2021-10-01 13:59:55 +00:00
|
|
|
//go:build ent
|
2017-09-19 14:47:10 +00:00
|
|
|
|
|
|
|
package api
|
|
|
|
|
|
|
|
import (
|
|
|
|
"testing"
|
|
|
|
|
2022-03-17 13:34:57 +00:00
|
|
|
"github.com/hashicorp/nomad/api/internal/testutil"
|
2023-01-01 18:57:26 +00:00
|
|
|
"github.com/shoenig/test/must"
|
2017-09-19 14:47:10 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
func TestSentinelPolicies_ListUpsert(t *testing.T) {
|
2022-03-17 13:34:57 +00:00
|
|
|
testutil.Parallel(t)
|
2017-09-19 14:47:10 +00:00
|
|
|
c, s, _ := makeACLClient(t, nil, nil)
|
|
|
|
defer s.Stop()
|
|
|
|
ap := c.SentinelPolicies()
|
|
|
|
|
|
|
|
// Listing when nothing exists returns empty
|
|
|
|
result, qm, err := ap.List(nil)
|
2023-01-01 18:57:26 +00:00
|
|
|
must.NoError(t, err)
|
|
|
|
must.Positive(t, qm.LastIndex)
|
|
|
|
must.SliceEmpty(t, result)
|
2017-09-19 14:47:10 +00:00
|
|
|
|
|
|
|
// Register a policy
|
|
|
|
policy := &SentinelPolicy{
|
|
|
|
Name: "test",
|
|
|
|
Description: "test",
|
|
|
|
EnforcementLevel: "advisory",
|
|
|
|
Scope: "submit-job",
|
|
|
|
Policy: "main = rule { true }",
|
|
|
|
}
|
|
|
|
wm, err := ap.Upsert(policy, nil)
|
2023-01-01 18:57:26 +00:00
|
|
|
must.NoError(t, err)
|
2017-09-19 14:47:10 +00:00
|
|
|
assertWriteMeta(t, wm)
|
|
|
|
|
|
|
|
// Check the list again
|
|
|
|
result, qm, err = ap.List(nil)
|
2023-01-01 18:57:26 +00:00
|
|
|
must.NoError(t, err)
|
2017-09-19 14:47:10 +00:00
|
|
|
assertQueryMeta(t, qm)
|
2023-01-01 18:57:26 +00:00
|
|
|
must.Len(t, 1, result)
|
2017-09-19 14:47:10 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func TestSentinelPolicies_Delete(t *testing.T) {
|
2022-03-17 13:34:57 +00:00
|
|
|
testutil.Parallel(t)
|
2023-01-01 18:57:26 +00:00
|
|
|
|
2017-09-19 14:47:10 +00:00
|
|
|
c, s, _ := makeACLClient(t, nil, nil)
|
|
|
|
defer s.Stop()
|
|
|
|
ap := c.SentinelPolicies()
|
|
|
|
|
|
|
|
// Register a policy
|
|
|
|
policy := &SentinelPolicy{
|
|
|
|
Name: "test",
|
|
|
|
Description: "test",
|
|
|
|
EnforcementLevel: "advisory",
|
|
|
|
Scope: "submit-job",
|
|
|
|
Policy: "main = rule { true } ",
|
|
|
|
}
|
|
|
|
wm, err := ap.Upsert(policy, nil)
|
2023-01-01 18:57:26 +00:00
|
|
|
must.NoError(t, err)
|
2017-09-19 14:47:10 +00:00
|
|
|
assertWriteMeta(t, wm)
|
|
|
|
|
|
|
|
// Delete the policy
|
|
|
|
wm, err = ap.Delete(policy.Name, nil)
|
2023-01-01 18:57:26 +00:00
|
|
|
must.NoError(t, err)
|
2017-09-19 14:47:10 +00:00
|
|
|
assertWriteMeta(t, wm)
|
|
|
|
|
|
|
|
// Check the list again
|
|
|
|
result, qm, err := ap.List(nil)
|
2023-01-01 18:57:26 +00:00
|
|
|
must.NoError(t, err)
|
2017-09-19 14:47:10 +00:00
|
|
|
assertQueryMeta(t, qm)
|
2023-01-01 18:57:26 +00:00
|
|
|
must.SliceEmpty(t, result)
|
2017-09-19 14:47:10 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func TestSentinelPolicies_Info(t *testing.T) {
|
2022-03-17 13:34:57 +00:00
|
|
|
testutil.Parallel(t)
|
2023-01-01 18:57:26 +00:00
|
|
|
|
2017-09-19 14:47:10 +00:00
|
|
|
c, s, _ := makeACLClient(t, nil, nil)
|
|
|
|
defer s.Stop()
|
|
|
|
ap := c.SentinelPolicies()
|
|
|
|
|
|
|
|
// Register a policy
|
|
|
|
policy := &SentinelPolicy{
|
|
|
|
Name: "test",
|
|
|
|
Description: "test",
|
|
|
|
EnforcementLevel: "advisory",
|
|
|
|
Scope: "submit-job",
|
|
|
|
Policy: "main = rule { true }",
|
|
|
|
}
|
|
|
|
wm, err := ap.Upsert(policy, nil)
|
2023-01-01 18:57:26 +00:00
|
|
|
must.NoError(t, err)
|
2017-09-19 14:47:10 +00:00
|
|
|
assertWriteMeta(t, wm)
|
|
|
|
|
|
|
|
// Query the policy
|
|
|
|
out, qm, err := ap.Info(policy.Name, nil)
|
2023-01-01 18:57:26 +00:00
|
|
|
must.NoError(t, err)
|
2017-09-19 14:47:10 +00:00
|
|
|
assertQueryMeta(t, qm)
|
2023-01-01 18:57:26 +00:00
|
|
|
must.Eq(t, policy.Name, out.Name)
|
2017-09-19 14:47:10 +00:00
|
|
|
}
|