137bfbb02b
Envoy's SPIFFE certificate validation extension allows for us to validate against different root certificates depending on the trust domain of the dialing proxy. If there are any trust bundles from peers in the config snapshot then we use the SPIFFE validator as the validation context, rather than the usual TrustedCA. The injected validation config includes the local root certificates as well.
19 lines
398 B
Go
19 lines
398 B
Go
package prototest
|
|
|
|
import (
|
|
"testing"
|
|
|
|
"github.com/google/go-cmp/cmp"
|
|
"google.golang.org/protobuf/testing/protocmp"
|
|
)
|
|
|
|
func AssertDeepEqual(t testing.TB, x, y interface{}, opts ...cmp.Option) {
|
|
t.Helper()
|
|
|
|
opts = append(opts, protocmp.Transform())
|
|
|
|
if diff := cmp.Diff(x, y, opts...); diff != "" {
|
|
t.Fatalf("assertion failed: values are not equal\n--- expected\n+++ actual\n%v", diff)
|
|
}
|
|
}
|