integration-tests: TLS policy configuration options (#708)

* integration-tests: switch to go for backends to support TLS scenarios * fix apply order * generate additional tls certs * integration-tests: tls_skip_verify option * integration-tests: wait for openid to come up before starting authenticate * add tls_server_name test * add test for tls_custom_ca * increase setup timeout to 15 minutes * fix secret name reference * mtls wip * mtls wip * add test for client_cert
2025-08-04 01:09:36 +02:00 · 2020-05-15 16:37:09 -06:00 · 2020-05-15 16:37:09 -06:00 · 49067c8f06
commit 49067c8f06
parent 397d4a9f51
11 changed files with 606 additions and 209 deletions
--- a/integration/manifests/lib/tls.libsonnet
+++ b/integration/manifests/lib/tls.libsonnet
@ -1,5 +1,29 @@
 {
-  cert: std.extVar('tls-cert'),
-  key: std.extVar('tls-key'),
-  ca: std.extVar('tls-ca'),
+  trusted: {
+    cert: std.extVar('tls-trusted-cert'),
+    key: std.extVar('tls-trusted-key'),
+    ca: std.extVar('tls-trusted-ca'),
+    client: {
+      cert: std.extVar('tls-trusted-client-cert'),
+      key: std.extVar('tls-trusted-client-key'),
+    },
+  },
+  'wrongly-named': {
+    cert: std.extVar('tls-wrongly-named-cert'),
+    key: std.extVar('tls-wrongly-named-key'),
+    ca: std.extVar('tls-wrongly-named-ca'),
+    client: {
+      cert: std.extVar('tls-wrongly-named-client-cert'),
+      key: std.extVar('tls-wrongly-named-client-key'),
+    },
+  },
+  untrusted: {
+    cert: std.extVar('tls-untrusted-cert'),
+    key: std.extVar('tls-untrusted-key'),
+    ca: std.extVar('tls-untrusted-ca'),
+    client: {
+      cert: std.extVar('tls-untrusted-client-cert'),
+      key: std.extVar('tls-untrusted-client-key'),
+    },
+  },
 }