Documentation ¶
Index ¶
- func AssertCertificateHasClientAuthUsage(t *testing.T, cert *x509.Certificate)
- func AssertCertificateHasCommonName(t *testing.T, cert *x509.Certificate, commonName string)
- func AssertCertificateHasDNSNames(t *testing.T, cert *x509.Certificate, DNSNames ...string)
- func AssertCertificateHasIPAddresses(t *testing.T, cert *x509.Certificate, IPAddresses ...net.IP)
- func AssertCertificateHasNotAfter(t *testing.T, cert *x509.Certificate, expectedNotAfter time.Time)
- func AssertCertificateHasNotBefore(t *testing.T, cert *x509.Certificate, expectedNotBefore time.Time)
- func AssertCertificateHasOrganizations(t *testing.T, cert *x509.Certificate, organizations ...string)
- func AssertCertificateHasServerAuthUsage(t *testing.T, cert *x509.Certificate)
- func AssertCertificateIsSignedByCa(t *testing.T, cert *x509.Certificate, signingCa *x509.Certificate)
- func CreateCACert(t *testing.T) (*x509.Certificate, crypto.Signer)
- func CreateTestCert(t *testing.T, caCert *x509.Certificate, caKey crypto.Signer, ...) (*x509.Certificate, crypto.Signer, *pkiutil.CertConfig)
- func SetupCertificateAuthority(t *testing.T) (*x509.Certificate, crypto.Signer)
- func WritePKIFiles(t *testing.T, dir string, files PKIFiles)
- type CertTestCase
- type PKIFiles
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AssertCertificateHasClientAuthUsage ¶
func AssertCertificateHasClientAuthUsage(t *testing.T, cert *x509.Certificate)
AssertCertificateHasClientAuthUsage is a utility function for kubeadm testing that asserts if a given certificate has the expected ExtKeyUsageClientAuth
func AssertCertificateHasCommonName ¶
func AssertCertificateHasCommonName(t *testing.T, cert *x509.Certificate, commonName string)
AssertCertificateHasCommonName is a utility function for kubeadm testing that asserts if a given certificate has the expected SubjectCommonName
func AssertCertificateHasDNSNames ¶
func AssertCertificateHasDNSNames(t *testing.T, cert *x509.Certificate, DNSNames ...string)
AssertCertificateHasDNSNames is a utility function for kubeadm testing that asserts if a given certificate has the expected DNSNames
func AssertCertificateHasIPAddresses ¶
AssertCertificateHasIPAddresses is a utility function for kubeadm testing that asserts if a given certificate has the expected IPAddresses
func AssertCertificateHasNotAfter ¶ added in v1.31.0
AssertCertificateHasNotAfter is a utility function for kubeadm testing that asserts if a given certificate has the expected NotAfter. Truncate (round) expectedNotAfter to 1 second, since the certificate stores with seconds as the maximum precision.
func AssertCertificateHasNotBefore ¶ added in v1.31.0
func AssertCertificateHasNotBefore(t *testing.T, cert *x509.Certificate, expectedNotBefore time.Time)
AssertCertificateHasNotBefore is a utility function for kubeadm testing that asserts if a given certificate has the expected NotBefore. Truncate (round) expectedNotBefore to 1 second, since the certificate stores with seconds as the maximum precision.
func AssertCertificateHasOrganizations ¶
func AssertCertificateHasOrganizations(t *testing.T, cert *x509.Certificate, organizations ...string)
AssertCertificateHasOrganizations is a utility function for kubeadm testing that asserts if a given certificate has and only has the expected Subject.Organization
func AssertCertificateHasServerAuthUsage ¶
func AssertCertificateHasServerAuthUsage(t *testing.T, cert *x509.Certificate)
AssertCertificateHasServerAuthUsage is a utility function for kubeadm testing that asserts if a given certificate has the expected ExtKeyUsageServerAuth
func AssertCertificateIsSignedByCa ¶
func AssertCertificateIsSignedByCa(t *testing.T, cert *x509.Certificate, signingCa *x509.Certificate)
AssertCertificateIsSignedByCa is a utility function for kubeadm testing that asserts if a given certificate is signed by the expected CA
func CreateCACert ¶
CreateCACert creates a generic CA cert.
func CreateTestCert ¶
func CreateTestCert(t *testing.T, caCert *x509.Certificate, caKey crypto.Signer, altNames certutil.AltNames) (*x509.Certificate, crypto.Signer, *pkiutil.CertConfig)
CreateTestCert makes a generic certificate with the given CA and alternative names.
func SetupCertificateAuthority ¶ added in v1.16.0
SetupCertificateAuthority is a utility function for kubeadm testing that creates a CertificateAuthority cert/key pair
Types ¶
type CertTestCase ¶
CertTestCase is a configuration of certificates and whether it's expected to work.
func GetSparseCertTestCases ¶
func GetSparseCertTestCases(t *testing.T) []CertTestCase
GetSparseCertTestCases produces a series of cert configurations and their intended outcomes.