diff --git a/testing/internal/e2e/boundary/boundary.go b/testing/internal/e2e/boundary/boundary.go index f48b2d1d52..313e4a57d8 100644 --- a/testing/internal/e2e/boundary/boundary.go +++ b/testing/internal/e2e/boundary/boundary.go @@ -64,7 +64,7 @@ func AuthenticateCli(t testing.TB) { c, err := loadConfig() require.NoError(t, err) - output := e2e.RunCommand("boundary", "authenticate", "password", + output := e2e.RunCommand(context.Background(), "boundary", "authenticate", "password", "-addr", c.Address, "-auth-method-id", c.AuthMethodId, "-login-name", c.AdminLoginName, diff --git a/testing/internal/e2e/boundary/host.go b/testing/internal/e2e/boundary/host.go new file mode 100644 index 0000000000..5788d2a128 --- /dev/null +++ b/testing/internal/e2e/boundary/host.go @@ -0,0 +1,123 @@ +package boundary + +import ( + "context" + "encoding/json" + "testing" + + "github.com/hashicorp/boundary/api" + "github.com/hashicorp/boundary/api/hostcatalogs" + "github.com/hashicorp/boundary/api/hosts" + "github.com/hashicorp/boundary/api/hostsets" + "github.com/hashicorp/boundary/testing/internal/e2e" + "github.com/stretchr/testify/require" +) + +// CreateNewHostCatalogApi creates a new host catalog in boundary using the go api. +// Returns the id of the new host catalog. +func CreateNewHostCatalogApi(t testing.TB, ctx context.Context, client *api.Client, projectId string) string { + hcClient := hostcatalogs.NewClient(client) + newHostCatalogResult, err := hcClient.Create(ctx, "static", projectId, + hostcatalogs.WithName("e2e Automated Test Host Catalog"), + ) + require.NoError(t, err) + newHostCatalogId := newHostCatalogResult.Item.Id + t.Logf("Created Host Catalog: %s", newHostCatalogId) + + return newHostCatalogId +} + +// CreateNewHostSetApi creates a new host set in boundary using the go api. +// Returns the id of the new host set. +func CreateNewHostSetApi(t testing.TB, ctx context.Context, client *api.Client, hostCatalogId string) string { + hsClient := hostsets.NewClient(client) + newHostSetResult, err := hsClient.Create(ctx, hostCatalogId) + require.NoError(t, err) + newHostSetId := newHostSetResult.Item.Id + t.Logf("Created Host Set: %s", newHostSetId) + + return newHostSetId +} + +// CreateNewHostApi creates a new host in boundary using the go api +// Returns the id of the new host. +func CreateNewHostApi(t testing.TB, ctx context.Context, client *api.Client, hostCatalogId string, address string) string { + hClient := hosts.NewClient(client) + newHostResult, err := hClient.Create(ctx, hostCatalogId, + hosts.WithName(address), + hosts.WithStaticHostAddress(address), + ) + require.NoError(t, err) + newHostId := newHostResult.Item.Id + t.Logf("Created Host: %s", newHostId) + + return newHostId +} + +// AddHostToHostSetApi adds a host to a host set using the go api +func AddHostToHostSetApi(t testing.TB, ctx context.Context, client *api.Client, hostSetId string, hostId string) { + hsClient := hostsets.NewClient(client) + _, err := hsClient.AddHosts(ctx, hostSetId, 0, []string{hostId}, hostsets.WithAutomaticVersioning(true)) + require.NoError(t, err) +} + +// CreateNewHostCatalogCli creates a new host catalog in boundary using the cli. +// Returns the id of the new host catalog. +func CreateNewHostCatalogCli(t testing.TB, projectId string) string { + output := e2e.RunCommand(context.Background(), "boundary", "host-catalogs", "create", "static", + "-scope-id", projectId, + "-name", "e2e Automated Test Host Catalog", + "-format", "json", + ) + require.NoError(t, output.Err, string(output.Stderr)) + var newHostCatalogResult hostcatalogs.HostCatalogCreateResult + err := json.Unmarshal(output.Stdout, &newHostCatalogResult) + require.NoError(t, err) + newHostCatalogId := newHostCatalogResult.Item.Id + + t.Logf("Created Host Catalog: %s", newHostCatalogId) + return newHostCatalogId +} + +// CreateNewHostSetCli creates a new host set in boundary using the cli. +// Returns the id of the new host set. +func CreateNewHostSetCli(t testing.TB, hostCatalogId string) string { + output := e2e.RunCommand(context.Background(), "boundary", "host-sets", "create", "static", + "-host-catalog-id", hostCatalogId, + "-name", "e2e Automated Test Host Set", + "-format", "json", + ) + require.NoError(t, output.Err, string(output.Stderr)) + var newHostSetResult hostsets.HostSetCreateResult + err := json.Unmarshal(output.Stdout, &newHostSetResult) + require.NoError(t, err) + newHostSetId := newHostSetResult.Item.Id + t.Logf("Created Host Set: %s", newHostSetId) + + return newHostSetId +} + +// CreateNewHostCli creates a new host in boundary using the cli. +// Returns the id of the new host. +func CreateNewHostCli(t testing.TB, hostCatalogId string, address string) string { + output := e2e.RunCommand(context.Background(), "boundary", "hosts", "create", "static", + "-host-catalog-id", hostCatalogId, + "-name", address, + "-address", address, + "-format", "json", + ) + require.NoError(t, output.Err, string(output.Stderr)) + var newHostResult hosts.HostCreateResult + err := json.Unmarshal(output.Stdout, &newHostResult) + require.NoError(t, err) + newHostId := newHostResult.Item.Id + t.Logf("Created Host: %s", newHostId) + + return newHostId +} + +// AddHostToHostSetCli adds a host to a host set using the cli +func AddHostToHostSetCli(t testing.TB, hostSetId string, hostId string) { + output := e2e.RunCommand(context.Background(), "boundary", "host-sets", "add-hosts", "-id", hostSetId, "-host", hostId) + require.NoError(t, output.Err, string(output.Stderr)) +} diff --git a/testing/internal/e2e/boundary/scopes.go b/testing/internal/e2e/boundary/scope.go similarity index 74% rename from testing/internal/e2e/boundary/scopes.go rename to testing/internal/e2e/boundary/scope.go index 81c7507841..6d39f246f0 100644 --- a/testing/internal/e2e/boundary/scopes.go +++ b/testing/internal/e2e/boundary/scope.go @@ -17,12 +17,15 @@ func CreateNewOrgApi(t testing.TB, ctx context.Context, client *api.Client) stri scopeClient := scopes.NewClient(client) newOrgResult, err := scopeClient.Create(ctx, "global", scopes.WithName("e2e Automated Test Org")) require.NoError(t, err) + + newOrgId := newOrgResult.Item.Id t.Cleanup(func() { - _, err := scopeClient.Delete(ctx, newOrgResult.Item.Id) + _, err := scopeClient.Delete(ctx, newOrgId) require.NoError(t, err) }) - return newOrgResult.Item.Id + t.Logf("Created Org Id: %s", newOrgId) + return newOrgId } // CreateNewProjectApi creates a new project in boundary using the go api. The project will be created @@ -32,18 +35,17 @@ func CreateNewProjectApi(t testing.TB, ctx context.Context, client *api.Client, scopeClient := scopes.NewClient(client) newProjResult, err := scopeClient.Create(ctx, orgId, scopes.WithName("e2e Automated Test Project")) require.NoError(t, err) - t.Cleanup(func() { - _, err := scopeClient.Delete(ctx, newProjResult.Item.Id) - require.NoError(t, err) - }) - return newProjResult.Item.Id + newProjectId := newProjResult.Item.Id + t.Logf("Created Project Id: %s", newProjectId) + return newProjectId } // CreateNewOrgCli creates a new organization in boundary using the cli. // Returns the id of the new org. func CreateNewOrgCli(t testing.TB) string { - output := e2e.RunCommand("boundary", "scopes", "create", + ctx := context.Background() + output := e2e.RunCommand(ctx, "boundary", "scopes", "create", "-name", "e2e Automated Test Org", "-scope-id", "global", "-format", "json", @@ -54,19 +56,22 @@ func CreateNewOrgCli(t testing.TB) string { err := json.Unmarshal(output.Stdout, &newOrgResult) require.NoError(t, err) + newOrgId := newOrgResult.Item.Id t.Cleanup(func() { - output := e2e.RunCommand("boundary", "scopes", "delete", "-id", newOrgResult.Item.Id) + output := e2e.RunCommand(ctx, "boundary", "scopes", "delete", "-id", newOrgId) require.NoError(t, output.Err, string(output.Stderr)) }) - return newOrgResult.Item.Id + t.Logf("Created Org Id: %s", newOrgId) + return newOrgId } // CreateNewProjectCli creates a new project in boundary using the cli. The project will be created // under the provided org id. // Returns the id of the new project. func CreateNewProjectCli(t testing.TB, orgId string) string { - output := e2e.RunCommand("boundary", "scopes", "create", + ctx := context.Background() + output := e2e.RunCommand(ctx, "boundary", "scopes", "create", "-name", "e2e Automated Test Project", "-scope-id", orgId, "-format", "json", @@ -77,10 +82,7 @@ func CreateNewProjectCli(t testing.TB, orgId string) string { err := json.Unmarshal(output.Stdout, &newProjResult) require.NoError(t, err) - t.Cleanup(func() { - output := e2e.RunCommand("boundary", "scopes", "delete", "-id", newProjResult.Item.Id) - require.NoError(t, output.Err, string(output.Stderr)) - }) - - return newProjResult.Item.Id + newProjectId := newProjResult.Item.Id + t.Logf("Created Project Id: %s", newProjectId) + return newProjectId } diff --git a/testing/internal/e2e/boundary/target.go b/testing/internal/e2e/boundary/target.go new file mode 100644 index 0000000000..54a3deecbc --- /dev/null +++ b/testing/internal/e2e/boundary/target.go @@ -0,0 +1,68 @@ +package boundary + +import ( + "context" + "encoding/json" + "strconv" + "testing" + + "github.com/hashicorp/boundary/api" + "github.com/hashicorp/boundary/api/targets" + "github.com/hashicorp/boundary/testing/internal/e2e" + "github.com/stretchr/testify/require" +) + +// CreateNewTargetApi creates a new target in boundary using the go api. +// Returns the id of the new target. +func CreateNewTargetApi(t testing.TB, ctx context.Context, client *api.Client, projectId string, defaultPort string) string { + tClient := targets.NewClient(client) + targetPort, err := strconv.ParseInt(defaultPort, 10, 32) + require.NoError(t, err) + newTargetResult, err := tClient.Create(ctx, "tcp", projectId, + targets.WithName("e2e Automated Test Target"), + targets.WithTcpTargetDefaultPort(uint32(targetPort)), + ) + require.NoError(t, err) + newTargetId := newTargetResult.Item.Id + t.Logf("Created Target: %s", newTargetId) + + return newTargetId +} + +// AddHostSourceToTargetApi adds a host source (host set or host) to a target using the go api +func AddHostSourceToTargetApi(t testing.TB, ctx context.Context, client *api.Client, targetId string, hostSourceId string) { + tClient := targets.NewClient(client) + _, err := tClient.AddHostSources(ctx, targetId, 0, + []string{hostSourceId}, + targets.WithAutomaticVersioning(true), + ) + require.NoError(t, err) +} + +// CreateNewTargetCli creates a new target in boundary using the cli +// Returns the id of the new target. +func CreateNewTargetCli(t testing.TB, projectId string, defaultPort string) string { + output := e2e.RunCommand(context.Background(), "boundary", "targets", "create", "tcp", + "-scope-id", projectId, + "-default-port", defaultPort, + "-name", "e2e Automated Test Target", + "-format", "json", + ) + require.NoError(t, output.Err, string(output.Stderr)) + var newTargetResult targets.TargetCreateResult + err := json.Unmarshal(output.Stdout, &newTargetResult) + require.NoError(t, err) + newTargetId := newTargetResult.Item.Id + t.Logf("Created Target: %s", newTargetId) + + return newTargetId +} + +// AddHostSourceToTargetCli adds a host source (host set or host) to a target using the cli +func AddHostSourceToTargetCli(t testing.TB, targetId string, hostSourceId string) { + output := e2e.RunCommand(context.Background(), "boundary", "targets", "add-host-sources", + "-id", targetId, + "-host-source", hostSourceId, + ) + require.NoError(t, output.Err, string(output.Stderr)) +} diff --git a/testing/internal/e2e/credential/vault/vault_test.go b/testing/internal/e2e/credential/vault/vault_test.go index a5de0d07d9..34774581ee 100644 --- a/testing/internal/e2e/credential/vault/vault_test.go +++ b/testing/internal/e2e/credential/vault/vault_test.go @@ -5,15 +5,11 @@ import ( "encoding/json" "fmt" "os" - "strconv" "strings" "testing" "github.com/hashicorp/boundary/api/credentiallibraries" "github.com/hashicorp/boundary/api/credentialstores" - "github.com/hashicorp/boundary/api/hostcatalogs" - "github.com/hashicorp/boundary/api/hosts" - "github.com/hashicorp/boundary/api/hostsets" "github.com/hashicorp/boundary/api/targets" "github.com/hashicorp/boundary/testing/internal/e2e" "github.com/hashicorp/boundary/testing/internal/e2e/boundary" @@ -56,13 +52,24 @@ func TestCreateVaultCredentialStoreCli(t *testing.T) { c, err := loadConfig() require.NoError(t, err) + boundary.AuthenticateCli(t) + newOrgId := boundary.CreateNewOrgCli(t) + newProjectId := boundary.CreateNewProjectCli(t, newOrgId) + newHostCatalogId := boundary.CreateNewHostCatalogCli(t, newProjectId) + newHostSetId := boundary.CreateNewHostSetCli(t, newHostCatalogId) + newHostId := boundary.CreateNewHostCli(t, newHostCatalogId, c.TargetIp) + boundary.AddHostToHostSetCli(t, newHostSetId, newHostId) + newTargetId := boundary.CreateNewTargetCli(t, newProjectId, c.TargetPort) + boundary.AddHostSourceToTargetCli(t, newTargetId, newHostSetId) + // Configure vault + ctx := context.Background() vaultAddr, boundaryPolicyName := vault.Setup(t) - output := e2e.RunCommand("vault", "secrets", "enable", "-path="+c.VaultSecretPath, "kv-v2") + output := e2e.RunCommand(ctx, "vault", "secrets", "enable", "-path="+c.VaultSecretPath, "kv-v2") require.NoError(t, output.Err, string(output.Stderr)) t.Cleanup(func() { - output := e2e.RunCommand("vault", "secrets", "disable", c.VaultSecretPath) + output := e2e.RunCommand(ctx, "vault", "secrets", "disable", c.VaultSecretPath) require.NoError(t, output.Err, string(output.Stderr)) }) @@ -72,7 +79,7 @@ func TestCreateVaultCredentialStoreCli(t *testing.T) { t.Log("Created Vault Credential") // Create vault token for boundary - output = e2e.RunCommand("vault", "token", "create", + output = e2e.RunCommand(ctx, "vault", "token", "create", "-no-default-policy=true", "-policy="+boundaryPolicyName, "-policy="+credentialPolicyName, @@ -88,17 +95,8 @@ func TestCreateVaultCredentialStoreCli(t *testing.T) { credStoreToken := tokenCreateResult.Auth.Client_Token t.Log("Created Vault Cred Store Token") - // Authenticate boundary cli - boundary.AuthenticateCli(t) - - // Create an org and project - newOrgId := boundary.CreateNewOrgCli(t) - t.Logf("Created Org Id: %s", newOrgId) - newProjectId := boundary.CreateNewProjectCli(t, newOrgId) - t.Logf("Created Project Id: %s", newProjectId) - // Create a credential store - output = e2e.RunCommand("boundary", "credential-stores", "create", "vault", + output = e2e.RunCommand(ctx, "boundary", "credential-stores", "create", "vault", "-scope-id", newProjectId, "-vault-address", vaultAddr, "-vault-token", credStoreToken, @@ -112,7 +110,7 @@ func TestCreateVaultCredentialStoreCli(t *testing.T) { t.Logf("Created Credential Store: %s", newCredentialStoreId) // Create a credential library - output = e2e.RunCommand("boundary", "credential-libraries", "create", "vault", + output = e2e.RunCommand(ctx, "boundary", "credential-libraries", "create", "vault", "-credential-store-id", newCredentialStoreId, "-vault-path", c.VaultSecretPath+"/data/"+secretName, "-name", "e2e Automated Test Vault Credential Library", @@ -126,83 +124,15 @@ func TestCreateVaultCredentialStoreCli(t *testing.T) { newCredentialLibraryId := newCredentialLibraryResult.Item.Id t.Logf("Created Credential Library: %s", newCredentialLibraryId) - // Create a host catalog - output = e2e.RunCommand("boundary", "host-catalogs", "create", "static", - "-scope-id", newProjectId, - "-name", "e2e Automated Test Host Catalog", - "-format", "json", - ) - require.NoError(t, output.Err, string(output.Stderr)) - var newHostCatalogResult hostcatalogs.HostCatalogCreateResult - err = json.Unmarshal(output.Stdout, &newHostCatalogResult) - require.NoError(t, err) - newHostCatalogId := newHostCatalogResult.Item.Id - t.Logf("Created Host Catalog: %s", newHostCatalogId) - - // Create a host set and add to catalog - output = e2e.RunCommand("boundary", "host-sets", "create", "static", - "-host-catalog-id", newHostCatalogId, - "-name", "e2e Automated Test Host Set", - "-format", "json", - ) - require.NoError(t, output.Err, string(output.Stderr)) - var newHostSetResult hostsets.HostSetCreateResult - err = json.Unmarshal(output.Stdout, &newHostSetResult) - require.NoError(t, err) - newHostSetId := newHostSetResult.Item.Id - t.Logf("Created Host Set: %s", newHostSetId) - - // Create a host - output = e2e.RunCommand("boundary", "hosts", "create", "static", - "-host-catalog-id", newHostCatalogId, - "-name", c.TargetIp, - "-address", c.TargetIp, - "-format", "json", - ) - require.NoError(t, output.Err, string(output.Stderr)) - var newHostResult hosts.HostCreateResult - err = json.Unmarshal(output.Stdout, &newHostResult) - require.NoError(t, err) - newHostId := newHostResult.Item.Id - t.Logf("Created Host: %s", newHostId) - - // Add host to host set - output = e2e.RunCommand("boundary", "host-sets", "add-hosts", - "-id", newHostSetId, - "-host", newHostId, - ) - require.NoError(t, output.Err, string(output.Stderr)) - - // Create Target - output = e2e.RunCommand("boundary", "targets", "create", "tcp", - "-scope-id", newProjectId, - "-default-port", c.TargetPort, - "-name", "e2e Automated Test Target", - "-format", "json", - ) - require.NoError(t, output.Err, string(output.Stderr)) - var newTargetResult targets.TargetCreateResult - err = json.Unmarshal(output.Stdout, &newTargetResult) - require.NoError(t, err) - newTargetId := newTargetResult.Item.Id - t.Logf("Created Target: %s", newTargetId) - - // Add host set to target - output = e2e.RunCommand("boundary", "targets", "add-host-sources", - "-id", newTargetId, - "-host-source", newHostSetId, - ) - require.NoError(t, output.Err, string(output.Stderr)) - // Add brokered credentials to target - output = e2e.RunCommand("boundary", "targets", "add-credential-sources", + output = e2e.RunCommand(ctx, "boundary", "targets", "add-credential-sources", "-id", newTargetId, "-brokered-credential-source", newCredentialLibraryId, ) require.NoError(t, output.Err, string(output.Stderr)) // Get credentials for target - output = e2e.RunCommand("boundary", "targets", "authorize-session", "-id", newTargetId, "-format", "json") + output = e2e.RunCommand(ctx, "boundary", "targets", "authorize-session", "-id", newTargetId, "-format", "json") require.NoError(t, output.Err, string(output.Stderr)) var newSessionAuthorizationResult targets.SessionAuthorizationResult err = json.Unmarshal(output.Stdout, &newSessionAuthorizationResult) @@ -228,7 +158,7 @@ func TestCreateVaultCredentialStoreCli(t *testing.T) { require.NoError(t, err) // Connect to target and print host's IP address using retrieved credentials - output = e2e.RunCommand("boundary", "connect", + output = e2e.RunCommand(ctx, "boundary", "connect", "-target-id", newTargetId, "-exec", "/usr/bin/ssh", "--", "-l", retrievedUser, @@ -256,13 +186,26 @@ func TestCreateVaultCredentialStoreApi(t *testing.T) { c, err := loadConfig() require.NoError(t, err) + client, err := boundary.NewApiClient() + require.NoError(t, err) + ctx := context.Background() + + newOrgId := boundary.CreateNewOrgApi(t, ctx, client) + newProjectId := boundary.CreateNewProjectApi(t, ctx, client, newOrgId) + newHostCatalogId := boundary.CreateNewHostCatalogApi(t, ctx, client, newProjectId) + newHostSetId := boundary.CreateNewHostSetApi(t, ctx, client, newHostCatalogId) + newHostId := boundary.CreateNewHostApi(t, ctx, client, newHostCatalogId, c.TargetIp) + boundary.AddHostToHostSetApi(t, ctx, client, newHostSetId, newHostId) + newTargetId := boundary.CreateNewTargetApi(t, ctx, client, newProjectId, c.TargetPort) + boundary.AddHostSourceToTargetApi(t, ctx, client, newTargetId, newHostSetId) + // Configure vault vaultAddr, boundaryPolicyName := vault.Setup(t) - output := e2e.RunCommand("vault", "secrets", "enable", "-path="+c.VaultSecretPath, "kv-v2") + output := e2e.RunCommand(ctx, "vault", "secrets", "enable", "-path="+c.VaultSecretPath, "kv-v2") require.NoError(t, output.Err, string(output.Stderr)) t.Cleanup(func() { - output := e2e.RunCommand("vault", "secrets", "disable", c.VaultSecretPath) + output := e2e.RunCommand(ctx, "vault", "secrets", "disable", c.VaultSecretPath) require.NoError(t, output.Err, string(output.Stderr)) }) @@ -272,7 +215,7 @@ func TestCreateVaultCredentialStoreApi(t *testing.T) { t.Log("Created Vault Credential") // Create vault token for boundary - output = e2e.RunCommand("vault", "token", "create", + output = e2e.RunCommand(ctx, "vault", "token", "create", "-no-default-policy=true", "-policy="+boundaryPolicyName, "-policy="+credentialPolicyName, @@ -284,20 +227,10 @@ func TestCreateVaultCredentialStoreApi(t *testing.T) { require.NoError(t, output.Err, string(output.Stderr)) var tokenCreateResult createTokenResponse err = json.Unmarshal(output.Stdout, &tokenCreateResult) + require.NoError(t, err) credStoreToken := tokenCreateResult.Auth.Client_Token t.Log("Created Vault Cred Store Token") - // Create boundary api client - client, err := boundary.NewApiClient() - require.NoError(t, err) - ctx := context.Background() - - // Create an org and project - newOrgId := boundary.CreateNewOrgApi(t, ctx, client) - t.Logf("Created Org Id: %s", newOrgId) - newProjectId := boundary.CreateNewProjectApi(t, ctx, client, newOrgId) - t.Logf("Created Project Id: %s", newProjectId) - // Create a credential store csClient := credentialstores.NewClient(client) newCredentialStoreResult, err := csClient.Create(ctx, "vault", newProjectId, @@ -318,55 +251,8 @@ func TestCreateVaultCredentialStoreApi(t *testing.T) { newCredentialLibraryId := newCredentialLibraryResult.Item.Id t.Logf("Created Credential Library: %s", newCredentialLibraryId) - // Create a host catalog - hcClient := hostcatalogs.NewClient(client) - newHostCatalogResult, err := hcClient.Create(ctx, "static", newProjectId, - hostcatalogs.WithName("e2e Automated Test Host Catalog"), - ) - require.NoError(t, err) - newHostCatalogId := newHostCatalogResult.Item.Id - t.Logf("Created Host Catalog: %s", newHostCatalogId) - - // Create a host set and add to catalog - hsClient := hostsets.NewClient(client) - newHostSetResult, err := hsClient.Create(ctx, newHostCatalogId) - require.NoError(t, err) - newHostSetId := newHostSetResult.Item.Id - t.Logf("Created Host Set: %s", newHostSetId) - - // Create a host - hClient := hosts.NewClient(client) - newHostResult, err := hClient.Create(ctx, newHostCatalogId, - hosts.WithName(c.TargetIp), - hosts.WithStaticHostAddress(c.TargetIp), - ) - require.NoError(t, err) - newHostId := newHostResult.Item.Id - t.Logf("Created Host: %s", newHostId) - - // Add host to host set - _, err = hsClient.AddHosts(ctx, newHostSetId, 0, []string{newHostId}, hostsets.WithAutomaticVersioning(true)) - require.NoError(t, err) - - // Create a target - tClient := targets.NewClient(client) - targetPort, err := strconv.ParseInt(c.TargetPort, 10, 32) - newTargetResult, err := tClient.Create(ctx, "tcp", newProjectId, - targets.WithName("e2e Automated Test Target"), - targets.WithTcpTargetDefaultPort(uint32(targetPort)), - ) - require.NoError(t, err) - newTargetId := newTargetResult.Item.Id - t.Logf("Created Target: %s", newTargetId) - - // Add host set to target - _, err = tClient.AddHostSources(ctx, newTargetId, 0, - []string{newHostSetId}, - targets.WithAutomaticVersioning(true), - ) - require.NoError(t, err) - // Add brokered credentials to target + tClient := targets.NewClient(client) _, err = tClient.AddCredentialSources(ctx, newTargetId, 0, targets.WithBrokeredCredentialSourceIds([]string{newCredentialLibraryId}), targets.WithAutomaticVersioning(true), diff --git a/testing/internal/e2e/helpers.go b/testing/internal/e2e/helpers.go index c6ea753acb..f713a29dc5 100644 --- a/testing/internal/e2e/helpers.go +++ b/testing/internal/e2e/helpers.go @@ -2,6 +2,7 @@ package e2e import ( "bytes" + "context" "errors" "fmt" "os" @@ -47,14 +48,14 @@ const EnvToCheckSkip = "E2E_PASSWORD_AUTH_METHOD_ID" // RunCommand executes external commands on the system. Returns the results // of running the provided command. // -// RunCommand("ls") -// RunCommand("ls", "-al", "/path") +// RunCommand(context.Background(), "ls") +// RunCommand(context.Background(), "ls", "-al", "/path") // // CommandResult is always valid even if there is an error. -func RunCommand(name string, args ...string) *CommandResult { +func RunCommand(ctx context.Context, name string, args ...string) *CommandResult { var outbuf, errbuf bytes.Buffer - cmd := exec.Command(name, args...) + cmd := exec.CommandContext(ctx, name, args...) cmd.Stdout = &outbuf cmd.Stderr = &errbuf diff --git a/testing/internal/e2e/host/aws/dynamichostcatalog_test.go b/testing/internal/e2e/host/aws/dynamichostcatalog_test.go index 819574b1a8..9cf4ea694e 100644 --- a/testing/internal/e2e/host/aws/dynamichostcatalog_test.go +++ b/testing/internal/e2e/host/aws/dynamichostcatalog_test.go @@ -13,7 +13,6 @@ import ( "github.com/hashicorp/boundary/api/hostcatalogs" "github.com/hashicorp/boundary/api/hosts" "github.com/hashicorp/boundary/api/hostsets" - "github.com/hashicorp/boundary/api/targets" "github.com/hashicorp/boundary/testing/internal/e2e" "github.com/hashicorp/boundary/testing/internal/e2e/boundary" "github.com/kelseyhightower/envconfig" @@ -52,15 +51,12 @@ func TestCreateAwsDynamicHostCatalogCli(t *testing.T) { require.NoError(t, err) boundary.AuthenticateCli(t) - - // Create an org and project newOrgId := boundary.CreateNewOrgCli(t) - t.Logf("Created Org Id: %s", newOrgId) newProjectId := boundary.CreateNewProjectCli(t, newOrgId) - t.Logf("Created Project Id: %s", newProjectId) // Create a dynamic host catalog - output := e2e.RunCommand("boundary", "host-catalogs", "create", "plugin", + ctx := context.Background() + output := e2e.RunCommand(ctx, "boundary", "host-catalogs", "create", "plugin", "-scope-id", newProjectId, "-plugin-name", "aws", "-attr", "disable_credential_rotation=true", @@ -77,7 +73,7 @@ func TestCreateAwsDynamicHostCatalogCli(t *testing.T) { t.Logf("Created Host Catalog: %s", newHostCatalogId) // Create a host set - output = e2e.RunCommand("boundary", "host-sets", "create", "plugin", + output = e2e.RunCommand(ctx, "boundary", "host-sets", "create", "plugin", "-host-catalog-id", newHostCatalogId, "-attr", "filters="+c.AwsHostSetFilter1, "-name", "e2e Automated Test Host Set", @@ -96,7 +92,7 @@ func TestCreateAwsDynamicHostCatalogCli(t *testing.T) { var actualHostSetCount1 int err = backoff.RetryNotify( func() error { - output = e2e.RunCommand("boundary", "host-sets", "read", + output = e2e.RunCommand(ctx, "boundary", "host-sets", "read", "-id", newHostSetId1, "-format", "json", ) @@ -132,7 +128,7 @@ func TestCreateAwsDynamicHostCatalogCli(t *testing.T) { assert.Equal(t, expectedHostSetCount1, actualHostSetCount1, "Numbers of hosts in host set did not match expected amount") // Create another host set - output = e2e.RunCommand("boundary", "host-sets", "create", "plugin", + output = e2e.RunCommand(ctx, "boundary", "host-sets", "create", "plugin", "-host-catalog-id", newHostCatalogId, "-attr", "filters="+c.AwsHostSetFilter2, "-name", "e2e Automated Test Host Set2", @@ -150,7 +146,7 @@ func TestCreateAwsDynamicHostCatalogCli(t *testing.T) { var actualHostSetCount2 int err = backoff.RetryNotify( func() error { - output = e2e.RunCommand("boundary", "host-sets", "read", + output = e2e.RunCommand(ctx, "boundary", "host-sets", "read", "-id", newHostSetId2, "-format", "json", ) @@ -185,12 +181,11 @@ func TestCreateAwsDynamicHostCatalogCli(t *testing.T) { assert.Equal(t, expectedHostSetCount2, actualHostSetCount2, "Numbers of hosts in host set did not match expected amount") // Get list of all hosts from host catalog - // Retry is needed here since it can take a few tries before hosts start appearing t.Logf("Looking for items in the host catalog...") var actualHostCatalogCount int err = backoff.RetryNotify( func() error { - output = e2e.RunCommand("boundary", "hosts", "list", + output = e2e.RunCommand(ctx, "boundary", "hosts", "list", "-host-catalog-id", newHostCatalogId, "-format", "json", ) @@ -209,7 +204,7 @@ func TestCreateAwsDynamicHostCatalogCli(t *testing.T) { return errors.New("No items are appearing in the host catalog") } - t.Logf("Found %d hosts", actualHostCatalogCount) + t.Logf("Found %d host(s)", actualHostCatalogCount) return nil }, backoff.WithMaxRetries(backoff.NewConstantBackOff(3*time.Second), 5), @@ -223,28 +218,11 @@ func TestCreateAwsDynamicHostCatalogCli(t *testing.T) { assert.Equal(t, expectedHostCatalogCount, actualHostCatalogCount, "Numbers of hosts in host catalog did not match expected amount") // Create target - output = e2e.RunCommand("boundary", "targets", "create", "tcp", - "-scope-id", newProjectId, - "-default-port", c.TargetPort, - "-name", "e2e Automated Test Target", - "-format", "json", - ) - require.NoError(t, output.Err, string(output.Stderr)) - var newTargetResult targets.TargetCreateResult - err = json.Unmarshal(output.Stdout, &newTargetResult) - require.NoError(t, err) - newTargetId := newTargetResult.Item.Id - t.Logf("Created Target: %s", newTargetId) - - // Add host set to target - output = e2e.RunCommand("boundary", "targets", "add-host-sources", - "-id", newTargetId, - "-host-source", newHostSetId1, - ) - require.NoError(t, output.Err, string(output.Stderr)) + newTargetId := boundary.CreateNewTargetCli(t, newProjectId, c.TargetPort) + boundary.AddHostSourceToTargetCli(t, newTargetId, newHostSetId1) // Connect to target - output = e2e.RunCommand("boundary", "connect", + output = e2e.RunCommand(ctx, "boundary", "connect", "-target-id", newTargetId, "-exec", "/usr/bin/ssh", "--", "-l", c.TargetSshUser, @@ -280,16 +258,12 @@ func TestCreateAwsDynamicHostCatalogApi(t *testing.T) { c, err := loadConfig() require.NoError(t, err) - // Create boundary api client client, err := boundary.NewApiClient() require.NoError(t, err) ctx := context.Background() - // Create an org and project newOrgId := boundary.CreateNewOrgApi(t, ctx, client) - t.Logf("Created Org Id: %s", newOrgId) newProjectId := boundary.CreateNewProjectApi(t, ctx, client, newOrgId) - t.Logf("Created Project Id: %s", newProjectId) // Create a dynamic host catalog hcClient := hostcatalogs.NewClient(client) diff --git a/testing/internal/e2e/host/static/connect_authz_token_test.go b/testing/internal/e2e/host/static/connect_authz_token_test.go new file mode 100644 index 0000000000..01798aba0e --- /dev/null +++ b/testing/internal/e2e/host/static/connect_authz_token_test.go @@ -0,0 +1,119 @@ +package static_test + +import ( + "context" + "encoding/json" + "fmt" + "os" + "strings" + "testing" + + "github.com/hashicorp/boundary/api/credentials" + "github.com/hashicorp/boundary/api/credentialstores" + "github.com/hashicorp/boundary/api/targets" + "github.com/hashicorp/boundary/testing/internal/e2e" + "github.com/hashicorp/boundary/testing/internal/e2e/boundary" + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +// TestConnectTargetWithAuthzTokenCli uses the boundary cli to connect to a target using the +// `authz_token` option +func TestConnectTargetWithAuthzTokenCli(t *testing.T) { + e2e.MaybeSkipTest(t) + c, err := loadConfig() + require.NoError(t, err) + + boundary.AuthenticateCli(t) + newOrgId := boundary.CreateNewOrgCli(t) + newProjectId := boundary.CreateNewProjectCli(t, newOrgId) + newHostCatalogId := boundary.CreateNewHostCatalogCli(t, newProjectId) + newHostSetId := boundary.CreateNewHostSetCli(t, newHostCatalogId) + newHostId := boundary.CreateNewHostCli(t, newHostCatalogId, c.TargetIp) + boundary.AddHostToHostSetCli(t, newHostSetId, newHostId) + newTargetId := boundary.CreateNewTargetCli(t, newProjectId, c.TargetPort) + boundary.AddHostSourceToTargetCli(t, newTargetId, newHostSetId) + + // Create a credential store + ctx := context.Background() + output := e2e.RunCommand(ctx, "boundary", "credential-stores", "create", "static", + "-scope-id", newProjectId, + "-format", "json", + ) + require.NoError(t, output.Err, string(output.Stderr)) + var newCredentialStoreResult credentialstores.CredentialStoreCreateResult + err = json.Unmarshal(output.Stdout, &newCredentialStoreResult) + require.NoError(t, err) + newCredentialStoreId := newCredentialStoreResult.Item.Id + t.Logf("Created Credential Store: %s", newCredentialStoreId) + + // Create credentials + output = e2e.RunCommand(ctx, "boundary", "credentials", "create", "ssh-private-key", + "-credential-store-id", newCredentialStoreId, + "-username", c.TargetSshUser, + "-private-key", "file://"+c.TargetSshKeyPath, + "-format", "json", + ) + require.NoError(t, output.Err, string(output.Stderr)) + var newCredentialsResult credentials.CredentialCreateResult + err = json.Unmarshal(output.Stdout, &newCredentialsResult) + require.NoError(t, err) + newCredentialsId := newCredentialsResult.Item.Id + t.Logf("Created Credentials: %s", newCredentialsId) + + // Add credentials to target + output = e2e.RunCommand(ctx, "boundary", "targets", "add-credential-sources", + "-id", newTargetId, + "-brokered-credential-source", newCredentialsId, + ) + require.NoError(t, output.Err, string(output.Stderr)) + + // Get credentials for target + output = e2e.RunCommand(ctx, "boundary", "targets", "authorize-session", "-id", newTargetId, "-format", "json") + require.NoError(t, output.Err, string(output.Stderr)) + var newSessionAuthorizationResult targets.SessionAuthorizationResult + err = json.Unmarshal(output.Stdout, &newSessionAuthorizationResult) + require.NoError(t, err) + + newSessionAuthorization := newSessionAuthorizationResult.Item + retrievedUser := fmt.Sprintf("%s", newSessionAuthorization.Credentials[0].Credential["username"]) + retrievedKey := fmt.Sprintf("%s\n", newSessionAuthorization.Credentials[0].Credential["private_key"]) + assert.Equal(t, c.TargetSshUser, retrievedUser) + + k, err := os.ReadFile(c.TargetSshKeyPath) + require.NoError(t, err) + require.Equal(t, string(k), retrievedKey) + t.Log("Successfully retrieved credentials for target") + + // Get auth token for session + newAuthToken := newSessionAuthorizationResult.Item.AuthorizationToken + + // Create key file + retrievedKeyPath := fmt.Sprintf("%s/%s", t.TempDir(), "target_private_key.pem") + f, err := os.Create(retrievedKeyPath) + require.NoError(t, err) + _, err = f.WriteString(retrievedKey) + require.NoError(t, err) + err = os.Chmod(retrievedKeyPath, 0o400) + require.NoError(t, err) + + // Connect to target and print host's IP address using retrieved credentials + output = e2e.RunCommand(ctx, "boundary", "connect", + "-authz-token", newAuthToken, + "-exec", "/usr/bin/ssh", "--", + "-l", retrievedUser, + "-i", retrievedKeyPath, + "-o", "UserKnownHostsFile=/dev/null", + "-o", "StrictHostKeyChecking=no", + "-o", "IdentitiesOnly=yes", // forces the use of the provided key + "-p", "{{boundary.port}}", // this is provided by boundary + "{{boundary.ip}}", + "hostname", "-i", + ) + require.NoError(t, output.Err, string(output.Stderr)) + + parts := strings.Fields(string(output.Stdout)) + hostIp := parts[len(parts)-1] + require.Equal(t, c.TargetIp, hostIp, "SSH session did not return expected output") + t.Log("Successfully connected to target") +} diff --git a/testing/internal/e2e/host/static/connect_ssh_test.go b/testing/internal/e2e/host/static/connect_ssh_test.go new file mode 100644 index 0000000000..df0d3e9a0e --- /dev/null +++ b/testing/internal/e2e/host/static/connect_ssh_test.go @@ -0,0 +1,155 @@ +package static_test + +import ( + "context" + "encoding/json" + "fmt" + "os" + "testing" + + "github.com/hashicorp/boundary/api/credentials" + "github.com/hashicorp/boundary/api/credentialstores" + "github.com/hashicorp/boundary/api/targets" + "github.com/hashicorp/boundary/testing/internal/e2e" + "github.com/hashicorp/boundary/testing/internal/e2e/boundary" + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +// TestConnectTargetWithSshCli uses the boundary cli to create a credential using boundary's +// built-in credential store. The test attaches that credential to a target and attempts to connect +// to that target using those credentials. +func TestConnectTargetWithSshCli(t *testing.T) { + e2e.MaybeSkipTest(t) + c, err := loadConfig() + require.NoError(t, err) + + boundary.AuthenticateCli(t) + newOrgId := boundary.CreateNewOrgCli(t) + newProjectId := boundary.CreateNewProjectCli(t, newOrgId) + newHostCatalogId := boundary.CreateNewHostCatalogCli(t, newProjectId) + newHostSetId := boundary.CreateNewHostSetCli(t, newHostCatalogId) + newHostId := boundary.CreateNewHostCli(t, newHostCatalogId, c.TargetIp) + boundary.AddHostToHostSetCli(t, newHostSetId, newHostId) + newTargetId := boundary.CreateNewTargetCli(t, newProjectId, c.TargetPort) + boundary.AddHostSourceToTargetCli(t, newTargetId, newHostSetId) + + // Create a credential store + ctx := context.Background() + output := e2e.RunCommand(ctx, "boundary", "credential-stores", "create", "static", + "-scope-id", newProjectId, + "-format", "json", + ) + require.NoError(t, output.Err, string(output.Stderr)) + var newCredentialStoreResult credentialstores.CredentialStoreCreateResult + err = json.Unmarshal(output.Stdout, &newCredentialStoreResult) + require.NoError(t, err) + newCredentialStoreId := newCredentialStoreResult.Item.Id + t.Logf("Created Credential Store: %s", newCredentialStoreId) + + // Create credentials + output = e2e.RunCommand(ctx, "boundary", "credentials", "create", "ssh-private-key", + "-credential-store-id", newCredentialStoreId, + "-username", c.TargetSshUser, + "-private-key", "file://"+c.TargetSshKeyPath, + "-format", "json", + ) + require.NoError(t, output.Err, string(output.Stderr)) + var newCredentialsResult credentials.CredentialCreateResult + err = json.Unmarshal(output.Stdout, &newCredentialsResult) + require.NoError(t, err) + newCredentialsId := newCredentialsResult.Item.Id + t.Logf("Created Credentials: %s", newCredentialsId) + + // Add credentials to target + output = e2e.RunCommand(ctx, "boundary", "targets", "add-credential-sources", + "-id", newTargetId, + "-brokered-credential-source", newCredentialsId, + ) + require.NoError(t, output.Err, string(output.Stderr)) + + // Get credentials for target + output = e2e.RunCommand(ctx, "boundary", "targets", "authorize-session", "-id", newTargetId, "-format", "json") + require.NoError(t, output.Err, string(output.Stderr)) + var newSessionAuthorizationResult targets.SessionAuthorizationResult + err = json.Unmarshal(output.Stdout, &newSessionAuthorizationResult) + require.NoError(t, err) + + newSessionAuthorization := newSessionAuthorizationResult.Item + retrievedUser := fmt.Sprintf("%s", newSessionAuthorization.Credentials[0].Credential["username"]) + retrievedKey := fmt.Sprintf("%s\n", newSessionAuthorization.Credentials[0].Credential["private_key"]) + assert.Equal(t, c.TargetSshUser, retrievedUser) + + k, err := os.ReadFile(c.TargetSshKeyPath) + require.NoError(t, err) + require.Equal(t, string(k), retrievedKey) + t.Log("Successfully retrieved credentials for target") + + // Connect to target and print host's IP address using retrieved credentials + output = e2e.RunCommand(ctx, "boundary", "connect", "ssh", + "-target-id", newTargetId, "--", + "-o", "UserKnownHostsFile=/dev/null", + "-o", "StrictHostKeyChecking=no", + "-o", "IdentitiesOnly=yes", // forces the use of the provided key + ) + require.NoError(t, output.Err, string(output.Stderr)) + t.Log("Successfully connected to target") +} + +// TestCreateTargetWithStaticCredentialStoreApi uses the boundary go api to create a credential using +// boundary's built-in credential store. The test then attaches that credential to a target. +func TestCreateTargetWithStaticCredentialStoreApi(t *testing.T) { + e2e.MaybeSkipTest(t) + c, err := loadConfig() + require.NoError(t, err) + + client, err := boundary.NewApiClient() + require.NoError(t, err) + ctx := context.Background() + + newOrgId := boundary.CreateNewOrgApi(t, ctx, client) + newProjectId := boundary.CreateNewProjectApi(t, ctx, client, newOrgId) + newHostCatalogId := boundary.CreateNewHostCatalogApi(t, ctx, client, newProjectId) + newHostSetId := boundary.CreateNewHostSetApi(t, ctx, client, newHostCatalogId) + newHostId := boundary.CreateNewHostApi(t, ctx, client, newHostCatalogId, c.TargetIp) + boundary.AddHostToHostSetApi(t, ctx, client, newHostSetId, newHostId) + newTargetId := boundary.CreateNewTargetApi(t, ctx, client, newProjectId, c.TargetPort) + boundary.AddHostSourceToTargetApi(t, ctx, client, newTargetId, newHostSetId) + + // Create a credential store + csClient := credentialstores.NewClient(client) + newCredentialStoreResult, err := csClient.Create(ctx, "static", newProjectId) + require.NoError(t, err) + newCredentialStoreId := newCredentialStoreResult.Item.Id + t.Logf("Created Credential Store: %s", newCredentialStoreId) + + // Create credentials + cClient := credentials.NewClient(client) + k, err := os.ReadFile(c.TargetSshKeyPath) + require.NoError(t, err) + newCredentialsResult, err := cClient.Create(ctx, "ssh_private_key", newCredentialStoreId, + credentials.WithSshPrivateKeyCredentialUsername(c.TargetSshUser), + credentials.WithSshPrivateKeyCredentialPrivateKey(string(k)), + ) + require.NoError(t, err) + newCredentialsId := newCredentialsResult.Item.Id + t.Logf("Created Credentials: %s", newCredentialsId) + + // Add credentials to target + tClient := targets.NewClient(client) + _, err = tClient.AddCredentialSources(ctx, newTargetId, 0, + targets.WithAutomaticVersioning(true), + targets.WithBrokeredCredentialSourceIds([]string{newCredentialsId}), + ) + require.NoError(t, err) + + // Authorize Session + newSessionAuthorizationResult, err := tClient.AuthorizeSession(ctx, newTargetId) + require.NoError(t, err) + newSessionAuthorization := newSessionAuthorizationResult.Item + retrievedUser := fmt.Sprintf("%s", newSessionAuthorization.Credentials[0].Credential["username"]) + retrievedKey := fmt.Sprintf("%s", newSessionAuthorization.Credentials[0].Credential["private_key"]) + assert.Equal(t, c.TargetSshUser, retrievedUser) + require.Equal(t, string(k), retrievedKey) + t.Log("Successfully retrieved credentials for target") +} diff --git a/testing/internal/e2e/host/static/connect_test.go b/testing/internal/e2e/host/static/connect_test.go new file mode 100644 index 0000000000..62c7c1e420 --- /dev/null +++ b/testing/internal/e2e/host/static/connect_test.go @@ -0,0 +1,73 @@ +package static_test + +import ( + "context" + "strings" + "testing" + + "github.com/hashicorp/boundary/testing/internal/e2e" + "github.com/hashicorp/boundary/testing/internal/e2e/boundary" + "github.com/stretchr/testify/require" +) + +// TestConnectTargetCli uses the boundary cli to create a number of supporting objects +// to connect to a target. It then attempts to connect to that target and verifies that +// the connection was successful. +func TestConnectTargetCli(t *testing.T) { + e2e.MaybeSkipTest(t) + c, err := loadConfig() + require.NoError(t, err) + + boundary.AuthenticateCli(t) + newOrgId := boundary.CreateNewOrgCli(t) + newProjectId := boundary.CreateNewProjectCli(t, newOrgId) + newHostCatalogId := boundary.CreateNewHostCatalogCli(t, newProjectId) + newHostSetId := boundary.CreateNewHostSetCli(t, newHostCatalogId) + newHostId := boundary.CreateNewHostCli(t, newHostCatalogId, c.TargetIp) + boundary.AddHostToHostSetCli(t, newHostSetId, newHostId) + newTargetId := boundary.CreateNewTargetCli(t, newProjectId, c.TargetPort) + boundary.AddHostSourceToTargetCli(t, newTargetId, newHostSetId) + + // Connect to target and print host's IP address + ctx := context.Background() + output := e2e.RunCommand(ctx, "boundary", "connect", + "-target-id", newTargetId, + "-exec", "/usr/bin/ssh", "--", + "-l", c.TargetSshUser, + "-i", c.TargetSshKeyPath, + "-o", "UserKnownHostsFile=/dev/null", + "-o", "StrictHostKeyChecking=no", + "-o", "IdentitiesOnly=yes", // forces the use of the provided key + "-p", "{{boundary.port}}", // this is provided by boundary + "{{boundary.ip}}", + "hostname", "-i", + ) + require.NoError(t, output.Err, string(output.Stderr)) + + parts := strings.Fields(string(output.Stdout)) + hostIp := parts[len(parts)-1] + require.Equal(t, c.TargetIp, hostIp, "SSH session did not return expected output") + t.Log("Successfully connected to target") +} + +// TestCreateTargetApi uses the boundary go api to create a number of supporting objects +// to connect to a target. This test does not connect to the target due to the complexity +// when not using the cli. +func TestCreateTargetApi(t *testing.T) { + e2e.MaybeSkipTest(t) + c, err := loadConfig() + require.NoError(t, err) + + client, err := boundary.NewApiClient() + require.NoError(t, err) + ctx := context.Background() + + newOrgId := boundary.CreateNewOrgApi(t, ctx, client) + newProjectId := boundary.CreateNewProjectApi(t, ctx, client, newOrgId) + newHostCatalogId := boundary.CreateNewHostCatalogApi(t, ctx, client, newProjectId) + newHostSetId := boundary.CreateNewHostSetApi(t, ctx, client, newHostCatalogId) + newHostId := boundary.CreateNewHostApi(t, ctx, client, newHostCatalogId, c.TargetIp) + boundary.AddHostToHostSetApi(t, ctx, client, newHostSetId, newHostId) + newTargetId := boundary.CreateNewTargetApi(t, ctx, client, newProjectId, c.TargetPort) + boundary.AddHostSourceToTargetApi(t, ctx, client, newTargetId, newHostSetId) +} diff --git a/testing/internal/e2e/host/static/env.go b/testing/internal/e2e/host/static/env_test.go similarity index 100% rename from testing/internal/e2e/host/static/env.go rename to testing/internal/e2e/host/static/env_test.go diff --git a/testing/internal/e2e/host/static/session_test.go b/testing/internal/e2e/host/static/session_test.go new file mode 100644 index 0000000000..51a13ae91e --- /dev/null +++ b/testing/internal/e2e/host/static/session_test.go @@ -0,0 +1,114 @@ +package static_test + +import ( + "context" + "encoding/json" + "errors" + "testing" + "time" + + "github.com/cenkalti/backoff/v4" + "github.com/hashicorp/boundary/api/sessions" + "github.com/hashicorp/boundary/testing/internal/e2e" + "github.com/hashicorp/boundary/testing/internal/e2e/boundary" + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func TestSessionCancelingCli(t *testing.T) { + e2e.MaybeSkipTest(t) + c, err := loadConfig() + require.NoError(t, err) + + boundary.AuthenticateCli(t) + newOrgId := boundary.CreateNewOrgCli(t) + newProjectId := boundary.CreateNewProjectCli(t, newOrgId) + newHostCatalogId := boundary.CreateNewHostCatalogCli(t, newProjectId) + newHostSetId := boundary.CreateNewHostSetCli(t, newHostCatalogId) + newHostId := boundary.CreateNewHostCli(t, newHostCatalogId, c.TargetIp) + boundary.AddHostToHostSetCli(t, newHostSetId, newHostId) + newTargetId := boundary.CreateNewTargetCli(t, newProjectId, c.TargetPort) + boundary.AddHostSourceToTargetCli(t, newTargetId, newHostSetId) + + // Connect to target to create a session + ctxCancel, cancel := context.WithCancel(context.Background()) + errChan := make(chan *e2e.CommandResult) + go func() { + errChan <- e2e.RunCommand(ctxCancel, "boundary", "connect", + "-target-id", newTargetId, + "-exec", "/usr/bin/ssh", "--", + "-l", c.TargetSshUser, + "-i", c.TargetSshKeyPath, + "-o", "UserKnownHostsFile=/dev/null", + "-o", "StrictHostKeyChecking=no", + "-o", "IdentitiesOnly=yes", // forces the use of the provided key + "-p", "{{boundary.port}}", // this is provided by boundary + "{{boundary.ip}}", + "hostname -i; sleep 60", + ) + }() + t.Cleanup(cancel) + + // Get list of sessions + ctx := context.Background() + var session *sessions.Session + err = backoff.RetryNotify( + func() error { + output := e2e.RunCommand(ctx, "boundary", "sessions", "list", "-scope-id", newProjectId, "-format", "json") + if output.Err != nil { + return backoff.Permanent(errors.New(string(output.Stderr))) + } + + var sessionListResult sessions.SessionListResult + err = json.Unmarshal(output.Stdout, &sessionListResult) + if err != nil { + return backoff.Permanent(err) + } + + sessionCount := len(sessionListResult.Items) + if sessionCount == 0 { + return errors.New("No items are appearing in the session list") + } + + t.Logf("Found %d session(s)", sessionCount) + if sessionCount != 1 { + return backoff.Permanent(errors.New("Only one session was expected to be found")) + } + + session = sessionListResult.Items[0] + return nil + }, + backoff.WithMaxRetries(backoff.NewConstantBackOff(3*time.Second), 5), + func(err error, td time.Duration) { + t.Logf("%s. Retrying...", err.Error()) + }, + ) + require.NoError(t, err) + assert.Equal(t, newTargetId, session.TargetId) + assert.Equal(t, newHostId, session.HostId) + require.Equal(t, "active", session.Status) + + // Cancel session + output := e2e.RunCommand(ctx, "boundary", "sessions", "cancel", "-id", session.Id) + require.NoError(t, output.Err, string(output.Stderr)) + + output = e2e.RunCommand(ctx, "boundary", "sessions", "read", "-id", session.Id, "-format", "json") + require.NoError(t, output.Err, string(output.Stderr)) + var newSessionReadResult sessions.SessionReadResult + err = json.Unmarshal(output.Stdout, &newSessionReadResult) + require.NoError(t, err) + require.Condition(t, func() bool { + return newSessionReadResult.Item.Status == "canceling" || newSessionReadResult.Item.Status == "terminated" + }) + + // Check output from session + select { + case output := <-errChan: + // `boundary connect` returns a 255 when cancelled + require.Equal(t, output.ExitCode, 255, string(output.Stdout), string(output.Stderr)) + case <-time.After(time.Second * 5): + t.Fatal("Timed out waiting for session command to exit") + } + + t.Log("Successfully cancelled session") +} diff --git a/testing/internal/e2e/host/static/staticcredential_test.go b/testing/internal/e2e/host/static/staticcredential_test.go deleted file mode 100644 index 278c3a58ba..0000000000 --- a/testing/internal/e2e/host/static/staticcredential_test.go +++ /dev/null @@ -1,257 +0,0 @@ -package static_test - -import ( - "context" - "encoding/json" - "fmt" - "os" - "strconv" - "testing" - - "github.com/hashicorp/boundary/api/credentials" - "github.com/hashicorp/boundary/api/credentialstores" - "github.com/hashicorp/boundary/api/hostcatalogs" - "github.com/hashicorp/boundary/api/hosts" - "github.com/hashicorp/boundary/api/hostsets" - "github.com/hashicorp/boundary/api/targets" - "github.com/hashicorp/boundary/testing/internal/e2e" - "github.com/hashicorp/boundary/testing/internal/e2e/boundary" - "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/require" -) - -// TestConnectTargetWithStaticCredentialStoreCli uses the boundary cli to create a credential using -// boundary's built-in credential store. The test attaches that credential to a target and attempts -// to connect to that target using those credentials. -func TestConnectTargetWithStaticCredentialStoreCli(t *testing.T) { - e2e.MaybeSkipTest(t) - c, err := loadConfig() - require.NoError(t, err) - - boundary.AuthenticateCli(t) - - // Create an org and project - newOrgId := boundary.CreateNewOrgCli(t) - t.Logf("Created Org Id: %s", newOrgId) - newProjectId := boundary.CreateNewProjectCli(t, newOrgId) - t.Logf("Created Project Id: %s", newProjectId) - - // Create a credential store - output := e2e.RunCommand("boundary", "credential-stores", "create", "static", - "-scope-id", newProjectId, - "-format", "json", - ) - require.NoError(t, output.Err, string(output.Stderr)) - var newCredentialStoreResult credentialstores.CredentialStoreCreateResult - err = json.Unmarshal(output.Stdout, &newCredentialStoreResult) - require.NoError(t, err) - newCredentialStoreId := newCredentialStoreResult.Item.Id - t.Logf("Created Credential Store: %s", newCredentialStoreId) - - // Create credentials - output = e2e.RunCommand("boundary", "credentials", "create", "ssh-private-key", - "-credential-store-id", newCredentialStoreId, - "-username", c.TargetSshUser, - "-private-key", "file://"+c.TargetSshKeyPath, - "-format", "json", - ) - require.NoError(t, output.Err, string(output.Stderr)) - var newCredentialsResult credentials.CredentialCreateResult - err = json.Unmarshal(output.Stdout, &newCredentialsResult) - require.NoError(t, err) - newCredentialsId := newCredentialsResult.Item.Id - t.Logf("Created Credentials: %s", newCredentialsId) - - // Create a host catalog - output = e2e.RunCommand("boundary", "host-catalogs", "create", "static", - "-scope-id", newProjectId, - "-name", "e2e Automated Test Host Catalog", - "-format", "json", - ) - require.NoError(t, output.Err, string(output.Stderr)) - var newHostCatalogResult hostcatalogs.HostCatalogCreateResult - err = json.Unmarshal(output.Stdout, &newHostCatalogResult) - require.NoError(t, err) - newHostCatalogId := newHostCatalogResult.Item.Id - t.Logf("Created Host Catalog: %s", newHostCatalogId) - - // Create a host set and add to catalog - output = e2e.RunCommand("boundary", "host-sets", "create", "static", - "-host-catalog-id", newHostCatalogId, - "-name", "e2e Automated Test Host Set", - "-format", "json", - ) - require.NoError(t, output.Err, string(output.Stderr)) - var newHostSetResult hostsets.HostSetCreateResult - err = json.Unmarshal(output.Stdout, &newHostSetResult) - require.NoError(t, err) - newHostSetId := newHostSetResult.Item.Id - t.Logf("Created Host Set: %s", newHostSetId) - - // Create a host - output = e2e.RunCommand("boundary", "hosts", "create", "static", - "-host-catalog-id", newHostCatalogId, - "-name", c.TargetIp, - "-address", c.TargetIp, - "-format", "json", - ) - require.NoError(t, output.Err, string(output.Stderr)) - var newHostResult hosts.HostCreateResult - err = json.Unmarshal(output.Stdout, &newHostResult) - require.NoError(t, err) - newHostId := newHostResult.Item.Id - t.Logf("Created Host: %s", newHostId) - - // Add host to host set - output = e2e.RunCommand("boundary", "host-sets", "add-hosts", "-id", newHostSetId, "-host", newHostId) - require.NoError(t, output.Err, string(output.Stderr)) - - // Create a target - output = e2e.RunCommand("boundary", "targets", "create", "tcp", - "-scope-id", newProjectId, - "-default-port", c.TargetPort, - "-name", "e2e Automated Test Target", - "-format", "json", - ) - require.NoError(t, output.Err, string(output.Stderr)) - var newTargetResult targets.TargetCreateResult - err = json.Unmarshal(output.Stdout, &newTargetResult) - require.NoError(t, err) - newTargetId := newTargetResult.Item.Id - t.Logf("Created Target: %s", newTargetId) - - // Add host set to target - output = e2e.RunCommand("boundary", "targets", "add-host-sources", - "-id", newTargetId, - "-host-source", newHostSetId, - ) - require.NoError(t, output.Err, string(output.Stderr)) - - // Add credentials to target - output = e2e.RunCommand("boundary", "targets", "add-credential-sources", - "-id", newTargetId, - "-brokered-credential-source", newCredentialsId, - ) - require.NoError(t, output.Err, string(output.Stderr)) - - // Get credentials for target - output = e2e.RunCommand("boundary", "targets", "authorize-session", "-id", newTargetId, "-format", "json") - require.NoError(t, output.Err, string(output.Stderr)) - var newSessionAuthorizationResult targets.SessionAuthorizationResult - err = json.Unmarshal(output.Stdout, &newSessionAuthorizationResult) - require.NoError(t, err) - - newSessionAuthorization := newSessionAuthorizationResult.Item - retrievedUser := fmt.Sprintf("%s", newSessionAuthorization.Credentials[0].Credential["username"]) - retrievedKey := fmt.Sprintf("%s\n", newSessionAuthorization.Credentials[0].Credential["private_key"]) - assert.Equal(t, c.TargetSshUser, retrievedUser) - - k, err := os.ReadFile(c.TargetSshKeyPath) - require.NoError(t, err) - require.Equal(t, string(k), retrievedKey) - t.Log("Successfully retrieved credentials for target") - - // Connect to target and print host's IP address using retrieved credentials - output = e2e.RunCommand("boundary", "connect", "ssh", - "-target-id", newTargetId, "--", - "-o", "UserKnownHostsFile=/dev/null", - "-o", "StrictHostKeyChecking=no", - "-o", "IdentitiesOnly=yes", // forces the use of the provided key - ) - require.NoError(t, output.Err, string(output.Stderr)) - t.Log("Successfully connected to target") -} - -// TestCreateTargetWithStaticCredentialStoreApi uses the boundary go api to create a credential using -// boundary's built-in credential store. The test then attaches that credential to a target. -func TestCreateTargetWithStaticCredentialStoreApi(t *testing.T) { - e2e.MaybeSkipTest(t) - c, err := loadConfig() - require.NoError(t, err) - - // Create boundary api client - client, err := boundary.NewApiClient() - require.NoError(t, err) - ctx := context.Background() - - // Create an org and project - newOrgId := boundary.CreateNewOrgApi(t, ctx, client) - t.Logf("Created Org Id: %s", newOrgId) - newProjectId := boundary.CreateNewProjectApi(t, ctx, client, newOrgId) - t.Logf("Created Project Id: %s", newProjectId) - - // Create a credential store - csClient := credentialstores.NewClient(client) - newCredentialStoreResult, err := csClient.Create(ctx, "static", newProjectId) - require.NoError(t, err) - newCredentialStoreId := newCredentialStoreResult.Item.Id - t.Logf("Created Credential Store: %s", newCredentialStoreId) - - // Create credentials - cClient := credentials.NewClient(client) - k, err := os.ReadFile(c.TargetSshKeyPath) - require.NoError(t, err) - newCredentialsResult, err := cClient.Create(ctx, "ssh_private_key", newCredentialStoreId, - credentials.WithSshPrivateKeyCredentialUsername(c.TargetSshUser), - credentials.WithSshPrivateKeyCredentialPrivateKey(string(k)), - ) - require.NoError(t, err) - newCredentialsId := newCredentialsResult.Item.Id - t.Logf("Created Credentials: %s", newCredentialsId) - - // Create a host catalog - hcClient := hostcatalogs.NewClient(client) - newHostCatalogResult, err := hcClient.Create(ctx, "static", newProjectId, - hostcatalogs.WithName("e2e Automated Test Host Catalog"), - ) - require.NoError(t, err) - newHostCatalogId := newHostCatalogResult.Item.Id - t.Logf("Created Host Catalog: %s", newHostCatalogId) - - // Create a host set and add to catalog - hsClient := hostsets.NewClient(client) - newHostSetResult, err := hsClient.Create(ctx, newHostCatalogId) - require.NoError(t, err) - newHostSetId := newHostSetResult.Item.Id - t.Logf("Created Host Set: %s", newHostSetId) - - // Create a host - hClient := hosts.NewClient(client) - newHostResult, err := hClient.Create(ctx, newHostCatalogId, - hosts.WithName(c.TargetIp), - hosts.WithStaticHostAddress(c.TargetIp), - ) - require.NoError(t, err) - newHostId := newHostResult.Item.Id - t.Logf("Created Host: %s", newHostId) - - // Add host to host set - _, err = hsClient.AddHosts(ctx, newHostSetId, 0, []string{newHostId}, hostsets.WithAutomaticVersioning(true)) - require.NoError(t, err) - - // Create a target - tClient := targets.NewClient(client) - targetPort, err := strconv.ParseInt(c.TargetPort, 10, 32) - require.NoError(t, err) - newTargetResult, err := tClient.Create(ctx, "tcp", newProjectId, - targets.WithName("e2e Automated Test Target"), - targets.WithTcpTargetDefaultPort(uint32(targetPort)), - ) - require.NoError(t, err) - newTargetId := newTargetResult.Item.Id - t.Logf("Created Target: %s", newTargetId) - - // Add host set to target - _, err = tClient.AddHostSources(ctx, newTargetId, 0, - []string{newHostSetId}, - targets.WithAutomaticVersioning(true), - ) - require.NoError(t, err) - - // Add credentials to target - _, err = tClient.AddCredentialSources(ctx, newTargetId, 0, - targets.WithAutomaticVersioning(true), - targets.WithBrokeredCredentialSourceIds([]string{newCredentialsId}), - ) - require.NoError(t, err) -} diff --git a/testing/internal/e2e/host/static/statichost_test.go b/testing/internal/e2e/host/static/statichost_test.go deleted file mode 100644 index ad012c692e..0000000000 --- a/testing/internal/e2e/host/static/statichost_test.go +++ /dev/null @@ -1,220 +0,0 @@ -package static_test - -import ( - "context" - "encoding/json" - "strconv" - "strings" - "testing" - - "github.com/hashicorp/boundary/api/hostcatalogs" - "github.com/hashicorp/boundary/api/hosts" - "github.com/hashicorp/boundary/api/hostsets" - "github.com/hashicorp/boundary/api/targets" - "github.com/hashicorp/boundary/testing/internal/e2e" - "github.com/hashicorp/boundary/testing/internal/e2e/boundary" - "github.com/stretchr/testify/require" -) - -// TestConnectTargetCli uses the boundary cli to create a number of supporting objects -// to connect to a target. It then attempts to connect to that target and verifies that -// the connection was successful. -func TestConnectTargetCli(t *testing.T) { - e2e.MaybeSkipTest(t) - c, err := loadConfig() - require.NoError(t, err) - - boundary.AuthenticateCli(t) - - // Create an org and project - newOrgId := boundary.CreateNewOrgCli(t) - t.Logf("Created Org Id: %s", newOrgId) - newProjectId := boundary.CreateNewProjectCli(t, newOrgId) - t.Logf("Created Project Id: %s", newProjectId) - - // Create a host catalog - output := e2e.RunCommand("boundary", "host-catalogs", "create", "static", - "-scope-id", newProjectId, - "-name", "e2e Automated Test Host Catalog", - "-format", "json", - ) - require.NoError(t, output.Err, string(output.Stderr)) - var newHostCatalogResult hostcatalogs.HostCatalogCreateResult - err = json.Unmarshal(output.Stdout, &newHostCatalogResult) - require.NoError(t, err) - newHostCatalogId := newHostCatalogResult.Item.Id - t.Cleanup(func() { - output := e2e.RunCommand("boundary", "host-catalogs", "delete", "-id", newHostCatalogId) - require.NoError(t, output.Err, string(output.Stderr)) - }) - t.Logf("Created Host Catalog: %s", newHostCatalogId) - - // Create a host set and add to catalog - output = e2e.RunCommand("boundary", "host-sets", "create", "static", - "-host-catalog-id", newHostCatalogId, - "-name", "e2e Automated Test Host Set", - "-format", "json", - ) - require.NoError(t, output.Err, string(output.Stderr)) - var newHostSetResult hostsets.HostSetCreateResult - err = json.Unmarshal(output.Stdout, &newHostSetResult) - require.NoError(t, err) - newHostSetId := newHostSetResult.Item.Id - t.Cleanup(func() { - output := e2e.RunCommand("boundary", "host-sets", "delete", "-id", newHostSetId) - require.NoError(t, output.Err, string(output.Stderr)) - }) - t.Logf("Created Host Set: %s", newHostSetId) - - // Create a host - output = e2e.RunCommand("boundary", "hosts", "create", "static", - "-host-catalog-id", newHostCatalogId, - "-name", c.TargetIp, - "-address", c.TargetIp, - "-format", "json", - ) - require.NoError(t, output.Err, string(output.Stderr)) - var newHostResult hosts.HostCreateResult - err = json.Unmarshal(output.Stdout, &newHostResult) - require.NoError(t, err) - newHostId := newHostResult.Item.Id - t.Cleanup(func() { - output := e2e.RunCommand("boundary", "hosts", "delete", "-id", newHostId) - require.NoError(t, output.Err, string(output.Stderr)) - }) - t.Logf("Created Host: %s", newHostId) - - // Add host to host set - output = e2e.RunCommand("boundary", "host-sets", "add-hosts", "-id", newHostSetId, "-host", newHostId) - require.NoError(t, output.Err, string(output.Stderr)) - - // Create a target - output = e2e.RunCommand("boundary", "targets", "create", "tcp", - "-scope-id", newProjectId, - "-default-port", c.TargetPort, - "-name", "e2e Automated Test Target", - "-format", "json", - ) - require.NoError(t, output.Err, string(output.Stderr)) - var newTargetResult targets.TargetCreateResult - err = json.Unmarshal(output.Stdout, &newTargetResult) - require.NoError(t, err) - newTargetId := newTargetResult.Item.Id - t.Cleanup(func() { - output := e2e.RunCommand("boundary", "targets", "delete", "-id", newTargetId) - require.NoError(t, output.Err, string(output.Stderr)) - }) - t.Logf("Created Target: %s", newTargetId) - - // Add host set to target - output = e2e.RunCommand("boundary", "targets", "add-host-sources", - "-id", newTargetId, - "-host-source", newHostSetId, - ) - require.NoError(t, output.Err, string(output.Stderr)) - - // Connect to target and print host's IP address - output = e2e.RunCommand("boundary", "connect", - "-target-id", newTargetId, - "-exec", "/usr/bin/ssh", "--", - "-l", c.TargetSshUser, - "-i", c.TargetSshKeyPath, - "-o", "UserKnownHostsFile=/dev/null", - "-o", "StrictHostKeyChecking=no", - "-o", "IdentitiesOnly=yes", // forces the use of the provided key - "-p", "{{boundary.port}}", // this is provided by boundary - "{{boundary.ip}}", - "hostname", "-i", - ) - require.NoError(t, output.Err, string(output.Stderr)) - - parts := strings.Fields(string(output.Stdout)) - hostIp := parts[len(parts)-1] - require.Equal(t, c.TargetIp, hostIp, "SSH session did not return expected output") - t.Log("Successfully connected to target") -} - -// TestCreateTargetApi uses the boundary go api to create a number of supporting objects -// to connect to a target. This test does not connect to the target due to the complexity -// when not using the cli. -func TestCreateTargetApi(t *testing.T) { - e2e.MaybeSkipTest(t) - c, err := loadConfig() - require.NoError(t, err) - - // Create boundary api client - client, err := boundary.NewApiClient() - require.NoError(t, err) - ctx := context.Background() - - // Create an org and project - newOrgId := boundary.CreateNewOrgApi(t, ctx, client) - t.Logf("Created Org Id: %s", newOrgId) - newProjectId := boundary.CreateNewProjectApi(t, ctx, client, newOrgId) - t.Logf("Created Project Id: %s", newProjectId) - - // Create a host catalog - hcClient := hostcatalogs.NewClient(client) - newHostCatalogResult, err := hcClient.Create(ctx, "static", newProjectId, - hostcatalogs.WithName("e2e Automated Test Host Catalog"), - ) - require.NoError(t, err) - newHostCatalogId := newHostCatalogResult.Item.Id - t.Cleanup(func() { - _, err := hcClient.Delete(ctx, newHostCatalogId) - require.NoError(t, err) - }) - t.Logf("Created Host Catalog: %s", newHostCatalogId) - - // Create a host set and add to catalog - hsClient := hostsets.NewClient(client) - newHostSetResult, err := hsClient.Create(ctx, newHostCatalogId) - require.NoError(t, err) - newHostSetId := newHostSetResult.Item.Id - t.Cleanup(func() { - _, err := hsClient.Delete(ctx, newHostSetId) - require.NoError(t, err) - }) - t.Logf("Created Host Set: %s", newHostSetId) - - // Create a host - hClient := hosts.NewClient(client) - newHostResult, err := hClient.Create(ctx, newHostCatalogId, - hosts.WithName(c.TargetIp), - hosts.WithStaticHostAddress(c.TargetIp), - ) - require.NoError(t, err) - newHostId := newHostResult.Item.Id - t.Cleanup(func() { - _, err := hClient.Delete(ctx, newHostId) - require.NoError(t, err) - }) - t.Logf("Created Host: %s", newHostId) - - // Add host to host set - _, err = hsClient.AddHosts(ctx, newHostSetId, 0, []string{newHostId}, hostsets.WithAutomaticVersioning(true)) - require.NoError(t, err) - - // Create a target - tClient := targets.NewClient(client) - targetPort, err := strconv.ParseInt(c.TargetPort, 10, 32) - require.NoError(t, err) - newTargetResult, err := tClient.Create(ctx, "tcp", newProjectId, - targets.WithName("e2e Automated Test Target"), - targets.WithTcpTargetDefaultPort(uint32(targetPort)), - ) - require.NoError(t, err) - newTargetId := newTargetResult.Item.Id - t.Cleanup(func() { - _, err := tClient.Delete(ctx, newTargetId) - require.NoError(t, err) - }) - t.Logf("Created Target: %s", newTargetId) - - // Add host set to target - _, err = tClient.AddHostSources(ctx, newTargetId, 0, - []string{newHostSetId}, - targets.WithAutomaticVersioning(true), - ) - require.NoError(t, err) -} diff --git a/testing/internal/e2e/vault/vault.go b/testing/internal/e2e/vault/vault.go index 42f148534f..8e02473393 100644 --- a/testing/internal/e2e/vault/vault.go +++ b/testing/internal/e2e/vault/vault.go @@ -2,6 +2,7 @@ package vault import ( + "context" "fmt" "os" "path" @@ -36,13 +37,14 @@ func Setup(t testing.TB) (string, string) { _, filename, _, ok := runtime.Caller(0) require.True(t, ok) + ctx := context.Background() policyName := "boundary-controller" - output := e2e.RunCommand("vault", "policy", "write", policyName, + output := e2e.RunCommand(ctx, "vault", "policy", "write", policyName, path.Join(path.Dir(filename), "boundary-controller-policy.hcl"), ) require.NoError(t, output.Err, string(output.Stderr)) t.Cleanup(func() { - output := e2e.RunCommand("vault", "policy", "delete", policyName) + output := e2e.RunCommand(ctx, "vault", "policy", "delete", policyName) require.NoError(t, output.Err, string(output.Stderr)) }) @@ -65,16 +67,17 @@ func CreateKvPrivateKeyCredential(t testing.TB, secretName string, secretPath st require.NoError(t, err) // Add policy to vault + ctx := context.Background() policyName := "kv-read" - output := e2e.RunCommand("vault", "policy", "write", policyName, kvPolicyFilePath) + output := e2e.RunCommand(ctx, "vault", "policy", "write", policyName, kvPolicyFilePath) require.NoError(t, output.Err, string(output.Stderr)) t.Cleanup(func() { - output := e2e.RunCommand("vault", "policy", "delete", policyName) + output := e2e.RunCommand(ctx, "vault", "policy", "delete", policyName) require.NoError(t, output.Err, string(output.Stderr)) }) // Create secret - output = e2e.RunCommand("vault", "kv", "put", + output = e2e.RunCommand(ctx, "vault", "kv", "put", "-mount", secretPath, secretName, "username="+user,