github.com/djenriquez/nomad-1@v0.8.1/command/agent/agent_endpoint_test.go (about) 1 package agent 2 3 import ( 4 "bytes" 5 "encoding/json" 6 "fmt" 7 "net" 8 "net/http" 9 "net/http/httptest" 10 "net/url" 11 "testing" 12 "time" 13 14 msgpackrpc "github.com/hashicorp/net-rpc-msgpackrpc" 15 "github.com/hashicorp/nomad/acl" 16 "github.com/hashicorp/nomad/helper/pool" 17 "github.com/hashicorp/nomad/nomad/mock" 18 "github.com/hashicorp/nomad/nomad/structs" 19 "github.com/hashicorp/nomad/testutil" 20 "github.com/stretchr/testify/require" 21 ) 22 23 func TestHTTP_AgentSelf(t *testing.T) { 24 t.Parallel() 25 httpTest(t, nil, func(s *TestAgent) { 26 // Make the HTTP request 27 req, err := http.NewRequest("GET", "/v1/agent/self", nil) 28 if err != nil { 29 t.Fatalf("err: %v", err) 30 } 31 respW := httptest.NewRecorder() 32 33 // Make the request 34 obj, err := s.Server.AgentSelfRequest(respW, req) 35 if err != nil { 36 t.Fatalf("err: %v", err) 37 } 38 39 // Check the job 40 self := obj.(agentSelf) 41 if self.Config == nil { 42 t.Fatalf("bad: %#v", self) 43 } 44 if len(self.Stats) == 0 { 45 t.Fatalf("bad: %#v", self) 46 } 47 48 // Check the Vault config 49 if self.Config.Vault.Token != "" { 50 t.Fatalf("bad: %#v", self) 51 } 52 53 // Assign a Vault token and require it is redacted. 54 s.Config.Vault.Token = "badc0deb-adc0-deba-dc0d-ebadc0debadc" 55 respW = httptest.NewRecorder() 56 obj, err = s.Server.AgentSelfRequest(respW, req) 57 if err != nil { 58 t.Fatalf("err: %v", err) 59 } 60 self = obj.(agentSelf) 61 if self.Config.Vault.Token != "<redacted>" { 62 t.Fatalf("bad: %#v", self) 63 } 64 }) 65 } 66 67 func TestHTTP_AgentSelf_ACL(t *testing.T) { 68 t.Parallel() 69 require := require.New(t) 70 71 httpACLTest(t, nil, func(s *TestAgent) { 72 state := s.Agent.server.State() 73 74 // Make the HTTP request 75 req, err := http.NewRequest("GET", "/v1/agent/self", nil) 76 require.Nil(err) 77 78 // Try request without a token and expect failure 79 { 80 respW := httptest.NewRecorder() 81 _, err := s.Server.AgentSelfRequest(respW, req) 82 require.NotNil(err) 83 require.Equal(err.Error(), structs.ErrPermissionDenied.Error()) 84 } 85 86 // Try request with an invalid token and expect failure 87 { 88 respW := httptest.NewRecorder() 89 token := mock.CreatePolicyAndToken(t, state, 1005, "invalid", mock.NodePolicy(acl.PolicyWrite)) 90 setToken(req, token) 91 _, err := s.Server.AgentSelfRequest(respW, req) 92 require.NotNil(err) 93 require.Equal(err.Error(), structs.ErrPermissionDenied.Error()) 94 } 95 96 // Try request with a valid token 97 { 98 respW := httptest.NewRecorder() 99 token := mock.CreatePolicyAndToken(t, state, 1007, "valid", mock.AgentPolicy(acl.PolicyWrite)) 100 setToken(req, token) 101 obj, err := s.Server.AgentSelfRequest(respW, req) 102 require.Nil(err) 103 104 self := obj.(agentSelf) 105 require.NotNil(self.Config) 106 require.NotNil(self.Stats) 107 } 108 109 // Try request with a root token 110 { 111 respW := httptest.NewRecorder() 112 setToken(req, s.RootToken) 113 obj, err := s.Server.AgentSelfRequest(respW, req) 114 require.Nil(err) 115 116 self := obj.(agentSelf) 117 require.NotNil(self.Config) 118 require.NotNil(self.Stats) 119 } 120 }) 121 } 122 123 func TestHTTP_AgentJoin(t *testing.T) { 124 t.Parallel() 125 httpTest(t, nil, func(s *TestAgent) { 126 // Determine the join address 127 member := s.Agent.Server().LocalMember() 128 addr := fmt.Sprintf("%s:%d", member.Addr, member.Port) 129 130 // Make the HTTP request 131 req, err := http.NewRequest("PUT", 132 fmt.Sprintf("/v1/agent/join?address=%s&address=%s", addr, addr), nil) 133 if err != nil { 134 t.Fatalf("err: %v", err) 135 } 136 respW := httptest.NewRecorder() 137 138 // Make the request 139 obj, err := s.Server.AgentJoinRequest(respW, req) 140 if err != nil { 141 t.Fatalf("err: %v", err) 142 } 143 144 // Check the job 145 join := obj.(joinResult) 146 if join.NumJoined != 2 { 147 t.Fatalf("bad: %#v", join) 148 } 149 if join.Error != "" { 150 t.Fatalf("bad: %#v", join) 151 } 152 }) 153 } 154 155 func TestHTTP_AgentMembers(t *testing.T) { 156 t.Parallel() 157 httpTest(t, nil, func(s *TestAgent) { 158 // Make the HTTP request 159 req, err := http.NewRequest("GET", "/v1/agent/members", nil) 160 if err != nil { 161 t.Fatalf("err: %v", err) 162 } 163 respW := httptest.NewRecorder() 164 165 // Make the request 166 obj, err := s.Server.AgentMembersRequest(respW, req) 167 if err != nil { 168 t.Fatalf("err: %v", err) 169 } 170 171 // Check the job 172 members := obj.(structs.ServerMembersResponse) 173 if len(members.Members) != 1 { 174 t.Fatalf("bad: %#v", members.Members) 175 } 176 }) 177 } 178 179 func TestHTTP_AgentMembers_ACL(t *testing.T) { 180 t.Parallel() 181 require := require.New(t) 182 183 httpACLTest(t, nil, func(s *TestAgent) { 184 state := s.Agent.server.State() 185 186 // Make the HTTP request 187 req, err := http.NewRequest("GET", "/v1/agent/members", nil) 188 require.Nil(err) 189 190 // Try request without a token and expect failure 191 { 192 respW := httptest.NewRecorder() 193 _, err := s.Server.AgentMembersRequest(respW, req) 194 require.NotNil(err) 195 require.Equal(err.Error(), structs.ErrPermissionDenied.Error()) 196 } 197 198 // Try request with an invalid token and expect failure 199 { 200 respW := httptest.NewRecorder() 201 token := mock.CreatePolicyAndToken(t, state, 1005, "invalid", mock.AgentPolicy(acl.PolicyWrite)) 202 setToken(req, token) 203 _, err := s.Server.AgentMembersRequest(respW, req) 204 require.NotNil(err) 205 require.Equal(err.Error(), structs.ErrPermissionDenied.Error()) 206 } 207 208 // Try request with a valid token 209 { 210 respW := httptest.NewRecorder() 211 token := mock.CreatePolicyAndToken(t, state, 1007, "valid", mock.NodePolicy(acl.PolicyRead)) 212 setToken(req, token) 213 obj, err := s.Server.AgentMembersRequest(respW, req) 214 require.Nil(err) 215 216 members := obj.(structs.ServerMembersResponse) 217 require.Len(members.Members, 1) 218 } 219 220 // Try request with a root token 221 { 222 respW := httptest.NewRecorder() 223 setToken(req, s.RootToken) 224 obj, err := s.Server.AgentMembersRequest(respW, req) 225 require.Nil(err) 226 227 members := obj.(structs.ServerMembersResponse) 228 require.Len(members.Members, 1) 229 } 230 }) 231 } 232 233 func TestHTTP_AgentForceLeave(t *testing.T) { 234 t.Parallel() 235 httpTest(t, nil, func(s *TestAgent) { 236 // Make the HTTP request 237 req, err := http.NewRequest("PUT", "/v1/agent/force-leave?node=foo", nil) 238 if err != nil { 239 t.Fatalf("err: %v", err) 240 } 241 respW := httptest.NewRecorder() 242 243 // Make the request 244 _, err = s.Server.AgentForceLeaveRequest(respW, req) 245 if err != nil { 246 t.Fatalf("err: %v", err) 247 } 248 }) 249 } 250 251 func TestHTTP_AgentForceLeave_ACL(t *testing.T) { 252 t.Parallel() 253 require := require.New(t) 254 255 httpACLTest(t, nil, func(s *TestAgent) { 256 state := s.Agent.server.State() 257 258 // Make the HTTP request 259 req, err := http.NewRequest("PUT", "/v1/agent/force-leave?node=foo", nil) 260 require.Nil(err) 261 262 // Try request without a token and expect failure 263 { 264 respW := httptest.NewRecorder() 265 _, err := s.Server.AgentForceLeaveRequest(respW, req) 266 require.NotNil(err) 267 require.Equal(err.Error(), structs.ErrPermissionDenied.Error()) 268 } 269 270 // Try request with an invalid token and expect failure 271 { 272 respW := httptest.NewRecorder() 273 token := mock.CreatePolicyAndToken(t, state, 1005, "invalid", mock.NodePolicy(acl.PolicyRead)) 274 setToken(req, token) 275 _, err := s.Server.AgentForceLeaveRequest(respW, req) 276 require.NotNil(err) 277 require.Equal(err.Error(), structs.ErrPermissionDenied.Error()) 278 } 279 280 // Try request with a valid token 281 { 282 respW := httptest.NewRecorder() 283 token := mock.CreatePolicyAndToken(t, state, 1007, "valid", mock.AgentPolicy(acl.PolicyWrite)) 284 setToken(req, token) 285 _, err := s.Server.AgentForceLeaveRequest(respW, req) 286 require.Nil(err) 287 require.Equal(http.StatusOK, respW.Code) 288 } 289 290 // Try request with a root token 291 { 292 respW := httptest.NewRecorder() 293 setToken(req, s.RootToken) 294 _, err := s.Server.AgentForceLeaveRequest(respW, req) 295 require.Nil(err) 296 require.Equal(http.StatusOK, respW.Code) 297 } 298 }) 299 } 300 301 func TestHTTP_AgentSetServers(t *testing.T) { 302 t.Parallel() 303 require := require.New(t) 304 httpTest(t, nil, func(s *TestAgent) { 305 addr := s.Config.AdvertiseAddrs.RPC 306 testutil.WaitForResult(func() (bool, error) { 307 conn, err := net.DialTimeout("tcp", addr, 100*time.Millisecond) 308 if err != nil { 309 return false, err 310 } 311 defer conn.Close() 312 313 // Write the Consul RPC byte to set the mode 314 if _, err := conn.Write([]byte{byte(pool.RpcNomad)}); err != nil { 315 return false, err 316 } 317 318 codec := pool.NewClientCodec(conn) 319 args := &structs.GenericRequest{} 320 var leader string 321 err = msgpackrpc.CallWithCodec(codec, "Status.Leader", args, &leader) 322 return leader != "", err 323 }, func(err error) { 324 t.Fatalf("failed to find leader: %v", err) 325 }) 326 327 // Create the request 328 req, err := http.NewRequest("PUT", "/v1/agent/servers", nil) 329 require.Nil(err) 330 331 // Send the request 332 respW := httptest.NewRecorder() 333 _, err = s.Server.AgentServersRequest(respW, req) 334 require.NotNil(err) 335 require.Contains(err.Error(), "missing server address") 336 337 // Create a valid request 338 req, err = http.NewRequest("PUT", "/v1/agent/servers?address=127.0.0.1%3A4647&address=127.0.0.2%3A4647&address=127.0.0.3%3A4647", nil) 339 require.Nil(err) 340 341 // Send the request which should fail 342 respW = httptest.NewRecorder() 343 _, err = s.Server.AgentServersRequest(respW, req) 344 require.NotNil(err) 345 346 // Retrieve the servers again 347 req, err = http.NewRequest("GET", "/v1/agent/servers", nil) 348 require.Nil(err) 349 respW = httptest.NewRecorder() 350 351 // Make the request and check the result 352 expected := []string{ 353 s.GetConfig().AdvertiseAddrs.RPC, 354 } 355 out, err := s.Server.AgentServersRequest(respW, req) 356 require.Nil(err) 357 servers := out.([]string) 358 require.Len(servers, len(expected)) 359 require.Equal(expected, servers) 360 }) 361 } 362 363 func TestHTTP_AgentSetServers_ACL(t *testing.T) { 364 t.Parallel() 365 require := require.New(t) 366 367 httpACLTest(t, nil, func(s *TestAgent) { 368 state := s.Agent.server.State() 369 addr := s.Config.AdvertiseAddrs.RPC 370 testutil.WaitForResult(func() (bool, error) { 371 conn, err := net.DialTimeout("tcp", addr, 100*time.Millisecond) 372 if err != nil { 373 return false, err 374 } 375 defer conn.Close() 376 377 // Write the Consul RPC byte to set the mode 378 if _, err := conn.Write([]byte{byte(pool.RpcNomad)}); err != nil { 379 return false, err 380 } 381 382 codec := pool.NewClientCodec(conn) 383 args := &structs.GenericRequest{} 384 var leader string 385 err = msgpackrpc.CallWithCodec(codec, "Status.Leader", args, &leader) 386 return leader != "", err 387 }, func(err error) { 388 t.Fatalf("failed to find leader: %v", err) 389 }) 390 391 // Make the HTTP request 392 path := fmt.Sprintf("/v1/agent/servers?address=%s", url.QueryEscape(s.GetConfig().AdvertiseAddrs.RPC)) 393 req, err := http.NewRequest("PUT", path, nil) 394 require.Nil(err) 395 396 // Try request without a token and expect failure 397 { 398 respW := httptest.NewRecorder() 399 _, err := s.Server.AgentServersRequest(respW, req) 400 require.NotNil(err) 401 require.Equal(err.Error(), structs.ErrPermissionDenied.Error()) 402 } 403 404 // Try request with an invalid token and expect failure 405 { 406 respW := httptest.NewRecorder() 407 token := mock.CreatePolicyAndToken(t, state, 1005, "invalid", mock.NodePolicy(acl.PolicyRead)) 408 setToken(req, token) 409 _, err := s.Server.AgentServersRequest(respW, req) 410 require.NotNil(err) 411 require.Equal(err.Error(), structs.ErrPermissionDenied.Error()) 412 } 413 414 // Try request with a valid token 415 { 416 respW := httptest.NewRecorder() 417 token := mock.CreatePolicyAndToken(t, state, 1007, "valid", mock.AgentPolicy(acl.PolicyWrite)) 418 setToken(req, token) 419 _, err := s.Server.AgentServersRequest(respW, req) 420 require.Nil(err) 421 require.Equal(http.StatusOK, respW.Code) 422 } 423 424 // Try request with a root token 425 { 426 respW := httptest.NewRecorder() 427 setToken(req, s.RootToken) 428 _, err := s.Server.AgentServersRequest(respW, req) 429 require.Nil(err) 430 require.Equal(http.StatusOK, respW.Code) 431 } 432 }) 433 } 434 435 func TestHTTP_AgentListServers_ACL(t *testing.T) { 436 t.Parallel() 437 require := require.New(t) 438 439 httpACLTest(t, nil, func(s *TestAgent) { 440 state := s.Agent.server.State() 441 442 // Create list request 443 req, err := http.NewRequest("GET", "/v1/agent/servers", nil) 444 require.Nil(err) 445 446 expected := []string{ 447 s.GetConfig().AdvertiseAddrs.RPC, 448 } 449 450 // Try request without a token and expect failure 451 { 452 respW := httptest.NewRecorder() 453 _, err := s.Server.AgentServersRequest(respW, req) 454 require.NotNil(err) 455 require.Equal(err.Error(), structs.ErrPermissionDenied.Error()) 456 } 457 458 // Try request with an invalid token and expect failure 459 { 460 respW := httptest.NewRecorder() 461 token := mock.CreatePolicyAndToken(t, state, 1005, "invalid", mock.NodePolicy(acl.PolicyRead)) 462 setToken(req, token) 463 _, err := s.Server.AgentServersRequest(respW, req) 464 require.NotNil(err) 465 require.Equal(err.Error(), structs.ErrPermissionDenied.Error()) 466 } 467 468 // Wait for client to have a server 469 testutil.WaitForResult(func() (bool, error) { 470 return len(s.client.GetServers()) != 0, fmt.Errorf("no servers") 471 }, func(err error) { 472 t.Fatal(err) 473 }) 474 475 // Try request with a valid token 476 { 477 respW := httptest.NewRecorder() 478 token := mock.CreatePolicyAndToken(t, state, 1007, "valid", mock.AgentPolicy(acl.PolicyRead)) 479 setToken(req, token) 480 out, err := s.Server.AgentServersRequest(respW, req) 481 require.Nil(err) 482 servers := out.([]string) 483 require.Len(servers, len(expected)) 484 require.Equal(expected, servers) 485 } 486 487 // Try request with a root token 488 { 489 respW := httptest.NewRecorder() 490 setToken(req, s.RootToken) 491 out, err := s.Server.AgentServersRequest(respW, req) 492 require.Nil(err) 493 servers := out.([]string) 494 require.Len(servers, len(expected)) 495 require.Equal(expected, servers) 496 } 497 }) 498 } 499 500 func TestHTTP_AgentListKeys(t *testing.T) { 501 t.Parallel() 502 503 key1 := "HS5lJ+XuTlYKWaeGYyG+/A==" 504 505 httpTest(t, func(c *Config) { 506 c.Server.EncryptKey = key1 507 }, func(s *TestAgent) { 508 req, err := http.NewRequest("GET", "/v1/agent/keyring/list", nil) 509 if err != nil { 510 t.Fatalf("err: %s", err) 511 } 512 respW := httptest.NewRecorder() 513 514 out, err := s.Server.KeyringOperationRequest(respW, req) 515 require.Nil(t, err) 516 kresp := out.(structs.KeyringResponse) 517 require.Len(t, kresp.Keys, 1) 518 }) 519 } 520 521 func TestHTTP_AgentListKeys_ACL(t *testing.T) { 522 t.Parallel() 523 require := require.New(t) 524 525 key1 := "HS5lJ+XuTlYKWaeGYyG+/A==" 526 527 cb := func(c *Config) { 528 c.Server.EncryptKey = key1 529 } 530 531 httpACLTest(t, cb, func(s *TestAgent) { 532 state := s.Agent.server.State() 533 534 // Make the HTTP request 535 req, err := http.NewRequest("GET", "/v1/agent/keyring/list", nil) 536 require.Nil(err) 537 538 // Try request without a token and expect failure 539 { 540 respW := httptest.NewRecorder() 541 _, err := s.Server.KeyringOperationRequest(respW, req) 542 require.NotNil(err) 543 require.Equal(err.Error(), structs.ErrPermissionDenied.Error()) 544 } 545 546 // Try request with an invalid token and expect failure 547 { 548 respW := httptest.NewRecorder() 549 token := mock.CreatePolicyAndToken(t, state, 1005, "invalid", mock.AgentPolicy(acl.PolicyRead)) 550 setToken(req, token) 551 _, err := s.Server.KeyringOperationRequest(respW, req) 552 require.NotNil(err) 553 require.Equal(err.Error(), structs.ErrPermissionDenied.Error()) 554 } 555 556 // Try request with a valid token 557 { 558 respW := httptest.NewRecorder() 559 token := mock.CreatePolicyAndToken(t, state, 1007, "valid", mock.AgentPolicy(acl.PolicyWrite)) 560 setToken(req, token) 561 out, err := s.Server.KeyringOperationRequest(respW, req) 562 require.Nil(err) 563 kresp := out.(structs.KeyringResponse) 564 require.Len(kresp.Keys, 1) 565 require.Contains(kresp.Keys, key1) 566 } 567 568 // Try request with a root token 569 { 570 respW := httptest.NewRecorder() 571 setToken(req, s.RootToken) 572 out, err := s.Server.KeyringOperationRequest(respW, req) 573 require.Nil(err) 574 kresp := out.(structs.KeyringResponse) 575 require.Len(kresp.Keys, 1) 576 require.Contains(kresp.Keys, key1) 577 } 578 }) 579 } 580 581 func TestHTTP_AgentInstallKey(t *testing.T) { 582 t.Parallel() 583 584 key1 := "HS5lJ+XuTlYKWaeGYyG+/A==" 585 key2 := "wH1Bn9hlJ0emgWB1JttVRA==" 586 587 httpTest(t, func(c *Config) { 588 c.Server.EncryptKey = key1 589 }, func(s *TestAgent) { 590 b, err := json.Marshal(&structs.KeyringRequest{Key: key2}) 591 if err != nil { 592 t.Fatalf("err: %v", err) 593 } 594 req, err := http.NewRequest("GET", "/v1/agent/keyring/install", bytes.NewReader(b)) 595 if err != nil { 596 t.Fatalf("err: %s", err) 597 } 598 respW := httptest.NewRecorder() 599 600 _, err = s.Server.KeyringOperationRequest(respW, req) 601 if err != nil { 602 t.Fatalf("err: %s", err) 603 } 604 req, err = http.NewRequest("GET", "/v1/agent/keyring/list", bytes.NewReader(b)) 605 if err != nil { 606 t.Fatalf("err: %s", err) 607 } 608 respW = httptest.NewRecorder() 609 610 out, err := s.Server.KeyringOperationRequest(respW, req) 611 if err != nil { 612 t.Fatalf("err: %s", err) 613 } 614 kresp := out.(structs.KeyringResponse) 615 if len(kresp.Keys) != 2 { 616 t.Fatalf("bad: %v", kresp) 617 } 618 }) 619 } 620 621 func TestHTTP_AgentRemoveKey(t *testing.T) { 622 t.Parallel() 623 624 key1 := "HS5lJ+XuTlYKWaeGYyG+/A==" 625 key2 := "wH1Bn9hlJ0emgWB1JttVRA==" 626 627 httpTest(t, func(c *Config) { 628 c.Server.EncryptKey = key1 629 }, func(s *TestAgent) { 630 b, err := json.Marshal(&structs.KeyringRequest{Key: key2}) 631 if err != nil { 632 t.Fatalf("err: %v", err) 633 } 634 635 req, err := http.NewRequest("GET", "/v1/agent/keyring/install", bytes.NewReader(b)) 636 if err != nil { 637 t.Fatalf("err: %s", err) 638 } 639 respW := httptest.NewRecorder() 640 _, err = s.Server.KeyringOperationRequest(respW, req) 641 if err != nil { 642 t.Fatalf("err: %s", err) 643 } 644 645 req, err = http.NewRequest("GET", "/v1/agent/keyring/remove", bytes.NewReader(b)) 646 if err != nil { 647 t.Fatalf("err: %s", err) 648 } 649 respW = httptest.NewRecorder() 650 if _, err = s.Server.KeyringOperationRequest(respW, req); err != nil { 651 t.Fatalf("err: %s", err) 652 } 653 654 req, err = http.NewRequest("GET", "/v1/agent/keyring/list", nil) 655 if err != nil { 656 t.Fatalf("err: %s", err) 657 } 658 respW = httptest.NewRecorder() 659 out, err := s.Server.KeyringOperationRequest(respW, req) 660 if err != nil { 661 t.Fatalf("err: %s", err) 662 } 663 kresp := out.(structs.KeyringResponse) 664 if len(kresp.Keys) != 1 { 665 t.Fatalf("bad: %v", kresp) 666 } 667 }) 668 } 669 670 func TestHTTP_AgentHealth_Ok(t *testing.T) { 671 t.Parallel() 672 require := require.New(t) 673 674 // Enable ACLs to ensure they're not enforced 675 httpACLTest(t, nil, func(s *TestAgent) { 676 // No ?type= 677 { 678 req, err := http.NewRequest("GET", "/v1/agent/health", nil) 679 require.Nil(err) 680 681 respW := httptest.NewRecorder() 682 healthI, err := s.Server.HealthRequest(respW, req) 683 require.Nil(err) 684 require.Equal(http.StatusOK, respW.Code) 685 require.NotNil(healthI) 686 health := healthI.(*healthResponse) 687 require.NotNil(health.Client) 688 require.True(health.Client.Ok) 689 require.Equal("ok", health.Client.Message) 690 require.NotNil(health.Server) 691 require.True(health.Server.Ok) 692 require.Equal("ok", health.Server.Message) 693 } 694 695 // type=client 696 { 697 req, err := http.NewRequest("GET", "/v1/agent/health?type=client", nil) 698 require.Nil(err) 699 700 respW := httptest.NewRecorder() 701 healthI, err := s.Server.HealthRequest(respW, req) 702 require.Nil(err) 703 require.Equal(http.StatusOK, respW.Code) 704 require.NotNil(healthI) 705 health := healthI.(*healthResponse) 706 require.NotNil(health.Client) 707 require.True(health.Client.Ok) 708 require.Equal("ok", health.Client.Message) 709 require.Nil(health.Server) 710 } 711 712 // type=server 713 { 714 req, err := http.NewRequest("GET", "/v1/agent/health?type=server", nil) 715 require.Nil(err) 716 717 respW := httptest.NewRecorder() 718 healthI, err := s.Server.HealthRequest(respW, req) 719 require.Nil(err) 720 require.Equal(http.StatusOK, respW.Code) 721 require.NotNil(healthI) 722 health := healthI.(*healthResponse) 723 require.NotNil(health.Server) 724 require.True(health.Server.Ok) 725 require.Equal("ok", health.Server.Message) 726 require.Nil(health.Client) 727 } 728 729 // type=client&type=server 730 { 731 req, err := http.NewRequest("GET", "/v1/agent/health?type=client&type=server", nil) 732 require.Nil(err) 733 734 respW := httptest.NewRecorder() 735 healthI, err := s.Server.HealthRequest(respW, req) 736 require.Nil(err) 737 require.Equal(http.StatusOK, respW.Code) 738 require.NotNil(healthI) 739 health := healthI.(*healthResponse) 740 require.NotNil(health.Client) 741 require.True(health.Client.Ok) 742 require.Equal("ok", health.Client.Message) 743 require.NotNil(health.Server) 744 require.True(health.Server.Ok) 745 require.Equal("ok", health.Server.Message) 746 } 747 }) 748 } 749 750 func TestHTTP_AgentHealth_BadServer(t *testing.T) { 751 t.Parallel() 752 require := require.New(t) 753 754 // Enable ACLs to ensure they're not enforced 755 httpACLTest(t, nil, func(s *TestAgent) { 756 757 // Set s.Agent.server=nil to make server unhealthy if requested 758 s.Agent.server = nil 759 760 // No ?type= means server is just skipped 761 { 762 req, err := http.NewRequest("GET", "/v1/agent/health", nil) 763 require.Nil(err) 764 765 respW := httptest.NewRecorder() 766 healthI, err := s.Server.HealthRequest(respW, req) 767 require.Nil(err) 768 require.Equal(http.StatusOK, respW.Code) 769 require.NotNil(healthI) 770 health := healthI.(*healthResponse) 771 require.NotNil(health.Client) 772 require.True(health.Client.Ok) 773 require.Equal("ok", health.Client.Message) 774 require.Nil(health.Server) 775 } 776 777 // type=server means server is considered unhealthy 778 { 779 req, err := http.NewRequest("GET", "/v1/agent/health?type=server", nil) 780 require.Nil(err) 781 782 respW := httptest.NewRecorder() 783 _, err = s.Server.HealthRequest(respW, req) 784 require.NotNil(err) 785 httpErr, ok := err.(HTTPCodedError) 786 require.True(ok) 787 require.Equal(500, httpErr.Code()) 788 require.Equal(`{"server":{"ok":false,"message":"server not enabled"}}`, err.Error()) 789 } 790 }) 791 } 792 793 func TestHTTP_AgentHealth_BadClient(t *testing.T) { 794 t.Parallel() 795 require := require.New(t) 796 797 // Enable ACLs to ensure they're not enforced 798 httpACLTest(t, nil, func(s *TestAgent) { 799 800 // Set s.Agent.client=nil to make server unhealthy if requested 801 s.Agent.client = nil 802 803 // No ?type= means client is just skipped 804 { 805 req, err := http.NewRequest("GET", "/v1/agent/health", nil) 806 require.Nil(err) 807 808 respW := httptest.NewRecorder() 809 healthI, err := s.Server.HealthRequest(respW, req) 810 require.Nil(err) 811 require.Equal(http.StatusOK, respW.Code) 812 require.NotNil(healthI) 813 health := healthI.(*healthResponse) 814 require.NotNil(health.Server) 815 require.True(health.Server.Ok) 816 require.Equal("ok", health.Server.Message) 817 require.Nil(health.Client) 818 } 819 820 // type=client means client is considered unhealthy 821 { 822 req, err := http.NewRequest("GET", "/v1/agent/health?type=client", nil) 823 require.Nil(err) 824 825 respW := httptest.NewRecorder() 826 _, err = s.Server.HealthRequest(respW, req) 827 require.NotNil(err) 828 httpErr, ok := err.(HTTPCodedError) 829 require.True(ok) 830 require.Equal(500, httpErr.Code()) 831 require.Equal(`{"client":{"ok":false,"message":"client not enabled"}}`, err.Error()) 832 } 833 }) 834 }