Skip to content
This repository was archived by the owner on Jan 23, 2026. It is now read-only.

Commit 4ec8941

Browse files
mangelajoNickCao
mangelajo
authored and
NickCao
committed
Test --insecure-tls-config flag
(cherry picked from commit 8a12767)
1 parent 9cd87a6 commit 4ec8941

2 files changed

Lines changed: 135 additions & 0 deletions

File tree

packages/jumpstarter-cli-admin/jumpstarter_cli_admin/create_test.py

Lines changed: 71 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,7 @@
1818
from jumpstarter.config.client import ClientConfigV1Alpha1, ClientConfigV1Alpha1Drivers
1919
from jumpstarter.config.common import ObjectMeta
2020
from jumpstarter.config.exporter import ExporterConfigV1Alpha1
21+
from jumpstarter.config.tls import TLSConfigV1Alpha1
2122

2223
# Generate a random client name
2324
CLIENT_NAME = uuid.uuid4().hex
@@ -83,6 +84,15 @@
8384
drivers=ClientConfigV1Alpha1Drivers(allow=[], unsafe=True),
8485
)
8586

87+
INSECURE_TLS_CLIENT_CONFIG = ClientConfigV1Alpha1(
88+
alias=CLIENT_NAME,
89+
metadata=ObjectMeta(namespace="default", name=CLIENT_NAME),
90+
endpoint=CLIENT_ENDPOINT,
91+
token=CLIENT_TOKEN,
92+
tls=TLSConfigV1Alpha1(insecure=True),
93+
drivers=ClientConfigV1Alpha1Drivers(allow=[], unsafe=True),
94+
)
95+
8696

8797
@pytest.mark.anyio
8898
@patch.object(ClientConfigV1Alpha1, "save")
@@ -103,6 +113,33 @@ async def test_create_client(
103113
mock_save_client.assert_not_called()
104114
mock_save_client.reset_mock()
105115

116+
# Insecure TLS config is returned
117+
mock_get_client_config.return_value = INSECURE_TLS_CLIENT_CONFIG
118+
119+
# Save with prompts accept insecure = Y, save = Y, unsafe = Y
120+
result = await runner.invoke(create, ["client", "--insecure-tls-config", CLIENT_NAME], input="Y\nY\nY\n")
121+
assert result.exit_code == 0
122+
assert "Client configuration successfully saved" in result.output
123+
mock_save_client.assert_called_once_with(INSECURE_TLS_CLIENT_CONFIG, None)
124+
mock_save_client.reset_mock()
125+
126+
# Save no interactive and insecure tls
127+
result = await runner.invoke(
128+
create, ["client", "--insecure-tls-config", "--unsafe", "--save", "--nointeractive", CLIENT_NAME]
129+
)
130+
assert result.exit_code == 0
131+
assert "Client configuration successfully saved" in result.output
132+
mock_save_client.assert_called_once_with(INSECURE_TLS_CLIENT_CONFIG, None)
133+
mock_save_client.reset_mock()
134+
135+
# Insecure TLS config is returned
136+
mock_get_client_config.return_value = INSECURE_TLS_CLIENT_CONFIG
137+
138+
# Save with prompts accept insecure = N
139+
result = await runner.invoke(create, ["client", "--insecure-tls-config", CLIENT_NAME], input="n\n")
140+
assert result.exit_code == 1
141+
assert "Aborted" in result.output
142+
106143
# Unsafe client config is returned
107144
mock_get_client_config.return_value = UNSAFE_CLIENT_CONFIG
108145

@@ -222,6 +259,14 @@ async def test_create_client(
222259
token=EXPORTER_TOKEN,
223260
)
224261

262+
INSECURE_TLS_EXPORTER_CONFIG = ExporterConfigV1Alpha1(
263+
alias=EXPORTER_NAME,
264+
metadata=ObjectMeta(namespace="default", name=EXPORTER_NAME),
265+
endpoint=EXPORTER_ENDPOINT,
266+
token=EXPORTER_TOKEN,
267+
tls=TLSConfigV1Alpha1(insecure=True),
268+
)
269+
225270

226271
@pytest.mark.anyio
227272
@patch.object(ExporterConfigV1Alpha1, "save")
@@ -242,6 +287,32 @@ async def test_create_exporter(
242287
save_exporter_mock.assert_not_called()
243288
save_exporter_mock.reset_mock()
244289

290+
# Insecure TLS config is returned
291+
_get_exporter_config_mock.return_value = INSECURE_TLS_EXPORTER_CONFIG
292+
# Save with prompts accept insecure = Y, save = Y
293+
result = await runner.invoke(create, ["exporter", "--insecure-tls-config", EXPORTER_NAME], input="Y\nY\n")
294+
assert result.exit_code == 0
295+
assert "Exporter configuration successfully saved" in result.output
296+
save_exporter_mock.assert_called_once_with(INSECURE_TLS_EXPORTER_CONFIG, None)
297+
save_exporter_mock.reset_mock()
298+
299+
_get_exporter_config_mock.return_value = INSECURE_TLS_EXPORTER_CONFIG
300+
# Save with prompts accept no interactive
301+
result = await runner.invoke(
302+
create, ["exporter", "--insecure-tls-config", "--nointeractive", "--save", EXPORTER_NAME]
303+
)
304+
assert result.exit_code == 0
305+
assert "Exporter configuration successfully saved" in result.output
306+
save_exporter_mock.assert_called_once_with(INSECURE_TLS_EXPORTER_CONFIG, None)
307+
save_exporter_mock.reset_mock()
308+
309+
# Insecure TLS config is returned
310+
_get_exporter_config_mock.return_value = INSECURE_TLS_EXPORTER_CONFIG
311+
# Save with prompts accept insecure = N
312+
result = await runner.invoke(create, ["exporter", "--insecure-tls-config", EXPORTER_NAME], input="n\n")
313+
assert result.exit_code == 1
314+
assert "Aborted" in result.output
315+
245316
# Save with prompts
246317
result = await runner.invoke(create, ["exporter", EXPORTER_NAME], input="Y\n")
247318
assert result.exit_code == 0

packages/jumpstarter-cli-admin/jumpstarter_cli_admin/import_res_test.py

Lines changed: 64 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,7 @@
1313
from jumpstarter.config.client import ClientConfigV1Alpha1, ClientConfigV1Alpha1Drivers
1414
from jumpstarter.config.common import ObjectMeta
1515
from jumpstarter.config.exporter import ExporterConfigV1Alpha1
16+
from jumpstarter.config.tls import TLSConfigV1Alpha1
1617

1718
# Generate a random client name
1819
CLIENT_NAME = uuid.uuid4().hex
@@ -34,6 +35,14 @@
3435
token=CLIENT_TOKEN,
3536
drivers=ClientConfigV1Alpha1Drivers(allow=[DRIVER_NAME], unsafe=False),
3637
)
38+
INSECURE_TLS_CLIENT_CONFIG = ClientConfigV1Alpha1(
39+
alias=CLIENT_NAME,
40+
metadata=ObjectMeta(namespace="default", name=CLIENT_NAME),
41+
endpoint=CLIENT_ENDPOINT,
42+
token=CLIENT_TOKEN,
43+
tls=TLSConfigV1Alpha1(insecure=True),
44+
drivers=ClientConfigV1Alpha1Drivers(allow=[], unsafe=True),
45+
)
3746

3847

3948
@pytest.mark.anyio
@@ -60,6 +69,34 @@ async def test_import_client(_load_kube_config_mock, get_client_config_mock: Asy
6069
save_client_config_mock.assert_called_once_with(UNSAFE_CLIENT_CONFIG, None)
6170
save_client_config_mock.reset_mock()
6271

72+
# Test insecure TLS config
73+
get_client_config_mock.return_value = INSECURE_TLS_CLIENT_CONFIG
74+
75+
# Save with prompts accept insecure = Y
76+
result = await runner.invoke(import_res, ["client", CLIENT_NAME, "--insecure-tls-config"], input="Y\nY\n")
77+
assert result.exit_code == 0
78+
assert "Client configuration successfully saved" in result.output
79+
save_client_config_mock.assert_called_once_with(INSECURE_TLS_CLIENT_CONFIG, None)
80+
save_client_config_mock.reset_mock()
81+
82+
# Save with prompts no interactive prompts and insecure tls cert
83+
result = await runner.invoke(import_res, ["client", CLIENT_NAME, "--nointeractive", "--insecure-tls-config"])
84+
assert result.exit_code == 0
85+
assert "Client configuration successfully saved" in result.output
86+
save_client_config_mock.assert_called_once_with(INSECURE_TLS_CLIENT_CONFIG, None)
87+
save_client_config_mock.reset_mock()
88+
89+
90+
# Save with prompts accept insecure = N
91+
result = await runner.invoke(import_res, ["client", CLIENT_NAME, "--insecure-tls-config"], input="n\n")
92+
assert result.exit_code == 1
93+
assert "Aborted" in result.output
94+
save_client_config_mock.assert_not_called()
95+
save_client_config_mock.reset_mock()
96+
97+
# Reset mock for subsequent tests
98+
get_client_config_mock.return_value = UNSAFE_CLIENT_CONFIG
99+
63100
# Save with custom out file
64101
out = f"/tmp/{CLIENT_NAME}.yaml"
65102
result = await runner.invoke(import_res, ["client", CLIENT_NAME, "--unsafe", "--out", out])
@@ -108,6 +145,13 @@ async def test_import_client(_load_kube_config_mock, get_client_config_mock: Asy
108145
endpoint=EXPORTER_ENDPOINT,
109146
token=EXPORTER_TOKEN,
110147
)
148+
INSECURE_TLS_EXPORTER_CONFIG = ExporterConfigV1Alpha1(
149+
alias=EXPORTER_NAME,
150+
metadata=ObjectMeta(namespace="default", name=EXPORTER_NAME),
151+
endpoint=EXPORTER_ENDPOINT,
152+
token=EXPORTER_TOKEN,
153+
tls=TLSConfigV1Alpha1(insecure=True),
154+
)
111155

112156

113157
@pytest.mark.anyio
@@ -124,6 +168,26 @@ async def test_import_exporter(_load_kube_config_mock, _get_exporter_config_mock
124168
save_exporter_config_mock.assert_called_with(EXPORTER_CONFIG, None)
125169
save_exporter_config_mock.reset_mock()
126170

171+
# Test insecure TLS config
172+
_get_exporter_config_mock.return_value = INSECURE_TLS_EXPORTER_CONFIG
173+
174+
# Save with prompts accept insecure = Y
175+
result = await runner.invoke(import_res, ["exporter", EXPORTER_NAME, "--insecure-tls-config"], input="Y\n")
176+
assert result.exit_code == 0
177+
assert "Exporter configuration successfully saved" in result.output
178+
save_exporter_config_mock.assert_called_once_with(INSECURE_TLS_EXPORTER_CONFIG, None)
179+
save_exporter_config_mock.reset_mock()
180+
181+
# Save with prompts accept insecure = N
182+
result = await runner.invoke(import_res, ["exporter", EXPORTER_NAME, "--insecure-tls-config"], input="n\n")
183+
assert result.exit_code == 1
184+
assert "Aborted" in result.output
185+
save_exporter_config_mock.assert_not_called()
186+
save_exporter_config_mock.reset_mock()
187+
188+
# Reset mock for subsequent tests
189+
_get_exporter_config_mock.return_value = EXPORTER_CONFIG
190+
127191
# Save with custom out file
128192
out = f"/tmp/{EXPORTER_NAME}.yaml"
129193
result = await runner.invoke(import_res, ["exporter", EXPORTER_NAME, "--out", out])

0 commit comments

Comments
 (0)