260910c0a0
* images/kube-webhook-certgen/rootfs/README.md: remove trailing whitespace Signed-off-by: Mateusz Gozdek <mgozdek@microsoft.com> * images/kube-webhook-certgen/rootfs: improve code formatting Automatically using gofumpt. Signed-off-by: Mateusz Gozdek <mgozdek@microsoft.com> * images/kube-webhook-certgen/rootfs: remove executable bits from files Signed-off-by: Mateusz Gozdek <mgozdek@microsoft.com> * images/kube-webhook-certgen/rootfs/cmd: remove unreachable code log.Fatal(|f) will alread call os.Exit(1), so this code is never reached. Signed-off-by: Mateusz Gozdek <mgozdek@microsoft.com> * images/kube-webhook-certgen/rootfs/pkg/k8s: fix unit tests Right now they fail as everything else migrated from using v1beta1 to v1. Signed-off-by: Mateusz Gozdek <mgozdek@microsoft.com> * images/kube-webhook-certgen/rootfs: create clientset in cmd package So one can easily mock the client, without touching unexported parts of the code and to soften the dependency between CLI code (kubeconfig path). Signed-off-by: Mateusz Gozdek <mgozdek@microsoft.com> * images/kube-webhook-certgen/rootfs/cmd: simplify bool logic Signed-off-by: Mateusz Gozdek <mgozdek@microsoft.com> * images/kube-webhook-certgen/rootfs/pkg/k8s: improve formatting Signed-off-by: Mateusz Gozdek <mgozdek@microsoft.com> * images/kube-webhook-certgen/rootfs/pkg/k8s: improve variable names Signed-off-by: Mateusz Gozdek <mgozdek@microsoft.com> * images/kube-webhook-certgen/rootfs/pkg/k8s: refactor a bit Move patching logic to separate functions. Signed-off-by: Mateusz Gozdek <mgozdek@microsoft.com> * images/kube-webhook-certgen/rootfs/pkg/k8s: fix error log messages In patchMutating() function, log messages were waying still patching validating webhook. Signed-off-by: Mateusz Gozdek <mgozdek@microsoft.com>
62 lines
1.2 KiB
Go
62 lines
1.2 KiB
Go
package certs
|
|
|
|
import (
|
|
"bytes"
|
|
"crypto/tls"
|
|
"crypto/x509"
|
|
"fmt"
|
|
"io/ioutil"
|
|
"net/http"
|
|
"net/http/httptest"
|
|
"testing"
|
|
)
|
|
|
|
func handler(w http.ResponseWriter, r *http.Request) {
|
|
_, _ = fmt.Fprintf(w, "Hello World")
|
|
}
|
|
|
|
func TestCertificateCreation(t *testing.T) {
|
|
ca, cert, key := GenerateCerts("localhost")
|
|
|
|
c, err := tls.X509KeyPair(cert, key)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
|
|
caCertPool := x509.NewCertPool()
|
|
caCertPool.AppendCertsFromPEM(ca)
|
|
|
|
tr := &http.Transport{
|
|
TLSClientConfig: &tls.Config{
|
|
RootCAs: caCertPool,
|
|
ServerName: "localhost",
|
|
},
|
|
}
|
|
|
|
ts := httptest.NewUnstartedServer(http.HandlerFunc(handler))
|
|
ts.TLS = &tls.Config{Certificates: []tls.Certificate{c}}
|
|
ts.StartTLS()
|
|
defer ts.Close()
|
|
|
|
client := &http.Client{Transport: tr}
|
|
res, err := client.Get(ts.URL)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
defer res.Body.Close()
|
|
|
|
if res.StatusCode != http.StatusOK {
|
|
t.Errorf("Response code was %v; want 200", res.StatusCode)
|
|
}
|
|
|
|
body, err := ioutil.ReadAll(res.Body)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
|
|
expected := []byte("Hello World")
|
|
|
|
if bytes.Compare(expected, body) != 0 {
|
|
t.Errorf("Response body was '%v'; want '%v'", expected, body)
|
|
}
|
|
}
|