diff options
author | andreer <andreer@verizonmedia.com> | 2019-06-26 12:52:28 +0200 |
---|---|---|
committer | andreer <andreer@verizonmedia.com> | 2019-06-26 12:52:28 +0200 |
commit | 6b330dbe13745eed26c60cab48b6121527266f7c (patch) | |
tree | cf5461a165cc78b3794189b5cf733e4f8e993ebb /config-model | |
parent | 486db36de3b8fa5ffc2b4da79bea4cc5532b0a2c (diff) |
test TlsSecretsValidator
Diffstat (limited to 'config-model')
-rw-r--r-- | config-model/src/test/java/com/yahoo/vespa/model/application/validation/TlsSecretsValidatorTest.java | 88 |
1 files changed, 88 insertions, 0 deletions
diff --git a/config-model/src/test/java/com/yahoo/vespa/model/application/validation/TlsSecretsValidatorTest.java b/config-model/src/test/java/com/yahoo/vespa/model/application/validation/TlsSecretsValidatorTest.java new file mode 100644 index 00000000000..cdb4ce955e2 --- /dev/null +++ b/config-model/src/test/java/com/yahoo/vespa/model/application/validation/TlsSecretsValidatorTest.java @@ -0,0 +1,88 @@ +// Copyright 2018 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. +package com.yahoo.vespa.model.application.validation; + +import com.yahoo.config.application.api.ApplicationPackage; +import com.yahoo.config.model.NullConfigModelRegistry; +import com.yahoo.config.model.api.TlsSecrets; +import com.yahoo.config.model.deploy.DeployState; +import com.yahoo.config.model.deploy.TestProperties; +import com.yahoo.config.model.test.MockApplicationPackage; +import com.yahoo.config.provision.CertificateNotReadyException; +import com.yahoo.config.provision.Environment; +import com.yahoo.config.provision.RegionName; +import com.yahoo.config.provision.Zone; +import com.yahoo.vespa.model.VespaModel; +import org.junit.Rule; +import org.junit.Test; +import org.junit.rules.ExpectedException; + +import java.util.Optional; + +import static com.yahoo.config.model.test.TestUtil.joinLines; +import static org.junit.Assert.assertTrue; + +/** + * @author andreer + */ +public class TlsSecretsValidatorTest { + @Rule + public final ExpectedException exceptionRule = ExpectedException.none(); + + private static String servicesXml() { + return joinLines("<services version='1.0'>", + " <container id='default' version='1.0'>", + " </container>", + "</services>"); + } + + private static String deploymentXml() { + return joinLines("<deployment version='1.0' >", + " <prod />", + "</deployment>"); + } + + @Test + public void missing_certificate_fails_validation() throws Exception { + DeployState deployState = deployState(servicesXml(), deploymentXml(), Optional.of(TlsSecrets.MISSING)); + VespaModel model = new VespaModel(new NullConfigModelRegistry(), deployState); + + exceptionRule.expect(CertificateNotReadyException.class); + exceptionRule.expectMessage("TLS enabled, but could not retrieve certificate yet"); + + new TlsSecretsValidator().validate(model, deployState); + } + + @Test + public void validation_succeeds_with_certificate() throws Exception { + DeployState deployState = deployState(servicesXml(), deploymentXml(), Optional.of(new TlsSecrets("cert", "key"))); + VespaModel model = new VespaModel(new NullConfigModelRegistry(), deployState); + + new TlsSecretsValidator().validate(model, deployState); + } + + @Test + public void validation_succeeds_without_certificate() throws Exception { + DeployState deployState = deployState(servicesXml(), deploymentXml(), Optional.empty()); + VespaModel model = new VespaModel(new NullConfigModelRegistry(), deployState); + + new TlsSecretsValidator().validate(model, deployState); + } + + private static DeployState deployState(String servicesXml, String deploymentXml, Optional<TlsSecrets> tlsSecrets) { + ApplicationPackage app = new MockApplicationPackage.Builder() + .withServices(servicesXml) + .withDeploymentSpec(deploymentXml) + .build(); + DeployState.Builder builder = new DeployState.Builder() + .applicationPackage(app) + .zone(new Zone(Environment.prod, RegionName.from("foo"))) + .properties( + new TestProperties() + .setHostedVespa(true) + .setTlsSecrets(tlsSecrets)); + final DeployState deployState = builder.build(); + + assertTrue("Test must emulate a hosted deployment.", deployState.isHosted()); + return deployState; + } +} |