github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-08-10 20:42:26 +00:00
Code Issues Projects Releases Wiki Activity

Pass through CA cert file to the connection when multiple vcenters are configured

Browse Source
This commit is contained in:
Maria Ntalla 2018-06-06 15:29:39 +01:00 committed by Hannes Hörl
parent b83028325c
commit 7ade8261f6
2 changed files with 35 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
pkg/cloudprovider/providers/vsphere/vsphere.go
View File

@ -428,6 +428,7 @@ func populateVsphereInstanceMap(cfg *VSphereConfig) (map[string]*VSphereInstance
Insecure: cfg.Global.InsecureFlag, Insecure: cfg.Global.InsecureFlag,
RoundTripperCount: vcConfig.RoundTripperCount, RoundTripperCount: vcConfig.RoundTripperCount,
Port: vcConfig.VCenterPort, Port: vcConfig.VCenterPort,
CACert: cfg.Global.CAFile,
Thumbprint: vcConfig.Thumbprint, Thumbprint: vcConfig.Thumbprint,
} }
vsphereIns := VSphereInstance{ vsphereIns := VSphereInstance{

34
pkg/cloudprovider/providers/vsphere/vsphere_test.go
View File

@ -641,6 +641,28 @@ func TestSecretVSphereConfig(t *testing.T) {
"1.1.1.1": "thumbprint:1", "1.1.1.1": "thumbprint:1",
}, },
}, },
{
testName: "Multiple virtual centers use the global CA cert",
conf: `[Global]
user = user
password = password
datacenter = us-west
ca-file = /some/path/to/my/trusted/ca.pem
[VirtualCenter "0.0.0.0"]
user = user
password = password
[VirtualCenter "1.1.1.1"]
user = user
password = password
[Workspace]
server = 0.0.0.0
datacenter = us-west
folder = kubernetes
`,
expectedUsername: username,
expectedPassword: password,
expectedError: nil,
},
} }
for _, testcase := range testcases { for _, testcase := range testcases {
@ -672,6 +694,7 @@ func TestSecretVSphereConfig(t *testing.T) {
} }
} }
} }
// Check, if all the expected thumbprints are configured
for instanceName, expectedThumbprint := range testcase.expectedThumbprints { for instanceName, expectedThumbprint := range testcase.expectedThumbprints {
instanceConfig, ok := vs.vsphereInstanceMap[instanceName] instanceConfig, ok := vs.vsphereInstanceMap[instanceName]
if !ok { if !ok {
@ -684,5 +707,16 @@ func TestSecretVSphereConfig(t *testing.T) {
) )
} }
} }
// Check, if all all connections are configured with the global CA certificate
if expectedCaPath := cfg.Global.CAFile; expectedCaPath != "" {
for name, instance := range vs.vsphereInstanceMap {
if actualCaPath := instance.conn.CACert; actualCaPath != expectedCaPath {
t.Fatalf(
"Expected CA certificate path for instance '%s' to be the globally configured one ('%s'), got '%s'",
name, expectedCaPath, actualCaPath,
)
}
}
}
} }
} }