luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity

backport of commit 10c16ccbcb13fbb0dab56fd7b11b4fdb41609436 (#20875) 

Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
This commit is contained in:
hc-github-team-secure-vault-core 2023-05-31 09:16:25 -04:00 committed by GitHub
parent a486b13957
commit 9f9ca7cede
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 29 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
CODEOWNERS
View File

@ -48,6 +48,7 @@
# Cryptosec # Cryptosec
/builtin/logical/pki/ @hashicorp/vault-crypto /builtin/logical/pki/ @hashicorp/vault-crypto
/builtin/logical/pkiext/ @hashicorp/vault-crypto
/website/content/docs/secrets/pki/ @hashicorp/vault-crypto /website/content/docs/secrets/pki/ @hashicorp/vault-crypto
/website/content/api-docs/secret/pki.mdx @hashicorp/vault-crypto /website/content/api-docs/secret/pki.mdx @hashicorp/vault-crypto
/builtin/credential/cert/ @hashicorp/vault-crypto /builtin/credential/cert/ @hashicorp/vault-crypto

28
builtin/logical/pkiext/pkiext_binary/acme_test.go
View File

@ -152,6 +152,34 @@ func SubtestACMECertbot(t *testing.T, cluster *VaultPkiCluster) {
require.NoError(t, err, "got error running double revoke command") require.NoError(t, err, "got error running double revoke command")
require.NotEqual(t, 0, retcode, "expected non-zero retcode double revoke command result") require.NotEqual(t, 0, retcode, "expected non-zero retcode double revoke command result")
// Attempt to close out our ACME account
certbotUnregisterCmd := []string{
"certbot",
"unregister",
"--no-verify-ssl",
"--non-interactive",
"--server", directory,
}
stdout, stderr, retcode, err = runner.RunCmdWithOutput(ctx, result.Container.ID, certbotUnregisterCmd)
t.Logf("Certbot Unregister Command: %v\nstdout: %v\nstderr: %v\n", certbotUnregisterCmd, string(stdout), string(stderr))
if err != nil || retcode != 0 {
logsStdout, logsStderr, _, _ := runner.RunCmdWithOutput(ctx, result.Container.ID, logCatCmd)
t.Logf("Certbot logs\nstdout: %v\nstderr: %v\n", string(logsStdout), string(logsStderr))
}
require.NoError(t, err, "got error running unregister command")
require.Equal(t, 0, retcode, "expected zero retcode unregister command result")
// Attempting to close out our ACME account twice should fail
stdout, stderr, retcode, err = runner.RunCmdWithOutput(ctx, result.Container.ID, certbotUnregisterCmd)
t.Logf("Certbot double Unregister Command: %v\nstdout: %v\nstderr: %v\n", certbotUnregisterCmd, string(stdout), string(stderr))
if err != nil || retcode != 0 {
logsStdout, logsStderr, _, _ := runner.RunCmdWithOutput(ctx, result.Container.ID, logCatCmd)
t.Logf("Certbot double logs\nstdout: %v\nstderr: %v\n", string(logsStdout), string(logsStderr))
}
require.NoError(t, err, "got error running double unregister command")
require.Equal(t, 1, retcode, "expected non-zero retcode double unregister command result")
} }
func SubtestACMECertbotEab(t *testing.T, cluster *VaultPkiCluster) { func SubtestACMECertbotEab(t *testing.T, cluster *VaultPkiCluster) {