From fee2b99ade97c2e59eb4b8841220c3b2b8da7917 Mon Sep 17 00:00:00 2001 From: Michael Li Date: Fri, 23 Feb 2024 15:46:11 -0500 Subject: [PATCH] refact(e2e): Create vault-generic credential library helper method (#4437) * refact(e2e): Create vault-generic credential library helper method * fixup! refact(e2e): Create vault-generic credential library helper method --- testing/internal/e2e/boundary/credential.go | 37 ++++++++++++++++ .../base_with_vault/credential_store_test.go | 40 ++++++------------ .../target_tcp_vault_connect_test.go | 21 +++------- ..._vault_generic_connect_authz_token_test.go | 21 +++------- ...rget_tcp_vault_generic_connect_ssh_test.go | 21 +++------- .../target_tcp_vault_generic_connect_test.go | 21 +++------- .../target_tcp_worker_connect_ssh_test.go | 21 +++------- .../e2e/tests/database/migration_test.go | 42 ++++++------------- 8 files changed, 92 insertions(+), 132 deletions(-) diff --git a/testing/internal/e2e/boundary/credential.go b/testing/internal/e2e/boundary/credential.go index d52e2cbb97..3db5b16954 100644 --- a/testing/internal/e2e/boundary/credential.go +++ b/testing/internal/e2e/boundary/credential.go @@ -6,12 +6,15 @@ package boundary import ( "context" "encoding/json" + "fmt" "testing" "github.com/hashicorp/boundary/api" + "github.com/hashicorp/boundary/api/credentiallibraries" "github.com/hashicorp/boundary/api/credentials" "github.com/hashicorp/boundary/api/credentialstores" "github.com/hashicorp/boundary/testing/internal/e2e" + "github.com/hashicorp/go-secure-stdlib/base62" "github.com/stretchr/testify/require" ) @@ -88,6 +91,40 @@ func CreateNewCredentialStoreStaticCli(t testing.TB, ctx context.Context, projec return newCredentialStoreId } +// CreateVaultGenericCredentialLibraryCli creates a vault-generic credential +// library using the cli +// Returns the id of the credential library or an error +func CreateVaultGenericCredentialLibraryCli(t testing.TB, ctx context.Context, credentialStoreId string, vaultPath string, credentialType string) (string, error) { + name, err := base62.Random(16) + if err != nil { + return "", err + } + + output := e2e.RunCommand(ctx, "boundary", + e2e.WithArgs( + "credential-libraries", "create", "vault-generic", + "-credential-store-id", credentialStoreId, + "-vault-path", vaultPath, + "-credential-type", credentialType, + "-name", fmt.Sprintf("e2e Credential Library %s", name), + "-description", "e2e", + "-format", "json", + ), + ) + if output.Err != nil { + return "", fmt.Errorf("%s", output.Stderr) + } + + var newCredentialLibraryResult credentiallibraries.CredentialLibraryCreateResult + err = json.Unmarshal(output.Stdout, &newCredentialLibraryResult) + if err != nil { + return "", err + } + credentialLibraryId := newCredentialLibraryResult.Item.Id + t.Logf("Created Credential Library: %s", credentialLibraryId) + return credentialLibraryId, nil +} + // CreateNewStaticCredentialPrivateKeyCli uses the cli to create a new private key credential in the // provided static credential store. // Returns the id of the new credential diff --git a/testing/internal/e2e/tests/base_with_vault/credential_store_test.go b/testing/internal/e2e/tests/base_with_vault/credential_store_test.go index 8ddbbeaf67..82edd2ce03 100644 --- a/testing/internal/e2e/tests/base_with_vault/credential_store_test.go +++ b/testing/internal/e2e/tests/base_with_vault/credential_store_test.go @@ -6,6 +6,7 @@ package base_with_vault_test import ( "context" "encoding/json" + "fmt" "os" "testing" @@ -100,39 +101,24 @@ func TestCliVaultCredentialStore(t *testing.T) { newCredentialStoreId := boundary.CreateNewCredentialStoreVaultCli(t, ctx, newProjectId, c.VaultAddr, credStoreToken) // Create a credential library for the private key - output = e2e.RunCommand(ctx, "boundary", - e2e.WithArgs( - "credential-libraries", "create", "vault-generic", - "-credential-store-id", newCredentialStoreId, - "-vault-path", c.VaultSecretPath+"/data/"+privateKeySecretName, - "-name", "e2e Automated Test Vault Credential Library - Private Key", - "-credential-type", "ssh_private_key", - "-format", "json", - ), + newPrivateKeyCredentialLibraryId, err := boundary.CreateVaultGenericCredentialLibraryCli( + t, + ctx, + newCredentialStoreId, + fmt.Sprintf("%s/data/%s", c.VaultSecretPath, privateKeySecretName), + "ssh_private_key", ) - require.NoError(t, output.Err, string(output.Stderr)) - var newCredentialLibraryResult credentiallibraries.CredentialLibraryCreateResult - err = json.Unmarshal(output.Stdout, &newCredentialLibraryResult) require.NoError(t, err) - newPrivateKeyCredentialLibraryId := newCredentialLibraryResult.Item.Id - t.Logf("Created Credential Library: %s", newPrivateKeyCredentialLibraryId) // Create a credential library for the password - output = e2e.RunCommand(ctx, "boundary", - e2e.WithArgs( - "credential-libraries", "create", "vault-generic", - "-credential-store-id", newCredentialStoreId, - "-vault-path", c.VaultSecretPath+"/data/"+passwordSecretName, - "-name", "e2e Automated Test Vault Credential Library - Password", - "-credential-type", "username_password", - "-format", "json", - ), + newPasswordCredentialLibraryId, err := boundary.CreateVaultGenericCredentialLibraryCli( + t, + ctx, + newCredentialStoreId, + fmt.Sprintf("%s/data/%s", c.VaultSecretPath, passwordSecretName), + "username_password", ) - require.NoError(t, output.Err, string(output.Stderr)) - err = json.Unmarshal(output.Stdout, &newCredentialLibraryResult) require.NoError(t, err) - newPasswordCredentialLibraryId := newCredentialLibraryResult.Item.Id - t.Logf("Created Credential Library: %s", newPasswordCredentialLibraryId) // Get credentials for target (expect empty) output = e2e.RunCommand(ctx, "boundary", diff --git a/testing/internal/e2e/tests/base_with_vault/target_tcp_vault_connect_test.go b/testing/internal/e2e/tests/base_with_vault/target_tcp_vault_connect_test.go index ca3349236b..92fe04d75f 100644 --- a/testing/internal/e2e/tests/base_with_vault/target_tcp_vault_connect_test.go +++ b/testing/internal/e2e/tests/base_with_vault/target_tcp_vault_connect_test.go @@ -11,7 +11,6 @@ import ( "strings" "testing" - "github.com/hashicorp/boundary/api/credentiallibraries" "github.com/hashicorp/boundary/api/targets" "github.com/hashicorp/boundary/testing/internal/e2e" "github.com/hashicorp/boundary/testing/internal/e2e/boundary" @@ -101,22 +100,14 @@ func TestCliTcpTargetVaultConnectTarget(t *testing.T) { newCredentialStoreId := boundary.CreateNewCredentialStoreVaultCli(t, ctx, newProjectId, c.VaultAddr, credStoreToken) // Create a credential library - output = e2e.RunCommand(ctx, "boundary", - e2e.WithArgs( - "credential-libraries", "create", "vault-generic", - "-credential-store-id", newCredentialStoreId, - "-vault-path", fmt.Sprintf("%s/data/%s", c.VaultSecretPath, privateKeySecretName), - "-name", "e2e Automated Test Vault Credential Library", - "-credential-type", "ssh_private_key", - "-format", "json", - ), + newCredentialLibraryId, err := boundary.CreateVaultGenericCredentialLibraryCli( + t, + ctx, + newCredentialStoreId, + fmt.Sprintf("%s/data/%s", c.VaultSecretPath, privateKeySecretName), + "ssh_private_key", ) - require.NoError(t, output.Err, string(output.Stderr)) - var newCredentialLibraryResult credentiallibraries.CredentialLibraryCreateResult - err = json.Unmarshal(output.Stdout, &newCredentialLibraryResult) require.NoError(t, err) - newCredentialLibraryId := newCredentialLibraryResult.Item.Id - t.Logf("Created Credential Library: %s", newCredentialLibraryId) // Add brokered credentials to target boundary.AddBrokeredCredentialSourceToTargetCli(t, ctx, newTargetId, newCredentialLibraryId) diff --git a/testing/internal/e2e/tests/base_with_vault/target_tcp_vault_generic_connect_authz_token_test.go b/testing/internal/e2e/tests/base_with_vault/target_tcp_vault_generic_connect_authz_token_test.go index 2041ba2c7e..c84c73685c 100644 --- a/testing/internal/e2e/tests/base_with_vault/target_tcp_vault_generic_connect_authz_token_test.go +++ b/testing/internal/e2e/tests/base_with_vault/target_tcp_vault_generic_connect_authz_token_test.go @@ -10,7 +10,6 @@ import ( "os" "testing" - "github.com/hashicorp/boundary/api/credentiallibraries" "github.com/hashicorp/boundary/api/targets" "github.com/hashicorp/boundary/testing/internal/e2e" "github.com/hashicorp/boundary/testing/internal/e2e/boundary" @@ -100,22 +99,14 @@ func TestCliTcpTargetVaultGenericConnectTargetWithAuthzToken(t *testing.T) { newCredentialStoreId := boundary.CreateNewCredentialStoreVaultCli(t, ctx, newProjectId, c.VaultAddr, credStoreToken) // Create a credential library - output = e2e.RunCommand(ctx, "boundary", - e2e.WithArgs( - "credential-libraries", "create", "vault-generic", - "-credential-store-id", newCredentialStoreId, - "-vault-path", fmt.Sprintf("%s/data/%s", c.VaultSecretPath, privateKeySecretName), - "-name", "e2e Automated Test Vault Credential Library", - "-credential-type", "ssh_private_key", - "-format", "json", - ), + newCredentialLibraryId, err := boundary.CreateVaultGenericCredentialLibraryCli( + t, + ctx, + newCredentialStoreId, + fmt.Sprintf("%s/data/%s", c.VaultSecretPath, privateKeySecretName), + "ssh_private_key", ) - require.NoError(t, output.Err, string(output.Stderr)) - var newCredentialLibraryResult credentiallibraries.CredentialLibraryCreateResult - err = json.Unmarshal(output.Stdout, &newCredentialLibraryResult) require.NoError(t, err) - newCredentialLibraryId := newCredentialLibraryResult.Item.Id - t.Logf("Created Credential Library: %s", newCredentialLibraryId) boundary.AddBrokeredCredentialSourceToTargetCli(t, ctx, newTargetId, newCredentialLibraryId) diff --git a/testing/internal/e2e/tests/base_with_vault/target_tcp_vault_generic_connect_ssh_test.go b/testing/internal/e2e/tests/base_with_vault/target_tcp_vault_generic_connect_ssh_test.go index 79d12a5717..d0a567c2a2 100644 --- a/testing/internal/e2e/tests/base_with_vault/target_tcp_vault_generic_connect_ssh_test.go +++ b/testing/internal/e2e/tests/base_with_vault/target_tcp_vault_generic_connect_ssh_test.go @@ -10,7 +10,6 @@ import ( "os" "testing" - "github.com/hashicorp/boundary/api/credentiallibraries" "github.com/hashicorp/boundary/api/targets" "github.com/hashicorp/boundary/testing/internal/e2e" "github.com/hashicorp/boundary/testing/internal/e2e/boundary" @@ -100,22 +99,14 @@ func TestCliTcpTargetVaultGenericConnectTargetWithSsh(t *testing.T) { newCredentialStoreId := boundary.CreateNewCredentialStoreVaultCli(t, ctx, newProjectId, c.VaultAddr, credStoreToken) // Create a credential library - output = e2e.RunCommand(ctx, "boundary", - e2e.WithArgs( - "credential-libraries", "create", "vault-generic", - "-credential-store-id", newCredentialStoreId, - "-vault-path", fmt.Sprintf("%s/data/%s", c.VaultSecretPath, privateKeySecretName), - "-name", "e2e Automated Test Vault Credential Library", - "-credential-type", "ssh_private_key", - "-format", "json", - ), + newCredentialLibraryId, err := boundary.CreateVaultGenericCredentialLibraryCli( + t, + ctx, + newCredentialStoreId, + fmt.Sprintf("%s/data/%s", c.VaultSecretPath, privateKeySecretName), + "ssh_private_key", ) - require.NoError(t, output.Err, string(output.Stderr)) - var newCredentialLibraryResult credentiallibraries.CredentialLibraryCreateResult - err = json.Unmarshal(output.Stdout, &newCredentialLibraryResult) require.NoError(t, err) - newCredentialLibraryId := newCredentialLibraryResult.Item.Id - t.Logf("Created Credential Library: %s", newCredentialLibraryId) // Add brokered credentials to target boundary.AddBrokeredCredentialSourceToTargetCli(t, ctx, newTargetId, newCredentialLibraryId) diff --git a/testing/internal/e2e/tests/base_with_vault/target_tcp_vault_generic_connect_test.go b/testing/internal/e2e/tests/base_with_vault/target_tcp_vault_generic_connect_test.go index e64f329b58..7a58faf740 100644 --- a/testing/internal/e2e/tests/base_with_vault/target_tcp_vault_generic_connect_test.go +++ b/testing/internal/e2e/tests/base_with_vault/target_tcp_vault_generic_connect_test.go @@ -11,7 +11,6 @@ import ( "strings" "testing" - "github.com/hashicorp/boundary/api/credentiallibraries" "github.com/hashicorp/boundary/api/targets" "github.com/hashicorp/boundary/testing/internal/e2e" "github.com/hashicorp/boundary/testing/internal/e2e/boundary" @@ -101,22 +100,14 @@ func TestCliTcpTargetVaultGenericConnectTarget(t *testing.T) { newCredentialStoreId := boundary.CreateNewCredentialStoreVaultCli(t, ctx, newProjectId, c.VaultAddr, credStoreToken) // Create a credential library - output = e2e.RunCommand(ctx, "boundary", - e2e.WithArgs( - "credential-libraries", "create", "vault-generic", - "-credential-store-id", newCredentialStoreId, - "-vault-path", fmt.Sprintf("%s/data/%s", c.VaultSecretPath, privateKeySecretName), - "-name", "e2e Automated Test Vault Credential Library", - "-credential-type", "ssh_private_key", - "-format", "json", - ), + newCredentialLibraryId, err := boundary.CreateVaultGenericCredentialLibraryCli( + t, + ctx, + newCredentialStoreId, + fmt.Sprintf("%s/data/%s", c.VaultSecretPath, privateKeySecretName), + "ssh_private_key", ) - require.NoError(t, output.Err, string(output.Stderr)) - var newCredentialLibraryResult credentiallibraries.CredentialLibraryCreateResult - err = json.Unmarshal(output.Stdout, &newCredentialLibraryResult) require.NoError(t, err) - newCredentialLibraryId := newCredentialLibraryResult.Item.Id - t.Logf("Created Credential Library: %s", newCredentialLibraryId) // Add brokered credentials to target boundary.AddBrokeredCredentialSourceToTargetCli(t, ctx, newTargetId, newCredentialLibraryId) diff --git a/testing/internal/e2e/tests/base_with_worker/target_tcp_worker_connect_ssh_test.go b/testing/internal/e2e/tests/base_with_worker/target_tcp_worker_connect_ssh_test.go index c638276874..fefcf063b0 100644 --- a/testing/internal/e2e/tests/base_with_worker/target_tcp_worker_connect_ssh_test.go +++ b/testing/internal/e2e/tests/base_with_worker/target_tcp_worker_connect_ssh_test.go @@ -10,7 +10,6 @@ import ( "strings" "testing" - "github.com/hashicorp/boundary/api/credentiallibraries" "github.com/hashicorp/boundary/internal/target" "github.com/hashicorp/boundary/testing/internal/e2e" "github.com/hashicorp/boundary/testing/internal/e2e/boundary" @@ -98,22 +97,14 @@ func TestCliTcpTargetWorkerConnectTarget(t *testing.T) { newCredentialStoreId := boundary.CreateNewCredentialStoreVaultCli(t, ctx, newProjectId, c.VaultAddr, credStoreToken) // Create a credential library - output = e2e.RunCommand(ctx, "boundary", - e2e.WithArgs( - "credential-libraries", "create", "vault-generic", - "-credential-store-id", newCredentialStoreId, - "-vault-path", fmt.Sprintf("%s/data/%s", c.VaultSecretPath, privateKeySecretName), - "-name", "e2e Automated Test Vault Credential Library", - "-credential-type", "ssh_private_key", - "-format", "json", - ), + newCredentialLibraryId, err := boundary.CreateVaultGenericCredentialLibraryCli( + t, + ctx, + newCredentialStoreId, + fmt.Sprintf("%s/data/%s", c.VaultSecretPath, privateKeySecretName), + "ssh_private_key", ) - require.NoError(t, output.Err, string(output.Stderr)) - var newCredentialLibraryResult credentiallibraries.CredentialLibraryCreateResult - err = json.Unmarshal(output.Stdout, &newCredentialLibraryResult) require.NoError(t, err) - newCredentialLibraryId := newCredentialLibraryResult.Item.Id - t.Logf("Created Credential Library: %s", newCredentialLibraryId) // Try to set a worker filter on a vault credential-store output = e2e.RunCommand(ctx, "boundary", diff --git a/testing/internal/e2e/tests/database/migration_test.go b/testing/internal/e2e/tests/database/migration_test.go index 819fbcf6f2..f9c1d74b19 100644 --- a/testing/internal/e2e/tests/database/migration_test.go +++ b/testing/internal/e2e/tests/database/migration_test.go @@ -15,7 +15,6 @@ import ( "testing" "time" - "github.com/hashicorp/boundary/api/credentiallibraries" "github.com/hashicorp/boundary/api/workers" "github.com/hashicorp/boundary/internal/target" "github.com/hashicorp/boundary/testing/internal/e2e" @@ -287,41 +286,24 @@ func populateBoundaryDatabase(t testing.TB, ctx context.Context, c *config, te T newVaultCredentialStoreId := boundary.CreateNewCredentialStoreVaultCli(t, ctx, newProjectId, te.Vault.UriNetwork, credStoreToken) // Create a credential library for the private key in vault - output = e2e.RunCommand(ctx, "boundary", - e2e.WithArgs( - "credential-libraries", "create", "vault-generic", - "-credential-store-id", newVaultCredentialStoreId, - "-vault-path", c.VaultSecretPath+"/data/"+privateKeySecretName, - "-name", "e2e Automated Test Vault Credential Library", - "-credential-type", "ssh_private_key", - "-description", "e2e", - "-format", "json", - ), + _, err = boundary.CreateVaultGenericCredentialLibraryCli( + t, + ctx, + newVaultCredentialStoreId, + fmt.Sprintf("%s/data/%s", c.VaultSecretPath, privateKeySecretName), + "ssh_private_key", ) - require.NoError(t, output.Err, string(output.Stderr)) - var newCredentialLibraryResult credentiallibraries.CredentialLibraryCreateResult - err = json.Unmarshal(output.Stdout, &newCredentialLibraryResult) require.NoError(t, err) - newCredentialLibraryId := newCredentialLibraryResult.Item.Id - t.Logf("Created Credential Library: %s", newCredentialLibraryId) // Create a credential library for the password in vault - output = e2e.RunCommand(ctx, "boundary", - e2e.WithArgs( - "credential-libraries", "create", "vault-generic", - "-credential-store-id", newVaultCredentialStoreId, - "-vault-path", c.VaultSecretPath+"/data/"+passwordSecretName, - "-name", "e2e Automated Test Vault Credential Library - Password", - "-credential-type", "username_password", - "-description", "e2e", - "-format", "json", - ), + _, err = boundary.CreateVaultGenericCredentialLibraryCli( + t, + ctx, + newVaultCredentialStoreId, + fmt.Sprintf("%s/data/%s", c.VaultSecretPath, passwordSecretName), + "username_password", ) - require.NoError(t, output.Err, string(output.Stderr)) - err = json.Unmarshal(output.Stdout, &newCredentialLibraryResult) require.NoError(t, err) - newPasswordCredentialLibraryId := newCredentialLibraryResult.Item.Id - t.Logf("Created Credential Library: %s", newPasswordCredentialLibraryId) // Create a worker output = e2e.RunCommand(ctx, "boundary",