Working tests

2025-12-16 15:01:13 +01:00 · 2017-09-29 09:33:58 +01:00 · 2017-09-29 09:33:58 +01:00 · 7e5c465ecb
commit 7e5c465ecb
parent bf68079051
1 changed files with 39 additions and 9 deletions
--- a/builtin/logical/nomad/backend_test.go
+++ b/builtin/logical/nomad/backend_test.go
@ -71,6 +71,20 @@ func prepareTestContainer(t *testing.T) (cleanup func(), retAddress string, noma
 			Rules: `namespace "default" {
        policy = "read"
      }
+      `,
+		}
+		anonPolicy := &nomadapi.ACLPolicy{
+			Name:        "anonymous",
+			Description: "Deny all access for anonymous requests",
+			Rules: `namespace "default" {
+            policy = "deny"
+        }
+        agent {
+            policy = "deny"
+        }
+        node {
+            policy = "deny"
+        }
        `,
 		}
 		nomadAuthConfig := nomadapi.DefaultConfig()
@ -81,6 +95,10 @@ func prepareTestContainer(t *testing.T) (cleanup func(), retAddress string, noma
 		if err != nil {
 			t.Fatal(err)
 		}
+		_, err = nomadAuth.ACLPolicies().Upsert(anonPolicy, nil)
+		if err != nil {
+			t.Fatal(err)
+		}
 		return err
 	}); err != nil {
 		cleanup()
@ -143,9 +161,10 @@ func TestBackend_renew_revoke(t *testing.T) {
 		t.Fatal(err)
 	}

-	cleanup, connURL, connToken := prepareTestContainer(t)
-	defer cleanup()
-
+	//cleanup, connURL, connToken := prepareTestContainer(t)
+	//defer cleanup()
+	//Ignore cleanup until I can find why the bloody test is not working
+	_, connURL, connToken := prepareTestContainer(t)
 	connData := map[string]interface{}{
 		"address": connURL,
 		"token":   connToken,
@ -191,11 +210,12 @@ func TestBackend_renew_revoke(t *testing.T) {

 	var d struct {
 		Token    string `mapstructure:"secret_id"`
+		Accessor string `mapstructure:"accessor_id"`
 	}
 	if err := mapstructure.Decode(resp.Data, &d); err != nil {
 		t.Fatal(err)
 	}
-	log.Printf("[WARN] Generated token: %s", d.Token)
+	log.Printf("[WARN] Generated token: %s with accesor %s", d.Token, d.Accessor)

 	// Build a client and verify that the credentials work
 	nomadapiConfig := nomadapi.DefaultConfig()
@ -207,7 +227,7 @@ func TestBackend_renew_revoke(t *testing.T) {
 	}

 	log.Printf("[WARN] Verifying that the generated token works...")
-	_, err = client.Jobs().List, nil
+	_, err = client.Agent().Members, nil
 	if err != nil {
 		t.Fatal(err)
 	}
@ -228,9 +248,19 @@ func TestBackend_renew_revoke(t *testing.T) {
 		t.Fatal(err)
 	}

-	log.Printf("[WARN] Verifying that the generated token does not work...")
-	_, err = client.Jobs().List, nil
+	// Build a management client and verify that the token does not exist anymore
+	nomadmgmtConfig := nomadapi.DefaultConfig()
+	nomadmgmtConfig.Address = connData["address"].(string)
+	nomadmgmtConfig.SecretID = connData["token"].(string)
+	mgmtclient, err := nomadapi.NewClient(nomadmgmtConfig)
+
+	q := &nomadapi.QueryOptions{
+		Namespace: "default",
+	}
+
+	log.Printf("[WARN] Verifying that the generated token does not exist...")
+	_, _, err = mgmtclient.ACLTokens().Info(d.Accessor, q)
 	if err == nil {
-		t.Fatal("expected error")
+		t.Fatal("err: expected error")
 	}
 }