summaryrefslogtreecommitdiffstats
path: root/certServiceK8sExternalProvider/src
diff options
context:
space:
mode:
Diffstat (limited to 'certServiceK8sExternalProvider/src')
-rw-r--r--certServiceK8sExternalProvider/src/cmpv2provisioner/cmpv2_provisioner_test.go129
-rw-r--r--certServiceK8sExternalProvider/src/cmpv2provisioner/test_resources/expected_signed.pem12
-rw-r--r--certServiceK8sExternalProvider/src/cmpv2provisioner/test_resources/expected_trusted.pem12
-rw-r--r--certServiceK8sExternalProvider/src/cmpv2provisioner/test_resources/test_certificate.pem18
-rw-r--r--certServiceK8sExternalProvider/src/cmpv2provisioner/test_resources/test_certificate_request.pem12
5 files changed, 181 insertions, 2 deletions
diff --git a/certServiceK8sExternalProvider/src/cmpv2provisioner/cmpv2_provisioner_test.go b/certServiceK8sExternalProvider/src/cmpv2provisioner/cmpv2_provisioner_test.go
index 92d09b3c..d2141abe 100644
--- a/certServiceK8sExternalProvider/src/cmpv2provisioner/cmpv2_provisioner_test.go
+++ b/certServiceK8sExternalProvider/src/cmpv2provisioner/cmpv2_provisioner_test.go
@@ -21,10 +21,135 @@
package cmpv2provisioner
import (
+ "bytes"
+ "context"
+ "log"
"testing"
+ "time"
+ "io/ioutil"
+
+ "onap.org/oom-certservice/k8s-external-provider/src/cmpv2api"
+
+ "github.com/stretchr/testify/assert"
+ "k8s.io/apimachinery/pkg/types"
+ cmapi "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1"
+ apimach "k8s.io/apimachinery/pkg/apis/meta/v1"
)
-func TestSignCertificate(t *testing.T) {
+const ISSUER_NAME = "cmpv2-issuer"
+const ISSUER_URL = "issuer/url"
+const KEY_NAME ="onapwro"
+const ISSUER_NAMESPACE = "onap"
+
+func Test_shouldCreateCorrectCertServiceCA(t *testing.T){
+ issuer, key := createIssuerAndKey(ISSUER_NAME, ISSUER_URL, KEY_NAME)
+ provisioner, err := New(&issuer, key)
+
+ assert.Nil(t, err)
+ assert.Equal(t, string(provisioner.key), string(key), "Unexpected provisioner key.")
+ assert.Equal(t, provisioner.name, issuer.Name, "Unexpected provisioner name.")
+ assert.Equal(t, provisioner.url, issuer.Spec.URL, "Unexpected provisioner url.")
+}
+
+func Test_shouldSuccessfullyLoadPreviouslyStoredProvisioner(t *testing.T){
+ issuer, key := createIssuerAndKey(ISSUER_NAME, ISSUER_URL, KEY_NAME)
+ provisioner, err := New(&issuer, key)
+
+ assert.Nil(t, err)
+
+ issuerNamespaceName := createIssuerNamespaceName(ISSUER_NAMESPACE, ISSUER_NAME)
+
+ Store(issuerNamespaceName, provisioner)
+ provisioner, ok := Load(issuerNamespaceName)
+
+ verifyThatConditionIsTrue(ok, "Provisioner could not be loaded.", t)
+ assert.Equal(t, string(provisioner.key), string(key), "Unexpected provisioner key.")
+ assert.Equal(t, provisioner.name, issuer.Name, "Unexpected provisioner name.")
+ assert.Equal(t, provisioner.url, issuer.Spec.URL, "Unexpected provisioner url.")
+}
+
+func Test_shouldReturnCorrectSignedPemsWhenParametersAreCorrect(t *testing.T) {
+ const EXPECTED_SIGNED_FILENAME = "test_resources/expected_signed.pem"
+ const EXPECTED_TRUSTED_FILENAME = "test_resources/expected_trusted.pem"
+
+ issuer, key := createIssuerAndKey(ISSUER_NAME, ISSUER_URL, KEY_NAME)
+
+ provisioner, err := New(&issuer, key)
+ issuerNamespaceName := createIssuerNamespaceName(ISSUER_NAMESPACE, ISSUER_NAME)
+ Store(issuerNamespaceName, provisioner)
+
+ provisioner, ok := Load(issuerNamespaceName)
+
+ verifyThatConditionIsTrue(ok, "Provisioner could not be loaded", t)
+
+ ctx := context.Background()
+ request := createCertificateRequest()
+
+ signedPEM, trustedCAs, err := provisioner.Sign(ctx, request)
+
+ assert.Nil(t, err)
+
+ verifyThatConditionIsTrue(areSlicesEqual(signedPEM, readFile(EXPECTED_SIGNED_FILENAME)), "Signed pem is different than expected.", t)
+ verifyThatConditionIsTrue(areSlicesEqual(trustedCAs, readFile(EXPECTED_TRUSTED_FILENAME)), "Trusted CAs pem is different than expected.", t)
+}
+
+func verifyThatConditionIsTrue(cond bool, message string, t *testing.T) {
+ if(!cond){
+ t.Fatal(message)
+ }
+}
+
+func createIssuerNamespaceName(namespace string, name string) types.NamespacedName{
+ return types.NamespacedName{
+ Namespace: namespace,
+ Name: name,
+ }
+}
+
+func createIssuerAndKey(name string, url string, key string) (cmpv2api.CMPv2Issuer, []byte) {
+ issuer := cmpv2api.CMPv2Issuer{}
+ issuer.Name = name
+ issuer.Spec.URL = url
+ return issuer, []byte(key)
+}
+
+func readFile(filename string) []byte{
+ certRequest, err := ioutil.ReadFile(filename)
+ if err != nil {
+ log.Fatal(err)
+ }
+ return certRequest
+}
+
+func createCertificateRequest() *cmapi.CertificateRequest {
+ const CERTIFICATE_DURATION = "1h"
+ const ISSUER_KIND = "CMPv2Issuer"
+ const ISSUER_GROUP = "certmanager.onap.org"
+ const CONDITION_TYPE = "Ready"
+
+ const SPEC_REQUEST_FILENAME = "test_resources/test_certificate_request.pem"
+ const STATUS_CERTIFICATE_FILENAME = "test_resources/test_certificate.pem"
+
+ duration := new(apimach.Duration)
+ d, _ := time.ParseDuration(CERTIFICATE_DURATION)
+ duration.Duration = d
+
+ request := new(cmapi.CertificateRequest)
+ request.Spec.Duration = duration
+ request.Spec.IssuerRef.Name = ISSUER_NAME
+ request.Spec.IssuerRef.Kind = ISSUER_KIND
+ request.Spec.IssuerRef.Group = ISSUER_GROUP
+ request.Spec.Request = readFile(SPEC_REQUEST_FILENAME)
+ request.Spec.IsCA = true
+
+ cond := new(cmapi.CertificateRequestCondition)
+ cond.Type = CONDITION_TYPE
+ request.Status.Conditions = []cmapi.CertificateRequestCondition{*cond}
+ request.Status.Certificate = readFile(STATUS_CERTIFICATE_FILENAME)
+
+ return request
+}
- t.Logf("Dummy GO test --> Everything is OK <--.")
+func areSlicesEqual(slice1 []byte, slice2 []byte) bool{
+ return bytes.Compare(slice1, slice2) == 0
}
diff --git a/certServiceK8sExternalProvider/src/cmpv2provisioner/test_resources/expected_signed.pem b/certServiceK8sExternalProvider/src/cmpv2provisioner/test_resources/expected_signed.pem
new file mode 100644
index 00000000..2d0e84d4
--- /dev/null
+++ b/certServiceK8sExternalProvider/src/cmpv2provisioner/test_resources/expected_signed.pem
@@ -0,0 +1,12 @@
+-----BEGIN CERTIFICATE-----
+MIIByjCCATMCAQAwgYkxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlh
+MRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRMwEQYDVQQKEwpHb29nbGUgSW5jMR8w
+HQYDVQQLExZJbmZvcm1hdGlvbiBUZWNobm9sb2d5MRcwFQYDVQQDEw53d3cuZ29v
+Z2xlLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEApZtYJCHJ4VpVXHfV
+IlstQTlO4qC03hjX+ZkPyvdYd1Q4+qbAeTwXmCUKYHThVRd5aXSqlPzyIBwieMZr
+WFlRQddZ1IzXAlVRDWwAo60KecqeAXnnUK+5fXoTI/UgWshre8tJ+x/TMHaQKR/J
+cIWPhqaQhsJuzZbvAdGA80BLxdMCAwEAAaAAMA0GCSqGSIb3DQEBBQUAA4GBAIhl
+4PvFq+e7ipARgI5ZM+GZx6mpCz44DTo0JkwfRDf+BtrsaC0q68eTf2XhYOsq4fkH
+Q0uA0aVog3f5iJxCa3Hp5gxbJQ6zV6kJ0TEsuaaOhEko9sdpCoPOnRBm2i/XRD2D
+6iNh8f8z0ShGsFqjDgFHyF3o+lUyj+UC6H1QW7bn
+-----END CERTIFICATE-----
diff --git a/certServiceK8sExternalProvider/src/cmpv2provisioner/test_resources/expected_trusted.pem b/certServiceK8sExternalProvider/src/cmpv2provisioner/test_resources/expected_trusted.pem
new file mode 100644
index 00000000..2d0e84d4
--- /dev/null
+++ b/certServiceK8sExternalProvider/src/cmpv2provisioner/test_resources/expected_trusted.pem
@@ -0,0 +1,12 @@
+-----BEGIN CERTIFICATE-----
+MIIByjCCATMCAQAwgYkxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlh
+MRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRMwEQYDVQQKEwpHb29nbGUgSW5jMR8w
+HQYDVQQLExZJbmZvcm1hdGlvbiBUZWNobm9sb2d5MRcwFQYDVQQDEw53d3cuZ29v
+Z2xlLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEApZtYJCHJ4VpVXHfV
+IlstQTlO4qC03hjX+ZkPyvdYd1Q4+qbAeTwXmCUKYHThVRd5aXSqlPzyIBwieMZr
+WFlRQddZ1IzXAlVRDWwAo60KecqeAXnnUK+5fXoTI/UgWshre8tJ+x/TMHaQKR/J
+cIWPhqaQhsJuzZbvAdGA80BLxdMCAwEAAaAAMA0GCSqGSIb3DQEBBQUAA4GBAIhl
+4PvFq+e7ipARgI5ZM+GZx6mpCz44DTo0JkwfRDf+BtrsaC0q68eTf2XhYOsq4fkH
+Q0uA0aVog3f5iJxCa3Hp5gxbJQ6zV6kJ0TEsuaaOhEko9sdpCoPOnRBm2i/XRD2D
+6iNh8f8z0ShGsFqjDgFHyF3o+lUyj+UC6H1QW7bn
+-----END CERTIFICATE-----
diff --git a/certServiceK8sExternalProvider/src/cmpv2provisioner/test_resources/test_certificate.pem b/certServiceK8sExternalProvider/src/cmpv2provisioner/test_resources/test_certificate.pem
new file mode 100644
index 00000000..7f306269
--- /dev/null
+++ b/certServiceK8sExternalProvider/src/cmpv2provisioner/test_resources/test_certificate.pem
@@ -0,0 +1,18 @@
+-----BEGIN CERTIFICATE-----
+MIIC+TCCAeGgAwIBAgIJAKPGwKDl/5HnMA0GCSqGSIb3DQEBCwUAMBMxETAPBgNV
+BAMMCGpvc2h2YW5sMB4XDTE5MDgyMjE2MDU1OFoXDTI5MDgxOTE2MDU1OFowEzER
+MA8GA1UEAwwIam9zaHZhbmwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+AQCwhSB/qW6/kLb2zpu+EJvD9wHFaq+QA/0JH/Lllyo7zAFx+HHq+COAbk+C8B4t
+/HUEsns5RL09CZ+X4j6pbJFdKduPxXu5ZVYnkxYpUDU7yg7OSKSZzTnIZ723sMs0
+R6jYn/Drj4xXMJEfHUDqYeSWlZr3qi1EFa0c7fVDxH+4xtZtNNFOjH7c6D/vWkIg
+WQUxiwusse6KMOWjDnv/4Vrjel2QgUYUbHCyeZHmcti+K0LWCfo/Rg6PulwrbDkh
+jmOgYt30pdhX0OZkAuklfUDHfp8bjbCoI2taYABA6AKjKsO35LAEU79CL1mLVHuZ
+ACI5Ujija3VPWVHSwmJPJyuxAgMBAAGjUDBOMB0GA1UdDgQWBBQml5dTAZixFKhj
+93wucRWhao/tQjAfBgNVHSMEGDAWgBQml5dTAZixFKhj93wucRWhao/tQjAMBgNV
+HRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQB+klkRNJUKBLX8yYkyuU2RHcBv
+GhmmDjJIsOJHZsoYXdLlG1pZNFjjPaOL8vh44Vl98RhEZBHsLT1KMbp1su6Cqj0r
+UG1kpRBef+IOMT4MU7vRICi7UOlRLp1Wp0F8la3hPOcRb2yOfFqXXyZWXf4t0B45
+tHi+ZCNHB9FxjSRycbGYVk+TKpvhJaSYNMGJ3dxDKaP7+Dx3XcK6sAnIAkhyI8aj
+NU+mw8/tmRkP4In/kXAR+Ri0qUmHj/vwvnk4Km7ZUy1FYH8DMeS5Nksn+/uHlRxR
+V7Dnn039TRmgKbAqN72gKNLo5cZ+y/YqDAYHYrn98SQT9JDgtI/K/ATpW8dX
+-----END CERTIFICATE-----
diff --git a/certServiceK8sExternalProvider/src/cmpv2provisioner/test_resources/test_certificate_request.pem b/certServiceK8sExternalProvider/src/cmpv2provisioner/test_resources/test_certificate_request.pem
new file mode 100644
index 00000000..3becbf10
--- /dev/null
+++ b/certServiceK8sExternalProvider/src/cmpv2provisioner/test_resources/test_certificate_request.pem
@@ -0,0 +1,12 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIByjCCATMCAQAwgYkxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlh
+MRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRMwEQYDVQQKEwpHb29nbGUgSW5jMR8w
+HQYDVQQLExZJbmZvcm1hdGlvbiBUZWNobm9sb2d5MRcwFQYDVQQDEw53d3cuZ29v
+Z2xlLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEApZtYJCHJ4VpVXHfV
+IlstQTlO4qC03hjX+ZkPyvdYd1Q4+qbAeTwXmCUKYHThVRd5aXSqlPzyIBwieMZr
+WFlRQddZ1IzXAlVRDWwAo60KecqeAXnnUK+5fXoTI/UgWshre8tJ+x/TMHaQKR/J
+cIWPhqaQhsJuzZbvAdGA80BLxdMCAwEAAaAAMA0GCSqGSIb3DQEBBQUAA4GBAIhl
+4PvFq+e7ipARgI5ZM+GZx6mpCz44DTo0JkwfRDf+BtrsaC0q68eTf2XhYOsq4fkH
+Q0uA0aVog3f5iJxCa3Hp5gxbJQ6zV6kJ0TEsuaaOhEko9sdpCoPOnRBm2i/XRD2D
+6iNh8f8z0ShGsFqjDgFHyF3o+lUyj+UC6H1QW7bn
+-----END CERTIFICATE REQUEST-----