From 5c60618201793b31a2af06a422b74c6d76e48ee4 Mon Sep 17 00:00:00 2001
From: James Munnelly <james.munnelly@jetstack.io>
Date: Wed, 25 Apr 2018 16:27:51 +0100
Subject: [PATCH 1/3] Change existing wildcard cert test to be a regular dns01
 test

---
 test/e2e/certificate/certificate_acme_dns01.go | 9 ++++++---
 test/util/generate/certificate.go              | 2 ++
 2 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/test/e2e/certificate/certificate_acme_dns01.go b/test/e2e/certificate/certificate_acme_dns01.go
index e15d1f4dd..f18a4b40f 100644
--- a/test/e2e/certificate/certificate_acme_dns01.go
+++ b/test/e2e/certificate/certificate_acme_dns01.go
@@ -132,22 +132,25 @@ var _ = framework.CertManagerDescribe("ACME Certificate (DNS01)", func() {
 		f.CertManagerClientSet.CertmanagerV1alpha1().Issuers(f.Namespace.Name).Delete(issuerName, nil)
 		f.KubeClientSet.CoreV1().Secrets(f.Namespace.Name).Delete(testingACMEPrivateKey, nil)
 		f.KubeClientSet.CoreV1().Secrets(f.Namespace.Name).Delete(cloudflareSecretName, nil)
+		f.KubeClientSet.CoreV1().Secrets(f.Namespace.Name).Delete(certificateSecretName, nil)
 	})
 
-	It("should obtain a signed certificate for a wildcard domain", func() {
+	It("should obtain a signed certificate for a regular domain", func() {
 		By("Creating a Certificate")
+		dnsName := cmutil.RandStringRunes(5) + "." + util.ACMECloudflareDomain
 		cert := generate.Certificate(generate.CertificateConfig{
 			Name:       certificateName,
 			Namespace:  f.Namespace.Name,
+			SecretName: certificateSecretName,
 			IssuerName: issuerName,
-			DNSNames:   []string{"*." + cmutil.RandStringRunes(5) + "." + util.ACMECloudflareDomain},
+			DNSNames:   []string{dnsName},
 			ACMESolverConfig: v1alpha1.ACMESolverConfig{
 				DNS01: &v1alpha1.ACMECertificateDNS01Config{
 					Provider: "cloudflare",
 				},
 			},
 		})
-		cert, err := f.CertManagerClientSet.CertmanagerV1alpha1().Certificates(f.Namespace.Name).Create(util.NewCertManagerACMECertificate(certificateName, certificateSecretName, issuerName, v1alpha1.IssuerKind, acmeIngressClass, util.ACMECertificateDomain))
+		cert, err := f.CertManagerClientSet.CertmanagerV1alpha1().Certificates(f.Namespace.Name).Create(cert)
 		Expect(err).NotTo(HaveOccurred())
 		f.WaitCertificateIssuedValid(cert)
 	})
diff --git a/test/util/generate/certificate.go b/test/util/generate/certificate.go
index 819dcab7f..d21d4483b 100644
--- a/test/util/generate/certificate.go
+++ b/test/util/generate/certificate.go
@@ -12,6 +12,7 @@ type CertificateConfig struct {
 
 	// common parameters
 	IssuerName, IssuerKind string
+	SecretName             string
 	CommonName             string
 	DNSNames               []string
 
@@ -27,6 +28,7 @@ func Certificate(cfg CertificateConfig) *v1alpha1.Certificate {
 			Namespace: cfg.Namespace,
 		},
 		Spec: v1alpha1.CertificateSpec{
+			SecretName: cfg.SecretName,
 			IssuerRef: v1alpha1.ObjectReference{
 				Name: cfg.IssuerName,
 				Kind: cfg.IssuerKind,

From d0c76e4aabfea660c0b30b134d1ec398630319bb Mon Sep 17 00:00:00 2001
From: James Munnelly <james.munnelly@jetstack.io>
Date: Wed, 25 Apr 2018 16:58:50 +0100
Subject: [PATCH 2/3] Switch to Let's Encrypt staging endpoint for dns01 tests

---
 test/e2e/certificate/certificate_acme_dns01.go | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/test/e2e/certificate/certificate_acme_dns01.go b/test/e2e/certificate/certificate_acme_dns01.go
index f18a4b40f..711a52510 100644
--- a/test/e2e/certificate/certificate_acme_dns01.go
+++ b/test/e2e/certificate/certificate_acme_dns01.go
@@ -76,10 +76,12 @@ var _ = framework.CertManagerDescribe("ACME Certificate (DNS01)", func() {
 
 		By("Creating an Issuer")
 		issuer := generate.Issuer(generate.IssuerConfig{
-			Name:               issuerName,
-			Namespace:          f.Namespace.Name,
-			ACMESkipTLSVerify:  true,
-			ACMEServer:         framework.TestContext.ACMEURL,
+			Name:              issuerName,
+			Namespace:         f.Namespace.Name,
+			ACMESkipTLSVerify: true,
+			// Hardcode this to the acme staging endpoint now due to issues with pebble dns resolution
+			ACMEServer: "https://acme-staging-v02.api.letsencrypt.org/directory",
+			// ACMEServer:         framework.TestContext.ACMEURL,
 			ACMEEmail:          testingACMEEmail,
 			ACMEPrivateKeyName: testingACMEPrivateKey,
 			DNS01: &v1alpha1.ACMEIssuerDNS01Config{

From 7569e31b0b5c4cd1110f8b03dba667ac34ed7f96 Mon Sep 17 00:00:00 2001
From: James Munnelly <james.munnelly@jetstack.io>
Date: Wed, 25 Apr 2018 17:14:06 +0100
Subject: [PATCH 3/3] Re-add wildcard certificate test

---
 .../e2e/certificate/certificate_acme_dns01.go | 22 +++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/test/e2e/certificate/certificate_acme_dns01.go b/test/e2e/certificate/certificate_acme_dns01.go
index 711a52510..a2d1f9d11 100644
--- a/test/e2e/certificate/certificate_acme_dns01.go
+++ b/test/e2e/certificate/certificate_acme_dns01.go
@@ -156,4 +156,26 @@ var _ = framework.CertManagerDescribe("ACME Certificate (DNS01)", func() {
 		Expect(err).NotTo(HaveOccurred())
 		f.WaitCertificateIssuedValid(cert)
 	})
+
+	It("should obtain a signed certificate for a wildcard domain", func() {
+		By("Creating a Certificate")
+		dnsName := cmutil.RandStringRunes(5) + "." + util.ACMECloudflareDomain
+		cert := generate.Certificate(generate.CertificateConfig{
+			Name:       certificateName,
+			Namespace:  f.Namespace.Name,
+			SecretName: certificateSecretName,
+			IssuerName: issuerName,
+			DNSNames:   []string{"*." + dnsName},
+			ACMESolverConfig: v1alpha1.ACMESolverConfig{
+				DNS01: &v1alpha1.ACMECertificateDNS01Config{
+					Provider: "cloudflare",
+				},
+			},
+		})
+		// temporary hack whilst cert-manager does not understand wildcard domains in config
+		cert.Spec.ACME.Config[0].Domains = []string{dnsName}
+		cert, err := f.CertManagerClientSet.CertmanagerV1alpha1().Certificates(f.Namespace.Name).Create(cert)
+		Expect(err).NotTo(HaveOccurred())
+		f.WaitCertificateIssuedValid(cert)
+	})
 })