starred/godoxy
1
0
Fork 0
mirror of https://github.com/yusing/godoxy.git synced 2026-04-13 20:49:54 +02:00
Code Issues 18 Packages Projects Releases 10 Wiki Activity

fix(entrypoint): return nil map from compileInboundMTLSProfiles on error

Browse Source 
compileInboundMTLSProfiles now returns a nil map when compilation fails,
instead of a partially populated map alongside the error. This avoids
callers accidentally using incomplete state when err != nil.

Add TestCompileInboundMTLSProfilesReturnsNilMapOnError for a mixed ok/bad
profile map. Reformat fakeHTTPRoute stub methods in the test file.
This commit is contained in:
yusing
2026-04-13 16:44:48 +08:00
parent bb5725afe5
commit 2a6ad90b72
2 changed files with 25 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
internal/entrypoint/inbound_mtls.go
View File

@@ -33,7 +33,10 @@ func compileInboundMTLSProfiles(profiles map[string]types.InboundMTLSProfile) (m
compiled[name] = pool
}
return compiled, errs.Error()
if err := errs.Error(); err != nil {
return nil, err
}
return compiled, nil
}
func buildInboundMTLSCAPool(profile types.InboundMTLSProfile) (*x509.CertPool, error) {

30
internal/entrypoint/inbound_mtls_test.go
View File

@@ -80,15 +80,17 @@ func (r *fakeHTTPRoute) DisplayName() string { return r.name }
func (r *fakeHTTPRoute) ContainerInfo() *types.Container {
return nil
}
func (r *fakeHTTPRoute) GetAgent() *agentpool.Agent { return nil }
func (r *fakeHTTPRoute) IsDocker() bool { return false }
func (r *fakeHTTPRoute) IsAgent() bool { return false }
func (r *fakeHTTPRoute) UseLoadBalance() bool { return false }
func (r *fakeHTTPRoute) UseIdleWatcher() bool { return false }
func (r *fakeHTTPRoute) UseHealthCheck() bool { return false }
func (r *fakeHTTPRoute) UseAccessLog() bool { return false }
func (r *fakeHTTPRoute) ServeHTTP(http.ResponseWriter, *http.Request) {}
func (r *fakeHTTPRoute) InboundMTLSProfileRef() string { return r.inboundMTLSProfile }
func (r *fakeHTTPRoute) GetAgent() *agentpool.Agent { return nil }
func (r *fakeHTTPRoute) IsDocker() bool { return false }
func (r *fakeHTTPRoute) IsAgent() bool { return false }
func (r *fakeHTTPRoute) UseLoadBalance() bool { return false }
func (r *fakeHTTPRoute) UseIdleWatcher() bool { return false }
func (r *fakeHTTPRoute) UseHealthCheck() bool { return false }
func (r *fakeHTTPRoute) UseAccessLog() bool { return false }
func (r *fakeHTTPRoute) ServeHTTP(http.ResponseWriter, *http.Request) {
// no-op: test stub
}
func (r *fakeHTTPRoute) InboundMTLSProfileRef() string { return r.inboundMTLSProfile }
func newTestHTTPServer(t *testing.T, ep *Entrypoint) *httpServer {
t.Helper()
@@ -176,6 +178,16 @@ func TestSetInboundMTLSProfilesRejectsBadCAFile(t *testing.T) {
require.ErrorContains(t, err, "missing.pem")
}
func TestCompileInboundMTLSProfilesReturnsNilMapOnError(t *testing.T) {
compiled, err := compileInboundMTLSProfiles(map[string]types.InboundMTLSProfile{
"ok": {UseSystemCAs: true},
"bad": {CAFiles: []string{filepath.Join(t.TempDir(), "missing.pem")}},
})
require.Nil(t, compiled)
require.Error(t, err)
require.ErrorContains(t, err, "missing.pem")
}
func TestMutateServerTLSConfigRejectsUnknownRouteProfile(t *testing.T) {
ep := NewTestEntrypoint(t, nil)
ep.SetFindRouteDomains([]string{".example.com"})