Remove the upgrade code to update the mount table from 'aws' to 'aws-ec2'
This commit is contained in:
vishalnayak
parent
0df8ed5545
commit
aec05fdf02
|
|
@ -228,13 +228,6 @@ func (c *Core) loadCredentials() error {
|
|||
|
||||
// Upgrade to table-scoped entries
|
||||
for _, entry := range c.auth.Entries {
|
||||
// The auth backend "aws-ec2" was named "aws" in the master.
|
||||
// This is to support upgrade procedure from "aws" to "aws-ec2".
|
||||
if entry.Type == "aws" {
|
||||
entry.Type = "aws-ec2"
|
||||
needPersist = true
|
||||
}
|
||||
|
||||
if entry.Table == "" {
|
||||
entry.Table = c.auth.Type
|
||||
needPersist = true
|
||||
|
|
|
|||
|
|
@ -1,73 +1,12 @@
|
|||
package vault
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
"reflect"
|
||||
"testing"
|
||||
|
||||
"github.com/hashicorp/vault/logical"
|
||||
)
|
||||
|
||||
func TestAuth_UpgradeAWSEC2Auth(t *testing.T) {
|
||||
c, _, _ := TestCoreUnsealed(t)
|
||||
|
||||
// create a no-op backend in the name of "aws"
|
||||
c.credentialBackends["aws"] = func(*logical.BackendConfig) (logical.Backend, error) {
|
||||
return &NoopBackend{}, nil
|
||||
}
|
||||
|
||||
// create a mount entry and create an entry in the mount table
|
||||
me := &MountEntry{
|
||||
Table: credentialTableType,
|
||||
Path: "aws",
|
||||
Type: "aws",
|
||||
}
|
||||
err := c.enableCredential(me)
|
||||
if err != nil {
|
||||
t.Fatalf("err: %v", err)
|
||||
}
|
||||
|
||||
// save the mount table with an auth entry for "aws"
|
||||
mt := c.auth
|
||||
before, err := json.Marshal(mt)
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
entry := &Entry{
|
||||
Key: coreAuthConfigPath,
|
||||
Value: before,
|
||||
}
|
||||
if err := c.barrier.Put(entry); err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
|
||||
// create an expected value
|
||||
var expectedMt MountTable
|
||||
expectedMt = *c.auth
|
||||
|
||||
for _, entry := range expectedMt.Entries {
|
||||
if entry.Type == "aws" {
|
||||
entry.Type = "aws-ec2"
|
||||
}
|
||||
}
|
||||
expected, err := json.Marshal(&expectedMt)
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
|
||||
// loadCredentials should upgrade the mount table and the entry should now be "aws-ec2"
|
||||
err = c.loadCredentials()
|
||||
|
||||
// read the entry back again and compare it with the expected value
|
||||
actual, err := c.barrier.Get(coreAuthConfigPath)
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
if !reflect.DeepEqual(expected, actual.Value) {
|
||||
t.Fatalf("bad: expected\n%s\ngot\n%s\n", string(expected), string(entry.Value))
|
||||
}
|
||||
}
|
||||
|
||||
func TestCore_DefaultAuthTable(t *testing.T) {
|
||||
c, key, _ := TestCoreUnsealed(t)
|
||||
verifyDefaultAuthTable(t, c.auth)
|
||||
|
|
|
|||
Loading…
Reference in New Issue