mirror of
https://github.com/status-im/consul.git
synced 2025-01-13 07:14:37 +00:00
b3ddd4d24e
* Include secret type when building resources from config snapshot * First pass at generating envoy secrets from api-gateway snapshot * Update comments for xDS update order * Add secret type + corresponding golden files to existing tests * Initialize test helpers for testing api-gateway resource generation * Generate golden files for new api-gateway xDS resource test * Support ADS for TLS certificates on api-gateway * Configure TLS on api-gateway listeners * Inline TLS cert code * update tests * Add SNI support so we can have multiple certificates * Remove commented out section from helper * regen deep-copy * Add tcp tls test --------- Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com>
41 lines
1.4 KiB
Go
41 lines
1.4 KiB
Go
package testcommon
|
|
|
|
import (
|
|
"os"
|
|
"path/filepath"
|
|
"testing"
|
|
|
|
"github.com/hashicorp/consul/agent/proxycfg"
|
|
"github.com/hashicorp/consul/agent/structs"
|
|
"github.com/stretchr/testify/require"
|
|
)
|
|
|
|
func SetupTLSRootsAndLeaf(t *testing.T, snap *proxycfg.ConfigSnapshot) {
|
|
if snap.Leaf() != nil {
|
|
switch snap.Kind {
|
|
case structs.ServiceKindConnectProxy:
|
|
snap.ConnectProxy.Leaf.CertPEM = loadTestResource(t, "test-leaf-cert")
|
|
snap.ConnectProxy.Leaf.PrivateKeyPEM = loadTestResource(t, "test-leaf-key")
|
|
case structs.ServiceKindIngressGateway:
|
|
snap.IngressGateway.Leaf.CertPEM = loadTestResource(t, "test-leaf-cert")
|
|
snap.IngressGateway.Leaf.PrivateKeyPEM = loadTestResource(t, "test-leaf-key")
|
|
case structs.ServiceKindMeshGateway:
|
|
snap.MeshGateway.Leaf.CertPEM = loadTestResource(t, "test-leaf-cert")
|
|
snap.MeshGateway.Leaf.PrivateKeyPEM = loadTestResource(t, "test-leaf-key")
|
|
case structs.ServiceKindAPIGateway:
|
|
snap.APIGateway.Leaf.CertPEM = loadTestResource(t, "test-leaf-cert")
|
|
snap.APIGateway.Leaf.PrivateKeyPEM = loadTestResource(t, "test-leaf-key")
|
|
}
|
|
}
|
|
if snap.Roots != nil {
|
|
snap.Roots.Roots[0].RootCert = loadTestResource(t, "test-root-cert")
|
|
}
|
|
}
|
|
func loadTestResource(t *testing.T, name string) string {
|
|
t.Helper()
|
|
|
|
expected, err := os.ReadFile(filepath.Join("testdata", name+".golden"))
|
|
require.NoError(t, err)
|
|
return string(expected)
|
|
}
|