Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Change in the path-matching functionality, along with corresponding README update. #26

Closed
wants to merge 1 commit into from
Closed

Change in the path-matching functionality, along with corresponding README update. #26

wants to merge 1 commit into from

Conversation

robison
Copy link
Contributor

@robison robison commented Nov 28, 2019

This includes the following changes to make working with Daytona behavior a bit more intuitive:

  • When using VAULT_SECRETS_ with DAYTONA_SECRET_DESTINATION_, the secret name discovered via a secrets walk in Vault is used as the suffix to DAYTONA_SECRET_DESTINATION_ to specify the output location. (This is the current behavior, and unchanged, but with tests now, and an updated/reworded README)
  • When using VAULT_SECRET_ with DAYTONA_SECRET_DESTINATION_ to specify a direct secret path, the suffix name in these two envvars is used as the key to identify and pair them, instead of the secret name discovered in Vault. This allows for more intuitive behavior, and may simplify some workflows, especially those that have a lowercase secret key name in Vault, but require the use of (or disuse of) certain characters (. in envvars come to mind).

@robison robison force-pushed the change-path-matching branch 2 times, most recently from ee1cf41 to ea6cab9 Compare November 28, 2019 21:19
@robison robison mentioned this pull request Feb 3, 2020
Closed
@robison
Copy link
Contributor Author

robison commented Mar 9, 2020 

$ make test
go test -cover -count=1 -v github.com/cruise-automation/daytona/cmd/daytona github.com/cruise-automation/daytona/pkg/auth github.com/cruise-automation/daytona/pkg/config github.com/cruise-automation/daytona/pkg/helpers/testhelpers github.com/cruise-automation/daytona/pkg/pki github.com/cruise-automation/daytona/pkg/secrets
?   	github.com/cruise-automation/daytona/cmd/daytona	[no test files]
=== RUN   TestAuthPanic
2020/03/09 16:16:49 Checking for an existing, valid vault token
2020/03/09 16:16:53 Invalid token:  Get "nan/v1/auth/token/lookup-self": unsupported protocol scheme ""
2020/03/09 16:16:53 No token found in VAULT_TOKEN env, checking path
2020/03/09 16:16:53 Can't read an existing token at "".
2020/03/09 16:16:53 No token found in "", trying to re-authenticate
2020/03/09 16:16:53 Authentication will be attempted for 1 seconds.
--- PASS: TestAuthPanic (3.87s)
=== RUN   TestServiceAuth
--- PASS: TestServiceAuth (0.00s)
=== RUN   TestFetchVaultToken
--- PASS: TestFetchVaultToken (0.00s)
=== RUN   TestFetchVaultTokenFailure
--- PASS: TestFetchVaultTokenFailure (0.00s)
=== RUN   TestInvalidToken
2020/03/09 16:16:53 Invalid token:  Error making API request.

URL: GET https://127.0.0.1:56595/v1/auth/token/lookup-self
Code: 403. Errors:

* permission denied
--- PASS: TestInvalidToken (0.00s)
=== RUN   TestValidToken
--- PASS: TestValidToken (0.00s)
=== RUN   TestFileToken
2020/03/09 16:16:53 Found an existing token at /var/folders/_h/xsr1gyjx1sj_vg2q3_ch5bsm0000gp/T/daytona-test783923519
--- PASS: TestFileToken (0.00s)
PASS
coverage: 23.4% of statements
ok  	github.com/cruise-automation/daytona/pkg/auth	4.014s	coverage: 23.4% of statements
=== RUN   TestInvalidConfig
--- PASS: TestInvalidConfig (0.00s)
PASS
coverage: 28.6% of statements
ok  	github.com/cruise-automation/daytona/pkg/config	0.082s	coverage: 28.6% of statements
?   	github.com/cruise-automation/daytona/pkg/helpers/testhelpers	[no test files]
=== RUN   TestSingleDomainCertIssuance
2020/03/09 16:16:48 Certificate or private key output path is empty, will not attempt to get certificate
2020/03/09 16:16:48 Getting certificate from vault...
2020/03/09 16:16:48 Getting certificate from vault...
--- PASS: TestSingleDomainCertIssuance (0.01s)
=== RUN   TestMultipleDomainCertIssuance
2020/03/09 16:16:48 Getting certificate from vault...
2020/03/09 16:16:48 Getting certificate from vault...
--- PASS: TestMultipleDomainCertIssuance (0.00s)
=== RUN   TestCertIssuanceErrors
2020/03/09 16:16:48 Getting certificate from vault...
2020/03/09 16:16:48 Error requesting cert from Vault: Error making API request.

URL: PUT https://127.0.0.1:56568/v1/test_intermediate_authority_T2/issue/wrong-role
Code: 400. Errors:

* unknown role: wrong-role
2020/03/09 16:16:48 Getting certificate from vault...
2020/03/09 16:16:48 Error while writing cert data: could not write private key to file '/var/folders/_h/xsr1gyjx1sj_vg2q3_ch5bsm0000gp/T/pki-test-933673746': open /var/folders/_h/xsr1gyjx1sj_vg2q3_ch5bsm0000gp/T/pki-test-933673746: permission denied
2020/03/09 16:16:48 Getting certificate from vault...
2020/03/09 16:16:48 Error while writing cert data: could not write certificate to file '/var/folders/_h/xsr1gyjx1sj_vg2q3_ch5bsm0000gp/T/pki-test-188376393': open /var/folders/_h/xsr1gyjx1sj_vg2q3_ch5bsm0000gp/T/pki-test-188376393: permission denied
--- PASS: TestCertIssuanceErrors (0.00s)
PASS
coverage: 100.0% of statements
ok  	github.com/cruise-automation/daytona/pkg/pki	0.111s	coverage: 100.0% of statements
=== RUN   TestParallelReader
--- PASS: TestParallelReader (0.00s)
=== RUN   TestSecretPath
2020/03/09 16:16:49 Starting secret fetch
2020/03/09 16:16:49 Wrote 2 secrets to /var/folders/_h/xsr1gyjx1sj_vg2q3_ch5bsm0000gp/T/secret-path-576266107
--- PASS: TestSecretPath (0.01s)
=== RUN   TestSecretDirectPath
2020/03/09 16:16:49 Starting secret fetch
2020/03/09 16:16:49 Wrote secret to /var/folders/_h/xsr1gyjx1sj_vg2q3_ch5bsm0000gp/T/secret-direct-path-259041438
--- PASS: TestSecretDirectPath (0.00s)
=== RUN   TestSecretDirectPathArbitraryIdentifiers
2020/03/09 16:16:49 Starting secret fetch
2020/03/09 16:16:49 Wrote secret to /var/folders/_h/xsr1gyjx1sj_vg2q3_ch5bsm0000gp/T/secret-direct-path-arbitrary-lower-354778981
2020/03/09 16:16:49 Wrote secret to /var/folders/_h/xsr1gyjx1sj_vg2q3_ch5bsm0000gp/T/secret-direct-path-arbitrary-upper-968889728
--- PASS: TestSecretDirectPathArbitraryIdentifiers (0.00s)
=== RUN   TestSecretWalkSingleOutput
2020/03/09 16:16:49 Starting secret fetch
2020/03/09 16:16:49 Starting iteration on secret/path/common
2020/03/09 16:16:49 Wrote 4 secrets to /var/folders/_h/xsr1gyjx1sj_vg2q3_ch5bsm0000gp/T/secret-walk-817625823
--- PASS: TestSecretWalkSingleOutput (0.00s)
=== RUN   TestSecretWalkMultipleOutput
2020/03/09 16:16:49 Starting secret fetch
2020/03/09 16:16:49 Starting iteration on secret/path/common
2020/03/09 16:16:49 Wrote 5 secrets to /var/folders/_h/xsr1gyjx1sj_vg2q3_ch5bsm0000gp/T/secret-walk-output-133949106
2020/03/09 16:16:49 Wrote secret to /var/folders/_h/xsr1gyjx1sj_vg2q3_ch5bsm0000gp/T/secret-walk-dest-055366761
--- PASS: TestSecretWalkMultipleOutput (0.01s)
PASS
coverage: 79.2% of statements
ok  	github.com/cruise-automation/daytona/pkg/secrets	0.151s	coverage: 79.2% of statements
$

@robison robison closed this Mar 10, 2020
@robison
Copy link
Contributor Author

robison commented Mar 10, 2020

Superseded by #33

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@broamski broamski Awaiting requested review from broamski

@crmulliner crmulliner Awaiting requested review from crmulliner

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@robison