mirror of
https://github.com/optim-enterprises-bv/vault.git
synced 2025-10-30 02:02:43 +00:00
Update the default kv factory to kv.Factory (#23584)
* Update the default kv mount to kv.Factory * Imports * Set some tests that care about leaseapssthroughbackend to use it * extra newline * More test updates * Test updates * Refactor KV mounting in tests * Re-add comment
This commit is contained in:
Violet Hynes
@@ -7,11 +7,17 @@ import (
|
|||||||
"testing"
|
"testing"
|
||||||
|
|
||||||
"github.com/hashicorp/vault/sdk/helper/jsonutil"
|
"github.com/hashicorp/vault/sdk/helper/jsonutil"
|
||||||
|
"github.com/hashicorp/vault/sdk/logical"
|
||||||
"github.com/hashicorp/vault/vault"
|
"github.com/hashicorp/vault/vault"
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestSysRenew(t *testing.T) {
|
func TestSysRenew(t *testing.T) {
|
||||||
core, _, token := vault.TestCoreUnsealed(t)
|
coreConfig := &vault.CoreConfig{
|
||||||
|
LogicalBackends: map[string]logical.Factory{
|
||||||
|
"kv": vault.LeasedPassthroughBackendFactory,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
core, _, token := vault.TestCoreUnsealedWithConfig(t, coreConfig)
|
||||||
ln, addr := TestServer(t, core)
|
ln, addr := TestServer(t, core)
|
||||||
defer ln.Close()
|
defer ln.Close()
|
||||||
TestServerAuth(t, addr, token)
|
TestServerAuth(t, addr, token)
|
||||||
|
|||||||
@@ -15,6 +15,7 @@ import (
|
|||||||
"github.com/hashicorp/vault/helper/testhelpers/corehelpers"
|
"github.com/hashicorp/vault/helper/testhelpers/corehelpers"
|
||||||
"github.com/hashicorp/vault/helper/versions"
|
"github.com/hashicorp/vault/helper/versions"
|
||||||
"github.com/hashicorp/vault/sdk/helper/consts"
|
"github.com/hashicorp/vault/sdk/helper/consts"
|
||||||
|
"github.com/hashicorp/vault/sdk/logical"
|
||||||
"github.com/hashicorp/vault/vault"
|
"github.com/hashicorp/vault/vault"
|
||||||
)
|
)
|
||||||
|
|
||||||
@@ -994,7 +995,12 @@ func TestSysTuneMount_Options(t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func TestSysTuneMount(t *testing.T) {
|
func TestSysTuneMount(t *testing.T) {
|
||||||
core, _, token := vault.TestCoreUnsealed(t)
|
coreConfig := &vault.CoreConfig{
|
||||||
|
LogicalBackends: map[string]logical.Factory{
|
||||||
|
"kv": vault.LeasedPassthroughBackendFactory,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
core, _, token := vault.TestCoreUnsealedWithConfig(t, coreConfig)
|
||||||
ln, addr := TestServer(t, core)
|
ln, addr := TestServer(t, core)
|
||||||
defer ln.Close()
|
defer ln.Close()
|
||||||
TestServerAuth(t, addr, token)
|
TestServerAuth(t, addr, token)
|
||||||
|
|||||||
@@ -26,7 +26,7 @@ import (
|
|||||||
"sync/atomic"
|
"sync/atomic"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/hashicorp/go-secure-stdlib/parseutil"
|
kv "github.com/hashicorp/vault-plugin-secrets-kv"
|
||||||
|
|
||||||
"github.com/armon/go-metrics"
|
"github.com/armon/go-metrics"
|
||||||
"github.com/hashicorp/errwrap"
|
"github.com/hashicorp/errwrap"
|
||||||
@@ -36,6 +36,7 @@ import (
|
|||||||
"github.com/hashicorp/go-kms-wrapping/wrappers/awskms/v2"
|
"github.com/hashicorp/go-kms-wrapping/wrappers/awskms/v2"
|
||||||
"github.com/hashicorp/go-multierror"
|
"github.com/hashicorp/go-multierror"
|
||||||
"github.com/hashicorp/go-secure-stdlib/mlock"
|
"github.com/hashicorp/go-secure-stdlib/mlock"
|
||||||
|
"github.com/hashicorp/go-secure-stdlib/parseutil"
|
||||||
"github.com/hashicorp/go-secure-stdlib/reloadutil"
|
"github.com/hashicorp/go-secure-stdlib/reloadutil"
|
||||||
"github.com/hashicorp/go-secure-stdlib/strutil"
|
"github.com/hashicorp/go-secure-stdlib/strutil"
|
||||||
"github.com/hashicorp/go-secure-stdlib/tlsutil"
|
"github.com/hashicorp/go-secure-stdlib/tlsutil"
|
||||||
@@ -1325,7 +1326,7 @@ func (c *Core) configureLogicalBackends(backends map[string]logical.Factory, log
|
|||||||
// KV
|
// KV
|
||||||
_, ok := logicalBackends[mountTypeKV]
|
_, ok := logicalBackends[mountTypeKV]
|
||||||
if !ok {
|
if !ok {
|
||||||
logicalBackends[mountTypeKV] = PassthroughBackendFactory
|
logicalBackends[mountTypeKV] = kv.Factory
|
||||||
}
|
}
|
||||||
|
|
||||||
// Cubbyhole
|
// Cubbyhole
|
||||||
|
|||||||
@@ -468,7 +468,12 @@ func TestCore_Unseal_MultiShare(t *testing.T) {
|
|||||||
// TestCore_UseSSCTokenToggleOn will check that the root SSC
|
// TestCore_UseSSCTokenToggleOn will check that the root SSC
|
||||||
// token can be used even when disableSSCTokens is toggled on
|
// token can be used even when disableSSCTokens is toggled on
|
||||||
func TestCore_UseSSCTokenToggleOn(t *testing.T) {
|
func TestCore_UseSSCTokenToggleOn(t *testing.T) {
|
||||||
c, _, root := TestCoreUnsealed(t)
|
coreConfig := &CoreConfig{
|
||||||
|
LogicalBackends: map[string]logical.Factory{
|
||||||
|
"kv": LeasedPassthroughBackendFactory,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
c, _, root := TestCoreUnsealedWithConfig(t, coreConfig)
|
||||||
c.disableSSCTokens = true
|
c.disableSSCTokens = true
|
||||||
req := &logical.Request{
|
req := &logical.Request{
|
||||||
Operation: logical.UpdateOperation,
|
Operation: logical.UpdateOperation,
|
||||||
@@ -519,6 +524,9 @@ func TestCore_UseSSCTokenToggleOn(t *testing.T) {
|
|||||||
func TestCore_UseNonSSCTokenToggleOff(t *testing.T) {
|
func TestCore_UseNonSSCTokenToggleOff(t *testing.T) {
|
||||||
coreConfig := &CoreConfig{
|
coreConfig := &CoreConfig{
|
||||||
DisableSSCTokens: true,
|
DisableSSCTokens: true,
|
||||||
|
LogicalBackends: map[string]logical.Factory{
|
||||||
|
"kv": LeasedPassthroughBackendFactory,
|
||||||
|
},
|
||||||
}
|
}
|
||||||
c, _, root := TestCoreUnsealedWithConfig(t, coreConfig)
|
c, _, root := TestCoreUnsealedWithConfig(t, coreConfig)
|
||||||
if len(root) > TokenLength+OldTokenPrefixLength || !strings.HasPrefix(root, consts.LegacyServiceTokenPrefix) {
|
if len(root) > TokenLength+OldTokenPrefixLength || !strings.HasPrefix(root, consts.LegacyServiceTokenPrefix) {
|
||||||
@@ -981,7 +989,12 @@ func TestCore_Seal_SingleUse(t *testing.T) {
|
|||||||
|
|
||||||
// Ensure we get a LeaseID
|
// Ensure we get a LeaseID
|
||||||
func TestCore_HandleRequest_Lease(t *testing.T) {
|
func TestCore_HandleRequest_Lease(t *testing.T) {
|
||||||
c, _, root := TestCoreUnsealed(t)
|
coreConfig := &CoreConfig{
|
||||||
|
LogicalBackends: map[string]logical.Factory{
|
||||||
|
"kv": LeasedPassthroughBackendFactory,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
c, _, root := TestCoreUnsealedWithConfig(t, coreConfig)
|
||||||
|
|
||||||
req := &logical.Request{
|
req := &logical.Request{
|
||||||
Operation: logical.UpdateOperation,
|
Operation: logical.UpdateOperation,
|
||||||
@@ -1027,7 +1040,12 @@ func TestCore_HandleRequest_Lease(t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func TestCore_HandleRequest_Lease_MaxLength(t *testing.T) {
|
func TestCore_HandleRequest_Lease_MaxLength(t *testing.T) {
|
||||||
c, _, root := TestCoreUnsealed(t)
|
coreConfig := &CoreConfig{
|
||||||
|
LogicalBackends: map[string]logical.Factory{
|
||||||
|
"kv": LeasedPassthroughBackendFactory,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
c, _, root := TestCoreUnsealedWithConfig(t, coreConfig)
|
||||||
|
|
||||||
req := &logical.Request{
|
req := &logical.Request{
|
||||||
Operation: logical.UpdateOperation,
|
Operation: logical.UpdateOperation,
|
||||||
@@ -1073,7 +1091,12 @@ func TestCore_HandleRequest_Lease_MaxLength(t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func TestCore_HandleRequest_Lease_DefaultLength(t *testing.T) {
|
func TestCore_HandleRequest_Lease_DefaultLength(t *testing.T) {
|
||||||
c, _, root := TestCoreUnsealed(t)
|
coreConfig := &CoreConfig{
|
||||||
|
LogicalBackends: map[string]logical.Factory{
|
||||||
|
"kv": LeasedPassthroughBackendFactory,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
c, _, root := TestCoreUnsealedWithConfig(t, coreConfig)
|
||||||
|
|
||||||
req := &logical.Request{
|
req := &logical.Request{
|
||||||
Operation: logical.UpdateOperation,
|
Operation: logical.UpdateOperation,
|
||||||
@@ -2358,7 +2381,7 @@ func testCore_Standby_Common(t *testing.T, inm physical.Backend, inmha physical.
|
|||||||
// Wait for core to become active
|
// Wait for core to become active
|
||||||
TestWaitActive(t, core)
|
TestWaitActive(t, core)
|
||||||
|
|
||||||
testCoreAddSecretMount(t, core, root)
|
testCoreAddSecretMount(t, core, root, "1")
|
||||||
|
|
||||||
// Put a secret
|
// Put a secret
|
||||||
req := &logical.Request{
|
req := &logical.Request{
|
||||||
@@ -2630,7 +2653,12 @@ func TestCore_HandleLogin_ReturnSecret(t *testing.T) {
|
|||||||
|
|
||||||
// Renew should return the same lease back
|
// Renew should return the same lease back
|
||||||
func TestCore_RenewSameLease(t *testing.T) {
|
func TestCore_RenewSameLease(t *testing.T) {
|
||||||
c, _, root := TestCoreUnsealed(t)
|
coreConfig := &CoreConfig{
|
||||||
|
LogicalBackends: map[string]logical.Factory{
|
||||||
|
"kv": LeasedPassthroughBackendFactory,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
c, _, root := TestCoreUnsealedWithConfig(t, coreConfig)
|
||||||
|
|
||||||
// Create a leasable secret
|
// Create a leasable secret
|
||||||
req := &logical.Request{
|
req := &logical.Request{
|
||||||
@@ -2761,7 +2789,12 @@ func TestCore_EnableDisableCred_WithLease(t *testing.T) {
|
|||||||
BackendType: logical.TypeCredential,
|
BackendType: logical.TypeCredential,
|
||||||
}
|
}
|
||||||
|
|
||||||
c, _, root := TestCoreUnsealed(t)
|
coreConfig := &CoreConfig{
|
||||||
|
LogicalBackends: map[string]logical.Factory{
|
||||||
|
"kv": LeasedPassthroughBackendFactory,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
c, _, root := TestCoreUnsealedWithConfig(t, coreConfig)
|
||||||
c.credentialBackends["noop"] = func(context.Context, *logical.BackendConfig) (logical.Backend, error) {
|
c.credentialBackends["noop"] = func(context.Context, *logical.BackendConfig) (logical.Backend, error) {
|
||||||
return noopBack, nil
|
return noopBack, nil
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1146,7 +1146,13 @@ func TestSystemBackend_remount_trailingSpacesInToPath(t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func TestSystemBackend_leases(t *testing.T) {
|
func TestSystemBackend_leases(t *testing.T) {
|
||||||
core, b, root := testCoreSystemBackend(t)
|
coreConfig := &CoreConfig{
|
||||||
|
LogicalBackends: map[string]logical.Factory{
|
||||||
|
"kv": LeasedPassthroughBackendFactory,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
core, _, root := TestCoreUnsealedWithConfig(t, coreConfig)
|
||||||
|
b := core.systemBackend
|
||||||
|
|
||||||
// Create a key with a lease
|
// Create a key with a lease
|
||||||
req := logical.TestRequest(t, logical.UpdateOperation, "secret/foo")
|
req := logical.TestRequest(t, logical.UpdateOperation, "secret/foo")
|
||||||
@@ -1186,7 +1192,7 @@ func TestSystemBackend_leases(t *testing.T) {
|
|||||||
// validate the response structure for Update
|
// validate the response structure for Update
|
||||||
schema.ValidateResponse(
|
schema.ValidateResponse(
|
||||||
t,
|
t,
|
||||||
schema.GetResponseSchema(t, b.(*SystemBackend).Route(req.Path), req.Operation),
|
schema.GetResponseSchema(t, b.Route(req.Path), req.Operation),
|
||||||
resp,
|
resp,
|
||||||
true,
|
true,
|
||||||
)
|
)
|
||||||
@@ -1205,7 +1211,13 @@ func TestSystemBackend_leases(t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func TestSystemBackend_leases_list(t *testing.T) {
|
func TestSystemBackend_leases_list(t *testing.T) {
|
||||||
core, b, root := testCoreSystemBackend(t)
|
coreConfig := &CoreConfig{
|
||||||
|
LogicalBackends: map[string]logical.Factory{
|
||||||
|
"kv": LeasedPassthroughBackendFactory,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
core, _, root := TestCoreUnsealedWithConfig(t, coreConfig)
|
||||||
|
b := core.systemBackend
|
||||||
|
|
||||||
// Create a key with a lease
|
// Create a key with a lease
|
||||||
req := logical.TestRequest(t, logical.UpdateOperation, "secret/foo")
|
req := logical.TestRequest(t, logical.UpdateOperation, "secret/foo")
|
||||||
@@ -1244,7 +1256,7 @@ func TestSystemBackend_leases_list(t *testing.T) {
|
|||||||
// validate the response body for list
|
// validate the response body for list
|
||||||
schema.ValidateResponse(
|
schema.ValidateResponse(
|
||||||
t,
|
t,
|
||||||
schema.GetResponseSchema(t, b.(*SystemBackend).Route(req.Path), req.Operation),
|
schema.GetResponseSchema(t, b.Route(req.Path), req.Operation),
|
||||||
resp,
|
resp,
|
||||||
true,
|
true,
|
||||||
)
|
)
|
||||||
@@ -1370,7 +1382,13 @@ func TestSystemBackend_leases_list(t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func TestSystemBackend_renew(t *testing.T) {
|
func TestSystemBackend_renew(t *testing.T) {
|
||||||
core, b, root := testCoreSystemBackend(t)
|
coreConfig := &CoreConfig{
|
||||||
|
LogicalBackends: map[string]logical.Factory{
|
||||||
|
"kv": LeasedPassthroughBackendFactory,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
core, _, root := TestCoreUnsealedWithConfig(t, coreConfig)
|
||||||
|
b := core.systemBackend
|
||||||
|
|
||||||
// Create a key with a lease
|
// Create a key with a lease
|
||||||
req := logical.TestRequest(t, logical.UpdateOperation, "secret/foo")
|
req := logical.TestRequest(t, logical.UpdateOperation, "secret/foo")
|
||||||
@@ -1409,7 +1427,7 @@ func TestSystemBackend_renew(t *testing.T) {
|
|||||||
// Validate lease renewal response structure
|
// Validate lease renewal response structure
|
||||||
schema.ValidateResponse(
|
schema.ValidateResponse(
|
||||||
t,
|
t,
|
||||||
schema.GetResponseSchema(t, b.(*SystemBackend).Route(req2.Path), req2.Operation),
|
schema.GetResponseSchema(t, b.Route(req2.Path), req2.Operation),
|
||||||
resp,
|
resp,
|
||||||
true,
|
true,
|
||||||
)
|
)
|
||||||
@@ -1549,7 +1567,13 @@ func TestSystemBackend_renew_invalidID_origUrl(t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func TestSystemBackend_revoke(t *testing.T) {
|
func TestSystemBackend_revoke(t *testing.T) {
|
||||||
core, b, root := testCoreSystemBackend(t)
|
coreConfig := &CoreConfig{
|
||||||
|
LogicalBackends: map[string]logical.Factory{
|
||||||
|
"kv": LeasedPassthroughBackendFactory,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
core, _, root := TestCoreUnsealedWithConfig(t, coreConfig)
|
||||||
|
b := core.systemBackend
|
||||||
|
|
||||||
// Create a key with a lease
|
// Create a key with a lease
|
||||||
req := logical.TestRequest(t, logical.UpdateOperation, "secret/foo")
|
req := logical.TestRequest(t, logical.UpdateOperation, "secret/foo")
|
||||||
@@ -1712,7 +1736,13 @@ func TestSystemBackend_revoke_invalidID_origUrl(t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func TestSystemBackend_revokePrefix(t *testing.T) {
|
func TestSystemBackend_revokePrefix(t *testing.T) {
|
||||||
core, b, root := testCoreSystemBackend(t)
|
coreConfig := &CoreConfig{
|
||||||
|
LogicalBackends: map[string]logical.Factory{
|
||||||
|
"kv": LeasedPassthroughBackendFactory,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
core, _, root := TestCoreUnsealedWithConfig(t, coreConfig)
|
||||||
|
b := core.systemBackend
|
||||||
|
|
||||||
// Create a key with a lease
|
// Create a key with a lease
|
||||||
req := logical.TestRequest(t, logical.UpdateOperation, "secret/foo")
|
req := logical.TestRequest(t, logical.UpdateOperation, "secret/foo")
|
||||||
@@ -1752,7 +1782,7 @@ func TestSystemBackend_revokePrefix(t *testing.T) {
|
|||||||
// validate the response structure for lease revoke-prefix
|
// validate the response structure for lease revoke-prefix
|
||||||
schema.ValidateResponse(
|
schema.ValidateResponse(
|
||||||
t,
|
t,
|
||||||
schema.GetResponseSchema(t, b.(*SystemBackend).Route(req2.Path), req2.Operation),
|
schema.GetResponseSchema(t, b.Route(req2.Path), req2.Operation),
|
||||||
resp,
|
resp,
|
||||||
true,
|
true,
|
||||||
)
|
)
|
||||||
@@ -1769,7 +1799,13 @@ func TestSystemBackend_revokePrefix(t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func TestSystemBackend_revokePrefix_origUrl(t *testing.T) {
|
func TestSystemBackend_revokePrefix_origUrl(t *testing.T) {
|
||||||
core, b, root := testCoreSystemBackend(t)
|
coreConfig := &CoreConfig{
|
||||||
|
LogicalBackends: map[string]logical.Factory{
|
||||||
|
"kv": LeasedPassthroughBackendFactory,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
core, _, root := TestCoreUnsealedWithConfig(t, coreConfig)
|
||||||
|
b := core.systemBackend
|
||||||
|
|
||||||
// Create a key with a lease
|
// Create a key with a lease
|
||||||
req := logical.TestRequest(t, logical.UpdateOperation, "secret/foo")
|
req := logical.TestRequest(t, logical.UpdateOperation, "secret/foo")
|
||||||
@@ -4096,7 +4132,13 @@ func TestSystemBackend_InternalUIMount(t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func TestSystemBackend_OpenAPI(t *testing.T) {
|
func TestSystemBackend_OpenAPI(t *testing.T) {
|
||||||
_, b, rootToken := testCoreSystemBackend(t)
|
coreConfig := &CoreConfig{
|
||||||
|
LogicalBackends: map[string]logical.Factory{
|
||||||
|
"kv": LeasedPassthroughBackendFactory,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
c, _, rootToken := TestCoreUnsealedWithConfig(t, coreConfig)
|
||||||
|
b := c.systemBackend
|
||||||
|
|
||||||
// Ensure no paths are reported if there is no token
|
// Ensure no paths are reported if there is no token
|
||||||
{
|
{
|
||||||
|
|||||||
@@ -434,7 +434,12 @@ func TestRequestHandling_LoginMetric(t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func TestRequestHandling_SecretLeaseMetric(t *testing.T) {
|
func TestRequestHandling_SecretLeaseMetric(t *testing.T) {
|
||||||
core, _, root, sink := TestCoreUnsealedWithMetrics(t)
|
coreConfig := &CoreConfig{
|
||||||
|
LogicalBackends: map[string]logical.Factory{
|
||||||
|
"kv": LeasedPassthroughBackendFactory,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
core, _, root, sink := TestCoreUnsealedWithMetricsAndConfig(t, coreConfig)
|
||||||
|
|
||||||
// Create a key with a lease
|
// Create a key with a lease
|
||||||
req := logical.TestRequest(t, logical.UpdateOperation, "secret/foo")
|
req := logical.TestRequest(t, logical.UpdateOperation, "secret/foo")
|
||||||
|
|||||||
@@ -36,6 +36,7 @@ import (
|
|||||||
log "github.com/hashicorp/go-hclog"
|
log "github.com/hashicorp/go-hclog"
|
||||||
"github.com/hashicorp/go-secure-stdlib/reloadutil"
|
"github.com/hashicorp/go-secure-stdlib/reloadutil"
|
||||||
raftlib "github.com/hashicorp/raft"
|
raftlib "github.com/hashicorp/raft"
|
||||||
|
kv "github.com/hashicorp/vault-plugin-secrets-kv"
|
||||||
"github.com/hashicorp/vault/api"
|
"github.com/hashicorp/vault/api"
|
||||||
"github.com/hashicorp/vault/audit"
|
"github.com/hashicorp/vault/audit"
|
||||||
auditFile "github.com/hashicorp/vault/builtin/audit/file"
|
auditFile "github.com/hashicorp/vault/builtin/audit/file"
|
||||||
@@ -296,7 +297,7 @@ func testCoreConfig(t testing.T, physicalBackend physical.Backend, logger log.Lo
|
|||||||
logicalBackends[backendName] = backendFactory
|
logicalBackends[backendName] = backendFactory
|
||||||
}
|
}
|
||||||
|
|
||||||
logicalBackends["kv"] = LeasedPassthroughBackendFactory
|
logicalBackends["kv"] = kv.Factory
|
||||||
for backendName, backendFactory := range testLogicalBackends {
|
for backendName, backendFactory := range testLogicalBackends {
|
||||||
logicalBackends[backendName] = backendFactory
|
logicalBackends[backendName] = backendFactory
|
||||||
}
|
}
|
||||||
@@ -395,6 +396,14 @@ func TestCoreUnsealedWithMetrics(t testing.T) (*Core, [][]byte, string, *metrics
|
|||||||
return core, keys, root, sink
|
return core, keys, root, sink
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func TestCoreUnsealedWithMetricsAndConfig(t testing.T, conf *CoreConfig) (*Core, [][]byte, string, *metrics.InmemSink) {
|
||||||
|
t.Helper()
|
||||||
|
conf.BuiltinRegistry = corehelpers.NewMockBuiltinRegistry()
|
||||||
|
sink := SetupMetrics(conf)
|
||||||
|
core, keys, root := TestCoreUnsealedWithConfig(t, conf)
|
||||||
|
return core, keys, root, sink
|
||||||
|
}
|
||||||
|
|
||||||
// TestCoreUnsealedRaw returns a pure in-memory core that is already
|
// TestCoreUnsealedRaw returns a pure in-memory core that is already
|
||||||
// initialized, unsealed, and with raw endpoints enabled.
|
// initialized, unsealed, and with raw endpoints enabled.
|
||||||
func TestCoreUnsealedRaw(t testing.T) (*Core, [][]byte, string) {
|
func TestCoreUnsealedRaw(t testing.T) (*Core, [][]byte, string) {
|
||||||
@@ -415,7 +424,7 @@ func testCoreUnsealed(t testing.T, core *Core) (*Core, [][]byte, string) {
|
|||||||
t.Helper()
|
t.Helper()
|
||||||
token, keys := TestInitUnsealCore(t, core)
|
token, keys := TestInitUnsealCore(t, core)
|
||||||
|
|
||||||
testCoreAddSecretMount(t, core, token)
|
testCoreAddSecretMount(t, core, token, "1")
|
||||||
return core, keys, token
|
return core, keys, token
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -433,7 +442,7 @@ func TestInitUnsealCore(t testing.T, core *Core) (string, [][]byte) {
|
|||||||
return token, keys
|
return token, keys
|
||||||
}
|
}
|
||||||
|
|
||||||
func testCoreAddSecretMount(t testing.T, core *Core, token string) {
|
func testCoreAddSecretMount(t testing.T, core *Core, token, kvVersion string) {
|
||||||
kvReq := &logical.Request{
|
kvReq := &logical.Request{
|
||||||
Operation: logical.UpdateOperation,
|
Operation: logical.UpdateOperation,
|
||||||
ClientToken: token,
|
ClientToken: token,
|
||||||
@@ -443,7 +452,7 @@ func testCoreAddSecretMount(t testing.T, core *Core, token string) {
|
|||||||
"path": "secret/",
|
"path": "secret/",
|
||||||
"description": "key/value secret storage",
|
"description": "key/value secret storage",
|
||||||
"options": map[string]string{
|
"options": map[string]string{
|
||||||
"version": "1",
|
"version": kvVersion,
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
@@ -2136,28 +2145,7 @@ func (tc *TestCluster) initCores(t testing.T, opts *TestClusterOptions, addAudit
|
|||||||
kvVersion = opts.KVVersion
|
kvVersion = opts.KVVersion
|
||||||
}
|
}
|
||||||
|
|
||||||
// Existing tests rely on this; we can make a toggle to disable it
|
testCoreAddSecretMount(t, leader.Core, tc.RootToken, kvVersion)
|
||||||
// later if we want
|
|
||||||
kvReq := &logical.Request{
|
|
||||||
Operation: logical.UpdateOperation,
|
|
||||||
ClientToken: tc.RootToken,
|
|
||||||
Path: "sys/mounts/secret",
|
|
||||||
Data: map[string]interface{}{
|
|
||||||
"type": "kv",
|
|
||||||
"path": "secret/",
|
|
||||||
"description": "key/value secret storage",
|
|
||||||
"options": map[string]string{
|
|
||||||
"version": kvVersion,
|
|
||||||
},
|
|
||||||
},
|
|
||||||
}
|
|
||||||
resp, err := leader.Core.HandleRequest(namespace.RootContext(ctx), kvReq)
|
|
||||||
if err != nil {
|
|
||||||
t.Fatal(err)
|
|
||||||
}
|
|
||||||
if resp.IsError() {
|
|
||||||
t.Fatal(err)
|
|
||||||
}
|
|
||||||
|
|
||||||
cfg, err := leader.Core.seal.BarrierConfig(ctx)
|
cfg, err := leader.Core.seal.BarrierConfig(ctx)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@@ -2217,7 +2205,7 @@ func (tc *TestCluster) initCores(t testing.T, opts *TestClusterOptions, addAudit
|
|||||||
"type": "noop",
|
"type": "noop",
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
resp, err = leader.Core.HandleRequest(namespace.RootContext(ctx), auditReq)
|
resp, err := leader.Core.HandleRequest(namespace.RootContext(ctx), auditReq)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
t.Fatal(err)
|
t.Fatal(err)
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user