mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-09-05 05:51:09 +02:00
Code Issues Projects Releases Wiki Activity
vault/serviceregistration/kubernetes/testing
History
hashicorp-copywrite[bot] 0b12cdcfd1
[COMPLIANCE] License changes (#22290) 
* Adding explicit MPL license for sub-package.

This directory and its subdirectories (packages) contain files licensed with the MPLv2 `LICENSE` file in this directory and are intentionally licensed separately from the BSL `LICENSE` file at the root of this repository.

* Adding explicit MPL license for sub-package.

This directory and its subdirectories (packages) contain files licensed with the MPLv2 `LICENSE` file in this directory and are intentionally licensed separately from the BSL `LICENSE` file at the root of this repository.

* Updating the license from MPL to Business Source License.

Going forward, this project will be licensed under the Business Source License v1.1. Please see our blog post for more details at https://hashi.co/bsl-blog, FAQ at www.hashicorp.com/licensing-faq, and details of the license at www.hashicorp.com/bsl.

* add missing license headers

* Update copyright file headers to BUS-1.1

* Fix test that expected exact offset on hcl file

---------

Co-authored-by: hashicorp-copywrite[bot] <110428419+hashicorp-copywrite[bot]@users.noreply.github.com>
Co-authored-by: Sarah Thompson <sthompson@hashicorp.com>
Co-authored-by: Brian Kassouf <bkassouf@hashicorp.com>
2023-08-10 18:14:03 -07:00
..
ca.crt
Add Kubernetes service registration (#8249)
2020-02-13 09:56:29 -08:00
README.md
Add Kubernetes service registration (#8249)
2020-02-13 09:56:29 -08:00
resp-get-pod.json
Add Kubernetes service registration (#8249)
2020-02-13 09:56:29 -08:00
resp-not-found.json
Add Kubernetes service registration (#8249)
2020-02-13 09:56:29 -08:00
resp-update-pod.json
Add Kubernetes service registration (#8249)
2020-02-13 09:56:29 -08:00
testserver.go
[COMPLIANCE] License changes (#22290)
2023-08-10 18:14:03 -07:00
token
Add Kubernetes service registration (#8249)
2020-02-13 09:56:29 -08:00

README.md

How to Test Manually

  • $ minikube start
  • In the Vault folder, $ make dev XC_ARCH=amd64 XC_OS=linux XC_OSARCH=linux/amd64
  • Create a file called vault-test.yaml with the following contents:
apiVersion: v1
kind: Pod
metadata:
  name: vault
spec:
  containers:
    - name: nginx
      image: nginx
      command: [ "sh", "-c"]
      args:
      - while true; do
          echo -en '\n';
          printenv VAULT_K8S_POD_NAME VAULT_K8S_NAMESPACE;
          sleep 10;
        done;
      env:
        - name: VAULT_K8S_POD_NAME
          valueFrom:
            fieldRef:
              fieldPath: metadata.name
        - name: VAULT_K8S_NAMESPACE
          valueFrom:
            fieldRef:
              fieldPath: metadata.namespace
  restartPolicy: Never
  • Create the pod: $ kubectl apply -f vault-test.yaml
  • View the full initial state of the pod: $ kubectl get pod vault -o=yaml > initialstate.txt
  • Drop the Vault binary into the pod: $ kubectl cp bin/vault /vault:/
  • Drop to the shell within the pod: $ kubectl exec -it vault -- /bin/bash
  • Install a text editor: $ apt-get update, $ apt-get install nano
  • Write a test Vault config to vault.config like:
storage "inmem" {}
service_registration "kubernetes" {}
disable_mlock = true
ui = true
api_addr = "http://127.0.0.1:8200"
log_level = "debug"
  • Run Vault: $ ./vault server -config=vault.config -dev -dev-root-token-id=root
  • If 403's are received, you may need to grant RBAC, example here: https://github.com/fabric8io/fabric8/issues/6840#issuecomment-307560275
  • In a separate window outside the pod, view the resulting state of the pod: $ kubectl get pod vault -o=yaml > currentstate.txt
  • View the differences: $ diff initialstate.txt currentstate.txt