@@ -290,13 +290,32 @@ func TestHelmRepositoryReconciler_reconcileSource(t *testing.T) {
290
290
name string
291
291
protocol string
292
292
server options
293
+ url string
293
294
secret * corev1.Secret
294
295
beforeFunc func (t * WithT , obj * sourcev1.HelmRepository , checksum string )
295
296
afterFunc func (t * WithT , obj * sourcev1.HelmRepository , artifact sourcev1.Artifact , chartRepo repository.ChartRepository )
296
297
want sreconcile.Result
297
298
wantErr bool
298
299
assertConditions []metav1.Condition
299
300
}{
301
+ {
302
+ name : "HTTPS with secretRef pointing to CA cert but public repo URL succeeds" ,
303
+ protocol : "http" ,
304
+ url : "https://stefanprodan.github.io/podinfo" ,
305
+ want : sreconcile .ResultSuccess ,
306
+ secret : & corev1.Secret {
307
+ ObjectMeta : metav1.ObjectMeta {
308
+ Name : "ca-file" ,
309
+ },
310
+ Data : map [string ][]byte {
311
+ "caFile" : tlsCA ,
312
+ },
313
+ },
314
+ assertConditions : []metav1.Condition {
315
+ * conditions .TrueCondition (sourcev1 .ArtifactOutdatedCondition , "NewRevision" , "new index revision" ),
316
+ * conditions .TrueCondition (meta .ReconcilingCondition , "NewRevision" , "new index revision" ),
317
+ },
318
+ },
300
319
{
301
320
name : "HTTP without secretRef makes ArtifactOutdated=True" ,
302
321
protocol : "http" ,
@@ -565,10 +584,16 @@ func TestHelmRepositoryReconciler_reconcileSource(t *testing.T) {
565
584
server .Start ()
566
585
defer server .Stop ()
567
586
obj .Spec .URL = server .URL ()
587
+ if tt .url != "" {
588
+ obj .Spec .URL = tt .url
589
+ }
568
590
case "https" :
569
591
g .Expect (server .StartTLS (tt .server .publicKey , tt .server .privateKey , tt .server .ca , "example.com" )).To (Succeed ())
570
592
defer server .Stop ()
571
593
obj .Spec .URL = server .URL ()
594
+ if tt .url != "" {
595
+ obj .Spec .URL = tt .url
596
+ }
572
597
default :
573
598
t .Fatalf ("unsupported protocol %q" , tt .protocol )
574
599
}
@@ -596,7 +621,11 @@ func TestHelmRepositoryReconciler_reconcileSource(t *testing.T) {
596
621
validSecret = false
597
622
}
598
623
clientOpts = append (clientOpts , cOpts ... )
599
- tOpts , serr = getter .TLSClientConfigFromSecret (* secret , server .URL ())
624
+ repoURL := server .URL ()
625
+ if tt .url != "" {
626
+ repoURL = tt .url
627
+ }
628
+ tOpts , serr = getter .TLSClientConfigFromSecret (* secret , repoURL )
600
629
if serr != nil {
601
630
validSecret = false
602
631
}
0 commit comments