github.com/anth0d/nomad@v0.0.0-20221214183521-ae3a0a2cad06/command/acl_auth_method_create_test.go

github.com/anth0d/nomad@v0.0.0-20221214183521-ae3a0a2cad06/command/acl_auth_method_create_test.go (about)

     1  package command
     2  
     3  import (
     4  	"encoding/json"
     5  	"fmt"
     6  	"os"
     7  	"testing"
     8  
     9  	"github.com/hashicorp/nomad/ci"
    10  	"github.com/hashicorp/nomad/command/agent"
    11  	"github.com/hashicorp/nomad/testutil"
    12  	"github.com/mitchellh/cli"
    13  	"github.com/shoenig/test/must"
    14  )
    15  
    16  func TestACLAuthMethodCreateCommand_Run(t *testing.T) {
    17  	ci.Parallel(t)
    18  
    19  	// Build a test server with ACLs enabled.
    20  	srv, _, url := testServer(t, false, func(c *agent.Config) {
    21  		c.ACL.Enabled = true
    22  	})
    23  	defer srv.Shutdown()
    24  
    25  	// Wait for the server to start fully and ensure we have a bootstrap token.
    26  	testutil.WaitForLeader(t, srv.Agent.RPC)
    27  	rootACLToken := srv.RootToken
    28  	must.NotNil(t, rootACLToken)
    29  
    30  	ui := cli.NewMockUi()
    31  	cmd := &ACLAuthMethodCreateCommand{
    32  		Meta: Meta{
    33  			Ui:          ui,
    34  			flagAddress: url,
    35  		},
    36  	}
    37  
    38  	// Test the basic validation on the command.
    39  	must.Eq(t, 1, cmd.Run([]string{"-address=" + url, "this-command-does-not-take-args"}))
    40  	must.StrContains(t, ui.ErrorWriter.String(), "This command takes no arguments")
    41  
    42  	ui.OutputWriter.Reset()
    43  	ui.ErrorWriter.Reset()
    44  
    45  	must.Eq(t, 1, cmd.Run([]string{"-address=" + url}))
    46  	must.StrContains(t, ui.ErrorWriter.String(), "ACL auth method name must be specified using the -name flag")
    47  
    48  	ui.OutputWriter.Reset()
    49  	ui.ErrorWriter.Reset()
    50  
    51  	must.Eq(t, 1, cmd.Run([]string{"-address=" + url, "-name=foobar", "-token-locality=global", "-max-token-ttl=3600s"}))
    52  	must.StrContains(t, ui.ErrorWriter.String(), "ACL auth method type must be set to 'OIDC'")
    53  
    54  	ui.OutputWriter.Reset()
    55  	ui.ErrorWriter.Reset()
    56  
    57  	must.Eq(t, 1, cmd.Run([]string{"-address=" + url, "-name=foobar", "-type=OIDC", "-token-locality=global", "-max-token-ttl=3600s"}))
    58  	must.StrContains(t, ui.ErrorWriter.String(), "Must provide ACL auth method config in JSON format")
    59  
    60  	ui.OutputWriter.Reset()
    61  	ui.ErrorWriter.Reset()
    62  
    63  	// Create an auth method
    64  	args := []string{
    65  		"-address=" + url, "-token=" + rootACLToken.SecretID, "-name=acl-auth-method-cli-test",
    66  		"-type=OIDC", "-token-locality=global", "-default=true", "-max-token-ttl=3600s",
    67  		"-config={\"OIDCDiscoveryURL\":\"http://example.com\"}",
    68  	}
    69  	must.Eq(t, 0, cmd.Run(args))
    70  	s := ui.OutputWriter.String()
    71  	must.StrContains(t, s, "acl-auth-method-cli-test")
    72  
    73  	ui.OutputWriter.Reset()
    74  	ui.ErrorWriter.Reset()
    75  
    76  	// Create an auth method with a config from file
    77  	configFile, err := os.CreateTemp("", "config.json")
    78  	defer os.Remove(configFile.Name())
    79  	must.Nil(t, err)
    80  
    81  	conf := map[string]interface{}{"OIDCDiscoveryURL": "http://example.com"}
    82  	jsonData, err := json.Marshal(conf)
    83  	must.Nil(t, err)
    84  
    85  	_, err = configFile.Write(jsonData)
    86  	must.Nil(t, err)
    87  
    88  	args = []string{
    89  		"-address=" + url, "-token=" + rootACLToken.SecretID, "-name=acl-auth-method-cli-test",
    90  		"-type=OIDC", "-token-locality=global", "-default=false", "-max-token-ttl=3600s",
    91  		fmt.Sprintf("-config=@%s", configFile.Name()),
    92  	}
    93  	must.Eq(t, 0, cmd.Run(args))
    94  	s = ui.OutputWriter.String()
    95  	must.StrContains(t, s, "acl-auth-method-cli-test")
    96  
    97  	ui.OutputWriter.Reset()
    98  	ui.ErrorWriter.Reset()
    99  }