karmada-io
/
karmada
mirror of https://github.com/karmada-io/karmada.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Avoid coupling tests with hardcoded test CA certs (#6086) 

* Avoid coupling tests with hardcoded test CA certs

Signed-off-by: Yihao Wang <yesiamyihao@gmail.com>

* Get rid of copied certificate

Signed-off-by: Yihao Wang <yesiamyihao@gmail.com>

---------

Signed-off-by: Yihao Wang <yesiamyihao@gmail.com>
This commit is contained in:
Yihao Wang 2025-02-05 14:46:03 +13:00 committed by GitHub
parent ae2d1c10b7
commit f2259dc884
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 41 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
pkg/util/membercluster_client_test.go
View File

@ -17,7 +17,9 @@ limitations under the License.
package util package util
import ( import (
"bytes"
"context" "context"
"encoding/pem"
"io" "io"
"net/http" "net/http"
"net/http/httptest" "net/http/httptest"
@ -36,26 +38,31 @@ import (
"github.com/karmada-io/karmada/pkg/util/gclient" "github.com/karmada-io/karmada/pkg/util/gclient"
) )
// copy from go/src/net/http/internal/testcert/testcert.go // Generated by
//
// openssl genrsa 2048 > ca.key
// openssl req -new -x509 -nodes -days 365000 -key ca.key -out ca.crt
var testCA = []byte(`-----BEGIN CERTIFICATE----- var testCA = []byte(`-----BEGIN CERTIFICATE-----
MIIDSDCCAjCgAwIBAgIQEP/md970HysdBTpuzDOf0DANBgkqhkiG9w0BAQsFADAS MIIDlTCCAn2gAwIBAgIULtNqpv91jFAqaYIcKC3+2B3PalwwDQYJKoZIhvcNAQEL
MRAwDgYDVQQKEwdBY21lIENvMCAXDTcwMDEwMTAwMDAwMFoYDzIwODQwMTI5MTYw BQAwWTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM
MDAwWjASMRAwDgYDVQQKEwdBY21lIENvMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDESMBAGA1UEAwwJMTI3LjAuMC4xMCAX
MIIBCgKCAQEAxcl69ROJdxjN+MJZnbFrYxyQooADCsJ6VDkuMyNQIix/Hk15Nk/u DTI1MDEyNzA5NTAzMFoYDzMwMjQwNTMwMDk1MDMwWjBZMQswCQYDVQQGEwJBVTET
FyBX1Me++aEpGmY3RIY4fUvELqT/srvAHsTXwVVSttMcY8pcAFmXSqo3x4MuUTG/ MBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQ
jCX3Vftj0r3EM5M8ImY1rzA/jqTTLJg00rD+DmuDABcqQvoXw/RV8w1yTRi5BPoH dHkgTHRkMRIwEAYDVQQDDAkxMjcuMC4wLjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DFD/AWTt/YgMvk1l2Yq/xI8VbMUIpjBoGXxWsSevQ5i2s1mk9/yZzu0Ysp1tTlzD DwAwggEKAoIBAQDBMshenKkdcJPzAiIcbSjbtoNppdMvOQoEY+EAwz2xZf1cYuJN
qOPa4ysFjBitdXiwfxjxtv5nXqOCP5rheKO0sWLk0fetMp1OV5JSJMAJw6c2ZMkl 86roVXb+YI7NEN1IZcP2T1BJR4/l1QS9AC2bhssss6ANEsQRKFbL+F71GWvrD8SU
U2WMqAEpRjdE/vHfIuNg+yGaRRqI07NZRQIDAQABo4GXMIGUMA4GA1UdDwEB/wQE nqsEgtceZkMWahFALgFZ5msBdHlibtmiqZEt7vXiHGK5hVVpdWLHBR6vYcxpzH0g
AwICpDATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHRMBAf8EBTADAQH/MB0GA1Ud wSnGTz0Y1vkN/vZ/sS/NPQnfrDMwmF7M5z/Y5HtWQYeKklYnjUS5bcmXWU1Cal2Q
DgQWBBQR5QIzmacmw78ZI1C4MXw7Q0wJ1jA9BgNVHREENjA0ggtleGFtcGxlLmNv DSZwhgdr/BfmtsBG8PXu/0T2DchQi6UwO6S2yLeVN6QOdgC6GRO80L4M4t7h3BoB
bYINKi5leGFtcGxlLmNvbYcEfwAAAYcQAAAAAAAAAAAAAAAAAAAAATANBgkqhkiG WI5BrUIHiqnIPkKCk46WgdjXGhi0r5a1MqE7AgMBAAGjUzBRMB0GA1UdDgQWBBQa
9w0BAQsFAAOCAQEACrRNgiioUDzxQftd0fwOa6iRRcPampZRDtuaF68yNHoNWbOu I7a0H4qe70U2kEW/XpiqXG+diDAfBgNVHSMEGDAWgBQaI7a0H4qe70U2kEW/Xpiq
LUwc05eOWxRq3iABGSk2xg+FXM3DDeW4HhAhCFptq7jbVZ+4Jj6HeJG9mYRatAxR XG+diDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAlGvFxY8zI
Y/dEpa0D0EHhDxxVg6UzKOXB355n0IetGE/aWvyTV9SiDs6QsaC57Q9qq1/mitx5 yT+YUHQ0Kbg6EKeXf/t36dMKA+cmWSkBK26q4rBu1M8SoICbLpkjtvDsxGgylOll
2GFBoapol9L5FxCc77bztzK8CpLujkBi25Vk6GAFbl27opLfpyxkM+rX/T6MXCPO HfCM08wFDELnJdAIKKcqXqP9tMG9RoUBxKIh1dmTHBAOpAN+RXCYHwiFNLTFLbQI
6/YBacNZ7ff1/57Etg4i5mNA6ubCpuc4Gi9oYqCNNohftr2lkJr7REdDR6OW0lsL GsZ3Cl3vF5RBzkFHGE/fV1m6y1+DUOGAn2meQVZR5epW5aU+fd7eodhF9ck9hfHW
rF7r4gUnKeC7mYIH1zypY7laskopiLFAfe96Kg== qpUIgHpXjWb1Lb6w2Y19eK/4kkMTlcj/XWmQfgXFgVUANUsCDIu/ftoYY9eO6ymu
qS+QTm6FNs0/71qf9muggh4jLnCjlXd9/aCQNPZ7p/m3Te9tpVQaEkTtu8Qe4g1j
nQi8/QKAuCtv
-----END CERTIFICATE-----`) -----END CERTIFICATE-----`)
func TestNewClusterScaleClientSet(t *testing.T) { func TestNewClusterScaleClientSet(t *testing.T) {
@ -458,6 +465,8 @@ func TestNewClusterClientSet_ClientWorks(t *testing.T) {
})) }))
defer s.Close() defer s.Close()
testCA := getCACertFromGTestServer(t, s)
const clusterName = "test" const clusterName = "test"
hostClient := fakeclient.NewClientBuilder().WithScheme(gclient.NewSchema()).WithObjects( hostClient := fakeclient.NewClientBuilder().WithScheme(gclient.NewSchema()).WithObjects(
&clusterv1alpha1.Cluster{ &clusterv1alpha1.Cluster{
@ -666,6 +675,8 @@ func TestNewClusterDynamicClientSet_ClientWorks(t *testing.T) {
})) }))
defer s.Close() defer s.Close()
testCA := getCACertFromGTestServer(t, s)
const clusterName = "test" const clusterName = "test"
hostClient := fakeclient.NewClientBuilder().WithScheme(gclient.NewSchema()).WithObjects( hostClient := fakeclient.NewClientBuilder().WithScheme(gclient.NewSchema()).WithObjects(
&clusterv1alpha1.Cluster{ &clusterv1alpha1.Cluster{
@ -695,3 +706,14 @@ func TestNewClusterDynamicClientSet_ClientWorks(t *testing.T) {
assert.Equal(t, want, got) assert.Equal(t, want, got)
} }
func getCACertFromGTestServer(t *testing.T, s *httptest.Server) []byte {
t.Helper()
testCA := new(bytes.Buffer)
err := pem.Encode(testCA, &pem.Block{
Type: "CERTIFICATE",
Bytes: s.Certificate().Raw,
})
assert.NoError(t, err)
return testCA.Bytes()
}