2018-08-23 00:50:52 +00:00
|
|
|
package router
|
2018-03-27 20:34:06 +00:00
|
|
|
|
|
|
|
import (
|
|
|
|
"testing"
|
|
|
|
|
|
|
|
"github.com/hashicorp/vault/api"
|
|
|
|
"github.com/hashicorp/vault/builtin/credential/userpass"
|
2019-06-04 17:33:36 +00:00
|
|
|
"github.com/hashicorp/vault/builtin/logical/pki"
|
2018-03-27 20:34:06 +00:00
|
|
|
vaulthttp "github.com/hashicorp/vault/http"
|
2019-04-12 21:54:35 +00:00
|
|
|
"github.com/hashicorp/vault/sdk/logical"
|
2018-03-27 20:34:06 +00:00
|
|
|
"github.com/hashicorp/vault/vault"
|
|
|
|
)
|
|
|
|
|
|
|
|
func TestRouter_MountSubpath_Checks(t *testing.T) {
|
2019-06-04 17:33:36 +00:00
|
|
|
testRouter_MountSubpath(t, []string{"a/abcd/123", "abcd/123"})
|
|
|
|
testRouter_MountSubpath(t, []string{"abcd/123", "a/abcd/123"})
|
|
|
|
testRouter_MountSubpath(t, []string{"a/abcd/123", "abcd/123"})
|
2018-03-27 20:34:06 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func testRouter_MountSubpath(t *testing.T, mountPoints []string) {
|
|
|
|
coreConfig := &vault.CoreConfig{
|
2019-06-04 17:33:36 +00:00
|
|
|
LogicalBackends: map[string]logical.Factory{
|
|
|
|
"pki": pki.Factory,
|
|
|
|
},
|
2018-03-27 20:34:06 +00:00
|
|
|
CredentialBackends: map[string]logical.Factory{
|
|
|
|
"userpass": userpass.Factory,
|
|
|
|
},
|
|
|
|
}
|
|
|
|
cluster := vault.NewTestCluster(t, coreConfig, &vault.TestClusterOptions{
|
|
|
|
HandlerFunc: vaulthttp.Handler,
|
|
|
|
})
|
|
|
|
cluster.Start()
|
|
|
|
defer cluster.Cleanup()
|
|
|
|
|
|
|
|
vault.TestWaitActive(t, cluster.Cores[0].Core)
|
|
|
|
client := cluster.Cores[0].Client
|
|
|
|
|
2019-06-04 17:33:36 +00:00
|
|
|
// Test auth
|
2018-03-27 20:34:06 +00:00
|
|
|
authInput := &api.EnableAuthOptions{
|
|
|
|
Type: "userpass",
|
|
|
|
}
|
2019-06-04 17:33:36 +00:00
|
|
|
for _, mp := range mountPoints {
|
|
|
|
t.Logf("mounting %s", "auth/"+mp)
|
|
|
|
var err error
|
|
|
|
err = client.Sys().EnableAuthWithOptions("auth/"+mp, authInput)
|
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("err: %v", err)
|
|
|
|
}
|
|
|
|
}
|
2018-03-27 20:34:06 +00:00
|
|
|
|
2019-06-04 17:33:36 +00:00
|
|
|
// Test secrets
|
|
|
|
mountInput := &api.MountInput{
|
|
|
|
Type: "pki",
|
|
|
|
}
|
2018-03-27 20:34:06 +00:00
|
|
|
for _, mp := range mountPoints {
|
2019-06-04 17:33:36 +00:00
|
|
|
t.Logf("mounting %s", "s/"+mp)
|
2018-03-27 20:34:06 +00:00
|
|
|
var err error
|
2019-06-04 17:33:36 +00:00
|
|
|
err = client.Sys().Mount("s/"+mp, mountInput)
|
2018-03-27 20:34:06 +00:00
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("err: %v", err)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
cluster.EnsureCoresSealed(t)
|
|
|
|
cluster.UnsealCores(t)
|
|
|
|
t.Logf("Done: %#v", mountPoints)
|
|
|
|
}
|