Allow to append to system CA

Fixes #1 Signed-off-by: Ettore Di Giacinto <edigiacinto@suse.com>
2025-09-16 14:50:25 +00:00 · 2022-05-12 11:59:24 +02:00
parent a7b15ad1f8
commit 5842702dd4
3 changed files with 57 additions and 0 deletions
--- a/get_test.go
+++ b/get_test.go
@@ -6,6 +6,7 @@ import (
 	"fmt"
 	"io/ioutil"
 	"net/http"
+	"os"
 	"time"

 	"github.com/gorilla/websocket"
@@ -108,5 +109,44 @@ var _ = Describe("GET", func() {
 			Expect(err).ToNot(HaveOccurred())
 			Expect(result).To(Equal(map[string]interface{}{"foo": "bar"}))
 		})
+
+	})
+})
+
+// This test is meant to be running manually against a
+// reg. server with a valid cert.
+var _ = Describe("GET", func() {
+	Context("challenges with a remote endpoint", func() {
+		regUrl := os.Getenv("REG_URL")
+
+		expectedMatches := ContainElement("ros-node-{{ trunc 4 .MachineID }}")
+		BeforeEach(func() {
+			if regUrl == "" {
+				Skip("No remote url passed, skipping suite")
+			}
+		})
+
+		It("gets pubhash from remote with a public signed CA", func() {
+			msg, err := Get(regUrl, Emulated, WithSeed(1))
+			result := map[string]interface{}{}
+			json.Unmarshal(msg, &result)
+			Expect(err).ToNot(HaveOccurred())
+			Expect(result).To(expectedMatches)
+		})
+
+		It("it fails if we specify a custom CA (invalid)", func() {
+			msg, err := Get(regUrl, Emulated, WithSeed(1), WithCAs([]byte(`dddd`)))
+			result := map[string]interface{}{}
+			json.Unmarshal(msg, &result)
+			Expect(err).To(HaveOccurred())
+		})
+
+		It("it pass if appends to system CA", func() {
+			msg, err := Get(regUrl, Emulated, WithSeed(1), AppendCustomCAToSystemCA, WithCAs([]byte(`dddd`)))
+			result := map[string]interface{}{}
+			json.Unmarshal(msg, &result)
+			Expect(err).ToNot(HaveOccurred())
+			Expect(result).To(expectedMatches)
+		})
 	})
 })