test that zones from deployment spec are included in cert

author: andreer <andreer@verizonmedia.com> 2020-05-26 14:00:30 +0200
committer: andreer <andreer@verizonmedia.com> 2020-05-26 14:00:30 +0200
commit: 0d7e6b4e9e8484e13bec2e755f7fc66b2a9f7b39 (patch)
tree: cb8f574cd3464afe578db555d148ff6753baff2e /controller-server
parent: 675cd6fa400e7e43578aea0a59df08b8712e7ca6 (diff)
1 files changed, 24 insertions, 0 deletions
diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/certificate/EndpointCertificateManagerTest.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/certificate/EndpointCertificateManagerTest.java
index d29a1c539bb..d0e87056821 100644
--- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/certificate/EndpointCertificateManagerTest.java
+++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/certificate/EndpointCertificateManagerTest.java
@@ -1,5 +1,7 @@
 package com.yahoo.vespa.hosted.controller.certificate;
 
+import com.yahoo.config.application.api.DeploymentSpec;
+import com.yahoo.config.application.api.xml.DeploymentSpecXmlReader;
 import com.yahoo.config.provision.ApplicationId;
 import com.yahoo.config.provision.Environment;
 import com.yahoo.config.provision.SystemName;
@@ -182,4 +184,26 @@ public class EndpointCertificateManagerTest {
         assertEquals(endpointCertificateMetadata, mockCuratorDb.readEndpointCertificateMetadata(testInstance.id()));
         assertEquals(Set.copyOf(expectedCombinedSans), Set.copyOf(endpointCertificateMetadata.get().requestedDnsSans().orElseThrow()));
     }
+
+    @Test
+    public void includes_zones_in_deployment_spec_when_deploying_to_staging() {
+
+        DeploymentSpec deploymentSpec = new DeploymentSpecXmlReader(true).read(
+                "<deployment version=\"1.0\">\n" +
+                        "  <instance id=\"default\">\n" +
+                        "    <prod>\n" +
+                        "      <region active=\"true\">aws-us-east-1a</region>\n" +
+                        "      <region active=\"true\">ap-northeast-1</region>\n" +
+                        "    </prod>\n" +
+                        "  </instance>\n" +
+                        "</deployment>\n");
+
+        ZoneId testZone = zoneRegistryMock.zones().controllerUpgraded().in(Environment.staging).zones().stream().findFirst().orElseThrow().getId();
+        Optional<EndpointCertificateMetadata> endpointCertificateMetadata = endpointCertificateManager.getEndpointCertificateMetadata(testInstance, testZone, Optional.of(deploymentSpec.requireInstance("default")));
+        assertTrue(endpointCertificateMetadata.isPresent());
+        assertTrue(endpointCertificateMetadata.get().keyName().matches("vespa.tls.default.default.*-key"));
+        assertTrue(endpointCertificateMetadata.get().certName().matches("vespa.tls.default.default.*-cert"));
+        assertEquals(0, endpointCertificateMetadata.get().version());
+        assertEquals(Set.copyOf(expectedCombinedSans), Set.copyOf(endpointCertificateMetadata.get().requestedDnsSans().orElseThrow()));
+    }
 }
author	andreer <andreer@verizonmedia.com>	2020-05-26 14:00:30 +0200
committer	andreer <andreer@verizonmedia.com>	2020-05-26 14:00:30 +0200
commit	0d7e6b4e9e8484e13bec2e755f7fc66b2a9f7b39 (patch)
tree	cb8f574cd3464afe578db555d148ff6753baff2e /controller-server
parent	675cd6fa400e7e43578aea0a59df08b8712e7ca6 (diff)