consul/agent/connect/uri_mesh_gateway_oss_test.go
R.B. Boyer 201d1458c3
xds: mesh gateways now have their own leaf certificate when involved in a peering (#13460)
This is only configured in xDS when a service with an L7 protocol is
exported.

They also load any relevant trust bundles for the peered services to
eventually use for L7 SPIFFE validation during mTLS termination.
2022-06-15 14:36:18 -05:00

32 lines
653 B
Go

//go:build !consulent
// +build !consulent
package connect
import (
"testing"
"github.com/stretchr/testify/require"
)
func TestSpiffeIDMeshGatewayURI(t *testing.T) {
t.Run("default partition", func(t *testing.T) {
mgw := &SpiffeIDMeshGateway{
Host: "1234.consul",
Datacenter: "dc1",
}
require.Equal(t, "spiffe://1234.consul/gateway/mesh/dc/dc1", mgw.URI().String())
})
t.Run("partitions are ignored", func(t *testing.T) {
mgw := &SpiffeIDMeshGateway{
Host: "1234.consul",
Partition: "foobar",
Datacenter: "dc1",
}
require.Equal(t, "spiffe://1234.consul/gateway/mesh/dc/dc1", mgw.URI().String())
})
}