From a16c1954e3090e96a4aec1a820d5aa7821313ece Mon Sep 17 00:00:00 2001 From: JM Faircloth Date: Mon, 11 Apr 2022 08:41:52 -0500 Subject: [PATCH] add multiplexed backend test --- builtin/plugin/backend_test.go | 66 +++++++++++++++++++++++++++------- 1 file changed, 53 insertions(+), 13 deletions(-) diff --git a/builtin/plugin/backend_test.go b/builtin/plugin/backend_test.go index 9354463bf349a..ef05f748bf652 100644 --- a/builtin/plugin/backend_test.go +++ b/builtin/plugin/backend_test.go @@ -24,26 +24,66 @@ func TestBackend_impl(t *testing.T) { } func TestBackend(t *testing.T) { - config, cleanup := testConfig(t) - defer cleanup() - - _, err := plugin.Backend(context.Background(), config) - if err != nil { - t.Fatal(err) + pluginCmds := []string{"TestBackend_PluginMain", "TestBackend_PluginMain_Multiplexed"} + + for _, pluginCmd := range pluginCmds { + t.Run(pluginCmd, func(t *testing.T) { + config, cleanup := testConfig(t, pluginCmd) + defer cleanup() + + _, err := plugin.Backend(context.Background(), config) + if err != nil { + t.Fatal(err) + } + }) } } func TestBackend_Factory(t *testing.T) { - config, cleanup := testConfig(t) - defer cleanup() + pluginCmds := []string{"TestBackend_PluginMain", "TestBackend_PluginMain_Multiplexed"} + + for _, pluginCmd := range pluginCmds { + t.Run(pluginCmd, func(t *testing.T) { + config, cleanup := testConfig(t, pluginCmd) + defer cleanup() + + _, err := plugin.Factory(context.Background(), config) + if err != nil { + t.Fatal(err) + } + }) + } +} + +func TestBackend_PluginMain(t *testing.T) { + args := []string{} + if os.Getenv(pluginutil.PluginUnwrapTokenEnv) == "" && os.Getenv(pluginutil.PluginMetadataModeEnv) != "true" { + return + } + + caPEM := os.Getenv(pluginutil.PluginCACertPEMEnv) + if caPEM == "" { + t.Fatal("CA cert not passed in") + } + + args = append(args, fmt.Sprintf("--ca-cert=%s", caPEM)) - _, err := plugin.Factory(context.Background(), config) + apiClientMeta := &api.PluginAPIClientMeta{} + flags := apiClientMeta.FlagSet() + flags.Parse(args) + tlsConfig := apiClientMeta.GetTLSConfig() + tlsProviderFunc := api.VaultPluginTLSProvider(tlsConfig) + + err := logicalPlugin.Serve(&logicalPlugin.ServeOpts{ + BackendFactoryFunc: mock.Factory, + TLSProviderFunc: tlsProviderFunc, + }) if err != nil { t.Fatal(err) } } -func TestBackend_PluginMain(t *testing.T) { +func TestBackend_PluginMain_Multiplexed(t *testing.T) { args := []string{} if os.Getenv(pluginutil.PluginUnwrapTokenEnv) == "" && os.Getenv(pluginutil.PluginMetadataModeEnv) != "true" { return @@ -62,7 +102,7 @@ func TestBackend_PluginMain(t *testing.T) { tlsConfig := apiClientMeta.GetTLSConfig() tlsProviderFunc := api.VaultPluginTLSProvider(tlsConfig) - err := logicalPlugin.Serve(&logicalPlugin.ServeOpts{ + err := logicalPlugin.ServeMultiplex(&logicalPlugin.ServeOpts{ BackendFactoryFunc: mock.Factory, TLSProviderFunc: tlsProviderFunc, }) @@ -71,7 +111,7 @@ func TestBackend_PluginMain(t *testing.T) { } } -func testConfig(t *testing.T) (*logical.BackendConfig, func()) { +func testConfig(t *testing.T, pluginCmd string) (*logical.BackendConfig, func()) { cluster := vault.NewTestCluster(t, nil, &vault.TestClusterOptions{ HandlerFunc: vaulthttp.Handler, }) @@ -93,7 +133,7 @@ func testConfig(t *testing.T) (*logical.BackendConfig, func()) { os.Setenv(pluginutil.PluginCACertPEMEnv, cluster.CACertPEMFile) - vault.TestAddTestPlugin(t, core.Core, "mock-plugin", consts.PluginTypeSecrets, "TestBackend_PluginMain", []string{}, "") + vault.TestAddTestPlugin(t, core.Core, "mock-plugin", consts.PluginTypeSecrets, pluginCmd, []string{}, "") return config, func() { cluster.Cleanup()