rvault/go_client/tests/secret_test.go

package tests

import (
	"context"
	"log"
	"os"
	"testing"
	"time"

	"github.com/hashicorp/vault-client-go"
	"github.com/hashicorp/vault-client-go/schema"
)

var client *vault.Client
var ctx context.Context
var mountpath = ""

func TestMain(m *testing.M) {
	ctx = context.Background()
	var err error
	// prepare a client with the given base address
	client, err = vault.New(
		vault.WithAddress("http://localhost:8200"),
		vault.WithRequestTimeout(30*time.Second),
	)
	if err != nil {
		log.Fatal(err)
	}
	log.Println("client prepared")

	// authenticate with a root token (insecure)
	if err := client.SetToken("my-token"); err != nil {
		log.Fatal(err)
	}

	exitCode := m.Run() // run all tests and get code
	os.Exit(exitCode)
}

// https://developer.hashicorp.com/vault/api-docs/secret/kv/kv-v2#create-update-secret
// @Philip der Path steht in der KvV2Write Methode
func TestWriteSecret(t *testing.T) {
	// Path foo
	_, err := client.Secrets.KvV2Write(ctx, "foo", schema.KvV2WriteRequest{
		Data: map[string]any{
			"password1": "abc123",
			"version": 1,
		}},
		vault.WithMountPath(mountpath),
	)
	if err != nil {
		log.Fatal("kv2: Failed to write secret:\n\t", err)
	}
	log.Println("kv2: Tried to write Secret at foo")

	// Path bar
	_, err = client.Secrets.KvV2Write(ctx, "bar", schema.KvV2WriteRequest{
		Data: map[string]any{
			"password1": "secure123",
			"password2": "second password",
		}},
		vault.WithMountPath(mountpath),
	)
	if err != nil {
		log.Fatal("kv2: Failed to write secret:\n\t", err)
	}
	log.Println("kv2: Tried to write Secret at foo")
}

func TestDeleteSecret(t *testing.T) {
	_, err := client.Secrets.KvV2Delete(ctx, "foo") // currently disregarding modifier options
	if err != nil {
		log.Fatal("kv2: Failed to delete secret:\n\t", err)
	}
}

func TestReadSecret(t *testing.T) {
	_, err := client.Secrets.KvV2Read(ctx, "bar")
	if err != nil {
		log.Fatal("kv2: Failed to read secret:\n\t", err)
	}
}