2017-09-15 04:19:56 +00:00
|
|
|
package command
|
|
|
|
|
|
|
|
import (
|
|
|
|
"io/ioutil"
|
|
|
|
"os"
|
|
|
|
"strings"
|
|
|
|
"testing"
|
|
|
|
|
|
|
|
"github.com/hashicorp/nomad/command/agent"
|
|
|
|
"github.com/hashicorp/nomad/nomad/mock"
|
|
|
|
"github.com/mitchellh/cli"
|
|
|
|
"github.com/stretchr/testify/assert"
|
|
|
|
)
|
|
|
|
|
|
|
|
func TestACLPolicyApplyCommand(t *testing.T) {
|
|
|
|
assert := assert.New(t)
|
|
|
|
t.Parallel()
|
|
|
|
config := func(c *agent.Config) {
|
|
|
|
c.ACL.Enabled = true
|
|
|
|
}
|
|
|
|
|
|
|
|
srv, _, url := testServer(t, true, config)
|
|
|
|
defer srv.Shutdown()
|
|
|
|
|
|
|
|
// Bootstrap an initial ACL token
|
2017-10-04 22:06:21 +00:00
|
|
|
token := srv.RootToken
|
2017-09-15 04:19:56 +00:00
|
|
|
assert.NotNil(token, "failed to bootstrap ACL token")
|
|
|
|
|
|
|
|
ui := new(cli.MockUi)
|
|
|
|
cmd := &ACLPolicyApplyCommand{Meta: Meta{Ui: ui, flagAddress: url}}
|
|
|
|
|
|
|
|
// Create a test policy
|
|
|
|
policy := mock.ACLPolicy()
|
|
|
|
|
|
|
|
// Get a file
|
|
|
|
f, err := ioutil.TempFile("", "nomad-test")
|
|
|
|
assert.Nil(err)
|
|
|
|
defer os.Remove(f.Name())
|
|
|
|
|
|
|
|
// Write the policy to the file
|
|
|
|
err = ioutil.WriteFile(f.Name(), []byte(policy.Rules), 0700)
|
|
|
|
assert.Nil(err)
|
|
|
|
|
2017-09-15 18:12:17 +00:00
|
|
|
// Attempt to apply a policy without a valid management token
|
2020-06-25 16:59:25 +00:00
|
|
|
code := cmd.Run([]string{"-address=" + url, "-token=foo", "test-policy", f.Name()})
|
2017-09-15 04:19:56 +00:00
|
|
|
assert.Equal(1, code)
|
|
|
|
|
2017-09-15 18:12:17 +00:00
|
|
|
// Apply a policy with a valid management token
|
2020-06-25 16:59:25 +00:00
|
|
|
code = cmd.Run([]string{"-address=" + url, "-token=" + token.SecretID, "test-policy", f.Name()})
|
2017-09-15 04:19:56 +00:00
|
|
|
assert.Equal(0, code)
|
|
|
|
|
|
|
|
// Check the output
|
|
|
|
out := ui.OutputWriter.String()
|
|
|
|
if !strings.Contains(out, "Successfully wrote") {
|
|
|
|
t.Fatalf("bad: %v", out)
|
|
|
|
}
|
|
|
|
}
|