diff --git a/test/e2e/certificate_ca.go b/test/e2e/certificate/certificate_ca.go similarity index 78% rename from test/e2e/certificate_ca.go rename to test/e2e/certificate/certificate_ca.go index 3bc73f1cd..07f8d9bd1 100644 --- a/test/e2e/certificate_ca.go +++ b/test/e2e/certificate/certificate_ca.go @@ -11,12 +11,11 @@ See the License for the specific language governing permissions and limitations under the License. */ -package e2e +package certificate import ( . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "github.com/jetstack-experimental/cert-manager/pkg/apis/certmanager/v1alpha1" "github.com/jetstack-experimental/cert-manager/test/e2e/framework" @@ -34,12 +33,12 @@ var _ = framework.CertManagerDescribe("CA Certificate", func() { BeforeEach(func() { By("Creating a cert-manager pod") - pod, err := f.KubeClientSet.CoreV1().Pods(f.Namespace.Name).Create(NewCertManagerControllerPod(podName, "--cluster-resource-namespace="+f.Namespace.Name)) + pod, err := f.KubeClientSet.CoreV1().Pods(f.Namespace.Name).Create(util.NewCertManagerControllerPod(podName, "--cluster-resource-namespace="+f.Namespace.Name)) Expect(err).NotTo(HaveOccurred()) err = framework.WaitForPodRunningInNamespace(f.KubeClientSet, pod) Expect(err).NotTo(HaveOccurred()) By("Creating a signing keypair fixture") - _, err = f.KubeClientSet.CoreV1().Secrets(f.Namespace.Name).Create(newSigningKeypairSecret(issuerSecretName)) + _, err = f.KubeClientSet.CoreV1().Secrets(f.Namespace.Name).Create(util.NewSigningKeypairSecret(issuerSecretName)) Expect(err).NotTo(HaveOccurred()) }) @@ -53,7 +52,7 @@ var _ = framework.CertManagerDescribe("CA Certificate", func() { It("should generate a signed keypair", func() { By("Creating an Issuer") - _, err := f.CertManagerClientSet.CertmanagerV1alpha1().Issuers(f.Namespace.Name).Create(newCertManagerCAIssuer(issuerName, issuerSecretName)) + _, err := f.CertManagerClientSet.CertmanagerV1alpha1().Issuers(f.Namespace.Name).Create(util.NewCertManagerCAIssuer(issuerName, issuerSecretName)) Expect(err).NotTo(HaveOccurred()) By("Waiting for Issuer to become Ready") err = util.WaitForIssuerCondition(f.CertManagerClientSet.CertmanagerV1alpha1().Issuers(f.Namespace.Name), @@ -64,7 +63,7 @@ var _ = framework.CertManagerDescribe("CA Certificate", func() { }) Expect(err).NotTo(HaveOccurred()) By("Creating a Certificate") - _, err = f.CertManagerClientSet.CertmanagerV1alpha1().Certificates(f.Namespace.Name).Create(newCertManagerCACertificate(certificateName, certificateSecretName, issuerName, v1alpha1.IssuerKind)) + _, err = f.CertManagerClientSet.CertmanagerV1alpha1().Certificates(f.Namespace.Name).Create(util.NewCertManagerCACertificate(certificateName, certificateSecretName, issuerName, v1alpha1.IssuerKind)) Expect(err).NotTo(HaveOccurred()) By("Waiting for Certificate to become Ready") err = util.WaitForCertificateCondition(f.CertManagerClientSet.CertmanagerV1alpha1().Certificates(f.Namespace.Name), @@ -78,7 +77,7 @@ var _ = framework.CertManagerDescribe("CA Certificate", func() { It("should generate a signed keypair from a clusterissuer", func() { By("Creating a ClusterIssuer") - _, err := f.CertManagerClientSet.CertmanagerV1alpha1().ClusterIssuers().Create(newCertManagerCAClusterIssuer(issuerName, issuerSecretName)) + _, err := f.CertManagerClientSet.CertmanagerV1alpha1().ClusterIssuers().Create(util.NewCertManagerCAClusterIssuer(issuerName, issuerSecretName)) Expect(err).NotTo(HaveOccurred()) By("Waiting for ClusterIssuer to become Ready") err = util.WaitForClusterIssuerCondition(f.CertManagerClientSet.CertmanagerV1alpha1().ClusterIssuers(), @@ -89,7 +88,7 @@ var _ = framework.CertManagerDescribe("CA Certificate", func() { }) Expect(err).NotTo(HaveOccurred()) By("Creating a Certificate") - _, err = f.CertManagerClientSet.CertmanagerV1alpha1().Certificates(f.Namespace.Name).Create(newCertManagerCACertificate(certificateName, certificateSecretName, issuerName, v1alpha1.ClusterIssuerKind)) + _, err = f.CertManagerClientSet.CertmanagerV1alpha1().Certificates(f.Namespace.Name).Create(util.NewCertManagerCACertificate(certificateName, certificateSecretName, issuerName, v1alpha1.ClusterIssuerKind)) Expect(err).NotTo(HaveOccurred()) By("Waiting for Certificate to become Ready") err = util.WaitForCertificateCondition(f.CertManagerClientSet.CertmanagerV1alpha1().Certificates(f.Namespace.Name), @@ -101,21 +100,3 @@ var _ = framework.CertManagerDescribe("CA Certificate", func() { Expect(err).NotTo(HaveOccurred()) }) }) - -func newCertManagerCACertificate(name, secretName, issuerName string, issuerKind string) *v1alpha1.Certificate { - return &v1alpha1.Certificate{ - ObjectMeta: metav1.ObjectMeta{ - Name: name, - }, - Spec: v1alpha1.CertificateSpec{ - Domains: []string{ - "test.domain.com", - }, - SecretName: secretName, - IssuerRef: v1alpha1.ObjectReference{ - Name: issuerName, - Kind: issuerKind, - }, - }, - } -} diff --git a/test/e2e/clusterissuer_ca.go b/test/e2e/clusterissuer/clusterissuer_ca.go similarity index 78% rename from test/e2e/clusterissuer_ca.go rename to test/e2e/clusterissuer/clusterissuer_ca.go index 8acd08429..fa7c7ec0d 100644 --- a/test/e2e/clusterissuer_ca.go +++ b/test/e2e/clusterissuer/clusterissuer_ca.go @@ -11,12 +11,11 @@ See the License for the specific language governing permissions and limitations under the License. */ -package e2e +package clusterissuer import ( . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "github.com/jetstack-experimental/cert-manager/pkg/apis/certmanager/v1alpha1" "github.com/jetstack-experimental/cert-manager/test/e2e/framework" @@ -32,12 +31,12 @@ var _ = framework.CertManagerDescribe("CA ClusterIssuer", func() { BeforeEach(func() { By("Creating a cert-manager pod") - pod, err := f.KubeClientSet.CoreV1().Pods(f.Namespace.Name).Create(NewCertManagerControllerPod(podName, "--cluster-resource-namespace="+f.Namespace.Name)) + pod, err := f.KubeClientSet.CoreV1().Pods(f.Namespace.Name).Create(util.NewCertManagerControllerPod(podName, "--cluster-resource-namespace="+f.Namespace.Name)) Expect(err).NotTo(HaveOccurred()) err = framework.WaitForPodRunningInNamespace(f.KubeClientSet, pod) Expect(err).NotTo(HaveOccurred()) By("Creating a signing keypair fixture") - _, err = f.KubeClientSet.CoreV1().Secrets(f.Namespace.Name).Create(newSigningKeypairSecret(secretName)) + _, err = f.KubeClientSet.CoreV1().Secrets(f.Namespace.Name).Create(util.NewSigningKeypairSecret(secretName)) Expect(err).NotTo(HaveOccurred()) }) @@ -51,7 +50,7 @@ var _ = framework.CertManagerDescribe("CA ClusterIssuer", func() { It("should generate a signing keypair", func() { By("Creating an Issuer") - _, err := f.CertManagerClientSet.CertmanagerV1alpha1().ClusterIssuers().Create(newCertManagerCAClusterIssuer(issuerName, secretName)) + _, err := f.CertManagerClientSet.CertmanagerV1alpha1().ClusterIssuers().Create(util.NewCertManagerCAClusterIssuer(issuerName, secretName)) Expect(err).NotTo(HaveOccurred()) By("Waiting for Issuer to become Ready") err = util.WaitForClusterIssuerCondition(f.CertManagerClientSet.CertmanagerV1alpha1().ClusterIssuers(), @@ -63,20 +62,3 @@ var _ = framework.CertManagerDescribe("CA ClusterIssuer", func() { Expect(err).NotTo(HaveOccurred()) }) }) - -func newCertManagerCAClusterIssuer(name, secretName string) *v1alpha1.ClusterIssuer { - return &v1alpha1.ClusterIssuer{ - ObjectMeta: metav1.ObjectMeta{ - Name: name, - }, - Spec: v1alpha1.IssuerSpec{ - IssuerConfig: v1alpha1.IssuerConfig{ - CA: &v1alpha1.CAIssuer{ - SecretRef: v1alpha1.LocalObjectReference{ - Name: secretName, - }, - }, - }, - }, - } -} diff --git a/test/e2e/e2e.go b/test/e2e/e2e.go index 0b9dc6375..cd33b6ac6 100644 --- a/test/e2e/e2e.go +++ b/test/e2e/e2e.go @@ -23,7 +23,10 @@ import ( _ "k8s.io/client-go/plugin/pkg/client/auth" "github.com/jetstack-experimental/cert-manager/pkg/logs" + _ "github.com/jetstack-experimental/cert-manager/test/e2e/certificate" + _ "github.com/jetstack-experimental/cert-manager/test/e2e/clusterissuer" "github.com/jetstack-experimental/cert-manager/test/e2e/framework" + _ "github.com/jetstack-experimental/cert-manager/test/e2e/issuer" ) // TestE2E checks configuration parameters (specified through flags) and then runs diff --git a/test/e2e/e2e_test.go b/test/e2e/e2e_test.go index c320fd3f6..7fe04530f 100644 --- a/test/e2e/e2e_test.go +++ b/test/e2e/e2e_test.go @@ -14,7 +14,6 @@ limitations under the License. package e2e import ( - "flag" "testing" "github.com/golang/glog" @@ -23,15 +22,7 @@ import ( "github.com/jetstack-experimental/cert-manager/test/e2e/framework" ) -var certManagerImageFlag string -var certManagerImagePullPolicy string - func init() { - flag.StringVar(&certManagerImageFlag, "cert-manager-image", "jetstackexperimental/cert-manager-controller:canary", - "The container image for cert-manager to test against") - flag.StringVar(&certManagerImagePullPolicy, "cert-manager-image-pull-policy", "Never", - "The image pull policy to use for cert-manager when running tests") - framework.RegisterParseFlags() if "" == framework.TestContext.KubeConfig { diff --git a/test/e2e/issuer_acme.go b/test/e2e/issuer/issuer_acme.go similarity index 78% rename from test/e2e/issuer_acme.go rename to test/e2e/issuer/issuer_acme.go index 29e060a51..cbdf1fe1e 100644 --- a/test/e2e/issuer_acme.go +++ b/test/e2e/issuer/issuer_acme.go @@ -11,12 +11,11 @@ See the License for the specific language governing permissions and limitations under the License. */ -package e2e +package issuer import ( . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "github.com/jetstack-experimental/cert-manager/pkg/apis/certmanager/v1alpha1" "github.com/jetstack-experimental/cert-manager/test/e2e/framework" @@ -31,7 +30,7 @@ var _ = framework.CertManagerDescribe("ACME Issuer", func() { BeforeEach(func() { By("Creating a cert-manager pod") - pod, err := f.KubeClientSet.CoreV1().Pods(f.Namespace.Name).Create(NewCertManagerControllerPod(podName)) + pod, err := f.KubeClientSet.CoreV1().Pods(f.Namespace.Name).Create(util.NewCertManagerControllerPod(podName)) Expect(err).NotTo(HaveOccurred()) err = framework.WaitForPodRunningInNamespace(f.KubeClientSet, pod) Expect(err).NotTo(HaveOccurred()) @@ -45,7 +44,7 @@ var _ = framework.CertManagerDescribe("ACME Issuer", func() { It("should register ACME account", func() { By("Creating an Issuer") - _, err := f.CertManagerClientSet.CertmanagerV1alpha1().Issuers(f.Namespace.Name).Create(newCertManagerACMEIssuer(issuerName, testingACMEURL, testingACMEEmail, testingACMEPrivateKey)) + _, err := f.CertManagerClientSet.CertmanagerV1alpha1().Issuers(f.Namespace.Name).Create(util.NewCertManagerACMEIssuer(issuerName, testingACMEURL, testingACMEEmail, testingACMEPrivateKey)) Expect(err).NotTo(HaveOccurred()) By("Waiting for Issuer to become Ready") err = util.WaitForIssuerCondition(f.CertManagerClientSet.CertmanagerV1alpha1().Issuers(f.Namespace.Name), @@ -59,7 +58,7 @@ var _ = framework.CertManagerDescribe("ACME Issuer", func() { It("should fail to register an ACME account", func() { By("Creating an Issuer with an invalid server") - _, err := f.CertManagerClientSet.CertmanagerV1alpha1().Issuers(f.Namespace.Name).Create(newCertManagerACMEIssuer(issuerName, invalidACMEURL, testingACMEEmail, testingACMEPrivateKey)) + _, err := f.CertManagerClientSet.CertmanagerV1alpha1().Issuers(f.Namespace.Name).Create(util.NewCertManagerACMEIssuer(issuerName, invalidACMEURL, testingACMEEmail, testingACMEPrivateKey)) Expect(err).NotTo(HaveOccurred()) By("Waiting for Issuer to become non-Ready") err = util.WaitForIssuerCondition(f.CertManagerClientSet.CertmanagerV1alpha1().Issuers(f.Namespace.Name), @@ -76,20 +75,3 @@ const testingACMEURL = "https://acme-staging.api.letsencrypt.org/directory" const invalidACMEURL = "http://not-a-real-acme-url.com" const testingACMEEmail = "test@example.com" const testingACMEPrivateKey = "test-acme-private-key" - -func newCertManagerACMEIssuer(name, acmeURL, acmeEmail, acmePrivateKey string) *v1alpha1.Issuer { - return &v1alpha1.Issuer{ - ObjectMeta: metav1.ObjectMeta{ - Name: name, - }, - Spec: v1alpha1.IssuerSpec{ - IssuerConfig: v1alpha1.IssuerConfig{ - ACME: &v1alpha1.ACMEIssuer{ - Email: acmeEmail, - Server: acmeURL, - PrivateKey: acmePrivateKey, - }, - }, - }, - } -} diff --git a/test/e2e/issuer/issuer_ca.go b/test/e2e/issuer/issuer_ca.go new file mode 100644 index 000000000..a3759bfd2 --- /dev/null +++ b/test/e2e/issuer/issuer_ca.go @@ -0,0 +1,64 @@ +/* +Copyright 2017 Jetstack Ltd. +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + http://www.apache.org/licenses/LICENSE-2.0 +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package issuer + +import ( + . "github.com/onsi/ginkgo" + . "github.com/onsi/gomega" + + "github.com/jetstack-experimental/cert-manager/pkg/apis/certmanager/v1alpha1" + "github.com/jetstack-experimental/cert-manager/test/e2e/framework" + "github.com/jetstack-experimental/cert-manager/test/util" +) + +var _ = framework.CertManagerDescribe("CA Issuer", func() { + f := framework.NewDefaultFramework("create-ca-issuer") + + podName := "test-cert-manager" + issuerName := "test-ca-issuer" + secretName := "ca-issuer-signing-keypair" + + BeforeEach(func() { + By("Creating a cert-manager pod") + pod, err := f.KubeClientSet.CoreV1().Pods(f.Namespace.Name).Create(util.NewCertManagerControllerPod(podName)) + Expect(err).NotTo(HaveOccurred()) + err = framework.WaitForPodRunningInNamespace(f.KubeClientSet, pod) + Expect(err).NotTo(HaveOccurred()) + By("Creating a signing keypair fixture") + _, err = f.KubeClientSet.CoreV1().Secrets(f.Namespace.Name).Create(util.NewSigningKeypairSecret(secretName)) + Expect(err).NotTo(HaveOccurred()) + }) + + AfterEach(func() { + By("Deleting the cert-manager pod") + err := f.KubeClientSet.CoreV1().Pods(f.Namespace.Name).Delete(podName, nil) + Expect(err).NotTo(HaveOccurred()) + err = f.KubeClientSet.CoreV1().Secrets(f.Namespace.Name).Delete(secretName, nil) + Expect(err).NotTo(HaveOccurred()) + }) + + It("should generate a signing keypair", func() { + By("Creating an Issuer") + _, err := f.CertManagerClientSet.CertmanagerV1alpha1().Issuers(f.Namespace.Name).Create(util.NewCertManagerCAIssuer(issuerName, secretName)) + Expect(err).NotTo(HaveOccurred()) + By("Waiting for Issuer to become Ready") + err = util.WaitForIssuerCondition(f.CertManagerClientSet.CertmanagerV1alpha1().Issuers(f.Namespace.Name), + issuerName, + v1alpha1.IssuerCondition{ + Type: v1alpha1.IssuerConditionReady, + Status: v1alpha1.ConditionTrue, + }) + Expect(err).NotTo(HaveOccurred()) + }) +}) diff --git a/test/e2e/issuer_ca.go b/test/e2e/issuer_ca.go deleted file mode 100644 index ec69ad11f..000000000 --- a/test/e2e/issuer_ca.go +++ /dev/null @@ -1,143 +0,0 @@ -/* -Copyright 2017 Jetstack Ltd. -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - http://www.apache.org/licenses/LICENSE-2.0 -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package e2e - -import ( - . "github.com/onsi/ginkgo" - . "github.com/onsi/gomega" - apiv1 "k8s.io/api/core/v1" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - - "github.com/jetstack-experimental/cert-manager/pkg/apis/certmanager/v1alpha1" - "github.com/jetstack-experimental/cert-manager/test/e2e/framework" - "github.com/jetstack-experimental/cert-manager/test/util" -) - -var _ = framework.CertManagerDescribe("CA Issuer", func() { - f := framework.NewDefaultFramework("create-ca-issuer") - - podName := "test-cert-manager" - issuerName := "test-ca-issuer" - secretName := "ca-issuer-signing-keypair" - - BeforeEach(func() { - By("Creating a cert-manager pod") - pod, err := f.KubeClientSet.CoreV1().Pods(f.Namespace.Name).Create(NewCertManagerControllerPod(podName)) - Expect(err).NotTo(HaveOccurred()) - err = framework.WaitForPodRunningInNamespace(f.KubeClientSet, pod) - Expect(err).NotTo(HaveOccurred()) - By("Creating a signing keypair fixture") - _, err = f.KubeClientSet.CoreV1().Secrets(f.Namespace.Name).Create(newSigningKeypairSecret(secretName)) - Expect(err).NotTo(HaveOccurred()) - }) - - AfterEach(func() { - By("Deleting the cert-manager pod") - err := f.KubeClientSet.CoreV1().Pods(f.Namespace.Name).Delete(podName, nil) - Expect(err).NotTo(HaveOccurred()) - err = f.KubeClientSet.CoreV1().Secrets(f.Namespace.Name).Delete(secretName, nil) - Expect(err).NotTo(HaveOccurred()) - }) - - It("should generate a signing keypair", func() { - By("Creating an Issuer") - _, err := f.CertManagerClientSet.CertmanagerV1alpha1().Issuers(f.Namespace.Name).Create(newCertManagerCAIssuer(issuerName, secretName)) - Expect(err).NotTo(HaveOccurred()) - By("Waiting for Issuer to become Ready") - err = util.WaitForIssuerCondition(f.CertManagerClientSet.CertmanagerV1alpha1().Issuers(f.Namespace.Name), - issuerName, - v1alpha1.IssuerCondition{ - Type: v1alpha1.IssuerConditionReady, - Status: v1alpha1.ConditionTrue, - }) - Expect(err).NotTo(HaveOccurred()) - }) -}) - -func newCertManagerCAIssuer(name, secretName string) *v1alpha1.Issuer { - return &v1alpha1.Issuer{ - ObjectMeta: metav1.ObjectMeta{ - Name: name, - }, - Spec: v1alpha1.IssuerSpec{ - IssuerConfig: v1alpha1.IssuerConfig{ - CA: &v1alpha1.CAIssuer{ - SecretRef: v1alpha1.LocalObjectReference{ - Name: secretName, - }, - }, - }, - }, - } -} - -func newSigningKeypairSecret(name string) *apiv1.Secret { - return &apiv1.Secret{ - ObjectMeta: metav1.ObjectMeta{ - Name: name, - }, - StringData: map[string]string{ - apiv1.TLSCertKey: `-----BEGIN CERTIFICATE----- -MIID4DCCAsigAwIBAgIJAJzTROInmDkQMA0GCSqGSIb3DQEBCwUAMFMxCzAJBgNV -BAYTAlVLMQswCQYDVQQIEwJOQTEVMBMGA1UEChMMY2VydC1tYW5hZ2VyMSAwHgYD -VQQDExdjZXJ0LW1hbmFnZXIgdGVzdGluZyBDQTAeFw0xNzA5MTAxODMzNDNaFw0y -NzA5MDgxODMzNDNaMFMxCzAJBgNVBAYTAlVLMQswCQYDVQQIEwJOQTEVMBMGA1UE -ChMMY2VydC1tYW5hZ2VyMSAwHgYDVQQDExdjZXJ0LW1hbmFnZXIgdGVzdGluZyBD -QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM+Q2AO4hARav0qwjk7I -4mEh5R201HS8s7HpaLOXBNvvh7qJ9yJz6jLqYg6EvP0K/bK56Cp2oe2igd7GOxpV -3YPOc3CG0CCqHMprEcvxj2xBKX00Rtcn4oVLhDPhAb0BV/R7NFLeWxzh+ggvPI1X -m1qLaWYqYZEJ5bBsYXD3tPdS4GGINRz8Zvih46f0Z2wVkCGoTpsbX8HO74sa2Day -UjzAsWGlO5bZGiMSHjDEnf9yek2TcjEyVoohoOLaQg/ng21T5RWzeZKTl1cznwuG -Vr9tZfHFqxQ5qeaId+1ICtxNvkEjbTnZl6Wy9Cthn0dxwOeS5TqMJ7SFNXy1gp4j -f/MCAwEAAaOBtjCBszAdBgNVHQ4EFgQUBtrjvWfbkLA0iX6sKVRhKUo864kwgYMG -A1UdIwR8MHqAFAba471n25CwNIl+rClUYSlKPOuJoVekVTBTMQswCQYDVQQGEwJV -SzELMAkGA1UECBMCTkExFTATBgNVBAoTDGNlcnQtbWFuYWdlcjEgMB4GA1UEAxMX -Y2VydC1tYW5hZ2VyIHRlc3RpbmcgQ0GCCQCc00TiJ5g5EDAMBgNVHRMEBTADAQH/ -MA0GCSqGSIb3DQEBCwUAA4IBAQCR+jXhup5tCKwhAf8xgvp589BczQOjmotuZGEL -Dcint2y263ChEdsoLhyJfvFCAZfTSm+UT95Hl+ZKVuoVEcAS7udaFUFpC/gIYVOi -H4/uvJps4SpVCB7+T/orcTjZ2ewT23mQAQg+B+iwX9VCof+fadkYOg1XD9/eaj6E -9McXID3iuCXg02RmEOwVMrTggHPwHrOGAilSaZc58cJZHmMYlT5rGrJcWS/AyXnH -VOodKC004yjh7w9aSbCCbAL0tDEnhm4Jrb8cxt7pDWbdEVUeuk9LZRQtluYBnmJU -kQ7ALfUfUh/RUpCV4uI6sEI3NDX2YqQbOtsBD/hNaL1F85FA ------END CERTIFICATE-----`, - apiv1.TLSPrivateKeyKey: `-----BEGIN RSA PRIVATE KEY----- -MIIEpAIBAAKCAQEAz5DYA7iEBFq/SrCOTsjiYSHlHbTUdLyzselos5cE2++Huon3 -InPqMupiDoS8/Qr9srnoKnah7aKB3sY7GlXdg85zcIbQIKocymsRy/GPbEEpfTRG -1yfihUuEM+EBvQFX9Hs0Ut5bHOH6CC88jVebWotpZiphkQnlsGxhcPe091LgYYg1 -HPxm+KHjp/RnbBWQIahOmxtfwc7vixrYNrJSPMCxYaU7ltkaIxIeMMSd/3J6TZNy -MTJWiiGg4tpCD+eDbVPlFbN5kpOXVzOfC4ZWv21l8cWrFDmp5oh37UgK3E2+QSNt -OdmXpbL0K2GfR3HA55LlOowntIU1fLWCniN/8wIDAQABAoIBAQCYvGvIKSG0FpbG -vi6pmLbEZO20s1jW4fiUxT2PUWR49sR4pocdahB/EOvA5TowNcNDnftSK+Ox+q/4 -HwRkt6R+Fg/qULmcH7F53dnFqeYw8a42/J3YOvg7v7rzdfISg4eWVobFJ+wBz+Nt -3FyBYWLm+MlBLZSH5rGG5em59/zJNHWIhH+oQPfCxAkYEvd8tXOTUzjhqvEfjaJy -FZghnT9xto4MwDdNCPbtzdNjTMhiv0AHkcZGGtRJfkehXX2qhXOQ2UzzO9XrMZnv -5KgYf+bXKJsyS3SPl6TTl7vg2gKBciRvsdFhMy5I5GyIADrEDJnNNmXQRtiaFLfd -k/aqfPT5AoGBAPquMouZUbVS/Qh+qbls7G4zAuznfCiqdctcKmUGPRP4sTTjWdUp -fjI+UTt1e8hncmr4RY7Oa9kUV/kDwzS5spUZZ+u0PczS3XKxOwNOleoH00dfc9vt -cxctHdPdDTndRi8Z4k3m931jIX7jB/Pyx8qeNYB3pj0k3ThktwMbAVLnAoGBANP4 -beI5zpbvtAdExJcuxx2mRDGF0lIdKC0bvQaeqM3Lwqnmc0Fz1dbP7KXDa+SdJWPd -res+NHPZoEPeEJuDTSngXOLNECZe4Ja9frn1TeY858vMJBwIkyc8zu+sgXxjQUM+ -TWUlTUhtXyybkRnxAEny4OT2TTgmXITJaKOmV1UVAoGAHaXSlo4YitB42rNYUXTf -dZ0U4H30Qj7+1YFeBjq5qI4GL1IgQsS4hyq1osmfTTFm593bJCunt7HfQbU/NhIs -W9P4ZXkYwgvCYxkw+JAnzNkGFO/mHQG1Ve1hFLiVIt3XuiRejoYdiTfbM02YmDKD -jKQvgbUk9SBSBaRrvLNJ8csCgYAYnrZEnGo+ZcEHRxl+ZdSCwRkSl3SCTRiphJtD -9ZGttYj6quWgKJAhzyyxZC1X9FivbMQSmrsE6bYPq+9J4MpJnuGrBh5mFocHeyMI -/lD5+QEDTsay6twMpqdydxrjE7Q01zuuD9MWIn33dGo6FR/vduJgNatqZipA0hPx -ThS+sQKBgQDh0+cVo1mfYiCkp3IQPB8QYiJ/g2/UBk6pH8ZZDZ+A5td6NveiWO1y -wTEUWkX2qyz9SLxWDGOhdKqxNrLCUSYSOV/5/JQEtBm6K50ArFtrY40JP/T/5KvM -tSK2ayFX1wQ3PuEmewAogy/20tWo80cr556AXA62Utl2PzLK30Db8w== ------END RSA PRIVATE KEY-----`, - }, - } -} diff --git a/test/e2e/util.go b/test/e2e/util.go deleted file mode 100644 index c3d68c840..000000000 --- a/test/e2e/util.go +++ /dev/null @@ -1,31 +0,0 @@ -package e2e - -import ( - "k8s.io/api/core/v1" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -) - -func NewCertManagerControllerPod(name string, args ...string) *v1.Pod { - return &v1.Pod{ - ObjectMeta: metav1.ObjectMeta{ - Name: name, - Labels: map[string]string{ - "app": name, - }, - }, - Spec: v1.PodSpec{ - Containers: []v1.Container{ - { - Name: name, - Image: certManagerImageFlag, - Args: args, - ImagePullPolicy: v1.PullPolicy(certManagerImagePullPolicy), - }, - }, - }, - } -} - -func strPtr(s string) *string { - return &s -} diff --git a/test/util/util.go b/test/util/util.go index 1ef45c4f1..947f211bf 100644 --- a/test/util/util.go +++ b/test/util/util.go @@ -1,10 +1,12 @@ package util import ( + "flag" "fmt" "time" "github.com/golang/glog" + "k8s.io/api/core/v1" apiextcs "k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/typed/apiextensions/v1beta1" "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -14,6 +16,16 @@ import ( clientset "github.com/jetstack-experimental/cert-manager/pkg/client/clientset/typed/certmanager/v1alpha1" ) +var certManagerImageFlag string +var certManagerImagePullPolicy string + +func init() { + flag.StringVar(&certManagerImageFlag, "cert-manager-image", "jetstackexperimental/cert-manager-controller:canary", + "The container image for cert-manager to test against") + flag.StringVar(&certManagerImagePullPolicy, "cert-manager-image-pull-policy", "Never", + "The image pull policy to use for cert-manager when running tests") +} + // WaitForIssuerCondition waits for the status of the named issuer to contain // a condition whose type and status matches the supplied one. func WaitForIssuerCondition(client clientset.IssuerInterface, name string, condition v1alpha1.IssuerCondition) error { @@ -81,3 +93,153 @@ func WaitForCRDToNotExist(client apiextcs.CustomResourceDefinitionInterface, nam }, ) } + +func NewCertManagerControllerPod(name string, args ...string) *v1.Pod { + return &v1.Pod{ + ObjectMeta: metav1.ObjectMeta{ + Name: name, + Labels: map[string]string{ + "app": name, + }, + }, + Spec: v1.PodSpec{ + Containers: []v1.Container{ + { + Name: name, + Image: certManagerImageFlag, + Args: args, + ImagePullPolicy: v1.PullPolicy(certManagerImagePullPolicy), + }, + }, + }, + } +} + +func NewCertManagerCAClusterIssuer(name, secretName string) *v1alpha1.ClusterIssuer { + return &v1alpha1.ClusterIssuer{ + ObjectMeta: metav1.ObjectMeta{ + Name: name, + }, + Spec: v1alpha1.IssuerSpec{ + IssuerConfig: v1alpha1.IssuerConfig{ + CA: &v1alpha1.CAIssuer{ + SecretRef: v1alpha1.LocalObjectReference{ + Name: secretName, + }, + }, + }, + }, + } +} + +func NewCertManagerCACertificate(name, secretName, issuerName string, issuerKind string) *v1alpha1.Certificate { + return &v1alpha1.Certificate{ + ObjectMeta: metav1.ObjectMeta{ + Name: name, + }, + Spec: v1alpha1.CertificateSpec{ + Domains: []string{ + "test.domain.com", + }, + SecretName: secretName, + IssuerRef: v1alpha1.ObjectReference{ + Name: issuerName, + Kind: issuerKind, + }, + }, + } +} + +func NewCertManagerACMEIssuer(name, acmeURL, acmeEmail, acmePrivateKey string) *v1alpha1.Issuer { + return &v1alpha1.Issuer{ + ObjectMeta: metav1.ObjectMeta{ + Name: name, + }, + Spec: v1alpha1.IssuerSpec{ + IssuerConfig: v1alpha1.IssuerConfig{ + ACME: &v1alpha1.ACMEIssuer{ + Email: acmeEmail, + Server: acmeURL, + PrivateKey: acmePrivateKey, + }, + }, + }, + } +} + +func NewCertManagerCAIssuer(name, secretName string) *v1alpha1.Issuer { + return &v1alpha1.Issuer{ + ObjectMeta: metav1.ObjectMeta{ + Name: name, + }, + Spec: v1alpha1.IssuerSpec{ + IssuerConfig: v1alpha1.IssuerConfig{ + CA: &v1alpha1.CAIssuer{ + SecretRef: v1alpha1.LocalObjectReference{ + Name: secretName, + }, + }, + }, + }, + } +} + +func NewSigningKeypairSecret(name string) *v1.Secret { + return &v1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: name, + }, + StringData: map[string]string{ + v1.TLSCertKey: `-----BEGIN CERTIFICATE----- +MIID4DCCAsigAwIBAgIJAJzTROInmDkQMA0GCSqGSIb3DQEBCwUAMFMxCzAJBgNV +BAYTAlVLMQswCQYDVQQIEwJOQTEVMBMGA1UEChMMY2VydC1tYW5hZ2VyMSAwHgYD +VQQDExdjZXJ0LW1hbmFnZXIgdGVzdGluZyBDQTAeFw0xNzA5MTAxODMzNDNaFw0y +NzA5MDgxODMzNDNaMFMxCzAJBgNVBAYTAlVLMQswCQYDVQQIEwJOQTEVMBMGA1UE +ChMMY2VydC1tYW5hZ2VyMSAwHgYDVQQDExdjZXJ0LW1hbmFnZXIgdGVzdGluZyBD +QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM+Q2AO4hARav0qwjk7I +4mEh5R201HS8s7HpaLOXBNvvh7qJ9yJz6jLqYg6EvP0K/bK56Cp2oe2igd7GOxpV +3YPOc3CG0CCqHMprEcvxj2xBKX00Rtcn4oVLhDPhAb0BV/R7NFLeWxzh+ggvPI1X +m1qLaWYqYZEJ5bBsYXD3tPdS4GGINRz8Zvih46f0Z2wVkCGoTpsbX8HO74sa2Day +UjzAsWGlO5bZGiMSHjDEnf9yek2TcjEyVoohoOLaQg/ng21T5RWzeZKTl1cznwuG +Vr9tZfHFqxQ5qeaId+1ICtxNvkEjbTnZl6Wy9Cthn0dxwOeS5TqMJ7SFNXy1gp4j +f/MCAwEAAaOBtjCBszAdBgNVHQ4EFgQUBtrjvWfbkLA0iX6sKVRhKUo864kwgYMG +A1UdIwR8MHqAFAba471n25CwNIl+rClUYSlKPOuJoVekVTBTMQswCQYDVQQGEwJV +SzELMAkGA1UECBMCTkExFTATBgNVBAoTDGNlcnQtbWFuYWdlcjEgMB4GA1UEAxMX +Y2VydC1tYW5hZ2VyIHRlc3RpbmcgQ0GCCQCc00TiJ5g5EDAMBgNVHRMEBTADAQH/ +MA0GCSqGSIb3DQEBCwUAA4IBAQCR+jXhup5tCKwhAf8xgvp589BczQOjmotuZGEL +Dcint2y263ChEdsoLhyJfvFCAZfTSm+UT95Hl+ZKVuoVEcAS7udaFUFpC/gIYVOi +H4/uvJps4SpVCB7+T/orcTjZ2ewT23mQAQg+B+iwX9VCof+fadkYOg1XD9/eaj6E +9McXID3iuCXg02RmEOwVMrTggHPwHrOGAilSaZc58cJZHmMYlT5rGrJcWS/AyXnH +VOodKC004yjh7w9aSbCCbAL0tDEnhm4Jrb8cxt7pDWbdEVUeuk9LZRQtluYBnmJU +kQ7ALfUfUh/RUpCV4uI6sEI3NDX2YqQbOtsBD/hNaL1F85FA +-----END CERTIFICATE-----`, + v1.TLSPrivateKeyKey: `-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAz5DYA7iEBFq/SrCOTsjiYSHlHbTUdLyzselos5cE2++Huon3 +InPqMupiDoS8/Qr9srnoKnah7aKB3sY7GlXdg85zcIbQIKocymsRy/GPbEEpfTRG +1yfihUuEM+EBvQFX9Hs0Ut5bHOH6CC88jVebWotpZiphkQnlsGxhcPe091LgYYg1 +HPxm+KHjp/RnbBWQIahOmxtfwc7vixrYNrJSPMCxYaU7ltkaIxIeMMSd/3J6TZNy +MTJWiiGg4tpCD+eDbVPlFbN5kpOXVzOfC4ZWv21l8cWrFDmp5oh37UgK3E2+QSNt +OdmXpbL0K2GfR3HA55LlOowntIU1fLWCniN/8wIDAQABAoIBAQCYvGvIKSG0FpbG +vi6pmLbEZO20s1jW4fiUxT2PUWR49sR4pocdahB/EOvA5TowNcNDnftSK+Ox+q/4 +HwRkt6R+Fg/qULmcH7F53dnFqeYw8a42/J3YOvg7v7rzdfISg4eWVobFJ+wBz+Nt +3FyBYWLm+MlBLZSH5rGG5em59/zJNHWIhH+oQPfCxAkYEvd8tXOTUzjhqvEfjaJy +FZghnT9xto4MwDdNCPbtzdNjTMhiv0AHkcZGGtRJfkehXX2qhXOQ2UzzO9XrMZnv +5KgYf+bXKJsyS3SPl6TTl7vg2gKBciRvsdFhMy5I5GyIADrEDJnNNmXQRtiaFLfd +k/aqfPT5AoGBAPquMouZUbVS/Qh+qbls7G4zAuznfCiqdctcKmUGPRP4sTTjWdUp +fjI+UTt1e8hncmr4RY7Oa9kUV/kDwzS5spUZZ+u0PczS3XKxOwNOleoH00dfc9vt +cxctHdPdDTndRi8Z4k3m931jIX7jB/Pyx8qeNYB3pj0k3ThktwMbAVLnAoGBANP4 +beI5zpbvtAdExJcuxx2mRDGF0lIdKC0bvQaeqM3Lwqnmc0Fz1dbP7KXDa+SdJWPd +res+NHPZoEPeEJuDTSngXOLNECZe4Ja9frn1TeY858vMJBwIkyc8zu+sgXxjQUM+ +TWUlTUhtXyybkRnxAEny4OT2TTgmXITJaKOmV1UVAoGAHaXSlo4YitB42rNYUXTf +dZ0U4H30Qj7+1YFeBjq5qI4GL1IgQsS4hyq1osmfTTFm593bJCunt7HfQbU/NhIs +W9P4ZXkYwgvCYxkw+JAnzNkGFO/mHQG1Ve1hFLiVIt3XuiRejoYdiTfbM02YmDKD +jKQvgbUk9SBSBaRrvLNJ8csCgYAYnrZEnGo+ZcEHRxl+ZdSCwRkSl3SCTRiphJtD +9ZGttYj6quWgKJAhzyyxZC1X9FivbMQSmrsE6bYPq+9J4MpJnuGrBh5mFocHeyMI +/lD5+QEDTsay6twMpqdydxrjE7Q01zuuD9MWIn33dGo6FR/vduJgNatqZipA0hPx +ThS+sQKBgQDh0+cVo1mfYiCkp3IQPB8QYiJ/g2/UBk6pH8ZZDZ+A5td6NveiWO1y +wTEUWkX2qyz9SLxWDGOhdKqxNrLCUSYSOV/5/JQEtBm6K50ArFtrY40JP/T/5KvM +tSK2ayFX1wQ3PuEmewAogy/20tWo80cr556AXA62Utl2PzLK30Db8w== +-----END RSA PRIVATE KEY-----`, + }, + } +}