Improve certificate attributes injections

testsuite/certificates/__init__.py

@@ -18,6 +18,7 @@ class CertInfo:
     hosts: Optional[Union[Collection[str], str]] = None
     ca: bool = False
     children: Optional[Dict[str, Optional["CertInfo"]]] = None
+    names: Optional[List[Dict[str, str]]] = None
 
 
 @dataclasses.dataclass
@@ -37,16 +38,6 @@ class UnsignedKey:
 
 class CFSSLClient:
     """Client for working with CFSSL library"""
-    DEFAULT_NAMES = [
-        {
-            "O": "Red Hat Inc.",
-            "OU": "IT",
-            "L": "San Francisco",
-            "ST": "California",
-            "C": "US",
-        }
-    ]
-
     def __init__(self, binary) -> None:
         super().__init__()
         self.binary = binary
@@ -124,16 +115,16 @@ def create_authority(self,
             :param names: dict of all names
             :param certificate_authority: Optional Authority to sign this new authority, making it intermediate
         """
-        names = names or self.DEFAULT_NAMES
         data = {
             "CN": common_name,
-            "names": names,
             "hosts": hosts,
             "key": {
                 "algo": "rsa",
                 "size": 4096
             },
         }
+        if names:
+            data["names"] = names  # type: ignore
 
         result = self._execute_command("genkey", "-initca", "-", stdin=json.dumps(data))
         key = UnsignedKey(key=result["key"], csr=result["csr"])
@@ -154,7 +145,6 @@ def create(self,
             :param names: Names field in the csr
             :param certificate_authority: Certificate Authority to be used for signing
         """
-        names = names or self.DEFAULT_NAMES
         key = self.generate_key(common_name, names, hosts)
         certificate = self.sign(key, certificate_authority=certificate_authority)
         return certificate

testsuite/tests/kuadrant/authorino/operator/tls/conftest.py

@@ -1,4 +1,5 @@
 """Conftest for all TLS-enabled tests"""
+from typing import Dict
 
 import pytest
 
@@ -8,12 +9,22 @@
 
 
 @pytest.fixture(scope="session")
-def certificates(cfssl, authorino_domain, wildcard_domain):
+def cert_attributes() -> Dict[str, str]:
+    """Certificate attributes"""
+    return dict(O="Red Hat Inc.",
+                OU="IT",
+                L="San Francisco",
+                ST="California",
+                C="US",)
+
+
+@pytest.fixture(scope="session")
+def certificates(cfssl, authorino_domain, wildcard_domain, cert_attributes):
     """Certificate hierarchy used for the tests"""
     chain = {
-        "envoy_ca": CertInfo(children={
+        "envoy_ca": CertInfo(names=[cert_attributes], children={
             "envoy_cert": None,
-            "valid_cert": None
+            "valid_cert": CertInfo(names=[cert_attributes])
         }),
         "authorino_ca": CertInfo(children={
             "authorino_cert": CertInfo(hosts=authorino_domain),

testsuite/utils.py

@@ -65,9 +65,11 @@ def cert_builder(cfssl: CFSSLClient, chain: dict, hosts: Union[str, Collection[s
             parsed_hosts = [parsed_hosts]  # type: ignore
 
         if info.ca or info.children:
-            cert = cfssl.create_authority(name, hosts=parsed_hosts, certificate_authority=parent)
+            cert = cfssl.create_authority(name, names=info.names,
+                                          hosts=parsed_hosts, certificate_authority=parent)
         else:
-            cert = cfssl.create(name, hosts=parsed_hosts, certificate_authority=parent)  # type: ignore
+            cert = cfssl.create(name, names=info.names,
+                                hosts=parsed_hosts, certificate_authority=parent)  # type: ignore
         cert.chain = cert.certificate + parent.chain if parent else cert.certificate  # type: ignore
         if info.children is not None:
             result.update(cert_builder(cfssl, info.children, parsed_hosts, cert))