108 lines
3.1 KiB
Go
108 lines
3.1 KiB
Go
package tests
|
|
|
|
import (
|
|
"context"
|
|
"log"
|
|
"os"
|
|
"reflect"
|
|
"testing"
|
|
"time"
|
|
|
|
// "github.com/hashicorp/vault-client-go"
|
|
// "github.com/hashicorp/vault-client-go/schema"
|
|
vault "github.com/hashicorp/vault/api"
|
|
)
|
|
|
|
var client *vault.Client
|
|
var ctx context.Context
|
|
|
|
// Apparently used as a default if mountpath is an empty string (client library)
|
|
var mountpath = "/kv-v2"
|
|
var mountpath2 = "/some"
|
|
|
|
func TestMain(m *testing.M) {
|
|
ctx = context.Background()
|
|
var err error
|
|
|
|
config := vault.DefaultConfig()
|
|
config.Address = "http://localhost:8200"
|
|
config.Timeout = 30*time.Second
|
|
|
|
// prepare a client with the given base address
|
|
client, err = vault.NewClient(config)
|
|
if err != nil {
|
|
log.Fatalf("unable to initialize Vault client: %v", err)
|
|
}
|
|
log.Println("client prepared")
|
|
|
|
// authenticate with a root token (insecure)
|
|
client.SetToken("my-token")
|
|
|
|
exitCode := m.Run() // run all tests and get code
|
|
os.Exit(exitCode)
|
|
}
|
|
|
|
func kv2Write(t *testing.T, mount string, path string) {
|
|
data := map[string]any{
|
|
"password1": "123abc",
|
|
"password2": "horse horse horse battery staple correct",
|
|
}
|
|
t.Logf("Attempting to write to KV2 %s path %s:\t", mount, path)
|
|
v, err := client.KVv2(mount).Put(ctx, path, data)
|
|
if err != nil {
|
|
t.Fatal("ERROR writing secret:\n\t", err)
|
|
}
|
|
t.Log("Success (unchecked)\n\t", v)
|
|
|
|
res, err := client.KVv2(mount).Get(ctx, path)
|
|
if err != nil {
|
|
t.Fatal("ERROR checking/reading secret (request failed)\n\t", err)
|
|
}
|
|
if !reflect.DeepEqual(res.Data, data) {
|
|
t.Fatal("AAAAH", res.Data)
|
|
t.Fatalf("ERROR secret received does not match what was outght to be written.\n\tWritten: %s\n\tReceived: %s\n", data, res.Data)
|
|
// t.Fatal("\tWritten: ", newVar.Data)
|
|
// t.Fatal("\tReceived:", res.Data.Data)
|
|
}
|
|
t.Logf("SUCCESS writing to KV2 %s path %s\n", mount, path)
|
|
}
|
|
|
|
func kv2Delete(t *testing.T, mount string, path string) {
|
|
err := client.KVv2(mount).Delete(ctx, path) // currently disregarding modifier options
|
|
if err != nil {
|
|
log.Fatal("ERROR deleting secret:\n\t", err)
|
|
}
|
|
res, err := client.KVv2(mount).Get(ctx, path)
|
|
if res != nil || err == nil {
|
|
t.Fatal("ERROR checking/reading secret (request failed)\n\t", res, err)
|
|
}
|
|
t.Logf("SUCCESS deleting KV2 secret %s path %s\n", mount, path)
|
|
}
|
|
|
|
// https://developer.hashicorp.com/vault/api-docs/secret/kv/kv-v2#create-update-secret
|
|
// @Philip der Path steht in der KvV2Write Methode
|
|
func TestWriteSecret(t *testing.T) {
|
|
// Path foo
|
|
t.Logf("Writing to first KV2 engine at %s...", mountpath)
|
|
kv2Write(t, mountpath, "foo")
|
|
kv2Write(t, mountpath, "bar")
|
|
t.Logf("Writing to second KV2 engine at %s...", mountpath2)
|
|
kv2Write(t, mountpath2, "foo")
|
|
kv2Write(t, mountpath2, "bar")
|
|
t.Logf("Deleting...")
|
|
kv2Delete(t, mountpath, "foo")
|
|
}
|
|
|
|
// func TestDeleteSecret(t *testing.T) {
|
|
// _, err := client.Secrets.KvV2Delete(ctx, "foo") // currently disregarding modifier options
|
|
// if err != nil {
|
|
// log.Fatal("kv2: Failed to delete secret:\n\t", err)
|
|
// }
|
|
// }
|
|
|
|
// func TestReadSecret(t *testing.T) {
|
|
// _, err := client.Secrets.KvV2Read(ctx, "bar")
|
|
// if err != nil {
|
|
// log.Fatal("kv2: Failed to read secret:\n\t", err)
|
|
// }
|
|
// }
|