WaitForCertificateReady(f.Namespace.Name, "testcert", time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Validating the issued Certificate...")
|
||||
@ -305,7 +312,7 @@ func (s *Suite) Define() {
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Waiting for the Certificate to be issued...")
|
||||
err = f.Helper().WaitCertificateIssued(f.Namespace.Name, "testcert", time.Minute*5)
|
||||
_, err = f.Helper().WaitForCertificateReady(f.Namespace.Name, "testcert", time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Validating the issued Certificate...")
|
||||
@ -332,7 +339,7 @@ func (s *Suite) Define() {
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Waiting for the Certificate to be issued...")
|
||||
err = f.Helper().WaitCertificateIssued(f.Namespace.Name, "testcert", time.Minute*5)
|
||||
_, err = f.Helper().WaitForCertificateReady(f.Namespace.Name, "testcert", time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Validating the issued Certificate...")
|
||||
@ -360,7 +367,7 @@ func (s *Suite) Define() {
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Waiting for the Certificate to be issued...")
|
||||
err = f.Helper().WaitCertificateIssued(f.Namespace.Name, "testcert", time.Minute*5)
|
||||
_, err = f.Helper().WaitForCertificateReady(f.Namespace.Name, "testcert", time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Validating the issued Certificate...")
|
||||
@ -392,7 +399,7 @@ func (s *Suite) Define() {
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Waiting for the Certificate to be issued...")
|
||||
err = f.Helper().WaitCertificateIssued(f.Namespace.Name, "testcert", time.Minute*5)
|
||||
_, err = f.Helper().WaitForCertificateReady(f.Namespace.Name, "testcert", time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Validating the issued Certificate...")
|
||||
@ -419,7 +426,7 @@ func (s *Suite) Define() {
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Waiting for the Certificate to be issued...")
|
||||
err = f.Helper().WaitCertificateIssued(f.Namespace.Name, "testcert", time.Minute*5)
|
||||
_, err = f.Helper().WaitForCertificateReady(f.Namespace.Name, "testcert", time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Validating the issued Certificate...")
|
||||
@ -450,7 +457,7 @@ func (s *Suite) Define() {
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Waiting for the Certificate to be issued...")
|
||||
err = f.Helper().WaitCertificateIssued(f.Namespace.Name, "testcert", time.Minute*5)
|
||||
_, err = f.Helper().WaitForCertificateReady(f.Namespace.Name, "testcert", time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Validating the issued Certificate...")
|
||||
@ -484,7 +491,7 @@ func (s *Suite) Define() {
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Waiting for the Certificate to be issued...")
|
||||
err = f.Helper().WaitCertificateIssued(f.Namespace.Name, "testcert", time.Minute*5)
|
||||
_, err = f.Helper().WaitForCertificateReady(f.Namespace.Name, "testcert", time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Validating the issued Certificate...")
|
||||
@ -545,7 +552,7 @@ func (s *Suite) Define() {
|
||||
)).NotTo(HaveOccurred())
|
||||
|
||||
By("Waiting for the Certificate to be issued...")
|
||||
err = f.Helper().WaitCertificateIssued(f.Namespace.Name, certName, time.Minute*5)
|
||||
_, err = f.Helper().WaitForCertificateReady(f.Namespace.Name, certName, time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Validating the issued Certificate...")
|
||||
@ -581,7 +588,7 @@ func (s *Suite) Define() {
|
||||
)).NotTo(HaveOccurred())
|
||||
|
||||
By("Waiting for the Certificate to be issued...")
|
||||
err = f.Helper().WaitCertificateIssued(f.Namespace.Name, certName, time.Minute*5)
|
||||
_, err = f.Helper().WaitForCertificateReady(f.Namespace.Name, certName, time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
// Verify that the ingres-shim has translated all the supplied
|
||||
|
||||
@ -85,10 +85,22 @@ type Suite struct {
|
||||
|
||||
// complete will validate configuration and set default values.
|
||||
func (s *Suite) complete(f *framework.Framework) {
|
||||
if s.Name == "" {
|
||||
Fail("Name must be set")
|
||||
}
|
||||
|
||||
if s.CreateIssuerFunc == nil {
|
||||
Fail("CreateIssuerFunc must be set")
|
||||
}
|
||||
|
||||
if s.DomainSuffix == "" {
|
||||
s.DomainSuffix = f.Config.Addons.IngressController.Domain
|
||||
}
|
||||
|
||||
if s.UnsupportedFeatures == nil {
|
||||
s.UnsupportedFeatures = make(featureset.FeatureSet)
|
||||
}
|
||||
|
||||
s.completed = true
|
||||
}
|
||||
|
||||
|
||||
@ -51,14 +51,7 @@ func (s *Suite) Define() {
|
||||
ctx := context.Background()
|
||||
f := framework.NewDefaultFramework("certificatesigningrequests")
|
||||
|
||||
// wrap this in a BeforeEach else flags will not have been parsed at
|
||||
// the time that the `complete` function is called.
|
||||
BeforeEach(func() {
|
||||
if !s.completed {
|
||||
s.complete(f)
|
||||
}
|
||||
})
|
||||
|
||||
sharedCommonName := "<SHOULD_GET_REPLACED>"
|
||||
sharedURI, err := url.Parse("spiffe://cluster.local/ns/sandbox/sa/foo")
|
||||
if err != nil {
|
||||
// This should never happen, and is a bug. Panic to prevent garbage test
|
||||
@ -66,7 +59,15 @@ func (s *Suite) Define() {
|
||||
panic(err)
|
||||
}
|
||||
|
||||
sharedCommonName := e2eutil.RandomSubdomain(s.DomainSuffix)
|
||||
BeforeEach(func() {
|
||||
if s.completed {
|
||||
return
|
||||
}
|
||||
|
||||
s.complete(f)
|
||||
|
||||
sharedCommonName = e2eutil.RandomSubdomain(s.DomainSuffix)
|
||||
})
|
||||
|
||||
type testCase struct {
|
||||
keyAlgo x509.PublicKeyAlgorithm
|
||||
|
||||
@ -136,7 +136,7 @@ func testRFC2136DNSProvider() bool {
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Waiting for the Certificate to be issued...")
|
||||
err = f.Helper().WaitCertificateIssued(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
_, err = f.Helper().WaitForCertificateReady(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Validating the issued Certificate...")
|
||||
@ -158,7 +158,7 @@ func testRFC2136DNSProvider() bool {
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Waiting for the Certificate to be issued...")
|
||||
err = f.Helper().WaitCertificateIssued(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
_, err = f.Helper().WaitForCertificateReady(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Validating the issued Certificate...")
|
||||
@ -180,7 +180,7 @@ func testRFC2136DNSProvider() bool {
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
// use a longer timeout for this, as it requires performing 2 dns validations in serial
|
||||
By("Waiting for the Certificate to be issued...")
|
||||
err = f.Helper().WaitCertificateIssued(f.Namespace.Name, certificateName, time.Minute*10)
|
||||
_, err = f.Helper().WaitForCertificateReady(f.Namespace.Name, certificateName, time.Minute*10)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Validating the issued Certificate...")
|
||||
|
||||
@ -51,7 +51,6 @@ const foreverTestTimeout = time.Second * 60
|
||||
|
||||
var _ = framework.CertManagerDescribe("ACME Certificate (HTTP01)", func() {
|
||||
f := framework.NewDefaultFramework("create-acme-certificate-http01")
|
||||
h := f.Helper()
|
||||
|
||||
var acmeIngressDomain string
|
||||
issuerName := "test-acme-issuer"
|
||||
@ -150,7 +149,7 @@ var _ = framework.CertManagerDescribe("ACME Certificate (HTTP01)", func() {
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Waiting for the Certificate to be issued...")
|
||||
err = f.Helper().WaitCertificateIssued(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
_, err = f.Helper().WaitForCertificateReady(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Validating the issued Certificate...")
|
||||
@ -175,7 +174,7 @@ var _ = framework.CertManagerDescribe("ACME Certificate (HTTP01)", func() {
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Waiting for the Certificate to be issued...")
|
||||
err = f.Helper().WaitCertificateIssued(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
_, err = f.Helper().WaitForCertificateReady(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Validating the issued Certificate...")
|
||||
@ -202,7 +201,7 @@ var _ = framework.CertManagerDescribe("ACME Certificate (HTTP01)", func() {
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Waiting for the Certificate to be issued...")
|
||||
err = f.Helper().WaitCertificateIssued(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
_, err = f.Helper().WaitForCertificateReady(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Validating the issued Certificate...")
|
||||
@ -226,7 +225,7 @@ var _ = framework.CertManagerDescribe("ACME Certificate (HTTP01)", func() {
|
||||
By("Verifying the Certificate is valid")
|
||||
|
||||
By("Waiting for the Certificate to be issued...")
|
||||
err = f.Helper().WaitCertificateIssued(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
_, err = f.Helper().WaitForCertificateReady(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Validating the issued Certificate...")
|
||||
@ -251,7 +250,7 @@ var _ = framework.CertManagerDescribe("ACME Certificate (HTTP01)", func() {
|
||||
By("Verifying the Certificate is valid")
|
||||
|
||||
By("Waiting for the Certificate to be issued...")
|
||||
err = f.Helper().WaitCertificateIssued(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
_, err = f.Helper().WaitForCertificateReady(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Validating the issued Certificate...")
|
||||
@ -270,14 +269,8 @@ var _ = framework.CertManagerDescribe("ACME Certificate (HTTP01)", func() {
|
||||
cert, err = certClient.Update(context.TODO(), cert, metav1.UpdateOptions{})
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Waiting for the Certificate to be not ready")
|
||||
_, err = h.WaitForCertificateNotReady(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Waiting for the Certificate to become ready & valid")
|
||||
|
||||
By("Waiting for the Certificate to be issued...")
|
||||
err = f.Helper().WaitCertificateIssued(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
By("Waiting for the Certificate Ready condition to be updated")
|
||||
_, err = f.Helper().WaitForCertificateReadyUpdate(cert, time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Validating the issued Certificate...")
|
||||
@ -322,7 +315,7 @@ var _ = framework.CertManagerDescribe("ACME Certificate (HTTP01)", func() {
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Waiting for the Certificate to be not ready")
|
||||
_, err = h.WaitForCertificateNotReady(f.Namespace.Name, certificateName, 30*time.Second)
|
||||
_, err = f.Helper().WaitForCertificateNotReadyUpdate(cert, 30*time.Second)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Getting the latest version of the Certificate")
|
||||
@ -335,7 +328,7 @@ var _ = framework.CertManagerDescribe("ACME Certificate (HTTP01)", func() {
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Waiting for the Certificate to have the Ready=True condition")
|
||||
err = f.Helper().WaitCertificateIssued(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
_, err = f.Helper().WaitForCertificateReadyUpdate(cert, time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Sanity checking the issued Certificate")
|
||||
@ -390,7 +383,7 @@ var _ = framework.CertManagerDescribe("ACME Certificate (HTTP01)", func() {
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Waiting for the Certificate to be issued...")
|
||||
err = f.Helper().WaitCertificateIssued(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
_, err = f.Helper().WaitForCertificateReady(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Validating the issued Certificate...")
|
||||
@ -399,7 +392,6 @@ var _ = framework.CertManagerDescribe("ACME Certificate (HTTP01)", func() {
|
||||
})
|
||||
|
||||
It("should obtain a signed certificate with a single CN from the ACME server when redirected", func() {
|
||||
|
||||
certClient := f.CertManagerClientSet.CertmanagerV1().Certificates(f.Namespace.Name)
|
||||
|
||||
// force-ssl-redirect should make every request turn into a redirect,
|
||||
@ -429,7 +421,7 @@ var _ = framework.CertManagerDescribe("ACME Certificate (HTTP01)", func() {
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Waiting for the Certificate to be issued...")
|
||||
err = f.Helper().WaitCertificateIssued(f.Namespace.Name, dummycert, time.Minute*5)
|
||||
_, err = f.Helper().WaitForCertificateReady(f.Namespace.Name, dummycert, time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Validating the issued Certificate...")
|
||||
@ -494,7 +486,7 @@ var _ = framework.CertManagerDescribe("ACME Certificate (HTTP01)", func() {
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Waiting for the Certificate to be issued...")
|
||||
err = f.Helper().WaitCertificateIssued(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
_, err = f.Helper().WaitForCertificateReady(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Validating the issued Certificate...")
|
||||
@ -548,7 +540,7 @@ var _ = framework.CertManagerDescribe("ACME Certificate (HTTP01)", func() {
|
||||
// were to ask us for the challenge after the pod was killed, but because
|
||||
// we kill it so early, we should always be in the self-check phase
|
||||
By("Waiting for the Certificate to be issued...")
|
||||
err = f.Helper().WaitCertificateIssued(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
_, err = f.Helper().WaitForCertificateReady(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Validating the issued Certificate...")
|
||||
@ -571,7 +563,7 @@ var _ = framework.CertManagerDescribe("ACME Certificate (HTTP01)", func() {
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Waiting for the Certificate to be issued...")
|
||||
err = f.Helper().WaitCertificateIssued(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
_, err = f.Helper().WaitForCertificateReady(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Validating the issued Certificate...")
|
||||
@ -595,7 +587,7 @@ var _ = framework.CertManagerDescribe("ACME Certificate (HTTP01)", func() {
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Waiting for the Certificate to be issued...")
|
||||
err = f.Helper().WaitCertificateIssued(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
_, err = f.Helper().WaitForCertificateReady(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Validating the issued Certificate...")
|
||||
@ -618,7 +610,7 @@ var _ = framework.CertManagerDescribe("ACME Certificate (HTTP01)", func() {
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Waiting for the Certificate to be issued...")
|
||||
err = f.Helper().WaitCertificateIssued(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
_, err = f.Helper().WaitForCertificateReady(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Validating the issued Certificate...")
|
||||
@ -637,12 +629,8 @@ var _ = framework.CertManagerDescribe("ACME Certificate (HTTP01)", func() {
|
||||
cert, err = certClient.Update(context.TODO(), cert, metav1.UpdateOptions{})
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Waiting for the Certificate to be not ready")
|
||||
_, err = h.WaitForCertificateNotReady(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Waiting for the Certificate to be issued...")
|
||||
err = f.Helper().WaitCertificateIssued(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
By("Waiting for the Certificate Ready condition to be updated")
|
||||
_, err = f.Helper().WaitForCertificateReadyUpdate(cert, time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Validating the issued Certificate...")
|
||||
|
||||
@ -143,7 +143,7 @@ var _ = framework.CertManagerDescribe("ACME Certificate (HTTP01 + Not After)", f
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Waiting for the Certificate to be issued...")
|
||||
err = f.Helper().WaitCertificateIssued(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
_, err = f.Helper().WaitForCertificateReady(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Validating the issued Certificate...")
|
||||
|
||||
@ -77,7 +77,7 @@ var _ = framework.CertManagerDescribe("CA Certificate", func() {
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
By("Verifying the Certificate is valid")
|
||||
By("Waiting for the Certificate to be issued...")
|
||||
err = f.Helper().WaitCertificateIssued(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
_, err = f.Helper().WaitForCertificateReady(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Validating the issued Certificate...")
|
||||
@ -97,7 +97,7 @@ var _ = framework.CertManagerDescribe("CA Certificate", func() {
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Waiting for the Certificate to be issued...")
|
||||
err = f.Helper().WaitCertificateIssued(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
_, err = f.Helper().WaitForCertificateReady(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Validating the issued Certificate...")
|
||||
@ -116,7 +116,7 @@ var _ = framework.CertManagerDescribe("CA Certificate", func() {
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Waiting for the Certificate to be issued...")
|
||||
err = f.Helper().WaitCertificateIssued(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
_, err = f.Helper().WaitForCertificateReady(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Validating the issued Certificate...")
|
||||
@ -152,7 +152,7 @@ var _ = framework.CertManagerDescribe("CA Certificate", func() {
|
||||
cert, err := certClient.Create(context.TODO(), util.NewCertManagerBasicCertificate(certificateName, certificateSecretName, issuerName, v1.IssuerKind, v.inputDuration, v.inputRenewBefore), metav1.CreateOptions{})
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
By("Waiting for the Certificate to be issued...")
|
||||
err = f.Helper().WaitCertificateIssued(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
_, err = f.Helper().WaitForCertificateReady(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Validating the issued Certificate...")
|
||||
@ -178,7 +178,7 @@ var _ = framework.CertManagerDescribe("CA Certificate", func() {
|
||||
_, err := certClient.Create(context.TODO(), util.NewCertManagerBasicCertificate(certificateName, certificateSecretName, issuerName, v1.IssuerKind, nil, nil), metav1.CreateOptions{})
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
By("Waiting for the Certificate to be issued...")
|
||||
err = f.Helper().WaitCertificateIssued(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
_, err = f.Helper().WaitForCertificateReady(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Validating the issued Certificate...")
|
||||
@ -201,7 +201,7 @@ var _ = framework.CertManagerDescribe("CA Certificate", func() {
|
||||
_, err := certClient.Create(context.TODO(), gen.Certificate(certificateName, gen.SetCertificateNamespace(f.Namespace.Name), gen.SetCertificateCommonName("test.domain.com"), gen.SetCertificateSecretName(certificateSecretName), gen.SetCertificateIssuer(cmmeta.ObjectReference{Name: issuerName, Kind: v1.IssuerKind}), gen.SetCertificateKeyUsages(v1.UsageServerAuth, v1.UsageClientAuth)), metav1.CreateOptions{})
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
By("Waiting for the Certificate to be issued...")
|
||||
err = f.Helper().WaitCertificateIssued(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
_, err = f.Helper().WaitForCertificateReady(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Validating the issued Certificate...")
|
||||
|
||||
@ -61,7 +61,7 @@ var _ = framework.CertManagerDescribe("Self Signed Certificate", func() {
|
||||
_, err = certClient.Create(context.TODO(), util.NewCertManagerBasicCertificate(certificateName, certificateSecretName, issuerName, v1.IssuerKind, nil, nil), metav1.CreateOptions{})
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
By("Waiting for the Certificate to be issued...")
|
||||
err = f.Helper().WaitCertificateIssued(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
_, err = f.Helper().WaitForCertificateReady(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Validating the issued Certificate...")
|
||||
@ -113,7 +113,7 @@ var _ = framework.CertManagerDescribe("Self Signed Certificate", func() {
|
||||
cert, err := certClient.Create(context.TODO(), util.NewCertManagerBasicCertificate(certificateName, certificateSecretName, issuerDurationName, v1.IssuerKind, v.inputDuration, v.inputRenewBefore), metav1.CreateOptions{})
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
By("Waiting for the Certificate to be issued...")
|
||||
err = f.Helper().WaitCertificateIssued(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
_, err = f.Helper().WaitForCertificateReady(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Validating the issued Certificate...")
|
||||
@ -143,7 +143,7 @@ var _ = framework.CertManagerDescribe("Self Signed Certificate", func() {
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Waiting for the Certificate to be issued...")
|
||||
err = f.Helper().WaitCertificateIssued(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
_, err = f.Helper().WaitForCertificateReady(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Validating the issued Certificate...")
|
||||
|
||||
@ -180,7 +180,7 @@ func runVaultAppRoleTests(issuerKind string, testWithRoot bool, unsupportedFeatu
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Waiting for the Certificate to be issued...")
|
||||
err = f.Helper().WaitCertificateIssued(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
_, err = f.Helper().WaitForCertificateReady(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Validating the issued Certificate...")
|
||||
@ -275,7 +275,7 @@ func runVaultAppRoleTests(issuerKind string, testWithRoot bool, unsupportedFeatu
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Waiting for the Certificate to be issued...")
|
||||
err = f.Helper().WaitCertificateIssued(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
_, err = f.Helper().WaitForCertificateReady(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Validating the issued Certificate...")
|
||||
|
||||
@ -178,7 +178,7 @@ func runVaultCustomAppRoleTests(issuerKind string, testWithRoot bool, unsupporte
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Waiting for the Certificate to be issued...")
|
||||
err = f.Helper().WaitCertificateIssued(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
_, err = f.Helper().WaitForCertificateReady(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Validating the issued Certificate...")
|
||||
|
||||
@ -83,7 +83,7 @@ var _ = TPPDescribe("Certificate with a properly configured Issuer", func() {
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Waiting for the Certificate to be issued...")
|
||||
err = f.Helper().WaitCertificateIssued(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
_, err = f.Helper().WaitForCertificateReady(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Validating the issued Certificate...")
|
||||
|
||||
@ -91,10 +91,7 @@ var _ = framework.CertManagerDescribe("CA Injector", func() {
|
||||
cert.Namespace = f.Namespace.Name
|
||||
Expect(f.CRClient.Create(context.Background(), cert)).To(Succeed())
|
||||
|
||||
err := util.WaitForCertificateCondition(f.CertManagerClientSet.CertmanagerV1().Certificates(f.Namespace.Name), "serving-certs", certmanager.CertificateCondition{
|
||||
Type: certmanager.CertificateConditionReady,
|
||||
Status: cmmeta.ConditionTrue,
|
||||
}, time.Second*30)
|
||||
_, err := f.Helper().WaitForCertificateReady(f.Namespace.Name, "serving-certs", time.Second*30)
|
||||
Expect(err).NotTo(HaveOccurred(), "failed to wait for Certificate to become Ready")
|
||||
|
||||
By("grabbing the corresponding secret")
|
||||
|
||||
@ -144,19 +144,23 @@ func wrapErrorWithClusterIssuerStatusCondition(client clientset.ClusterIssuerInt
|
||||
|
||||
// WaitForCertificateCondition waits for the status of the named Certificate to contain
|
||||
// a condition whose type and status matches the supplied one.
|
||||
func WaitForCertificateCondition(client clientset.CertificateInterface, name string, condition v1.CertificateCondition, timeout time.Duration) error {
|
||||
func WaitForCertificateCondition(client clientset.CertificateInterface, name string, condition v1.CertificateCondition, timeout time.Duration) (*v1.Certificate, error) {
|
||||
var certificate *v1.Certificate = nil
|
||||
pollErr := wait.PollImmediate(500*time.Millisecond, timeout,
|
||||
func() (bool, error) {
|
||||
log.Logf("Waiting for Certificate %v condition %#v", name, condition)
|
||||
log.Logf("Waiting for Certificate %v condition %v=%v", name, condition.Type, condition.Status)
|
||||
certificate, err := client.Get(context.TODO(), name, metav1.GetOptions{})
|
||||
if nil != err {
|
||||
return false, fmt.Errorf("error getting Certificate %v: %v", name, err)
|
||||
}
|
||||
|
||||
return apiutil.CertificateHasCondition(certificate, condition), nil
|
||||
if !apiutil.CertificateHasCondition(certificate, condition) {
|
||||
log.Logf("Expected Certificate %v condition %v=%v (generation >= %v) but it has: %v", name, condition.Type, condition.Status, condition.ObservedGeneration, certificate.Status.Conditions)
|
||||
return false, nil
|
||||
}
|
||||
return true, nil
|
||||
},
|
||||
)
|
||||
return wrapErrorWithCertificateStatusCondition(client, pollErr, name, condition.Type)
|
||||
return certificate, wrapErrorWithCertificateStatusCondition(client, pollErr, name, condition.Type)
|
||||
}
|
||||
|
||||
// WaitForCertificateEvent waits for an event on the named Certificate to contain
|
||||
|
||||
Loading…
Reference in New Issue
Block a user