forked from TrueCloudLab/certificates
Fix AuthorizeSSHSign tests with extra SignOption
This commit is contained in:
Mariano Cano
parent
e7d7eb1a94
commit
a627f21440
5 changed files with 7 additions and 5 deletions
|
|
@ -1034,7 +1034,7 @@ func TestAuthority_authorizeSSHSign(t *testing.T) {
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
if assert.Nil(t, tc.err) {
|
if assert.Nil(t, tc.err) {
|
||||||
assert.Len(t, 8, got) // number of provisioner.SignOptions returned
|
assert.Len(t, 9, got) // number of provisioner.SignOptions returned
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
})
|
})
|
||||||
|
|
|
||||||
|
|
@ -813,7 +813,6 @@ func TestAWS_AuthorizeSSHSign(t *testing.T) {
|
||||||
} else if assert.NotNil(t, got) {
|
} else if assert.NotNil(t, got) {
|
||||||
cert, err := signSSHCertificate(tt.args.key, tt.args.sshOpts, got, signer.Key.(crypto.Signer))
|
cert, err := signSSHCertificate(tt.args.key, tt.args.sshOpts, got, signer.Key.(crypto.Signer))
|
||||||
if (err != nil) != tt.wantSignErr {
|
if (err != nil) != tt.wantSignErr {
|
||||||
|
|
||||||
t.Errorf("SignSSH error = %v, wantSignErr %v", err, tt.wantSignErr)
|
t.Errorf("SignSSH error = %v, wantSignErr %v", err, tt.wantSignErr)
|
||||||
} else {
|
} else {
|
||||||
if tt.wantSignErr {
|
if tt.wantSignErr {
|
||||||
|
|
|
||||||
|
|
@ -368,9 +368,10 @@ func TestK8sSA_AuthorizeSSHSign(t *testing.T) {
|
||||||
} else {
|
} else {
|
||||||
if assert.Nil(t, tc.err) {
|
if assert.Nil(t, tc.err) {
|
||||||
if assert.NotNil(t, opts) {
|
if assert.NotNil(t, opts) {
|
||||||
assert.Len(t, 7, opts)
|
assert.Len(t, 8, opts)
|
||||||
for _, o := range opts {
|
for _, o := range opts {
|
||||||
switch v := o.(type) {
|
switch v := o.(type) {
|
||||||
|
case Interface:
|
||||||
case sshCertificateOptionsFunc:
|
case sshCertificateOptionsFunc:
|
||||||
case *sshCertOptionsRequireValidator:
|
case *sshCertOptionsRequireValidator:
|
||||||
assert.Equals(t, v, &sshCertOptionsRequireValidator{CertType: true, KeyID: true, Principals: true})
|
assert.Equals(t, v, &sshCertOptionsRequireValidator{CertType: true, KeyID: true, Principals: true})
|
||||||
|
|
|
||||||
|
|
@ -53,6 +53,7 @@ func signSSHCertificate(key crypto.PublicKey, opts SignSSHOptions, signOpts []Si
|
||||||
|
|
||||||
for _, op := range signOpts {
|
for _, op := range signOpts {
|
||||||
switch o := op.(type) {
|
switch o := op.(type) {
|
||||||
|
case Interface:
|
||||||
// add options to NewCertificate
|
// add options to NewCertificate
|
||||||
case SSHCertificateOptions:
|
case SSHCertificateOptions:
|
||||||
certOptions = append(certOptions, o.Options(opts)...)
|
certOptions = append(certOptions, o.Options(opts)...)
|
||||||
|
|
|
||||||
|
|
@ -769,6 +769,7 @@ func TestX5C_AuthorizeSSHSign(t *testing.T) {
|
||||||
nw := now()
|
nw := now()
|
||||||
for _, o := range opts {
|
for _, o := range opts {
|
||||||
switch v := o.(type) {
|
switch v := o.(type) {
|
||||||
|
case Interface:
|
||||||
case sshCertOptionsValidator:
|
case sshCertOptionsValidator:
|
||||||
tc.claims.Step.SSH.ValidAfter.t = time.Time{}
|
tc.claims.Step.SSH.ValidAfter.t = time.Time{}
|
||||||
tc.claims.Step.SSH.ValidBefore.t = time.Time{}
|
tc.claims.Step.SSH.ValidBefore.t = time.Time{}
|
||||||
|
|
@ -799,9 +800,9 @@ func TestX5C_AuthorizeSSHSign(t *testing.T) {
|
||||||
tot++
|
tot++
|
||||||
}
|
}
|
||||||
if len(tc.claims.Step.SSH.CertType) > 0 {
|
if len(tc.claims.Step.SSH.CertType) > 0 {
|
||||||
assert.Equals(t, tot, 10)
|
assert.Equals(t, tot, 11)
|
||||||
} else {
|
} else {
|
||||||
assert.Equals(t, tot, 8)
|
assert.Equals(t, tot, 9)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue