Skip to content

Commit

Permalink
Adding tests to ensure all backends are mountable (hashicorp#3861)
Browse files Browse the repository at this point in the history
  • Loading branch information
chrishoffman authored Feb 1, 2018
1 parent f94e7e3 commit 7cc193d
Show file tree
Hide file tree
Showing 5 changed files with 225 additions and 62 deletions.
39 changes: 39 additions & 0 deletions command/audit_enable_test.go
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
package command

import (
"io/ioutil"
"strings"
"testing"

Expand Down Expand Up @@ -157,4 +158,42 @@ func TestAuditEnableCommand_Run(t *testing.T) {
_, cmd := testAuditEnableCommand(t)
assertNoTabs(t, cmd)
})

t.Run("mount_all", func(t *testing.T) {
t.Parallel()

client, closer := testVaultServerAllBackends(t)
defer closer()

files, err := ioutil.ReadDir("../builtin/audit")
if err != nil {
t.Fatal(err)
}

var backends []string
for _, f := range files {
if f.IsDir() {
backends = append(backends, f.Name())
}
}

for _, b := range backends {
ui, cmd := testAuditEnableCommand(t)
cmd.client = client

args := []string{
b,
}
switch b {
case "file":
args = append(args, "file_path=discard")
case "socket":
args = append(args, "address=127.0.0.1:8888")
}
code := cmd.Run(args)
if exp := 0; code != exp {
t.Errorf("type %s, expected %d to be %d - %s", b, code, exp, ui.OutputWriter.String()+ui.ErrorWriter.String())
}
}
})
}
50 changes: 50 additions & 0 deletions command/auth_enable_test.go
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
package command

import (
"io/ioutil"
"strings"
"testing"

Expand Down Expand Up @@ -141,4 +142,53 @@ func TestAuthEnableCommand_Run(t *testing.T) {
_, cmd := testAuthEnableCommand(t)
assertNoTabs(t, cmd)
})

t.Run("mount_all", func(t *testing.T) {
t.Parallel()

client, closer := testVaultServerAllBackends(t)
defer closer()

files, err := ioutil.ReadDir("../builtin/credential")
if err != nil {
t.Fatal(err)
}

var backends []string
for _, f := range files {
if f.IsDir() {
backends = append(backends, f.Name())
}
}

plugins, err := ioutil.ReadDir("../vendor/github.com/hashicorp")
if err != nil {
t.Fatal(err)
}
for _, p := range plugins {
if p.IsDir() && strings.HasPrefix(p.Name(), "vault-plugin-auth-") {
backends = append(backends, strings.TrimPrefix(p.Name(), "vault-plugin-auth-"))
}
}

if len(backends) != len(credentialBackends) {
t.Fatalf("expected %d credential backends, got %d", len(credentialBackends), len(backends))
}

for _, b := range backends {
if b == "token" {
continue
}

ui, cmd := testAuthEnableCommand(t)
cmd.client = client

code := cmd.Run([]string{
b,
})
if exp := 0; code != exp {
t.Errorf("type %s, expected %d to be %d - %s", b, code, exp, ui.OutputWriter.String()+ui.ErrorWriter.String())
}
}
})
}
14 changes: 14 additions & 0 deletions command/command_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,20 @@ func testVaultServer(tb testing.TB) (*api.Client, func()) {
return client, closer
}

func testVaultServerAllBackends(tb testing.TB) (*api.Client, func()) {
tb.Helper()

client, _, closer := testVaultServerCoreConfig(tb, &vault.CoreConfig{
DisableMlock: true,
DisableCache: true,
Logger: defaultVaultLogger,
CredentialBackends: credentialBackends,
AuditBackends: auditBackends,
LogicalBackends: logicalBackends,
})
return client, closer
}

// testVaultServerUnseal creates a test vault cluster and returns a configured
// API client, list of unseal keys (as strings), and a closer function.
func testVaultServerUnseal(tb testing.TB) (*api.Client, []string, func()) {
Expand Down
134 changes: 72 additions & 62 deletions command/commands.go
Original file line number Diff line number Diff line change
Expand Up @@ -64,6 +64,72 @@ import (
physZooKeeper "github.com/hashicorp/vault/physical/zookeeper"
)

var (
auditBackends = map[string]audit.Factory{
"file": auditFile.Factory,
"socket": auditSocket.Factory,
"syslog": auditSyslog.Factory,
}

credentialBackends = map[string]logical.Factory{
"app-id": credAppId.Factory,
"approle": credAppRole.Factory,
"aws": credAws.Factory,
"centrify": credCentrify.Factory,
"cert": credCert.Factory,
"gcp": credGcp.Factory,
"github": credGitHub.Factory,
"kubernetes": credKube.Factory,
"ldap": credLdap.Factory,
"okta": credOkta.Factory,
"plugin": plugin.Factory,
"radius": credRadius.Factory,
"userpass": credUserpass.Factory,
}

logicalBackends = map[string]logical.Factory{
"aws": aws.Factory,
"cassandra": cassandra.Factory,
"consul": consul.Factory,
"database": database.Factory,
"mongodb": mongodb.Factory,
"mssql": mssql.Factory,
"mysql": mysql.Factory,
"nomad": nomad.Factory,
"pki": pki.Factory,
"plugin": plugin.Factory,
"postgresql": postgresql.Factory,
"rabbitmq": rabbitmq.Factory,
"ssh": ssh.Factory,
"totp": totp.Factory,
"transit": transit.Factory,
}

physicalBackends = map[string]physical.Factory{
"azure": physAzure.NewAzureBackend,
"cassandra": physCassandra.NewCassandraBackend,
"cockroachdb": physCockroachDB.NewCockroachDBBackend,
"consul": physConsul.NewConsulBackend,
"couchdb_transactional": physCouchDB.NewTransactionalCouchDBBackend,
"couchdb": physCouchDB.NewCouchDBBackend,
"dynamodb": physDynamoDB.NewDynamoDBBackend,
"etcd": physEtcd.NewEtcdBackend,
"file_transactional": physFile.NewTransactionalFileBackend,
"file": physFile.NewFileBackend,
"gcs": physGCS.NewGCSBackend,
"inmem_ha": physInmem.NewInmemHA,
"inmem_transactional_ha": physInmem.NewTransactionalInmemHA,
"inmem_transactional": physInmem.NewTransactionalInmem,
"inmem": physInmem.NewInmem,
"mssql": physMSSQL.NewMSSQLBackend,
"mysql": physMySQL.NewMySQLBackend,
"postgresql": physPostgreSQL.NewPostgreSQLBackend,
"s3": physS3.NewS3Backend,
"swift": physSwift.NewSwiftBackend,
"zookeeper": physZooKeeper.NewZooKeeperBackend,
}
)

// DeprecatedCommand is a command that wraps an existing command and prints a
// deprecation notice and points the user to the new command. Deprecated
// commands are always hidden from help output.
Expand Down Expand Up @@ -415,68 +481,12 @@ func init() {
BaseCommand: &BaseCommand{
UI: serverCmdUi,
},
AuditBackends: map[string]audit.Factory{
"file": auditFile.Factory,
"socket": auditSocket.Factory,
"syslog": auditSyslog.Factory,
},
CredentialBackends: map[string]logical.Factory{
"app-id": credAppId.Factory,
"approle": credAppRole.Factory,
"aws": credAws.Factory,
"centrify": credCentrify.Factory,
"cert": credCert.Factory,
"gcp": credGcp.Factory,
"github": credGitHub.Factory,
"kubernetes": credKube.Factory,
"ldap": credLdap.Factory,
"okta": credOkta.Factory,
"plugin": plugin.Factory,
"radius": credRadius.Factory,
"userpass": credUserpass.Factory,
},
LogicalBackends: map[string]logical.Factory{
"aws": aws.Factory,
"cassandra": cassandra.Factory,
"consul": consul.Factory,
"database": database.Factory,
"mongodb": mongodb.Factory,
"mssql": mssql.Factory,
"mysql": mysql.Factory,
"nomad": nomad.Factory,
"pki": pki.Factory,
"plugin": plugin.Factory,
"postgresql": postgresql.Factory,
"rabbitmq": rabbitmq.Factory,
"ssh": ssh.Factory,
"totp": totp.Factory,
"transit": transit.Factory,
},
PhysicalBackends: map[string]physical.Factory{
"azure": physAzure.NewAzureBackend,
"cassandra": physCassandra.NewCassandraBackend,
"cockroachdb": physCockroachDB.NewCockroachDBBackend,
"consul": physConsul.NewConsulBackend,
"couchdb_transactional": physCouchDB.NewTransactionalCouchDBBackend,
"couchdb": physCouchDB.NewCouchDBBackend,
"dynamodb": physDynamoDB.NewDynamoDBBackend,
"etcd": physEtcd.NewEtcdBackend,
"file_transactional": physFile.NewTransactionalFileBackend,
"file": physFile.NewFileBackend,
"gcs": physGCS.NewGCSBackend,
"inmem_ha": physInmem.NewInmemHA,
"inmem_transactional_ha": physInmem.NewTransactionalInmemHA,
"inmem_transactional": physInmem.NewTransactionalInmem,
"inmem": physInmem.NewInmem,
"mssql": physMSSQL.NewMSSQLBackend,
"mysql": physMySQL.NewMySQLBackend,
"postgresql": physPostgreSQL.NewPostgreSQLBackend,
"s3": physS3.NewS3Backend,
"swift": physSwift.NewSwiftBackend,
"zookeeper": physZooKeeper.NewZooKeeperBackend,
},
ShutdownCh: MakeShutdownCh(),
SighupCh: MakeSighupCh(),
AuditBackends: auditBackends,
CredentialBackends: credentialBackends,
LogicalBackends: logicalBackends,
PhysicalBackends: physicalBackends,
ShutdownCh: MakeShutdownCh(),
SighupCh: MakeSighupCh(),
}, nil
},
"ssh": func() (cli.Command, error) {
Expand Down
50 changes: 50 additions & 0 deletions command/secrets_enable_test.go
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
package command

import (
"io/ioutil"
"strings"
"testing"

Expand Down Expand Up @@ -168,4 +169,53 @@ func TestSecretsEnableCommand_Run(t *testing.T) {
_, cmd := testSecretsEnableCommand(t)
assertNoTabs(t, cmd)
})

t.Run("mount_all", func(t *testing.T) {
t.Parallel()

client, closer := testVaultServerAllBackends(t)
defer closer()

files, err := ioutil.ReadDir("../builtin/logical")
if err != nil {
t.Fatal(err)
}

var backends []string
for _, f := range files {
if f.IsDir() {
if f.Name() == "plugin" {
continue
}
backends = append(backends, f.Name())
}
}

plugins, err := ioutil.ReadDir("../vendor/github.com/hashicorp")
if err != nil {
t.Fatal(err)
}
for _, p := range plugins {
if p.IsDir() && strings.HasPrefix(p.Name(), "vault-plugin-") && !strings.HasPrefix(p.Name(), "vault-plugin-auth-") {
backends = append(backends, strings.TrimPrefix(p.Name(), "vault-plugin-"))
}
}

// Removing one from logical list since plugin is a virtual backend
if len(backends) != len(logicalBackends)-1 {
t.Fatalf("expected %d logical backends, got %d", len(logicalBackends)-1, len(backends))
}

for _, b := range backends {
ui, cmd := testSecretsEnableCommand(t)
cmd.client = client

code := cmd.Run([]string{
b,
})
if exp := 0; code != exp {
t.Errorf("type %s, expected %d to be %d - %s", b, code, exp, ui.OutputWriter.String()+ui.ErrorWriter.String())
}
}
})
}

0 comments on commit 7cc193d

Please sign in to comment.