This repository has been archived by the owner on Jul 27, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 240
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
add initial implementation for the new consul policy and token api (#366
) * add initial implementation for the new consul policy api * split up environment setup so it can be re-used in travis ci build * move policy handling into acl client to better reflect consul api layout * add token removal and listing functionality * update documentation to reflect enviroment setup changes
- Loading branch information
1 parent
d0ba5a5
commit 05289b0
Showing
14 changed files
with
492 additions
and
13 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,9 +1,8 @@ | ||
language: java | ||
services: docker | ||
before_install: | ||
- docker run -d -p 127.0.0.1:8500:8500 consul:1.2.3 agent -dev -client 0.0.0.0 --enable-script-checks=true | ||
- ./do setup-environment | ||
|
||
jdk: | ||
- oraclejdk8 | ||
script: mvn clean test | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,55 @@ | ||
#!/usr/bin/env bash | ||
|
||
DIR="$( cd "$(dirname "$0")" ; pwd -P )" | ||
|
||
CONSUL_DEV_NAME="consul-dev" | ||
CONSUL_DEV_ACL_NAME="consul-dev-acl" | ||
|
||
CONSUL_ACL_CONFIG=$(cat <<EOF | ||
{ | ||
"acl": { | ||
"enabled": true, | ||
"default_policy": "deny", | ||
"tokens": { | ||
"master": "aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee" | ||
} | ||
} | ||
} | ||
EOF | ||
) | ||
|
||
function task_clean_environment { | ||
docker rm -f "${CONSUL_DEV_NAME}" | ||
docker rm -f "${CONSUL_DEV_ACL_NAME}" | ||
} | ||
|
||
function task_setup_environment { | ||
docker run -d -p 127.0.0.1:8500:8500 --name="${CONSUL_DEV_NAME}" consul agent -dev -client 0.0.0.0 --enable-script-checks=true | ||
docker run -d -p 127.0.0.1:8501:8500 --name="${CONSUL_DEV_ACL_NAME}" -e CONSUL_LOCAL_CONFIG="${CONSUL_ACL_CONFIG}" consul agent -dev -client 0.0.0.0 --enable-script-checks=true | ||
} | ||
|
||
function task_test { | ||
task_clean_environment | ||
task_setup_environment | ||
|
||
( | ||
cd "${DIR}" | ||
mvn test | ||
) | ||
|
||
task_clean_environment | ||
} | ||
|
||
task_usage() { | ||
echo "Usage: $0 test | setup-environment | clean-environment" | ||
exit 1 | ||
} | ||
|
||
arg=${1:-} | ||
shift || true | ||
case ${arg} in | ||
test) task_test ;; | ||
clean-environment) task_clean_environment ;; | ||
setup-environment) task_setup_environment ;; | ||
*) task_usage ;; | ||
esac |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,137 @@ | ||
package com.orbitz.consul; | ||
|
||
import com.google.common.net.HostAndPort; | ||
import com.orbitz.consul.model.acl.*; | ||
import org.junit.BeforeClass; | ||
import org.junit.Test; | ||
|
||
import java.time.Duration; | ||
import java.util.*; | ||
|
||
import static org.hamcrest.CoreMatchers.is; | ||
import static org.junit.Assert.*; | ||
|
||
public class AclTest { | ||
|
||
protected static Consul client; | ||
|
||
protected static HostAndPort aclClientHostAndPort = HostAndPort.fromParts("localhost", 8501); | ||
|
||
@BeforeClass | ||
public static void beforeClass() { | ||
client = Consul.builder() | ||
.withHostAndPort(aclClientHostAndPort) | ||
.withAclToken("aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee") | ||
.withReadTimeoutMillis(Duration.ofSeconds(2).toMillis()) | ||
.build(); | ||
} | ||
|
||
@Test | ||
public void listPolicies() { | ||
AclClient aclClient = client.aclClient(); | ||
assertTrue(aclClient.listPolicies().stream().anyMatch(p -> Objects.equals(p.name(), "global-management"))); | ||
} | ||
|
||
@Test | ||
public void testCreateAndReadPolicy() { | ||
AclClient aclClient = client.aclClient(); | ||
|
||
String policyName = UUID.randomUUID().toString(); | ||
PolicyResponse policy = aclClient.createPolicy(ImmutablePolicy.builder().name(policyName).build()); | ||
assertThat(policy.name(), is(policyName)); | ||
|
||
policy = aclClient.readPolicy(policy.id()); | ||
assertThat(policy.name(), is(policyName)); | ||
} | ||
|
||
@Test | ||
public void testUpdatePolicy() { | ||
AclClient aclClient = client.aclClient(); | ||
|
||
String policyName = UUID.randomUUID().toString(); | ||
PolicyResponse createdPolicy = aclClient.createPolicy(ImmutablePolicy.builder().name(policyName).build()); | ||
|
||
String newPolicyName = UUID.randomUUID().toString(); | ||
aclClient.updatePolicy(createdPolicy.id(), ImmutablePolicy.builder().name(newPolicyName).build()); | ||
|
||
PolicyResponse updatedPolicy = aclClient.readPolicy(createdPolicy.id()); | ||
assertThat(updatedPolicy.name(), is(newPolicyName)); | ||
} | ||
|
||
@Test | ||
public void testDeletePolicy() { | ||
AclClient aclClient = client.aclClient(); | ||
|
||
String policyName = UUID.randomUUID().toString(); | ||
PolicyResponse createdPolicy = aclClient.createPolicy(ImmutablePolicy.builder().name(policyName).build()); | ||
|
||
int oldPolicyCount = aclClient.listPolicies().size(); | ||
aclClient.deletePolicy(createdPolicy.id()); | ||
int newPolicyCount = aclClient.listPolicies().size(); | ||
|
||
assertThat(newPolicyCount, is(oldPolicyCount - 1)); | ||
} | ||
|
||
@Test | ||
public void testCreateAndReadToken() { | ||
AclClient aclClient = client.aclClient(); | ||
|
||
String policyName = UUID.randomUUID().toString(); | ||
PolicyResponse createdPolicy = aclClient.createPolicy(ImmutablePolicy.builder().name(policyName).build()); | ||
|
||
String tokenDescription = UUID.randomUUID().toString(); | ||
TokenResponse createdToken = aclClient.createToken(ImmutableToken.builder().description(tokenDescription).local(false).addPolicies(ImmutablePolicyLink.builder().id(createdPolicy.id()).build()).build()); | ||
|
||
TokenResponse readToken = aclClient.readToken(createdToken.accessorId()); | ||
|
||
assertThat(readToken.description(), is(tokenDescription)); | ||
assertThat(readToken.policies().get(0).name().get(), is(policyName)); | ||
} | ||
|
||
@Test | ||
public void testReadSelfToken() { | ||
AclClient aclClient = client.aclClient(); | ||
|
||
TokenResponse selfToken = aclClient.readSelfToken(); | ||
assertThat(selfToken.description(), is("Master Token")); | ||
} | ||
|
||
@Test | ||
public void testUpdateToken() { | ||
AclClient aclClient = client.aclClient(); | ||
|
||
String policyName = UUID.randomUUID().toString(); | ||
PolicyResponse createdPolicy = aclClient.createPolicy(ImmutablePolicy.builder().name(policyName).build()); | ||
|
||
TokenResponse createdToken = aclClient.createToken(ImmutableToken.builder().description("none").local(false).addPolicies(ImmutablePolicyLink.builder().id(createdPolicy.id()).build()).build()); | ||
String newDescription = UUID.randomUUID().toString(); | ||
aclClient.updateToken(createdToken.accessorId(), ImmutableToken.builder().local(false).description(newDescription).build()); | ||
|
||
TokenResponse readToken = aclClient.readToken(createdToken.accessorId()); | ||
assertThat(readToken.description(), is(newDescription)); | ||
} | ||
|
||
@Test | ||
public void testListTokens() { | ||
AclClient aclClient = client.aclClient(); | ||
|
||
assertTrue(aclClient.listTokens().stream().anyMatch(p -> Objects.equals(p.description(), "Anonymous Token"))); | ||
assertTrue(aclClient.listTokens().stream().anyMatch(p -> Objects.equals(p.description(), "Master Token"))); | ||
} | ||
|
||
@Test | ||
public void testDeleteToken() { | ||
AclClient aclClient = client.aclClient(); | ||
|
||
String policyName = UUID.randomUUID().toString(); | ||
PolicyResponse createdPolicy = aclClient.createPolicy(ImmutablePolicy.builder().name(policyName).build()); | ||
TokenResponse createdToken = aclClient.createToken(ImmutableToken.builder().description(UUID.randomUUID().toString()).local(false).addPolicies(ImmutablePolicyLink.builder().id(createdPolicy.id()).build()).build()); | ||
|
||
int oldTokenCount = aclClient.listTokens().size(); | ||
aclClient.deleteToken(createdToken.accessorId()); | ||
|
||
int newTokenCount = aclClient.listTokens().size(); | ||
assertThat(newTokenCount, is(oldTokenCount - 1)); | ||
} | ||
|
||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
27 changes: 27 additions & 0 deletions
27
src/main/java/com/orbitz/consul/model/acl/BasePolicyResponse.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,27 @@ | ||
package com.orbitz.consul.model.acl; | ||
|
||
import com.fasterxml.jackson.annotation.JsonProperty; | ||
|
||
import java.math.BigInteger; | ||
import java.util.Optional; | ||
|
||
public abstract class BasePolicyResponse { | ||
|
||
@JsonProperty("ID") | ||
public abstract String id(); | ||
|
||
@JsonProperty("Name") | ||
public abstract String name(); | ||
|
||
@JsonProperty("Datacenters") | ||
public abstract Optional<String> datacenters(); | ||
|
||
@JsonProperty("Hash") | ||
public abstract String hash(); | ||
|
||
@JsonProperty("CreateIndex") | ||
public abstract BigInteger createIndex(); | ||
|
||
@JsonProperty("ModifyIndex") | ||
public abstract BigInteger modifyIndex(); | ||
} |
Oops, something went wrong.