ACME webhook conformance tests crashing with cert-manager 1.11.0 and 1.10.2 #5725
Description
Describe the bug:
After upgrading the Go dependency github.com/cert-manager/cert-manager from 1.10.1 to 1.10.2 or 1.11.0 in an ACME webhook the conformance tests are crashing.
The following output is generated by go test -v ./test:
=== RUN TestRunsSuite
fixture.go:120: unknown solver type: hetzner
--- FAIL: TestRunsSuite (2.88s)
panic: runtime error: invalid memory address or nil pointer dereference [recovered]
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x20 pc=0x172258b]
goroutine 24 [running]:
testing.tRunner.func1.2({0x1910820, 0x2b86230})
/usr/local/go/src/testing/testing.go:1396 +0x24e
testing.tRunner.func1()
/usr/local/go/src/testing/testing.go:1399 +0x39f
panic({0x1910820, 0x2b86230})
/usr/local/go/src/runtime/panic.go:884 +0x212
github.com/cert-manager/cert-manager/test/acme/dns.(*fixture).setup(0xc000125380, 0xc000417860)
/go/pkg/mod/github.com/cert-manager/cert-manager@v1.11.0/test/acme/dns/fixture.go:123 +0x42b
github.com/cert-manager/cert-manager/test/acme/dns.(*fixture).RunConformance(0xc000125380, 0x7?)
/go/pkg/mod/github.com/cert-manager/cert-manager@v1.11.0/test/acme/dns/fixture.go:134 +0x38
github.com/vadimkim/cert-manager-webhook-hetzner/test.TestRunsSuite(0x0?)
/workspace/test/main_test.go:32 +0x1bf
testing.tRunner(0xc000417860, 0x1c686d8)
/usr/local/go/src/testing/testing.go:1446 +0x10b
created by testing.(*T).Run
/usr/local/go/src/testing/testing.go:1493 +0x35f
FAIL github.com/vadimkim/cert-manager-webhook-hetzner/test 2.903s
FAIL
Expected behaviour:
ACME webhook tests which ran successfully with cert-manager 1.10.1 should also run successfully with 1.10.2 and 1.11.0
Steps to reproduce the bug:
- Update an ACME webhook to use cert-manager 1.10.2 or 1.11.0
- Adjust an ACME webhook conformance test to the new format in 1.10.2 / 1.11.0 by replacing the solver instance by its name
- Execute an ACME webhook conformance test.
package test
import (
"github.com/vadimkim/cert-manager-webhook-hetzner/internal"
"math/rand"
"os"
"testing"
"github.com/cert-manager/cert-manager/test/acme/dns"
)
var (
zone = os.Getenv("TEST_ZONE_NAME")
fqdn string
)
func TestRunsSuite(t *testing.T) {
fqdn = GetRandomString(20) + "." + zone
fixture := dns.NewFixture(
internal.SolverName,
dns.SetResolvedZone(zone),
dns.SetResolvedFQDN(fqdn),
dns.SetAllowAmbientCredentials(false),
dns.SetManifestPath("testdata/hetzner"),
)
fixture.RunConformance(t)
}Anything else we need to know?:
This is most pobably caused by the commits 8ed0faf in 1.11.0 and 14f72ba in 1.10.2.
The offending code is here: https://github.com/cert-manager/cert-manager/blob/v1.10.2/test/acme/dns/fixture.go#L104-L123
The changes those commits introduced prevent all but the RFC2136 solver to be tested.
Because the code does not abort in case an "invalid" solver name was given the testSolver is never set, but the execution continues.
Environment details::
- Kubernetes version: 1.26.0
- Cloud-provider/provisioner: n/a
- cert-manager version: 1.10.2 / 1.11.0
- Install method: Go module
/kind bug