mirror of https://github.com/hashicorp/boundary
Merge pull request #2541 from hashicorp/moduli-session-test-ICU-6405
test(e2e): Add "Connect via Authz-Token" and "Session Canceling" testspull/2548/head
Michael Li
4 years ago
committed by
GitHub
commit
43f2ec54f5
@ -0,0 +1,123 @@
|
||||
package boundary
|
||||
|
||||
import (
|
||||
"context"
|
||||
"encoding/json"
|
||||
"testing"
|
||||
|
||||
"github.com/hashicorp/boundary/api"
|
||||
"github.com/hashicorp/boundary/api/hostcatalogs"
|
||||
"github.com/hashicorp/boundary/api/hosts"
|
||||
"github.com/hashicorp/boundary/api/hostsets"
|
||||
"github.com/hashicorp/boundary/testing/internal/e2e"
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
||||
// CreateNewHostCatalogApi creates a new host catalog in boundary using the go api.
|
||||
// Returns the id of the new host catalog.
|
||||
func CreateNewHostCatalogApi(t testing.TB, ctx context.Context, client *api.Client, projectId string) string {
|
||||
hcClient := hostcatalogs.NewClient(client)
|
||||
newHostCatalogResult, err := hcClient.Create(ctx, "static", projectId,
|
||||
hostcatalogs.WithName("e2e Automated Test Host Catalog"),
|
||||
)
|
||||
require.NoError(t, err)
|
||||
newHostCatalogId := newHostCatalogResult.Item.Id
|
||||
t.Logf("Created Host Catalog: %s", newHostCatalogId)
|
||||
|
||||
return newHostCatalogId
|
||||
}
|
||||
|
||||
// CreateNewHostSetApi creates a new host set in boundary using the go api.
|
||||
// Returns the id of the new host set.
|
||||
func CreateNewHostSetApi(t testing.TB, ctx context.Context, client *api.Client, hostCatalogId string) string {
|
||||
hsClient := hostsets.NewClient(client)
|
||||
newHostSetResult, err := hsClient.Create(ctx, hostCatalogId)
|
||||
require.NoError(t, err)
|
||||
newHostSetId := newHostSetResult.Item.Id
|
||||
t.Logf("Created Host Set: %s", newHostSetId)
|
||||
|
||||
return newHostSetId
|
||||
}
|
||||
|
||||
// CreateNewHostApi creates a new host in boundary using the go api
|
||||
// Returns the id of the new host.
|
||||
func CreateNewHostApi(t testing.TB, ctx context.Context, client *api.Client, hostCatalogId string, address string) string {
|
||||
hClient := hosts.NewClient(client)
|
||||
newHostResult, err := hClient.Create(ctx, hostCatalogId,
|
||||
hosts.WithName(address),
|
||||
hosts.WithStaticHostAddress(address),
|
||||
)
|
||||
require.NoError(t, err)
|
||||
newHostId := newHostResult.Item.Id
|
||||
t.Logf("Created Host: %s", newHostId)
|
||||
|
||||
return newHostId
|
||||
}
|
||||
|
||||
// AddHostToHostSetApi adds a host to a host set using the go api
|
||||
func AddHostToHostSetApi(t testing.TB, ctx context.Context, client *api.Client, hostSetId string, hostId string) {
|
||||
hsClient := hostsets.NewClient(client)
|
||||
_, err := hsClient.AddHosts(ctx, hostSetId, 0, []string{hostId}, hostsets.WithAutomaticVersioning(true))
|
||||
require.NoError(t, err)
|
||||
}
|
||||
|
||||
// CreateNewHostCatalogCli creates a new host catalog in boundary using the cli.
|
||||
// Returns the id of the new host catalog.
|
||||
func CreateNewHostCatalogCli(t testing.TB, projectId string) string {
|
||||
output := e2e.RunCommand(context.Background(), "boundary", "host-catalogs", "create", "static",
|
||||
"-scope-id", projectId,
|
||||
"-name", "e2e Automated Test Host Catalog",
|
||||
"-format", "json",
|
||||
)
|
||||
require.NoError(t, output.Err, string(output.Stderr))
|
||||
var newHostCatalogResult hostcatalogs.HostCatalogCreateResult
|
||||
err := json.Unmarshal(output.Stdout, &newHostCatalogResult)
|
||||
require.NoError(t, err)
|
||||
newHostCatalogId := newHostCatalogResult.Item.Id
|
||||
|
||||
t.Logf("Created Host Catalog: %s", newHostCatalogId)
|
||||
return newHostCatalogId
|
||||
}
|
||||
|
||||
// CreateNewHostSetCli creates a new host set in boundary using the cli.
|
||||
// Returns the id of the new host set.
|
||||
func CreateNewHostSetCli(t testing.TB, hostCatalogId string) string {
|
||||
output := e2e.RunCommand(context.Background(), "boundary", "host-sets", "create", "static",
|
||||
"-host-catalog-id", hostCatalogId,
|
||||
"-name", "e2e Automated Test Host Set",
|
||||
"-format", "json",
|
||||
)
|
||||
require.NoError(t, output.Err, string(output.Stderr))
|
||||
var newHostSetResult hostsets.HostSetCreateResult
|
||||
err := json.Unmarshal(output.Stdout, &newHostSetResult)
|
||||
require.NoError(t, err)
|
||||
newHostSetId := newHostSetResult.Item.Id
|
||||
t.Logf("Created Host Set: %s", newHostSetId)
|
||||
|
||||
return newHostSetId
|
||||
}
|
||||
|
||||
// CreateNewHostCli creates a new host in boundary using the cli.
|
||||
// Returns the id of the new host.
|
||||
func CreateNewHostCli(t testing.TB, hostCatalogId string, address string) string {
|
||||
output := e2e.RunCommand(context.Background(), "boundary", "hosts", "create", "static",
|
||||
"-host-catalog-id", hostCatalogId,
|
||||
"-name", address,
|
||||
"-address", address,
|
||||
"-format", "json",
|
||||
)
|
||||
require.NoError(t, output.Err, string(output.Stderr))
|
||||
var newHostResult hosts.HostCreateResult
|
||||
err := json.Unmarshal(output.Stdout, &newHostResult)
|
||||
require.NoError(t, err)
|
||||
newHostId := newHostResult.Item.Id
|
||||
t.Logf("Created Host: %s", newHostId)
|
||||
|
||||
return newHostId
|
||||
}
|
||||
|
||||
// AddHostToHostSetCli adds a host to a host set using the cli
|
||||
func AddHostToHostSetCli(t testing.TB, hostSetId string, hostId string) {
|
||||
output := e2e.RunCommand(context.Background(), "boundary", "host-sets", "add-hosts", "-id", hostSetId, "-host", hostId)
|
||||
require.NoError(t, output.Err, string(output.Stderr))
|
||||
}
|
||||
@ -0,0 +1,68 @@
|
||||
package boundary
|
||||
|
||||
import (
|
||||
"context"
|
||||
"encoding/json"
|
||||
"strconv"
|
||||
"testing"
|
||||
|
||||
"github.com/hashicorp/boundary/api"
|
||||
"github.com/hashicorp/boundary/api/targets"
|
||||
"github.com/hashicorp/boundary/testing/internal/e2e"
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
||||
// CreateNewTargetApi creates a new target in boundary using the go api.
|
||||
// Returns the id of the new target.
|
||||
func CreateNewTargetApi(t testing.TB, ctx context.Context, client *api.Client, projectId string, defaultPort string) string {
|
||||
tClient := targets.NewClient(client)
|
||||
targetPort, err := strconv.ParseInt(defaultPort, 10, 32)
|
||||
require.NoError(t, err)
|
||||
newTargetResult, err := tClient.Create(ctx, "tcp", projectId,
|
||||
targets.WithName("e2e Automated Test Target"),
|
||||
targets.WithTcpTargetDefaultPort(uint32(targetPort)),
|
||||
)
|
||||
require.NoError(t, err)
|
||||
newTargetId := newTargetResult.Item.Id
|
||||
t.Logf("Created Target: %s", newTargetId)
|
||||
|
||||
return newTargetId
|
||||
}
|
||||
|
||||
// AddHostSourceToTargetApi adds a host source (host set or host) to a target using the go api
|
||||
func AddHostSourceToTargetApi(t testing.TB, ctx context.Context, client *api.Client, targetId string, hostSourceId string) {
|
||||
tClient := targets.NewClient(client)
|
||||
_, err := tClient.AddHostSources(ctx, targetId, 0,
|
||||
[]string{hostSourceId},
|
||||
targets.WithAutomaticVersioning(true),
|
||||
)
|
||||
require.NoError(t, err)
|
||||
}
|
||||
|
||||
// CreateNewTargetCli creates a new target in boundary using the cli
|
||||
// Returns the id of the new target.
|
||||
func CreateNewTargetCli(t testing.TB, projectId string, defaultPort string) string {
|
||||
output := e2e.RunCommand(context.Background(), "boundary", "targets", "create", "tcp",
|
||||
"-scope-id", projectId,
|
||||
"-default-port", defaultPort,
|
||||
"-name", "e2e Automated Test Target",
|
||||
"-format", "json",
|
||||
)
|
||||
require.NoError(t, output.Err, string(output.Stderr))
|
||||
var newTargetResult targets.TargetCreateResult
|
||||
err := json.Unmarshal(output.Stdout, &newTargetResult)
|
||||
require.NoError(t, err)
|
||||
newTargetId := newTargetResult.Item.Id
|
||||
t.Logf("Created Target: %s", newTargetId)
|
||||
|
||||
return newTargetId
|
||||
}
|
||||
|
||||
// AddHostSourceToTargetCli adds a host source (host set or host) to a target using the cli
|
||||
func AddHostSourceToTargetCli(t testing.TB, targetId string, hostSourceId string) {
|
||||
output := e2e.RunCommand(context.Background(), "boundary", "targets", "add-host-sources",
|
||||
"-id", targetId,
|
||||
"-host-source", hostSourceId,
|
||||
)
|
||||
require.NoError(t, output.Err, string(output.Stderr))
|
||||
}
|
||||
@ -0,0 +1,119 @@
|
||||
package static_test
|
||||
|
||||
import (
|
||||
"context"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"os"
|
||||
"strings"
|
||||
"testing"
|
||||
|
||||
"github.com/hashicorp/boundary/api/credentials"
|
||||
"github.com/hashicorp/boundary/api/credentialstores"
|
||||
"github.com/hashicorp/boundary/api/targets"
|
||||
"github.com/hashicorp/boundary/testing/internal/e2e"
|
||||
"github.com/hashicorp/boundary/testing/internal/e2e/boundary"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
||||
// TestConnectTargetWithAuthzTokenCli uses the boundary cli to connect to a target using the
|
||||
// `authz_token` option
|
||||
func TestConnectTargetWithAuthzTokenCli(t *testing.T) {
|
||||
e2e.MaybeSkipTest(t)
|
||||
c, err := loadConfig()
|
||||
require.NoError(t, err)
|
||||
|
||||
boundary.AuthenticateCli(t)
|
||||
newOrgId := boundary.CreateNewOrgCli(t)
|
||||
newProjectId := boundary.CreateNewProjectCli(t, newOrgId)
|
||||
newHostCatalogId := boundary.CreateNewHostCatalogCli(t, newProjectId)
|
||||
newHostSetId := boundary.CreateNewHostSetCli(t, newHostCatalogId)
|
||||
newHostId := boundary.CreateNewHostCli(t, newHostCatalogId, c.TargetIp)
|
||||
boundary.AddHostToHostSetCli(t, newHostSetId, newHostId)
|
||||
newTargetId := boundary.CreateNewTargetCli(t, newProjectId, c.TargetPort)
|
||||
boundary.AddHostSourceToTargetCli(t, newTargetId, newHostSetId)
|
||||
|
||||
// Create a credential store
|
||||
ctx := context.Background()
|
||||
output := e2e.RunCommand(ctx, "boundary", "credential-stores", "create", "static",
|
||||
"-scope-id", newProjectId,
|
||||
"-format", "json",
|
||||
)
|
||||
require.NoError(t, output.Err, string(output.Stderr))
|
||||
var newCredentialStoreResult credentialstores.CredentialStoreCreateResult
|
||||
err = json.Unmarshal(output.Stdout, &newCredentialStoreResult)
|
||||
require.NoError(t, err)
|
||||
newCredentialStoreId := newCredentialStoreResult.Item.Id
|
||||
t.Logf("Created Credential Store: %s", newCredentialStoreId)
|
||||
|
||||
// Create credentials
|
||||
output = e2e.RunCommand(ctx, "boundary", "credentials", "create", "ssh-private-key",
|
||||
"-credential-store-id", newCredentialStoreId,
|
||||
"-username", c.TargetSshUser,
|
||||
"-private-key", "file://"+c.TargetSshKeyPath,
|
||||
"-format", "json",
|
||||
)
|
||||
require.NoError(t, output.Err, string(output.Stderr))
|
||||
var newCredentialsResult credentials.CredentialCreateResult
|
||||
err = json.Unmarshal(output.Stdout, &newCredentialsResult)
|
||||
require.NoError(t, err)
|
||||
newCredentialsId := newCredentialsResult.Item.Id
|
||||
t.Logf("Created Credentials: %s", newCredentialsId)
|
||||
|
||||
// Add credentials to target
|
||||
output = e2e.RunCommand(ctx, "boundary", "targets", "add-credential-sources",
|
||||
"-id", newTargetId,
|
||||
"-brokered-credential-source", newCredentialsId,
|
||||
)
|
||||
require.NoError(t, output.Err, string(output.Stderr))
|
||||
|
||||
// Get credentials for target
|
||||
output = e2e.RunCommand(ctx, "boundary", "targets", "authorize-session", "-id", newTargetId, "-format", "json")
|
||||
require.NoError(t, output.Err, string(output.Stderr))
|
||||
var newSessionAuthorizationResult targets.SessionAuthorizationResult
|
||||
err = json.Unmarshal(output.Stdout, &newSessionAuthorizationResult)
|
||||
require.NoError(t, err)
|
||||
|
||||
newSessionAuthorization := newSessionAuthorizationResult.Item
|
||||
retrievedUser := fmt.Sprintf("%s", newSessionAuthorization.Credentials[0].Credential["username"])
|
||||
retrievedKey := fmt.Sprintf("%s\n", newSessionAuthorization.Credentials[0].Credential["private_key"])
|
||||
assert.Equal(t, c.TargetSshUser, retrievedUser)
|
||||
|
||||
k, err := os.ReadFile(c.TargetSshKeyPath)
|
||||
require.NoError(t, err)
|
||||
require.Equal(t, string(k), retrievedKey)
|
||||
t.Log("Successfully retrieved credentials for target")
|
||||
|
||||
// Get auth token for session
|
||||
newAuthToken := newSessionAuthorizationResult.Item.AuthorizationToken
|
||||
|
||||
// Create key file
|
||||
retrievedKeyPath := fmt.Sprintf("%s/%s", t.TempDir(), "target_private_key.pem")
|
||||
f, err := os.Create(retrievedKeyPath)
|
||||
require.NoError(t, err)
|
||||
_, err = f.WriteString(retrievedKey)
|
||||
require.NoError(t, err)
|
||||
err = os.Chmod(retrievedKeyPath, 0o400)
|
||||
require.NoError(t, err)
|
||||
|
||||
// Connect to target and print host's IP address using retrieved credentials
|
||||
output = e2e.RunCommand(ctx, "boundary", "connect",
|
||||
"-authz-token", newAuthToken,
|
||||
"-exec", "/usr/bin/ssh", "--",
|
||||
"-l", retrievedUser,
|
||||
"-i", retrievedKeyPath,
|
||||
"-o", "UserKnownHostsFile=/dev/null",
|
||||
"-o", "StrictHostKeyChecking=no",
|
||||
"-o", "IdentitiesOnly=yes", // forces the use of the provided key
|
||||
"-p", "{{boundary.port}}", // this is provided by boundary
|
||||
"{{boundary.ip}}",
|
||||
"hostname", "-i",
|
||||
)
|
||||
require.NoError(t, output.Err, string(output.Stderr))
|
||||
|
||||
parts := strings.Fields(string(output.Stdout))
|
||||
hostIp := parts[len(parts)-1]
|
||||
require.Equal(t, c.TargetIp, hostIp, "SSH session did not return expected output")
|
||||
t.Log("Successfully connected to target")
|
||||
}
|
||||
@ -0,0 +1,155 @@
|
||||
package static_test
|
||||
|
||||
import (
|
||||
"context"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"os"
|
||||
"testing"
|
||||
|
||||
"github.com/hashicorp/boundary/api/credentials"
|
||||
"github.com/hashicorp/boundary/api/credentialstores"
|
||||
"github.com/hashicorp/boundary/api/targets"
|
||||
"github.com/hashicorp/boundary/testing/internal/e2e"
|
||||
"github.com/hashicorp/boundary/testing/internal/e2e/boundary"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
||||
// TestConnectTargetWithSshCli uses the boundary cli to create a credential using boundary's
|
||||
// built-in credential store. The test attaches that credential to a target and attempts to connect
|
||||
// to that target using those credentials.
|
||||
func TestConnectTargetWithSshCli(t *testing.T) {
|
||||
e2e.MaybeSkipTest(t)
|
||||
c, err := loadConfig()
|
||||
require.NoError(t, err)
|
||||
|
||||
boundary.AuthenticateCli(t)
|
||||
newOrgId := boundary.CreateNewOrgCli(t)
|
||||
newProjectId := boundary.CreateNewProjectCli(t, newOrgId)
|
||||
newHostCatalogId := boundary.CreateNewHostCatalogCli(t, newProjectId)
|
||||
newHostSetId := boundary.CreateNewHostSetCli(t, newHostCatalogId)
|
||||
newHostId := boundary.CreateNewHostCli(t, newHostCatalogId, c.TargetIp)
|
||||
boundary.AddHostToHostSetCli(t, newHostSetId, newHostId)
|
||||
newTargetId := boundary.CreateNewTargetCli(t, newProjectId, c.TargetPort)
|
||||
boundary.AddHostSourceToTargetCli(t, newTargetId, newHostSetId)
|
||||
|
||||
// Create a credential store
|
||||
ctx := context.Background()
|
||||
output := e2e.RunCommand(ctx, "boundary", "credential-stores", "create", "static",
|
||||
"-scope-id", newProjectId,
|
||||
"-format", "json",
|
||||
)
|
||||
require.NoError(t, output.Err, string(output.Stderr))
|
||||
var newCredentialStoreResult credentialstores.CredentialStoreCreateResult
|
||||
err = json.Unmarshal(output.Stdout, &newCredentialStoreResult)
|
||||
require.NoError(t, err)
|
||||
newCredentialStoreId := newCredentialStoreResult.Item.Id
|
||||
t.Logf("Created Credential Store: %s", newCredentialStoreId)
|
||||
|
||||
// Create credentials
|
||||
output = e2e.RunCommand(ctx, "boundary", "credentials", "create", "ssh-private-key",
|
||||
"-credential-store-id", newCredentialStoreId,
|
||||
"-username", c.TargetSshUser,
|
||||
"-private-key", "file://"+c.TargetSshKeyPath,
|
||||
"-format", "json",
|
||||
)
|
||||
require.NoError(t, output.Err, string(output.Stderr))
|
||||
var newCredentialsResult credentials.CredentialCreateResult
|
||||
err = json.Unmarshal(output.Stdout, &newCredentialsResult)
|
||||
require.NoError(t, err)
|
||||
newCredentialsId := newCredentialsResult.Item.Id
|
||||
t.Logf("Created Credentials: %s", newCredentialsId)
|
||||
|
||||
// Add credentials to target
|
||||
output = e2e.RunCommand(ctx, "boundary", "targets", "add-credential-sources",
|
||||
"-id", newTargetId,
|
||||
"-brokered-credential-source", newCredentialsId,
|
||||
)
|
||||
require.NoError(t, output.Err, string(output.Stderr))
|
||||
|
||||
// Get credentials for target
|
||||
output = e2e.RunCommand(ctx, "boundary", "targets", "authorize-session", "-id", newTargetId, "-format", "json")
|
||||
require.NoError(t, output.Err, string(output.Stderr))
|
||||
var newSessionAuthorizationResult targets.SessionAuthorizationResult
|
||||
err = json.Unmarshal(output.Stdout, &newSessionAuthorizationResult)
|
||||
require.NoError(t, err)
|
||||
|
||||
newSessionAuthorization := newSessionAuthorizationResult.Item
|
||||
retrievedUser := fmt.Sprintf("%s", newSessionAuthorization.Credentials[0].Credential["username"])
|
||||
retrievedKey := fmt.Sprintf("%s\n", newSessionAuthorization.Credentials[0].Credential["private_key"])
|
||||
assert.Equal(t, c.TargetSshUser, retrievedUser)
|
||||
|
||||
k, err := os.ReadFile(c.TargetSshKeyPath)
|
||||
require.NoError(t, err)
|
||||
require.Equal(t, string(k), retrievedKey)
|
||||
t.Log("Successfully retrieved credentials for target")
|
||||
|
||||
// Connect to target and print host's IP address using retrieved credentials
|
||||
output = e2e.RunCommand(ctx, "boundary", "connect", "ssh",
|
||||
"-target-id", newTargetId, "--",
|
||||
"-o", "UserKnownHostsFile=/dev/null",
|
||||
"-o", "StrictHostKeyChecking=no",
|
||||
"-o", "IdentitiesOnly=yes", // forces the use of the provided key
|
||||
)
|
||||
require.NoError(t, output.Err, string(output.Stderr))
|
||||
t.Log("Successfully connected to target")
|
||||
}
|
||||
|
||||
// TestCreateTargetWithStaticCredentialStoreApi uses the boundary go api to create a credential using
|
||||
// boundary's built-in credential store. The test then attaches that credential to a target.
|
||||
func TestCreateTargetWithStaticCredentialStoreApi(t *testing.T) {
|
||||
e2e.MaybeSkipTest(t)
|
||||
c, err := loadConfig()
|
||||
require.NoError(t, err)
|
||||
|
||||
client, err := boundary.NewApiClient()
|
||||
require.NoError(t, err)
|
||||
ctx := context.Background()
|
||||
|
||||
newOrgId := boundary.CreateNewOrgApi(t, ctx, client)
|
||||
newProjectId := boundary.CreateNewProjectApi(t, ctx, client, newOrgId)
|
||||
newHostCatalogId := boundary.CreateNewHostCatalogApi(t, ctx, client, newProjectId)
|
||||
newHostSetId := boundary.CreateNewHostSetApi(t, ctx, client, newHostCatalogId)
|
||||
newHostId := boundary.CreateNewHostApi(t, ctx, client, newHostCatalogId, c.TargetIp)
|
||||
boundary.AddHostToHostSetApi(t, ctx, client, newHostSetId, newHostId)
|
||||
newTargetId := boundary.CreateNewTargetApi(t, ctx, client, newProjectId, c.TargetPort)
|
||||
boundary.AddHostSourceToTargetApi(t, ctx, client, newTargetId, newHostSetId)
|
||||
|
||||
// Create a credential store
|
||||
csClient := credentialstores.NewClient(client)
|
||||
newCredentialStoreResult, err := csClient.Create(ctx, "static", newProjectId)
|
||||
require.NoError(t, err)
|
||||
newCredentialStoreId := newCredentialStoreResult.Item.Id
|
||||
t.Logf("Created Credential Store: %s", newCredentialStoreId)
|
||||
|
||||
// Create credentials
|
||||
cClient := credentials.NewClient(client)
|
||||
k, err := os.ReadFile(c.TargetSshKeyPath)
|
||||
require.NoError(t, err)
|
||||
newCredentialsResult, err := cClient.Create(ctx, "ssh_private_key", newCredentialStoreId,
|
||||
credentials.WithSshPrivateKeyCredentialUsername(c.TargetSshUser),
|
||||
credentials.WithSshPrivateKeyCredentialPrivateKey(string(k)),
|
||||
)
|
||||
require.NoError(t, err)
|
||||
newCredentialsId := newCredentialsResult.Item.Id
|
||||
t.Logf("Created Credentials: %s", newCredentialsId)
|
||||
|
||||
// Add credentials to target
|
||||
tClient := targets.NewClient(client)
|
||||
_, err = tClient.AddCredentialSources(ctx, newTargetId, 0,
|
||||
targets.WithAutomaticVersioning(true),
|
||||
targets.WithBrokeredCredentialSourceIds([]string{newCredentialsId}),
|
||||
)
|
||||
require.NoError(t, err)
|
||||
|
||||
// Authorize Session
|
||||
newSessionAuthorizationResult, err := tClient.AuthorizeSession(ctx, newTargetId)
|
||||
require.NoError(t, err)
|
||||
newSessionAuthorization := newSessionAuthorizationResult.Item
|
||||
retrievedUser := fmt.Sprintf("%s", newSessionAuthorization.Credentials[0].Credential["username"])
|
||||
retrievedKey := fmt.Sprintf("%s", newSessionAuthorization.Credentials[0].Credential["private_key"])
|
||||
assert.Equal(t, c.TargetSshUser, retrievedUser)
|
||||
require.Equal(t, string(k), retrievedKey)
|
||||
t.Log("Successfully retrieved credentials for target")
|
||||
}
|
||||
@ -0,0 +1,73 @@
|
||||
package static_test
|
||||
|
||||
import (
|
||||
"context"
|
||||
"strings"
|
||||
"testing"
|
||||
|
||||
"github.com/hashicorp/boundary/testing/internal/e2e"
|
||||
"github.com/hashicorp/boundary/testing/internal/e2e/boundary"
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
||||
// TestConnectTargetCli uses the boundary cli to create a number of supporting objects
|
||||
// to connect to a target. It then attempts to connect to that target and verifies that
|
||||
// the connection was successful.
|
||||
func TestConnectTargetCli(t *testing.T) {
|
||||
e2e.MaybeSkipTest(t)
|
||||
c, err := loadConfig()
|
||||
require.NoError(t, err)
|
||||
|
||||
boundary.AuthenticateCli(t)
|
||||
newOrgId := boundary.CreateNewOrgCli(t)
|
||||
newProjectId := boundary.CreateNewProjectCli(t, newOrgId)
|
||||
newHostCatalogId := boundary.CreateNewHostCatalogCli(t, newProjectId)
|
||||
newHostSetId := boundary.CreateNewHostSetCli(t, newHostCatalogId)
|
||||
newHostId := boundary.CreateNewHostCli(t, newHostCatalogId, c.TargetIp)
|
||||
boundary.AddHostToHostSetCli(t, newHostSetId, newHostId)
|
||||
newTargetId := boundary.CreateNewTargetCli(t, newProjectId, c.TargetPort)
|
||||
boundary.AddHostSourceToTargetCli(t, newTargetId, newHostSetId)
|
||||
|
||||
// Connect to target and print host's IP address
|
||||
ctx := context.Background()
|
||||
output := e2e.RunCommand(ctx, "boundary", "connect",
|
||||
"-target-id", newTargetId,
|
||||
"-exec", "/usr/bin/ssh", "--",
|
||||
"-l", c.TargetSshUser,
|
||||
"-i", c.TargetSshKeyPath,
|
||||
"-o", "UserKnownHostsFile=/dev/null",
|
||||
"-o", "StrictHostKeyChecking=no",
|
||||
"-o", "IdentitiesOnly=yes", // forces the use of the provided key
|
||||
"-p", "{{boundary.port}}", // this is provided by boundary
|
||||
"{{boundary.ip}}",
|
||||
"hostname", "-i",
|
||||
)
|
||||
require.NoError(t, output.Err, string(output.Stderr))
|
||||
|
||||
parts := strings.Fields(string(output.Stdout))
|
||||
hostIp := parts[len(parts)-1]
|
||||
require.Equal(t, c.TargetIp, hostIp, "SSH session did not return expected output")
|
||||
t.Log("Successfully connected to target")
|
||||
}
|
||||
|
||||
// TestCreateTargetApi uses the boundary go api to create a number of supporting objects
|
||||
// to connect to a target. This test does not connect to the target due to the complexity
|
||||
// when not using the cli.
|
||||
func TestCreateTargetApi(t *testing.T) {
|
||||
e2e.MaybeSkipTest(t)
|
||||
c, err := loadConfig()
|
||||
require.NoError(t, err)
|
||||
|
||||
client, err := boundary.NewApiClient()
|
||||
require.NoError(t, err)
|
||||
ctx := context.Background()
|
||||
|
||||
newOrgId := boundary.CreateNewOrgApi(t, ctx, client)
|
||||
newProjectId := boundary.CreateNewProjectApi(t, ctx, client, newOrgId)
|
||||
newHostCatalogId := boundary.CreateNewHostCatalogApi(t, ctx, client, newProjectId)
|
||||
newHostSetId := boundary.CreateNewHostSetApi(t, ctx, client, newHostCatalogId)
|
||||
newHostId := boundary.CreateNewHostApi(t, ctx, client, newHostCatalogId, c.TargetIp)
|
||||
boundary.AddHostToHostSetApi(t, ctx, client, newHostSetId, newHostId)
|
||||
newTargetId := boundary.CreateNewTargetApi(t, ctx, client, newProjectId, c.TargetPort)
|
||||
boundary.AddHostSourceToTargetApi(t, ctx, client, newTargetId, newHostSetId)
|
||||
}
|
||||
@ -0,0 +1,114 @@
|
||||
package static_test
|
||||
|
||||
import (
|
||||
"context"
|
||||
"encoding/json"
|
||||
"errors"
|
||||
"testing"
|
||||
"time"
|
||||
|
||||
"github.com/cenkalti/backoff/v4"
|
||||
"github.com/hashicorp/boundary/api/sessions"
|
||||
"github.com/hashicorp/boundary/testing/internal/e2e"
|
||||
"github.com/hashicorp/boundary/testing/internal/e2e/boundary"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
||||
func TestSessionCancelingCli(t *testing.T) {
|
||||
e2e.MaybeSkipTest(t)
|
||||
c, err := loadConfig()
|
||||
require.NoError(t, err)
|
||||
|
||||
boundary.AuthenticateCli(t)
|
||||
newOrgId := boundary.CreateNewOrgCli(t)
|
||||
newProjectId := boundary.CreateNewProjectCli(t, newOrgId)
|
||||
newHostCatalogId := boundary.CreateNewHostCatalogCli(t, newProjectId)
|
||||
newHostSetId := boundary.CreateNewHostSetCli(t, newHostCatalogId)
|
||||
newHostId := boundary.CreateNewHostCli(t, newHostCatalogId, c.TargetIp)
|
||||
boundary.AddHostToHostSetCli(t, newHostSetId, newHostId)
|
||||
newTargetId := boundary.CreateNewTargetCli(t, newProjectId, c.TargetPort)
|
||||
boundary.AddHostSourceToTargetCli(t, newTargetId, newHostSetId)
|
||||
|
||||
// Connect to target to create a session
|
||||
ctxCancel, cancel := context.WithCancel(context.Background())
|
||||
errChan := make(chan *e2e.CommandResult)
|
||||
go func() {
|
||||
errChan <- e2e.RunCommand(ctxCancel, "boundary", "connect",
|
||||
"-target-id", newTargetId,
|
||||
"-exec", "/usr/bin/ssh", "--",
|
||||
"-l", c.TargetSshUser,
|
||||
"-i", c.TargetSshKeyPath,
|
||||
"-o", "UserKnownHostsFile=/dev/null",
|
||||
"-o", "StrictHostKeyChecking=no",
|
||||
"-o", "IdentitiesOnly=yes", // forces the use of the provided key
|
||||
"-p", "{{boundary.port}}", // this is provided by boundary
|
||||
"{{boundary.ip}}",
|
||||
"hostname -i; sleep 60",
|
||||
)
|
||||
}()
|
||||
t.Cleanup(cancel)
|
||||
|
||||
// Get list of sessions
|
||||
ctx := context.Background()
|
||||
var session *sessions.Session
|
||||
err = backoff.RetryNotify(
|
||||
func() error {
|
||||
output := e2e.RunCommand(ctx, "boundary", "sessions", "list", "-scope-id", newProjectId, "-format", "json")
|
||||
if output.Err != nil {
|
||||
return backoff.Permanent(errors.New(string(output.Stderr)))
|
||||
}
|
||||
|
||||
var sessionListResult sessions.SessionListResult
|
||||
err = json.Unmarshal(output.Stdout, &sessionListResult)
|
||||
if err != nil {
|
||||
return backoff.Permanent(err)
|
||||
}
|
||||
|
||||
sessionCount := len(sessionListResult.Items)
|
||||
if sessionCount == 0 {
|
||||
return errors.New("No items are appearing in the session list")
|
||||
}
|
||||
|
||||
t.Logf("Found %d session(s)", sessionCount)
|
||||
if sessionCount != 1 {
|
||||
return backoff.Permanent(errors.New("Only one session was expected to be found"))
|
||||
}
|
||||
|
||||
session = sessionListResult.Items[0]
|
||||
return nil
|
||||
},
|
||||
backoff.WithMaxRetries(backoff.NewConstantBackOff(3*time.Second), 5),
|
||||
func(err error, td time.Duration) {
|
||||
t.Logf("%s. Retrying...", err.Error())
|
||||
},
|
||||
)
|
||||
require.NoError(t, err)
|
||||
assert.Equal(t, newTargetId, session.TargetId)
|
||||
assert.Equal(t, newHostId, session.HostId)
|
||||
require.Equal(t, "active", session.Status)
|
||||
|
||||
// Cancel session
|
||||
output := e2e.RunCommand(ctx, "boundary", "sessions", "cancel", "-id", session.Id)
|
||||
require.NoError(t, output.Err, string(output.Stderr))
|
||||
|
||||
output = e2e.RunCommand(ctx, "boundary", "sessions", "read", "-id", session.Id, "-format", "json")
|
||||
require.NoError(t, output.Err, string(output.Stderr))
|
||||
var newSessionReadResult sessions.SessionReadResult
|
||||
err = json.Unmarshal(output.Stdout, &newSessionReadResult)
|
||||
require.NoError(t, err)
|
||||
require.Condition(t, func() bool {
|
||||
return newSessionReadResult.Item.Status == "canceling" || newSessionReadResult.Item.Status == "terminated"
|
||||
})
|
||||
|
||||
// Check output from session
|
||||
select {
|
||||
case output := <-errChan:
|
||||
// `boundary connect` returns a 255 when cancelled
|
||||
require.Equal(t, output.ExitCode, 255, string(output.Stdout), string(output.Stderr))
|
||||
case <-time.After(time.Second * 5):
|
||||
t.Fatal("Timed out waiting for session command to exit")
|
||||
}
|
||||
|
||||
t.Log("Successfully cancelled session")
|
||||
}
|
||||
@ -1,257 +0,0 @@
|
||||
package static_test
|
||||
|
||||
import (
|
||||
"context"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"os"
|
||||
"strconv"
|
||||
"testing"
|
||||
|
||||
"github.com/hashicorp/boundary/api/credentials"
|
||||
"github.com/hashicorp/boundary/api/credentialstores"
|
||||
"github.com/hashicorp/boundary/api/hostcatalogs"
|
||||
"github.com/hashicorp/boundary/api/hosts"
|
||||
"github.com/hashicorp/boundary/api/hostsets"
|
||||
"github.com/hashicorp/boundary/api/targets"
|
||||
"github.com/hashicorp/boundary/testing/internal/e2e"
|
||||
"github.com/hashicorp/boundary/testing/internal/e2e/boundary"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
||||
// TestConnectTargetWithStaticCredentialStoreCli uses the boundary cli to create a credential using
|
||||
// boundary's built-in credential store. The test attaches that credential to a target and attempts
|
||||
// to connect to that target using those credentials.
|
||||
func TestConnectTargetWithStaticCredentialStoreCli(t *testing.T) {
|
||||
e2e.MaybeSkipTest(t)
|
||||
c, err := loadConfig()
|
||||
require.NoError(t, err)
|
||||
|
||||
boundary.AuthenticateCli(t)
|
||||
|
||||
// Create an org and project
|
||||
newOrgId := boundary.CreateNewOrgCli(t)
|
||||
t.Logf("Created Org Id: %s", newOrgId)
|
||||
newProjectId := boundary.CreateNewProjectCli(t, newOrgId)
|
||||
t.Logf("Created Project Id: %s", newProjectId)
|
||||
|
||||
// Create a credential store
|
||||
output := e2e.RunCommand("boundary", "credential-stores", "create", "static",
|
||||
"-scope-id", newProjectId,
|
||||
"-format", "json",
|
||||
)
|
||||
require.NoError(t, output.Err, string(output.Stderr))
|
||||
var newCredentialStoreResult credentialstores.CredentialStoreCreateResult
|
||||
err = json.Unmarshal(output.Stdout, &newCredentialStoreResult)
|
||||
require.NoError(t, err)
|
||||
newCredentialStoreId := newCredentialStoreResult.Item.Id
|
||||
t.Logf("Created Credential Store: %s", newCredentialStoreId)
|
||||
|
||||
// Create credentials
|
||||
output = e2e.RunCommand("boundary", "credentials", "create", "ssh-private-key",
|
||||
"-credential-store-id", newCredentialStoreId,
|
||||
"-username", c.TargetSshUser,
|
||||
"-private-key", "file://"+c.TargetSshKeyPath,
|
||||
"-format", "json",
|
||||
)
|
||||
require.NoError(t, output.Err, string(output.Stderr))
|
||||
var newCredentialsResult credentials.CredentialCreateResult
|
||||
err = json.Unmarshal(output.Stdout, &newCredentialsResult)
|
||||
require.NoError(t, err)
|
||||
newCredentialsId := newCredentialsResult.Item.Id
|
||||
t.Logf("Created Credentials: %s", newCredentialsId)
|
||||
|
||||
// Create a host catalog
|
||||
output = e2e.RunCommand("boundary", "host-catalogs", "create", "static",
|
||||
"-scope-id", newProjectId,
|
||||
"-name", "e2e Automated Test Host Catalog",
|
||||
"-format", "json",
|
||||
)
|
||||
require.NoError(t, output.Err, string(output.Stderr))
|
||||
var newHostCatalogResult hostcatalogs.HostCatalogCreateResult
|
||||
err = json.Unmarshal(output.Stdout, &newHostCatalogResult)
|
||||
require.NoError(t, err)
|
||||
newHostCatalogId := newHostCatalogResult.Item.Id
|
||||
t.Logf("Created Host Catalog: %s", newHostCatalogId)
|
||||
|
||||
// Create a host set and add to catalog
|
||||
output = e2e.RunCommand("boundary", "host-sets", "create", "static",
|
||||
"-host-catalog-id", newHostCatalogId,
|
||||
"-name", "e2e Automated Test Host Set",
|
||||
"-format", "json",
|
||||
)
|
||||
require.NoError(t, output.Err, string(output.Stderr))
|
||||
var newHostSetResult hostsets.HostSetCreateResult
|
||||
err = json.Unmarshal(output.Stdout, &newHostSetResult)
|
||||
require.NoError(t, err)
|
||||
newHostSetId := newHostSetResult.Item.Id
|
||||
t.Logf("Created Host Set: %s", newHostSetId)
|
||||
|
||||
// Create a host
|
||||
output = e2e.RunCommand("boundary", "hosts", "create", "static",
|
||||
"-host-catalog-id", newHostCatalogId,
|
||||
"-name", c.TargetIp,
|
||||
"-address", c.TargetIp,
|
||||
"-format", "json",
|
||||
)
|
||||
require.NoError(t, output.Err, string(output.Stderr))
|
||||
var newHostResult hosts.HostCreateResult
|
||||
err = json.Unmarshal(output.Stdout, &newHostResult)
|
||||
require.NoError(t, err)
|
||||
newHostId := newHostResult.Item.Id
|
||||
t.Logf("Created Host: %s", newHostId)
|
||||
|
||||
// Add host to host set
|
||||
output = e2e.RunCommand("boundary", "host-sets", "add-hosts", "-id", newHostSetId, "-host", newHostId)
|
||||
require.NoError(t, output.Err, string(output.Stderr))
|
||||
|
||||
// Create a target
|
||||
output = e2e.RunCommand("boundary", "targets", "create", "tcp",
|
||||
"-scope-id", newProjectId,
|
||||
"-default-port", c.TargetPort,
|
||||
"-name", "e2e Automated Test Target",
|
||||
"-format", "json",
|
||||
)
|
||||
require.NoError(t, output.Err, string(output.Stderr))
|
||||
var newTargetResult targets.TargetCreateResult
|
||||
err = json.Unmarshal(output.Stdout, &newTargetResult)
|
||||
require.NoError(t, err)
|
||||
newTargetId := newTargetResult.Item.Id
|
||||
t.Logf("Created Target: %s", newTargetId)
|
||||
|
||||
// Add host set to target
|
||||
output = e2e.RunCommand("boundary", "targets", "add-host-sources",
|
||||
"-id", newTargetId,
|
||||
"-host-source", newHostSetId,
|
||||
)
|
||||
require.NoError(t, output.Err, string(output.Stderr))
|
||||
|
||||
// Add credentials to target
|
||||
output = e2e.RunCommand("boundary", "targets", "add-credential-sources",
|
||||
"-id", newTargetId,
|
||||
"-brokered-credential-source", newCredentialsId,
|
||||
)
|
||||
require.NoError(t, output.Err, string(output.Stderr))
|
||||
|
||||
// Get credentials for target
|
||||
output = e2e.RunCommand("boundary", "targets", "authorize-session", "-id", newTargetId, "-format", "json")
|
||||
require.NoError(t, output.Err, string(output.Stderr))
|
||||
var newSessionAuthorizationResult targets.SessionAuthorizationResult
|
||||
err = json.Unmarshal(output.Stdout, &newSessionAuthorizationResult)
|
||||
require.NoError(t, err)
|
||||
|
||||
newSessionAuthorization := newSessionAuthorizationResult.Item
|
||||
retrievedUser := fmt.Sprintf("%s", newSessionAuthorization.Credentials[0].Credential["username"])
|
||||
retrievedKey := fmt.Sprintf("%s\n", newSessionAuthorization.Credentials[0].Credential["private_key"])
|
||||
assert.Equal(t, c.TargetSshUser, retrievedUser)
|
||||
|
||||
k, err := os.ReadFile(c.TargetSshKeyPath)
|
||||
require.NoError(t, err)
|
||||
require.Equal(t, string(k), retrievedKey)
|
||||
t.Log("Successfully retrieved credentials for target")
|
||||
|
||||
// Connect to target and print host's IP address using retrieved credentials
|
||||
output = e2e.RunCommand("boundary", "connect", "ssh",
|
||||
"-target-id", newTargetId, "--",
|
||||
"-o", "UserKnownHostsFile=/dev/null",
|
||||
"-o", "StrictHostKeyChecking=no",
|
||||
"-o", "IdentitiesOnly=yes", // forces the use of the provided key
|
||||
)
|
||||
require.NoError(t, output.Err, string(output.Stderr))
|
||||
t.Log("Successfully connected to target")
|
||||
}
|
||||
|
||||
// TestCreateTargetWithStaticCredentialStoreApi uses the boundary go api to create a credential using
|
||||
// boundary's built-in credential store. The test then attaches that credential to a target.
|
||||
func TestCreateTargetWithStaticCredentialStoreApi(t *testing.T) {
|
||||
e2e.MaybeSkipTest(t)
|
||||
c, err := loadConfig()
|
||||
require.NoError(t, err)
|
||||
|
||||
// Create boundary api client
|
||||
client, err := boundary.NewApiClient()
|
||||
require.NoError(t, err)
|
||||
ctx := context.Background()
|
||||
|
||||
// Create an org and project
|
||||
newOrgId := boundary.CreateNewOrgApi(t, ctx, client)
|
||||
t.Logf("Created Org Id: %s", newOrgId)
|
||||
newProjectId := boundary.CreateNewProjectApi(t, ctx, client, newOrgId)
|
||||
t.Logf("Created Project Id: %s", newProjectId)
|
||||
|
||||
// Create a credential store
|
||||
csClient := credentialstores.NewClient(client)
|
||||
newCredentialStoreResult, err := csClient.Create(ctx, "static", newProjectId)
|
||||
require.NoError(t, err)
|
||||
newCredentialStoreId := newCredentialStoreResult.Item.Id
|
||||
t.Logf("Created Credential Store: %s", newCredentialStoreId)
|
||||
|
||||
// Create credentials
|
||||
cClient := credentials.NewClient(client)
|
||||
k, err := os.ReadFile(c.TargetSshKeyPath)
|
||||
require.NoError(t, err)
|
||||
newCredentialsResult, err := cClient.Create(ctx, "ssh_private_key", newCredentialStoreId,
|
||||
credentials.WithSshPrivateKeyCredentialUsername(c.TargetSshUser),
|
||||
credentials.WithSshPrivateKeyCredentialPrivateKey(string(k)),
|
||||
)
|
||||
require.NoError(t, err)
|
||||
newCredentialsId := newCredentialsResult.Item.Id
|
||||
t.Logf("Created Credentials: %s", newCredentialsId)
|
||||
|
||||
// Create a host catalog
|
||||
hcClient := hostcatalogs.NewClient(client)
|
||||
newHostCatalogResult, err := hcClient.Create(ctx, "static", newProjectId,
|
||||
hostcatalogs.WithName("e2e Automated Test Host Catalog"),
|
||||
)
|
||||
require.NoError(t, err)
|
||||
newHostCatalogId := newHostCatalogResult.Item.Id
|
||||
t.Logf("Created Host Catalog: %s", newHostCatalogId)
|
||||
|
||||
// Create a host set and add to catalog
|
||||
hsClient := hostsets.NewClient(client)
|
||||
newHostSetResult, err := hsClient.Create(ctx, newHostCatalogId)
|
||||
require.NoError(t, err)
|
||||
newHostSetId := newHostSetResult.Item.Id
|
||||
t.Logf("Created Host Set: %s", newHostSetId)
|
||||
|
||||
// Create a host
|
||||
hClient := hosts.NewClient(client)
|
||||
newHostResult, err := hClient.Create(ctx, newHostCatalogId,
|
||||
hosts.WithName(c.TargetIp),
|
||||
hosts.WithStaticHostAddress(c.TargetIp),
|
||||
)
|
||||
require.NoError(t, err)
|
||||
newHostId := newHostResult.Item.Id
|
||||
t.Logf("Created Host: %s", newHostId)
|
||||
|
||||
// Add host to host set
|
||||
_, err = hsClient.AddHosts(ctx, newHostSetId, 0, []string{newHostId}, hostsets.WithAutomaticVersioning(true))
|
||||
require.NoError(t, err)
|
||||
|
||||
// Create a target
|
||||
tClient := targets.NewClient(client)
|
||||
targetPort, err := strconv.ParseInt(c.TargetPort, 10, 32)
|
||||
require.NoError(t, err)
|
||||
newTargetResult, err := tClient.Create(ctx, "tcp", newProjectId,
|
||||
targets.WithName("e2e Automated Test Target"),
|
||||
targets.WithTcpTargetDefaultPort(uint32(targetPort)),
|
||||
)
|
||||
require.NoError(t, err)
|
||||
newTargetId := newTargetResult.Item.Id
|
||||
t.Logf("Created Target: %s", newTargetId)
|
||||
|
||||
// Add host set to target
|
||||
_, err = tClient.AddHostSources(ctx, newTargetId, 0,
|
||||
[]string{newHostSetId},
|
||||
targets.WithAutomaticVersioning(true),
|
||||
)
|
||||
require.NoError(t, err)
|
||||
|
||||
// Add credentials to target
|
||||
_, err = tClient.AddCredentialSources(ctx, newTargetId, 0,
|
||||
targets.WithAutomaticVersioning(true),
|
||||
targets.WithBrokeredCredentialSourceIds([]string{newCredentialsId}),
|
||||
)
|
||||
require.NoError(t, err)
|
||||
}
|
||||
@ -1,220 +0,0 @@
|
||||
package static_test
|
||||
|
||||
import (
|
||||
"context"
|
||||
"encoding/json"
|
||||
"strconv"
|
||||
"strings"
|
||||
"testing"
|
||||
|
||||
"github.com/hashicorp/boundary/api/hostcatalogs"
|
||||
"github.com/hashicorp/boundary/api/hosts"
|
||||
"github.com/hashicorp/boundary/api/hostsets"
|
||||
"github.com/hashicorp/boundary/api/targets"
|
||||
"github.com/hashicorp/boundary/testing/internal/e2e"
|
||||
"github.com/hashicorp/boundary/testing/internal/e2e/boundary"
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
||||
// TestConnectTargetCli uses the boundary cli to create a number of supporting objects
|
||||
// to connect to a target. It then attempts to connect to that target and verifies that
|
||||
// the connection was successful.
|
||||
func TestConnectTargetCli(t *testing.T) {
|
||||
e2e.MaybeSkipTest(t)
|
||||
c, err := loadConfig()
|
||||
require.NoError(t, err)
|
||||
|
||||
boundary.AuthenticateCli(t)
|
||||
|
||||
// Create an org and project
|
||||
newOrgId := boundary.CreateNewOrgCli(t)
|
||||
t.Logf("Created Org Id: %s", newOrgId)
|
||||
newProjectId := boundary.CreateNewProjectCli(t, newOrgId)
|
||||
t.Logf("Created Project Id: %s", newProjectId)
|
||||
|
||||
// Create a host catalog
|
||||
output := e2e.RunCommand("boundary", "host-catalogs", "create", "static",
|
||||
"-scope-id", newProjectId,
|
||||
"-name", "e2e Automated Test Host Catalog",
|
||||
"-format", "json",
|
||||
)
|
||||
require.NoError(t, output.Err, string(output.Stderr))
|
||||
var newHostCatalogResult hostcatalogs.HostCatalogCreateResult
|
||||
err = json.Unmarshal(output.Stdout, &newHostCatalogResult)
|
||||
require.NoError(t, err)
|
||||
newHostCatalogId := newHostCatalogResult.Item.Id
|
||||
t.Cleanup(func() {
|
||||
output := e2e.RunCommand("boundary", "host-catalogs", "delete", "-id", newHostCatalogId)
|
||||
require.NoError(t, output.Err, string(output.Stderr))
|
||||
})
|
||||
t.Logf("Created Host Catalog: %s", newHostCatalogId)
|
||||
|
||||
// Create a host set and add to catalog
|
||||
output = e2e.RunCommand("boundary", "host-sets", "create", "static",
|
||||
"-host-catalog-id", newHostCatalogId,
|
||||
"-name", "e2e Automated Test Host Set",
|
||||
"-format", "json",
|
||||
)
|
||||
require.NoError(t, output.Err, string(output.Stderr))
|
||||
var newHostSetResult hostsets.HostSetCreateResult
|
||||
err = json.Unmarshal(output.Stdout, &newHostSetResult)
|
||||
require.NoError(t, err)
|
||||
newHostSetId := newHostSetResult.Item.Id
|
||||
t.Cleanup(func() {
|
||||
output := e2e.RunCommand("boundary", "host-sets", "delete", "-id", newHostSetId)
|
||||
require.NoError(t, output.Err, string(output.Stderr))
|
||||
})
|
||||
t.Logf("Created Host Set: %s", newHostSetId)
|
||||
|
||||
// Create a host
|
||||
output = e2e.RunCommand("boundary", "hosts", "create", "static",
|
||||
"-host-catalog-id", newHostCatalogId,
|
||||
"-name", c.TargetIp,
|
||||
"-address", c.TargetIp,
|
||||
"-format", "json",
|
||||
)
|
||||
require.NoError(t, output.Err, string(output.Stderr))
|
||||
var newHostResult hosts.HostCreateResult
|
||||
err = json.Unmarshal(output.Stdout, &newHostResult)
|
||||
require.NoError(t, err)
|
||||
newHostId := newHostResult.Item.Id
|
||||
t.Cleanup(func() {
|
||||
output := e2e.RunCommand("boundary", "hosts", "delete", "-id", newHostId)
|
||||
require.NoError(t, output.Err, string(output.Stderr))
|
||||
})
|
||||
t.Logf("Created Host: %s", newHostId)
|
||||
|
||||
// Add host to host set
|
||||
output = e2e.RunCommand("boundary", "host-sets", "add-hosts", "-id", newHostSetId, "-host", newHostId)
|
||||
require.NoError(t, output.Err, string(output.Stderr))
|
||||
|
||||
// Create a target
|
||||
output = e2e.RunCommand("boundary", "targets", "create", "tcp",
|
||||
"-scope-id", newProjectId,
|
||||
"-default-port", c.TargetPort,
|
||||
"-name", "e2e Automated Test Target",
|
||||
"-format", "json",
|
||||
)
|
||||
require.NoError(t, output.Err, string(output.Stderr))
|
||||
var newTargetResult targets.TargetCreateResult
|
||||
err = json.Unmarshal(output.Stdout, &newTargetResult)
|
||||
require.NoError(t, err)
|
||||
newTargetId := newTargetResult.Item.Id
|
||||
t.Cleanup(func() {
|
||||
output := e2e.RunCommand("boundary", "targets", "delete", "-id", newTargetId)
|
||||
require.NoError(t, output.Err, string(output.Stderr))
|
||||
})
|
||||
t.Logf("Created Target: %s", newTargetId)
|
||||
|
||||
// Add host set to target
|
||||
output = e2e.RunCommand("boundary", "targets", "add-host-sources",
|
||||
"-id", newTargetId,
|
||||
"-host-source", newHostSetId,
|
||||
)
|
||||
require.NoError(t, output.Err, string(output.Stderr))
|
||||
|
||||
// Connect to target and print host's IP address
|
||||
output = e2e.RunCommand("boundary", "connect",
|
||||
"-target-id", newTargetId,
|
||||
"-exec", "/usr/bin/ssh", "--",
|
||||
"-l", c.TargetSshUser,
|
||||
"-i", c.TargetSshKeyPath,
|
||||
"-o", "UserKnownHostsFile=/dev/null",
|
||||
"-o", "StrictHostKeyChecking=no",
|
||||
"-o", "IdentitiesOnly=yes", // forces the use of the provided key
|
||||
"-p", "{{boundary.port}}", // this is provided by boundary
|
||||
"{{boundary.ip}}",
|
||||
"hostname", "-i",
|
||||
)
|
||||
require.NoError(t, output.Err, string(output.Stderr))
|
||||
|
||||
parts := strings.Fields(string(output.Stdout))
|
||||
hostIp := parts[len(parts)-1]
|
||||
require.Equal(t, c.TargetIp, hostIp, "SSH session did not return expected output")
|
||||
t.Log("Successfully connected to target")
|
||||
}
|
||||
|
||||
// TestCreateTargetApi uses the boundary go api to create a number of supporting objects
|
||||
// to connect to a target. This test does not connect to the target due to the complexity
|
||||
// when not using the cli.
|
||||
func TestCreateTargetApi(t *testing.T) {
|
||||
e2e.MaybeSkipTest(t)
|
||||
c, err := loadConfig()
|
||||
require.NoError(t, err)
|
||||
|
||||
// Create boundary api client
|
||||
client, err := boundary.NewApiClient()
|
||||
require.NoError(t, err)
|
||||
ctx := context.Background()
|
||||
|
||||
// Create an org and project
|
||||
newOrgId := boundary.CreateNewOrgApi(t, ctx, client)
|
||||
t.Logf("Created Org Id: %s", newOrgId)
|
||||
newProjectId := boundary.CreateNewProjectApi(t, ctx, client, newOrgId)
|
||||
t.Logf("Created Project Id: %s", newProjectId)
|
||||
|
||||
// Create a host catalog
|
||||
hcClient := hostcatalogs.NewClient(client)
|
||||
newHostCatalogResult, err := hcClient.Create(ctx, "static", newProjectId,
|
||||
hostcatalogs.WithName("e2e Automated Test Host Catalog"),
|
||||
)
|
||||
require.NoError(t, err)
|
||||
newHostCatalogId := newHostCatalogResult.Item.Id
|
||||
t.Cleanup(func() {
|
||||
_, err := hcClient.Delete(ctx, newHostCatalogId)
|
||||
require.NoError(t, err)
|
||||
})
|
||||
t.Logf("Created Host Catalog: %s", newHostCatalogId)
|
||||
|
||||
// Create a host set and add to catalog
|
||||
hsClient := hostsets.NewClient(client)
|
||||
newHostSetResult, err := hsClient.Create(ctx, newHostCatalogId)
|
||||
require.NoError(t, err)
|
||||
newHostSetId := newHostSetResult.Item.Id
|
||||
t.Cleanup(func() {
|
||||
_, err := hsClient.Delete(ctx, newHostSetId)
|
||||
require.NoError(t, err)
|
||||
})
|
||||
t.Logf("Created Host Set: %s", newHostSetId)
|
||||
|
||||
// Create a host
|
||||
hClient := hosts.NewClient(client)
|
||||
newHostResult, err := hClient.Create(ctx, newHostCatalogId,
|
||||
hosts.WithName(c.TargetIp),
|
||||
hosts.WithStaticHostAddress(c.TargetIp),
|
||||
)
|
||||
require.NoError(t, err)
|
||||
newHostId := newHostResult.Item.Id
|
||||
t.Cleanup(func() {
|
||||
_, err := hClient.Delete(ctx, newHostId)
|
||||
require.NoError(t, err)
|
||||
})
|
||||
t.Logf("Created Host: %s", newHostId)
|
||||
|
||||
// Add host to host set
|
||||
_, err = hsClient.AddHosts(ctx, newHostSetId, 0, []string{newHostId}, hostsets.WithAutomaticVersioning(true))
|
||||
require.NoError(t, err)
|
||||
|
||||
// Create a target
|
||||
tClient := targets.NewClient(client)
|
||||
targetPort, err := strconv.ParseInt(c.TargetPort, 10, 32)
|
||||
require.NoError(t, err)
|
||||
newTargetResult, err := tClient.Create(ctx, "tcp", newProjectId,
|
||||
targets.WithName("e2e Automated Test Target"),
|
||||
targets.WithTcpTargetDefaultPort(uint32(targetPort)),
|
||||
)
|
||||
require.NoError(t, err)
|
||||
newTargetId := newTargetResult.Item.Id
|
||||
t.Cleanup(func() {
|
||||
_, err := tClient.Delete(ctx, newTargetId)
|
||||
require.NoError(t, err)
|
||||
})
|
||||
t.Logf("Created Target: %s", newTargetId)
|
||||
|
||||
// Add host set to target
|
||||
_, err = tClient.AddHostSources(ctx, newTargetId, 0,
|
||||
[]string{newHostSetId},
|
||||
targets.WithAutomaticVersioning(true),
|
||||
)
|
||||
require.NoError(t, err)
|
||||
}
|
||||
Loading…
Reference in new issue