luxolus
/
open-consul
2
0
Fork 0
Code Issues 1 Pull Requests Packages Releases Wiki Activity

Fix flakey tests related to ACL token updates (#16545) 

* Fix flakey tests related to ACL token updates

* update all acl token update tests

* extra create_token function to its own thing
This commit is contained in:
Ronald 2023-03-07 00:14:06 +01:00 committed by GitHub
parent d40fc3cc9e
commit 0558cbc5ee
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 102 additions and 77 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

179
command/acl/token/update/token_update_test.go
View File

@ -22,6 +22,13 @@ func TestTokenUpdateCommand_noTabs(t *testing.T) {
} }
} }
func create_token(t *testing.T, client *api.Client, aclToken *api.ACLToken, writeOptions *api.WriteOptions) *api.ACLToken {
token, _, err := client.ACL().TokenCreate(aclToken, writeOptions)
require.NoError(t, err)
return token
}
func TestTokenUpdateCommand(t *testing.T) { func TestTokenUpdateCommand(t *testing.T) {
if testing.Short() { if testing.Short() {
t.Skip("too slow for testing.Short") t.Skip("too slow for testing.Short")
@ -50,13 +57,6 @@ func TestTokenUpdateCommand(t *testing.T) {
) )
require.NoError(t, err) require.NoError(t, err)
// create a token
token, _, err := client.ACL().TokenCreate(
&api.ACLToken{Description: "test"},
&api.WriteOptions{Token: "root"},
)
require.NoError(t, err)
run := func(t *testing.T, args []string) *api.ACLToken { run := func(t *testing.T, args []string) *api.ACLToken {
ui := cli.NewMockUi() ui := cli.NewMockUi()
cmd := New(ui) cmd := New(ui)
@ -72,7 +72,9 @@ func TestTokenUpdateCommand(t *testing.T) {
// update with node identity // update with node identity
t.Run("node-identity", func(t *testing.T) { t.Run("node-identity", func(t *testing.T) {
token := run(t, []string{ token := create_token(t, client, &api.ACLToken{Description: "test"}, &api.WriteOptions{Token: "root"})
responseToken := run(t, []string{
"-http-addr=" + a.HTTPAddr(), "-http-addr=" + a.HTTPAddr(),
"-accessor-id=" + token.AccessorID, "-accessor-id=" + token.AccessorID,
"-token=root", "-token=root",
@ -80,13 +82,19 @@ func TestTokenUpdateCommand(t *testing.T) {
"-description=test token", "-description=test token",
}) })
require.Len(t, token.NodeIdentities, 1) require.Len(t, responseToken.NodeIdentities, 1)
require.Equal(t, "foo", token.NodeIdentities[0].NodeName) require.Equal(t, "foo", responseToken.NodeIdentities[0].NodeName)
require.Equal(t, "bar", token.NodeIdentities[0].Datacenter) require.Equal(t, "bar", responseToken.NodeIdentities[0].Datacenter)
}) })
t.Run("node-identity-merge", func(t *testing.T) { t.Run("node-identity-merge", func(t *testing.T) {
token := run(t, []string{ token := create_token(t,
client,
&api.ACLToken{Description: "test", NodeIdentities: []*api.ACLNodeIdentity{{NodeName: "foo", Datacenter: "bar"}}},
&api.WriteOptions{Token: "root"},
)
responseToken := run(t, []string{
"-http-addr=" + a.HTTPAddr(), "-http-addr=" + a.HTTPAddr(),
"-accessor-id=" + token.AccessorID, "-accessor-id=" + token.AccessorID,
"-token=root", "-token=root",
@ -95,7 +103,7 @@ func TestTokenUpdateCommand(t *testing.T) {
"-merge-node-identities", "-merge-node-identities",
}) })
require.Len(t, token.NodeIdentities, 2) require.Len(t, responseToken.NodeIdentities, 2)
expected := []*api.ACLNodeIdentity{ expected := []*api.ACLNodeIdentity{
{ {
NodeName: "foo", NodeName: "foo",
@ -106,28 +114,14 @@ func TestTokenUpdateCommand(t *testing.T) {
Datacenter: "baz", Datacenter: "baz",
}, },
} }
require.ElementsMatch(t, expected, token.NodeIdentities) require.ElementsMatch(t, expected, responseToken.NodeIdentities)
})
// update with append-node-identity
t.Run("append-node-identity", func(t *testing.T) {
token := run(t, []string{
"-http-addr=" + a.HTTPAddr(),
"-accessor-id=" + token.AccessorID,
"-token=root",
"-append-node-identity=third:node",
"-description=test token",
})
require.Len(t, token.NodeIdentities, 3)
require.Equal(t, "third", token.NodeIdentities[2].NodeName)
require.Equal(t, "node", token.NodeIdentities[2].Datacenter)
}) })
// update with policy by name // update with policy by name
t.Run("policy-name", func(t *testing.T) { t.Run("policy-name", func(t *testing.T) {
token := run(t, []string{ token := create_token(t, client, &api.ACLToken{Description: "test"}, &api.WriteOptions{Token: "root"})
responseToken := run(t, []string{
"-http-addr=" + a.HTTPAddr(), "-http-addr=" + a.HTTPAddr(),
"-accessor-id=" + token.AccessorID, "-accessor-id=" + token.AccessorID,
"-token=root", "-token=root",
@ -135,12 +129,14 @@ func TestTokenUpdateCommand(t *testing.T) {
"-description=test token", "-description=test token",
}) })
require.Len(t, token.Policies, 1) require.Len(t, responseToken.Policies, 1)
}) })
// update with policy by id // update with policy by id
t.Run("policy-id", func(t *testing.T) { t.Run("policy-id", func(t *testing.T) {
token := run(t, []string{ token := create_token(t, client, &api.ACLToken{Description: "test"}, &api.WriteOptions{Token: "root"})
responseToken := run(t, []string{
"-http-addr=" + a.HTTPAddr(), "-http-addr=" + a.HTTPAddr(),
"-accessor-id=" + token.AccessorID, "-accessor-id=" + token.AccessorID,
"-token=root", "-token=root",
@ -148,12 +144,14 @@ func TestTokenUpdateCommand(t *testing.T) {
"-description=test token", "-description=test token",
}) })
require.Len(t, token.Policies, 1) require.Len(t, responseToken.Policies, 1)
}) })
// update with service-identity // update with service-identity
t.Run("service-identity", func(t *testing.T) { t.Run("service-identity", func(t *testing.T) {
token := run(t, []string{ token := create_token(t, client, &api.ACLToken{Description: "test"}, &api.WriteOptions{Token: "root"})
responseToken := run(t, []string{
"-http-addr=" + a.HTTPAddr(), "-http-addr=" + a.HTTPAddr(),
"-accessor-id=" + token.AccessorID, "-accessor-id=" + token.AccessorID,
"-token=root", "-token=root",
@ -161,33 +159,22 @@ func TestTokenUpdateCommand(t *testing.T) {
"-description=test token", "-description=test token",
}) })
require.Len(t, token.ServiceIdentities, 1) require.Len(t, responseToken.ServiceIdentities, 1)
require.Equal(t, "service", token.ServiceIdentities[0].ServiceName) require.Equal(t, "service", responseToken.ServiceIdentities[0].ServiceName)
})
// update with append-service-identity
t.Run("append-service-identity", func(t *testing.T) {
token := run(t, []string{
"-http-addr=" + a.HTTPAddr(),
"-accessor-id=" + token.AccessorID,
"-token=root",
"-append-service-identity=web",
"-description=test token",
})
require.Len(t, token.ServiceIdentities, 2)
require.Equal(t, "web", token.ServiceIdentities[1].ServiceName)
}) })
// update with no description shouldn't delete the current description // update with no description shouldn't delete the current description
t.Run("merge-description", func(t *testing.T) { t.Run("merge-description", func(t *testing.T) {
token := run(t, []string{ token := create_token(t, client, &api.ACLToken{Description: "test token"}, &api.WriteOptions{Token: "root"})
responseToken := run(t, []string{
"-http-addr=" + a.HTTPAddr(), "-http-addr=" + a.HTTPAddr(),
"-accessor-id=" + token.AccessorID, "-accessor-id=" + token.AccessorID,
"-token=root", "-token=root",
"-policy-name=" + policy.Name, "-policy-name=" + policy.Name,
}) })
require.Equal(t, "test token", token.Description) require.Equal(t, "test token", responseToken.Description)
}) })
} }
@ -219,13 +206,6 @@ func TestTokenUpdateCommandWithAppend(t *testing.T) {
) )
require.NoError(t, err) require.NoError(t, err)
// create a token
token, _, err := client.ACL().TokenCreate(
&api.ACLToken{Description: "test", Policies: []*api.ACLTokenPolicyLink{{Name: policy.Name}}},
&api.WriteOptions{Token: "root"},
)
require.NoError(t, err)
//secondary policy //secondary policy
secondPolicy, _, policyErr := client.ACL().PolicyCreate( secondPolicy, _, policyErr := client.ACL().PolicyCreate(
&api.ACLPolicy{Name: "secondary-policy"}, &api.ACLPolicy{Name: "secondary-policy"},
@ -233,13 +213,6 @@ func TestTokenUpdateCommandWithAppend(t *testing.T) {
) )
require.NoError(t, policyErr) require.NoError(t, policyErr)
//third policy
thirdPolicy, _, policyErr := client.ACL().PolicyCreate(
&api.ACLPolicy{Name: "third-policy"},
&api.WriteOptions{Token: "root"},
)
require.NoError(t, policyErr)
run := func(t *testing.T, args []string) *api.ACLToken { run := func(t *testing.T, args []string) *api.ACLToken {
ui := cli.NewMockUi() ui := cli.NewMockUi()
cmd := New(ui) cmd := New(ui)
@ -255,7 +228,12 @@ func TestTokenUpdateCommandWithAppend(t *testing.T) {
// update with append-policy-name // update with append-policy-name
t.Run("append-policy-name", func(t *testing.T) { t.Run("append-policy-name", func(t *testing.T) {
token := run(t, []string{ token := create_token(t, client,
&api.ACLToken{Description: "test", Policies: []*api.ACLTokenPolicyLink{{Name: policy.Name}}},
&api.WriteOptions{Token: "root"},
)
responseToken := run(t, []string{
"-http-addr=" + a.HTTPAddr(), "-http-addr=" + a.HTTPAddr(),
"-accessor-id=" + token.AccessorID, "-accessor-id=" + token.AccessorID,
"-token=root", "-token=root",
@ -263,20 +241,72 @@ func TestTokenUpdateCommandWithAppend(t *testing.T) {
"-description=test token", "-description=test token",
}) })
require.Len(t, token.Policies, 2) require.Len(t, responseToken.Policies, 2)
}) })
// update with append-policy-id // update with append-policy-id
t.Run("append-policy-id", func(t *testing.T) { t.Run("append-policy-id", func(t *testing.T) {
token := run(t, []string{ token := create_token(t, client,
&api.ACLToken{Description: "test", Policies: []*api.ACLTokenPolicyLink{{Name: policy.Name}}},
&api.WriteOptions{Token: "root"},
)
responseToken := run(t, []string{
"-http-addr=" + a.HTTPAddr(), "-http-addr=" + a.HTTPAddr(),
"-accessor-id=" + token.AccessorID, "-accessor-id=" + token.AccessorID,
"-token=root", "-token=root",
"-append-policy-id=" + thirdPolicy.ID, "-append-policy-id=" + secondPolicy.ID,
"-description=test token", "-description=test token",
}) })
require.Len(t, token.Policies, 3) require.Len(t, responseToken.Policies, 2)
})
// update with append-node-identity
t.Run("append-node-identity", func(t *testing.T) {
token := create_token(t, client,
&api.ACLToken{
Description: "test",
Policies: []*api.ACLTokenPolicyLink{{Name: policy.Name}},
NodeIdentities: []*api.ACLNodeIdentity{{NodeName: "namenode", Datacenter: "somewhere"}},
},
&api.WriteOptions{Token: "root"},
)
responseToken := run(t, []string{
"-http-addr=" + a.HTTPAddr(),
"-accessor-id=" + token.AccessorID,
"-token=root",
"-append-node-identity=third:node",
"-description=test token",
})
require.Len(t, responseToken.NodeIdentities, 2)
require.Equal(t, "third", responseToken.NodeIdentities[1].NodeName)
require.Equal(t, "node", responseToken.NodeIdentities[1].Datacenter)
})
// update with append-service-identity
t.Run("append-service-identity", func(t *testing.T) {
token := create_token(t, client,
&api.ACLToken{
Description: "test",
Policies: []*api.ACLTokenPolicyLink{{Name: policy.Name}},
ServiceIdentities: []*api.ACLServiceIdentity{{ServiceName: "service"}},
},
&api.WriteOptions{Token: "root"},
)
responseToken := run(t, []string{
"-http-addr=" + a.HTTPAddr(),
"-accessor-id=" + token.AccessorID,
"-token=root",
"-append-service-identity=web",
"-description=test token",
})
require.Len(t, responseToken.ServiceIdentities, 2)
require.Equal(t, "web", responseToken.ServiceIdentities[1].ServiceName)
}) })
} }
@ -310,12 +340,7 @@ func TestTokenUpdateCommand_JSON(t *testing.T) {
) )
require.NoError(t, err) require.NoError(t, err)
// create a token token := create_token(t, client, &api.ACLToken{Description: "test"}, &api.WriteOptions{Token: "root"})
token, _, err := client.ACL().TokenCreate(
&api.ACLToken{Description: "test"},
&api.WriteOptions{Token: "root"},
)
require.NoError(t, err)
t.Run("update with policy by name", func(t *testing.T) { t.Run("update with policy by name", func(t *testing.T) {
cmd := New(ui) cmd := New(ui)