From 1ce800eaf174321e84d322a1ad87b9ddc8be97e6 Mon Sep 17 00:00:00 2001 From: mstein11 Date: Thu, 1 Aug 2024 16:23:59 +0200 Subject: [PATCH] Fix bug in cert manager config (#15434) * add test to cover cert manager config edge case * fix edge case bug in cert manager config --- .../certificate/config/cert_manager.go | 6 ++-- .../certificate/config/cert_manager_test.go | 32 ++++++++++++++++++- 2 files changed, 34 insertions(+), 4 deletions(-) diff --git a/pkg/reconciler/certificate/config/cert_manager.go b/pkg/reconciler/certificate/config/cert_manager.go index a00b5c6beb8a..158f4b51e347 100644 --- a/pkg/reconciler/certificate/config/cert_manager.go +++ b/pkg/reconciler/certificate/config/cert_manager.go @@ -51,9 +51,9 @@ type CertManagerConfig struct { func NewCertManagerConfigFromConfigMap(configMap *corev1.ConfigMap) (*CertManagerConfig, error) { // Use Knative self-signed ClusterIssuer as default config := &CertManagerConfig{ - IssuerRef: knativeSelfSignedIssuer, - ClusterLocalIssuerRef: knativeSelfSignedIssuer, - SystemInternalIssuerRef: knativeSelfSignedIssuer, + IssuerRef: knativeSelfSignedIssuer.DeepCopy(), + ClusterLocalIssuerRef: knativeSelfSignedIssuer.DeepCopy(), + SystemInternalIssuerRef: knativeSelfSignedIssuer.DeepCopy(), } if v, ok := configMap.Data[issuerRefKey]; ok { diff --git a/pkg/reconciler/certificate/config/cert_manager_test.go b/pkg/reconciler/certificate/config/cert_manager_test.go index 709d412d8b7d..d6d58f56c464 100644 --- a/pkg/reconciler/certificate/config/cert_manager_test.go +++ b/pkg/reconciler/certificate/config/cert_manager_test.go @@ -112,6 +112,32 @@ func TestIssuerRef(t *testing.T) { Kind: "ClusterIssuer", }, }, + config: &corev1.ConfigMap{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: system.Namespace(), + Name: CertManagerConfigName, + }, + Data: map[string]string{ + systemInternalIssuerRef: "kind: ClusterIssuer\nname: system-internal-issuer", + }, + }, + }, { + name: "all issuer valid", + wantErr: false, + wantConfig: &CertManagerConfig{ + IssuerRef: &cmmeta.ObjectReference{ + Name: "letsencrypt-issuer", + Kind: "ClusterIssuer", + }, + ClusterLocalIssuerRef: &cmmeta.ObjectReference{ + Name: "system-internal-issuer", + Kind: "ClusterIssuer", + }, + SystemInternalIssuerRef: &cmmeta.ObjectReference{ + Name: "system-internal-issuer", + Kind: "ClusterIssuer", + }, + }, config: &corev1.ConfigMap{ ObjectMeta: metav1.ObjectMeta{ Namespace: system.Namespace(), @@ -119,6 +145,8 @@ func TestIssuerRef(t *testing.T) { }, Data: map[string]string{ clusterLocalIssuerRefKey: "kind: ClusterIssuer\nname: system-internal-issuer", + systemInternalIssuerRef: "kind: ClusterIssuer\nname: system-internal-issuer", + issuerRefKey: "kind: ClusterIssuer\nname: letsencrypt-issuer", }, }, }} @@ -129,7 +157,9 @@ func TestIssuerRef(t *testing.T) { if (err != nil) != tt.wantErr { t.Fatalf("Test: %q; NewCertManagerConfigFromConfigMap() error = %v, WantErr %v", tt.name, err, tt.wantErr) } - if diff := cmp.Diff(actualConfig, tt.wantConfig); diff != "" { + + if !cmp.Equal(actualConfig, tt.wantConfig) { + t.Log(cmp.Diff(actualConfig, tt.wantConfig)) t.Fatalf("Want %v, but got %v", tt.wantConfig, actualConfig) } })