search

jfrog / vault-plugin-secrets-artifactory

HashiCorp Vault Secrets Plugin for Artifactory
https://jfrog.com
Apache License 2.0
41 stars 20 forks source link

fix: dont emit empty strings when reading role #66

Closed TJM closed 1 year ago

TJM commented 1 year ago

Now when the role is read, it looks like:

$ vault read artifactory/roles/test
Key            Value
---            -----
default_ttl    2h
max_ttl        3h
role           test
scope          applied-permissions/groups:readers
TJM commented 1 year ago

:shipit:

Out of interest, have you tried running acceptance tests using make acceptance? Want to know if it works for others outside JFrog dev team.

I just tried it, and it didn't go well.. I had "make start" in one window, "make artifactory" and "make setup" were done, but "make acceptance" failed a lot :)

[tmcneely@local artifactory-secrets-plugin]$ make acceptance
export VAULT_ACC=true && \
        go test -run TestAcceptance -cover -coverprofile=coverage.txt -v -p 1 -timeout 5m ./...
Logging in to Artifactory (http://localhost:8082) as admin ...
Generating artifactory admin access token.
=== RUN   TestAcceptanceBackend_PathRotate
2023-04-18T11:06:27.005-0600 [WARN]  error making system version request: response=<nil> err="parse "": empty url"
    test_utils.go:44: parse "": empty url
--- FAIL: TestAcceptanceBackend_PathRotate (0.00s)
=== RUN   TestAcceptanceBackend_PathConfig
=== RUN   TestAcceptanceBackend_PathConfig/update
    test_utils.go:91:
            Error Trace:    test_utils.go:91
            Error:          Expected nil, but got: &logical.Response{Secret:<nil>, Auth:<nil>, Data:map[string]interface {}{"error":"access_token is required"}, Redirect:"", Warnings:[]string(nil), WrapInfo:(*wrapping.ResponseWrapInfo)(nil), Headers:map[string][]string(nil)}
            Test:           TestAcceptanceBackend_PathConfig/update
=== RUN   TestAcceptanceBackend_PathConfig/read
    test_utils.go:103:
            Error Trace:    test_utils.go:103
            Error:          Should NOT be empty, but was <nil>
            Test:           TestAcceptanceBackend_PathConfig/read
=== RUN   TestAcceptanceBackend_PathConfig/delete
--- FAIL: TestAcceptanceBackend_PathConfig (0.00s)
    --- FAIL: TestAcceptanceBackend_PathConfig/update (0.00s)
    --- FAIL: TestAcceptanceBackend_PathConfig/read (0.00s)
    --- PASS: TestAcceptanceBackend_PathConfig/delete (0.00s)
=== RUN   TestAcceptanceBackend_PathRole
=== RUN   TestAcceptanceBackend_PathRole/configure_backend
    test_utils.go:91:
            Error Trace:    test_utils.go:91
            Error:          Expected nil, but got: &logical.Response{Secret:<nil>, Auth:<nil>, Data:map[string]interface {}{"error":"access_token is required"}, Redirect:"", Warnings:[]string(nil), WrapInfo:(*wrapping.ResponseWrapInfo)(nil), Headers:map[string][]string(nil)}
            Test:           TestAcceptanceBackend_PathRole/configure_backend
=== RUN   TestAcceptanceBackend_PathRole/create
    test_utils.go:202:
            Error Trace:    test_utils.go:202
            Error:          Expected nil, but got: &logical.Response{Secret:<nil>, Auth:<nil>, Data:map[string]interface {}{"error":"backend not configured"}, Redirect:"", Warnings:[]string{"Endpoint replaced the value of these parameters with the values captured from the endpoint's path: [role]"}, WrapInfo:(*wrapping.ResponseWrapInfo)(nil), Headers:map[string][]string(nil)}
            Test:           TestAcceptanceBackend_PathRole/create
=== RUN   TestAcceptanceBackend_PathRole/read
    test_utils.go:212:
            Error Trace:    test_utils.go:212
            Error:          Expected value not to be nil.
            Test:           TestAcceptanceBackend_PathRole/read
--- FAIL: TestAcceptanceBackend_PathRole (0.00s)
    --- FAIL: TestAcceptanceBackend_PathRole/configure_backend (0.00s)
    --- FAIL: TestAcceptanceBackend_PathRole/create (0.00s)
    --- FAIL: TestAcceptanceBackend_PathRole/read (0.00s)
panic: runtime error: invalid memory address or nil pointer dereference [recovered]
    panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x10 pc=0x1641e51]

goroutine 26 [running]:
testing.tRunner.func1.2({0x16e2b60, 0x1d06900})
    /Users/tmcneely/.asdf/installs/golang/1.20.3/go/src/testing/testing.go:1526 +0x24e
testing.tRunner.func1()
    /Users/tmcneely/.asdf/installs/golang/1.20.3/go/src/testing/testing.go:1529 +0x39f
panic({0x16e2b60, 0x1d06900})
    /Users/tmcneely/.asdf/installs/golang/1.20.3/go/src/runtime/panic.go:884 +0x213
github.com/jfrog/artifactory-secrets-plugin.(*accTestEnv).ReadPathRole(0xc0002a6d20, 0x10cdc17?)
    /Users/tmcneely/Projects/Artifactory/artifactory-secrets-plugin/test_utils.go:215 +0x131
testing.tRunner(0xc00026fd40, 0xc000297170)
    /Users/tmcneely/.asdf/installs/golang/1.20.3/go/src/testing/testing.go:1576 +0x10b
created by testing.(*T).Run
    /Users/tmcneely/.asdf/installs/golang/1.20.3/go/src/testing/testing.go:1629 +0x3ea
FAIL    github.com/jfrog/artifactory-secrets-plugin 0.486s
?       github.com/jfrog/artifactory-secrets-plugin/cmd/artifactory [no test files]
FAIL
make: *** [acceptance] Error 1

NOTE: Vault and Artifactory are still running, it was the test that segfaulted. (second paste, I added the exports for ARTIFACTORY_URL and JFROG_ACCESS_TOKEN

EDIT: This has been fixed, see below. The variables are actually JFROG_URL and ARTIFACTORY_ACCESS_TOKEN (we will change that in a future MR)