github/zot
1
0
Fork 0
mirror of https://github.com/project-zot/zot.git synced 2026-06-18 05:28:07 +08:00
Code Issues Packages Projects Releases Wiki Activity

refactor: enhance TLS cert generation and refactor HTTP client architecture (#3638)

Browse Source 
- Refactored HTTP client from global cache to struct-based approach (global state was shared between tests, including what certificates to use)
- Enhanced pkg/test/tls to support ECDSA and ED25519 key types
- Replaced static certificate files with dynamic generation in golang tests
- Fixed test cleanup issues and improved resource management

This eliminates dependency on external cert generation scripts and
improves test maintainability.

Signed-off-by: Andrei Aaron <andreifdaaron@gmail.com>
This commit is contained in:
Andrei Aaron
2025-12-13 09:47:32 +02:00
committed by GitHub
parent 1447bb24b4
commit cf8b0bdbf9
22 changed files with 1590 additions and 554 deletions
Download Patch File Download Diff File Expand all files Collapse all files
pkg/api/authn_test.go
+18 -7
View File
@@ -2102,11 +2102,22 @@ func TestCookiestoreCleanup(t *testing.T) {
func TestCookieSecureFlag(t *testing.T) {
Convey("Test cookie Secure flag based on configuration", t, func() {
const (
serverCertPath = "../../test/data/server.cert"
serverKeyPath = "../../test/data/server.key"
caCertPath = "../../test/data/ca.crt"
)
// Generate certificates dynamically for the test
tempDir := t.TempDir()
caCert, caKey, err := tlsutils.GenerateCACert()
So(err, ShouldBeNil)
caCertPath := path.Join(tempDir, "ca.crt")
err = os.WriteFile(caCertPath, caCert, 0o600)
So(err, ShouldBeNil)
serverCertPath := path.Join(tempDir, "server.crt")
serverKeyPath := path.Join(tempDir, "server.key")
opts := &tlsutils.CertificateOptions{
Hostname: "127.0.0.1",
}
err = tlsutils.GenerateServerCertToFile(caCert, caKey, serverCertPath, serverKeyPath, opts)
So(err, ShouldBeNil)
mockOIDCServer, err := authutils.MockOIDCRun()
So(err, ShouldBeNil)
@@ -2116,11 +2127,12 @@ func TestCookieSecureFlag(t *testing.T) {
So(err, ShouldBeNil)
}()
mockOIDCConfig := mockOIDCServer.Config()
username, _ := test.GenerateRandomString()
password, _ := test.GenerateRandomString()
htpasswdPath := test.MakeHtpasswdFileFromString(t, test.GetBcryptCredString(username, password))
mockOIDCConfig := mockOIDCServer.Config()
defaultVal := true
Convey("Test with TLS configured - cookies should be Secure=true", func() {
@@ -2155,7 +2167,6 @@ func TestCookieSecureFlag(t *testing.T) {
ctlr.Config.Storage.RootDirectory = t.TempDir()
cm := test.NewControllerManager(ctlr)
cm.StartServer()
defer cm.StopServer()