MCPcopy
hub / github.com/grpc/grpc-go / TestServerSideXDS_FileWatcherCerts

Method TestServerSideXDS_FileWatcherCerts

test/xds/xds_server_integration_test.go:239–312  ·  view source on GitHub ↗

TestServerSideXDS_FileWatcherCerts is an e2e test which verifies xDS credentials with file watcher certificate provider. The following sequence of events happen as part of this test: - An xDS-enabled gRPC server is created and xDS credentials are configured. - xDS is enabled on the client by the us

(t *testing.T)

Source from the content-addressed store, hash-verified

237// client and the server, pointing to the file watcher certificate provider.
238// We verify both TLS and mTLS scenarios.
239func (s) TestServerSideXDS_FileWatcherCerts(t *testing.T) {
240 tests := []struct {
241 name string
242 secLevel e2e.SecurityLevel
243 }{
244 {
245 name: "tls",
246 secLevel: e2e.SecurityLevelTLS,
247 },
248 {
249 name: "mtls",
250 secLevel: e2e.SecurityLevelMTLS,
251 },
252 }
253 for _, test := range tests {
254 t.Run(test.name, func(t *testing.T) {
255 managementServer, nodeID, bootstrapContents, xdsResolver := setup.ManagementServerAndResolver(t)
256 lis, cleanup2 := setupGRPCServer(t, bootstrapContents)
257 defer cleanup2()
258
259 // Grab the host and port of the server and create client side xDS
260 // resources corresponding to it.
261 host, port, err := hostPortFromListener(lis)
262 if err != nil {
263 t.Fatalf("failed to retrieve host and port of server: %v", err)
264 }
265
266 // Create xDS resources to be consumed on the client side. This
267 // includes the listener, route configuration, cluster (with
268 // security configuration) and endpoint resources.
269 serviceName := "my-service-file-watcher-certs-" + test.name
270 resources := e2e.DefaultClientResources(e2e.ResourceParams{
271 DialTarget: serviceName,
272 NodeID: nodeID,
273 Host: host,
274 Port: port,
275 SecLevel: test.secLevel,
276 })
277
278 // Create an inbound xDS listener resource for the server side that
279 // contains security configuration pointing to the file watcher
280 // plugin.
281 inboundLis := e2e.DefaultServerListener(host, port, test.secLevel, "routeName")
282 resources.Listeners = append(resources.Listeners, inboundLis)
283
284 // Setup the management server with client and server resources.
285 ctx, cancel := context.WithTimeout(context.Background(), defaultTestTimeout)
286 defer cancel()
287 if err := managementServer.Update(ctx, resources); err != nil {
288 t.Fatal(err)
289 }
290
291 // Create client-side xDS credentials with an insecure fallback.
292 creds, err := xdscreds.NewClientCredentials(xdscreds.ClientOptions{
293 FallbackCreds: insecure.NewCredentials(),
294 })
295 if err != nil {
296 t.Fatal(err)

Callers

nothing calls this directly

Calls 15

EmptyCallMethod · 0.95
DefaultClientResourcesFunction · 0.92
DefaultServerListenerFunction · 0.92
NewCredentialsFunction · 0.92
NewClientFunction · 0.92
WithTransportCredentialsFunction · 0.92
WithResolversFunction · 0.92
WaitForReadyFunction · 0.92
setupGRPCServerFunction · 0.85
hostPortFromListenerFunction · 0.70
FatalfMethod · 0.65

Tested by

no test coverage detected