Skip to content

Commit d0e33eb

Browse files
zirainzirain
committed
nit
Signed-off-by: zirain <zirain2009@gmail.com>
1 parent f50407f commit d0e33eb

File tree

1 file changed

+0
-48
lines changed

1 file changed

+0
-48
lines changed

test/e2e/tests/client_mtls.go

Lines changed: 0 additions & 48 deletions
Original file line numberDiff line numberDiff line change
@@ -36,54 +36,6 @@ var ClientMTLSTest = suite.ConformanceTest{
3636
Description: "Use Gateway with Client MTLS policy",
3737
Manifests: []string{"testdata/client-mtls.yaml"},
3838
Test: func(t *testing.T, suite *suite.ConformanceTestSuite) {
39-
t.Run("Client MTLS with ClusterTrustBundle", func(t *testing.T) {
40-
if !EnabledClusterTrustBundle() {
41-
t.Skipf("Skipping test as ClusterTrustBundle is not enabled")
42-
}
43-
44-
depNS := "envoy-gateway-system"
45-
ns := "gateway-conformance-infra"
46-
routeNN := types.NamespacedName{Name: "client-mtls-clustertrustbundle", Namespace: ns}
47-
gwNN := types.NamespacedName{Name: "client-mtls-clustertrustbundle", Namespace: ns}
48-
gwAddr := kubernetes.GatewayAndHTTPRoutesMustBeAccepted(t, suite.Client, suite.TimeoutConfig, suite.ControllerName, kubernetes.NewGatewayRef(gwNN), routeNN)
49-
kubernetes.NamespacesMustBeReady(t, suite.Client, suite.TimeoutConfig, []string{depNS})
50-
certNN := types.NamespacedName{Name: "client-example-com", Namespace: ns}
51-
52-
expected := http.ExpectedResponse{
53-
Request: http.Request{
54-
Host: "www.example.com",
55-
Path: "/cluster-trust-bundle",
56-
},
57-
ExpectedRequest: &http.ExpectedRequest{
58-
Request: http.Request{
59-
Host: "www.example.com",
60-
Path: "/cluster-trust-bundle",
61-
Headers: map[string]string{
62-
"X-Forwarded-Client-Cert": "Hash=42a13e4b02c8a6d2ae5bf2fdaa032e24fdbabbaa79b6017fd0db6c077e6999e0;Subject=\"O=example organization,CN=client.example.com\"",
63-
},
64-
},
65-
},
66-
Response: http.Response{
67-
StatusCode: 200,
68-
},
69-
Namespace: ns,
70-
}
71-
72-
req := http.MakeRequest(t, &expected, gwAddr, "HTTPS", "https")
73-
74-
// This test uses the same key/cert pair as both a client cert and server cert
75-
// Both backend and client treat the self-signed cert as a trusted CA
76-
cPem, keyPem, caPem, err := GetTLSSecret(suite.Client, certNN)
77-
if err != nil {
78-
t.Fatalf("unexpected error finding TLS secret: %v", err)
79-
}
80-
81-
combined := string(cPem) + "\n" + string(caPem)
82-
83-
WaitForConsistentMTLSResponse(t, suite.RoundTripper, req, expected, suite.TimeoutConfig.RequiredConsecutiveSuccesses, suite.TimeoutConfig.MaxTimeToConsistency,
84-
[]byte(combined), keyPem, "www.example.com")
85-
})
86-
8739
t.Run("Use Client MTLS", func(t *testing.T) {
8840
depNS := "envoy-gateway-system"
8941
ns := "gateway-conformance-infra"

0 commit comments

Comments
 (0)