github.com/anth0d/nomad@v0.0.0-20221214183521-ae3a0a2cad06/command/acl_auth_method_create_test.go (about) 1 package command 2 3 import ( 4 "encoding/json" 5 "fmt" 6 "os" 7 "testing" 8 9 "github.com/hashicorp/nomad/ci" 10 "github.com/hashicorp/nomad/command/agent" 11 "github.com/hashicorp/nomad/testutil" 12 "github.com/mitchellh/cli" 13 "github.com/shoenig/test/must" 14 ) 15 16 func TestACLAuthMethodCreateCommand_Run(t *testing.T) { 17 ci.Parallel(t) 18 19 // Build a test server with ACLs enabled. 20 srv, _, url := testServer(t, false, func(c *agent.Config) { 21 c.ACL.Enabled = true 22 }) 23 defer srv.Shutdown() 24 25 // Wait for the server to start fully and ensure we have a bootstrap token. 26 testutil.WaitForLeader(t, srv.Agent.RPC) 27 rootACLToken := srv.RootToken 28 must.NotNil(t, rootACLToken) 29 30 ui := cli.NewMockUi() 31 cmd := &ACLAuthMethodCreateCommand{ 32 Meta: Meta{ 33 Ui: ui, 34 flagAddress: url, 35 }, 36 } 37 38 // Test the basic validation on the command. 39 must.Eq(t, 1, cmd.Run([]string{"-address=" + url, "this-command-does-not-take-args"})) 40 must.StrContains(t, ui.ErrorWriter.String(), "This command takes no arguments") 41 42 ui.OutputWriter.Reset() 43 ui.ErrorWriter.Reset() 44 45 must.Eq(t, 1, cmd.Run([]string{"-address=" + url})) 46 must.StrContains(t, ui.ErrorWriter.String(), "ACL auth method name must be specified using the -name flag") 47 48 ui.OutputWriter.Reset() 49 ui.ErrorWriter.Reset() 50 51 must.Eq(t, 1, cmd.Run([]string{"-address=" + url, "-name=foobar", "-token-locality=global", "-max-token-ttl=3600s"})) 52 must.StrContains(t, ui.ErrorWriter.String(), "ACL auth method type must be set to 'OIDC'") 53 54 ui.OutputWriter.Reset() 55 ui.ErrorWriter.Reset() 56 57 must.Eq(t, 1, cmd.Run([]string{"-address=" + url, "-name=foobar", "-type=OIDC", "-token-locality=global", "-max-token-ttl=3600s"})) 58 must.StrContains(t, ui.ErrorWriter.String(), "Must provide ACL auth method config in JSON format") 59 60 ui.OutputWriter.Reset() 61 ui.ErrorWriter.Reset() 62 63 // Create an auth method 64 args := []string{ 65 "-address=" + url, "-token=" + rootACLToken.SecretID, "-name=acl-auth-method-cli-test", 66 "-type=OIDC", "-token-locality=global", "-default=true", "-max-token-ttl=3600s", 67 "-config={\"OIDCDiscoveryURL\":\"http://example.com\"}", 68 } 69 must.Eq(t, 0, cmd.Run(args)) 70 s := ui.OutputWriter.String() 71 must.StrContains(t, s, "acl-auth-method-cli-test") 72 73 ui.OutputWriter.Reset() 74 ui.ErrorWriter.Reset() 75 76 // Create an auth method with a config from file 77 configFile, err := os.CreateTemp("", "config.json") 78 defer os.Remove(configFile.Name()) 79 must.Nil(t, err) 80 81 conf := map[string]interface{}{"OIDCDiscoveryURL": "http://example.com"} 82 jsonData, err := json.Marshal(conf) 83 must.Nil(t, err) 84 85 _, err = configFile.Write(jsonData) 86 must.Nil(t, err) 87 88 args = []string{ 89 "-address=" + url, "-token=" + rootACLToken.SecretID, "-name=acl-auth-method-cli-test", 90 "-type=OIDC", "-token-locality=global", "-default=false", "-max-token-ttl=3600s", 91 fmt.Sprintf("-config=@%s", configFile.Name()), 92 } 93 must.Eq(t, 0, cmd.Run(args)) 94 s = ui.OutputWriter.String() 95 must.StrContains(t, s, "acl-auth-method-cli-test") 96 97 ui.OutputWriter.Reset() 98 ui.ErrorWriter.Reset() 99 }