Revert "[e2e] Additional CA certs import test"

This reverts commit 79bcfcf.
openshift · Sep 19, 2023 · d0bfb05 · d0bfb05
1 parent c20cf6e
commit d0bfb05
Showing 1 changed file with 1 addition and 40 deletions.
diff --git a/test/e2e/proxy_test.go b/test/e2e/proxy_test.go
@@ -2,10 +2,8 @@ package e2e
 
 import (
 	"context"
-	"crypto/x509"
 	"encoding/json"
 	"fmt"
-	"strconv"
 	"strings"
 	"testing"
 
@@ -41,45 +39,9 @@ func proxyTestSuite(t *testing.T) {
 
 	t.Run("Trusted CA ConfigMap validation", tc.testTrustedCAConfigMap)
 	t.Run("Environment variables validation", tc.testEnvVars)
-	t.Run("Certificate validation", tc.testCerts)
 	t.Run("Environment variables removal validation", tc.testEnvVarRemoval)
 }
 
-// testCerts tests that any additional certificates from the proxy's trusted bundle are imported by each node
-func (tc *testContext) testCerts(t *testing.T) {
-	cm, err := tc.client.K8s.CoreV1().ConfigMaps(wmcoNamespace).Get(context.TODO(),
-		certificates.ProxyCertsConfigMap, meta.GetOptions{})
-	require.NoErrorf(t, err, "error getting trusted CA ConfigMap: %w", err)
-
-	// Read all certs from CM data
-	trustedCABundle := cm.Data[certificates.CABundleKey]
-	assert.Greater(t, len(trustedCABundle), 0, "no additional user-provided certs in bundle")
-
-	certs := x509.NewCertPool()
-	require.True(t, certs.AppendCertsFromPEM([]byte(trustedCABundle)), "unable to parse certs from trusted CA ConfigMap data")
-	subjects := certs.Subjects()
-	// Ensure each cert has been imported into every Windows instance's system store
-	for _, node := range gc.allNodes() {
-		t.Run(node.GetName(), func(t *testing.T) {
-			addr, err := controllers.GetAddress(node.Status.Addresses)
-			require.NoError(t, err, "unable to get node address")
-
-			for i, subjectBytes := range subjects {
-				command := fmt.Sprintf("(Get-ChildItem -Path Cert:\\LocalMachine\\Root | "+
-					"Where-Object {$_.Subject -eq '%s'}).Count", string(subjectBytes))
-				out, err := tc.runPowerShellSSHJob(fmt.Sprintf("get-cert-%d", i), command, addr)
-				if err != nil {
-					require.NoError(t, err, "error running SSH job: %w", err)
-				}
-				count, err := strconv.Atoi(strings.TrimSpace(out))
-				require.NoError(t, err)
-
-				assert.Greaterf(t, count, 0, "unable to find certificate %s in node %s system store", subjectBytes, node)
-			}
-		})
-	}
-}
-
 // testEnvVars tests that on each node
 // 1. the system-level environment variables are set properly as per the cluster-wide proxy
 // 2. the required Windows services pick up the proper values for proxy environment variables
@@ -125,8 +87,7 @@ func (tc *testContext) testEnvVars(t *testing.T) {
 func (tc *testContext) testEnvVarRemoval(t *testing.T) {
 	var patches []*patch.JSONPatch
 	patches = append(patches, patch.NewJSONPatch("remove", "/spec/httpProxy", "httpProxy"),
-		patch.NewJSONPatch("remove", "/spec/httpsProxy", "httpsProxy"),
-		patch.NewJSONPatch("remove", "/spec/trustedCA", "trustedCA"))
+		patch.NewJSONPatch("remove", "/spec/httpsProxy", "httpsProxy"))
 	patchData, err := json.Marshal(patches)
 	require.NoErrorf(t, err, "%v", patches)
 	_, err = tc.client.Config.ConfigV1().Proxies().Patch(