Correctly wait for issue on e2e tests
Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>
This commit is contained in:
JoshVanL
parent
0645bb6769
commit
b72e8341df
@ -67,7 +67,6 @@ func runVaultAppRoleTests(issuerKind string) {
|
||||
rootMount := "root-ca"
|
||||
intermediateMount := "intermediate-ca"
|
||||
role := "kubernetes-vault"
|
||||
issuerName := "test-vault-issuer"
|
||||
certificateName := "test-vault-certificate"
|
||||
certificateSecretName := "test-vault-certificate"
|
||||
vaultSecretAppRoleName := "vault-role"
|
||||
@ -76,7 +75,7 @@ func runVaultAppRoleTests(issuerKind string) {
|
||||
var roleId, secretId, vaultSecretName string
|
||||
var vaultInit *vaultaddon.VaultInitializer
|
||||
|
||||
var vaultSecretNamespace string
|
||||
var vaultIssuerName, vaultSecretNamespace string
|
||||
|
||||
BeforeEach(func() {
|
||||
By("Configuring the Vault server")
|
||||
@ -110,9 +109,9 @@ func runVaultAppRoleTests(issuerKind string) {
|
||||
Expect(vaultInit.Clean()).NotTo(HaveOccurred())
|
||||
|
||||
if issuerKind == cmapi.IssuerKind {
|
||||
f.CertManagerClientSet.CertmanagerV1alpha2().Issuers(f.Namespace.Name).Delete(issuerName, nil)
|
||||
f.CertManagerClientSet.CertmanagerV1alpha2().Issuers(f.Namespace.Name).Delete(vaultIssuerName, nil)
|
||||
} else {
|
||||
f.CertManagerClientSet.CertmanagerV1alpha2().ClusterIssuers().Delete(issuerName, nil)
|
||||
f.CertManagerClientSet.CertmanagerV1alpha2().ClusterIssuers().Delete(vaultIssuerName, nil)
|
||||
}
|
||||
|
||||
f.KubeClientSet.CoreV1().Secrets(vaultSecretNamespace).Delete(vaultSecretName, nil)
|
||||
@ -126,25 +125,29 @@ func runVaultAppRoleTests(issuerKind string) {
|
||||
|
||||
var err error
|
||||
if issuerKind == cmapi.IssuerKind {
|
||||
_, err = f.CertManagerClientSet.CertmanagerV1alpha2().Issuers(f.Namespace.Name).Create(util.NewCertManagerVaultIssuerAppRole(issuerName, vaultURL, vaultPath, roleId, vaultSecretName, authPath, vault.Details().VaultCA))
|
||||
} else {
|
||||
_, err = f.CertManagerClientSet.CertmanagerV1alpha2().ClusterIssuers().Create(util.NewCertManagerVaultClusterIssuerAppRole(issuerName, vaultURL, vaultPath, roleId, vaultSecretName, authPath, vault.Details().VaultCA))
|
||||
}
|
||||
iss, err := f.CertManagerClientSet.CertmanagerV1alpha2().Issuers(f.Namespace.Name).Create(util.NewCertManagerVaultIssuerAppRole("test-vault-issuer-", vaultURL, vaultPath, roleId, vaultSecretName, authPath, vault.Details().VaultCA))
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
vaultIssuerName = iss.Name
|
||||
} else {
|
||||
iss, err := f.CertManagerClientSet.CertmanagerV1alpha2().ClusterIssuers().Create(util.NewCertManagerVaultClusterIssuerAppRole("test-vault-issuer-", vaultURL, vaultPath, roleId, vaultSecretName, authPath, vault.Details().VaultCA))
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
vaultIssuerName = iss.Name
|
||||
}
|
||||
|
||||
By("Waiting for Issuer to become Ready")
|
||||
|
||||
if issuerKind == cmapi.IssuerKind {
|
||||
err = util.WaitForIssuerCondition(f.CertManagerClientSet.CertmanagerV1alpha2().Issuers(f.Namespace.Name),
|
||||
issuerName,
|
||||
vaultIssuerName,
|
||||
cmapi.IssuerCondition{
|
||||
Type: cmapi.IssuerConditionReady,
|
||||
Status: cmmeta.ConditionTrue,
|
||||
})
|
||||
} else {
|
||||
err = util.WaitForClusterIssuerCondition(f.CertManagerClientSet.CertmanagerV1alpha2().ClusterIssuers(),
|
||||
issuerName,
|
||||
vaultIssuerName,
|
||||
cmapi.IssuerCondition{
|
||||
Type: cmapi.IssuerConditionReady,
|
||||
Status: cmmeta.ConditionTrue,
|
||||
@ -154,7 +157,7 @@ func runVaultAppRoleTests(issuerKind string) {
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Creating a Certificate")
|
||||
_, err = certClient.Create(util.NewCertManagerVaultCertificate(certificateName, certificateSecretName, issuerName, issuerKind, nil, nil))
|
||||
_, err = certClient.Create(util.NewCertManagerVaultCertificate(certificateName, certificateSecretName, vaultIssuerName, issuerKind, nil, nil))
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
err = h.WaitCertificateIssuedValid(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
@ -202,34 +205,38 @@ func runVaultAppRoleTests(issuerKind string) {
|
||||
|
||||
var err error
|
||||
if issuerKind == cmapi.IssuerKind {
|
||||
_, err = f.CertManagerClientSet.CertmanagerV1alpha2().Issuers(f.Namespace.Name).Create(util.NewCertManagerVaultIssuerAppRole(issuerName, vault.Details().Host, vaultPath, roleId, vaultSecretName, authPath, vault.Details().VaultCA))
|
||||
iss, err := f.CertManagerClientSet.CertmanagerV1alpha2().Issuers(f.Namespace.Name).Create(util.NewCertManagerVaultIssuerAppRole("test-vault-issuer-", vault.Details().Host, vaultPath, roleId, vaultSecretName, authPath, vault.Details().VaultCA))
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
vaultIssuerName = iss.Name
|
||||
} else {
|
||||
_, err = f.CertManagerClientSet.CertmanagerV1alpha2().ClusterIssuers().Create(util.NewCertManagerVaultClusterIssuerAppRole(issuerName, vault.Details().Host, vaultPath, roleId, vaultSecretName, authPath, vault.Details().VaultCA))
|
||||
iss, err := f.CertManagerClientSet.CertmanagerV1alpha2().ClusterIssuers().Create(util.NewCertManagerVaultClusterIssuerAppRole("test-vault-issuer-", vault.Details().Host, vaultPath, roleId, vaultSecretName, authPath, vault.Details().VaultCA))
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
vaultIssuerName = iss.Name
|
||||
}
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Waiting for Issuer to become Ready")
|
||||
|
||||
if issuerKind == cmapi.IssuerKind {
|
||||
err = util.WaitForIssuerCondition(f.CertManagerClientSet.CertmanagerV1alpha2().Issuers(f.Namespace.Name),
|
||||
issuerName,
|
||||
vaultIssuerName,
|
||||
cmapi.IssuerCondition{
|
||||
Type: cmapi.IssuerConditionReady,
|
||||
Status: cmmeta.ConditionTrue,
|
||||
})
|
||||
} else {
|
||||
err = util.WaitForClusterIssuerCondition(f.CertManagerClientSet.CertmanagerV1alpha2().ClusterIssuers(),
|
||||
issuerName,
|
||||
vaultIssuerName,
|
||||
cmapi.IssuerCondition{
|
||||
Type: cmapi.IssuerConditionReady,
|
||||
Status: cmmeta.ConditionTrue,
|
||||
})
|
||||
}
|
||||
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Creating a Certificate")
|
||||
cert, err := f.CertManagerClientSet.CertmanagerV1alpha2().Certificates(f.Namespace.Name).Create(util.NewCertManagerVaultCertificate(certificateName, certificateSecretName, issuerName, issuerKind, v.inputDuration, v.inputRenewBefore))
|
||||
cert, err := f.CertManagerClientSet.CertmanagerV1alpha2().Certificates(f.Namespace.Name).Create(util.NewCertManagerVaultCertificate(certificateName, certificateSecretName, vaultIssuerName, issuerKind, v.inputDuration, v.inputRenewBefore))
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
err = h.WaitCertificateIssuedValid(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
|
||||
@ -67,13 +67,12 @@ func runVaultCustomAppRoleTests(issuerKind string) {
|
||||
intermediateMount := "intermediate-ca"
|
||||
authPath := "custom/path"
|
||||
role := "kubernetes-vault"
|
||||
issuerName := "test-vault-issuer"
|
||||
certificateName := "test-vault-certificate"
|
||||
certificateSecretName := "test-vault-certificate"
|
||||
vaultSecretAppRoleName := "vault-role"
|
||||
vaultPath := path.Join(intermediateMount, "sign", role)
|
||||
var roleId, secretId, vaultSecretName string
|
||||
var vaultSecretNamespace string
|
||||
var vaultIssuerName, vaultSecretNamespace string
|
||||
|
||||
var vaultInit *vaultaddon.VaultInitializer
|
||||
|
||||
@ -109,9 +108,9 @@ func runVaultCustomAppRoleTests(issuerKind string) {
|
||||
Expect(vaultInit.Clean()).NotTo(HaveOccurred())
|
||||
|
||||
if issuerKind == cmapi.IssuerKind {
|
||||
f.CertManagerClientSet.CertmanagerV1alpha2().Issuers(f.Namespace.Name).Delete(issuerName, nil)
|
||||
f.CertManagerClientSet.CertmanagerV1alpha2().Issuers(f.Namespace.Name).Delete(vaultIssuerName, nil)
|
||||
} else {
|
||||
f.CertManagerClientSet.CertmanagerV1alpha2().ClusterIssuers().Delete(issuerName, nil)
|
||||
f.CertManagerClientSet.CertmanagerV1alpha2().ClusterIssuers().Delete(vaultIssuerName, nil)
|
||||
}
|
||||
|
||||
f.KubeClientSet.CoreV1().Secrets(vaultSecretNamespace).Delete(vaultSecretName, nil)
|
||||
@ -125,24 +124,28 @@ func runVaultCustomAppRoleTests(issuerKind string) {
|
||||
|
||||
var err error
|
||||
if issuerKind == cmapi.IssuerKind {
|
||||
_, err = f.CertManagerClientSet.CertmanagerV1alpha2().Issuers(f.Namespace.Name).Create(util.NewCertManagerVaultIssuerAppRole(issuerName, vaultURL, vaultPath, roleId, vaultSecretName, authPath, vault.Details().VaultCA))
|
||||
} else {
|
||||
_, err = f.CertManagerClientSet.CertmanagerV1alpha2().ClusterIssuers().Create(util.NewCertManagerVaultClusterIssuerAppRole(issuerName, vaultURL, vaultPath, roleId, vaultSecretName, authPath, vault.Details().VaultCA))
|
||||
}
|
||||
iss, err := f.CertManagerClientSet.CertmanagerV1alpha2().Issuers(f.Namespace.Name).Create(util.NewCertManagerVaultIssuerAppRole("test-vault-issuer-", vaultURL, vaultPath, roleId, vaultSecretName, authPath, vault.Details().VaultCA))
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
vaultIssuerName = iss.Name
|
||||
} else {
|
||||
iss, err := f.CertManagerClientSet.CertmanagerV1alpha2().ClusterIssuers().Create(util.NewCertManagerVaultClusterIssuerAppRole("test-vault-issuer-", vaultURL, vaultPath, roleId, vaultSecretName, authPath, vault.Details().VaultCA))
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
vaultIssuerName = iss.Name
|
||||
}
|
||||
|
||||
By("Waiting for Issuer to become Ready")
|
||||
if issuerKind == cmapi.IssuerKind {
|
||||
err = util.WaitForIssuerCondition(f.CertManagerClientSet.CertmanagerV1alpha2().Issuers(f.Namespace.Name),
|
||||
issuerName,
|
||||
vaultIssuerName,
|
||||
cmapi.IssuerCondition{
|
||||
Type: cmapi.IssuerConditionReady,
|
||||
Status: cmmeta.ConditionTrue,
|
||||
})
|
||||
} else {
|
||||
err = util.WaitForClusterIssuerCondition(f.CertManagerClientSet.CertmanagerV1alpha2().ClusterIssuers(),
|
||||
issuerName,
|
||||
vaultIssuerName,
|
||||
cmapi.IssuerCondition{
|
||||
Type: cmapi.IssuerConditionReady,
|
||||
Status: cmmeta.ConditionTrue,
|
||||
@ -152,7 +155,7 @@ func runVaultCustomAppRoleTests(issuerKind string) {
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Creating a Certificate")
|
||||
_, err = certClient.Create(util.NewCertManagerVaultCertificate(certificateName, certificateSecretName, issuerName, issuerKind, nil, nil))
|
||||
_, err = certClient.Create(util.NewCertManagerVaultCertificate(certificateName, certificateSecretName, vaultIssuerName, issuerKind, nil, nil))
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
err = h.WaitCertificateIssuedValid(f.Namespace.Name, certificateName, time.Minute*5)
|
||||
|
||||
@ -75,15 +75,14 @@ func runVaultAppRoleTests(issuerKind string) {
|
||||
rootMount := "root-ca"
|
||||
intermediateMount := "intermediate-ca"
|
||||
role := "kubernetes-vault"
|
||||
issuerName := "test-vault-issuer"
|
||||
certificateRequestName := "test-vault-certificaterequest"
|
||||
vaultSecretAppRoleName := "vault-role-"
|
||||
vaultPath := path.Join(intermediateMount, "sign", role)
|
||||
authPath := "approle"
|
||||
var roleId, secretId, vaultSecretName string
|
||||
var roleId, secretId string
|
||||
var vaultInit *vaultaddon.VaultInitializer
|
||||
|
||||
var vaultSecretNamespace string
|
||||
var vaultIssuerName, vaultSecretName, vaultSecretNamespace string
|
||||
|
||||
BeforeEach(func() {
|
||||
By("Configuring the Vault server")
|
||||
@ -117,9 +116,9 @@ func runVaultAppRoleTests(issuerKind string) {
|
||||
Expect(vaultInit.Clean()).NotTo(HaveOccurred())
|
||||
|
||||
if issuerKind == cmapi.IssuerKind {
|
||||
f.CertManagerClientSet.CertmanagerV1alpha2().Issuers(f.Namespace.Name).Delete(issuerName, nil)
|
||||
f.CertManagerClientSet.CertmanagerV1alpha2().Issuers(f.Namespace.Name).Delete(vaultIssuerName, nil)
|
||||
} else {
|
||||
f.CertManagerClientSet.CertmanagerV1alpha2().ClusterIssuers().Delete(issuerName, nil)
|
||||
f.CertManagerClientSet.CertmanagerV1alpha2().ClusterIssuers().Delete(vaultIssuerName, nil)
|
||||
}
|
||||
|
||||
f.KubeClientSet.CoreV1().Secrets(vaultSecretNamespace).Delete(vaultSecretName, nil)
|
||||
@ -133,33 +132,37 @@ func runVaultAppRoleTests(issuerKind string) {
|
||||
|
||||
var err error
|
||||
if issuerKind == cmapi.IssuerKind {
|
||||
_, err = f.CertManagerClientSet.CertmanagerV1alpha2().Issuers(f.Namespace.Name).Create(util.NewCertManagerVaultIssuerAppRole(issuerName, vaultURL, vaultPath, roleId, vaultSecretName, authPath, vault.Details().VaultCA))
|
||||
iss, err := f.CertManagerClientSet.CertmanagerV1alpha2().Issuers(f.Namespace.Name).Create(util.NewCertManagerVaultIssuerAppRole("test-vault-issuer-", vaultURL, vaultPath, roleId, vaultSecretName, authPath, vault.Details().VaultCA))
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
vaultIssuerName = iss.Name
|
||||
} else {
|
||||
_, err = f.CertManagerClientSet.CertmanagerV1alpha2().ClusterIssuers().Create(util.NewCertManagerVaultClusterIssuerAppRole(issuerName, vaultURL, vaultPath, roleId, vaultSecretName, authPath, vault.Details().VaultCA))
|
||||
iss, err := f.CertManagerClientSet.CertmanagerV1alpha2().ClusterIssuers().Create(util.NewCertManagerVaultClusterIssuerAppRole("test-vault-issuer-", vaultURL, vaultPath, roleId, vaultSecretName, authPath, vault.Details().VaultCA))
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
vaultIssuerName = iss.Name
|
||||
}
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Waiting for Issuer to become Ready")
|
||||
if issuerKind == cmapi.IssuerKind {
|
||||
err = util.WaitForIssuerCondition(f.CertManagerClientSet.CertmanagerV1alpha2().Issuers(f.Namespace.Name),
|
||||
issuerName,
|
||||
vaultIssuerName,
|
||||
cmapi.IssuerCondition{
|
||||
Type: cmapi.IssuerConditionReady,
|
||||
Status: cmmeta.ConditionTrue,
|
||||
})
|
||||
} else {
|
||||
err = util.WaitForClusterIssuerCondition(f.CertManagerClientSet.CertmanagerV1alpha2().ClusterIssuers(),
|
||||
issuerName,
|
||||
vaultIssuerName,
|
||||
cmapi.IssuerCondition{
|
||||
Type: cmapi.IssuerConditionReady,
|
||||
Status: cmmeta.ConditionTrue,
|
||||
})
|
||||
}
|
||||
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Creating a CertificateRequest")
|
||||
cr, key, err := util.NewCertManagerBasicCertificateRequest(certificateRequestName, issuerName, issuerKind,
|
||||
cr, key, err := util.NewCertManagerBasicCertificateRequest(certificateRequestName, vaultIssuerName, issuerKind,
|
||||
&metav1.Duration{
|
||||
Duration: time.Hour * 24 * 90,
|
||||
},
|
||||
@ -208,28 +211,39 @@ func runVaultAppRoleTests(issuerKind string) {
|
||||
|
||||
var err error
|
||||
if issuerKind == cmapi.IssuerKind {
|
||||
_, err = f.CertManagerClientSet.CertmanagerV1alpha2().Issuers(f.Namespace.Name).Create(util.NewCertManagerVaultIssuerAppRole(issuerName, vault.Details().Host, vaultPath, roleId, vaultSecretName, authPath, vault.Details().VaultCA))
|
||||
iss, err := f.CertManagerClientSet.CertmanagerV1alpha2().Issuers(f.Namespace.Name).Create(util.NewCertManagerVaultIssuerAppRole("test-vault-issuer-", vault.Details().Host, vaultPath, roleId, vaultSecretName, authPath, vault.Details().VaultCA))
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
vaultIssuerName = iss.Name
|
||||
} else {
|
||||
_, err = f.CertManagerClientSet.CertmanagerV1alpha2().ClusterIssuers().Create(util.NewCertManagerVaultClusterIssuerAppRole(issuerName, vault.Details().Host, vaultPath, roleId, vaultSecretName, authPath, vault.Details().VaultCA))
|
||||
iss, err := f.CertManagerClientSet.CertmanagerV1alpha2().ClusterIssuers().Create(util.NewCertManagerVaultClusterIssuerAppRole("test-vault-issuer", vault.Details().Host, vaultPath, roleId, vaultSecretName, authPath, vault.Details().VaultCA))
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
vaultIssuerName = iss.Name
|
||||
}
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Waiting for Issuer to become Ready")
|
||||
if issuerKind == cmapi.IssuerKind {
|
||||
err = util.WaitForClusterIssuerCondition(f.CertManagerClientSet.CertmanagerV1alpha2().ClusterIssuers(),
|
||||
issuerName,
|
||||
err = util.WaitForIssuerCondition(f.CertManagerClientSet.CertmanagerV1alpha2().Issuers(f.Namespace.Name),
|
||||
vaultIssuerName,
|
||||
cmapi.IssuerCondition{
|
||||
Type: cmapi.IssuerConditionReady,
|
||||
Status: cmmeta.ConditionTrue,
|
||||
})
|
||||
} else {
|
||||
err = util.WaitForClusterIssuerCondition(f.CertManagerClientSet.CertmanagerV1alpha2().ClusterIssuers(),
|
||||
vaultIssuerName,
|
||||
cmapi.IssuerCondition{
|
||||
Type: cmapi.IssuerConditionReady,
|
||||
Status: cmmeta.ConditionTrue,
|
||||
})
|
||||
}
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Creating a CertificateRequest")
|
||||
crClient := f.CertManagerClientSet.CertmanagerV1alpha2().CertificateRequests(f.Namespace.Name)
|
||||
|
||||
cr, key, err := util.NewCertManagerBasicCertificateRequest(certificateRequestName, issuerName,
|
||||
cr, key, err := util.NewCertManagerBasicCertificateRequest(certificateRequestName, vaultIssuerName,
|
||||
issuerKind, v.inputDuration, crDNSNames, crIPAddresses, nil, x509.RSA)
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
_, err = crClient.Create(cr)
|
||||
|
||||
@ -76,7 +76,6 @@ func runVaultCustomAppRoleTests(issuerKind string) {
|
||||
intermediateMount := "intermediate-ca"
|
||||
authPath := "custom/path"
|
||||
role := "kubernetes-vault"
|
||||
issuerName := "test-vault-issuer"
|
||||
certificateRequestName := "test-vault-certificaterequest"
|
||||
vaultSecretAppRoleName := "vault-role-"
|
||||
vaultPath := path.Join(intermediateMount, "sign", role)
|
||||
@ -84,7 +83,7 @@ func runVaultCustomAppRoleTests(issuerKind string) {
|
||||
|
||||
var vaultInit *vaultaddon.VaultInitializer
|
||||
|
||||
var vaultSecretNamespace string
|
||||
var vaultIssuerName, vaultSecretNamespace string
|
||||
|
||||
BeforeEach(func() {
|
||||
By("Configuring the Vault server")
|
||||
@ -119,9 +118,9 @@ func runVaultCustomAppRoleTests(issuerKind string) {
|
||||
Expect(vaultInit.Clean()).NotTo(HaveOccurred())
|
||||
|
||||
if issuerKind == cmapi.IssuerKind {
|
||||
f.CertManagerClientSet.CertmanagerV1alpha2().Issuers(f.Namespace.Name).Delete(issuerName, nil)
|
||||
f.CertManagerClientSet.CertmanagerV1alpha2().Issuers(f.Namespace.Name).Delete(vaultIssuerName, nil)
|
||||
} else {
|
||||
f.CertManagerClientSet.CertmanagerV1alpha2().ClusterIssuers().Delete(issuerName, nil)
|
||||
f.CertManagerClientSet.CertmanagerV1alpha2().ClusterIssuers().Delete(vaultIssuerName, nil)
|
||||
}
|
||||
|
||||
f.KubeClientSet.CoreV1().Secrets(vaultSecretNamespace).Delete(vaultSecretName, nil)
|
||||
@ -135,24 +134,28 @@ func runVaultCustomAppRoleTests(issuerKind string) {
|
||||
|
||||
var err error
|
||||
if issuerKind == cmapi.IssuerKind {
|
||||
_, err = f.CertManagerClientSet.CertmanagerV1alpha2().Issuers(f.Namespace.Name).Create(util.NewCertManagerVaultIssuerAppRole(issuerName, vaultURL, vaultPath, roleId, vaultSecretAppRoleName, authPath, vault.Details().VaultCA))
|
||||
} else {
|
||||
_, err = f.CertManagerClientSet.CertmanagerV1alpha2().ClusterIssuers().Create(util.NewCertManagerVaultClusterIssuerAppRole(issuerName, vaultURL, vaultPath, roleId, vaultSecretAppRoleName, authPath, vault.Details().VaultCA))
|
||||
}
|
||||
iss, err := f.CertManagerClientSet.CertmanagerV1alpha2().Issuers(f.Namespace.Name).Create(util.NewCertManagerVaultIssuerAppRole("test-vault-issuer-", vaultURL, vaultPath, roleId, vaultSecretName, authPath, vault.Details().VaultCA))
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
vaultIssuerName = iss.Name
|
||||
} else {
|
||||
iss, err := f.CertManagerClientSet.CertmanagerV1alpha2().ClusterIssuers().Create(util.NewCertManagerVaultClusterIssuerAppRole("test-vault-issuer-", vaultURL, vaultPath, roleId, vaultSecretName, authPath, vault.Details().VaultCA))
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
vaultIssuerName = iss.Name
|
||||
}
|
||||
|
||||
By("Waiting for Issuer to become Ready")
|
||||
if issuerKind == cmapi.IssuerKind {
|
||||
err = util.WaitForIssuerCondition(f.CertManagerClientSet.CertmanagerV1alpha2().Issuers(f.Namespace.Name),
|
||||
issuerName,
|
||||
vaultIssuerName,
|
||||
cmapi.IssuerCondition{
|
||||
Type: cmapi.IssuerConditionReady,
|
||||
Status: cmmeta.ConditionTrue,
|
||||
})
|
||||
} else {
|
||||
err = util.WaitForClusterIssuerCondition(f.CertManagerClientSet.CertmanagerV1alpha2().ClusterIssuers(),
|
||||
issuerName,
|
||||
vaultIssuerName,
|
||||
cmapi.IssuerCondition{
|
||||
Type: cmapi.IssuerConditionReady,
|
||||
Status: cmmeta.ConditionTrue,
|
||||
@ -162,7 +165,7 @@ func runVaultCustomAppRoleTests(issuerKind string) {
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Creating a CertificateRequest")
|
||||
cr, key, err := util.NewCertManagerBasicCertificateRequest(certificateRequestName, issuerName,
|
||||
cr, key, err := util.NewCertManagerBasicCertificateRequest(certificateRequestName, vaultIssuerName,
|
||||
issuerKind, &metav1.Duration{
|
||||
Duration: time.Hour * 24 * 90,
|
||||
},
|
||||
|
||||
@ -119,12 +119,12 @@ var _ = framework.CertManagerDescribe("Vault Issuer", func() {
|
||||
|
||||
vaultSecretName = sec.Name
|
||||
|
||||
_, err = f.CertManagerClientSet.CertmanagerV1alpha2().Issuers(f.Namespace.Name).Create(util.NewCertManagerVaultIssuerAppRole(issuerName, vault.Details().Host, vaultPath, roleId, vaultSecretName, appRoleAuthPath, vault.Details().VaultCA))
|
||||
iss, err := f.CertManagerClientSet.CertmanagerV1alpha2().Issuers(f.Namespace.Name).Create(util.NewCertManagerVaultIssuerAppRole(issuerName, vault.Details().Host, vaultPath, roleId, vaultSecretName, appRoleAuthPath, vault.Details().VaultCA))
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Waiting for Issuer to become Ready")
|
||||
err = util.WaitForIssuerCondition(f.CertManagerClientSet.CertmanagerV1alpha2().Issuers(f.Namespace.Name),
|
||||
issuerName,
|
||||
iss.Name,
|
||||
v1alpha2.IssuerCondition{
|
||||
Type: v1alpha2.IssuerConditionReady,
|
||||
Status: cmmeta.ConditionTrue,
|
||||
@ -134,12 +134,12 @@ var _ = framework.CertManagerDescribe("Vault Issuer", func() {
|
||||
|
||||
It("should fail to init with missing Vault AppRole", func() {
|
||||
By("Creating an Issuer")
|
||||
_, err := f.CertManagerClientSet.CertmanagerV1alpha2().Issuers(f.Namespace.Name).Create(util.NewCertManagerVaultIssuerAppRole(issuerName, vault.Details().Host, vaultPath, roleId, vaultSecretAppRoleName, appRoleAuthPath, vault.Details().VaultCA))
|
||||
iss, err := f.CertManagerClientSet.CertmanagerV1alpha2().Issuers(f.Namespace.Name).Create(util.NewCertManagerVaultIssuerAppRole(issuerName, vault.Details().Host, vaultPath, roleId, vaultSecretAppRoleName, appRoleAuthPath, vault.Details().VaultCA))
|
||||
Expect(err).NotTo(HaveOccurred())
|
||||
|
||||
By("Waiting for Issuer to become Ready")
|
||||
err = util.WaitForIssuerCondition(f.CertManagerClientSet.CertmanagerV1alpha2().Issuers(f.Namespace.Name),
|
||||
issuerName,
|
||||
iss.Name,
|
||||
v1alpha2.IssuerCondition{
|
||||
Type: v1alpha2.IssuerConditionReady,
|
||||
Status: cmmeta.ConditionFalse,
|
||||
|
||||
@ -488,7 +488,7 @@ func NewCertManagerVaultIssuerToken(name, vaultURL, vaultPath, vaultSecretToken,
|
||||
func NewCertManagerVaultIssuerAppRole(name, vaultURL, vaultPath, roleId, vaultSecretAppRole string, authPath string, caBundle []byte) *v1alpha2.Issuer {
|
||||
return &v1alpha2.Issuer{
|
||||
ObjectMeta: metav1.ObjectMeta{
|
||||
Name: name,
|
||||
GenerateName: name,
|
||||
},
|
||||
Spec: newCertManagerVaultIssuerSpecAppRole(vaultURL, vaultPath, roleId, vaultSecretAppRole, authPath, caBundle),
|
||||
}
|
||||
@ -497,7 +497,7 @@ func NewCertManagerVaultIssuerAppRole(name, vaultURL, vaultPath, roleId, vaultSe
|
||||
func NewCertManagerVaultClusterIssuerAppRole(name, vaultURL, vaultPath, roleId, vaultSecretAppRole string, authPath string, caBundle []byte) *v1alpha2.ClusterIssuer {
|
||||
return &v1alpha2.ClusterIssuer{
|
||||
ObjectMeta: metav1.ObjectMeta{
|
||||
Name: name,
|
||||
GenerateName: name,
|
||||
},
|
||||
Spec: newCertManagerVaultIssuerSpecAppRole(vaultURL, vaultPath, roleId, vaultSecretAppRole, authPath, caBundle),
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user