mirror of
https://github.com/shankar0123/certctl.git
synced 2026-06-07 12:21:31 +00:00
shankar0123
e19c240a79
Standing TXT record at _validation-persist.<domain> eliminates per-renewal DNS updates. Auto-fallback to dns-01 if CA doesn't offer dns-persist-01. ScriptDNSSolver extended with PresentPersist method. Configurable via CERTCTL_ACME_CHALLENGE_TYPE=dns-persist-01 and CERTCTL_ACME_DNS_PERSIST_ISSUER_DOMAIN env vars. Also fixes IsExpired edge-case test in discovery_test.go that always failed due to time.Now() drift between test setup and method invocation. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
95 lines
2.3 KiB
Go
95 lines
2.3 KiB
Go
package domain
|
|
|
|
import (
|
|
"testing"
|
|
"time"
|
|
)
|
|
|
|
func TestIsValidDiscoveryStatus(t *testing.T) {
|
|
tests := []struct {
|
|
name string
|
|
status string
|
|
want bool
|
|
}{
|
|
{"Unmanaged", "Unmanaged", true},
|
|
{"Managed", "Managed", true},
|
|
{"Dismissed", "Dismissed", true},
|
|
{"empty string", "", false},
|
|
{"invalid status", "Unknown", false},
|
|
{"partial match", "Manage", false},
|
|
{"case sensitive", "unmanaged", false},
|
|
{"lowercase managed", "managed", false},
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
if got := IsValidDiscoveryStatus(tt.status); got != tt.want {
|
|
t.Errorf("IsValidDiscoveryStatus(%q) = %v, want %v", tt.status, got, tt.want)
|
|
}
|
|
})
|
|
}
|
|
}
|
|
|
|
func TestDiscoveredCertificate_IsExpired(t *testing.T) {
|
|
now := time.Now()
|
|
pastTime := now.AddDate(-1, 0, 0)
|
|
futureTime := now.AddDate(1, 0, 0)
|
|
|
|
tests := []struct {
|
|
name string
|
|
notAfter *time.Time
|
|
want bool
|
|
}{
|
|
{"expired certificate", &pastTime, true},
|
|
{"valid certificate", &futureTime, false},
|
|
{"nil NotAfter", nil, false},
|
|
{"expires at current time (edge case)", func() *time.Time { t := now.Add(1 * time.Second); return &t }(), false}, // 1s in future — Before() returns false
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
dc := &DiscoveredCertificate{
|
|
ID: "dcert-1",
|
|
NotAfter: tt.notAfter,
|
|
}
|
|
if got := dc.IsExpired(); got != tt.want {
|
|
t.Errorf("IsExpired() = %v, want %v", got, tt.want)
|
|
}
|
|
})
|
|
}
|
|
}
|
|
|
|
func TestDiscoveredCertificate_DaysUntilExpiry(t *testing.T) {
|
|
now := time.Now()
|
|
|
|
// Test with actual future times
|
|
thirtyDaysFromNow := now.AddDate(0, 0, 30)
|
|
oneDayFromNow := now.AddDate(0, 0, 1)
|
|
pastTime := now.AddDate(0, 0, -1)
|
|
|
|
testCases := []struct {
|
|
name string
|
|
notAfter *time.Time
|
|
wantMin int
|
|
wantMax int
|
|
}{
|
|
{"nil NotAfter", nil, -1, -1},
|
|
{"expires in 30 days", &thirtyDaysFromNow, 29, 31},
|
|
{"expires in 1 day", &oneDayFromNow, 0, 2},
|
|
{"already expired", &pastTime, -2, -1},
|
|
}
|
|
|
|
for _, tt := range testCases {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
dc := &DiscoveredCertificate{
|
|
ID: "dcert-2",
|
|
NotAfter: tt.notAfter,
|
|
}
|
|
got := dc.DaysUntilExpiry()
|
|
if got < tt.wantMin || got > tt.wantMax {
|
|
t.Errorf("DaysUntilExpiry() = %d, want between %d and %d", got, tt.wantMin, tt.wantMax)
|
|
}
|
|
})
|
|
}
|
|
}
|