mirror of
https://github.com/optim-enterprises-bv/kubernetes.git
synced 2025-11-04 04:08:16 +00:00
Verify that an ingress with empty TLS is valid
Add a test that verifies that an ingress with an empty TLS value or with a TLS value that specifies an empty list of hosts passes validation. * pkg/apis/networking/validation/validation_test.go (TestValidateEmptyIngressTLS): New test.
This commit is contained in:
Miciah Masters
committed by
Miciah Dashiel Butler Masters
Miciah Dashiel Butler Masters
parent
68168541ea
commit
7ef8fa7207
@@ -2072,6 +2072,67 @@ func TestValidateIngressTLS(t *testing.T) {
|
||||
}
|
||||
}
|
||||
|
||||
// TestValidateEmptyIngressTLS verifies that an empty TLS configuration can be
|
||||
// specified, which ingress controllers may interpret to mean that TLS should be
|
||||
// used with a default certificate that the ingress controller furnishes.
|
||||
func TestValidateEmptyIngressTLS(t *testing.T) {
|
||||
pathTypeImplementationSpecific := networking.PathTypeImplementationSpecific
|
||||
serviceBackend := &networking.IngressServiceBackend{
|
||||
Name: "defaultbackend",
|
||||
Port: networking.ServiceBackendPort{
|
||||
Number: 443,
|
||||
},
|
||||
}
|
||||
defaultBackend := networking.IngressBackend{
|
||||
Service: serviceBackend,
|
||||
}
|
||||
newValid := func() networking.Ingress {
|
||||
return networking.Ingress{
|
||||
ObjectMeta: metav1.ObjectMeta{
|
||||
Name: "foo",
|
||||
Namespace: metav1.NamespaceDefault,
|
||||
},
|
||||
Spec: networking.IngressSpec{
|
||||
Rules: []networking.IngressRule{
|
||||
{
|
||||
Host: "foo.bar.com",
|
||||
IngressRuleValue: networking.IngressRuleValue{
|
||||
HTTP: &networking.HTTPIngressRuleValue{
|
||||
Paths: []networking.HTTPIngressPath{
|
||||
{
|
||||
PathType: &pathTypeImplementationSpecific,
|
||||
Backend: defaultBackend,
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
validCases := map[string]networking.Ingress{}
|
||||
goodEmptyTLS := newValid()
|
||||
goodEmptyTLS.Spec.TLS = []networking.IngressTLS{
|
||||
{},
|
||||
}
|
||||
validCases[fmt.Sprintf("spec.tls[0]: Valid value: %v", goodEmptyTLS.Spec.TLS[0])] = goodEmptyTLS
|
||||
goodEmptyHosts := newValid()
|
||||
goodEmptyHosts.Spec.TLS = []networking.IngressTLS{
|
||||
{
|
||||
Hosts: []string{},
|
||||
},
|
||||
}
|
||||
validCases[fmt.Sprintf("spec.tls[0]: Valid value: %v", goodEmptyHosts.Spec.TLS[0])] = goodEmptyHosts
|
||||
for k, v := range validCases {
|
||||
errs := validateIngress(&v, IngressValidationOptions{}, networkingv1beta1.SchemeGroupVersion)
|
||||
if len(errs) != 0 {
|
||||
t.Errorf("expected success for %q", k)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
func TestValidateIngressStatusUpdate(t *testing.T) {
|
||||
serviceBackend := &networking.IngressServiceBackend{
|
||||
Name: "defaultbackend",
|
||||
|
||||
Reference in New Issue
Block a user