Skip to content

Commit

Permalink
use correct common name when correcting cert issuer
Browse files Browse the repository at this point in the history
  • Loading branch information
@yithian
yithian committed Oct 9, 2024
1 parent fe94d32 commit 2cbf9bb
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 2 deletions.
2 changes: 1 addition & 1 deletion pkg/cluster/correct_cert_issuer.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,7 @@ func (m *manager) ensureCertificateIssuer(ctx context.Context, certificateName,
return err
}

err = clusterKeyvault.CreateSignedCertificate(ctx, issuerName, certificateName, certificateName, keyvault.EkuServerAuth)
err = clusterKeyvault.CreateSignedCertificate(ctx, issuerName, certificateName, *bundle.Policy.X509CertificateProperties.Subject, keyvault.EkuServerAuth)
if err != nil {
return err
}
Expand Down
8 changes: 7 additions & 1 deletion pkg/cluster/correct_cert_issuer_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,19 +18,22 @@ func TestEnsureCertificateIssuer(t *testing.T) {
tests := []struct {
Name string
CertificateName string
CommonName string
CurrentIssuerName string
NewIssuerName string
ExpectError bool
}{
{
Name: "current issuer matches new issuer",
CertificateName: "testCert",
CommonName: "api.test.asdf.tld",
CurrentIssuerName: "fakeIssuer",
NewIssuerName: "fakeIssuer",
},
{
Name: "current issuer different from new issuer",
CertificateName: "testCert",
CommonName: "api.test.asdf.tld",
CurrentIssuerName: "OldFakeIssuer",
NewIssuerName: "NewFakeIssuer",
},
Expand All @@ -47,6 +50,9 @@ func TestEnsureCertificateIssuer(t *testing.T) {
IssuerParameters: &azkeyvault.IssuerParameters{
Name: &test.CurrentIssuerName,
},
X509CertificateProperties: &azkeyvault.X509CertificateProperties{
Subject: &test.CommonName,
},
},
}, nil)

Expand All @@ -58,7 +64,7 @@ func TestEnsureCertificateIssuer(t *testing.T) {
}, nil)

clusterKeyvault.EXPECT().UpdateCertificatePolicy(gomock.Any(), test.CertificateName, gomock.Any()).Return(nil)
clusterKeyvault.EXPECT().CreateSignedCertificate(gomock.Any(), test.NewIssuerName, test.CertificateName, test.CertificateName, gomock.Any()).Return(nil)
clusterKeyvault.EXPECT().CreateSignedCertificate(gomock.Any(), test.NewIssuerName, test.CertificateName, test.CommonName, gomock.Any()).Return(nil)
}

env := mock_env.NewMockInterface(controller)
Expand Down

0 comments on commit 2cbf9bb

Please sign in to comment.