adjust default ssl cert e2e test

2019-04-13 15:00:44 -04:00 · 2019-04-13 15:00:44 -04:00 · b13432dbe0
commit b13432dbe0
parent 45add6cb7d
1 changed files with 27 additions and 16 deletions
--- a/test/e2e/settings/default_ssl_certificate.go
+++ b/test/e2e/settings/default_ssl_certificate.go
@ -17,6 +17,7 @@ limitations under the License.
 package settings
 import (
 	"crypto/tls"
 	"fmt"
 	"strings"
@ -28,14 +29,18 @@ import (
 	"k8s.io/ingress-nginx/test/e2e/framework"
 )
-var _ = framework.IngressNginxDescribe("Default SSL Certificate", func() {
+var _ = framework.IngressNginxDescribe("default-ssl-certificate", func() {
 	f := framework.NewDefaultFramework("default-ssl-certificate")
 	var tlsConfig *tls.Config
 	secretName := "my-custom-cert"
 	service := "http-svc"
 	port := 80
 	BeforeEach(func() {
 		f.NewEchoDeploymentWithReplicas(1)
-		tlsConfig, err := framework.CreateIngressTLSSecret(f.KubeClientSet,
+		var err error
 		tlsConfig, err = framework.CreateIngressTLSSecret(f.KubeClientSet,
 			[]string{"*"},
 			secretName,
 			f.Namespace)
@ -55,33 +60,39 @@ var _ = framework.IngressNginxDescribe("Default SSL Certificate", func() {
 		framework.WaitForTLS(f.GetURL(framework.HTTPS), tlsConfig)
 	})
-	It("configures ssl certificate for catch-all ingress", func() {
+	It("uses default ssl certificate for catch-all ingress", func() {
-		ing := framework.NewSingleCatchAllIngress("catch-all", f.Namespace, "http-svc", 80, nil)
+		ing := framework.NewSingleCatchAllIngress("catch-all", f.Namespace, service, port, nil)
 		f.EnsureIngress(ing)
-		sslCertificate := fmt.Sprintf("ssl_certificate /etc/ingress-controller/ssl/%s-%s.pem;", f.Namespace, secretName)
+		By("making sure new ingress is deployed")
-		sslCertificateKey := fmt.Sprintf("ssl_certificate_key /etc/ingress-controller/ssl/%s-%s.pem;", f.Namespace, secretName)
+		expectedConfig := fmt.Sprintf("set $proxy_upstream_name \"%v-%v-%v\";", f.Namespace, service, port)
 		f.WaitForNginxServer("_", func(cfg string) bool {
-			return strings.Contains(cfg, sslCertificate) && strings.Contains(cfg, sslCertificateKey)
+			return strings.Contains(cfg, expectedConfig)
 		})
 		By("making sure new ingress is responding")
 		By("making sure the configured default ssl certificate is being used")
 		framework.WaitForTLS(f.GetURL(framework.HTTPS), tlsConfig)
 	})
-	It("configures ssl certificate for host based ingress with tls spec", func() {
+	It("uses default ssl certificate for host based ingress when configured certificate does not match host", func() {
 		host := "foo"
-		ing := f.EnsureIngress(framework.NewSingleIngressWithTLS(host, "/", host, []string{host}, f.Namespace, "http-svc", 80, nil))
+		ing := f.EnsureIngress(framework.NewSingleIngressWithTLS(host, "/", host, []string{host}, f.Namespace, service, port, nil))
-		tlsConfig, err := framework.CreateIngressTLSSecret(f.KubeClientSet,
+		_, err := framework.CreateIngressTLSSecret(f.KubeClientSet,
-			ing.Spec.TLS[0].Hosts,
+			[]string{"not.foo"},
 			ing.Spec.TLS[0].SecretName,
 			ing.Namespace)
 		Expect(err).NotTo(HaveOccurred())
-		framework.WaitForTLS(f.GetURL(framework.HTTPS), tlsConfig)
+		By("making sure new ingress is deployed")
-
+		expectedConfig := fmt.Sprintf("set $proxy_upstream_name \"%v-%v-%v\";", f.Namespace, service, port)
 		sslCertificate := fmt.Sprintf("ssl_certificate /etc/ingress-controller/ssl/%s-%s.pem;", f.Namespace, secretName)
 		sslCertificateKey := fmt.Sprintf("ssl_certificate_key /etc/ingress-controller/ssl/%s-%s.pem;", f.Namespace, secretName)
 		f.WaitForNginxServer(host, func(cfg string) bool {
-			return strings.Contains(cfg, "server_name foo") && strings.Contains(cfg, sslCertificate) && strings.Contains(cfg, sslCertificateKey)
+			return strings.Contains(cfg, expectedConfig)
 		})
 		By("making sure the configured default ssl certificate is being used")
 		framework.WaitForTLS(f.GetURL(framework.HTTPS), tlsConfig)
 	})
 })