mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-23 11:50:44 +00:00
Update unit tests to handle go1.17 certificate parsing error messages
This commit is contained in:
parent
fc5863b8b2
commit
0e925f266f
@ -24,6 +24,7 @@ import (
|
||||
"encoding/pem"
|
||||
"fmt"
|
||||
"reflect"
|
||||
"regexp"
|
||||
"strings"
|
||||
"testing"
|
||||
"time"
|
||||
@ -895,7 +896,10 @@ func Test_validateCertificateSigningRequestOptions(t *testing.T) {
|
||||
// options that allow the csr to pass validation
|
||||
lenientOpts certificateValidationOptions
|
||||
|
||||
// expected errors when validating strictly
|
||||
// regexes matching expected errors when validating strictly
|
||||
strictRegexes []regexp.Regexp
|
||||
|
||||
// expected errors (after filtering out errors matched by strictRegexes) when validating strictly
|
||||
strictErrs []string
|
||||
}{
|
||||
// valid strict cases
|
||||
@ -1048,8 +1052,8 @@ func Test_validateCertificateSigningRequestOptions(t *testing.T) {
|
||||
Certificate: invalidCertificateNonASN1Data,
|
||||
},
|
||||
},
|
||||
lenientOpts: certificateValidationOptions{allowArbitraryCertificate: true},
|
||||
strictErrs: []string{`status.certificate: Invalid value: "<certificate data>": asn1: structure error: sequence tag mismatch`},
|
||||
lenientOpts: certificateValidationOptions{allowArbitraryCertificate: true},
|
||||
strictRegexes: []regexp.Regexp{*regexp.MustCompile(`status.certificate: Invalid value: "\<certificate data\>": (asn1: structure error: sequence tag mismatch|x509: invalid RDNSequence)`)},
|
||||
},
|
||||
}
|
||||
|
||||
@ -1065,12 +1069,27 @@ func Test_validateCertificateSigningRequestOptions(t *testing.T) {
|
||||
for _, err := range validateCertificateSigningRequest(tt.csr, certificateValidationOptions{}) {
|
||||
gotErrs.Insert(err.Error())
|
||||
}
|
||||
|
||||
// filter errors matching strictRegexes and ensure every strictRegex matches at least one error
|
||||
for _, expectedRegex := range tt.strictRegexes {
|
||||
matched := false
|
||||
for _, err := range gotErrs.List() {
|
||||
if expectedRegex.MatchString(err) {
|
||||
gotErrs.Delete(err)
|
||||
matched = true
|
||||
}
|
||||
}
|
||||
if !matched {
|
||||
t.Errorf("missing expected error matching: %s", expectedRegex.String())
|
||||
}
|
||||
}
|
||||
|
||||
wantErrs := sets.NewString(tt.strictErrs...)
|
||||
for _, missing := range wantErrs.Difference(gotErrs).List() {
|
||||
t.Errorf("missing expected strict error: %s", missing)
|
||||
}
|
||||
for _, unexpected := range gotErrs.Difference(wantErrs).List() {
|
||||
t.Errorf("unexpected strict error: %s", unexpected)
|
||||
t.Errorf("unexpected errors: %s", unexpected)
|
||||
}
|
||||
})
|
||||
}
|
||||
|
@ -197,7 +197,7 @@ MIIDGTCCAgGgAwIBAgIUOS2M
|
||||
},
|
||||
},
|
||||
user: &defaultUser,
|
||||
errRegex: "unable to load root certificates: failed to parse certificate: asn1: syntax error: data truncated",
|
||||
errRegex: "unable to load root certificates: failed to parse certificate: (asn1: syntax error: data truncated|x509: malformed certificate)",
|
||||
},
|
||||
{
|
||||
test: "user with invalid client certificate path",
|
||||
|
Loading…
Reference in New Issue
Block a user