Skip to content

Commit

Permalink
test: fix vault pki test cases
Browse files Browse the repository at this point in the history 
Since vault version 1.11.0 the full CA chain is returned for signed
certs: #139 (while the PR is
closed the behaviour was still merged, see note
hashicorp/vault#15155 (comment)).

Signed-off-by: LukasAuerbeck <17929465+LukasAuerbeck@users.noreply.github.com>
  • Loading branch information
@LukasAuerbeck
LukasAuerbeck committed May 8, 2023
1 parent 266b81e commit baab525
Showing 1 changed file with 14 additions and 10 deletions.
24 changes: 14 additions & 10 deletions pkg/vault/e2e_test/pki_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -107,7 +107,7 @@ var _ = Describe("PKI API", func() {
Expect(info.PrivateKey).To(BeEmpty())
Expect(info.PrivateKeyType).To(BeEmpty())
Expect(info.Certificate).NotTo(BeEmpty())
Expect(info.CertificateChain).To(BeEmpty())
Expect(info.CertificateChain).NotTo(BeEmpty())
Expect(info.IssuingCertificateAuthority).To(Equal(info.Certificate))

Expect(vaultAPI.UpdateRootCA(root)).To(Succeed())
Expand All @@ -134,7 +134,7 @@ var _ = Describe("PKI API", func() {
Expect(info.PrivateKey).NotTo(BeEmpty())
Expect(info.PrivateKeyType).NotTo(BeEmpty())
Expect(info.Certificate).NotTo(BeEmpty())
Expect(info.CertificateChain).To(BeEmpty())
Expect(info.CertificateChain).NotTo(BeEmpty())
Expect(info.IssuingCertificateAuthority).To(Equal(info.Certificate))

Expect(vaultAPI.UpdateRootCA(root)).To(Succeed())
Expand Down Expand Up @@ -288,7 +288,7 @@ var _ = Describe("PKI API", func() {
Expect(info.PrivateKey).To(BeEmpty())
Expect(info.PrivateKeyType).To(BeEmpty())
Expect(info.Certificate).To(Equal(rootCertificate))
Expect(info.CertificateChain).To(BeEmpty())
Expect(info.CertificateChain).To(Equal(rootCertificate))
Expect(info.IssuingCertificateAuthority).To(Equal(rootCertificate))

Expect(vaultAPI.UpdateRootCA(root)).To(Succeed())
Expand All @@ -315,7 +315,7 @@ var _ = Describe("PKI API", func() {
Expect(info.PrivateKey).To(Equal(rootPrivateKey))
Expect(info.PrivateKeyType).To(Equal(pki.KeyTypeRSA))
Expect(info.Certificate).To(Equal(rootCertificate))
Expect(info.CertificateChain).To(BeEmpty())
Expect(info.CertificateChain).To(Equal(rootCertificate))
Expect(info.IssuingCertificateAuthority).To(Equal(rootCertificate))

Expect(vaultAPI.UpdateRootCA(root)).To(Succeed())
Expand Down Expand Up @@ -516,7 +516,8 @@ var _ = Describe("PKI API", func() {
Expect(info.PrivateKey).To(BeEmpty())
Expect(info.PrivateKeyType).To(BeEmpty())
Expect(info.Certificate).NotTo(BeEmpty())
Expect(info.CertificateChain).To(Equal(info.Certificate))
expectedChain := fmt.Sprintf("%s\n%s", info.Certificate, rootCACert)
Expect(info.CertificateChain).To(Equal(expectedChain))
Expect(info.IssuingCertificateAuthority).NotTo(BeEmpty())
Expect(info.IssuingCertificateAuthority).NotTo(Equal(info.Certificate))
Expect(info.IssuingCertificateAuthority).To(Equal(rootCACert))
Expand Down Expand Up @@ -544,7 +545,8 @@ var _ = Describe("PKI API", func() {
Expect(info.PrivateKey).To(BeEmpty())
Expect(info.PrivateKeyType).To(BeEmpty())
Expect(info.Certificate).NotTo(BeEmpty())
Expect(info.CertificateChain).To(Equal(info.Certificate))
expectedChain := fmt.Sprintf("%s\n%s", info.Certificate, rootCACert)
Expect(info.CertificateChain).To(Equal(expectedChain))
Expect(info.IssuingCertificateAuthority).NotTo(BeEmpty())
Expect(info.IssuingCertificateAuthority).NotTo(Equal(info.Certificate))
Expect(info.IssuingCertificateAuthority).To(Equal(rootCACert))
Expand All @@ -570,7 +572,7 @@ var _ = Describe("PKI API", func() {
Expect(info2.PrivateKey).To(BeEmpty())
Expect(info2.PrivateKeyType).To(BeEmpty())
Expect(info2.Certificate).NotTo(BeEmpty())
Expect(info2.CertificateChain).To(Equal(fmt.Sprintf("%s\n%s", info2.Certificate, info.Certificate)))
Expect(info2.CertificateChain).To(Equal(fmt.Sprintf("%s\n%s\n%s", info2.Certificate, info.Certificate, rootCACert)))
Expect(info2.IssuingCertificateAuthority).NotTo(Equal(info2.Certificate))
Expect(info2.IssuingCertificateAuthority).To(Equal(info.Certificate))

Expand All @@ -597,7 +599,8 @@ var _ = Describe("PKI API", func() {
Expect(info.PrivateKey).NotTo(BeEmpty())
Expect(info.PrivateKeyType).NotTo(BeEmpty())
Expect(info.Certificate).NotTo(BeEmpty())
Expect(info.CertificateChain).To(Equal(info.Certificate))
expectedChain := fmt.Sprintf("%s\n%s", info.Certificate, rootCACert)
Expect(info.CertificateChain).To(Equal(expectedChain))
Expect(info.IssuingCertificateAuthority).NotTo(BeEmpty())
Expect(info.IssuingCertificateAuthority).NotTo(Equal(info.Certificate))
Expect(info.IssuingCertificateAuthority).To(Equal(rootCACert))
Expand Down Expand Up @@ -625,7 +628,8 @@ var _ = Describe("PKI API", func() {
Expect(info.PrivateKey).NotTo(BeEmpty())
Expect(info.PrivateKeyType).NotTo(BeEmpty())
Expect(info.Certificate).NotTo(BeEmpty())
Expect(info.CertificateChain).To(Equal(info.Certificate))
expectedChain := fmt.Sprintf("%s\n%s", info.Certificate, rootCACert)
Expect(info.CertificateChain).To(Equal(expectedChain))
Expect(info.IssuingCertificateAuthority).NotTo(BeEmpty())
Expect(info.IssuingCertificateAuthority).NotTo(Equal(info.Certificate))
Expect(info.IssuingCertificateAuthority).To(Equal(rootCACert))
Expand All @@ -651,7 +655,7 @@ var _ = Describe("PKI API", func() {
Expect(info2.PrivateKey).NotTo(BeEmpty())
Expect(info2.PrivateKeyType).NotTo(BeEmpty())
Expect(info2.Certificate).NotTo(BeEmpty())
Expect(info2.CertificateChain).To(Equal(fmt.Sprintf("%s\n%s", info2.Certificate, info.Certificate)))
Expect(info2.CertificateChain).To(Equal(fmt.Sprintf("%s\n%s\n%s", info2.Certificate, info.Certificate, rootCACert)))
Expect(info2.IssuingCertificateAuthority).NotTo(Equal(info2.Certificate))
Expect(info2.IssuingCertificateAuthority).To(Equal(info.Certificate))

Expand Down

0 comments on commit baab525

Please sign in to comment.