0d077d7945
* Initial work * rework * s/dr/recovery * Add sys/raw support to recovery mode (#7577) * Factor the raw paths out so they can be run with a SystemBackend. # Conflicts: # vault/logical_system.go * Add handleLogicalRecovery which is like handleLogical but is only sufficient for use with the sys-raw endpoint in recovery mode. No authentication is done yet. * Integrate with recovery-mode. We now handle unauthenticated sys/raw requests, albeit on path v1/raw instead v1/sys/raw. * Use sys/raw instead raw during recovery. * Don't bother persisting the recovery token. Authenticate sys/raw requests with it. * RecoveryMode: Support generate-root for autounseals (#7591) * Recovery: Abstract config creation and log settings * Recovery mode integration test. (#7600) * Recovery: Touch up (#7607) * Recovery: Touch up * revert the raw backend creation changes * Added recovery operation token prefix * Move RawBackend to its own file * Update API path and hit it using CLI flag on generate-root * Fix a panic triggered when handling a request that yields a nil response. (#7618) * Improve integ test to actually make changes while in recovery mode and verify they're still there after coming back in regular mode. * Refuse to allow a second recovery token to be generated. * Resize raft cluster to size 1 and start as leader (#7626) * RecoveryMode: Setup raft cluster post unseal (#7635) * Setup raft cluster post unseal in recovery mode * Remove marking as unsealed as its not needed * Address review comments * Accept only one seal config in recovery mode as there is no scope for migration
141 lines
3.5 KiB
Go
141 lines
3.5 KiB
Go
package misc
|
|
|
|
import (
|
|
"github.com/go-test/deep"
|
|
"go.uber.org/atomic"
|
|
"path"
|
|
"testing"
|
|
|
|
"github.com/hashicorp/go-hclog"
|
|
"github.com/hashicorp/vault/helper/testhelpers"
|
|
"github.com/hashicorp/vault/http"
|
|
"github.com/hashicorp/vault/sdk/helper/logging"
|
|
"github.com/hashicorp/vault/sdk/physical/inmem"
|
|
"github.com/hashicorp/vault/vault"
|
|
)
|
|
|
|
func TestRecovery(t *testing.T) {
|
|
logger := logging.NewVaultLogger(hclog.Debug).Named(t.Name())
|
|
inm, err := inmem.NewInmemHA(nil, logger)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
|
|
var keys [][]byte
|
|
var secretUUID string
|
|
var rootToken string
|
|
{
|
|
conf := vault.CoreConfig{
|
|
Physical: inm,
|
|
Logger: logger,
|
|
}
|
|
opts := vault.TestClusterOptions{
|
|
HandlerFunc: http.Handler,
|
|
NumCores: 1,
|
|
}
|
|
|
|
cluster := vault.NewTestCluster(t, &conf, &opts)
|
|
cluster.Start()
|
|
defer cluster.Cleanup()
|
|
|
|
client := cluster.Cores[0].Client
|
|
rootToken = client.Token()
|
|
var fooVal = map[string]interface{}{"bar": 1.0}
|
|
_, err = client.Logical().Write("secret/foo", fooVal)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
secret, err := client.Logical().List("secret/")
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
if diff := deep.Equal(secret.Data["keys"], []interface{}{"foo"}); len(diff) > 0 {
|
|
t.Fatalf("got=%v, want=%v, diff: %v", secret.Data["keys"], []string{"foo"}, diff)
|
|
}
|
|
mounts, err := cluster.Cores[0].Client.Sys().ListMounts()
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
secretMount := mounts["secret/"]
|
|
if secretMount == nil {
|
|
t.Fatalf("secret mount not found, mounts: %v", mounts)
|
|
}
|
|
secretUUID = secretMount.UUID
|
|
cluster.EnsureCoresSealed(t)
|
|
keys = cluster.BarrierKeys
|
|
}
|
|
|
|
{
|
|
// Now bring it up in recovery mode.
|
|
var tokenRef atomic.String
|
|
conf := vault.CoreConfig{
|
|
Physical: inm,
|
|
Logger: logger,
|
|
RecoveryMode: true,
|
|
}
|
|
opts := vault.TestClusterOptions{
|
|
HandlerFunc: http.Handler,
|
|
NumCores: 1,
|
|
SkipInit: true,
|
|
DefaultHandlerProperties: vault.HandlerProperties{
|
|
RecoveryMode: true,
|
|
RecoveryToken: &tokenRef,
|
|
},
|
|
}
|
|
cluster := vault.NewTestCluster(t, &conf, &opts)
|
|
cluster.BarrierKeys = keys
|
|
cluster.Start()
|
|
defer cluster.Cleanup()
|
|
|
|
client := cluster.Cores[0].Client
|
|
recoveryToken := testhelpers.GenerateRoot(t, cluster, testhelpers.GenerateRecovery)
|
|
_, err = testhelpers.GenerateRootWithError(t, cluster, testhelpers.GenerateRecovery)
|
|
if err == nil {
|
|
t.Fatal("expected second generate-root to fail")
|
|
}
|
|
client.SetToken(recoveryToken)
|
|
|
|
secret, err := client.Logical().List(path.Join("sys/raw/logical", secretUUID))
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
if diff := deep.Equal(secret.Data["keys"], []interface{}{"foo"}); len(diff) > 0 {
|
|
t.Fatalf("got=%v, want=%v, diff: %v", secret.Data, []string{"foo"}, diff)
|
|
}
|
|
|
|
_, err = client.Logical().Delete(path.Join("sys/raw/logical", secretUUID, "foo"))
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
cluster.EnsureCoresSealed(t)
|
|
}
|
|
|
|
{
|
|
// Now go back to regular mode and verify that our changes are present
|
|
conf := vault.CoreConfig{
|
|
Physical: inm,
|
|
Logger: logger,
|
|
}
|
|
opts := vault.TestClusterOptions{
|
|
HandlerFunc: http.Handler,
|
|
NumCores: 1,
|
|
SkipInit: true,
|
|
}
|
|
cluster := vault.NewTestCluster(t, &conf, &opts)
|
|
cluster.BarrierKeys = keys
|
|
cluster.Start()
|
|
testhelpers.EnsureCoresUnsealed(t, cluster)
|
|
defer cluster.Cleanup()
|
|
|
|
client := cluster.Cores[0].Client
|
|
client.SetToken(rootToken)
|
|
secret, err := client.Logical().List("secret/")
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
if secret != nil {
|
|
t.Fatal("expected no data in secret mount")
|
|
}
|
|
}
|
|
}
|