-
Notifications
You must be signed in to change notification settings - Fork 4.1k
/
router_ext_test.go
85 lines (72 loc) · 2.15 KB
/
router_ext_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
// Copyright (c) HashiCorp, Inc.
// SPDX-License-Identifier: MPL-2.0
package router
import (
"testing"
"github.com/hashicorp/vault/api"
"github.com/hashicorp/vault/helper/testhelpers/minimal"
"github.com/hashicorp/vault/sdk/logical"
"github.com/hashicorp/vault/vault"
)
func TestRouter_MountSubpath_Checks(t *testing.T) {
testRouter_MountSubpath(t, []string{"a/abcd/123", "abcd/123"})
testRouter_MountSubpath(t, []string{"abcd/123", "a/abcd/123"})
testRouter_MountSubpath(t, []string{"a/abcd/123", "abcd/123"})
}
func testRouter_MountSubpath(t *testing.T, mountPoints []string) {
cluster := minimal.NewTestSoloCluster(t, nil)
client := cluster.Cores[0].Client
// Test auth
authInput := &api.EnableAuthOptions{
Type: "userpass",
}
for _, mp := range mountPoints {
t.Logf("mounting %s", "auth/"+mp)
var err error
err = client.Sys().EnableAuthWithOptions("auth/"+mp, authInput)
if err != nil {
t.Fatalf("err: %v", err)
}
}
// Test secrets
mountInput := &api.MountInput{
Type: "pki",
}
for _, mp := range mountPoints {
t.Logf("mounting %s", "s/"+mp)
var err error
err = client.Sys().Mount("s/"+mp, mountInput)
if err != nil {
t.Fatalf("err: %v", err)
}
}
cluster.EnsureCoresSealed(t)
cluster.UnsealCores(t)
t.Logf("Done: %#v", mountPoints)
}
func TestRouter_UnmountRollbackIsntFatal(t *testing.T) {
cluster := minimal.NewTestSoloCluster(t, &vault.CoreConfig{
LogicalBackends: map[string]logical.Factory{
"noop": vault.NoopBackendRollbackErrFactory,
},
})
client := cluster.Cores[0].Client
if err := client.Sys().Mount("noop", &api.MountInput{
Type: "noop",
}); err != nil {
t.Fatalf("failed to mount PKI: %v", err)
}
if _, err := client.Logical().Write("sys/plugins/reload/backend", map[string]interface{}{
"mounts": "noop",
}); err != nil {
t.Fatalf("expected reload of noop with broken periodic func to succeed; got err=%v", err)
}
if _, err := client.Logical().Write("sys/remount", map[string]interface{}{
"from": "noop",
"to": "noop-to",
}); err != nil {
t.Fatalf("expected remount of noop with broken periodic func to succeed; got err=%v", err)
}
cluster.EnsureCoresSealed(t)
cluster.UnsealCores(t)
}