github.com/s-matyukevich/consul@v1.4.5/api/connect_ca_test.go (about) 1 package api 2 3 import ( 4 "testing" 5 "time" 6 7 "github.com/pascaldekloe/goe/verify" 8 9 "github.com/hashicorp/consul/testutil" 10 "github.com/hashicorp/consul/testutil/retry" 11 "github.com/stretchr/testify/require" 12 ) 13 14 func TestAPI_ConnectCARoots_empty(t *testing.T) { 15 t.Parallel() 16 17 require := require.New(t) 18 c, s := makeClientWithConfig(t, nil, func(c *testutil.TestServerConfig) { 19 // Don't bootstrap CA 20 c.Connect = nil 21 }) 22 defer s.Stop() 23 24 connect := c.Connect() 25 _, _, err := connect.CARoots(nil) 26 27 require.Error(err) 28 require.Contains(err.Error(), "Connect must be enabled") 29 } 30 31 func TestAPI_ConnectCARoots_list(t *testing.T) { 32 t.Parallel() 33 34 c, s := makeClient(t) 35 defer s.Stop() 36 37 // This fails occasionally if server doesn't have time to bootstrap CA so 38 // retry 39 retry.Run(t, func(r *retry.R) { 40 connect := c.Connect() 41 list, meta, err := connect.CARoots(nil) 42 r.Check(err) 43 if meta.LastIndex <= 0 { 44 r.Fatalf("expected roots raft index to be > 0") 45 } 46 if v := len(list.Roots); v != 1 { 47 r.Fatalf("expected 1 root, got %d", v) 48 } 49 // connect.TestClusterID causes import cycle so hard code it 50 if list.TrustDomain != "11111111-2222-3333-4444-555555555555.consul" { 51 r.Fatalf("expected fixed trust domain got '%s'", list.TrustDomain) 52 } 53 }) 54 55 } 56 57 func TestAPI_ConnectCAConfig_get_set(t *testing.T) { 58 t.Parallel() 59 60 c, s := makeClient(t) 61 defer s.Stop() 62 63 expected := &ConsulCAProviderConfig{ 64 RotationPeriod: 90 * 24 * time.Hour, 65 } 66 expected.LeafCertTTL = 72 * time.Hour 67 68 // This fails occasionally if server doesn't have time to bootstrap CA so 69 // retry 70 retry.Run(t, func(r *retry.R) { 71 connect := c.Connect() 72 73 conf, _, err := connect.CAGetConfig(nil) 74 r.Check(err) 75 if conf.Provider != "consul" { 76 r.Fatalf("expected default provider, got %q", conf.Provider) 77 } 78 parsed, err := ParseConsulCAConfig(conf.Config) 79 r.Check(err) 80 verify.Values(r, "", parsed, expected) 81 82 // Change a config value and update 83 conf.Config["PrivateKey"] = "" 84 conf.Config["RotationPeriod"] = 120 * 24 * time.Hour 85 _, err = connect.CASetConfig(conf, nil) 86 r.Check(err) 87 88 updated, _, err := connect.CAGetConfig(nil) 89 r.Check(err) 90 expected.RotationPeriod = 120 * 24 * time.Hour 91 parsed, err = ParseConsulCAConfig(updated.Config) 92 r.Check(err) 93 verify.Values(r, "", parsed, expected) 94 }) 95 }