(t *testing.T)
| 234 | } |
| 235 | |
| 236 | func TestMergeACMEIssuers(t *testing.T) { |
| 237 | base := &caddytls.ACMEIssuer{ |
| 238 | Email: "ops@example.com", |
| 239 | Challenges: &caddytls.ChallengesConfig{ |
| 240 | HTTP: &caddytls.HTTPChallengeConfig{ |
| 241 | AlternatePort: 8080, |
| 242 | }, |
| 243 | TLSALPN: &caddytls.TLSALPNChallengeConfig{ |
| 244 | Disabled: true, |
| 245 | AlternatePort: 8443, |
| 246 | }, |
| 247 | DNS: &caddytls.DNSChallengeConfig{ |
| 248 | Resolvers: []string{"1.1.1.1"}, |
| 249 | OverrideDomain: "_acme-challenge.example.net", |
| 250 | }, |
| 251 | }, |
| 252 | TrustedRootsPEMFiles: []string{"global.pem"}, |
| 253 | } |
| 254 | overrides := &caddytls.ACMEIssuer{ |
| 255 | CA: "https://deglacme01.company.intern/acme/acme/directory", |
| 256 | Challenges: &caddytls.ChallengesConfig{ |
| 257 | HTTP: &caddytls.HTTPChallengeConfig{ |
| 258 | Disabled: true, |
| 259 | }, |
| 260 | DNS: &caddytls.DNSChallengeConfig{ |
| 261 | PropagationTimeout: caddy.Duration(time.Minute), |
| 262 | }, |
| 263 | }, |
| 264 | TrustedRootsPEMFiles: []string{"site.pem"}, |
| 265 | } |
| 266 | |
| 267 | merged := mergeACMEIssuers(base, overrides) |
| 268 | if merged.CA != overrides.CA { |
| 269 | t.Fatalf("expected merged CA %q, got %q", overrides.CA, merged.CA) |
| 270 | } |
| 271 | if merged.Email != base.Email { |
| 272 | t.Fatalf("expected merged email %q, got %q", base.Email, merged.Email) |
| 273 | } |
| 274 | if len(merged.TrustedRootsPEMFiles) != 2 || merged.TrustedRootsPEMFiles[0] != "global.pem" || merged.TrustedRootsPEMFiles[1] != "site.pem" { |
| 275 | t.Fatalf("expected merged roots [global.pem site.pem], got %v", merged.TrustedRootsPEMFiles) |
| 276 | } |
| 277 | if merged.Challenges == nil || merged.Challenges.HTTP == nil || !merged.Challenges.HTTP.Disabled || merged.Challenges.HTTP.AlternatePort != 8080 { |
| 278 | t.Fatalf("expected merged HTTP challenge config to preserve alternate port and apply disable flag, got %#v", merged.Challenges) |
| 279 | } |
| 280 | if merged.Challenges.TLSALPN == nil || !merged.Challenges.TLSALPN.Disabled || merged.Challenges.TLSALPN.AlternatePort != 8443 { |
| 281 | t.Fatalf("expected merged TLS-ALPN challenge config to preserve global settings, got %#v", merged.Challenges) |
| 282 | } |
| 283 | if merged.Challenges.DNS == nil || merged.Challenges.DNS.PropagationTimeout != caddy.Duration(time.Minute) || len(merged.Challenges.DNS.Resolvers) != 1 || merged.Challenges.DNS.Resolvers[0] != "1.1.1.1" || merged.Challenges.DNS.OverrideDomain != "_acme-challenge.example.net" { |
| 284 | t.Fatalf("expected merged DNS challenge config to preserve global values and apply overrides, got %#v", merged.Challenges) |
| 285 | } |
| 286 | |
| 287 | if base.CA != "" { |
| 288 | t.Fatalf("expected base issuer to remain unchanged, got CA %q", base.CA) |
| 289 | } |
| 290 | if len(base.TrustedRootsPEMFiles) != 1 || base.TrustedRootsPEMFiles[0] != "global.pem" { |
| 291 | t.Fatalf("expected base roots to remain unchanged, got %v", base.TrustedRootsPEMFiles) |
| 292 | } |
| 293 | } |
nothing calls this directly
no test coverage detected