mirror of
https://github.com/kemko/nomad.git
synced 2026-01-01 16:05:42 +03:00
d6757609dc
The meta client looks for both an environment variable and a CLI flag when generating a client. The CLI UUID checker needs to do this also, so we account for users using both env vars and CLI flag tokens.
87 lines
2.3 KiB
Go
87 lines
2.3 KiB
Go
// Copyright (c) HashiCorp, Inc.
|
|
// SPDX-License-Identifier: BUSL-1.1
|
|
|
|
package command
|
|
|
|
import (
|
|
"testing"
|
|
|
|
"github.com/hashicorp/cli"
|
|
"github.com/hashicorp/nomad/acl"
|
|
"github.com/hashicorp/nomad/command/agent"
|
|
"github.com/hashicorp/nomad/nomad/mock"
|
|
"github.com/hashicorp/nomad/nomad/structs"
|
|
"github.com/shoenig/test/must"
|
|
)
|
|
|
|
func TestACLTokenSelfCommand_ViaEnvVar(t *testing.T) {
|
|
config := func(c *agent.Config) {
|
|
c.ACL.Enabled = true
|
|
}
|
|
|
|
srv, _, url := testServer(t, true, config)
|
|
defer srv.Shutdown()
|
|
|
|
state := srv.Agent.Server().State()
|
|
|
|
// Bootstrap an initial ACL token
|
|
token := srv.RootToken
|
|
must.NotNil(t, token)
|
|
|
|
ui := cli.NewMockUi()
|
|
cmd := &ACLTokenSelfCommand{Meta: Meta{Ui: ui, flagAddress: url}}
|
|
|
|
// Create a valid token
|
|
mockToken := mock.ACLToken()
|
|
mockToken.Policies = []string{acl.PolicyWrite}
|
|
mockToken.SetHash()
|
|
must.NoError(t, state.UpsertACLTokens(structs.MsgTypeTestSetup, 1000, []*structs.ACLToken{mockToken}))
|
|
|
|
// Attempt to fetch info on a token without providing a valid management
|
|
// token
|
|
invalidToken := mock.ACLToken()
|
|
t.Setenv("NOMAD_TOKEN", invalidToken.SecretID)
|
|
code := cmd.Run([]string{"-address=" + url})
|
|
must.One(t, code)
|
|
|
|
// Fetch info on a token with a valid token
|
|
t.Setenv("NOMAD_TOKEN", mockToken.SecretID)
|
|
code = cmd.Run([]string{"-address=" + url})
|
|
must.Zero(t, code)
|
|
|
|
// Check the output
|
|
out := ui.OutputWriter.String()
|
|
must.StrContains(t, out, mockToken.AccessorID)
|
|
}
|
|
|
|
func TestACLTokenSelfCommand_ViaFlag(t *testing.T) {
|
|
config := func(c *agent.Config) {
|
|
c.ACL.Enabled = true
|
|
}
|
|
|
|
srv, _, url := testServer(t, true, config)
|
|
defer srv.Shutdown()
|
|
|
|
state := srv.Agent.Server().State()
|
|
|
|
// Bootstrap an initial ACL token
|
|
token := srv.RootToken
|
|
must.NotNil(t, token)
|
|
|
|
ui := cli.NewMockUi()
|
|
cmd := &ACLTokenSelfCommand{Meta: Meta{Ui: ui, flagAddress: url}}
|
|
|
|
// Create a valid token
|
|
mockToken := mock.ACLToken()
|
|
mockToken.Policies = []string{acl.PolicyWrite}
|
|
mockToken.SetHash()
|
|
must.NoError(t, state.UpsertACLTokens(structs.MsgTypeTestSetup, 1000, []*structs.ACLToken{mockToken}))
|
|
|
|
// Fetch info on a token with a valid token
|
|
code := cmd.Run([]string{"-address=" + url, "-token=" + mockToken.SecretID})
|
|
must.Zero(t, code)
|
|
|
|
// Check the output
|
|
must.StrContains(t, ui.OutputWriter.String(), mockToken.AccessorID)
|
|
}
|