Revert this test

letsencrypt · May 10, 2024 · bd2b4e2 · bd2b4e2
1 parent 70636a6
commit bd2b4e2
Showing 1 changed file with 39 additions and 88 deletions.
diff --git a/cmd/config_test.go b/cmd/config_test.go
@@ -1,14 +1,15 @@
 package cmd
 
 import (
+	"regexp"
+	"strings"
 	"testing"
 
 	"github.com/letsencrypt/boulder/metrics"
 	"github.com/letsencrypt/boulder/test"
 )
 
 func TestDBConfigURL(t *testing.T) {
-	t.Parallel()
 	tests := []struct {
 		conf     DBConfig
 		expected string
@@ -33,7 +34,6 @@ func TestDBConfigURL(t *testing.T) {
 }
 
 func TestPasswordConfig(t *testing.T) {
-	t.Parallel()
 	tests := []struct {
 		pc       PasswordConfig
 		expected string
@@ -50,99 +50,50 @@ func TestPasswordConfig(t *testing.T) {
 }
 
 func TestTLSConfigLoad(t *testing.T) {
-	t.Parallel()
 	null := "/dev/null"
 	nonExistent := "[nonexistent]"
-	cert := "../test/grpc-creds/rva.boulder/cert.pem"
-	key := "../test/grpc-creds/rva.boulder/key.pem"
-	caCertOne := "../test/grpc-creds/minica.pem"
-	caCertMultiple := "../test/grpc-creds/multiple-roots.pem"
-	caCertDuplicate := "../test/grpc-creds/duplicate-roots.pem"
+	cert := "../test/grpc-creds/creds-test/cert.pem"
+	key := "../test/grpc-creds/creds-test/key.pem"
+	caCert := "../test/grpc-creds/minica.pem"
 
 	testCases := []struct {
-		name                  string
-		expectedErrSubstr     string
-		expectedRootStoreSize int
-		expectedCipherSuites  []string
-		expectedClientAuth    string
-		testConf              TLSConfig
+		TLSConfig
+		want string
 	}{
-		{
-			name:              "Empty cert",
-			expectedErrSubstr: "nil CertFile in TLSConfig",
-			testConf:          TLSConfig{"", null, null},
-		},
-		{
-			name:              "Empty key",
-			expectedErrSubstr: "nil KeyFile in TLSConfig",
-			testConf:          TLSConfig{null, "", null},
-		},
-		{
-			name:              "Empty root",
-			expectedErrSubstr: "nil CACertFile",
-			testConf:          TLSConfig{null, null, ""},
-		},
-		{
-			name:              "Could not parse cert",
-			expectedErrSubstr: "failed to find any PEM data",
-			testConf:          TLSConfig{null, key, caCertOne},
-		},
-		{
-			name:              "Could not parse key",
-			expectedErrSubstr: "failed to find any PEM data",
-			testConf:          TLSConfig{cert, null, caCertOne},
-		},
-		{
-			name:              "Could not parse root",
-			expectedErrSubstr: "parsing CA certs",
-			testConf:          TLSConfig{cert, key, null},
-		},
-		{
-			name:              "Invalid cert location",
-			expectedErrSubstr: "no such file or directory",
-			testConf:          TLSConfig{nonExistent, key, caCertOne},
-		},
-		{
-			name:              "Invalid key location",
-			expectedErrSubstr: "no such file or directory",
-			testConf:          TLSConfig{cert, nonExistent, caCertOne},
-		},
-		{
-			name:              "Invalid root location",
-			expectedErrSubstr: "no such file or directory",
-			testConf:          TLSConfig{cert, key, nonExistent},
-		},
-		{
-			name:                  "Valid config with one root",
-			testConf:              TLSConfig{cert, key, caCertOne},
-			expectedRootStoreSize: 1,
-		},
-		{
-			name:                  "Valid config with two roots",
-			testConf:              TLSConfig{cert, key, caCertMultiple},
-			expectedRootStoreSize: 2,
-		},
-		{
-			name:                  "Valid config with duplicate roots",
-			testConf:              TLSConfig{cert, key, caCertDuplicate},
-			expectedRootStoreSize: 1,
-		},
+		{TLSConfig{"", null, null}, "nil CertFile in TLSConfig"},
+		{TLSConfig{null, "", null}, "nil KeyFile in TLSConfig"},
+		{TLSConfig{null, null, ""}, "nil CACertFile in TLSConfig"},
+		{TLSConfig{nonExistent, key, caCert}, "loading key pair.*no such file or directory"},
+		{TLSConfig{cert, nonExistent, caCert}, "loading key pair.*no such file or directory"},
+		{TLSConfig{cert, key, nonExistent}, "reading CA cert from.*no such file or directory"},
+		{TLSConfig{null, key, caCert}, "loading key pair.*failed to find any PEM data"},
+		{TLSConfig{cert, null, caCert}, "loading key pair.*failed to find any PEM data"},
+		{TLSConfig{cert, key, null}, "parsing CA certs"},
 	}
 	for _, tc := range testCases {
-		tc := tc
-		t.Run(tc.name, func(t *testing.T) {
-			t.Parallel()
-			conf, err := tc.testConf.Load(metrics.NoopRegisterer)
-			if tc.expectedErrSubstr == "" {
-				test.AssertNotError(t, err, "Should not have errored, but did")
-
-				// We are not using SystemCertPool, we are manually defining our
-				// own.
-				test.AssertEquals(t, len(conf.RootCAs.Subjects()), tc.expectedRootStoreSize)
-				test.AssertEquals(t, len(conf.ClientCAs.Subjects()), tc.expectedRootStoreSize)
-			} else {
-				test.AssertError(t, err, "Expected an error but received none")
-				test.AssertContains(t, err.Error(), tc.expectedErrSubstr)
+		var title [3]string
+		if tc.CertFile == "" {
+			title[0] = "nil"
+		} else {
+			title[0] = tc.CertFile
+		}
+		if tc.KeyFile == "" {
+			title[1] = "nil"
+		} else {
+			title[1] = tc.KeyFile
+		}
+		if tc.CACertFile == "" {
+			title[2] = "nil"
+		} else {
+			title[2] = tc.CACertFile
+		}
+		t.Run(strings.Join(title[:], "_"), func(t *testing.T) {
+			_, err := tc.TLSConfig.Load(metrics.NoopRegisterer)
+			if err == nil {
+				t.Errorf("got no error")
+			}
+			if matched, _ := regexp.MatchString(tc.want, err.Error()); !matched {
+				t.Errorf("got error %q, wanted %q", err, tc.want)
 			}
 		})
 	}