scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-11-01 19:17:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

VAULT-24386 CE change portion of moving proxy static secret caching to enterprise (#25641)

Browse Source
This commit is contained in:
Violet Hynes
2024-02-26 14:41:27 -05:00
committed by GitHub
parent e0234ccaf8
commit ccc2e1b391
2 changed files with 19 additions and 1119 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
command/agentproxyshared/cache/static_secret_cache_updater_test.go vendored
View File

@@ -16,6 +16,7 @@ import (
"github.com/hashicorp/vault/command/agentproxyshared/cache/cacheboltdb" "github.com/hashicorp/vault/command/agentproxyshared/cache/cacheboltdb"
"github.com/hashicorp/vault/command/agentproxyshared/cache/cachememdb" "github.com/hashicorp/vault/command/agentproxyshared/cache/cachememdb"
"github.com/hashicorp/vault/command/agentproxyshared/sink" "github.com/hashicorp/vault/command/agentproxyshared/sink"
"github.com/hashicorp/vault/helper/constants"
"github.com/hashicorp/vault/helper/testhelpers/minimal" "github.com/hashicorp/vault/helper/testhelpers/minimal"
vaulthttp "github.com/hashicorp/vault/http" vaulthttp "github.com/hashicorp/vault/http"
"github.com/hashicorp/vault/sdk/helper/logging" "github.com/hashicorp/vault/sdk/helper/logging"
@@ -136,6 +137,9 @@ func TestNewStaticSecretCacheUpdater(t *testing.T) {
// TestOpenWebSocketConnection tests that the openWebSocketConnection function // TestOpenWebSocketConnection tests that the openWebSocketConnection function
// works as expected. This uses a TLS enabled (wss) WebSocket connection. // works as expected. This uses a TLS enabled (wss) WebSocket connection.
func TestOpenWebSocketConnection(t *testing.T) { func TestOpenWebSocketConnection(t *testing.T) {
if !constants.IsEnterprise {
t.Skip("test can only run on enterprise due to requiring the event notification system")
}
t.Parallel() t.Parallel()
// We need a valid cluster for the connection to succeed. // We need a valid cluster for the connection to succeed.
cluster := minimal.NewTestSoloCluster(t, nil) cluster := minimal.NewTestSoloCluster(t, nil)
@@ -155,11 +159,11 @@ func TestOpenWebSocketConnection(t *testing.T) {
// works as expected with the default KVV1 mount, and then the connection can be used to receive an event. // works as expected with the default KVV1 mount, and then the connection can be used to receive an event.
// This acts as more of an event system sanity check than a test of the updater // This acts as more of an event system sanity check than a test of the updater
// logic. It's still important coverage, though. // logic. It's still important coverage, though.
// As of right now, it does not pass since the default kv mount is LeasedPassthroughBackend.
// If that is changed, this test will be unskipped.
func TestOpenWebSocketConnectionReceivesEventsDefaultMount(t *testing.T) { func TestOpenWebSocketConnectionReceivesEventsDefaultMount(t *testing.T) {
if !constants.IsEnterprise {
t.Skip("test can only run on enterprise due to requiring the event notification system")
}
t.Parallel() t.Parallel()
t.Skip("This test won't finish, as the default KV mount is LeasedPassthroughBackend in tests, and therefore does not send events")
// We need a valid cluster for the connection to succeed. // We need a valid cluster for the connection to succeed.
cluster := vault.NewTestCluster(t, nil, &vault.TestClusterOptions{ cluster := vault.NewTestCluster(t, nil, &vault.TestClusterOptions{
HandlerFunc: vaulthttp.Handler, HandlerFunc: vaulthttp.Handler,
@@ -211,6 +215,9 @@ func TestOpenWebSocketConnectionReceivesEventsDefaultMount(t *testing.T) {
// This acts as more of an event system sanity check than a test of the updater // This acts as more of an event system sanity check than a test of the updater
// logic. It's still important coverage, though. // logic. It's still important coverage, though.
func TestOpenWebSocketConnectionReceivesEventsKVV1(t *testing.T) { func TestOpenWebSocketConnectionReceivesEventsKVV1(t *testing.T) {
if !constants.IsEnterprise {
t.Skip("test can only run on enterprise due to requiring the event notification system")
}
t.Parallel() t.Parallel()
// We need a valid cluster for the connection to succeed. // We need a valid cluster for the connection to succeed.
cluster := vault.NewTestCluster(t, &vault.CoreConfig{ cluster := vault.NewTestCluster(t, &vault.CoreConfig{
@@ -273,6 +280,9 @@ func TestOpenWebSocketConnectionReceivesEventsKVV1(t *testing.T) {
// This acts as more of an event system sanity check than a test of the updater // This acts as more of an event system sanity check than a test of the updater
// logic. It's still important coverage, though. // logic. It's still important coverage, though.
func TestOpenWebSocketConnectionReceivesEventsKVV2(t *testing.T) { func TestOpenWebSocketConnectionReceivesEventsKVV2(t *testing.T) {
if !constants.IsEnterprise {
t.Skip("test can only run on enterprise due to requiring the event notification system")
}
t.Parallel() t.Parallel()
// We need a valid cluster for the connection to succeed. // We need a valid cluster for the connection to succeed.
cluster := vault.NewTestCluster(t, &vault.CoreConfig{ cluster := vault.NewTestCluster(t, &vault.CoreConfig{
@@ -335,6 +345,9 @@ func TestOpenWebSocketConnectionReceivesEventsKVV2(t *testing.T) {
// works as expected using vaulthttp.TestServer. This server isn't TLS enabled, so tests // works as expected using vaulthttp.TestServer. This server isn't TLS enabled, so tests
// the ws path (as opposed to the wss) path. // the ws path (as opposed to the wss) path.
func TestOpenWebSocketConnectionTestServer(t *testing.T) { func TestOpenWebSocketConnectionTestServer(t *testing.T) {
if !constants.IsEnterprise {
t.Skip("test can only run on enterprise due to requiring the event notification system")
}
t.Parallel() t.Parallel()
// We need a valid cluster for the connection to succeed. // We need a valid cluster for the connection to succeed.
core := vault.TestCoreWithConfig(t, &vault.CoreConfig{}) core := vault.TestCoreWithConfig(t, &vault.CoreConfig{})
@@ -371,6 +384,9 @@ func TestOpenWebSocketConnectionTestServer(t *testing.T) {
// ensuring that updateStaticSecret gets called by the event arriving // ensuring that updateStaticSecret gets called by the event arriving
// (as part of streamStaticSecretEvents) instead of testing calling it explicitly. // (as part of streamStaticSecretEvents) instead of testing calling it explicitly.
func Test_StreamStaticSecretEvents_UpdatesCacheWithNewSecrets(t *testing.T) { func Test_StreamStaticSecretEvents_UpdatesCacheWithNewSecrets(t *testing.T) {
if !constants.IsEnterprise {
t.Skip("test can only run on enterprise due to requiring the event notification system")
}
t.Parallel() t.Parallel()
cluster := vault.NewTestCluster(t, &vault.CoreConfig{ cluster := vault.NewTestCluster(t, &vault.CoreConfig{
LogicalBackends: map[string]logical.Factory{ LogicalBackends: map[string]logical.Factory{

1116
command/proxy_test.go
View File

File diff suppressed because it is too large Load Diff