github.com/hernad/nomad@v1.6.112/command/acl_role_list_test.go

github.com/hernad/nomad@v1.6.112/command/acl_role_list_test.go (about)

     1  // Copyright (c) HashiCorp, Inc.
     2  // SPDX-License-Identifier: MPL-2.0
     3  
     4  package command
     5  
     6  import (
     7  	"testing"
     8  
     9  	"github.com/hernad/nomad/ci"
    10  	"github.com/hernad/nomad/command/agent"
    11  	"github.com/hernad/nomad/helper/uuid"
    12  	"github.com/hernad/nomad/nomad/structs"
    13  	"github.com/hernad/nomad/testutil"
    14  	"github.com/mitchellh/cli"
    15  	"github.com/stretchr/testify/require"
    16  )
    17  
    18  func TestACLRoleListCommand_Run(t *testing.T) {
    19  	ci.Parallel(t)
    20  
    21  	// Build a test server with ACLs enabled.
    22  	srv, _, url := testServer(t, false, func(c *agent.Config) {
    23  		c.ACL.Enabled = true
    24  	})
    25  	defer srv.Shutdown()
    26  
    27  	// Wait for the server to start fully and ensure we have a bootstrap token.
    28  	testutil.WaitForLeader(t, srv.Agent.RPC)
    29  	rootACLToken := srv.RootToken
    30  	require.NotNil(t, rootACLToken)
    31  
    32  	ui := cli.NewMockUi()
    33  	cmd := &ACLRoleListCommand{
    34  		Meta: Meta{
    35  			Ui:          ui,
    36  			flagAddress: url,
    37  		},
    38  	}
    39  
    40  	// Perform a list straight away without any roles held in state.
    41  	require.Equal(t, 0, cmd.Run([]string{"-address=" + url, "-token=" + rootACLToken.SecretID}))
    42  	require.Contains(t, ui.OutputWriter.String(), "No ACL roles found")
    43  
    44  	ui.OutputWriter.Reset()
    45  	ui.ErrorWriter.Reset()
    46  
    47  	// Create an ACL policy that can be referenced within the ACL role.
    48  	aclPolicy := structs.ACLPolicy{
    49  		Name: "acl-role-policy-cli-test",
    50  		Rules: `namespace "default" {
    51  			policy = "read"
    52  		}
    53  		`,
    54  	}
    55  	err := srv.Agent.Server().State().UpsertACLPolicies(
    56  		structs.MsgTypeTestSetup, 10, []*structs.ACLPolicy{&aclPolicy})
    57  	require.NoError(t, err)
    58  
    59  	// Create an ACL role referencing the previously created policy.
    60  	aclRole := structs.ACLRole{
    61  		ID:       uuid.Generate(),
    62  		Name:     "acl-role-cli-test",
    63  		Policies: []*structs.ACLRolePolicyLink{{Name: aclPolicy.Name}},
    64  	}
    65  	err = srv.Agent.Server().State().UpsertACLRoles(
    66  		structs.MsgTypeTestSetup, 20, []*structs.ACLRole{&aclRole}, false)
    67  	require.NoError(t, err)
    68  
    69  	// Perform a listing to get the created role.
    70  	require.Equal(t, 0, cmd.Run([]string{"-address=" + url, "-token=" + rootACLToken.SecretID}))
    71  	s := ui.OutputWriter.String()
    72  	require.Contains(t, s, "ID")
    73  	require.Contains(t, s, "Name")
    74  	require.Contains(t, s, "Policies")
    75  	require.Contains(t, s, "acl-role-cli-test")
    76  	require.Contains(t, s, "acl-role-policy-cli-test")
    77  
    78  	ui.OutputWriter.Reset()
    79  	ui.ErrorWriter.Reset()
    80  }