Skip to content
Open
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
36 changes: 36 additions & 0 deletions test/extended/prometheus/prometheus.go
Original file line number Diff line number Diff line change
Expand Up @@ -214,6 +214,42 @@ var _ = g.Describe("[sig-instrumentation][Late] Platform Prometheus targets", fu
o.Expect(errs).To(o.BeEmpty())
})

g.It("should not skip TLS CA verification", func() {
g.By("fetching the Prometheus scrape configuration")
contents, err := helper.GetURLWithToken(helper.MustJoinUrlPath(prometheusURL, "api/v1/status/config"), bearerToken)
o.Expect(err).NotTo(o.HaveOccurred())

var configResp struct {
Data struct {
YAML string `json:"yaml"`
} `json:"data"`
}
err = json.Unmarshal([]byte(contents), &configResp)
o.Expect(err).NotTo(o.HaveOccurred())

var promConfig struct {
ScrapeConfigs []struct {
JobName string `json:"job_name"`
TLSConfig *struct {
InsecureSkipVerify bool `json:"insecure_skip_verify"`
} `json:"tls_config"`
} `json:"scrape_configs"`
}
err = yaml.Unmarshal([]byte(configResp.Data.YAML), &promConfig)
o.Expect(err).NotTo(o.HaveOccurred())
// sanity check.
o.Expect(len(promConfig.ScrapeConfigs)).To(o.BeNumerically(">=", 5), fmt.Sprintf("only got %d scrape configs, something is wrong", len(promConfig.ScrapeConfigs)))

g.By("checking that no scrape config has insecure_skip_verify set to true")
var errs []error
for _, sc := range promConfig.ScrapeConfigs {
if sc.TLSConfig != nil && sc.TLSConfig.InsecureSkipVerify {
errs = append(errs, fmt.Errorf("scrape config %q has insecure_skip_verify set to true", sc.JobName))
}
}
o.Expect(errs).To(o.BeEmpty())
})

})

var _ = g.Describe("[sig-instrumentation][Late] OpenShift alerting rules [apigroup:image.openshift.io]", func() {
Expand Down