Skip to content

Commit

Permalink
Validate the Kubespawner secret is correctly encoded as base64
Browse files Browse the repository at this point in the history
  • Loading branch information
@manics
manics committed Mar 27, 2024
1 parent f99b98f commit d6502f7
Showing 1 changed file with 27 additions and 0 deletions.
27 changes: 27 additions & 0 deletions tests/test_spawner.py
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
import asyncio
import base64
import json
import os
from functools import partial
Expand Down Expand Up @@ -365,6 +366,32 @@ async def test_spawn_component_label(
await spawner.stop()


async def test_spawner_internal_ssl_secret(
ssl_app,
config,
):
spawner = KubeSpawner(
config=config,
# hub=hub_ssl,
user=MockUser(name="ssl"),
# api_token="abc123",
# oauth_client_id="unused",
internal_ssl=True,
internal_trust_bundles=ssl_app.internal_trust_bundles,
internal_certs_location=ssl_app.internal_certs_location,
_mock=True,
)
# initialize ssl config
hub_paths = await spawner.create_certs()

spawner.cert_paths = await spawner.move_certs(hub_paths)

# Validate that certificates were correctly encoded as base64
manifest = spawner.get_secret_manifest(None)
for _, secret in manifest.data.items():
base64.b64decode(secret, validate=True)


async def test_spawn_internal_ssl(
kube_ns,
kube_client,
Expand Down

0 comments on commit d6502f7

Please sign in to comment.