mirror of https://github.com/hashicorp/consul
command/keyring: remove unneeded -wan arg, fix tests
parent
f86904ee59
commit
a163db2269
|
@ -109,7 +109,7 @@ type joinResponse struct {
|
||||||
Num int32
|
Num int32
|
||||||
}
|
}
|
||||||
|
|
||||||
type keyRequest struct {
|
type keyringRequest struct {
|
||||||
Key string
|
Key string
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -136,7 +136,7 @@ type KeyringInfo struct {
|
||||||
Error string
|
Error string
|
||||||
}
|
}
|
||||||
|
|
||||||
type keyResponse struct {
|
type keyringResponse struct {
|
||||||
Keys []KeyringEntry
|
Keys []KeyringEntry
|
||||||
Messages []KeyringMessage
|
Messages []KeyringMessage
|
||||||
Info []KeyringInfo
|
Info []KeyringInfo
|
||||||
|
@ -626,9 +626,9 @@ func (i *AgentRPC) handleReload(client *rpcClient, seq uint64) error {
|
||||||
}
|
}
|
||||||
|
|
||||||
func (i *AgentRPC) handleKeyring(client *rpcClient, seq uint64, cmd string) error {
|
func (i *AgentRPC) handleKeyring(client *rpcClient, seq uint64, cmd string) error {
|
||||||
var req keyRequest
|
var req keyringRequest
|
||||||
var queryResp *structs.KeyringResponses
|
var queryResp *structs.KeyringResponses
|
||||||
var r keyResponse
|
var r keyringResponse
|
||||||
var err error
|
var err error
|
||||||
|
|
||||||
if cmd != listKeysCommand {
|
if cmd != listKeysCommand {
|
||||||
|
|
|
@ -176,45 +176,45 @@ func (c *RPCClient) WANMembers() ([]Member, error) {
|
||||||
return resp.Members, err
|
return resp.Members, err
|
||||||
}
|
}
|
||||||
|
|
||||||
func (c *RPCClient) ListKeys() (keyResponse, error) {
|
func (c *RPCClient) ListKeys() (keyringResponse, error) {
|
||||||
header := requestHeader{
|
header := requestHeader{
|
||||||
Command: listKeysCommand,
|
Command: listKeysCommand,
|
||||||
Seq: c.getSeq(),
|
Seq: c.getSeq(),
|
||||||
}
|
}
|
||||||
var resp keyResponse
|
var resp keyringResponse
|
||||||
err := c.genericRPC(&header, nil, &resp)
|
err := c.genericRPC(&header, nil, &resp)
|
||||||
return resp, err
|
return resp, err
|
||||||
}
|
}
|
||||||
|
|
||||||
func (c *RPCClient) InstallKey(key string) (keyResponse, error) {
|
func (c *RPCClient) InstallKey(key string) (keyringResponse, error) {
|
||||||
header := requestHeader{
|
header := requestHeader{
|
||||||
Command: installKeyCommand,
|
Command: installKeyCommand,
|
||||||
Seq: c.getSeq(),
|
Seq: c.getSeq(),
|
||||||
}
|
}
|
||||||
req := keyRequest{key}
|
req := keyringRequest{key}
|
||||||
var resp keyResponse
|
var resp keyringResponse
|
||||||
err := c.genericRPC(&header, &req, &resp)
|
err := c.genericRPC(&header, &req, &resp)
|
||||||
return resp, err
|
return resp, err
|
||||||
}
|
}
|
||||||
|
|
||||||
func (c *RPCClient) UseKey(key string) (keyResponse, error) {
|
func (c *RPCClient) UseKey(key string) (keyringResponse, error) {
|
||||||
header := requestHeader{
|
header := requestHeader{
|
||||||
Command: useKeyCommand,
|
Command: useKeyCommand,
|
||||||
Seq: c.getSeq(),
|
Seq: c.getSeq(),
|
||||||
}
|
}
|
||||||
req := keyRequest{key}
|
req := keyringRequest{key}
|
||||||
var resp keyResponse
|
var resp keyringResponse
|
||||||
err := c.genericRPC(&header, &req, &resp)
|
err := c.genericRPC(&header, &req, &resp)
|
||||||
return resp, err
|
return resp, err
|
||||||
}
|
}
|
||||||
|
|
||||||
func (c *RPCClient) RemoveKey(key string) (keyResponse, error) {
|
func (c *RPCClient) RemoveKey(key string) (keyringResponse, error) {
|
||||||
header := requestHeader{
|
header := requestHeader{
|
||||||
Command: removeKeyCommand,
|
Command: removeKeyCommand,
|
||||||
Seq: c.getSeq(),
|
Seq: c.getSeq(),
|
||||||
}
|
}
|
||||||
req := keyRequest{key}
|
req := keyringRequest{key}
|
||||||
var resp keyResponse
|
var resp keyringResponse
|
||||||
err := c.genericRPC(&header, &req, &resp)
|
err := c.genericRPC(&header, &req, &resp)
|
||||||
return resp, err
|
return resp, err
|
||||||
}
|
}
|
||||||
|
|
|
@ -403,7 +403,7 @@ func listKeys(t *testing.T, c *RPCClient) map[string]map[string]int {
|
||||||
return out
|
return out
|
||||||
}
|
}
|
||||||
|
|
||||||
func keyringError(t *testing.T, r keyResponse) {
|
func keyringError(t *testing.T, r keyringResponse) {
|
||||||
for _, i := range r.Info {
|
for _, i := range r.Info {
|
||||||
if i.Error == "" {
|
if i.Error == "" {
|
||||||
t.Fatalf("no error reported from %s (%s)", i.Datacenter, i.Pool)
|
t.Fatalf("no error reported from %s (%s)", i.Datacenter, i.Pool)
|
||||||
|
@ -411,7 +411,7 @@ func keyringError(t *testing.T, r keyResponse) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func keyringSuccess(t *testing.T, r keyResponse) {
|
func keyringSuccess(t *testing.T, r keyringResponse) {
|
||||||
for _, i := range r.Info {
|
for _, i := range r.Info {
|
||||||
if i.Error != "" {
|
if i.Error != "" {
|
||||||
t.Fatalf("error from %s (%s): %s", i.Datacenter, i.Pool, i.Error)
|
t.Fatalf("error from %s (%s): %s", i.Datacenter, i.Pool, i.Error)
|
||||||
|
|
|
@ -28,7 +28,7 @@ type KeyringCommand struct {
|
||||||
|
|
||||||
func (c *KeyringCommand) Run(args []string) int {
|
func (c *KeyringCommand) Run(args []string) int {
|
||||||
var installKey, useKey, removeKey, init, dataDir string
|
var installKey, useKey, removeKey, init, dataDir string
|
||||||
var listKeys, wan bool
|
var listKeys bool
|
||||||
|
|
||||||
cmdFlags := flag.NewFlagSet("keys", flag.ContinueOnError)
|
cmdFlags := flag.NewFlagSet("keys", flag.ContinueOnError)
|
||||||
cmdFlags.Usage = func() { c.Ui.Output(c.Help()) }
|
cmdFlags.Usage = func() { c.Ui.Output(c.Help()) }
|
||||||
|
@ -39,7 +39,6 @@ func (c *KeyringCommand) Run(args []string) int {
|
||||||
cmdFlags.BoolVar(&listKeys, "list", false, "list keys")
|
cmdFlags.BoolVar(&listKeys, "list", false, "list keys")
|
||||||
cmdFlags.StringVar(&init, "init", "", "initialize keyring")
|
cmdFlags.StringVar(&init, "init", "", "initialize keyring")
|
||||||
cmdFlags.StringVar(&dataDir, "data-dir", "", "data directory")
|
cmdFlags.StringVar(&dataDir, "data-dir", "", "data directory")
|
||||||
cmdFlags.BoolVar(&wan, "wan", false, "operate on wan keyring")
|
|
||||||
|
|
||||||
rpcAddr := RPCAddrFlag(cmdFlags)
|
rpcAddr := RPCAddrFlag(cmdFlags)
|
||||||
if err := cmdFlags.Parse(args); err != nil {
|
if err := cmdFlags.Parse(args); err != nil {
|
||||||
|
@ -281,8 +280,8 @@ Usage: consul keyring [options]
|
||||||
without disrupting the cluster.
|
without disrupting the cluster.
|
||||||
|
|
||||||
With the exception of the -init argument, all operations performed by this
|
With the exception of the -init argument, all operations performed by this
|
||||||
command can only be run against server nodes. All operations default to the
|
command can only be run against server nodes, and affect both the LAN and
|
||||||
LAN gossip pool.
|
WAN keyrings in lock-step.
|
||||||
|
|
||||||
Options:
|
Options:
|
||||||
|
|
||||||
|
@ -298,8 +297,6 @@ Options:
|
||||||
-init=<key> Create the initial keyring files for Consul to use
|
-init=<key> Create the initial keyring files for Consul to use
|
||||||
containing the provided key. The -data-dir argument
|
containing the provided key. The -data-dir argument
|
||||||
is required with this option.
|
is required with this option.
|
||||||
-wan Operate on the WAN keyring instead of the LAN
|
|
||||||
keyring (default).
|
|
||||||
-rpc-addr=127.0.0.1:8400 RPC address of the Consul agent.
|
-rpc-addr=127.0.0.1:8400 RPC address of the Consul agent.
|
||||||
`
|
`
|
||||||
return strings.TrimSpace(helpText)
|
return strings.TrimSpace(helpText)
|
||||||
|
|
|
@ -24,9 +24,12 @@ func TestKeyringCommandRun(t *testing.T) {
|
||||||
a1 := testAgentWithConfig(&conf, t)
|
a1 := testAgentWithConfig(&conf, t)
|
||||||
defer a1.Shutdown()
|
defer a1.Shutdown()
|
||||||
|
|
||||||
// The keyring was initialized with only the provided key
|
// The LAN and WAN keyrings were initialized with key1
|
||||||
out := listKeys(t, a1.addr, false)
|
out := listKeys(t, a1.addr)
|
||||||
if !strings.Contains(out, key1) {
|
if !strings.Contains(out, "dc1 (LAN):\n"+key1) {
|
||||||
|
t.Fatalf("bad: %#v", out)
|
||||||
|
}
|
||||||
|
if !strings.Contains(out, "WAN:\n"+key1) {
|
||||||
t.Fatalf("bad: %#v", out)
|
t.Fatalf("bad: %#v", out)
|
||||||
}
|
}
|
||||||
if strings.Contains(out, key2) {
|
if strings.Contains(out, key2) {
|
||||||
|
@ -34,51 +37,26 @@ func TestKeyringCommandRun(t *testing.T) {
|
||||||
}
|
}
|
||||||
|
|
||||||
// Install the second key onto the keyring
|
// Install the second key onto the keyring
|
||||||
installKey(t, a1.addr, key2, false)
|
installKey(t, a1.addr, key2)
|
||||||
|
|
||||||
// Both keys should be present
|
// Both keys should be present
|
||||||
out = listKeys(t, a1.addr, false)
|
out = listKeys(t, a1.addr)
|
||||||
for _, key := range []string{key1, key2} {
|
for _, key := range []string{key1, key2} {
|
||||||
if !strings.Contains(out, key) {
|
if !strings.Contains(out, key) {
|
||||||
t.Fatalf("bad: %#v", out)
|
t.Fatalf("bad: %#v", out)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// WAN keyring is untouched
|
// Rotate to key2, remove key1
|
||||||
out = listKeys(t, a1.addr, true)
|
useKey(t, a1.addr, key2)
|
||||||
if strings.Contains(out, key2) {
|
removeKey(t, a1.addr, key1)
|
||||||
|
|
||||||
|
// Only key2 is present now
|
||||||
|
out = listKeys(t, a1.addr)
|
||||||
|
if !strings.Contains(out, "dc1 (LAN):\n"+key2) {
|
||||||
t.Fatalf("bad: %#v", out)
|
t.Fatalf("bad: %#v", out)
|
||||||
}
|
}
|
||||||
|
if !strings.Contains(out, "WAN:\n"+key2) {
|
||||||
// Change out the primary key
|
|
||||||
useKey(t, a1.addr, key2, false)
|
|
||||||
|
|
||||||
// Remove the original key
|
|
||||||
removeKey(t, a1.addr, key1, false)
|
|
||||||
|
|
||||||
// Make sure only the new key is present
|
|
||||||
out = listKeys(t, a1.addr, false)
|
|
||||||
if strings.Contains(out, key1) {
|
|
||||||
t.Fatalf("bad: %#v", out)
|
|
||||||
}
|
|
||||||
if !strings.Contains(out, key2) {
|
|
||||||
t.Fatalf("bad: %#v", out)
|
|
||||||
}
|
|
||||||
|
|
||||||
// WAN keyring is still untouched
|
|
||||||
out = listKeys(t, a1.addr, true)
|
|
||||||
if !strings.Contains(out, key1) {
|
|
||||||
t.Fatalf("bad: %#v", out)
|
|
||||||
}
|
|
||||||
|
|
||||||
// Rotate out the WAN key
|
|
||||||
installKey(t, a1.addr, key2, true)
|
|
||||||
useKey(t, a1.addr, key2, true)
|
|
||||||
removeKey(t, a1.addr, key1, true)
|
|
||||||
|
|
||||||
// WAN keyring now has only the proper key
|
|
||||||
out = listKeys(t, a1.addr, true)
|
|
||||||
if !strings.Contains(out, key2) {
|
|
||||||
t.Fatalf("bad: %#v", out)
|
t.Fatalf("bad: %#v", out)
|
||||||
}
|
}
|
||||||
if strings.Contains(out, key1) {
|
if strings.Contains(out, key1) {
|
||||||
|
@ -179,15 +157,11 @@ func TestKeyringCommandRun_initKeyring(t *testing.T) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func listKeys(t *testing.T, addr string, wan bool) string {
|
func listKeys(t *testing.T, addr string) string {
|
||||||
ui := new(cli.MockUi)
|
ui := new(cli.MockUi)
|
||||||
c := &KeyringCommand{Ui: ui}
|
c := &KeyringCommand{Ui: ui}
|
||||||
|
|
||||||
args := []string{"-list", "-rpc-addr=" + addr}
|
args := []string{"-list", "-rpc-addr=" + addr}
|
||||||
if wan {
|
|
||||||
args = append(args, "-wan")
|
|
||||||
}
|
|
||||||
|
|
||||||
code := c.Run(args)
|
code := c.Run(args)
|
||||||
if code != 0 {
|
if code != 0 {
|
||||||
t.Fatalf("bad: %d. %#v", code, ui.ErrorWriter.String())
|
t.Fatalf("bad: %d. %#v", code, ui.ErrorWriter.String())
|
||||||
|
@ -196,45 +170,33 @@ func listKeys(t *testing.T, addr string, wan bool) string {
|
||||||
return ui.OutputWriter.String()
|
return ui.OutputWriter.String()
|
||||||
}
|
}
|
||||||
|
|
||||||
func installKey(t *testing.T, addr string, key string, wan bool) {
|
func installKey(t *testing.T, addr string, key string) {
|
||||||
ui := new(cli.MockUi)
|
ui := new(cli.MockUi)
|
||||||
c := &KeyringCommand{Ui: ui}
|
c := &KeyringCommand{Ui: ui}
|
||||||
|
|
||||||
args := []string{"-install=" + key, "-rpc-addr=" + addr}
|
args := []string{"-install=" + key, "-rpc-addr=" + addr}
|
||||||
if wan {
|
|
||||||
args = append(args, "-wan")
|
|
||||||
}
|
|
||||||
|
|
||||||
code := c.Run(args)
|
code := c.Run(args)
|
||||||
if code != 0 {
|
if code != 0 {
|
||||||
t.Fatalf("bad: %d. %#v", code, ui.ErrorWriter.String())
|
t.Fatalf("bad: %d. %#v", code, ui.ErrorWriter.String())
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func useKey(t *testing.T, addr string, key string, wan bool) {
|
func useKey(t *testing.T, addr string, key string) {
|
||||||
ui := new(cli.MockUi)
|
ui := new(cli.MockUi)
|
||||||
c := &KeyringCommand{Ui: ui}
|
c := &KeyringCommand{Ui: ui}
|
||||||
|
|
||||||
args := []string{"-use=" + key, "-rpc-addr=" + addr}
|
args := []string{"-use=" + key, "-rpc-addr=" + addr}
|
||||||
if wan {
|
|
||||||
args = append(args, "-wan")
|
|
||||||
}
|
|
||||||
|
|
||||||
code := c.Run(args)
|
code := c.Run(args)
|
||||||
if code != 0 {
|
if code != 0 {
|
||||||
t.Fatalf("bad: %d. %#v", code, ui.ErrorWriter.String())
|
t.Fatalf("bad: %d. %#v", code, ui.ErrorWriter.String())
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func removeKey(t *testing.T, addr string, key string, wan bool) {
|
func removeKey(t *testing.T, addr string, key string) {
|
||||||
ui := new(cli.MockUi)
|
ui := new(cli.MockUi)
|
||||||
c := &KeyringCommand{Ui: ui}
|
c := &KeyringCommand{Ui: ui}
|
||||||
|
|
||||||
args := []string{"-remove=" + key, "-rpc-addr=" + addr}
|
args := []string{"-remove=" + key, "-rpc-addr=" + addr}
|
||||||
if wan {
|
|
||||||
args = append(args, "-wan")
|
|
||||||
}
|
|
||||||
|
|
||||||
code := c.Run(args)
|
code := c.Run(args)
|
||||||
if code != 0 {
|
if code != 0 {
|
||||||
t.Fatalf("bad: %d. %#v", code, ui.ErrorWriter.String())
|
t.Fatalf("bad: %d. %#v", code, ui.ErrorWriter.String())
|
||||||
|
|
Loading…
Reference in New Issue