TestClientHandshakeBasedOnClusterName that by default (without switching modes), ClientHandshake does either tls or alts base on the cluster name in attributes.
(t *testing.T)
| 106 | // modes), ClientHandshake does either tls or alts base on the cluster name in |
| 107 | // attributes. |
| 108 | func (s) TestClientHandshakeBasedOnClusterName(t *testing.T) { |
| 109 | ctx, cancel := context.WithTimeout(context.Background(), defaultTestTimeout) |
| 110 | defer cancel() |
| 111 | defer overrideNewCredsFuncs()() |
| 112 | for bundleTyp, tc := range map[string]credentials.Bundle{ |
| 113 | "defaultCredsWithOptions": NewDefaultCredentialsWithOptions(DefaultCredentialsOptions{}), |
| 114 | "defaultCreds": NewDefaultCredentials(), |
| 115 | "computeCreds": NewComputeEngineCredentials(), |
| 116 | } { |
| 117 | tests := []struct { |
| 118 | name string |
| 119 | ctx context.Context |
| 120 | wantTyp string |
| 121 | }{ |
| 122 | { |
| 123 | name: "no cluster name", |
| 124 | ctx: ctx, |
| 125 | wantTyp: "tls", |
| 126 | }, |
| 127 | { |
| 128 | name: "with non-CFE cluster name", |
| 129 | ctx: icredentials.NewClientHandshakeInfoContext(ctx, credentials.ClientHandshakeInfo{ |
| 130 | Attributes: xds.SetXDSHandshakeClusterName(resolver.Address{}, "lalala").Attributes, |
| 131 | }), |
| 132 | // non-CFE backends should use alts. |
| 133 | wantTyp: "alts", |
| 134 | }, |
| 135 | { |
| 136 | name: "with CFE cluster name", |
| 137 | ctx: icredentials.NewClientHandshakeInfoContext(ctx, credentials.ClientHandshakeInfo{ |
| 138 | Attributes: xds.SetXDSHandshakeClusterName(resolver.Address{}, "google_cfe_bigtable.googleapis.com").Attributes, |
| 139 | }), |
| 140 | // CFE should use tls. |
| 141 | wantTyp: "tls", |
| 142 | }, |
| 143 | { |
| 144 | name: "with xdstp CFE cluster name", |
| 145 | ctx: icredentials.NewClientHandshakeInfoContext(ctx, credentials.ClientHandshakeInfo{ |
| 146 | Attributes: xds.SetXDSHandshakeClusterName(resolver.Address{}, "xdstp://traffic-director-c2p.xds.googleapis.com/envoy.config.cluster.v3.Cluster/google_cfe_bigtable.googleapis.com").Attributes, |
| 147 | }), |
| 148 | // CFE should use tls. |
| 149 | wantTyp: "tls", |
| 150 | }, |
| 151 | { |
| 152 | name: "with xdstp non-CFE cluster name", |
| 153 | ctx: icredentials.NewClientHandshakeInfoContext(ctx, credentials.ClientHandshakeInfo{ |
| 154 | Attributes: xds.SetXDSHandshakeClusterName(resolver.Address{}, "xdstp://other.com/envoy.config.cluster.v3.Cluster/google_cfe_bigtable.googleapis.com").Attributes, |
| 155 | }), |
| 156 | // non-CFE should use atls. |
| 157 | wantTyp: "alts", |
| 158 | }, |
| 159 | } |
| 160 | for _, tt := range tests { |
| 161 | t.Run(bundleTyp+" "+tt.name, func(t *testing.T) { |
| 162 | _, info, err := tc.TransportCredentials().ClientHandshake(tt.ctx, "", nil) |
| 163 | if err != nil { |
| 164 | t.Fatalf("ClientHandshake failed: %v", err) |
| 165 | } |
nothing calls this directly
no test coverage detected