Merge pull request #122788 from my-git9/renewal-manager

kubeadm: increase ut coverage for certs/renewal/manager
2025-08-07 11:13:48 +00:00 · 2024-01-17 17:20:03 +01:00 · 2024-01-17 17:20:03 +01:00 · 05780d58bf
commit 05780d58bf
parent 909faa3a9b 6451fb0fe2
1 changed files with 204 additions and 0 deletions
--- a/cmd/kubeadm/app/phases/certs/renewal/manager_test.go
+++ b/cmd/kubeadm/app/phases/certs/renewal/manager_test.go
@ -17,12 +17,14 @@ limitations under the License.
 package renewal

 import (
+	"crypto"
 	"crypto/x509"
 	"crypto/x509/pkix"
 	"fmt"
 	"net"
 	"os"
 	"path/filepath"
+	"reflect"
 	"testing"
 	"time"

@ -48,6 +50,23 @@ var (
 	testCertCfg = makeTestCertConfig(testCertOrganization)
 )

+type fakecertificateReadWriter struct {
+	exist bool
+	cert  *x509.Certificate
+}
+
+func (cr fakecertificateReadWriter) Exists() bool {
+	return cr.exist
+}
+
+func (cr fakecertificateReadWriter) Read() (*x509.Certificate, error) {
+	return cr.cert, nil
+}
+
+func (cr fakecertificateReadWriter) Write(*x509.Certificate, crypto.Signer) error {
+	return nil
+}
+
 func TestNewManager(t *testing.T) {
 	tests := []struct {
 		name                 string
@ -305,3 +324,188 @@ func makeTestCertConfig(organization []string) *pkiutil.CertConfig {
 		},
 	}
 }
+
+func TestManagerCAs(t *testing.T) {
+	tests := []struct {
+		name string
+		cas  map[string]*CAExpirationHandler
+		want []*CAExpirationHandler
+	}{
+		{
+			name: "CAExpirationHandler is sequential",
+			cas: map[string]*CAExpirationHandler{
+				"foo": {
+					Name: "1",
+				},
+				"bar": {
+					Name: "2",
+				},
+			},
+			want: []*CAExpirationHandler{
+				{
+					Name: "1",
+				},
+				{
+					Name: "2",
+				},
+			},
+		},
+		{
+			name: "CAExpirationHandler is in reverse order",
+			cas: map[string]*CAExpirationHandler{
+				"foo": {
+					Name: "2",
+				},
+				"bar": {
+					Name: "1",
+				},
+			},
+			want: []*CAExpirationHandler{
+				{
+					Name: "1",
+				},
+				{
+					Name: "2",
+				},
+			},
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			rm := &Manager{
+				cas: tt.cas,
+			}
+			if got := rm.CAs(); !reflect.DeepEqual(got, tt.want) {
+				t.Errorf("Manager.CAs() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}
+
+func TestManagerCAExists(t *testing.T) {
+	certificateReadWriterExist := fakecertificateReadWriter{
+		exist: true,
+	}
+	certificateReadWriterMissing := fakecertificateReadWriter{
+		exist: false,
+	}
+	tests := []struct {
+		name    string
+		cas     map[string]*CAExpirationHandler
+		caName  string
+		want    bool
+		wantErr bool
+	}{
+		{
+			name:    "caName does not exist in cas list",
+			cas:     map[string]*CAExpirationHandler{},
+			caName:  "foo",
+			want:    false,
+			wantErr: true,
+		},
+		{
+			name: "ca exists",
+			cas: map[string]*CAExpirationHandler{
+				"foo": {
+					Name:       "foo",
+					FileName:   "test",
+					readwriter: certificateReadWriterExist,
+				},
+			},
+			caName:  "foo",
+			want:    true,
+			wantErr: false,
+		},
+		{
+			name: "ca does not exist",
+			cas: map[string]*CAExpirationHandler{
+				"foo": {
+					Name:       "foo",
+					FileName:   "test",
+					readwriter: certificateReadWriterMissing,
+				},
+			},
+			caName:  "foo",
+			want:    false,
+			wantErr: false,
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			rm := &Manager{
+				cas: tt.cas,
+			}
+			got, err := rm.CAExists(tt.caName)
+			if (err != nil) != tt.wantErr {
+				t.Errorf("Manager.CAExists() error = %v, wantErr %v", err, tt.wantErr)
+				return
+			}
+			if got != tt.want {
+				t.Errorf("Manager.CAExists() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}
+
+func TestManagerCertificateExists(t *testing.T) {
+	certificateReadWriterExist := fakecertificateReadWriter{
+		exist: true,
+	}
+	certificateReadWriterMissing := fakecertificateReadWriter{
+		exist: false,
+	}
+	tests := []struct {
+		name         string
+		certificates map[string]*CertificateRenewHandler
+		certName     string
+		want         bool
+		wantErr      bool
+	}{
+		{
+			name:         "certName does not exist in certificate list",
+			certificates: map[string]*CertificateRenewHandler{},
+			certName:     "foo",
+			want:         false,
+			wantErr:      true,
+		},
+		{
+			name: "certificate exists",
+			certificates: map[string]*CertificateRenewHandler{
+				"foo": {
+					Name:       "foo",
+					readwriter: certificateReadWriterExist,
+				},
+			},
+			certName: "foo",
+			want:     true,
+			wantErr:  false,
+		},
+		{
+			name: "certificate does not exist",
+			certificates: map[string]*CertificateRenewHandler{
+				"foo": {
+					Name:       "foo",
+					readwriter: certificateReadWriterMissing,
+				},
+			},
+			certName: "foo",
+			want:     false,
+			wantErr:  false,
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			rm := &Manager{
+				certificates: tt.certificates,
+			}
+			got, err := rm.CertificateExists(tt.certName)
+			if (err != nil) != tt.wantErr {
+				t.Errorf("Manager.CertificateExists() error = %v, wantErr %v", err, tt.wantErr)
+				return
+			}
+			if got != tt.want {
+				t.Errorf("Manager.CertificateExists() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}