github.com/hernad/nomad@v1.6.112/command/acl_role_list_test.go (about) 1 // Copyright (c) HashiCorp, Inc. 2 // SPDX-License-Identifier: MPL-2.0 3 4 package command 5 6 import ( 7 "testing" 8 9 "github.com/hernad/nomad/ci" 10 "github.com/hernad/nomad/command/agent" 11 "github.com/hernad/nomad/helper/uuid" 12 "github.com/hernad/nomad/nomad/structs" 13 "github.com/hernad/nomad/testutil" 14 "github.com/mitchellh/cli" 15 "github.com/stretchr/testify/require" 16 ) 17 18 func TestACLRoleListCommand_Run(t *testing.T) { 19 ci.Parallel(t) 20 21 // Build a test server with ACLs enabled. 22 srv, _, url := testServer(t, false, func(c *agent.Config) { 23 c.ACL.Enabled = true 24 }) 25 defer srv.Shutdown() 26 27 // Wait for the server to start fully and ensure we have a bootstrap token. 28 testutil.WaitForLeader(t, srv.Agent.RPC) 29 rootACLToken := srv.RootToken 30 require.NotNil(t, rootACLToken) 31 32 ui := cli.NewMockUi() 33 cmd := &ACLRoleListCommand{ 34 Meta: Meta{ 35 Ui: ui, 36 flagAddress: url, 37 }, 38 } 39 40 // Perform a list straight away without any roles held in state. 41 require.Equal(t, 0, cmd.Run([]string{"-address=" + url, "-token=" + rootACLToken.SecretID})) 42 require.Contains(t, ui.OutputWriter.String(), "No ACL roles found") 43 44 ui.OutputWriter.Reset() 45 ui.ErrorWriter.Reset() 46 47 // Create an ACL policy that can be referenced within the ACL role. 48 aclPolicy := structs.ACLPolicy{ 49 Name: "acl-role-policy-cli-test", 50 Rules: `namespace "default" { 51 policy = "read" 52 } 53 `, 54 } 55 err := srv.Agent.Server().State().UpsertACLPolicies( 56 structs.MsgTypeTestSetup, 10, []*structs.ACLPolicy{&aclPolicy}) 57 require.NoError(t, err) 58 59 // Create an ACL role referencing the previously created policy. 60 aclRole := structs.ACLRole{ 61 ID: uuid.Generate(), 62 Name: "acl-role-cli-test", 63 Policies: []*structs.ACLRolePolicyLink{{Name: aclPolicy.Name}}, 64 } 65 err = srv.Agent.Server().State().UpsertACLRoles( 66 structs.MsgTypeTestSetup, 20, []*structs.ACLRole{&aclRole}, false) 67 require.NoError(t, err) 68 69 // Perform a listing to get the created role. 70 require.Equal(t, 0, cmd.Run([]string{"-address=" + url, "-token=" + rootACLToken.SecretID})) 71 s := ui.OutputWriter.String() 72 require.Contains(t, s, "ID") 73 require.Contains(t, s, "Name") 74 require.Contains(t, s, "Policies") 75 require.Contains(t, s, "acl-role-cli-test") 76 require.Contains(t, s, "acl-role-policy-cli-test") 77 78 ui.OutputWriter.Reset() 79 ui.ErrorWriter.Reset() 80 }