diff options
author | 2019-02-01 16:30:53 +0100 | |
---|---|---|
committer | 2019-02-01 15:30:53 +0000 | |
commit | d878eeebbb890b2b73226e2440c73e8b2d1b102e (patch) | |
tree | b8cc14a5834ac28eebc0c809d87e063f482c2c91 /test | |
parent | b455f86824a1c2108b305589190e964b5528fed3 (diff) | |
download | coredns-d878eeebbb890b2b73226e2440c73e8b2d1b102e.tar.gz coredns-d878eeebbb890b2b73226e2440c73e8b2d1b102e.tar.zst coredns-d878eeebbb890b2b73226e2440c73e8b2d1b102e.zip |
support etcd credentials in etcd plugin (#2442)
* support etcd credentials in etcd plugin
fixes #2441
* try to fix cleanup of authentication
Diffstat (limited to 'test')
-rw-r--r-- | test/etcd_credentials_test.go | 72 | ||||
-rw-r--r-- | test/etcd_test.go | 10 |
2 files changed, 82 insertions, 0 deletions
diff --git a/test/etcd_credentials_test.go b/test/etcd_credentials_test.go new file mode 100644 index 000000000..70586e4d1 --- /dev/null +++ b/test/etcd_credentials_test.go @@ -0,0 +1,72 @@ +// +build etcd + +package test + +import ( + "context" + "testing" +) + +// uses some stuff from etcd_tests.go + +func TestEtcdCredentials(t *testing.T) { + corefile := `.:0 { + etcd skydns.test { + path /skydns + } +}` + + ex, _, _, err := CoreDNSServerAndPorts(corefile) + if err != nil { + t.Fatalf("Could not get CoreDNS serving instance: %s", err) + } + defer ex.Stop() + + etc := etcdPlugin() + username := "root" + password := "password" + key := "foo" + value := "bar" + + var ctx = context.TODO() + + if _, err := etc.Client.Put(ctx, key, value); err != nil { + t.Errorf("Failed to put dummy value un etcd: %v", err) + } + + if _, err := etc.Client.RoleAdd(ctx, "root"); err != nil { + t.Errorf("Failed to create root role: %s", err) + } + if _, err := etc.Client.UserAdd(ctx, username, password); err != nil { + t.Errorf("Failed to create user: %s", err) + } + if _, err := etc.Client.UserGrantRole(ctx, username, "root"); err != nil { + t.Errorf("Failed to assign role to root user: %v", err) + } + if _, err := etc.Client.AuthEnable(ctx); err != nil { + t.Errorf("Failed to enable authentication: %s", err) + } + + etc2 := etcdPluginWithCredentials(username, password) + + defer func() { + if _, err := etc2.Client.AuthDisable(ctx); err != nil { + t.Errorf("Fail to disable authentication: %v", err) + } + }() + + resp, err := etc2.Client.Get(ctx, key) + if err != nil { + t.Errorf("Fail to retrieve value from etcd: %v", err) + } + + if len(resp.Kvs) != 1 { + t.Errorf("Too many response found: %+v", resp) + return + } + actual := resp.Kvs[0].Value + expected := "bar" + if string(resp.Kvs[0].Value) != expected { + t.Errorf("Value doesn't match, expected:%s actual:%s", actual, expected) + } +} diff --git a/test/etcd_test.go b/test/etcd_test.go index 2b90c3a6c..d03f7ce3d 100644 --- a/test/etcd_test.go +++ b/test/etcd_test.go @@ -23,6 +23,16 @@ func etcdPlugin() *etcd.Etcd { return &etcd.Etcd{Client: cli, PathPrefix: "/skydns"} } +func etcdPluginWithCredentials(username, password string) *etcd.Etcd { + etcdCfg := etcdcv3.Config{ + Endpoints: []string{"http://localhost:2379"}, + Username: username, + Password: password, + } + cli, _ := etcdcv3.New(etcdCfg) + return &etcd.Etcd{Client: cli, PathPrefix: "/skydns"} +} + // This test starts two coredns servers (and needs etcd). Configure a stubzones in both (that will loop) and // will then test if we detect this loop. func TestEtcdStubLoop(t *testing.T) { |