243 lines
5.4 KiB
Go
243 lines
5.4 KiB
Go
package command
|
|
|
|
import (
|
|
"io/ioutil"
|
|
"os"
|
|
"path/filepath"
|
|
"strings"
|
|
"testing"
|
|
|
|
"github.com/hashicorp/consul/command/agent"
|
|
"github.com/mitchellh/cli"
|
|
)
|
|
|
|
func TestKeyringCommand_implements(t *testing.T) {
|
|
var _ cli.Command = &KeyringCommand{}
|
|
}
|
|
|
|
func TestKeyringCommandRun(t *testing.T) {
|
|
key1 := "HS5lJ+XuTlYKWaeGYyG+/A=="
|
|
key2 := "kZyFABeAmc64UMTrm9XuKA=="
|
|
|
|
// Begin with a single key
|
|
conf := agent.Config{EncryptKey: key1}
|
|
a1 := testAgentWithConfig(&conf, t)
|
|
defer a1.Shutdown()
|
|
|
|
// The keyring was initialized with only the provided key
|
|
out := listKeys(t, a1.addr, false)
|
|
if !strings.Contains(out, key1) {
|
|
t.Fatalf("bad: %#v", out)
|
|
}
|
|
if strings.Contains(out, key2) {
|
|
t.Fatalf("bad: %#v", out)
|
|
}
|
|
|
|
// Install the second key onto the keyring
|
|
installKey(t, a1.addr, key2, false)
|
|
|
|
// Both keys should be present
|
|
out = listKeys(t, a1.addr, false)
|
|
for _, key := range []string{key1, key2} {
|
|
if !strings.Contains(out, key) {
|
|
t.Fatalf("bad: %#v", out)
|
|
}
|
|
}
|
|
|
|
// WAN keyring is untouched
|
|
out = listKeys(t, a1.addr, true)
|
|
if strings.Contains(out, key2) {
|
|
t.Fatalf("bad: %#v", out)
|
|
}
|
|
|
|
// Change out the primary key
|
|
useKey(t, a1.addr, key2, false)
|
|
|
|
// Remove the original key
|
|
removeKey(t, a1.addr, key1, false)
|
|
|
|
// Make sure only the new key is present
|
|
out = listKeys(t, a1.addr, false)
|
|
if strings.Contains(out, key1) {
|
|
t.Fatalf("bad: %#v", out)
|
|
}
|
|
if !strings.Contains(out, key2) {
|
|
t.Fatalf("bad: %#v", out)
|
|
}
|
|
|
|
// WAN keyring is still untouched
|
|
out = listKeys(t, a1.addr, true)
|
|
if !strings.Contains(out, key1) {
|
|
t.Fatalf("bad: %#v", out)
|
|
}
|
|
|
|
// Rotate out the WAN key
|
|
installKey(t, a1.addr, key2, true)
|
|
useKey(t, a1.addr, key2, true)
|
|
removeKey(t, a1.addr, key1, true)
|
|
|
|
// WAN keyring now has only the proper key
|
|
out = listKeys(t, a1.addr, true)
|
|
if !strings.Contains(out, key2) {
|
|
t.Fatalf("bad: %#v", out)
|
|
}
|
|
if strings.Contains(out, key1) {
|
|
t.Fatalf("bad: %#v", out)
|
|
}
|
|
}
|
|
|
|
func TestKeyringCommandRun_help(t *testing.T) {
|
|
ui := new(cli.MockUi)
|
|
c := &KeyringCommand{Ui: ui}
|
|
code := c.Run(nil)
|
|
if code != 1 {
|
|
t.Fatalf("bad: %d. %#v", code, ui.ErrorWriter.String())
|
|
}
|
|
|
|
// Test that we didn't actually try to dial the RPC server.
|
|
if !strings.Contains(ui.ErrorWriter.String(), "Usage:") {
|
|
t.Fatalf("bad: %#v", ui.ErrorWriter.String())
|
|
}
|
|
}
|
|
|
|
func TestKeyringCommandRun_failedConnection(t *testing.T) {
|
|
ui := new(cli.MockUi)
|
|
c := &KeyringCommand{Ui: ui}
|
|
args := []string{"-list", "-rpc-addr=127.0.0.1:0"}
|
|
code := c.Run(args)
|
|
if code != 1 {
|
|
t.Fatalf("bad: %d, %#v", code, ui.ErrorWriter.String())
|
|
}
|
|
if !strings.Contains(ui.ErrorWriter.String(), "dial") {
|
|
t.Fatalf("bad: %#v", ui.OutputWriter.String())
|
|
}
|
|
}
|
|
|
|
func TestKeyringCommandRun_initKeyringFail(t *testing.T) {
|
|
ui := new(cli.MockUi)
|
|
c := &KeyringCommand{Ui: ui}
|
|
|
|
// Should error if no data-dir given
|
|
args := []string{"-init=HS5lJ+XuTlYKWaeGYyG+/A=="}
|
|
code := c.Run(args)
|
|
if code != 1 {
|
|
t.Fatalf("bad: %d. %#v", code, ui.ErrorWriter.String())
|
|
}
|
|
|
|
// Errors on invalid key
|
|
args = []string{"-init=xyz", "-data-dir=/tmp"}
|
|
code = c.Run(args)
|
|
if code != 1 {
|
|
t.Fatalf("should have errored")
|
|
}
|
|
}
|
|
|
|
func TestKeyringCommandRun_initKeyring(t *testing.T) {
|
|
ui := new(cli.MockUi)
|
|
c := &KeyringCommand{Ui: ui}
|
|
|
|
tempDir, err := ioutil.TempDir("", "consul")
|
|
if err != nil {
|
|
t.Fatalf("err: %s", err)
|
|
}
|
|
defer os.RemoveAll(tempDir)
|
|
|
|
args := []string{
|
|
"-init=HS5lJ+XuTlYKWaeGYyG+/A==",
|
|
"-data-dir=" + tempDir,
|
|
}
|
|
code := c.Run(args)
|
|
if code != 0 {
|
|
t.Fatalf("bad: %d. %#v", code, ui.ErrorWriter.String())
|
|
}
|
|
|
|
fileLAN := filepath.Join(tempDir, agent.SerfLANKeyring)
|
|
fileWAN := filepath.Join(tempDir, agent.SerfWANKeyring)
|
|
if _, err := os.Stat(fileLAN); err != nil {
|
|
t.Fatalf("err: %s", err)
|
|
}
|
|
if _, err := os.Stat(fileWAN); err != nil {
|
|
t.Fatalf("err: %s", err)
|
|
}
|
|
|
|
expected := `["HS5lJ+XuTlYKWaeGYyG+/A=="]`
|
|
|
|
contentLAN, err := ioutil.ReadFile(fileLAN)
|
|
if err != nil {
|
|
t.Fatalf("err: %s", err)
|
|
}
|
|
if string(contentLAN) != expected {
|
|
t.Fatalf("bad: %#v", string(contentLAN))
|
|
}
|
|
|
|
contentWAN, err := ioutil.ReadFile(fileWAN)
|
|
if err != nil {
|
|
t.Fatalf("err: %s", err)
|
|
}
|
|
if string(contentWAN) != expected {
|
|
t.Fatalf("bad: %#v", string(contentWAN))
|
|
}
|
|
}
|
|
|
|
func listKeys(t *testing.T, addr string, wan bool) string {
|
|
ui := new(cli.MockUi)
|
|
c := &KeyringCommand{Ui: ui}
|
|
|
|
args := []string{"-list", "-rpc-addr=" + addr}
|
|
if wan {
|
|
args = append(args, "-wan")
|
|
}
|
|
|
|
code := c.Run(args)
|
|
if code != 0 {
|
|
t.Fatalf("bad: %d. %#v", code, ui.ErrorWriter.String())
|
|
}
|
|
|
|
return ui.OutputWriter.String()
|
|
}
|
|
|
|
func installKey(t *testing.T, addr string, key string, wan bool) {
|
|
ui := new(cli.MockUi)
|
|
c := &KeyringCommand{Ui: ui}
|
|
|
|
args := []string{"-install=" + key, "-rpc-addr=" + addr}
|
|
if wan {
|
|
args = append(args, "-wan")
|
|
}
|
|
|
|
code := c.Run(args)
|
|
if code != 0 {
|
|
t.Fatalf("bad: %d. %#v", code, ui.ErrorWriter.String())
|
|
}
|
|
}
|
|
|
|
func useKey(t *testing.T, addr string, key string, wan bool) {
|
|
ui := new(cli.MockUi)
|
|
c := &KeyringCommand{Ui: ui}
|
|
|
|
args := []string{"-use=" + key, "-rpc-addr=" + addr}
|
|
if wan {
|
|
args = append(args, "-wan")
|
|
}
|
|
|
|
code := c.Run(args)
|
|
if code != 0 {
|
|
t.Fatalf("bad: %d. %#v", code, ui.ErrorWriter.String())
|
|
}
|
|
}
|
|
|
|
func removeKey(t *testing.T, addr string, key string, wan bool) {
|
|
ui := new(cli.MockUi)
|
|
c := &KeyringCommand{Ui: ui}
|
|
|
|
args := []string{"-remove=" + key, "-rpc-addr=" + addr}
|
|
if wan {
|
|
args = append(args, "-wan")
|
|
}
|
|
|
|
code := c.Run(args)
|
|
if code != 0 {
|
|
t.Fatalf("bad: %d. %#v", code, ui.ErrorWriter.String())
|
|
}
|
|
}
|