feat(test): Add tests for certs and cert service

test/KubeOps.Operator.Web.Test/Builder/OperatorBuilderExtensions.Test.cs

@@ -1,8 +1,11 @@
-using FluentAssertions;
+using System.Xml.Linq;
+
+using FluentAssertions;
 
 using KubeOps.Abstractions.Builder;
 using KubeOps.Operator.Builder;
 using KubeOps.Operator.Web.Builder;
+using KubeOps.Operator.Web.Certificates;
 using KubeOps.Operator.Web.LocalTunnel;
 using KubeOps.Operator.Web.Webhooks;
 
@@ -11,9 +14,10 @@
 
 namespace KubeOps.Operator.Web.Test.Builder;
 
-public class OperatorBuilderExtensionsTest
+public class OperatorBuilderExtensionsTest : IDisposable
 {
     private readonly IOperatorBuilder _builder = new OperatorBuilder(new ServiceCollection(), new());
+    private readonly CertificateGenerator _certProvider = new(Environment.MachineName);
 
     [Fact]
     public void Should_Add_Development_Tunnel()
@@ -27,12 +31,38 @@ public void Should_Add_Development_Tunnel()
     }
 
     [Fact]
-    public void Should_Add_TunnelConfig()
+    public void Should_Add_WebhookConfig()
     {
         _builder.AddDevelopmentTunnel(1337, "my-host");
-
         _builder.Services.Should().Contain(s =>
             s.ServiceType == typeof(WebhookConfig) &&
             s.Lifetime == ServiceLifetime.Singleton);
     }
+
+    [Fact]
+    public void Should_Add_Webhook_Service()
+    {
+        _builder.UseCertificateProvider(12345, Environment.MachineName, _certProvider);
+
+        _builder.Services.Should().Contain(s =>
+            s.ServiceType == typeof(IHostedService) &&
+            s.ImplementationType == typeof(CertificateWebhookService) &&
+            s.Lifetime == ServiceLifetime.Singleton);
+    }
+
+    [Fact]
+    public void Should_Add_Certificate_Provider()
+    {
+        _builder.UseCertificateProvider(54321, Environment.MachineName, _certProvider);
+
+        _builder.Services.Should().Contain(s => 
+            s.ServiceType == typeof(ICertificateProvider) &&
+            s.Lifetime == ServiceLifetime.Singleton);
+    }
+
+    public void Dispose()
+    {
+        _certProvider.Dispose();
+        GC.SuppressFinalize(this);
+    }
 }

test/KubeOps.Operator.Web.Test/Certificates/CertificateGenerator.Test.cs

@@ -0,0 +1,43 @@
+using System.Security.Cryptography.X509Certificates;
+
+using FluentAssertions;
+
+namespace KubeOps.Operator.Web.Test.Certificates
+{
+    public class CertificateGeneratorTest : IDisposable
+    {
+        private readonly CertificateGenerator _certificateGenerator = new(Environment.MachineName);
+
+        [Fact]
+        public void Root_Should_Be_Valid()
+        {
+            var (certificate, key) = _certificateGenerator.Root;
+
+            certificate.Should().NotBeNull();
+            DateTime.Parse(certificate.GetEffectiveDateString()).Should().BeOnOrBefore(DateTime.UtcNow);
+            certificate.Extensions.Any(e => e is X509BasicConstraintsExtension basic && basic.CertificateAuthority).Should().BeTrue();
+            certificate.HasPrivateKey.Should().BeTrue();
+
+            key.Should().NotBeNull();
+        }
+
+        [Fact]
+        public void Server_Should_Be_Valid()
+        {
+            var (certificate, key) = _certificateGenerator.Server;
+
+            certificate.Should().NotBeNull();
+            DateTime.Parse(certificate.GetEffectiveDateString()).Should().BeOnOrBefore(DateTime.UtcNow);
+            certificate.Extensions.Any(e => e is X509BasicConstraintsExtension basic && basic.CertificateAuthority).Should().BeFalse();
+            certificate.HasPrivateKey.Should().BeFalse();
+
+            key.Should().NotBeNull();
+        }
+
+        public void Dispose()
+        {
+            _certificateGenerator.Dispose();
+            GC.SuppressFinalize(this);
+        }
+    }
+}