Go back to using scratch space and Go client for custom CAs

This restores support for the following scenarios: - Now the system certs are considered as valid when a custom CA is used. - The custom CA will be accepted regardless of the key value used in the configmap. Add a test for the second scenario. Signed-off-by: Maya Rashish <mrashish@redhat.com>
kubevirt · Apr 8, 2021 · e2a43ed · e2a43ed
1 parent 174f635
commit e2a43ed
Show file tree

Hide file tree

Showing 2 changed files with 60 additions and 0 deletions.
diff --git a/tests/datavolume_test.go b/tests/datavolume_test.go
@@ -240,6 +240,14 @@ var _ = Describe("[vendor:cnv-qe@redhat.com][level:component]DataVolume tests",
 			return dataVolume
 		}
 
+		createHTTPSDataVolumeWeirdCertFilename := func(dataVolumeName, size, url string) *cdiv1.DataVolume {
+			dataVolume := utils.NewDataVolumeWithHTTPImport(dataVolumeName, size, url)
+			cm, err := utils.CreateCertConfigMapWeirdFilename(f.K8sClient, f.Namespace.Name, f.CdiInstallNs)
+			Expect(err).To(BeNil())
+			dataVolume.Spec.Source.HTTP.CertConfigMap = cm
+			return dataVolume
+		}
+
 		createCloneDataVolume := func(dataVolumeName, size, command string) *cdiv1.DataVolume {
 			sourcePodFillerName := fmt.Sprintf("%s-filler-pod", dataVolumeName)
 			pvcDef := utils.NewPVCDefinition(pvcName, size, nil, nil)
@@ -572,6 +580,30 @@ var _ = Describe("[vendor:cnv-qe@redhat.com][level:component]DataVolume tests",
 					Message: "Import Complete",
 					Reason:  "Completed",
 				}}),
+			table.Entry("succeed creating import dv with custom https cert that has a weird filename", dataVolumeTestArguments{
+				name:             "dv-https-import-qcow2",
+				size:             "1Gi",
+				url:              httpsTinyCoreQcow2URL,
+				dvFunc:           createHTTPSDataVolumeWeirdCertFilename,
+				eventReason:      controller.ImportSucceeded,
+				phase:            cdiv1.Succeeded,
+				checkPermissions: true,
+				readyCondition: &cdiv1.DataVolumeCondition{
+					Type:   cdiv1.DataVolumeReady,
+					Status: v1.ConditionTrue,
+				},
+				boundCondition: &cdiv1.DataVolumeCondition{
+					Type:    cdiv1.DataVolumeBound,
+					Status:  v1.ConditionTrue,
+					Message: "PVC dv-https-import-qcow2 Bound",
+					Reason:  "Bound",
+				},
+				runningCondition: &cdiv1.DataVolumeCondition{
+					Type:    cdiv1.DataVolumeRunning,
+					Status:  v1.ConditionFalse,
+					Message: "Import Complete",
+					Reason:  "Completed",
+				}}),
 			table.Entry("[rfe_id:1111][crit:high][test_id:1361]succeed creating blank image dv", dataVolumeTestArguments{
 				name:             "blank-image-dv",
 				size:             "1Gi",

diff --git a/tests/utils/configmaps.go b/tests/utils/configmaps.go
@@ -81,6 +81,34 @@ func CopyConfigMap(client kubernetes.Interface, srcNamespace, srcName, destNames
 	return destName, nil
 }
 
+func CreateCertConfigMapWeirdFilename(client kubernetes.Interface, destNamespace, srcNamespace string) (string, error) {
+	var certBytes string
+	srcName := FileHostCertConfigMap
+	srcCm, err := client.CoreV1().ConfigMaps(srcNamespace).Get(context.TODO(), srcName, metav1.GetOptions{})
+	if err != nil {
+		return "", err
+	}
+
+	for _, value := range srcCm.Data {
+		certBytes = value
+	}
+	destName := srcName + "-" + strings.ToLower(util.RandAlphaNum(8))
+	dst := &v1.ConfigMap{
+		ObjectMeta: metav1.ObjectMeta{
+			Name: destName,
+		},
+		Data: map[string]string{
+			"weird-filename-should-still-be-accepted.crt": certBytes,
+		},
+	}
+	_, err = client.CoreV1().ConfigMaps(destNamespace).Create(context.TODO(), dst, metav1.CreateOptions{})
+	if err != nil {
+		return "", err
+	}
+
+	return destName, nil
+}
+
 const insecureRegistryKey = "test-registry"
 
 // SetInsecureRegistry sets the configmap entry to mark the registry as okay to be insecure