func (s *CertUpdaterSuite) TestStartStop(c *gc.C) { var initialAddresses []string setter := func(info params.StateServingInfo, dying <-chan struct{}) error { // Only care about first time called. if len(initialAddresses) > 0 { return nil } srvCert, err := cert.ParseCert(info.Cert) c.Assert(err, jc.ErrorIsNil) initialAddresses = make([]string, len(srvCert.IPAddresses)) for i, ip := range srvCert.IPAddresses { initialAddresses[i] = ip.String() } return nil } changes := make(chan struct{}) certChangedChan := make(chan params.StateServingInfo) worker := certupdater.NewCertificateUpdater( &mockMachine{changes}, s, &mockConfigGetter{}, &mockAPIHostGetter{}, setter, certChangedChan, ) worker.Kill() c.Assert(worker.Wait(), gc.IsNil) // Initial cert addresses initialised to cloud local ones. c.Assert(initialAddresses, jc.DeepEquals, []string{"192.168.1.1"}) }
func (s *CertUpdaterSuite) TestStartStop(c *gc.C) { setter := func(info params.StateServingInfo, dying <-chan struct{}) error { return nil } changes := make(chan struct{}) certChangedChan := make(chan params.StateServingInfo) worker := certupdater.NewCertificateUpdater( &mockMachine{changes}, &mockStateServingGetter{}, &mockConfigGetter{}, setter, certChangedChan, ) worker.Kill() c.Assert(worker.Wait(), gc.IsNil) }
func (s *CertUpdaterSuite) TestAddressChange(c *gc.C) { var srvCert *x509.Certificate updated := make(chan struct{}) setter := func(info params.StateServingInfo, dying <-chan struct{}) error { s.stateServingInfo = info var err error srvCert, err = cert.ParseCert(info.Cert) c.Assert(err, jc.ErrorIsNil) sanIPs := make([]string, len(srvCert.IPAddresses)) for i, ip := range srvCert.IPAddresses { sanIPs[i] = ip.String() } sanIPsSet := set.NewStrings(sanIPs...) if sanIPsSet.Size() == 2 && sanIPsSet.Contains("0.1.2.3") && sanIPsSet.Contains("192.168.1.1") { close(updated) } return nil } changes := make(chan struct{}) certChangedChan := make(chan params.StateServingInfo) worker := certupdater.NewCertificateUpdater( &mockMachine{changes}, s, &mockConfigGetter{}, &mockAPIHostGetter{}, setter, certChangedChan, ) defer func() { c.Assert(worker.Wait(), gc.IsNil) }() defer worker.Kill() changes <- struct{}{} // Certificate should be updated with the address value. select { case <-updated: case <-time.After(coretesting.LongWait): c.Fatalf("timed out waiting for certificate to be updated") } // The server certificates must report "juju-apiserver" as a DNS // name for backwards-compatibility with API clients. They must // also report "juju-mongodb" because these certicates are also // used for serving MongoDB connections. c.Assert(srvCert.DNSNames, jc.SameContents, []string{"localhost", "juju-apiserver", "juju-mongodb", "anything"}) }
func (s *CertUpdaterSuite) TestAddressChangeNoCAKey(c *gc.C) { updated := make(chan struct{}) setter := func(info params.StateServingInfo, dying <-chan struct{}) error { close(updated) return nil } changes := make(chan struct{}) worker := certupdater.NewCertificateUpdater( &mockMachine{changes}, &mockStateServingGetterNoCAKey{}, &mockConfigGetter{}, &mockAPIHostGetter{}, setter, ) defer func() { c.Assert(worker.Wait(), gc.IsNil) }() defer worker.Kill() changes <- struct{}{} // Certificate should not be updated with the address value. select { case <-time.After(coretesting.ShortWait): case <-updated: c.Fatalf("set state serving info unexpectedly called") } }