Skip to content

Commit

Permalink
adjust tests
Browse files Browse the repository at this point in the history
  • Loading branch information
sbueringer committed Dec 31, 2024
1 parent 3c5359d commit 571e073
Showing 1 changed file with 17 additions and 12 deletions.
29 changes: 17 additions & 12 deletions pkg/certwatcher/certwatcher_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,6 @@ limitations under the License.
package certwatcher_test

import (
"bytes"
"context"
"crypto/rand"
"crypto/rsa"
Expand Down Expand Up @@ -77,12 +76,12 @@ var _ = Describe("CertWatcher", func() {
Expect(err).ToNot(HaveOccurred())
})

startWatcher := func() (done <-chan struct{}) {
startWatcher := func(interval time.Duration) (done <-chan struct{}) {
doneCh := make(chan struct{})
go func() {
defer GinkgoRecover()
defer close(doneCh)
Expect(watcher.WithWatchInterval(time.Second).Start(ctx)).To(Succeed())
Expect(watcher.WithWatchInterval(interval).Start(ctx)).To(Succeed())
}()
// wait till we read first cert
Eventually(func() error {
Expand All @@ -93,14 +92,16 @@ var _ = Describe("CertWatcher", func() {
}

It("should read the initial cert/key", func() {
doneCh := startWatcher()
// This test verifies the initial read succeeded. So interval doesn't matter.
doneCh := startWatcher(10 * time.Second)

ctxCancel()
Eventually(doneCh, "4s").Should(BeClosed())
})

It("should reload currentCert when changed", func() {
doneCh := startWatcher()
// This test verifies fsnotify detects the cert change. So interval doesn't matter.
doneCh := startWatcher(10 * time.Second)
called := atomic.Int64{}
watcher.RegisterCallback(func(crt tls.Certificate) {
called.Add(1)
Expand All @@ -115,7 +116,7 @@ var _ = Describe("CertWatcher", func() {
Eventually(func() bool {
secondcert, _ := watcher.GetCertificate(nil)
first := firstcert.PrivateKey.(*rsa.PrivateKey)
return first.Equal(secondcert.PrivateKey) || bytes.Equal(firstcert.Certificate[0], secondcert.Certificate[0])
return first.Equal(secondcert.PrivateKey) || firstcert.Leaf.SerialNumber == secondcert.Leaf.SerialNumber
}).ShouldNot(BeTrue())

ctxCancel()
Expand All @@ -124,7 +125,8 @@ var _ = Describe("CertWatcher", func() {
})

It("should reload currentCert when changed with rename", func() {
doneCh := startWatcher()
// This test verifies fsnotify detects the cert change. So interval doesn't matter.
doneCh := startWatcher(10 * time.Second)
called := atomic.Int64{}
watcher.RegisterCallback(func(crt tls.Certificate) {
called.Add(1)
Expand All @@ -145,7 +147,7 @@ var _ = Describe("CertWatcher", func() {
Eventually(func() bool {
secondcert, _ := watcher.GetCertificate(nil)
first := firstcert.PrivateKey.(*rsa.PrivateKey)
return first.Equal(secondcert.PrivateKey) || bytes.Equal(firstcert.Certificate[0], secondcert.Certificate[0])
return first.Equal(secondcert.PrivateKey) || firstcert.Leaf.SerialNumber == secondcert.Leaf.SerialNumber
}).ShouldNot(BeTrue())

ctxCancel()
Expand All @@ -154,7 +156,8 @@ var _ = Describe("CertWatcher", func() {
})

It("should reload currentCert after move out", func() {
doneCh := startWatcher()
// This test verifies poll works, so we'll use 1s as interval (fsnotify doesn't detect this change).
doneCh := startWatcher(1 * time.Second)
called := atomic.Int64{}
watcher.RegisterCallback(func(crt tls.Certificate) {
called.Add(1)
Expand All @@ -172,7 +175,7 @@ var _ = Describe("CertWatcher", func() {
Eventually(func() bool {
secondcert, _ := watcher.GetCertificate(nil)
first := firstcert.PrivateKey.(*rsa.PrivateKey)
return first.Equal(secondcert.PrivateKey) || bytes.Equal(firstcert.Certificate[0], secondcert.Certificate[0])
return first.Equal(secondcert.PrivateKey) || firstcert.Leaf.SerialNumber == secondcert.Leaf.SerialNumber
}, "10s", "1s").ShouldNot(BeTrue())

ctxCancel()
Expand All @@ -190,7 +193,8 @@ var _ = Describe("CertWatcher", func() {
})

It("should get updated on successful certificate read", func() {
doneCh := startWatcher()
// This test verifies fsnotify, so interval doesn't matter.
doneCh := startWatcher(10 * time.Second)

Eventually(func() error {
readCertificateTotalAfter := testutil.ToFloat64(metrics.ReadCertificateTotal)
Expand All @@ -205,7 +209,8 @@ var _ = Describe("CertWatcher", func() {
})

It("should get updated on read certificate errors", func() {
doneCh := startWatcher()
// This test works with fsnotify, so interval doesn't matter.
doneCh := startWatcher(10 * time.Second)

Eventually(func() error {
readCertificateTotalAfter := testutil.ToFloat64(metrics.ReadCertificateTotal)
Expand Down

0 comments on commit 571e073

Please sign in to comment.