Issue kubernetes-sigs#1579 TLSRoute Passthrough - golint fixup

candita · Jan 3, 2023 · c2db3c5 · c2db3c5
1 parent ab91a3f
commit c2db3c5
Show file tree

Hide file tree

Showing 4 changed files with 28 additions and 16 deletions.
diff --git a/conformance/tests/tlsroute-simple-same-namespace.go b/conformance/tests/tlsroute-simple-same-namespace.go
@@ -54,12 +54,12 @@ var TLSRouteSimpleSameNamespace = suite.ConformanceTest{
 		}
 		serverStr := string(hostnames[0])
 
-		cPem, kPem, err := GetTLSSecret(suite.Client, certNN)
+		cPem, keyPem, err := GetTLSSecret(suite.Client, certNN)
 		if err != nil {
 			t.Fatalf("unexpected error finding TLS secret: %v", err)
 		}
 		t.Run("Simple TLS request matching TLSRoute should reach infra-backend", func(t *testing.T) {
-			tls.MakeTLSRequestAndExpectEventuallyConsistentResponse(t, suite.RoundTripper, suite.TimeoutConfig, gwAddr, cPem, kPem, serverStr,
+			tls.MakeTLSRequestAndExpectEventuallyConsistentResponse(t, suite.RoundTripper, suite.TimeoutConfig, gwAddr, cPem, keyPem, serverStr,
 				http.ExpectedResponse{
 					Request:   http.Request{Host: serverStr, Path: "/"},
 					Backend:   "infra-backend-v4",

diff --git a/conformance/utils/kubernetes/helpers.go b/conformance/utils/kubernetes/helpers.go
@@ -435,9 +435,7 @@ func TLSRouteInfo(t *testing.T, client client.Client, timeoutConfig config.Timeo
 
 		return match, nil
 	})
-	if waitErr != nil {
-		fmt.Errorf("error waiting for TLSRoute to have parents matching expectations")
-	}
+	require.NoErrorf(t, waitErr, "error waiting for TLSRoute to have parents matching expectations")
 
 	return hostnames
 }

diff --git a/conformance/utils/roundtripper/roundtripper.go b/conformance/utils/roundtripper/roundtripper.go
@@ -22,11 +22,13 @@ import (
 	"crypto/x509"
 	"encoding/json"
 	"fmt"
-	"io/ioutil"
+	"io"
+	. "io/ioutil"
 	"net/http"
 	"net/http/httputil"
 	"net/url"
 	"regexp"
+
 	"sigs.k8s.io/gateway-api/conformance/utils/config"
 )
 
@@ -133,7 +135,12 @@ func (d *DefaultRoundTripper) CaptureRoundTrip(request Request) (*CapturedReques
 	if err != nil {
 		return nil, nil, err
 	}
-	defer resp.Body.Close()
+	defer func(Body io.ReadCloser) {
+		err := Body.Close()
+		if err != nil {
+
+		}
+	}(resp.Body)
 
 	if d.Debug {
 		var dump []byte
@@ -145,7 +152,7 @@ func (d *DefaultRoundTripper) CaptureRoundTrip(request Request) (*CapturedReques
 		fmt.Printf("Received Response:\n%s\n\n", formatDump(dump, "< "))
 	}
 
-	body, _ := ioutil.ReadAll(resp.Body)
+	body, _ := ReadAll(resp.Body)
 
 	// we cannot assume the response is JSON
 	if resp.Header.Get("Content-type") == "application/json" {
@@ -197,12 +204,12 @@ func IsRedirect(statusCode int) bool {
 // captured request and response from echoserver. An error will be returned if
 // there is an error running the function but not if an HTTP error status code
 // is received.
-func (d *DefaultRoundTripper) CaptureTLSRoundTrip(request Request, cPem, kPem []byte, server string) (*CapturedRequest, *CapturedResponse, error) {
+func (d *DefaultRoundTripper) CaptureTLSRoundTrip(request Request, cPem, keyPem []byte, server string) (*CapturedRequest, *CapturedResponse, error) {
 	cReq := &CapturedRequest{}
 	client := http.DefaultClient
 
 	// Create a certificate from the provided cert and key
-	cert, err := tls.X509KeyPair(cPem, kPem)
+	cert, err := tls.X509KeyPair(cPem, keyPem)
 	if err != nil {
 		return nil, nil, fmt.Errorf("unexpected error creating cert: %w", err)
 	}
@@ -223,6 +230,8 @@ func (d *DefaultRoundTripper) CaptureTLSRoundTrip(request Request, cPem, kPem []
 			Certificates: []tls.Certificate{cert},
 			ServerName:   server,
 			RootCAs:      certPool,
+			MinVersion:   tls.VersionTLS10,
+			MaxVersion:   tls.VersionTLS13,
 		},
 	}
 
@@ -261,7 +270,12 @@ func (d *DefaultRoundTripper) CaptureTLSRoundTrip(request Request, cPem, kPem []
 	if err != nil {
 		return nil, nil, err
 	}
-	defer resp.Body.Close()
+	defer func(Body io.ReadCloser) {
+		err := Body.Close()
+		if err != nil {
+
+		}
+	}(resp.Body)
 
 	if d.Debug {
 		var dump []byte
@@ -273,7 +287,7 @@ func (d *DefaultRoundTripper) CaptureTLSRoundTrip(request Request, cPem, kPem []
 		fmt.Printf("Received Response:\n%s\n\n", formatDump(dump, "< "))
 	}
 
-	body, _ := ioutil.ReadAll(resp.Body)
+	body, _ := ReadAll(resp.Body)
 
 	// we cannot assume the response is JSON
 	if resp.Header.Get("Content-type") == "application/json" {

diff --git a/conformance/utils/tls/tls.go b/conformance/utils/tls/tls.go
@@ -36,20 +36,20 @@ const requiredConsecutiveSuccesses = 3
 //
 // Once the request succeeds consistently with the response having the expected status code, make
 // additional assertions on the response body using the provided ExpectedResponse.
-func MakeTLSRequestAndExpectEventuallyConsistentResponse(t *testing.T, r roundtripper.RoundTripper, timeoutConfig config.TimeoutConfig, gwAddr string, cPem, kPem []byte, server string, expected http.ExpectedResponse) {
+func MakeTLSRequestAndExpectEventuallyConsistentResponse(t *testing.T, r roundtripper.RoundTripper, timeoutConfig config.TimeoutConfig, gwAddr string, cPem, keyPem []byte, server string, expected http.ExpectedResponse) {
 	t.Helper()
 
 	req := http.MakeRequest(t, &expected, gwAddr, "HTTPS", "https")
 
-	WaitForConsistentTLSResponse(t, r, req, expected, requiredConsecutiveSuccesses, timeoutConfig.MaxTimeToConsistency, cPem, kPem, server)
+	WaitForConsistentTLSResponse(t, r, req, expected, requiredConsecutiveSuccesses, timeoutConfig.MaxTimeToConsistency, cPem, keyPem, server)
 }
 
 // WaitForConsistentTLSResponse - repeats the provided request until it completes with a response having
 // the expected response consistently. The provided threshold determines how many times in
 // a row this must occur to be considered "consistent".
-func WaitForConsistentTLSResponse(t *testing.T, r roundtripper.RoundTripper, req roundtripper.Request, expected http.ExpectedResponse, threshold int, maxTimeToConsistency time.Duration, cPem, kPem []byte, server string) {
+func WaitForConsistentTLSResponse(t *testing.T, r roundtripper.RoundTripper, req roundtripper.Request, expected http.ExpectedResponse, threshold int, maxTimeToConsistency time.Duration, cPem, keyPem []byte, server string) {
 	http.AwaitConvergence(t, threshold, maxTimeToConsistency, func(elapsed time.Duration) bool {
-		cReq, cRes, err := r.CaptureTLSRoundTrip(req, cPem, kPem, server)
+		cReq, cRes, err := r.CaptureTLSRoundTrip(req, cPem, keyPem, server)
 		if err != nil {
 			t.Logf("Request failed, not ready yet: %v (after %v)", err.Error(), elapsed)
 			return false