Skip to content

Commit

Permalink
Add tests for SdsApi.
Browse files Browse the repository at this point in the history
Signed-off-by: JimmyCYJ <jimmychen.0102@gmail.com>
  • Loading branch information
JimmyCYJ committed Jun 29, 2018
1 parent 9675c56 commit 78c0da1
Show file tree
Hide file tree
Showing 2 changed files with 150 additions and 0 deletions.
26 changes: 26 additions & 0 deletions include/envoy/secret/dynamic_secret_provider.h
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
#pragma once

#include <string>

#include "envoy/ssl/tls_certificate_config.h"

namespace Envoy {
namespace Secret {

/**
* An interface to fetch dynamic secret.
*/
class DynamicSecretProvider {
public:
virtual ~DynamicSecretProvider() {}

/**
* @return the TlsCertificate secret. Returns nullptr if the secret is not found.
*/
virtual const Ssl::TlsCertificateConfig* secret() const PURE;
};

typedef std::shared_ptr<DynamicSecretProvider> DynamicSecretProviderSharedPtr;

} // namespace Secret
} // namespace Envoy
124 changes: 124 additions & 0 deletions test/common/secret/sds_api_test.cc
Original file line number Diff line number Diff line change
@@ -0,0 +1,124 @@
#include <memory>

#include "envoy/api/v2/auth/cert.pb.h"
#include "envoy/common/exception.h"

#include "common/secret/sds_api.h"

#include "test/mocks/server/mocks.h"
#include "test/test_common/environment.h"
#include "test/test_common/utility.h"

#include "gmock/gmock.h"
#include "gtest/gtest.h"

namespace Envoy {
namespace Secret {
namespace {

class MockServer : public Server::MockInstance {
public:
Init::Manager& initManager() { return initmanager_; }

private:
class InitManager : public Init::Manager {
public:
void initialize(std::function<void()> callback);
void registerTarget(Init::Target&) override {}
};

InitManager initmanager_;
};

class SdsApiTest : public testing::Test {};

TEST_F(SdsApiTest, SecretUpdateSuccess) {
MockServer server;
envoy::api::v2::core::ConfigSource config_source;
SdsApi sds_api(server, config_source, "abc.com");

std::string yaml =
R"EOF(
name: "abc.com"
tls_certificate:
certificate_chain:
filename: "{{ test_rundir }}/test/common/ssl/test_data/selfsigned_cert.pem"
private_key:
filename: "{{ test_rundir }}/test/common/ssl/test_data/selfsigned_key.pem"
)EOF";

Protobuf::RepeatedPtrField<envoy::api::v2::auth::Secret> secret_resources;
auto secret_config = secret_resources.Add();
MessageUtil::loadFromYaml(TestEnvironment::substitute(yaml), *secret_config);
sds_api.onConfigUpdate(secret_resources, "");

const std::string cert_pem = "{{ test_rundir }}/test/common/ssl/test_data/selfsigned_cert.pem";
EXPECT_EQ(TestEnvironment::readFileToStringForTest(TestEnvironment::substitute(cert_pem)),
sds_api.secret()->certificateChain());

const std::string key_pem = "{{ test_rundir }}/test/common/ssl/test_data/selfsigned_key.pem";
EXPECT_EQ(TestEnvironment::readFileToStringForTest(TestEnvironment::substitute(key_pem)),
sds_api.secret()->privateKey());
}

TEST_F(SdsApiTest, EmptyResource) {
MockServer server;
envoy::api::v2::core::ConfigSource config_source;
SdsApi sds_api(server, config_source, "abc.com");

Protobuf::RepeatedPtrField<envoy::api::v2::auth::Secret> secret_resources;
sds_api.onConfigUpdate(secret_resources, "");
EXPECT_EQ(nullptr, sds_api.secret());
}

TEST_F(SdsApiTest, SecretUpdateWrongSize) {
MockServer server;
envoy::api::v2::core::ConfigSource config_source;
SdsApi sds_api(server, config_source, "abc.com");

std::string yaml =
R"EOF(
name: "abc.com"
tls_certificate:
certificate_chain:
filename: "{{ test_rundir }}/test/common/ssl/test_data/selfsigned_cert.pem"
private_key:
filename: "{{ test_rundir }}/test/common/ssl/test_data/selfsigned_key.pem"
)EOF";

Protobuf::RepeatedPtrField<envoy::api::v2::auth::Secret> secret_resources;
auto secret_config_1 = secret_resources.Add();
MessageUtil::loadFromYaml(TestEnvironment::substitute(yaml), *secret_config_1);
auto secret_config_2 = secret_resources.Add();
MessageUtil::loadFromYaml(TestEnvironment::substitute(yaml), *secret_config_2);

EXPECT_THROW_WITH_MESSAGE(sds_api.onConfigUpdate(secret_resources, ""), EnvoyException,
"Unexpected SDS secrets length: 2");
}

TEST_F(SdsApiTest, SecretUpdateWrongSecretName) {
MockServer server;
envoy::api::v2::core::ConfigSource config_source;
SdsApi sds_api(server, config_source, "abc.com");

std::string yaml =
R"EOF(
name: "wrong.name.com"
tls_certificate:
certificate_chain:
filename: "{{ test_rundir }}/test/common/ssl/test_data/selfsigned_cert.pem"
private_key:
filename: "{{ test_rundir }}/test/common/ssl/test_data/selfsigned_key.pem"
)EOF";

Protobuf::RepeatedPtrField<envoy::api::v2::auth::Secret> secret_resources;
auto secret_config = secret_resources.Add();
MessageUtil::loadFromYaml(TestEnvironment::substitute(yaml), *secret_config);

EXPECT_THROW_WITH_MESSAGE(sds_api.onConfigUpdate(secret_resources, ""), EnvoyException,
"Unexpected SDS secret (expecting abc.com): wrong.name.com");
}

} // namespace
} // namespace Secret
} // namespace Envoy

0 comments on commit 78c0da1

Please sign in to comment.