etcdctl, e2e: parse auth related options in endpoint health command

Partially fixes https://github.com/coreos/etcd/issues/6611
2024-09-27 06:25:44 +00:00 · 2016-10-08 21:10:05 +09:00 · 2016-10-08 21:10:05 +09:00 · 644ec0ddef
commit 644ec0ddef
parent ac4d39cfb0
2 changed files with 33 additions and 1 deletions
--- a/e2e/ctl_v3_endpoint_test.go
+++ b/e2e/ctl_v3_endpoint_test.go
@ -21,6 +21,9 @@ import (

 func TestCtlV3EndpointHealth(t *testing.T) { testCtl(t, endpointHealthTest, withQuorum()) }
 func TestCtlV3EndpointStatus(t *testing.T) { testCtl(t, endpointStatusTest, withQuorum()) }
+func TestCtlV3EndpointHealthWithAuth(t *testing.T) {
+	testCtl(t, endpointHealthTestWithAuth, withQuorum())
+}

 func endpointHealthTest(cx ctlCtx) {
 	if err := ctlV3EndpointHealth(cx); err != nil {
@ -52,3 +55,31 @@ func ctlV3EndpointStatus(cx ctlCtx) error {
 	}
 	return spawnWithExpects(cmdArgs, eps...)
 }
+
+func ctlV3EndpointHealthFailPermissionDenied(cx ctlCtx) error {
+	cmdArgs := append(cx.PrefixArgs(), "endpoint", "health")
+	lines := make([]string, cx.epc.cfg.clusterSize)
+	for i := range lines {
+		lines[i] = "is unhealthy: failed to commit proposal: etcdserver: permission denied"
+	}
+	return spawnWithExpects(cmdArgs, lines...)
+}
+
+func endpointHealthTestWithAuth(cx ctlCtx) {
+	if err := authEnable(cx); err != nil {
+		cx.t.Fatal(err)
+	}
+
+	cx.user, cx.pass = "root", "root"
+	authSetupTestUser(cx)
+
+	if err := ctlV3EndpointHealth(cx); err != nil {
+		cx.t.Fatalf("endpointStatusTest ctlV3EndpointHealth error (%v)", err)
+	}
+
+	// health checking with an ordinal user must fail because the user isn't granted a permission of the key "health"
+	cx.user, cx.pass = "test-user", "pass"
+	if err := ctlV3EndpointHealthFailPermissionDenied(cx); err != nil {
+		cx.t.Fatalf("endpointStatusTest ctlV3EndpointHealth error (%v)", err)
+	}
+}
--- a/etcdctl/ctlv3/command/ep_command.go
+++ b/etcdctl/ctlv3/command/ep_command.go
@ -68,9 +68,10 @@ func epHealthCommandFunc(cmd *cobra.Command, args []string) {

 	sec := secureCfgFromCmd(cmd)
 	dt := dialTimeoutFromCmd(cmd)
+	auth := authCfgFromCmd(cmd)
 	cfgs := []*v3.Config{}
 	for _, ep := range endpoints {
-		cfg, err := newClientCfg([]string{ep}, dt, sec, nil)
+		cfg, err := newClientCfg([]string{ep}, dt, sec, auth)
 		if err != nil {
 			ExitWithError(ExitBadArgs, err)
 		}