-
Notifications
You must be signed in to change notification settings - Fork 103
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
datasource/tls_certificate: TestAccDataSourceCertificate_BadSSL test failures #516
Closed
1 task done
Labels
Comments
bflad
changed the title
data/tls_certificate: TestAccDataSourceCertificate_BadSSL test failures
datasource/tls_certificate: TestAccDataSourceCertificate_BadSSL test failures
May 17, 2024
bflad
added a commit
that referenced
this issue
May 17, 2024
…verify failure testing Reference: #516 Previously (likely due to external SSL certificate rotation): ``` === RUN TestAccDataSourceCertificate_BadSSL data_source_certificate_test.go:166: Step 2/2 error: Check failed: Check 14/14 error: data.tls_certificate.test: Attribute 'certificates.1.sha1_fingerprint' expected "6922cd864f3c6299f6e751a019e5ddcdbc415a71", got "eede8b066561000952c3e599d4873eed75512a3b" --- FAIL: TestAccDataSourceCertificate_BadSSL (0.64s) ``` The goal of this test is to ensure the data source returns an error if there is an invalid SSL certificate chain, which can be accomplished by running a local TLS server with expired or otherwise invalid SSL certificate. There still is one external, real-world URL test with `TestAccDataSourceCertificate_TerraformIO`. It seems important to ensure there is one valid URL test for complete coverage though. If that test becomes a regular problem, a local TLS server could potentially be spun up with a valid SSL certificate via Let's Encrypt or something, however that effort is not being prioritized at the moment.
bflad
added a commit
that referenced
this issue
May 17, 2024
…verify failure testing (#517) Reference: #516 Previously (likely due to external SSL certificate rotation): ``` === RUN TestAccDataSourceCertificate_BadSSL data_source_certificate_test.go:166: Step 2/2 error: Check failed: Check 14/14 error: data.tls_certificate.test: Attribute 'certificates.1.sha1_fingerprint' expected "6922cd864f3c6299f6e751a019e5ddcdbc415a71", got "eede8b066561000952c3e599d4873eed75512a3b" --- FAIL: TestAccDataSourceCertificate_BadSSL (0.64s) ``` The goal of this test is to ensure the data source returns an error if there is an invalid SSL certificate chain, which can be accomplished by running a local TLS server with expired or otherwise invalid SSL certificate. There still is one external, real-world URL test with `TestAccDataSourceCertificate_TerraformIO`. It seems important to ensure there is one valid URL test for complete coverage though. If that test becomes a regular problem, a local TLS server could potentially be spun up with a valid SSL certificate via Let's Encrypt or something, however that effort is not being prioritized at the moment.
Closed
1 task
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Terraform CLI and Provider Versions
N/A and
main
Terraform Configuration
Expected Behavior
Acceptance test passes without modification over time.
Actual Behavior
Steps to Reproduce
terraform apply
How much impact is this issue causing?
Low
Logs
No response
Additional Information
The acceptance test already notes that this value is expected to change over time (presumably when the external SSL certificate is rotated).
Code of Conduct
The text was updated successfully, but these errors were encountered: