open-consul/agent/connect_ca_endpoint_test.go

package agent

import (
	"net/http"
	"net/http/httptest"
	"testing"

	"github.com/hashicorp/consul/agent/connect"
	"github.com/hashicorp/consul/agent/structs"
	"github.com/stretchr/testify/assert"
)

func TestConnectCARoots_empty(t *testing.T) {
	t.Parallel()

	assert := assert.New(t)
	a := NewTestAgent(t.Name(), "connect { enabled = false }")
	defer a.Shutdown()

	req, _ := http.NewRequest("GET", "/v1/connect/ca/roots", nil)
	resp := httptest.NewRecorder()
	obj, err := a.srv.ConnectCARoots(resp, req)
	assert.Nil(err)

	value := obj.(structs.IndexedCARoots)
	assert.Equal(value.ActiveRootID, "")
	assert.Len(value.Roots, 0)
}

func TestConnectCARoots_list(t *testing.T) {
	t.Parallel()

	assert := assert.New(t)
	a := NewTestAgent(t.Name(), "")
	defer a.Shutdown()

	// Set some CAs. Note that NewTestAgent already bootstraps one CA so this just
	// adds a second and makes it active.
	ca2 := connect.TestCAConfigSet(t, a, nil)

	// List
	req, _ := http.NewRequest("GET", "/v1/connect/ca/roots", nil)
	resp := httptest.NewRecorder()
	obj, err := a.srv.ConnectCARoots(resp, req)
	assert.Nil(err)

	value := obj.(structs.IndexedCARoots)
	assert.Equal(value.ActiveRootID, ca2.ID)
	assert.Len(value.Roots, 2)

	// We should never have the secret information
	for _, r := range value.Roots {
		assert.Equal("", r.SigningCert)
		assert.Equal("", r.SigningKey)
	}
}
agent/consul: tests for CA endpoints 2018-03-20 17:36:05 +00:00			`package agent`

			`import (`
			`"net/http"`
			`"net/http/httptest"`
			`"testing"`

agent: CA root HTTP endpoints 2018-03-21 17:20:35 +00:00			`"github.com/hashicorp/consul/agent/connect"`
agent/consul: tests for CA endpoints 2018-03-20 17:36:05 +00:00			`"github.com/hashicorp/consul/agent/structs"`
			`"github.com/stretchr/testify/assert"`
			`)`

			`func TestConnectCARoots_empty(t *testing.T) {`
			`t.Parallel()`

			`assert := assert.New(t)`
Wire up agent leaf endpoint to cache framework to support blocking. 2018-04-30 21:23:49 +00:00			`a := NewTestAgent(t.Name(), "connect { enabled = false }")`
agent/consul: tests for CA endpoints 2018-03-20 17:36:05 +00:00			`defer a.Shutdown()`

			`req, _ := http.NewRequest("GET", "/v1/connect/ca/roots", nil)`
			`resp := httptest.NewRecorder()`
			`obj, err := a.srv.ConnectCARoots(resp, req)`
			`assert.Nil(err)`

			`value := obj.(structs.IndexedCARoots)`
			`assert.Equal(value.ActiveRootID, "")`
			`assert.Len(value.Roots, 0)`
			`}`
agent/consul: CAS operations for setting the CA root 2018-03-21 17:10:53 +00:00
			`func TestConnectCARoots_list(t *testing.T) {`
			`t.Parallel()`

			`assert := assert.New(t)`
			`a := NewTestAgent(t.Name(), "")`
			`defer a.Shutdown()`

Wire up agent leaf endpoint to cache framework to support blocking. 2018-04-30 21:23:49 +00:00			`// Set some CAs. Note that NewTestAgent already bootstraps one CA so this just`
			`// adds a second and makes it active.`
			`ca2 := connect.TestCAConfigSet(t, a, nil)`
agent/consul: CAS operations for setting the CA root 2018-03-21 17:10:53 +00:00
agent: CA root HTTP endpoints 2018-03-21 17:20:35 +00:00			`// List`
agent/consul: CAS operations for setting the CA root 2018-03-21 17:10:53 +00:00			`req, _ := http.NewRequest("GET", "/v1/connect/ca/roots", nil)`
			`resp := httptest.NewRecorder()`
			`obj, err := a.srv.ConnectCARoots(resp, req)`
			`assert.Nil(err)`

			`value := obj.(structs.IndexedCARoots)`
agent: CA root HTTP endpoints 2018-03-21 17:20:35 +00:00			`assert.Equal(value.ActiveRootID, ca2.ID)`
			`assert.Len(value.Roots, 2)`

			`// We should never have the secret information`
			`for _, r := range value.Roots {`
			`assert.Equal("", r.SigningCert)`
			`assert.Equal("", r.SigningKey)`
			`}`
agent/consul: CAS operations for setting the CA root 2018-03-21 17:10:53 +00:00			`}`