diff --git a/test/integration/functional_test.go b/test/integration/functional_test.go index f91e4b5232..793345a2b9 100644 --- a/test/integration/functional_test.go +++ b/test/integration/functional_test.go @@ -1528,11 +1528,23 @@ func testCert() string { return fmt.Sprintf("%d.pem", os.Getpid()) } -// localTestCertPath is where the test file will be synced into the VM +// testFileCert is name of the test certificate installed +func testFileCert() string { + return fmt.Sprintf("%d2.pem", os.Getpid()) +} + +// localTestCertPath is where certs can be synced from the local host into the VM +// precisely, it's $MINIKUBE_HOME/certs func localTestCertPath() string { return filepath.Join(localpath.MiniPath(), "/certs", testCert()) } +// localTestCertFilesPath is an alternate location where certs can be synced into the minikube VM +// precisely, it's $MINIKUBE_HOME/files/etc/ssl/certs +func localTestCertFilesPath() string { + return filepath.Join(localpath.MiniPath(), "/files/etc/ssl/certs", testFileCert()) +} + // localEmptyCertPath is where the test file will be synced into the VM func localEmptyCertPath() string { return filepath.Join(localpath.MiniPath(), "/certs", fmt.Sprintf("%d_empty.pem", os.Getpid())) @@ -1574,6 +1586,30 @@ func setupFileSync(ctx context.Context, t *testing.T, profile string) { t.Errorf("%s size=%d, want %d", localTestCertPath(), got.Size(), want.Size()) } + testPem2 := filepath.Join(*testdataDir, "minikube_test2.pem") + tmpPem2 := localTestCertFilesPath() + ".pem" + if err := copy.Copy(testPem2, tmpPem2); err != nil { + t.Fatalf("failed to copy %s: %v", testPem2, err) + } + + if err := os.Rename(tmpPem2, localTestCertFilesPath()); err != nil { + t.Fatalf("failed to rename %s: %v", tmpPem2, err) + } + + want, err = os.Stat(testPem2) + if err != nil { + t.Fatalf("stat failed: %v", err) + } + + got, err = os.Stat(localTestCertFilesPath()) + if err != nil { + t.Fatalf("stat failed: %v", err) + } + + if want.Size() != got.Size() { + t.Errorf("%s size=%d, want %d", localTestCertFilesPath(), got.Size(), want.Size()) + } + // Create an empty file just to mess with people if _, err := os.Create(localEmptyCertPath()); err != nil { t.Fatalf("create failed: %v", err) @@ -1608,7 +1644,7 @@ func validateFileSync(ctx context.Context, t *testing.T, profile string) { } } -// validateCertSync to check existence of the test certificate +// validateCertSync checks to make sure a custom cert has been copied into the minikube guest and installed correctly func validateCertSync(ctx context.Context, t *testing.T, profile string) { defer PostMortemLogs(t, profile) @@ -1642,6 +1678,33 @@ func validateCertSync(ctx context.Context, t *testing.T, profile string) { t.Errorf("failed verify pem file. minikube_test.pem -> %s mismatch (-want +got):\n%s", vp, diff) } } + + testPem2 := filepath.Join(*testdataDir, "minikube_test2.pem") + want, err = ioutil.ReadFile(testPem2) + if err != nil { + t.Errorf("test file not found: %v", err) + } + + // Check both the installed & reference certs (they should be symlinked) + paths = []string{ + path.Join("/etc/ssl/certs", testFileCert()), + path.Join("/usr/share/ca-certificates", testFileCert()), + // hashed path generated by: 'openssl x509 -hash -noout -in testCert()' + "/etc/ssl/certs/3ec20f2e.0", + } + for _, vp := range paths { + t.Logf("Checking for existence of %s within VM", vp) + rr, err := Run(t, exec.CommandContext(ctx, Target(), "-p", profile, "ssh", fmt.Sprintf("sudo cat %s", vp))) + if err != nil { + t.Errorf("failed to check existence of %q inside minikube. args %q: %v", vp, rr.Command(), err) + } + + // Strip carriage returned by ssh + got := strings.ReplaceAll(rr.Stdout.String(), "\r", "") + if diff := cmp.Diff(string(want), got); diff != "" { + t.Errorf("failed verify pem file. minikube_test2.pem -> %s mismatch (-want +got):\n%s", vp, diff) + } + } } // validateNotActiveRuntimeDisabled asserts that for a given runtime, the other runtimes disabled, for example for containerd runtime, docker and crio needs to be not running diff --git a/test/integration/testdata/minikube_test2.pem b/test/integration/testdata/minikube_test2.pem new file mode 100644 index 0000000000..e80cc3763d --- /dev/null +++ b/test/integration/testdata/minikube_test2.pem @@ -0,0 +1,28 @@ +-----BEGIN CERTIFICATE----- +MIIEwDCCAqgCCQCUeXrVemI4eTANBgkqhkiG9w0BAQsFADAiMQswCQYDVQQGEwJV +UzETMBEGA1UECAwKQ2FsaWZvcm5pYTAeFw0yMTA3MjEyMDM4MDdaFw0yMTA4MjAy +MDM4MDdaMCIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMIICIjAN +BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAu1+sCiosrYIy83a+KtPdoGsKun+O +jKhETWQrum5FGxqKyQzhHN8q6iZBI94m1sZb2xIJDcKaAsHpKf1z/5pkrWQW4JeL +riqJ5U0kENy6mWGoFzPLQHkKMXSYUEkRjrgJphh5zLkWDzx6uwxHIrs5yaIwn71Z +enYezHL8NyMd10+up1lNvH+xGqnSJ3ge7Rj+r5XbA3avvaJ9AVdiJMU5ArMw4Snu +dLDSUueWFedmXoQud083EvDbMY61blNKUR6BKBJLPopH+9NnUP7FRU25lvTsA8qT +zz/KertMFhCfwvK4y7a7+GbIPD3fItpm23GORuViEGgeRMH7GGSNVfm4VtK5mI4c +XK9BrCE+FXowHOWU3MTH1qsvTigd3JZc8BKTaePJGMIDT1HIAaoK7SOoZOLka7bi +IiLaojrIWY6tE5IIl46cQWLg09G+kjKVfEEvEHNe0t22I9etGeUUEwlcMITHmEdE +WrXytC8dSNFObSG5B2MX2Ovm+yNblcK7TI7lW/tkbxtKs56J1mNmi4LXXBM8FdF8 +w9MpJc+ySVj2+f+eBE08amKjC9VVbBzNSw7MRaI9fFY5AAifJ8g55F3/KCNq5aTd +rBADtAa5kQkTVjfMBhG++0Ow4f55hm73oJAy/qxb09OY7Vk9ky/K3l8GfWv8ozIF +w+Oq6vdsspvtVJ8CAwEAATANBgkqhkiG9w0BAQsFAAOCAgEAGKVxsf13kYGaQJ+J +6eyRZXlV5Bp+9EGtMPGsuVv2HJa4oxMBn7Xc/bUhjY9Is/ZwfOpPUPO/nQtSSPmO +aozQj/27p8HDTW201fwLNiZMcppBdJvIQdDzCh6e2ikg3lqsw2BoLX1vbgc9HPml +P8QCHEz2lricGdTuMRtBgH5x/ZkZGLbADQBeyoPTsPaQceRt5hPYXWifqiHhcJoL +2T+XgbaHJ4lEhCU0IXJG0vlLuAyxQzO3gMeHK8BlLt/h/JCiDndo63a4XCkenmY8 +8/6Y9Lgh+O3954YgwdXBIS33CzhY7c+tfpag1hwpDHro/zsyLwdN2JxZqWymfg8T +RyIeJ5VpY+CGm1fVTx84twQbiM241eZDYaW6Ap5/ZuxPbzY++KDMZHMuJYURorAU +JE/SE6WltXpKTvtzyPNKt8fgPQmFzlBosDZCf/5EiyVqbLzideF1l+Rd//5gRBg0 +B63fOlCdxGtDeX1gKzekV4sXQIsWKW1BSCEInJt5lOS8Ex4JTXy8crwKo7hv0zPc +sOjAXbtDYlPf/jPFGKzkgFACB87Bx4ZUZMp/ShOzjMt20MLGLJvCGCQIHetUz+GG +/LTwSNhgWCheYkbDwXhCmqbN249xE3fNHC6zQ/IMJ30v/UWN4RldGfFzmoVBRUUX +eQ7g5kXER7H/Lh/2V9FyaRhPpZM= +-----END CERTIFICATE-----