From 84822840b4a2bd6c9983f918f12d0bd3e97480a8 Mon Sep 17 00:00:00 2001 From: Lino Layani Date: Wed, 21 May 2025 17:51:48 -0400 Subject: [PATCH] Bumping test coverage to 100% --- pkg/tlsutils/tlsconfig_test.go | 46 ++++++++++++++++++++++++++++++++++ 1 file changed, 46 insertions(+) diff --git a/pkg/tlsutils/tlsconfig_test.go b/pkg/tlsutils/tlsconfig_test.go index dcb83814e..687603795 100644 --- a/pkg/tlsutils/tlsconfig_test.go +++ b/pkg/tlsutils/tlsconfig_test.go @@ -107,6 +107,48 @@ func TestCreateTLSConfig(t *testing.T) { assert.Equal(t, actual.MinVersion, uint16(defaultMinVersion)) }, }, + { + "Invalid CA file returns error", + "prefix", + "invalid-ca-content", + "", + "", + "", + "", + func(actual *tls.Config, err error) { + assert.Error(t, err) + assert.Contains(t, err.Error(), "could not read root certs") + }, + }, + { + "Invalid CA file path returns error", + "prefix", + "ca-path-does-not-exist", + "", + "", + "", + "server-name", + func(actual *tls.Config, err error) { + assert.Error(t, err) + assert.Contains(t, err.Error(), "error reading /path/does/not/exist") + }, + }, + { + "Complete config with CA, cert, and key returns valid tls.Config", + "prefix", + rsaCertPEM, + rsaCertPEM, + rsaKeyPEM, + "", + "server-name", + func(actual *tls.Config, err error) { + require.NoError(t, err) + assert.Equal(t, "server-name", actual.ServerName) + assert.NotNil(t, actual.Certificates[0]) + assert.NotNil(t, actual.RootCAs) + assert.False(t, actual.InsecureSkipVerify) + }, + }, } for _, tc := range tests { @@ -120,6 +162,10 @@ func TestCreateTLSConfig(t *testing.T) { t.Setenv(fmt.Sprintf("%s_CA_FILE", tc.prefix), path) } + if tc.caFile == "ca-path-does-not-exist" { + t.Setenv(fmt.Sprintf("%s_CA_FILE", tc.prefix), "/path/does/not/exist") + } + if tc.certFile != "" { path := fmt.Sprintf("%s/certFile", dir) utils.WriteToFile(path, tc.certFile)