8000 Make it possible to mock the current time in spiffetls dialer by vandry · Pull Request #357 · spiffe/go-spiffe · GitHub
[go: up one dir, main page]
Skip to content

Make it possible to mock the current time in spiffetls dialer #357

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Make it possible to mock the current time in spiffetls dialer #357

wants to merge 1 commit into from

Conversation

vandry
Copy link
@vandry vandry commented Sep 6, 2025

So you can do, say,

spiffetls.DialWithMode(
ctx, network, addr, mode,
spiffetls.WithDialTLSOptions(tlsconfig.WithTime(mocked))
)

This is useful in tests and is already supported by the underlying crypto/x509 library and even by the x509svid package right here but just wasn't plumbed through to the dialer.

@vandry
Make it possible to mock the current time in spiffetls dialer
73f600b 
So you can do, say,

  spiffetls.DialWithMode(
      ctx, network, addr, mode,
      spiffetls.WithDialTLSOptions(tlsconfig.WithTime(mocked))
  )

This is useful in tests and is already supported by the underlying
crypto/x509 library and even by the x509svid package right here but just
wasn't plumbed through to the dialer.
azdagron
azdagron reviewed Sep 13, 2025
View reviewed changes
Copy link
Member
@azdagron azdagron left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for opening this @vandry and sorry for the review latency. This seems like good functionality to support. I've made a suggestion on how we accomplish this to be more consistent with the API in this and other packages.

spiffetls/tlsconfig/config.go

// WithTime sets the time used when verifying validity periods on X509 SVIDs.
// If not used, the current time will be used.
func WithTime(now time.Time) Option {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

To be consistent in the way we've passed through options in other packages, I'd recommend that we instead add a function func WithVerifyOptions(opts ...x509svid.VerifyOption) Option instead of replicating the individual options here.

@azdagron
Copy link
Member

Also, we'll need DCO signoff an all commits.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@azdagron azdagron azdagron left review comments

@amartinezfayo amartinezfayo Awaiting requested review from amartinezfayo amartinezfayo is a code owner

@evan2645 evan2645 Awaiting requested review from evan2645 evan2645 is a code owner

At least 1 approving review is required to merge this pull request.

4CFF
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@vandry @azdagron
0