-
Notifications
You must be signed in to change notification settings - Fork 53
/
cert_manager.go
105 lines (88 loc) · 2.45 KB
/
cert_manager.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
package testk8s
import (
"context"
"crypto/tls"
"crypto/x509"
"github.com/rancher/opni/pkg/test/testdata"
corev1 "k8s.io/api/core/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
ctrlclient "sigs.k8s.io/controller-runtime/pkg/client"
)
const (
MockCAName = "mock-ca-cert"
MockClientCertName = "mock-client-cert"
)
type TestCertManager struct{}
func (m *TestCertManager) PopulateK8sObjects(ctx context.Context, client ctrlclient.Client, namespace string) error {
secret := &corev1.Secret{
ObjectMeta: metav1.ObjectMeta{
Name: MockCAName,
Namespace: namespace,
},
Data: map[string][]byte{
"ca.crt": testdata.TestData("root_ca.crt"),
"ca.key": testdata.TestData("root_ca.key"),
},
}
err := client.Create(ctx, secret)
if err != nil {
return err
}
clientsecret := &corev1.Secret{
ObjectMeta: metav1.ObjectMeta{
Name: MockCAName,
Namespace: namespace,
},
Data: map[string][]byte{
"tls.crt": testdata.TestData("localhost.crt"),
"tls.key": testdata.TestData("localhost.key"),
},
}
return client.Create(ctx, clientsecret)
}
func (m *TestCertManager) GenerateRootCACert() error {
return nil
}
func (m *TestCertManager) GenerateTransportCA() error {
return nil
}
func (m *TestCertManager) GenerateHTTPCA() error {
return nil
}
func (m *TestCertManager) GenerateClientCert(_ string) error {
return nil
}
func (m *TestCertManager) GenerateAdminClientCert() error {
return nil
}
func (m *TestCertManager) GetTransportRootCAs() (*x509.CertPool, error) {
pool := x509.NewCertPool()
pool.AppendCertsFromPEM(testdata.TestData("root_ca.crt"))
return pool, nil
}
func (m *TestCertManager) GetHTTPRootCAs() (*x509.CertPool, error) {
pool := x509.NewCertPool()
pool.AppendCertsFromPEM(testdata.TestData("root_ca.crt"))
return pool, nil
}
func (m *TestCertManager) GetClientCert(_ string) (tls.Certificate, error) {
return tls.Certificate{}, nil
}
func (m *TestCertManager) GetAdminClientCert() (tls.Certificate, error) {
return tls.Certificate{}, nil
}
func (m *TestCertManager) GetTransportCARef() (corev1.LocalObjectReference, error) {
return corev1.LocalObjectReference{
Name: MockCAName,
}, nil
}
func (m *TestCertManager) GetHTTPCARef() (corev1.LocalObjectReference, error) {
return corev1.LocalObjectReference{
Name: MockCAName,
}, nil
}
func (m *TestCertManager) GetClientCertRef(_ string) (corev1.LocalObjectReference, error) {
return corev1.LocalObjectReference{
Name: MockClientCertName,
}, nil
}