Skip to content

Commit 4519fbb

Browse files
authored
Fix calling ReadOne indefinitely for invalid Certificate specs (#45)
Issue #, if available: aws-controllers-k8s/community#2114 Description of changes: Fixes calling `ReadOne` indefinitely for invalid Certificate specs. Fixes aws-controllers-k8s/community#2114 By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
1 parent 4836842 commit 4519fbb

File tree

4 files changed

+41
-18
lines changed

4 files changed

+41
-18
lines changed

pkg/resource/certificate/sdk.go

Lines changed: 1 addition & 7 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
Lines changed: 1 addition & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -1,9 +1,3 @@
11
if err = validatePublicValidationOptions(desired); err != nil {
2-
ackcondition.SetTerminal(
3-
desired,
4-
corev1.ConditionTrue,
5-
&domainValidationOptionsExceededMsg,
6-
nil,
7-
)
8-
return desired, nil
2+
return nil, ackerr.NewTerminalError(err)
93
}
Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,18 @@
1+
apiVersion: acm.services.k8s.aws/v1alpha1
2+
kind: Certificate
3+
metadata:
4+
name: $CERTIFICATE_NAME
5+
spec:
6+
domainName: $DOMAIN_NAME
7+
certificateAuthorityARN: invalid
8+
domainValidationOptions:
9+
- domainName: $DOMAIN_NAME
10+
- domainName: $DOMAIN_NAME
11+
- domainName: $DOMAIN_NAME
12+
- domainName: $DOMAIN_NAME
13+
- domainName: $DOMAIN_NAME
14+
- domainName: $DOMAIN_NAME
15+
- domainName: $DOMAIN_NAME
16+
tags:
17+
- key: environment
18+
value: dev

test/e2e/tests/test_certificate.py

Lines changed: 21 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,7 @@
1818

1919
import pytest
2020

21-
from acktest.k8s import resource as k8s
21+
from acktest.k8s import resource as k8s, condition
2222
from acktest.resources import random_suffix_name
2323
from e2e import service_marker, CRD_GROUP, CRD_VERSION, load_resource
2424
from e2e.replacement_values import REPLACEMENT_VALUES
@@ -38,7 +38,7 @@
3838
MAX_WAIT_FOR_SYNCED_MINUTES = 1
3939

4040
@pytest.fixture
41-
def certificate_public():
41+
def certificate_public(request):
4242
certificate_name = random_suffix_name("certificate", 20)
4343
domain_name = "example.com"
4444

@@ -47,7 +47,7 @@ def certificate_public():
4747
replacements['DOMAIN_NAME'] = domain_name
4848

4949
resource_data = load_resource(
50-
"certificate_public",
50+
request.param,
5151
additional_replacements=replacements,
5252
)
5353

@@ -78,6 +78,7 @@ def certificate_public():
7878
@service_marker
7979
@pytest.mark.canary
8080
class TestCertificate:
81+
@pytest.mark.parametrize('certificate_public', ['certificate_public'], indirect=True)
8182
def test_crud_public(
8283
self,
8384
certificate_public,
@@ -172,4 +173,20 @@ def test_crud_public(
172173

173174
k8s.delete_custom_resource(ref)
174175
time.sleep(DELETE_WAIT_AFTER_SECONDS)
175-
certificate.wait_until_deleted(certificate_arn)
176+
certificate.wait_until_deleted(certificate_arn)
177+
178+
@pytest.mark.parametrize('certificate_public', ['certificate_public_invalid'], indirect=True)
179+
def test_invalid(
180+
self,
181+
certificate_public,
182+
):
183+
(ref, cr) = certificate_public
184+
assert 'status' in cr
185+
186+
cond = k8s.get_resource_condition(ref, condition.CONDITION_TYPE_TERMINAL)
187+
assert cond is not None
188+
assert cond == {
189+
'message': 'Too many domain validation errors',
190+
'status': 'True',
191+
'type': condition.CONDITION_TYPE_TERMINAL,
192+
}

0 commit comments

Comments
 (0)