From cade4a193f19124c0f79caea5b163226c8d9644b Mon Sep 17 00:00:00 2001 From: candita Date: Wed, 9 Oct 2024 18:10:03 -0400 Subject: [PATCH] Fix lint errors and condition evaluation in tests --- conformance/tests/backendtlspolicy.go | 1 + conformance/utils/kubernetes/certificate.go | 2 +- .../utils/kubernetes/certificate_test.go | 24 +++++++++---------- 3 files changed, 14 insertions(+), 13 deletions(-) diff --git a/conformance/tests/backendtlspolicy.go b/conformance/tests/backendtlspolicy.go index 6c2d4a019e..250cb5aa32 100644 --- a/conformance/tests/backendtlspolicy.go +++ b/conformance/tests/backendtlspolicy.go @@ -20,6 +20,7 @@ import ( "testing" "k8s.io/apimachinery/pkg/types" + "sigs.k8s.io/gateway-api/conformance/utils/http" "sigs.k8s.io/gateway-api/conformance/utils/kubernetes" "sigs.k8s.io/gateway-api/conformance/utils/suite" diff --git a/conformance/utils/kubernetes/certificate.go b/conformance/utils/kubernetes/certificate.go index 5e1e0996bc..4324e454d8 100644 --- a/conformance/utils/kubernetes/certificate.go +++ b/conformance/utils/kubernetes/certificate.go @@ -99,7 +99,7 @@ func generateRSACert(hosts []string, keyOut, certOut io.Writer) error { for _, h := range hosts { if ip := net.ParseIP(h); ip != nil { template.IPAddresses = append(template.IPAddresses, ip) - } else if err := validateHost(h); err == nil { + } else if err = validateHost(h); err == nil { template.DNSNames = append(template.DNSNames, h) } } diff --git a/conformance/utils/kubernetes/certificate_test.go b/conformance/utils/kubernetes/certificate_test.go index 4416df0c92..6ab308f597 100644 --- a/conformance/utils/kubernetes/certificate_test.go +++ b/conformance/utils/kubernetes/certificate_test.go @@ -29,7 +29,7 @@ func Test_generateCACert(t *testing.T) { tests := []struct { name string hosts []string - expectedErr string + expectedErr []string }{ { name: "one host generates cert with no host", @@ -50,12 +50,12 @@ func Test_generateCACert(t *testing.T) { { name: "bad host generates cert for no host", hosts: []string{"--abc.example.com"}, - expectedErr: "x509: certificate is not valid for any names, but wanted to match --abc.example.com", + expectedErr: []string{"x509: certificate is not valid for any names, but wanted to match --abc.example.com"}, }, { name: "one good host and one bad host generates cert for only good host", hosts: []string{"---.example.com", "def.example.com"}, - expectedErr: "x509: certificate is valid for def.example.com, not ---.example.com", + expectedErr: []string{"x509: certificate is valid xxx for def.example.com, not ---.example.com", ""}, }, } @@ -74,24 +74,24 @@ func Test_generateCACert(t *testing.T) { block, _ := pem.Decode(serverCert.Bytes()) if block == nil { require.FailNow(t, "failed to decode PEM block containing cert") - } - if block.Type == "CERTIFICATE" { + } else if block.Type == "CERTIFICATE" { cert, err := x509.ParseCertificate(block.Bytes) require.NoError(t, err, "failed to parse certificate") - for _, h := range tc.hosts { - if err = cert.VerifyHostname(h); err != nil { - require.EqualValues(t, tc.expectedErr, err.Error(), "certificate verification failed") - } else if len(tc.hosts) < 2 && err == nil && tc.expectedErr != "" { - require.EqualValues(t, tc.expectedErr, nil, "expected an error but certification verification succeeded") + for idx, h := range tc.hosts { + err = cert.VerifyHostname(h) + if err != nil && len(tc.expectedErr) > 0 && tc.expectedErr[idx] == "" { + require.EqualValues(t, tc.expectedErr[idx], err.Error(), "certificate verification failed") + } else if err == nil && len(tc.expectedErr) > 0 && tc.expectedErr[idx] != "" { + require.EqualValues(t, tc.expectedErr[idx], err, "expected an error but certification verification succeeded") } } } + // Test that the server key is decodable and parseable. block, _ = pem.Decode(serverKey.Bytes()) if block == nil { require.FailNow(t, "failed to decode PEM block containing public key") - } - if block.Type == "RSA PRIVATE KEY" { + } else if block.Type == "RSA PRIVATE KEY" { _, err := x509.ParsePKCS1PrivateKey(block.Bytes) require.NoError(t, err, "failed to parse key") }