boundary

Commit Graph

Author	SHA1	Message	Date
Michael Li	5ec75924df	refact(e2e): Set up variables to prepare for docker implementation (#2992 ) * refact(e2e): Explicitly define port used for targets To maintain consistency for how we define ports, this change explicitly defines the port used in the enos scenario as opposed to relying on a "default" value. This change is in support of work that attempts to spin up test infrastructure using docker. The openssh-server image uses Port 2222, which needs to be passed to the test suite. * refact(e2e): Add optional "Internal" Vault Address parameter This change enables scenarios that need two different Vault addresses, one used by the Vault CLI and one by the Boundary server instance. In the case when using a Docker container, the Boundary server needs the Vault address "internal" to the Docker network, whereas the Vault CLI running outside of the network needs a different address.	3 years ago
Michael Li	96918f0ab6	test(e2e/migration): Add additional resources to database before migrating (#2948 )	3 years ago
Michael Li	fcddd972bf	test(e2e): Add test for `boundary version` (#2933 ) During testing, there was an issue observed where some additional characters were added to the version output. This test validates that output.	3 years ago
Michael Li	8ad861f426	test(e2e): Update migration test to use vault docker container (#2909 ) * fix(enos): Make sure enos reports test as failure After updating this command to save off the output from running `go test`, enos would not report when tests failed. This was due to the extra pipe hiding the exit status of the prior commands. Adding this option should return the status of the last command to exit with a non-zero status. * doc(e2e): Fix comments * refact(e2e): Update AuthenticateCli to accept auth method id * refact(e2e/migration): Use docker to set up vault instead of enos * refact(e2e/migration): Adjust where environment variables are set	3 years ago
Johan Brandhorst-Satzkorn	3c29308673	chore: Add license headers to all files	3 years ago
Haotian	43f0ba89cf	feat(credentiallibraries): support vault ssh certificates	3 years ago
Michael Li	036a71fc93	test(e2e): Add test for updated `boundary authenticate` command (#2848 )	3 years ago
Michael Li	461b194cde	fix(e2e): Address flake due to timing (#2774 ) Observed a flake in this test where a session was still reporting 0 bytes up/down on the first read. Modifying the checks to be more resilient.	3 years ago
Damian Debkowski	b3ba9c5b4d	test(enos): new e2e test for target address (#2732 ) Co-authored-by: Hugo <hugoamvieira@users.noreply.github.com>	3 years ago
Michael Li	fdf3318f72	test(e2e): Add tests for bytes_up/bytes_down (#2740 ) * refact(e2e): Create env files for consistency * refact(e2e): Addmethod for waiting for session * test(e2e): Add bytes up/down test * fix(e2e): Fix require.Equal statements to have the correct order * fix(e2e): Fix loop variable	3 years ago
Michael Li	ff8f1be0a1	test(e2e): Add test for when an incorrect tag is used in a dynamic host catalog (#2731 ) * refact(e2e): Move Dynamic Host Catalog env to its own file This keeps each scenario consistent (an env_test.go file in each directory) * refact(e2e): Update to use type casting * refact(e2e): Rename existing dynamic host catalog test * test(e2e): Add test for an empty dynamic host catalog This test verifies that you fail to connect to a target with an empty host set (in a dynamic host catalog) * fix(e2e): Update return statement since we know err is nil * fix(e2e): Add ok checks in type assertions	3 years ago
Michael Li	8bd883a37d	test(e2e): Add tests to validate that session ends after target is deleted (#2709 ) * test(e2e): Add more "session end" tests These tests validate that the session ends when the respective project or target is deleted. It also ensures that the session can still be read after the deletion of the corresponding item. * Removing test from PR due to bug This test found a bug that will be resolved in the future. Taking this test out of the PR and will add it once the bug is fixed.	3 years ago
Michael Li	1596b02e53	test(e2e): Add database migration test (#2627 ) * test(e2e): Add database migration test * chore(enos): Add enos scenario for migration test * chore(enos): Update go test command to use count option * doc(e2e): Update readme with migration test details * Fix: Typo * CR: Use different library * CR: Add additional context in comment * CR: Move some code from test into functions * doc(e2e): Add instructions to more easily retrieve environment variables * refact(e2e): Create some more methods to increase test readability	3 years ago
Michael Li	0eb7c04c1d	test(e2e): Add tests to validate that session ends after host source is deleted (#2689 )	3 years ago
Michael Li	45171a3f56	refact(e2e): Changes to support an automated migration test (#2676 ) * refact(e2e): Move cleanup steps into each test The migration test needed to create some resources, but doesn't care about cleaning up because the test would take care of spinning down the docker container that it's using. To maintain flexibility going forward, we'll establish that tests are responsible for cleaning up (rather than the methods they use) * refact(e2e): Use new env var for skip check Currently, the e2e tests use the E2E_PASSWORD_AUTH_METHOD_ID environment variable to determine if the test should be skipped. However, the new migration test does not require a pre-existing boundary cluster and would not have this environment variable. As a result, we needed an alternative way to check if an e2e test should be skipped when running tests in ci. * refact(e2e): Create more common boundary methods * fix(e2e): Set to string value Co-authored-by: Johan Brandhorst-Satzkorn <johan.brandhorst@gmail.com>	3 years ago
Michael Li	2d90dc2c97	test(e2e): Minor clerical updates to key destruction tests (#2674 )	3 years ago
Johan Brandhorst-Satzkorn	edd323b73a	Key Rotation/Destruction (#2477 ) (#2607 ) * Key Rotation/Destruction (#2477) * fix: Correct kms.CreateKeys comment This method does not return anything. * feat(kms): Add new ListKeys method The new ListKeys method wraps the underlying KMS wrapper, returning all the keys in the scope specified. * feat(scopes): Add new scope actions for key management Adds list-keys, rotate-keys and revoke-keys actions for scopes. * feat(scopes): Add ListKeys API endpoint This new endpoint lists all keys in a scope * feat(api): Add ListKeys to Scopes client This has to be a custom function because it is a custom action and doesn't map well to any of the existing templates, or generalises well in a way that would make it reasonable to create a new template. * feat(cli): Add new scopes list-keys command * add RotateKeys function to the kms repository * Add Rotate Keys Endpoint to Scopes Api (#2360) * add rotate keys endpoint * add tests for RotateKeys endpoint * remove that one comment I forgot about * addressing more PR comments * Add Rotate Keys CLI Command (#2395) * add cli command and client * add bats tests * fix some info text and pr comments * write a new rotate keys description * Add Missing DEK Foreign Keys (#2408) * add missing fks * mark key as nullable in gorm * update tests to use a new wrapper with a real key_id * fix formatting in test and add keys for auth_token test * replace key values * revert postgres_40_01_test.go * style: reformat sql for readability * refactor: change type of key_id columns to kms_private_id * Store key_id and scope_id with oplog entries, re-type columns referencing data key version (#2431) * fix(db): Correct types of data key version referencers * fix(oplog): Fix missing error handling * feat(oplog): Store key_id and scope_id with oplog entries This migration truncates all existing oplog entries, as migrating existing data would have been complex and likely unnecessary. * Update view references * Always delete oplog entries when dropping keys * Fix rebase issues * Fix sql tests * Add schema for new kms destruction jobs (#2479) * feat: Add schema for new kms destruction jobs The schema lets us manage destruction jobs per-table while providing a guarantee that only one run is running at a time. * Apply suggestions from code review Co-authored-by: Michael Gaffney <mgaffney@users.noreply.github.com> * Fix table reference and tests Co-authored-by: Michael Gaffney <mgaffney@users.noreply.github.com> * update domain, api, and cli to all include key versions in outputs (#2472) * update domain, api, and cli to all include key versions in outputs * fix go sum * add migration to fix immutable error * fix final test issue as well as make gen issue * rebase and fix * address johan pr comments * make gen, didn't realize comments were included * update migrations based on new migration 55 file 03 * Move migrations to 56 * feat: Add key version rewrapping function registry (#2478) The new RegisterTableRewrapFn can be used by a domain to register a callback to use when rewrapping data in a specific table name. * feat(kms): Add scopeId to RewrapFn (#2539) This makes it much easier for rewrap functions to look up the correct wrapper and limit the number of rows searched. * Update Root Cert Proto Definition (#2542) * update root cert proto definition to properly identify public_key as the table primary key * add the test fix as well * Rewrap Functions for Encrypted Tables (#2532) * add oidc rewrap * add argon2 config rewrap * add auth token rewrapping * add worker auth cert rewrapping * check the err * add username password credential rewrapping * add ssh private key credential rewrapping * add vault client certificate rewrap function * add host catalog secret rewrap function * cleanup a little * add host vault token rewrap function * add session credential rewrap function * add session rewrap function * add worker auth rewrap function * update test to include full assert gamut * add session rewrap function TEST * bring all tests up to current standards, make more readable, and include full assert gamut * rework all rewrap functions to utilize scope id * update comments, queries, sql refs, etc, in response to PR comments * forgot a comment * remove hmac updates and fix a couple comments again * Rewrapping Registered Tables Test (#2555) * add the registered table test as well as the two missing rewrap functions * address pr comments, add db r/w conversions, cmp.diff, sql comment, remove (now) faulty immutable test * Add ability to list key version destruction jobs, recurring jobs and destroying key versions (#2498) * feat(kms): Add ability to list data key version destruction jobs * feat(scopes): Add ListKeyVersionDestructionJobs * feat(cli): Add list-key-version-destruction-jobs * feat(kms): Add recurring job that performs table rewrapping The new recurring job runs for each job table with a registered rewrapping callback. It attempts to become the running run and start its rewrapping, gracefully handling sudden interruptions by resuming it's work if it finds evidence of sudden interruption. * feat(kms): Add recurring job for destroying key versions The new job monitors the database for data key version destruction jobs that have finished rewrapping all its data, performing the final data key version revocation. * feat(kms): Add DestroyKeyVersion DestroyKeyVersion immediately destroys a key version if it is a root key version or a data key version which encrypts no data. If the data key version encrypts data which needs to be rewrapped, it queues an asynchronous job to complete the rewrapping operation. * feat(scopes): Add DestroyKeyVersion API endpoint * feat(cli): Add scopes destroy-key-version CLI command * Ensure all secret updates include key ID (#2556) * feat(all): Ensure all secret updates include key ID When updating a secret, it is paramount that the key ID is also updated, as it is the only means we have of ensuring that we only destroy keys once there is no more data associated with the key. * Remove fix to session repository for now This breaks the current private key derivation method * add new encrypt/decrypt funcs and made necessary proto changes (#2557) * add new encrypt/decrypt funcs and made necessary proto changes * address all PR comments * fix test panic * add param checking to rewraps * fix(schema): Correctly organize migrations again * Review comments part 1 * Review comments part 2 * Review comments part 3 * Store cert private key, encrypt tofu token (#2583) * fix(session): store cert private key, encrypt tofu token Previously, we would derive a session certificate private key from the session key used in each project, and not store the key. We would also encrypt the tofu token with the database key but not store a reference to this key in the database. This change fixes this by replacing our key derivation with a key generation step, and instead store the generated key, encrypted, in the database. We also ensure that any new tofu tokens are encrypted with the same key. To handle existing sessions, we lazily rewrite the sessions whenever a user lists them. There is a minor risk that a user could end up destroying the database key that encrypts the tofu token before that session has been rewrapped, but this is going to be rare and temporary. * feat(session): Allow the random source for secrets to be configured * Review comments * Minor fixes * More minor fixes * More small fixes Co-authored-by: Danielle Miu <dani.miu@hashicorp.com> Co-authored-by: Danielle <29378233+DanielleMiu@users.noreply.github.com> Co-authored-by: Michael Gaffney <mike@gaffney.cc> Co-authored-by: Michael Gaffney <mgaffney@users.noreply.github.com> * fix(session): Unset session key ID when scope is deleted Unsetting the key ID allows the session to live beyond the lifetime of the scope, while allowing the scope to cascade delete its keys. * fix(migrations): Rewrite migration 56 tests These tests can no longer use the normal test helpers as they try to use the new oplog table structure, so we have to manually write all the interactions. * fix(migrations): Rename migration 58 file name This was the name used in the release branch, update it to the new migration number. * fix(e2e): Add some comments and debug to kms tests * fix(session): Handle empty project and user IDs in read When a project or user is deleted, the session is automatically canceled and the respective field on the session is unset. LookupSession did not handle this case gracefully, and would error on decryption in this state. Skip decrypting sessions that do not have either a user or project to avoid this error. The decrypted values are not used for a canceled session. * Fix worker test * Increase test timeout Co-authored-by: Danielle Miu <dani.miu@hashicorp.com> Co-authored-by: Danielle <29378233+DanielleMiu@users.noreply.github.com> Co-authored-by: Michael Gaffney <mike@gaffney.cc> Co-authored-by: Michael Gaffney <mgaffney@users.noreply.github.com>	3 years ago
Michael Li	ae28bf7838	test(e2e): Update test to also use a username/password credential in vault (#2595 ) * test(e2e): Add test that uses a vault username/password * refact(e2e): Use go:embed for policy file	3 years ago
Michael Li	80cdbc305d	test(e2e): Check that an active session ends if the user is deleted (#2588 ) Adds a new test to the e2e test suite that checks that an active session ends once the user is deleted.	3 years ago
Michael Li	d68d57e884	fix(e2e): Add retry when checking if session is active (#2586 ) Observed some flakiness here. A test reported that the session was still "pending". Adding additional retries to ensure that it will eventually go active.	3 years ago
Michael Li	48e6156428	test(e2e): Add test that creates a group	3 years ago
Michael Li	02dc9be85f	refact(e2e): Create role functions	3 years ago
Michael Li	81bb361148	test(e2e): Add `ssh localhost` test (#2579 ) This adds a test case where a user would do `boundary connect` in one terminal and `ssh localhost` in another to get to the target.	3 years ago
Michael Li	f4a38a7fc9	fix(e2e): Fix authentication flakiness There was a misunderstanding of how goroutines work. Turns out, the goroutine uses the same keyring as the main routine, which can result in some conflicts depending on when the goroutine executes	3 years ago
Michael Li	c1449c4fd8	test(e2e): Add additional checks to credential store tests	3 years ago
Michael Li	935cc830aa	test(e2e): Add test for vault using the connect authz-token option	3 years ago
Michael Li	0424d379cf	refact(e2e): Reorganize test directory Rearranges the directory structure to align better with the enos scenarios. Tests will now be added in the `tests` directory, with a folder in the directory corresponding to an enos scenario.	3 years ago

27 Commits (000fc7c0e014d01dbbcef87e8a62aa2f2b149641)