mirrors/talos
1
0
Fork 0
mirror of https://github.com/siderolabs/talos.git synced 2025-08-25 08:31:13 +02:00
Code Issues Packages Projects Releases Wiki Activity
talos/pkg/userdata/os_security_test.go
Brad Beam a5d31d97ff
feat: Validate userdata (#593) 
* feat: Validate userdata

Signed-off-by: Brad Beam <brad.beam@talos-systems.com>
2019-05-02 13:10:16 -05:00

44 lines
1.4 KiB
Go
Raw Blame History

/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
// nolint: dupl
package userdata
import (
"github.com/hashicorp/go-multierror"
"github.com/talos-systems/talos/pkg/crypto/x509"
"golang.org/x/xerrors"
)
func (suite *validateSuite) TestValidateOSSecurity() {
var err error
// Test for missing required sections
os := &OSSecurity{}
err = os.Validate(CheckOSCA())
suite.Require().Error(err)
// Embedding the check in suite.Assert().Equal(true, xerrors.Is had issues )
if !xerrors.Is(err.(*multierror.Error).Errors[0], ErrRequiredSection) {
suite.T().Errorf("%+v", err)
}
os.CA = &x509.PEMEncodedCertificateAndKey{}
err = os.Validate(CheckOSCA())
suite.Require().Error(err)
suite.Assert().Equal(4, len(err.(*multierror.Error).Errors))
// Test for invalid certs
os.CA.Crt = []byte("-----BEGIN Rubbish-----\n-----END Rubbish-----")
os.CA.Key = []byte("-----BEGIN EC Fluffy KEY-----\n-----END EC Fluffy KEY-----")
err = os.Validate(CheckOSCA())
suite.Require().Error(err)
// Successful test
os.CA.Crt = []byte("-----BEGIN CERTIFICATE-----\n-----END CERTIFICATE-----")
os.CA.Key = []byte("-----BEGIN EC PRIVATE KEY-----\n-----END EC PRIVATE KEY-----")
err = os.Validate(CheckOSCA())
suite.Require().NoError(err)
}
Reference in New Issue View Git Blame Copy Permalink