cli: remove a test case for updating a legacy token
Legacy tokens are no longer accepted, so we don't need to test their upgrade path.
This commit is contained in:
parent
baa27e2b4c
commit
d77ea40203
|
@ -5,13 +5,13 @@ import (
|
||||||
"strings"
|
"strings"
|
||||||
"testing"
|
"testing"
|
||||||
|
|
||||||
"github.com/hashicorp/consul/agent"
|
|
||||||
"github.com/hashicorp/consul/api"
|
|
||||||
"github.com/hashicorp/consul/sdk/testutil/retry"
|
|
||||||
"github.com/hashicorp/consul/testrpc"
|
|
||||||
"github.com/mitchellh/cli"
|
"github.com/mitchellh/cli"
|
||||||
"github.com/stretchr/testify/assert"
|
"github.com/stretchr/testify/assert"
|
||||||
"github.com/stretchr/testify/require"
|
"github.com/stretchr/testify/require"
|
||||||
|
|
||||||
|
"github.com/hashicorp/consul/agent"
|
||||||
|
"github.com/hashicorp/consul/api"
|
||||||
|
"github.com/hashicorp/consul/testrpc"
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestTokenUpdateCommand_noTabs(t *testing.T) {
|
func TestTokenUpdateCommand_noTabs(t *testing.T) {
|
||||||
|
@ -57,17 +57,6 @@ func TestTokenUpdateCommand(t *testing.T) {
|
||||||
)
|
)
|
||||||
require.NoError(t, err)
|
require.NoError(t, err)
|
||||||
|
|
||||||
// create a legacy token
|
|
||||||
// nolint: staticcheck // we have to use the deprecated API to create a legacy token
|
|
||||||
legacyTokenSecretID, _, err := client.ACL().Create(&api.ACLEntry{
|
|
||||||
Name: "Legacy token",
|
|
||||||
Type: "client",
|
|
||||||
Rules: "service \"test\" { policy = \"write\" }",
|
|
||||||
},
|
|
||||||
&api.WriteOptions{Token: "root"},
|
|
||||||
)
|
|
||||||
require.NoError(t, err)
|
|
||||||
|
|
||||||
// We fetch the legacy token later to give server time to async background
|
// We fetch the legacy token later to give server time to async background
|
||||||
// upgrade it.
|
// upgrade it.
|
||||||
|
|
||||||
|
@ -160,36 +149,6 @@ func TestTokenUpdateCommand(t *testing.T) {
|
||||||
|
|
||||||
require.Equal(t, "test token", token.Description)
|
require.Equal(t, "test token", token.Description)
|
||||||
})
|
})
|
||||||
|
|
||||||
// Need legacy token now, hopefully server had time to generate an accessor ID
|
|
||||||
// in the background but wait for it if not.
|
|
||||||
var legacyToken *api.ACLToken
|
|
||||||
retry.Run(t, func(r *retry.R) {
|
|
||||||
// Fetch the legacy token via new API so we can use it's accessor ID
|
|
||||||
legacyToken, _, err = client.ACL().TokenReadSelf(
|
|
||||||
&api.QueryOptions{Token: legacyTokenSecretID})
|
|
||||||
require.NoError(r, err)
|
|
||||||
require.NotEmpty(r, legacyToken.AccessorID)
|
|
||||||
})
|
|
||||||
|
|
||||||
// upgrade legacy token should replace rules and leave token in a "new" state!
|
|
||||||
t.Run("legacy-upgrade", func(t *testing.T) {
|
|
||||||
token := run(t, []string{
|
|
||||||
"-http-addr=" + a.HTTPAddr(),
|
|
||||||
"-id=" + legacyToken.AccessorID,
|
|
||||||
"-token=root",
|
|
||||||
"-policy-name=" + policy.Name,
|
|
||||||
"-upgrade-legacy",
|
|
||||||
})
|
|
||||||
|
|
||||||
// Description shouldn't change
|
|
||||||
require.Equal(t, "Legacy token", token.Description)
|
|
||||||
require.Len(t, token.Policies, 1)
|
|
||||||
// Rules should now be empty meaning this is no longer a legacy token
|
|
||||||
require.Empty(t, token.Rules)
|
|
||||||
// Secret should not have changes
|
|
||||||
require.Equal(t, legacyToken.SecretID, token.SecretID)
|
|
||||||
})
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestTokenUpdateCommand_JSON(t *testing.T) {
|
func TestTokenUpdateCommand_JSON(t *testing.T) {
|
||||||
|
|
Loading…
Reference in New Issue