mirrors/pinniped
1
0
Fork 0
mirror of https://github.com/vmware-tanzu/pinniped.git synced 2026-01-07 14:05:50 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge branch 'main' into jtc/merge-main-at-d7849c79-to-github

Browse Source
This commit is contained in:
Joshua Casey
2024-05-10 14:22:09 -05:00
parent ab01ce41ed d7849c793c
commit 791b785dea
149 changed files with 219 additions and 468 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
internal/testutil/assertions.go
View File

@@ -1,4 +1,4 @@
// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved.
// Copyright 2020-2024 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
package testutil
@@ -16,8 +16,6 @@ import (
"k8s.io/apimachinery/pkg/labels"
"k8s.io/apimachinery/pkg/selection"
v1 "k8s.io/client-go/kubernetes/typed/core/v1"
"go.pinniped.dev/internal/testutil/tlsassertions"
)
func RequireTimeInDelta(t *testing.T, t1 time.Time, t2 time.Time, delta time.Duration) {
@@ -179,25 +177,3 @@ func WantMatchingErrorString(wantErrRegexp string) RequireErrorStringFunc {
require.Regexp(t, wantErrRegexp, actualErrorStr)
}
}
// WantX509UntrustedCertErrorString can be used to set up an expected value for an error string in a test table.
// expectedErrorFormatString must contain exactly one formatting verb, which should usually be %s, which will
// be replaced by the platform-specific X509 untrusted certs error string and then compared against expectedCommonName.
func WantX509UntrustedCertErrorString(expectedErrorFormatSpecifier string, expectedCommonName string) RequireErrorStringFunc {
// Starting in Go 1.18.1, and until it was fixed in Go 1.19.5, Go on MacOS had an incorrect error string.
// We don't care which error string was returned, as long as it is either the normal error string from
// the Go x509 library, or the error string that was accidentally returned from the Go x509 library in
// those versions of Go on MacOS which had the bug.
return func(t *testing.T, actualErrorStr string) {
// This is the MacOS error string starting in Go 1.18.1, and until it was fixed in Go 1.19.5.
macOSErr := fmt.Sprintf(`x509: “%s” certificate is not trusted`, expectedCommonName)
// This is the normal Go x509 library error string.
standardErr := `x509: certificate signed by unknown authority`
allowedErrorStrings := []string{
fmt.Sprintf(expectedErrorFormatSpecifier, tlsassertions.GetTLSErrorPrefix()+macOSErr),
fmt.Sprintf(expectedErrorFormatSpecifier, tlsassertions.GetTLSErrorPrefix()+standardErr),
}
// Allow either.
require.Contains(t, allowedErrorStrings, actualErrorStr)
}
}

10
internal/testutil/tlsassertions/assertions.go
View File

@@ -1,10 +0,0 @@
// Copyright 2023 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
//go:build go1.20
package tlsassertions
func GetTLSErrorPrefix() string {
return "tls: failed to verify certificate: "
}

10
internal/testutil/tlsassertions/assertions_before_go1.20.go
View File

@@ -1,10 +0,0 @@
// Copyright 2023 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
//go:build !go1.20
package tlsassertions
func GetTLSErrorPrefix() string {
return ""
}