diff --git a/command/audit_enable_test.go b/command/audit_enable_test.go index c2fe43e84f..bea8c32233 100644 --- a/command/audit_enable_test.go +++ b/command/audit_enable_test.go @@ -1,6 +1,7 @@ package command import ( + "io/ioutil" "strings" "testing" @@ -157,4 +158,42 @@ func TestAuditEnableCommand_Run(t *testing.T) { _, cmd := testAuditEnableCommand(t) assertNoTabs(t, cmd) }) + + t.Run("mount_all", func(t *testing.T) { + t.Parallel() + + client, closer := testVaultServerAllBackends(t) + defer closer() + + files, err := ioutil.ReadDir("../builtin/audit") + if err != nil { + t.Fatal(err) + } + + var backends []string + for _, f := range files { + if f.IsDir() { + backends = append(backends, f.Name()) + } + } + + for _, b := range backends { + ui, cmd := testAuditEnableCommand(t) + cmd.client = client + + args := []string{ + b, + } + switch b { + case "file": + args = append(args, "file_path=discard") + case "socket": + args = append(args, "address=127.0.0.1:8888") + } + code := cmd.Run(args) + if exp := 0; code != exp { + t.Errorf("type %s, expected %d to be %d - %s", b, code, exp, ui.OutputWriter.String()+ui.ErrorWriter.String()) + } + } + }) } diff --git a/command/auth_enable_test.go b/command/auth_enable_test.go index e4308f9934..d3d693d812 100644 --- a/command/auth_enable_test.go +++ b/command/auth_enable_test.go @@ -1,6 +1,7 @@ package command import ( + "io/ioutil" "strings" "testing" @@ -141,4 +142,53 @@ func TestAuthEnableCommand_Run(t *testing.T) { _, cmd := testAuthEnableCommand(t) assertNoTabs(t, cmd) }) + + t.Run("mount_all", func(t *testing.T) { + t.Parallel() + + client, closer := testVaultServerAllBackends(t) + defer closer() + + files, err := ioutil.ReadDir("../builtin/credential") + if err != nil { + t.Fatal(err) + } + + var backends []string + for _, f := range files { + if f.IsDir() { + backends = append(backends, f.Name()) + } + } + + plugins, err := ioutil.ReadDir("../vendor/github.com/hashicorp") + if err != nil { + t.Fatal(err) + } + for _, p := range plugins { + if p.IsDir() && strings.HasPrefix(p.Name(), "vault-plugin-auth-") { + backends = append(backends, strings.TrimPrefix(p.Name(), "vault-plugin-auth-")) + } + } + + if len(backends) != len(credentialBackends) { + t.Fatalf("expected %d credential backends, got %d", len(credentialBackends), len(backends)) + } + + for _, b := range backends { + if b == "token" { + continue + } + + ui, cmd := testAuthEnableCommand(t) + cmd.client = client + + code := cmd.Run([]string{ + b, + }) + if exp := 0; code != exp { + t.Errorf("type %s, expected %d to be %d - %s", b, code, exp, ui.OutputWriter.String()+ui.ErrorWriter.String()) + } + } + }) } diff --git a/command/command_test.go b/command/command_test.go index 0ff084f45b..5303935494 100644 --- a/command/command_test.go +++ b/command/command_test.go @@ -62,6 +62,20 @@ func testVaultServer(tb testing.TB) (*api.Client, func()) { return client, closer } +func testVaultServerAllBackends(tb testing.TB) (*api.Client, func()) { + tb.Helper() + + client, _, closer := testVaultServerCoreConfig(tb, &vault.CoreConfig{ + DisableMlock: true, + DisableCache: true, + Logger: defaultVaultLogger, + CredentialBackends: credentialBackends, + AuditBackends: auditBackends, + LogicalBackends: logicalBackends, + }) + return client, closer +} + // testVaultServerUnseal creates a test vault cluster and returns a configured // API client, list of unseal keys (as strings), and a closer function. func testVaultServerUnseal(tb testing.TB) (*api.Client, []string, func()) { diff --git a/command/commands.go b/command/commands.go index d276239ac1..6af11b0083 100644 --- a/command/commands.go +++ b/command/commands.go @@ -64,6 +64,72 @@ import ( physZooKeeper "github.com/hashicorp/vault/physical/zookeeper" ) +var ( + auditBackends = map[string]audit.Factory{ + "file": auditFile.Factory, + "socket": auditSocket.Factory, + "syslog": auditSyslog.Factory, + } + + credentialBackends = map[string]logical.Factory{ + "app-id": credAppId.Factory, + "approle": credAppRole.Factory, + "aws": credAws.Factory, + "centrify": credCentrify.Factory, + "cert": credCert.Factory, + "gcp": credGcp.Factory, + "github": credGitHub.Factory, + "kubernetes": credKube.Factory, + "ldap": credLdap.Factory, + "okta": credOkta.Factory, + "plugin": plugin.Factory, + "radius": credRadius.Factory, + "userpass": credUserpass.Factory, + } + + logicalBackends = map[string]logical.Factory{ + "aws": aws.Factory, + "cassandra": cassandra.Factory, + "consul": consul.Factory, + "database": database.Factory, + "mongodb": mongodb.Factory, + "mssql": mssql.Factory, + "mysql": mysql.Factory, + "nomad": nomad.Factory, + "pki": pki.Factory, + "plugin": plugin.Factory, + "postgresql": postgresql.Factory, + "rabbitmq": rabbitmq.Factory, + "ssh": ssh.Factory, + "totp": totp.Factory, + "transit": transit.Factory, + } + + physicalBackends = map[string]physical.Factory{ + "azure": physAzure.NewAzureBackend, + "cassandra": physCassandra.NewCassandraBackend, + "cockroachdb": physCockroachDB.NewCockroachDBBackend, + "consul": physConsul.NewConsulBackend, + "couchdb_transactional": physCouchDB.NewTransactionalCouchDBBackend, + "couchdb": physCouchDB.NewCouchDBBackend, + "dynamodb": physDynamoDB.NewDynamoDBBackend, + "etcd": physEtcd.NewEtcdBackend, + "file_transactional": physFile.NewTransactionalFileBackend, + "file": physFile.NewFileBackend, + "gcs": physGCS.NewGCSBackend, + "inmem_ha": physInmem.NewInmemHA, + "inmem_transactional_ha": physInmem.NewTransactionalInmemHA, + "inmem_transactional": physInmem.NewTransactionalInmem, + "inmem": physInmem.NewInmem, + "mssql": physMSSQL.NewMSSQLBackend, + "mysql": physMySQL.NewMySQLBackend, + "postgresql": physPostgreSQL.NewPostgreSQLBackend, + "s3": physS3.NewS3Backend, + "swift": physSwift.NewSwiftBackend, + "zookeeper": physZooKeeper.NewZooKeeperBackend, + } +) + // DeprecatedCommand is a command that wraps an existing command and prints a // deprecation notice and points the user to the new command. Deprecated // commands are always hidden from help output. @@ -415,68 +481,12 @@ func init() { BaseCommand: &BaseCommand{ UI: serverCmdUi, }, - AuditBackends: map[string]audit.Factory{ - "file": auditFile.Factory, - "socket": auditSocket.Factory, - "syslog": auditSyslog.Factory, - }, - CredentialBackends: map[string]logical.Factory{ - "app-id": credAppId.Factory, - "approle": credAppRole.Factory, - "aws": credAws.Factory, - "centrify": credCentrify.Factory, - "cert": credCert.Factory, - "gcp": credGcp.Factory, - "github": credGitHub.Factory, - "kubernetes": credKube.Factory, - "ldap": credLdap.Factory, - "okta": credOkta.Factory, - "plugin": plugin.Factory, - "radius": credRadius.Factory, - "userpass": credUserpass.Factory, - }, - LogicalBackends: map[string]logical.Factory{ - "aws": aws.Factory, - "cassandra": cassandra.Factory, - "consul": consul.Factory, - "database": database.Factory, - "mongodb": mongodb.Factory, - "mssql": mssql.Factory, - "mysql": mysql.Factory, - "nomad": nomad.Factory, - "pki": pki.Factory, - "plugin": plugin.Factory, - "postgresql": postgresql.Factory, - "rabbitmq": rabbitmq.Factory, - "ssh": ssh.Factory, - "totp": totp.Factory, - "transit": transit.Factory, - }, - PhysicalBackends: map[string]physical.Factory{ - "azure": physAzure.NewAzureBackend, - "cassandra": physCassandra.NewCassandraBackend, - "cockroachdb": physCockroachDB.NewCockroachDBBackend, - "consul": physConsul.NewConsulBackend, - "couchdb_transactional": physCouchDB.NewTransactionalCouchDBBackend, - "couchdb": physCouchDB.NewCouchDBBackend, - "dynamodb": physDynamoDB.NewDynamoDBBackend, - "etcd": physEtcd.NewEtcdBackend, - "file_transactional": physFile.NewTransactionalFileBackend, - "file": physFile.NewFileBackend, - "gcs": physGCS.NewGCSBackend, - "inmem_ha": physInmem.NewInmemHA, - "inmem_transactional_ha": physInmem.NewTransactionalInmemHA, - "inmem_transactional": physInmem.NewTransactionalInmem, - "inmem": physInmem.NewInmem, - "mssql": physMSSQL.NewMSSQLBackend, - "mysql": physMySQL.NewMySQLBackend, - "postgresql": physPostgreSQL.NewPostgreSQLBackend, - "s3": physS3.NewS3Backend, - "swift": physSwift.NewSwiftBackend, - "zookeeper": physZooKeeper.NewZooKeeperBackend, - }, - ShutdownCh: MakeShutdownCh(), - SighupCh: MakeSighupCh(), + AuditBackends: auditBackends, + CredentialBackends: credentialBackends, + LogicalBackends: logicalBackends, + PhysicalBackends: physicalBackends, + ShutdownCh: MakeShutdownCh(), + SighupCh: MakeSighupCh(), }, nil }, "ssh": func() (cli.Command, error) { diff --git a/command/secrets_enable_test.go b/command/secrets_enable_test.go index e241edfa65..952bd98cc1 100644 --- a/command/secrets_enable_test.go +++ b/command/secrets_enable_test.go @@ -1,6 +1,7 @@ package command import ( + "io/ioutil" "strings" "testing" @@ -168,4 +169,53 @@ func TestSecretsEnableCommand_Run(t *testing.T) { _, cmd := testSecretsEnableCommand(t) assertNoTabs(t, cmd) }) + + t.Run("mount_all", func(t *testing.T) { + t.Parallel() + + client, closer := testVaultServerAllBackends(t) + defer closer() + + files, err := ioutil.ReadDir("../builtin/logical") + if err != nil { + t.Fatal(err) + } + + var backends []string + for _, f := range files { + if f.IsDir() { + if f.Name() == "plugin" { + continue + } + backends = append(backends, f.Name()) + } + } + + plugins, err := ioutil.ReadDir("../vendor/github.com/hashicorp") + if err != nil { + t.Fatal(err) + } + for _, p := range plugins { + if p.IsDir() && strings.HasPrefix(p.Name(), "vault-plugin-") && !strings.HasPrefix(p.Name(), "vault-plugin-auth-") { + backends = append(backends, strings.TrimPrefix(p.Name(), "vault-plugin-")) + } + } + + // Removing one from logical list since plugin is a virtual backend + if len(backends) != len(logicalBackends)-1 { + t.Fatalf("expected %d logical backends, got %d", len(logicalBackends)-1, len(backends)) + } + + for _, b := range backends { + ui, cmd := testSecretsEnableCommand(t) + cmd.client = client + + code := cmd.Run([]string{ + b, + }) + if exp := 0; code != exp { + t.Errorf("type %s, expected %d to be %d - %s", b, code, exp, ui.OutputWriter.String()+ui.ErrorWriter.String()) + } + } + }) }