mirror of https://github.com/status-im/consul.git
Fix flakey tests related to ACL token updates (#16545)
* Fix flakey tests related to ACL token updates * update all acl token update tests * extra create_token function to its own thing
This commit is contained in:
parent
63204b5183
commit
f135b14bdd
|
@ -22,6 +22,13 @@ func TestTokenUpdateCommand_noTabs(t *testing.T) {
|
|||
}
|
||||
}
|
||||
|
||||
func create_token(t *testing.T, client *api.Client, aclToken *api.ACLToken, writeOptions *api.WriteOptions) *api.ACLToken {
|
||||
token, _, err := client.ACL().TokenCreate(aclToken, writeOptions)
|
||||
require.NoError(t, err)
|
||||
|
||||
return token
|
||||
}
|
||||
|
||||
func TestTokenUpdateCommand(t *testing.T) {
|
||||
if testing.Short() {
|
||||
t.Skip("too slow for testing.Short")
|
||||
|
@ -50,13 +57,6 @@ func TestTokenUpdateCommand(t *testing.T) {
|
|||
)
|
||||
require.NoError(t, err)
|
||||
|
||||
// create a token
|
||||
token, _, err := client.ACL().TokenCreate(
|
||||
&api.ACLToken{Description: "test"},
|
||||
&api.WriteOptions{Token: "root"},
|
||||
)
|
||||
require.NoError(t, err)
|
||||
|
||||
run := func(t *testing.T, args []string) *api.ACLToken {
|
||||
ui := cli.NewMockUi()
|
||||
cmd := New(ui)
|
||||
|
@ -72,7 +72,9 @@ func TestTokenUpdateCommand(t *testing.T) {
|
|||
|
||||
// update with node identity
|
||||
t.Run("node-identity", func(t *testing.T) {
|
||||
token := run(t, []string{
|
||||
token := create_token(t, client, &api.ACLToken{Description: "test"}, &api.WriteOptions{Token: "root"})
|
||||
|
||||
responseToken := run(t, []string{
|
||||
"-http-addr=" + a.HTTPAddr(),
|
||||
"-accessor-id=" + token.AccessorID,
|
||||
"-token=root",
|
||||
|
@ -80,13 +82,19 @@ func TestTokenUpdateCommand(t *testing.T) {
|
|||
"-description=test token",
|
||||
})
|
||||
|
||||
require.Len(t, token.NodeIdentities, 1)
|
||||
require.Equal(t, "foo", token.NodeIdentities[0].NodeName)
|
||||
require.Equal(t, "bar", token.NodeIdentities[0].Datacenter)
|
||||
require.Len(t, responseToken.NodeIdentities, 1)
|
||||
require.Equal(t, "foo", responseToken.NodeIdentities[0].NodeName)
|
||||
require.Equal(t, "bar", responseToken.NodeIdentities[0].Datacenter)
|
||||
})
|
||||
|
||||
t.Run("node-identity-merge", func(t *testing.T) {
|
||||
token := run(t, []string{
|
||||
token := create_token(t,
|
||||
client,
|
||||
&api.ACLToken{Description: "test", NodeIdentities: []*api.ACLNodeIdentity{{NodeName: "foo", Datacenter: "bar"}}},
|
||||
&api.WriteOptions{Token: "root"},
|
||||
)
|
||||
|
||||
responseToken := run(t, []string{
|
||||
"-http-addr=" + a.HTTPAddr(),
|
||||
"-accessor-id=" + token.AccessorID,
|
||||
"-token=root",
|
||||
|
@ -95,7 +103,7 @@ func TestTokenUpdateCommand(t *testing.T) {
|
|||
"-merge-node-identities",
|
||||
})
|
||||
|
||||
require.Len(t, token.NodeIdentities, 2)
|
||||
require.Len(t, responseToken.NodeIdentities, 2)
|
||||
expected := []*api.ACLNodeIdentity{
|
||||
{
|
||||
NodeName: "foo",
|
||||
|
@ -106,28 +114,14 @@ func TestTokenUpdateCommand(t *testing.T) {
|
|||
Datacenter: "baz",
|
||||
},
|
||||
}
|
||||
require.ElementsMatch(t, expected, token.NodeIdentities)
|
||||
})
|
||||
|
||||
// update with append-node-identity
|
||||
t.Run("append-node-identity", func(t *testing.T) {
|
||||
|
||||
token := run(t, []string{
|
||||
"-http-addr=" + a.HTTPAddr(),
|
||||
"-accessor-id=" + token.AccessorID,
|
||||
"-token=root",
|
||||
"-append-node-identity=third:node",
|
||||
"-description=test token",
|
||||
})
|
||||
|
||||
require.Len(t, token.NodeIdentities, 3)
|
||||
require.Equal(t, "third", token.NodeIdentities[2].NodeName)
|
||||
require.Equal(t, "node", token.NodeIdentities[2].Datacenter)
|
||||
require.ElementsMatch(t, expected, responseToken.NodeIdentities)
|
||||
})
|
||||
|
||||
// update with policy by name
|
||||
t.Run("policy-name", func(t *testing.T) {
|
||||
token := run(t, []string{
|
||||
token := create_token(t, client, &api.ACLToken{Description: "test"}, &api.WriteOptions{Token: "root"})
|
||||
|
||||
responseToken := run(t, []string{
|
||||
"-http-addr=" + a.HTTPAddr(),
|
||||
"-accessor-id=" + token.AccessorID,
|
||||
"-token=root",
|
||||
|
@ -135,12 +129,14 @@ func TestTokenUpdateCommand(t *testing.T) {
|
|||
"-description=test token",
|
||||
})
|
||||
|
||||
require.Len(t, token.Policies, 1)
|
||||
require.Len(t, responseToken.Policies, 1)
|
||||
})
|
||||
|
||||
// update with policy by id
|
||||
t.Run("policy-id", func(t *testing.T) {
|
||||
token := run(t, []string{
|
||||
token := create_token(t, client, &api.ACLToken{Description: "test"}, &api.WriteOptions{Token: "root"})
|
||||
|
||||
responseToken := run(t, []string{
|
||||
"-http-addr=" + a.HTTPAddr(),
|
||||
"-accessor-id=" + token.AccessorID,
|
||||
"-token=root",
|
||||
|
@ -148,12 +144,14 @@ func TestTokenUpdateCommand(t *testing.T) {
|
|||
"-description=test token",
|
||||
})
|
||||
|
||||
require.Len(t, token.Policies, 1)
|
||||
require.Len(t, responseToken.Policies, 1)
|
||||
})
|
||||
|
||||
// update with service-identity
|
||||
t.Run("service-identity", func(t *testing.T) {
|
||||
token := run(t, []string{
|
||||
token := create_token(t, client, &api.ACLToken{Description: "test"}, &api.WriteOptions{Token: "root"})
|
||||
|
||||
responseToken := run(t, []string{
|
||||
"-http-addr=" + a.HTTPAddr(),
|
||||
"-accessor-id=" + token.AccessorID,
|
||||
"-token=root",
|
||||
|
@ -161,33 +159,22 @@ func TestTokenUpdateCommand(t *testing.T) {
|
|||
"-description=test token",
|
||||
})
|
||||
|
||||
require.Len(t, token.ServiceIdentities, 1)
|
||||
require.Equal(t, "service", token.ServiceIdentities[0].ServiceName)
|
||||
})
|
||||
|
||||
// update with append-service-identity
|
||||
t.Run("append-service-identity", func(t *testing.T) {
|
||||
token := run(t, []string{
|
||||
"-http-addr=" + a.HTTPAddr(),
|
||||
"-accessor-id=" + token.AccessorID,
|
||||
"-token=root",
|
||||
"-append-service-identity=web",
|
||||
"-description=test token",
|
||||
})
|
||||
require.Len(t, token.ServiceIdentities, 2)
|
||||
require.Equal(t, "web", token.ServiceIdentities[1].ServiceName)
|
||||
require.Len(t, responseToken.ServiceIdentities, 1)
|
||||
require.Equal(t, "service", responseToken.ServiceIdentities[0].ServiceName)
|
||||
})
|
||||
|
||||
// update with no description shouldn't delete the current description
|
||||
t.Run("merge-description", func(t *testing.T) {
|
||||
token := run(t, []string{
|
||||
token := create_token(t, client, &api.ACLToken{Description: "test token"}, &api.WriteOptions{Token: "root"})
|
||||
|
||||
responseToken := run(t, []string{
|
||||
"-http-addr=" + a.HTTPAddr(),
|
||||
"-accessor-id=" + token.AccessorID,
|
||||
"-token=root",
|
||||
"-policy-name=" + policy.Name,
|
||||
})
|
||||
|
||||
require.Equal(t, "test token", token.Description)
|
||||
require.Equal(t, "test token", responseToken.Description)
|
||||
})
|
||||
}
|
||||
|
||||
|
@ -219,13 +206,6 @@ func TestTokenUpdateCommandWithAppend(t *testing.T) {
|
|||
)
|
||||
require.NoError(t, err)
|
||||
|
||||
// create a token
|
||||
token, _, err := client.ACL().TokenCreate(
|
||||
&api.ACLToken{Description: "test", Policies: []*api.ACLTokenPolicyLink{{Name: policy.Name}}},
|
||||
&api.WriteOptions{Token: "root"},
|
||||
)
|
||||
require.NoError(t, err)
|
||||
|
||||
//secondary policy
|
||||
secondPolicy, _, policyErr := client.ACL().PolicyCreate(
|
||||
&api.ACLPolicy{Name: "secondary-policy"},
|
||||
|
@ -233,13 +213,6 @@ func TestTokenUpdateCommandWithAppend(t *testing.T) {
|
|||
)
|
||||
require.NoError(t, policyErr)
|
||||
|
||||
//third policy
|
||||
thirdPolicy, _, policyErr := client.ACL().PolicyCreate(
|
||||
&api.ACLPolicy{Name: "third-policy"},
|
||||
&api.WriteOptions{Token: "root"},
|
||||
)
|
||||
require.NoError(t, policyErr)
|
||||
|
||||
run := func(t *testing.T, args []string) *api.ACLToken {
|
||||
ui := cli.NewMockUi()
|
||||
cmd := New(ui)
|
||||
|
@ -255,7 +228,12 @@ func TestTokenUpdateCommandWithAppend(t *testing.T) {
|
|||
|
||||
// update with append-policy-name
|
||||
t.Run("append-policy-name", func(t *testing.T) {
|
||||
token := run(t, []string{
|
||||
token := create_token(t, client,
|
||||
&api.ACLToken{Description: "test", Policies: []*api.ACLTokenPolicyLink{{Name: policy.Name}}},
|
||||
&api.WriteOptions{Token: "root"},
|
||||
)
|
||||
|
||||
responseToken := run(t, []string{
|
||||
"-http-addr=" + a.HTTPAddr(),
|
||||
"-accessor-id=" + token.AccessorID,
|
||||
"-token=root",
|
||||
|
@ -263,20 +241,72 @@ func TestTokenUpdateCommandWithAppend(t *testing.T) {
|
|||
"-description=test token",
|
||||
})
|
||||
|
||||
require.Len(t, token.Policies, 2)
|
||||
require.Len(t, responseToken.Policies, 2)
|
||||
})
|
||||
|
||||
// update with append-policy-id
|
||||
t.Run("append-policy-id", func(t *testing.T) {
|
||||
token := run(t, []string{
|
||||
token := create_token(t, client,
|
||||
&api.ACLToken{Description: "test", Policies: []*api.ACLTokenPolicyLink{{Name: policy.Name}}},
|
||||
&api.WriteOptions{Token: "root"},
|
||||
)
|
||||
|
||||
responseToken := run(t, []string{
|
||||
"-http-addr=" + a.HTTPAddr(),
|
||||
"-accessor-id=" + token.AccessorID,
|
||||
"-token=root",
|
||||
"-append-policy-id=" + thirdPolicy.ID,
|
||||
"-append-policy-id=" + secondPolicy.ID,
|
||||
"-description=test token",
|
||||
})
|
||||
|
||||
require.Len(t, token.Policies, 3)
|
||||
require.Len(t, responseToken.Policies, 2)
|
||||
})
|
||||
|
||||
// update with append-node-identity
|
||||
t.Run("append-node-identity", func(t *testing.T) {
|
||||
token := create_token(t, client,
|
||||
&api.ACLToken{
|
||||
Description: "test",
|
||||
Policies: []*api.ACLTokenPolicyLink{{Name: policy.Name}},
|
||||
NodeIdentities: []*api.ACLNodeIdentity{{NodeName: "namenode", Datacenter: "somewhere"}},
|
||||
},
|
||||
&api.WriteOptions{Token: "root"},
|
||||
)
|
||||
|
||||
responseToken := run(t, []string{
|
||||
"-http-addr=" + a.HTTPAddr(),
|
||||
"-accessor-id=" + token.AccessorID,
|
||||
"-token=root",
|
||||
"-append-node-identity=third:node",
|
||||
"-description=test token",
|
||||
})
|
||||
|
||||
require.Len(t, responseToken.NodeIdentities, 2)
|
||||
require.Equal(t, "third", responseToken.NodeIdentities[1].NodeName)
|
||||
require.Equal(t, "node", responseToken.NodeIdentities[1].Datacenter)
|
||||
})
|
||||
|
||||
// update with append-service-identity
|
||||
t.Run("append-service-identity", func(t *testing.T) {
|
||||
token := create_token(t, client,
|
||||
&api.ACLToken{
|
||||
Description: "test",
|
||||
Policies: []*api.ACLTokenPolicyLink{{Name: policy.Name}},
|
||||
ServiceIdentities: []*api.ACLServiceIdentity{{ServiceName: "service"}},
|
||||
},
|
||||
&api.WriteOptions{Token: "root"},
|
||||
)
|
||||
|
||||
responseToken := run(t, []string{
|
||||
"-http-addr=" + a.HTTPAddr(),
|
||||
"-accessor-id=" + token.AccessorID,
|
||||
"-token=root",
|
||||
"-append-service-identity=web",
|
||||
"-description=test token",
|
||||
})
|
||||
|
||||
require.Len(t, responseToken.ServiceIdentities, 2)
|
||||
require.Equal(t, "web", responseToken.ServiceIdentities[1].ServiceName)
|
||||
})
|
||||
}
|
||||
|
||||
|
@ -310,12 +340,7 @@ func TestTokenUpdateCommand_JSON(t *testing.T) {
|
|||
)
|
||||
require.NoError(t, err)
|
||||
|
||||
// create a token
|
||||
token, _, err := client.ACL().TokenCreate(
|
||||
&api.ACLToken{Description: "test"},
|
||||
&api.WriteOptions{Token: "root"},
|
||||
)
|
||||
require.NoError(t, err)
|
||||
token := create_token(t, client, &api.ACLToken{Description: "test"}, &api.WriteOptions{Token: "root"})
|
||||
|
||||
t.Run("update with policy by name", func(t *testing.T) {
|
||||
cmd := New(ui)
|
||||
|
|
Loading…
Reference in New Issue