github.com/hashicorp/vault/sdk@v0.13.0/plugin/grpc_system_test.go (about) 1 // Copyright (c) HashiCorp, Inc. 2 // SPDX-License-Identifier: MPL-2.0 3 4 package plugin 5 6 import ( 7 "context" 8 "reflect" 9 "testing" 10 "time" 11 12 "github.com/hashicorp/go-plugin" 13 "github.com/hashicorp/vault/sdk/helper/consts" 14 "github.com/hashicorp/vault/sdk/logical" 15 "github.com/hashicorp/vault/sdk/plugin/pb" 16 "google.golang.org/grpc" 17 "google.golang.org/protobuf/proto" 18 ) 19 20 func TestSystem_GRPC_ReturnsErrIfSystemViewNil(t *testing.T) { 21 _, err := new(gRPCSystemViewServer).ReplicationState(context.Background(), nil) 22 if err == nil { 23 t.Error("Expected error when using server with no impl") 24 } 25 } 26 27 func TestSystem_GRPC_GRPC_impl(t *testing.T) { 28 var _ logical.SystemView = new(gRPCSystemViewClient) 29 } 30 31 func TestSystem_GRPC_defaultLeaseTTL(t *testing.T) { 32 sys := logical.TestSystemView() 33 client, _ := plugin.TestGRPCConn(t, func(s *grpc.Server) { 34 pb.RegisterSystemViewServer(s, &gRPCSystemViewServer{ 35 impl: sys, 36 }) 37 }) 38 defer client.Close() 39 testSystemView := newGRPCSystemView(client) 40 41 expected := sys.DefaultLeaseTTL() 42 actual := testSystemView.DefaultLeaseTTL() 43 if !reflect.DeepEqual(expected, actual) { 44 t.Fatalf("expected: %v, got: %v", expected, actual) 45 } 46 } 47 48 func TestSystem_GRPC_maxLeaseTTL(t *testing.T) { 49 sys := logical.TestSystemView() 50 client, _ := plugin.TestGRPCConn(t, func(s *grpc.Server) { 51 pb.RegisterSystemViewServer(s, &gRPCSystemViewServer{ 52 impl: sys, 53 }) 54 }) 55 defer client.Close() 56 testSystemView := newGRPCSystemView(client) 57 58 expected := sys.MaxLeaseTTL() 59 actual := testSystemView.MaxLeaseTTL() 60 if !reflect.DeepEqual(expected, actual) { 61 t.Fatalf("expected: %v, got: %v", expected, actual) 62 } 63 } 64 65 func TestSystem_GRPC_tainted(t *testing.T) { 66 sys := logical.TestSystemView() 67 sys.TaintedVal = true 68 client, _ := plugin.TestGRPCConn(t, func(s *grpc.Server) { 69 pb.RegisterSystemViewServer(s, &gRPCSystemViewServer{ 70 impl: sys, 71 }) 72 }) 73 defer client.Close() 74 testSystemView := newGRPCSystemView(client) 75 76 expected := sys.Tainted() 77 actual := testSystemView.Tainted() 78 if !reflect.DeepEqual(expected, actual) { 79 t.Fatalf("expected: %v, got: %v", expected, actual) 80 } 81 } 82 83 func TestSystem_GRPC_cachingDisabled(t *testing.T) { 84 sys := logical.TestSystemView() 85 sys.CachingDisabledVal = true 86 client, _ := plugin.TestGRPCConn(t, func(s *grpc.Server) { 87 pb.RegisterSystemViewServer(s, &gRPCSystemViewServer{ 88 impl: sys, 89 }) 90 }) 91 defer client.Close() 92 testSystemView := newGRPCSystemView(client) 93 94 expected := sys.CachingDisabled() 95 actual := testSystemView.CachingDisabled() 96 if !reflect.DeepEqual(expected, actual) { 97 t.Fatalf("expected: %v, got: %v", expected, actual) 98 } 99 } 100 101 func TestSystem_GRPC_replicationState(t *testing.T) { 102 sys := logical.TestSystemView() 103 sys.ReplicationStateVal = consts.ReplicationPerformancePrimary 104 client, _ := plugin.TestGRPCConn(t, func(s *grpc.Server) { 105 pb.RegisterSystemViewServer(s, &gRPCSystemViewServer{ 106 impl: sys, 107 }) 108 }) 109 defer client.Close() 110 testSystemView := newGRPCSystemView(client) 111 112 expected := sys.ReplicationState() 113 actual := testSystemView.ReplicationState() 114 if !reflect.DeepEqual(expected, actual) { 115 t.Fatalf("expected: %v, got: %v", expected, actual) 116 } 117 } 118 119 func TestSystem_GRPC_lookupPlugin(t *testing.T) { 120 sys := logical.TestSystemView() 121 client, _ := plugin.TestGRPCConn(t, func(s *grpc.Server) { 122 pb.RegisterSystemViewServer(s, &gRPCSystemViewServer{ 123 impl: sys, 124 }) 125 }) 126 defer client.Close() 127 128 testSystemView := newGRPCSystemView(client) 129 130 if _, err := testSystemView.LookupPlugin(context.Background(), "foo", consts.PluginTypeDatabase); err == nil { 131 t.Fatal("LookPlugin(): expected error on due to unsupported call from plugin") 132 } 133 } 134 135 func TestSystem_GRPC_mlockEnabled(t *testing.T) { 136 sys := logical.TestSystemView() 137 sys.EnableMlock = true 138 client, _ := plugin.TestGRPCConn(t, func(s *grpc.Server) { 139 pb.RegisterSystemViewServer(s, &gRPCSystemViewServer{ 140 impl: sys, 141 }) 142 }) 143 defer client.Close() 144 145 testSystemView := newGRPCSystemView(client) 146 147 expected := sys.MlockEnabled() 148 actual := testSystemView.MlockEnabled() 149 if !reflect.DeepEqual(expected, actual) { 150 t.Fatalf("expected: %v, got: %v", expected, actual) 151 } 152 } 153 154 func TestSystem_GRPC_entityInfo(t *testing.T) { 155 sys := logical.TestSystemView() 156 sys.EntityVal = &logical.Entity{ 157 ID: "id", 158 Name: "name", 159 Metadata: map[string]string{ 160 "foo": "bar", 161 }, 162 Aliases: []*logical.Alias{ 163 { 164 MountType: "logical", 165 MountAccessor: "accessor", 166 Name: "name", 167 Metadata: map[string]string{ 168 "zip": "zap", 169 }, 170 }, 171 }, 172 Disabled: true, 173 } 174 client, _ := plugin.TestGRPCConn(t, func(s *grpc.Server) { 175 pb.RegisterSystemViewServer(s, &gRPCSystemViewServer{ 176 impl: sys, 177 }) 178 }) 179 defer client.Close() 180 testSystemView := newGRPCSystemView(client) 181 182 actual, err := testSystemView.EntityInfo("") 183 if err != nil { 184 t.Fatal(err) 185 } 186 if !proto.Equal(sys.EntityVal, actual) { 187 t.Fatalf("expected: %v, got: %v", sys.EntityVal, actual) 188 } 189 } 190 191 func TestSystem_GRPC_groupsForEntity(t *testing.T) { 192 sys := logical.TestSystemView() 193 sys.GroupsVal = []*logical.Group{ 194 { 195 ID: "group1-id", 196 Name: "group1", 197 Metadata: map[string]string{ 198 "group-metadata": "metadata-value", 199 }, 200 }, 201 } 202 client, _ := plugin.TestGRPCConn(t, func(s *grpc.Server) { 203 pb.RegisterSystemViewServer(s, &gRPCSystemViewServer{ 204 impl: sys, 205 }) 206 }) 207 defer client.Close() 208 testSystemView := newGRPCSystemView(client) 209 210 actual, err := testSystemView.GroupsForEntity("") 211 if err != nil { 212 t.Fatal(err) 213 } 214 if !proto.Equal(sys.GroupsVal[0], actual[0]) { 215 t.Fatalf("expected: %v, got: %v", sys.GroupsVal, actual) 216 } 217 } 218 219 func TestSystem_GRPC_pluginEnv(t *testing.T) { 220 sys := logical.TestSystemView() 221 sys.PluginEnvironment = &logical.PluginEnvironment{ 222 VaultVersion: "0.10.42", 223 VaultVersionPrerelease: "dev", 224 VaultVersionMetadata: "ent", 225 } 226 client, _ := plugin.TestGRPCConn(t, func(s *grpc.Server) { 227 pb.RegisterSystemViewServer(s, &gRPCSystemViewServer{ 228 impl: sys, 229 }) 230 }) 231 defer client.Close() 232 233 testSystemView := newGRPCSystemView(client) 234 235 expected, err := sys.PluginEnv(context.Background()) 236 if err != nil { 237 t.Fatal(err) 238 } 239 240 actual, err := testSystemView.PluginEnv(context.Background()) 241 if err != nil { 242 t.Fatal(err) 243 } 244 245 if !proto.Equal(expected, actual) { 246 t.Fatalf("expected: %v, got: %v", expected, actual) 247 } 248 } 249 250 func TestSystem_GRPC_GeneratePasswordFromPolicy(t *testing.T) { 251 policyName := "testpolicy" 252 expectedPassword := "87354qtnjgrehiogd9u0t43" 253 passGen := func() (password string, err error) { 254 return expectedPassword, nil 255 } 256 sys := &logical.StaticSystemView{ 257 PasswordPolicies: map[string]logical.PasswordGenerator{ 258 policyName: passGen, 259 }, 260 } 261 262 client, server := plugin.TestGRPCConn(t, func(s *grpc.Server) { 263 pb.RegisterSystemViewServer(s, &gRPCSystemViewServer{ 264 impl: sys, 265 }) 266 }) 267 defer server.Stop() 268 defer client.Close() 269 270 testSystemView := newGRPCSystemView(client) 271 272 ctx, cancel := context.WithTimeout(context.Background(), 100*time.Millisecond) 273 defer cancel() 274 275 password, err := testSystemView.GeneratePasswordFromPolicy(ctx, policyName) 276 if err != nil { 277 t.Fatalf("no error expected, got: %s", err) 278 } 279 280 if password != expectedPassword { 281 t.Fatalf("Actual password: %s\nExpected password: %s", password, expectedPassword) 282 } 283 }