mirror of
https://github.com/pomerium/pomerium.git
synced 2025-05-28 16:37:24 +02:00
auto tls (#3856)
This commit is contained in:
Denis Mishin
GitHub
parent
78fc4853db
commit
488bcd6f72
12 changed files with 447 additions and 67 deletions
57
pkg/derivecert/config/builder_test.go
Normal file
57
pkg/derivecert/config/builder_test.go
Normal file
|
|
@ -0,0 +1,57 @@
|
|||
package config_test
|
||||
|
||||
import (
|
||||
"testing"
|
||||
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
"google.golang.org/protobuf/proto"
|
||||
|
||||
"github.com/pomerium/pomerium/config"
|
||||
"github.com/pomerium/pomerium/pkg/cryptutil"
|
||||
dcfg "github.com/pomerium/pomerium/pkg/derivecert/config"
|
||||
)
|
||||
|
||||
func TestBuild(t *testing.T) {
|
||||
build := dcfg.NewBuilder()
|
||||
|
||||
key := cryptutil.NewBase64Key()
|
||||
|
||||
cfgA := config.Config{Options: &config.Options{SharedKey: key}}
|
||||
t.Run("no domain requested", func(t *testing.T) {
|
||||
require.NoError(t, build(&cfgA))
|
||||
assert.Empty(t, cfgA.DerivedCAPEM)
|
||||
assert.Empty(t, cfgA.DerivedCertificates)
|
||||
})
|
||||
|
||||
cfgA.Options.DeriveInternalDomainCert = proto.String("example.com")
|
||||
t.Run("generate server cert", func(t *testing.T) {
|
||||
require.NoError(t, build(&cfgA))
|
||||
assert.NotEmpty(t, cfgA.DerivedCAPEM)
|
||||
assert.Len(t, cfgA.DerivedCertificates, 1)
|
||||
})
|
||||
|
||||
cfgB := config.Config{Options: &config.Options{
|
||||
SharedKey: key,
|
||||
DeriveInternalDomainCert: proto.String("example.com"),
|
||||
}}
|
||||
t.Run("caching", func(t *testing.T) {
|
||||
require.NoError(t, build(&cfgB))
|
||||
assert.Equal(t, cfgA.DerivedCAPEM, cfgB.DerivedCAPEM)
|
||||
assert.Equal(t, cfgA.DerivedCertificates[0].Certificate, cfgB.DerivedCertificates[0].Certificate)
|
||||
})
|
||||
|
||||
t.Run("no domain requested after run", func(t *testing.T) {
|
||||
cfg := config.Config{Options: &config.Options{SharedKey: key}}
|
||||
require.NoError(t, build(&cfg))
|
||||
assert.Empty(t, cfg.DerivedCAPEM)
|
||||
assert.Empty(t, cfg.DerivedCertificates)
|
||||
})
|
||||
|
||||
cfgB.Options.DeriveInternalDomainCert = proto.String("example2.com")
|
||||
t.Run("ca caching", func(t *testing.T) {
|
||||
require.NoError(t, build(&cfgB))
|
||||
assert.Equal(t, cfgA.DerivedCAPEM, cfgB.DerivedCAPEM)
|
||||
assert.NotEqual(t, cfgA.DerivedCertificates[0].Certificate, cfgB.DerivedCertificates[0].Certificate)
|
||||
})
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue