From 1657f55693889e2fc5d5f25f92b6ee413ec77f59 Mon Sep 17 00:00:00 2001 From: Marius Stein Date: Wed, 31 Jul 2024 17:57:40 +0200 Subject: [PATCH 1/2] add test to cover cert manager config edge case --- .../certificate/config/cert_manager_test.go | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/pkg/reconciler/certificate/config/cert_manager_test.go b/pkg/reconciler/certificate/config/cert_manager_test.go index 709d412d8b7d..450cb6f8a146 100644 --- a/pkg/reconciler/certificate/config/cert_manager_test.go +++ b/pkg/reconciler/certificate/config/cert_manager_test.go @@ -121,6 +121,34 @@ func TestIssuerRef(t *testing.T) { clusterLocalIssuerRefKey: "kind: ClusterIssuer\nname: system-internal-issuer", }, }, + }, { + name: "all issuer valid", + wantErr: false, + wantConfig: &CertManagerConfig{ + IssuerRef: &cmmeta.ObjectReference{ + Name: "letsencrypt-issuer", + Kind: "ClusterIssuer", + }, + ClusterLocalIssuerRef: &cmmeta.ObjectReference{ + Name: "system-internal-issuer", + Kind: "ClusterIssuer", + }, + SystemInternalIssuerRef: &cmmeta.ObjectReference{ + Name: "system-internal-issuer", + Kind: "ClusterIssuer", + }, + }, + config: &corev1.ConfigMap{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: system.Namespace(), + Name: CertManagerConfigName, + }, + Data: map[string]string{ + clusterLocalIssuerRefKey: "kind: ClusterIssuer\nname: system-internal-issuer", + systemInternalIssuerRef: "kind: ClusterIssuer\nname: system-internal-issuer", + issuerRefKey: "kind: ClusterIssuer\nname: letsencrypt-issuer", + }, + }, }} for _, tt := range isserRefCases { From c446064f8de4555856cdf6bcd1bcdbe4f9d8714c Mon Sep 17 00:00:00 2001 From: Marius Stein Date: Wed, 31 Jul 2024 18:08:03 +0200 Subject: [PATCH 2/2] fix edge case bug in cert manager config --- pkg/reconciler/certificate/config/cert_manager.go | 6 +++--- pkg/reconciler/certificate/config/cert_manager_test.go | 6 ++++-- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/pkg/reconciler/certificate/config/cert_manager.go b/pkg/reconciler/certificate/config/cert_manager.go index a00b5c6beb8a..158f4b51e347 100644 --- a/pkg/reconciler/certificate/config/cert_manager.go +++ b/pkg/reconciler/certificate/config/cert_manager.go @@ -51,9 +51,9 @@ type CertManagerConfig struct { func NewCertManagerConfigFromConfigMap(configMap *corev1.ConfigMap) (*CertManagerConfig, error) { // Use Knative self-signed ClusterIssuer as default config := &CertManagerConfig{ - IssuerRef: knativeSelfSignedIssuer, - ClusterLocalIssuerRef: knativeSelfSignedIssuer, - SystemInternalIssuerRef: knativeSelfSignedIssuer, + IssuerRef: knativeSelfSignedIssuer.DeepCopy(), + ClusterLocalIssuerRef: knativeSelfSignedIssuer.DeepCopy(), + SystemInternalIssuerRef: knativeSelfSignedIssuer.DeepCopy(), } if v, ok := configMap.Data[issuerRefKey]; ok { diff --git a/pkg/reconciler/certificate/config/cert_manager_test.go b/pkg/reconciler/certificate/config/cert_manager_test.go index 450cb6f8a146..d6d58f56c464 100644 --- a/pkg/reconciler/certificate/config/cert_manager_test.go +++ b/pkg/reconciler/certificate/config/cert_manager_test.go @@ -118,7 +118,7 @@ func TestIssuerRef(t *testing.T) { Name: CertManagerConfigName, }, Data: map[string]string{ - clusterLocalIssuerRefKey: "kind: ClusterIssuer\nname: system-internal-issuer", + systemInternalIssuerRef: "kind: ClusterIssuer\nname: system-internal-issuer", }, }, }, { @@ -157,7 +157,9 @@ func TestIssuerRef(t *testing.T) { if (err != nil) != tt.wantErr { t.Fatalf("Test: %q; NewCertManagerConfigFromConfigMap() error = %v, WantErr %v", tt.name, err, tt.wantErr) } - if diff := cmp.Diff(actualConfig, tt.wantConfig); diff != "" { + + if !cmp.Equal(actualConfig, tt.wantConfig) { + t.Log(cmp.Diff(actualConfig, tt.wantConfig)) t.Fatalf("Want %v, but got %v", tt.wantConfig, actualConfig) } })