weiguoqiang/cert-manager
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

Merge pull request #513 from munnerz/e2e-dns01-regular

Browse Source 
Fix and extend DNS01 provider e2e tests
This commit is contained in:
jetstack-bot 2018-04-25 17:34:05 +01:00 committed by GitHub
commit d54278fee1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 36 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
test/e2e/certificate/certificate_acme_dns01.go
View File

@ -76,10 +76,12 @@ var _ = framework.CertManagerDescribe("ACME Certificate (DNS01)", func() {
By("Creating an Issuer")
issuer := generate.Issuer(generate.IssuerConfig{
Name: issuerName,
Namespace: f.Namespace.Name,
ACMESkipTLSVerify: true,
ACMEServer: framework.TestContext.ACMEURL,
Name: issuerName,
Namespace: f.Namespace.Name,
ACMESkipTLSVerify: true,
// Hardcode this to the acme staging endpoint now due to issues with pebble dns resolution
ACMEServer: "https://acme-staging-v02.api.letsencrypt.org/directory",
// ACMEServer: framework.TestContext.ACMEURL,
ACMEEmail: testingACMEEmail,
ACMEPrivateKeyName: testingACMEPrivateKey,
DNS01: &v1alpha1.ACMEIssuerDNS01Config{
@ -132,22 +134,47 @@ var _ = framework.CertManagerDescribe("ACME Certificate (DNS01)", func() {
f.CertManagerClientSet.CertmanagerV1alpha1().Issuers(f.Namespace.Name).Delete(issuerName, nil)
f.KubeClientSet.CoreV1().Secrets(f.Namespace.Name).Delete(testingACMEPrivateKey, nil)
f.KubeClientSet.CoreV1().Secrets(f.Namespace.Name).Delete(cloudflareSecretName, nil)
f.KubeClientSet.CoreV1().Secrets(f.Namespace.Name).Delete(certificateSecretName, nil)
})
It("should obtain a signed certificate for a wildcard domain", func() {
It("should obtain a signed certificate for a regular domain", func() {
By("Creating a Certificate")
dnsName := cmutil.RandStringRunes(5) + "." + util.ACMECloudflareDomain
cert := generate.Certificate(generate.CertificateConfig{
Name: certificateName,
Namespace: f.Namespace.Name,
SecretName: certificateSecretName,
IssuerName: issuerName,
DNSNames: []string{"*." + cmutil.RandStringRunes(5) + "." + util.ACMECloudflareDomain},
DNSNames: []string{dnsName},
ACMESolverConfig: v1alpha1.ACMESolverConfig{
DNS01: &v1alpha1.ACMECertificateDNS01Config{
Provider: "cloudflare",
},
},
})
cert, err := f.CertManagerClientSet.CertmanagerV1alpha1().Certificates(f.Namespace.Name).Create(util.NewCertManagerACMECertificate(certificateName, certificateSecretName, issuerName, v1alpha1.IssuerKind, acmeIngressClass, util.ACMECertificateDomain))
cert, err := f.CertManagerClientSet.CertmanagerV1alpha1().Certificates(f.Namespace.Name).Create(cert)
Expect(err).NotTo(HaveOccurred())
f.WaitCertificateIssuedValid(cert)
})
It("should obtain a signed certificate for a wildcard domain", func() {
By("Creating a Certificate")
dnsName := cmutil.RandStringRunes(5) + "." + util.ACMECloudflareDomain
cert := generate.Certificate(generate.CertificateConfig{
Name: certificateName,
Namespace: f.Namespace.Name,
SecretName: certificateSecretName,
IssuerName: issuerName,
DNSNames: []string{"*." + dnsName},
ACMESolverConfig: v1alpha1.ACMESolverConfig{
DNS01: &v1alpha1.ACMECertificateDNS01Config{
Provider: "cloudflare",
},
},
})
// temporary hack whilst cert-manager does not understand wildcard domains in config
cert.Spec.ACME.Config[0].Domains = []string{dnsName}
cert, err := f.CertManagerClientSet.CertmanagerV1alpha1().Certificates(f.Namespace.Name).Create(cert)
Expect(err).NotTo(HaveOccurred())
f.WaitCertificateIssuedValid(cert)
})

2
test/util/generate/certificate.go
View File

@ -12,6 +12,7 @@ type CertificateConfig struct {
// common parameters
IssuerName, IssuerKind string
SecretName string
CommonName string
DNSNames []string
@ -27,6 +28,7 @@ func Certificate(cfg CertificateConfig) *v1alpha1.Certificate {
Namespace: cfg.Namespace,
},
Spec: v1alpha1.CertificateSpec{
SecretName: cfg.SecretName,
IssuerRef: v1alpha1.ObjectReference{
Name: cfg.IssuerName,
Kind: cfg.IssuerKind,