Merge pull request #49 from AdlerFleurant/Fix_Issue_44

etsauer · web-flow · commit 3e5b6ade2df2 · 2019-07-09T13:25:31.000-04:00
Fix issue 44: Explicitly set passthrough route to failed
diff --git a/pkg/controller/route/route_controller.go b/pkg/controller/route/route_controller.go
@@ -135,7 +135,15 @@ func (r *ReconcileRoute) Reconcile(request reconcile.Request) (reconcile.Result,
 	if route.ObjectMeta.Annotations[r.config.General.Annotations.Status] == r.config.General.Annotations.NeedCertValue {
 		reqLogger.Info("Reconciling Route")
 
-		// Retreive cert from provider
+		if route.Spec.TLS.Termination == v1.TLSTerminationPassthrough {
+			route.ObjectMeta.Annotations[r.config.General.Annotations.Status] = "failed"
+			route.ObjectMeta.Annotations[r.config.General.Annotations.StatusReason] = "Certificate and key cannot be set on Passthrough route"
+
+			err = helpers.Apply(r.client, route)
+			return reconcile.Result{}, err
+		}
+
+		// Retrieve cert from provider
 		keyPair, err := helpers.GetCert(route.Spec.Host, r.provider, r.config.Provider.Ssl)
 		if err != nil {
 			route.ObjectMeta.Annotations[r.config.General.Annotations.Status] = "failed"
diff --git a/test/e2e/cert_test.go b/test/e2e/cert_test.go
@@ -85,6 +85,47 @@ func routeBasicTest(t *testing.T, f *framework.Framework, ctx *framework.TestCtx
 	return nil
 }
 
+func routePassthroughTest(t *testing.T, f *framework.Framework, ctx *framework.TestCtx) error {
+	namespace, err := ctx.GetNamespace()
+	if err != nil {
+		return fmt.Errorf("could not get namespace: %v", err)
+	}
+
+	exampleRoute := &routev1.Route{
+		TypeMeta: metav1.TypeMeta{
+			Kind:       "Route",
+			APIVersion: "route.openshift.io/v1",
+		},
+		ObjectMeta: metav1.ObjectMeta{
+			Name:      "route-passthrough",
+			Namespace: namespace,
+			Annotations: map[string]string{
+				"openshift.io/cert-ctl-status": "new",
+			},
+		},
+		Spec: routev1.RouteSpec{
+			Host: fmt.Sprintf("route-passthrough.%s.example.com", namespace),
+			TLS: &routev1.TLSConfig{
+				Termination: routev1.TLSTerminationPassthrough,
+			},
+			To: routev1.RouteTargetReference{
+				Kind: "Service",
+				Name: "myservice",
+			},
+		},
+	}
+
+	// use TestCtx's create helper to create the object and add a cleanup function for the new object
+	err = f.Client.Create(goctx.TODO(), exampleRoute, &framework.CleanupOptions{TestContext: ctx, Timeout: cleanupTimeout, RetryInterval: cleanupRetryInterval})
+	if err != nil {
+		return err
+	}
+
+	assert.Nil(t, waitForAnnotation(t, f, exampleRoute, "openshift.io/cert-ctl-status", "failed"))
+
+	return nil
+}
+
 func serviceP12Test(t *testing.T, f *framework.Framework, ctx *framework.TestCtx) error {
 	namespace, err := ctx.GetNamespace()
 	if err != nil {
@@ -245,6 +286,9 @@ func SetupCluster(t *testing.T) {
 	if err = routeBasicTest(t, f, ctx); err != nil {
 		t.Fatal(err)
 	}
+	if err = routePassthroughTest(t, f, ctx); err != nil {
+		t.Fatal(err)
+	}
 	if err = serviceBasicTest(t, f, ctx); err != nil {
 		t.Fatal("PEM Service", err)
 	}
