forked from hashicorp/nomad
-
Notifications
You must be signed in to change notification settings - Fork 0
/
acl.go
52 lines (44 loc) · 1.24 KB
/
acl.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
// Copyright (c) HashiCorp, Inc.
// SPDX-License-Identifier: MPL-2.0
package e2eutil
import (
"fmt"
"strings"
"testing"
"github.com/hernad/nomad/api"
"github.com/hernad/nomad/helper/uuid"
"github.com/shoenig/test"
"github.com/shoenig/test/must"
)
// ApplyJobPolicy applies an ACL job policy or noops if ACLs are disabled.
// Registers a cleanup function to delete the policy.
func ApplyJobPolicy(t *testing.T, nomad *api.Client, ns, j, g, task, rules string) *api.ACLPolicy {
policy := &api.ACLPolicy{
Name: j + uuid.Short(),
Description: fmt.Sprintf("Policy for test=%s ns=%s job=%s group=%s task=%s rules=%s",
t.Name(), ns, j, g, task, rules),
Rules: rules,
JobACL: &api.JobACL{
Namespace: ns,
JobID: j,
Group: g,
Task: task,
},
}
wm, err := nomad.ACLPolicies().Upsert(policy, nil)
if err != nil {
if strings.Contains(err.Error(), "ACL support disabled") {
t.Logf("ACL support disabled. Skipping ApplyJobPolicy(t, c, %q, %q, %q, %q, %q)",
ns, j, g, task, rules)
return nil
}
must.NoError(t, err)
}
t.Cleanup(func() {
_, err := nomad.ACLPolicies().Delete(policy.Name, nil)
test.NoError(t, err)
})
policy.CreateIndex = wm.LastIndex
policy.ModifyIndex = wm.LastIndex
return policy
}