bbb4ab4a41
* handle HTTP PATCH requests as logical.PatchOperation * update go.mod, go.sum * a nil response for logical.PatchOperation should result in 404 * respond with 415 for incorrect MIME type in PATCH Content-Type header * add abstraction to handle PatchOperation requests * add ACLs for patch * Adding JSON Merge support to the API client * add HTTP PATCH tests to check high level response logic * add permission-based 'kv patch' tests in prep to add HTTP PATCH * adding more 'kv patch' CLI command tests * fix TestHandler_Patch_NotFound * Fix TestKvPatchCommand_StdinValue * add audit log test for HTTP PATCH * patch CLI changes * add patch CLI tests * change JSONMergePatch func to accept a ctx * fix TestKVPatchCommand_RWMethodNotExists and TestKVPatchCommand_RWMethodSucceeds to specify -method flag * go fmt * add a test to verify patching works by default with the root token * add changelog entry * get vault-plugin-secrets-kv@add-patch-support * PR feedback * reorder some imports; go fmt * add doc comment for HandlePatchOperation * add json-patch@v5.5.0 to go.mod * remove unnecessary cancelFunc for WriteBytes * remove default for -method * use stable version of json-patch; go mod tidy * more PR feedback * temp go get vault-plugin-secrets-kv@master until official release Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>
58 lines
1.4 KiB
Go
58 lines
1.4 KiB
Go
package kv
|
|
|
|
import (
|
|
"context"
|
|
"testing"
|
|
|
|
logicalKv "github.com/hashicorp/vault-plugin-secrets-kv"
|
|
"github.com/hashicorp/vault/api"
|
|
vaulthttp "github.com/hashicorp/vault/http"
|
|
"github.com/hashicorp/vault/sdk/logical"
|
|
"github.com/hashicorp/vault/vault"
|
|
)
|
|
|
|
// Verifies that patching works by default with the root token
|
|
func TestKV_Patch_RootToken(t *testing.T) {
|
|
coreConfig := &vault.CoreConfig{
|
|
LogicalBackends: map[string]logical.Factory{
|
|
"kv": logicalKv.Factory,
|
|
},
|
|
}
|
|
cluster := vault.NewTestCluster(t, coreConfig, &vault.TestClusterOptions{
|
|
HandlerFunc: vaulthttp.Handler,
|
|
})
|
|
cluster.Start()
|
|
defer cluster.Cleanup()
|
|
|
|
core := cluster.Cores[0]
|
|
client := core.Client
|
|
|
|
// make sure this client is using the root token
|
|
client.SetToken(cluster.RootToken)
|
|
|
|
// Enable KVv2
|
|
err := client.Sys().Mount("kv", &api.MountInput{
|
|
Type: "kv-v2",
|
|
})
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
|
|
// Write a kv value and patch it
|
|
_, err = client.Logical().Write("kv/data/foo", map[string]interface{}{"data": map[string]interface{}{"bar": "baz"}})
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
|
|
_, err = client.Logical().JSONMergePatch(context.Background(), "kv/data/foo", map[string]interface{}{"data": map[string]interface{}{"bar": "quux"}})
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
|
|
secret, err := client.Logical().Read("kv/data/foo")
|
|
bar := secret.Data["data"].(map[string]interface{})["bar"]
|
|
if bar != "quux" {
|
|
t.Fatalf("expected bar to be quux but it was %q", bar)
|
|
}
|
|
}
|