diff --git a/controllers/gitrepository_controller_test.go b/controllers/gitrepository_controller_test.go index 40bbcfca..ddba5ee7 100644 --- a/controllers/gitrepository_controller_test.go +++ b/controllers/gitrepository_controller_test.go @@ -86,6 +86,8 @@ var _ = Describe("GitRepositoryReconciler", func() { expectStatus metav1.ConditionStatus expectMessage string expectRevision string + + v2 bool } DescribeTable("Git references tests", func(t refTestCase) { @@ -262,5 +264,65 @@ var _ = Describe("GitRepositoryReconciler", func() { expectMessage: "git commit 'invalid' not found: object not found", }), ) + + DescribeTable("Git self signed cert tests", func(t refTestCase) { + err = gitServer.StartHTTPTLS(examplePublicKey, examplePrivateKey, exampleCA, "example.com") + defer gitServer.StopHTTP() + Expect(err).NotTo(HaveOccurred()) + + u, err := url.Parse(gitServer.HTTPAddress()) + Expect(err).NotTo(HaveOccurred()) + u.Path = path.Join(u.Path, fmt.Sprintf("repository-%s.git", randStringRunes(5))) + + key := types.NamespacedName{ + Name: fmt.Sprintf("git-ref-test-%s", randStringRunes(5)), + Namespace: namespace.Name, + } + created := &sourcev1.GitRepository{ + ObjectMeta: metav1.ObjectMeta{ + Name: key.Name, + Namespace: key.Namespace, + }, + Spec: sourcev1.GitRepositorySpec{ + URL: u.String(), + Interval: metav1.Duration{Duration: indexInterval}, + Reference: t.reference, + GitProtocolV2Compatibility: t.v2, + }, + } + Expect(k8sClient.Create(context.Background(), created)).Should(Succeed()) + defer k8sClient.Delete(context.Background(), created) + + got := &sourcev1.GitRepository{} + var cond metav1.Condition + Eventually(func() bool { + _ = k8sClient.Get(context.Background(), key, got) + for _, c := range got.Status.Conditions { + if c.Reason == t.waitForReason { + cond = c + return true + } + } + return false + }, timeout, interval).Should(BeTrue()) + + Expect(cond.Status).To(Equal(t.expectStatus)) + Expect(cond.Message).To(ContainSubstring(t.expectMessage)) + Expect(got.Status.Artifact == nil).To(Equal(t.expectRevision == "")) + }, + Entry("self signed v1", refTestCase{ + reference: &sourcev1.GitRepositoryRef{Branch: "main"}, + waitForReason: sourcev1.GitOperationFailedReason, + expectStatus: metav1.ConditionFalse, + expectMessage: "x509: certificate signed by unknown authority", + }), + Entry("self signed v2", refTestCase{ + reference: &sourcev1.GitRepositoryRef{Branch: "main"}, + waitForReason: sourcev1.GitOperationFailedReason, + expectStatus: metav1.ConditionFalse, + expectMessage: "error: user rejected certificate", + v2: true, + }), + ) }) }) diff --git a/go.mod b/go.mod index d4c5e4cf..617d2a07 100644 --- a/go.mod +++ b/go.mod @@ -4,6 +4,8 @@ go 1.15 replace github.com/fluxcd/source-controller/api => ./api +replace github.com/fluxcd/pkg/gittestserver => github.com/fluxcd/pkg/gittestserver v0.0.3-0.20201202222244-96033b836a6a + require ( github.com/Masterminds/semver/v3 v3.1.0 github.com/blang/semver/v4 v4.0.0 diff --git a/go.sum b/go.sum index 751d41f4..5893a663 100644 --- a/go.sum +++ b/go.sum @@ -224,8 +224,8 @@ github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5Kwzbycv github.com/fluxcd/pkg/apis/meta v0.3.0/go.mod h1:wOzQQx8CdtUQCGaLzqGu4QgnNxYkI6/wvdvlovxWhF0= github.com/fluxcd/pkg/apis/meta v0.4.0 h1:JChqB9GGgorW9HWKxirTVV0rzrcLyzBaVjinmqZ0iHA= github.com/fluxcd/pkg/apis/meta v0.4.0/go.mod h1:wOzQQx8CdtUQCGaLzqGu4QgnNxYkI6/wvdvlovxWhF0= -github.com/fluxcd/pkg/gittestserver v0.0.2 h1:11aKRVuuHiyeaicdN4wPNSMy/dUarQkrPrg0uUgDcTw= -github.com/fluxcd/pkg/gittestserver v0.0.2/go.mod h1:GW8N9d1o8/+mXWnSzs02qCB5WlArWQHdMpDPf7b/GZg= +github.com/fluxcd/pkg/gittestserver v0.0.3-0.20201202222244-96033b836a6a h1:fmfbt5VrEPUb4X0UI14a0K2FWr0iv/NRUadk8X35byc= +github.com/fluxcd/pkg/gittestserver v0.0.3-0.20201202222244-96033b836a6a/go.mod h1:HWZaoib03fQeSsauCAN2iAFdr6bnjKQ+CFxMFD2mwDY= github.com/fluxcd/pkg/helmtestserver v0.0.1 h1:8RcLZdg7Zr9ZqyijsIIASjjMXQtF4UWP4Uds4iK2VJM= github.com/fluxcd/pkg/helmtestserver v0.0.1/go.mod h1:GR8LriiU7PqZSTH4Xe6Cimpig2VVPB29PeUXJjNJYfA= github.com/fluxcd/pkg/lockedfile v0.0.5 h1:C3T8wfdff1UY1bvplmCkGOLrdMWJHO8Q8+tdlEXJYzQ=