Mirroristas/etcd
2
0
Fork 0
mirror of https://github.com/etcd-io/etcd.git synced 2024-09-27 06:25:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

migrate auth tests to common #6

Browse Source 
Signed-off-by: Chao Chen <chaochn@amazon.com>
This commit is contained in:
Chao Chen 2023-02-23 16:09:14 -08:00
parent c6beef8f0e
commit d798816baf
2 changed files with 90 additions and 75 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

90
tests/common/auth_test.go
View File

@ -444,6 +444,32 @@ func TestAuthPrefixPerm(t *testing.T) {
}) })
} }
func TestAuthLeaseKeepAlive(t *testing.T) {
testRunner.BeforeTest(t)
ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
defer cancel()
clus := testRunner.NewCluster(ctx, t, config.WithClusterConfig(config.ClusterConfig{ClusterSize: 1}))
defer clus.Close()
cc := testutils.MustClient(clus.Client())
testutils.ExecuteUntil(ctx, t, func() {
require.NoErrorf(t, setupAuth(cc, []authRole{}, []authUser{rootUser}), "failed to enable auth")
rootAuthClient := testutils.MustClient(clus.Client(WithAuth(rootUserName, rootPassword)))
resp, err := rootAuthClient.Grant(ctx, 10)
require.NoError(t, err)
leaseID := resp.ID
require.NoError(t, rootAuthClient.Put(ctx, "key", "value", config.PutOptions{LeaseID: leaseID}))
_, err = rootAuthClient.KeepAliveOnce(ctx, leaseID)
require.NoError(t, err)
gresp, err := rootAuthClient.Get(ctx, "key", config.GetOptions{})
require.NoError(t, err)
if len(gresp.Kvs) != 1 || string(gresp.Kvs[0].Key) != "key" || string(gresp.Kvs[0].Value) != "value" {
t.Fatalf("want kv pair ('key', 'value') but got %v", gresp.Kvs)
}
})
}
func TestAuthRevokeWithDelete(t *testing.T) { func TestAuthRevokeWithDelete(t *testing.T) {
testRunner.BeforeTest(t) testRunner.BeforeTest(t)
ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second) ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
@ -475,6 +501,70 @@ func TestAuthRevokeWithDelete(t *testing.T) {
}) })
} }
func TestAuthLeaseTimeToLiveExpired(t *testing.T) {
testRunner.BeforeTest(t)
ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
defer cancel()
clus := testRunner.NewCluster(ctx, t, config.WithClusterConfig(config.ClusterConfig{ClusterSize: 1}))
defer clus.Close()
cc := testutils.MustClient(clus.Client())
testutils.ExecuteUntil(ctx, t, func() {
require.NoErrorf(t, setupAuth(cc, []authRole{}, []authUser{rootUser}), "failed to enable auth")
rootAuthClient := testutils.MustClient(clus.Client(WithAuth(rootUserName, rootPassword)))
resp, err := rootAuthClient.Grant(ctx, 2)
require.NoError(t, err)
leaseID := resp.ID
require.NoError(t, rootAuthClient.Put(ctx, "key", "val", config.PutOptions{LeaseID: leaseID}))
// eliminate false positive
time.Sleep(3 * time.Second)
tresp, err := rootAuthClient.TimeToLive(ctx, leaseID, config.LeaseOption{})
require.NoError(t, err)
require.Equal(t, int64(-1), tresp.TTL)
gresp, err := rootAuthClient.Get(ctx, "key", config.GetOptions{})
require.NoError(t, err)
require.Empty(t, gresp.Kvs)
})
}
func TestAuthLeaseGrantLeases(t *testing.T) {
testRunner.BeforeTest(t)
tcs := []testCase{
{
name: "NoJWT",
config: config.ClusterConfig{ClusterSize: 1},
},
{
name: "JWT",
config: config.ClusterConfig{ClusterSize: 1, AuthToken: defaultAuthToken},
},
}
for _, tc := range tcs {
t.Run(tc.name, func(t *testing.T) {
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
defer cancel()
clus := testRunner.NewCluster(ctx, t, config.WithClusterConfig(tc.config))
defer clus.Close()
cc := testutils.MustClient(clus.Client())
testutils.ExecuteUntil(ctx, t, func() {
require.NoErrorf(t, setupAuth(cc, []authRole{}, []authUser{rootUser}), "failed to enable auth")
rootAuthClient := testutils.MustClient(clus.Client(WithAuth(rootUserName, rootPassword)))
resp, err := rootAuthClient.Grant(ctx, 10)
require.NoError(t, err)
leaseID := resp.ID
lresp, err := rootAuthClient.Leases(ctx)
require.NoError(t, err)
if len(lresp.Leases) != 1 || lresp.Leases[0].ID != leaseID {
t.Fatalf("want %v leaseID but got %v leases", leaseID, lresp.Leases)
}
})
})
}
}
func mustAbsPath(path string) string { func mustAbsPath(path string) string {
abs, err := filepath.Abs(path) abs, err := filepath.Abs(path)
if err != nil { if err != nil {

75
tests/e2e/ctl_v3_auth_test.go
View File

@ -37,14 +37,6 @@ func TestCtlV3AuthFromKeyPerm(t *testing.T) { testCtl(t, authTestFromKeyPerm) }
func TestCtlV3AuthAndWatch(t *testing.T) { testCtl(t, authTestWatch) } func TestCtlV3AuthAndWatch(t *testing.T) { testCtl(t, authTestWatch) }
func TestCtlV3AuthAndWatchJWT(t *testing.T) { testCtl(t, authTestWatch, withCfg(*e2e.NewConfigJWT())) } func TestCtlV3AuthAndWatchJWT(t *testing.T) { testCtl(t, authTestWatch, withCfg(*e2e.NewConfigJWT())) }
func TestCtlV3AuthLeaseTestKeepAlive(t *testing.T) { testCtl(t, authLeaseTestKeepAlive) }
func TestCtlV3AuthLeaseTestTimeToLiveExpired(t *testing.T) {
testCtl(t, authLeaseTestTimeToLiveExpired)
}
func TestCtlV3AuthLeaseGrantLeases(t *testing.T) { testCtl(t, authLeaseTestLeaseGrantLeases) }
func TestCtlV3AuthLeaseGrantLeasesJWT(t *testing.T) {
testCtl(t, authLeaseTestLeaseGrantLeases, withCfg(*e2e.NewConfigJWT()))
}
func TestCtlV3AuthLeaseRevoke(t *testing.T) { testCtl(t, authLeaseTestLeaseRevoke) } func TestCtlV3AuthLeaseRevoke(t *testing.T) { testCtl(t, authLeaseTestLeaseRevoke) }
func TestCtlV3AuthRoleGet(t *testing.T) { testCtl(t, authTestRoleGet) } func TestCtlV3AuthRoleGet(t *testing.T) { testCtl(t, authTestRoleGet) }
@ -302,73 +294,6 @@ func authTestFromKeyPerm(cx ctlCtx) {
} }
} }
func authLeaseTestKeepAlive(cx ctlCtx) {
if err := authEnable(cx); err != nil {
cx.t.Fatal(err)
}
cx.user, cx.pass = "root", "root"
authSetupTestUser(cx)
// put with TTL 10 seconds and keep-alive
leaseID, err := ctlV3LeaseGrant(cx, 10)
if err != nil {
cx.t.Fatalf("leaseTestKeepAlive: ctlV3LeaseGrant error (%v)", err)
}
if err := ctlV3Put(cx, "key", "val", leaseID); err != nil {
cx.t.Fatalf("leaseTestKeepAlive: ctlV3Put error (%v)", err)
}
if err := ctlV3LeaseKeepAlive(cx, leaseID); err != nil {
cx.t.Fatalf("leaseTestKeepAlive: ctlV3LeaseKeepAlive error (%v)", err)
}
if err := ctlV3Get(cx, []string{"key"}, kv{"key", "val"}); err != nil {
cx.t.Fatalf("leaseTestKeepAlive: ctlV3Get error (%v)", err)
}
}
func authLeaseTestTimeToLiveExpired(cx ctlCtx) {
if err := authEnable(cx); err != nil {
cx.t.Fatal(err)
}
cx.user, cx.pass = "root", "root"
authSetupTestUser(cx)
ttl := 3
err := leaseTestTimeToLiveExpire(cx, ttl)
require.NoError(cx.t, err)
}
func leaseTestTimeToLiveExpire(cx ctlCtx, ttl int) error {
leaseID, err := ctlV3LeaseGrant(cx, ttl)
if err != nil {
return fmt.Errorf("ctlV3LeaseGrant error (%v)", err)
}
if err = ctlV3Put(cx, "key", "val", leaseID); err != nil {
return fmt.Errorf("ctlV3Put error (%v)", err)
}
// eliminate false positive
time.Sleep(time.Duration(ttl+1) * time.Second)
cmdArgs := append(cx.PrefixArgs(), "lease", "timetolive", leaseID)
exp := fmt.Sprintf("lease %s already expired", leaseID)
if err = e2e.SpawnWithExpectWithEnv(cmdArgs, cx.envMap, exp); err != nil {
return fmt.Errorf("lease not properly expired: (%v)", err)
}
if err := ctlV3Get(cx, []string{"key"}); err != nil {
return fmt.Errorf("ctlV3Get error (%v)", err)
}
return nil
}
func authLeaseTestLeaseGrantLeases(cx ctlCtx) {
cx.user, cx.pass = "root", "root"
authSetupTestUser(cx)
if err := leaseTestGrantLeasesList(cx); err != nil {
cx.t.Fatalf("authLeaseTestLeaseGrantLeases: error (%v)", err)
}
}
func leaseTestGrantLeasesList(cx ctlCtx) error { func leaseTestGrantLeasesList(cx ctlCtx) error {
id, err := ctlV3LeaseGrant(cx, 10) id, err := ctlV3LeaseGrant(cx, 10)
if err != nil { if err != nil {