validation tests for tls

This commit is contained in:
Stavros kois
2023-12-07 18:08:38 +02:00
parent 2277892fab
commit 06d087b2f3
2 changed files with 121 additions and 0 deletions

View File

@@ -476,3 +476,97 @@ tests:
asserts:
- failedTemplate:
errorMessage: Ingress - Expected targeted service port [my-port] to be enabled
- it: should fail if tls.hosts are empty
set:
operator: *operator
service: *service
ingress:
my-ingress:
enabled: true
primary: true
hosts: *hosts
tls:
- hosts: []
asserts:
- failedTemplate:
errorMessage: Ingress - Expected non-empty [tls.hosts]
- it: should fail if tls.hosts is not a slice
set:
operator: *operator
service: *service
ingress:
my-ingress:
enabled: true
primary: true
hosts: *hosts
tls:
- hosts: not-a-slice
asserts:
- failedTemplate:
errorMessage: Ingress - Expected [tls.hosts] to be a [slice], but got [string]
- it: should fail if tls.hosts.host is empty
set:
operator: *operator
service: *service
ingress:
my-ingress:
enabled: true
primary: true
hosts: *hosts
tls:
- hosts:
- host: ""
asserts:
- failedTemplate:
errorMessage: Ingress - Expected non-empty [tls.hosts.host]
- it: should fail if tls.hosts.host starts with https://
set:
operator: *operator
service: *service
ingress:
my-ingress:
enabled: true
primary: true
hosts: *hosts
tls:
- hosts:
- host: https://test-host
asserts:
- failedTemplate:
errorMessage: Ingress - Expected [tls.hosts.host] to not start with [https://], but got [https://test-host]
- it: should fail if tls.hosts.host starts with http://
set:
operator: *operator
service: *service
ingress:
my-ingress:
enabled: true
primary: true
hosts: *hosts
tls:
- hosts:
- host: http://test-host
asserts:
- failedTemplate:
errorMessage: Ingress - Expected [tls.hosts.host] to not start with [http://], but got [http://test-host]
- it: should fail if tls.hosts.host contains ":"
set:
operator: *operator
service: *service
ingress:
my-ingress:
enabled: true
primary: true
hosts: *hosts
tls:
- hosts:
- host: test-host:123
asserts:
- failedTemplate:
errorMessage: Ingress - Expected [tls.hosts.host] to not contain [:], but got [test-host:123]

View File

@@ -95,6 +95,33 @@ objectData:
{{- end -}}
{{- end -}}
{{- range $t := $objectData.tls -}}
{{- if not $t.hosts -}}
{{- fail "Ingress - Expected non-empty [tls.hosts]" -}}
{{- end -}}
{{- if not (kindIs "slice" $t.hosts) -}}
{{- fail (printf "Ingress - Expected [tls.hosts] to be a [slice], but got [%s]" (kindOf $t.hosts)) -}}
{{- end -}}
{{- range $h := $t.hosts -}}
{{- if not $h.host -}}
{{- fail "Ingress - Expected non-empty [tls.hosts.host]" -}}
{{- end -}}
{{- $host := tpl $h.host $rootCtx -}}
{{- if (hasPrefix "http://" $host) -}}
{{- fail (printf "Ingress - Expected [tls.hosts.host] to not start with [http://], but got [%s]" $host) -}}
{{- end -}}
{{- if (hasPrefix "https://" $host) -}}
{{- fail (printf "Ingress - Expected [tls.hosts.host] to not start with [https://], but got [%s]" $host) -}}
{{- end -}}
{{- if (contains ":" $host) -}}
{{- fail (printf "Ingress - Expected [tls.hosts.host] to not contain [:], but got [%s]" $host) -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{/* Ingress Primary Validation */}}