aherman
/
boundary
mirror of https://github.com/hashicorp/boundary
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'd66b92abe0'
${ noResults }
boundary/internal/server/job/rotate_roots_job_test.go

222 lines
4.9 KiB
Raw Blame History

package servers
import (
"context"
"crypto/rand"
"testing"
"time"
"github.com/hashicorp/boundary/internal/db"
"github.com/hashicorp/boundary/internal/errors"
"github.com/hashicorp/boundary/internal/kms"
"github.com/hashicorp/boundary/internal/scheduler"
"github.com/hashicorp/boundary/internal/server"
"github.com/hashicorp/boundary/internal/types/scope"
"github.com/hashicorp/nodeenrollment/types"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
)
func TestRotateRootsJob(t *testing.T) {
require, assert := require.New(t), assert.New(t)
ctx := context.Background()
wrapper := db.TestWrapper(t)
conn, _ := db.TestSetup(t, "postgres")
rw := db.New(conn)
kmsCache := kms.TestKms(t, conn, wrapper)
err := kmsCache.CreateKeys(context.Background(), scope.Global.String(), kms.WithRandomReader(rand.Reader))
require.NoError(err)
workerAuthRepo, err := server.NewRepositoryStorage(ctx, rw, rw, kmsCache)
require.NoError(err)
type args struct {
w db.Writer
r db.Reader
kms *kms.Kms
}
tests := []struct {
name string
args args
options []server.Option
wantLimit int
wantErr bool
wantErrCode errors.Code
}{
{
name: "nil writer",
args: args{
r: rw,
kms: kmsCache,
},
wantErr: true,
wantErrCode: errors.InvalidParameter,
},
{
name: "nil reader",
args: args{
w: rw,
kms: kmsCache,
},
wantErr: true,
wantErrCode: errors.InvalidParameter,
},
{
name: "nil kms",
args: args{
w: rw,
r: rw,
},
wantErr: true,
wantErrCode: errors.InvalidParameter,
},
{
name: "valid",
args: args{
w: rw,
r: rw,
kms: kmsCache,
},
wantLimit: db.DefaultLimit,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
got, err := newRotateRootsJob(ctx, tt.args.r, tt.args.w, tt.args.kms)
if tt.wantErr {
require.Error(err)
assert.Nil(got)
assert.Truef(errors.Match(errors.T(tt.wantErrCode), err), "Unexpected error %s", err)
return
}
require.NoError(err)
require.NotNil(got)
require.Equal(0, got.totalRotates)
rootIds, err := workerAuthRepo.List(ctx, (*types.RootCertificate)(nil))
require.NoError(err)
assert.Len(rootIds, 0)
assert.Equal("rotate_roots", got.Name())
assert.Equal("Rotate root certificates", got.Description())
nextRun, err := got.NextRunIn(ctx)
require.NoError(err)
assert.Equal(time.Hour, nextRun)
// Run job and ensure rotation was performed
err = got.Run(ctx)
require.NoError(err)
require.Equal(1, got.totalRotates)
rootIds, err = workerAuthRepo.List(ctx, (*types.RootCertificate)(nil))
require.NoError(err)
assert.Len(rootIds, 2)
})
}
}
func TestRotateRootsJobFailure(t *testing.T) {
require := require.New(t)
ctx := context.Background()
wrapper := db.TestWrapper(t)
conn, _ := db.TestSetup(t, "postgres")
kmsCache := kms.TestKms(t, conn, wrapper)
err := kmsCache.CreateKeys(context.Background(), scope.Global.String(), kms.WithRandomReader(rand.Reader))
require.NoError(err)
got, err := newRotateRootsJob(ctx, &db.Db{}, &db.Db{}, kmsCache)
require.NoError(err)
err = got.Run(ctx)
require.Error(err)
}
func TestRegisterRotateRootsJob(t *testing.T) {
require, assert := require.New(t), assert.New(t)
ctx := context.Background()
wrapper := db.TestWrapper(t)
conn, _ := db.TestSetup(t, "postgres")
rw := db.New(conn)
kmsCache := kms.TestKms(t, conn, wrapper)
err := kmsCache.CreateKeys(context.Background(), scope.Global.String(), kms.WithRandomReader(rand.Reader))
require.NoError(err)
sched := scheduler.TestScheduler(t, conn, wrapper)
type args struct {
s *scheduler.Scheduler
w db.Writer
r db.Reader
kms *kms.Kms
}
tests := []struct {
name string
args args
options []server.Option
wantLimit int
wantErr bool
wantErrCode errors.Code
}{
{
name: "nil scheduler",
args: args{
w: rw,
r: rw,
kms: kmsCache,
},
wantErr: true,
wantErrCode: errors.InvalidParameter,
},
{
name: "nil writer",
args: args{
s: sched,
r: rw,
kms: kmsCache,
},
wantErr: true,
wantErrCode: errors.InvalidParameter,
},
{
name: "nil reader",
args: args{
s: sched,
w: rw,
kms: kmsCache,
},
wantErr: true,
wantErrCode: errors.InvalidParameter,
},
{
name: "nil kms",
args: args{
s: sched,
w: rw,
r: rw,
},
wantErr: true,
wantErrCode: errors.InvalidParameter,
},
{
name: "valid",
args: args{
s: sched,
w: rw,
r: rw,
kms: kmsCache,
},
wantLimit: db.DefaultLimit,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
err := RegisterJobs(ctx, tt.args.s, tt.args.r, tt.args.w, tt.args.kms)
if tt.wantErr {
require.Error(err)
assert.Truef(errors.Match(errors.T(tt.wantErrCode), err), "Unexpected error %s", err)
return
}
require.NoError(err)
})
}
}
Reference in new issue View Git Blame Copy Permalink