search

opentelekomcloud / vault-plugin-secrets-openstack

Create OpenStack tokens using HashiCorp Vault
Apache License 2.0
23 stars 6 forks source link

Vault: Rotate Static Role Credentials #100

Closed artem-lifshits closed 2 years ago

artem-lifshits commented 2 years ago

This PR add role-rotate path and relevant acceptance/unit tests, api documentation. Closes: #74

Acceptance tests (failing on unrelated info test):

Running acceptance tests... === RUN TestPlugin === RUN TestPlugin/TestCloudLifecycle === RUN TestPlugin/TestCloudLifecycle/WriteCloud === RUN TestPlugin/TestCloudLifecycle/ReadCloud === RUN TestPlugin/TestCloudLifecycle/ListClouds === RUN TestPlugin/TestCloudLifecycle/ListClouds/method-LIST === PAUSE TestPlugin/TestCloudLifecycle/ListClouds/method-LIST === RUN TestPlugin/TestCloudLifecycle/ListClouds/method-GET === PAUSE TestPlugin/TestCloudLifecycle/ListClouds/method-GET === CONT TestPlugin/TestCloudLifecycle/ListClouds/method-LIST === CONT TestPlugin/TestCloudLifecycle/ListClouds/method-GET === RUN TestPlugin/TestCloudLifecycle/DeleteCloud === RUN TestPlugin/TestCredsLifecycle === RUN TestPlugin/TestCredsLifecycle/user_password === RUN TestPlugin/TestCredsLifecycle/root_token === RUN TestPlugin/TestCredsLifecycle/user_token === RUN TestPlugin/TestInfo info_test.go:42: Error Trace: info_test.go:42 Error: Should NOT be empty, but was &{ } Test: TestPlugin/TestInfo === RUN TestPlugin/TestRoleLifecycle roles_test.go:53: Cloud with name wbnyh80fsd was created === RUN TestPlugin/TestRoleLifecycle/WriteRole === RUN TestPlugin/TestRoleLifecycle/ReadRole === RUN TestPlugin/TestRoleLifecycle/ListRoles === RUN TestPlugin/TestRoleLifecycle/ListRoles/method-LIST === PAUSE TestPlugin/TestRoleLifecycle/ListRoles/method-LIST === RUN TestPlugin/TestRoleLifecycle/ListRoles/method-GET === PAUSE TestPlugin/TestRoleLifecycle/ListRoles/method-GET === CONT TestPlugin/TestRoleLifecycle/ListRoles/method-LIST === CONT TestPlugin/TestRoleLifecycle/ListRoles/method-GET === RUN TestPlugin/TestRoleLifecycle/DeleteRole === CONT TestPlugin/TestRoleLifecycle plugin_test.go:337: Cloud with name wbnyh80fsd has been removed === RUN TestPlugin/TestRootRotate rotate_test.go:65: Cloud with name default1 was created rotate_test.go:68: Cloud with name xvoi was created plugin_test.go:337: Cloud with name xvoi has been removed plugin_test.go:337: Cloud with name default1 has been removed === RUN TestPlugin/TestStaticCredsLifecycle === RUN TestPlugin/TestStaticCredsLifecycle/user_password === RUN TestPlugin/TestStaticCredsLifecycle/user_token === RUN TestPlugin/TestStaticRoleLifecycle === RUN TestPlugin/TestStaticRoleLifecycle/WriteRole === RUN TestPlugin/TestStaticRoleLifecycle/ReadRole === RUN TestPlugin/TestStaticRoleLifecycle/ListRoles === RUN TestPlugin/TestStaticRoleLifecycle/ListRoles/method-LIST === PAUSE TestPlugin/TestStaticRoleLifecycle/ListRoles/method-LIST === RUN TestPlugin/TestStaticRoleLifecycle/ListRoles/method-GET === PAUSE TestPlugin/TestStaticRoleLifecycle/ListRoles/method-GET === CONT TestPlugin/TestStaticRoleLifecycle/ListRoles/method-LIST === CONT TestPlugin/TestStaticRoleLifecycle/ListRoles/method-GET === RUN TestPlugin/TestStaticRoleLifecycle/DeleteRole --- FAIL: TestPlugin (22.93s) --- PASS: TestPlugin/TestCloudLifecycle (0.11s) --- PASS: TestPlugin/TestCloudLifecycle/WriteCloud (0.10s) --- PASS: TestPlugin/TestCloudLifecycle/ReadCloud (0.00s) --- PASS: TestPlugin/TestCloudLifecycle/ListClouds (0.00s) --- PASS: TestPlugin/TestCloudLifecycle/ListClouds/method-LIST (0.00s) --- PASS: TestPlugin/TestCloudLifecycle/ListClouds/method-GET (0.00s) --- PASS: TestPlugin/TestCloudLifecycle/DeleteCloud (0.00s) --- PASS: TestPlugin/TestCredsLifecycle (5.89s) --- PASS: TestPlugin/TestCredsLifecycle/user_password (1.90s) --- PASS: TestPlugin/TestCredsLifecycle/root_token (0.97s) --- PASS: TestPlugin/TestCredsLifecycle/user_token (2.15s) --- FAIL: TestPlugin/TestInfo (0.00s) --- PASS: TestPlugin/TestRoleLifecycle (0.01s) --- PASS: TestPlugin/TestRoleLifecycle/WriteRole (0.00s) --- PASS: TestPlugin/TestRoleLifecycle/ReadRole (0.00s) --- PASS: TestPlugin/TestRoleLifecycle/ListRoles (0.00s) --- PASS: TestPlugin/TestRoleLifecycle/ListRoles/method-LIST (0.00s) --- PASS: TestPlugin/TestRoleLifecycle/ListRoles/method-GET (0.00s) --- PASS: TestPlugin/TestRoleLifecycle/DeleteRole (0.00s) --- PASS: TestPlugin/TestRootRotate (5.42s) --- PASS: TestPlugin/TestStaticCredsLifecycle (8.19s) --- PASS: TestPlugin/TestStaticCredsLifecycle/user_password (3.34s) --- PASS: TestPlugin/TestStaticCredsLifecycle/user_token (3.77s) --- PASS: TestPlugin/TestStaticRoleLifecycle (3.09s) --- PASS: TestPlugin/TestStaticRoleLifecycle/WriteRole (1.13s) --- PASS: TestPlugin/TestStaticRoleLifecycle/ReadRole (0.01s) --- PASS: TestPlugin/TestStaticRoleLifecycle/ListRoles (0.00s) --- PASS: TestPlugin/TestStaticRoleLifecycle/ListRoles/method-LIST (0.01s) --- PASS: TestPlugin/TestStaticRoleLifecycle/ListRoles/method-GET (0.01s) --- PASS: TestPlugin/TestStaticRoleLifecycle/DeleteRole (0.00s) FAIL FAIL github.com/opentelekomcloud/vault-plugin-secrets-openstack/acceptance 23.518s FAIL make: *** [functional] Error 1

otc-zuul[bot] commented 2 years ago

Build failed. https://zuul.otc-service.com/t/eco/buildset/0b0c2a482a09477ab938b473c185db25

:heavy_check_mark: build-sphinx-docs SUCCESS in 3m 21s :heavy_check_mark: otc-golangci-lint SUCCESS in 1m 47s :heavy_check_mark: golang-make-vet SUCCESS in 1m 44s :x: golang-make-test FAILURE in 1m 49s :heavy_check_mark: goreleaser-build SUCCESS in 4m 27s

Aloento commented 2 years ago 
 Running unit tests...
 --- FAIL: TestRotateStaticCredentials_error (0.00s)
     --- FAIL: TestRotateStaticCredentials_error/read-fail (0.00s)
 panic: http: multiple registrations for /v3/auth/tokens [recovered]
    panic: http: multiple registrations for /v3/auth/tokens

 goroutine 165 [running]:
 testing.tRunner.func1.2({0xa6a8a0, 0xc000137fe0})
    /usr/local/go/src/testing/testing.go:1389 +0x24e
 testing.tRunner.func1()
    /usr/local/go/src/testing/testing.go:1392 +0x39f
 panic({0xa6a8a0, 0xc000137fe0})
    /usr/local/go/src/runtime/panic.go:838 +0x207
 net/http.(*ServeMux).Handle(0xc0002af300, {0xb70e23, 0xf}, {0xc71160?, 0xc0001875f0})
    /usr/local/go/src/net/http/server.go:2478 +0x226
 net/http.(*ServeMux).HandleFunc(...)
    /usr/local/go/src/net/http/server.go:2515
 github.com/opentelekomcloud/vault-plugin-secrets-openstack/openstack/fixtures.SetupKeystoneMock(0xc00042e820?, {0xc000035200?, 0x24?}, {0xc000527206?, 0x6?}, {0x0, 0x0, 0x0, 0x0, 0x0, ...})
    /root/src/github.com/opentelekomcloud/vault-plugin-secrets-openstack/openstack/fixtures/helpers.go:253 +0x191
 github.com/opentelekomcloud/vault-plugin-secrets-openstack/openstack.TestRotateStaticCredentials_error.func1(0x1?)
    /root/src/github.com/opentelekomcloud/vault-plugin-secrets-openstack/openstack/path_static_creds_test.go:212 +0xa6
 testing.tRunner(0xc00042e820, 0xbb5e00)
    /usr/local/go/src/testing/testing.go:1439 +0x102
 created by testing.(*T).Run
    /usr/local/go/src/testing/testing.go:1486 +0x35f
 FAIL   github.com/opentelekomcloud/vault-plugin-secrets-openstack/openstack    0.041s
 ?      github.com/opentelekomcloud/vault-plugin-secrets-openstack/openstack/fixtures   [no test files]
 FAIL
 make: *** [Makefile:44: test] Error 1
 ERROR
 {
   "delta": "0:00:31.330172",
   "end": "2022-08-18 18:33:20.050509",
   "msg": "non-zero return code",
   "rc": 2,
   "start": "2022-08-18 18:32:48.720337"
 }
artem-lifshits commented 2 years ago

Yeah looks like t.Parallel fails unit tests... Locally everything was working fine. I've removed it in the latest commit.

otc-zuul[bot] commented 2 years ago

Build succeeded. https://zuul.otc-service.com/t/eco/buildset/e6fdbbd2b04a44a2bece0dbcb6757bcf

:heavy_check_mark: build-sphinx-docs SUCCESS in 3m 25s :heavy_check_mark: otc-golangci-lint SUCCESS in 1m 47s :heavy_check_mark: golang-make-vet SUCCESS in 1m 47s :heavy_check_mark: golang-make-test SUCCESS in 1m 52s :heavy_check_mark: goreleaser-build SUCCESS in 4m 23s