Skip to content
This repository was archived by the owner on Jan 25, 2023. It is now read-only.

Fixing tests using consul for dns #232

Merged
brikis98 merged 14 commits into from
Feb 16, 2021
Merged

Fixing tests using consul for dns #232

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
14 commits
Select commit Hold shift + click to select a range
163d75c
Bumping versions
anouarchattouna Jan 26, 2021
9cf2eee
Updating vault service configuration
anouarchattouna Jan 27, 2021
c43a74c
Refactoring tests
anouarchattouna Jan 27, 2021
14d4e6d
review: use require.NoError(t, err)
anouarchattouna Jan 28, 2021
e76b2f6
review: configure and use consul_agent_service_registration_address v…
anouarchattouna Jan 28, 2021
d2e1a97
review: use default value of localhost:8500 for consul-agent-service-…
anouarchattouna Jan 29, 2021
9781c22
pre-commit hook
anouarchattouna Jan 29, 2021
971e3b3
update pre-commit config to the latest repos' versions
anouarchattouna Jan 29, 2021
9eb6c58
Using same format '${variable_name}' for all variables
anouarchattouna Feb 9, 2021
279a9b3
Updating vault-dynamodb-backend example: enable S3 storage backend
anouarchattouna Feb 9, 2021
bb94f43
Refactoring: get the initialized and unsealed vault cluster
anouarchattouna Feb 9, 2021
cfb7c45
Update tests
anouarchattouna Feb 9, 2021
96d7035
reviex: reverted variable format changes
anouarchattouna Feb 10, 2021
c3bd168
reviex: reverted variable format changes
anouarchattouna Feb 10, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 5 additions & 4 deletions examples/vault-s3-backend/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -63,10 +63,11 @@ data "template_file" "user_data_vault_cluster" {
template = file("${path.module}/user-data-vault.sh")

vars = {
aws_region = data.aws_region.current.name
s3_bucket_name = var.s3_bucket_name
consul_cluster_tag_key = var.consul_cluster_tag_key
consul_cluster_tag_value = var.consul_cluster_name
aws_region = data.aws_region.current.name
s3_bucket_name = var.s3_bucket_name
consul_cluster_tag_key = var.consul_cluster_tag_key
consul_cluster_tag_value = var.consul_cluster_name
consul_agent_service_registration_address = var.consul_agent_service_registration_address
}
}

Expand Down
2 changes: 1 addition & 1 deletion examples/vault-s3-backend/user-data-vault.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,4 +16,4 @@ readonly VAULT_TLS_KEY_FILE="/opt/vault/tls/vault.key.pem"

# The variables below are filled in via Terraform interpolation
/opt/consul/bin/run-consul --client --cluster-tag-key "${consul_cluster_tag_key}" --cluster-tag-value "${consul_cluster_tag_value}"
/opt/vault/bin/run-vault --tls-cert-file "$VAULT_TLS_CERT_FILE" --tls-key-file "$VAULT_TLS_KEY_FILE" --enable-s3-backend --s3-bucket "${s3_bucket_name}" --s3-bucket-region "${aws_region}"
/opt/vault/bin/run-vault --tls-cert-file "$VAULT_TLS_CERT_FILE" --tls-key-file "$VAULT_TLS_KEY_FILE" --enable-s3-backend --s3-bucket "${s3_bucket_name}" --s3-bucket-region "${aws_region}" --consul-agent-service-registration-address "${consul_agent_service_registration_address}"
5 changes: 5 additions & 0 deletions examples/vault-s3-backend/variables.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -87,3 +87,8 @@ variable "force_destroy_s3_bucket" {
default = false
}

variable "consul_agent_service_registration_address" {
description = "Specifies the address of the Consul agent to communicate with. This can be an IP address, DNS record, or unix socket. It is recommended that you communicate with a local Consul agent; do not communicate directly with a server."
type = string
default = "127.0.0.1:8500"
}
25 changes: 17 additions & 8 deletions modules/run-vault/run-vault
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,7 @@ function print_usage {
echo -e " --s3-bucket\tSpecifies the S3 bucket to use to store Vault data. Only used if '--enable-s3-backend' is set."
echo -e " --s3-bucket-path\tSpecifies the S3 bucket path to use to store Vault data. Only used if '--enable-s3-backend' is set."
echo -e " --s3-bucket-region\tSpecifies the AWS region where '--s3-bucket' lives. Only used if '--enable-s3-backend' is set."
echo -e " --consul-agent-service-registration-address\tSpecifies the address of the Consul agent to communicate with when using a different storage backend, in this case an S3 backend. Only used if '--enable-s3-backend' is set."
echo -e " --enable-dynamo-backend\tIf this flag is set, DynamoDB will be enabled as the backend storage (HA)"
echo -e " --dynamo-region\tSpecifies the AWS region where --dynamo-table lives. Only used if '--enable-dynamo-backend is on'"
echo -e " --dynamo--table\tSpecifies the DynamoDB table to use for HA Storage. Only used if '--enable-dynamo-backend is on'"
Expand Down Expand Up @@ -73,7 +74,7 @@ function print_usage {
echo
echo "Or"
echo
echo " run-vault --tls-cert-file /opt/vault/tls/vault.crt.pem --tls-key-file /opt/vault/tls/vault.key.pem --enable-s3-backend --s3-bucket my-vault-bucket --s3-bucket-region us-east-1"
echo " run-vault --tls-cert-file /opt/vault/tls/vault.crt.pem --tls-key-file /opt/vault/tls/vault.key.pem --enable-s3-backend --s3-bucket my-vault-bucket --s3-bucket-region us-east-1 --consul-agent-service-registration-address 127.0.0.1:8500"
}

function log {
Expand Down Expand Up @@ -237,13 +238,14 @@ function generate_vault_config {
local -r s3_bucket="$9"
local -r s3_bucket_path="${10}"
local -r s3_bucket_region="${11}"
local -r enable_dynamo_backend="${12}"
local -r dynamo_region="${13}"
local -r dynamo_table="${14}"
local -r consul_agent_service_registration_address="${12}"
local -r enable_dynamo_backend="${13}"
local -r dynamo_region="${14}"
local -r dynamo_table="${15}"
local -r enable_auto_unseal="${15}"
local -r auto_unseal_kms_key_id="${16}"
local -r auto_unseal_kms_key_region="${17}"
local -r auto_unseal_endpoint="${18}"
local -r auto_unseal_kms_key_id="${17}"
local -r auto_unseal_kms_key_region="${18}"
local -r auto_unseal_endpoint="${19}"
local -r config_path="$config_dir/$VAULT_CONFIG_FILE"

local instance_ip_address
Expand Down Expand Up @@ -302,7 +304,7 @@ EOF
dynamodb_storage_type="ha_storage"
service_registration=$(cat <<EOF
service_registration "consul" {
address = "127.0.0.1:8500"
address = "$consul_agent_service_registration_address"
}\n
EOF
)
Expand Down Expand Up @@ -461,6 +463,7 @@ function run {
local s3_bucket=""
local s3_bucket_path=""
local s3_bucket_region=""
local consul_agent_service_registration_address=""
local enable_dynamo_backend="false"
local dynamo_region=""
local dynamo_table=""
Expand Down Expand Up @@ -559,6 +562,10 @@ function run {
s3_bucket_region="$2"
shift
;;
--consul-agent-service-registration-address)
consul_agent_service_registration_address="$2"
shift
;;
--enable-dynamo-backend)
enable_dynamo_backend="true"
;;
Expand Down Expand Up @@ -651,6 +658,7 @@ function run {
if [[ "$enable_s3_backend" == "true" ]]; then
assert_not_empty "--s3-bucket" "$s3_bucket"
assert_not_empty "--s3-bucket-region" "$s3_bucket_region"
assert_not_empty "--consul-agent-service-registration-address" "$consul_agent_service_registration_address"
fi
fi

Expand Down Expand Up @@ -726,6 +734,7 @@ function run {
"$s3_bucket" \
"$s3_bucket_path" \
"$s3_bucket_region" \
"$consul_agent_service_registration_address" \
"$enable_dynamo_backend" \
"$dynamo_region" \
"$dynamo_table" \
Expand Down
1 change: 1 addition & 0 deletions test/go.sum
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -197,6 +197,7 @@ github.com/gruntwork-io/gruntwork-cli v0.5.1 h1:mVmVsFubUSLSCO8bGigI63HXzvzkC0uW
github.com/gruntwork-io/gruntwork-cli v0.5.1/go.mod h1:IBX21bESC1/LGoV7jhXKUnTQTZgQ6dYRsoj/VqxUSZQ=
github.com/gruntwork-io/terratest v0.28.15 h1:in1DRBq8/RjxMyb6Amr1SRrczOK/hGnPi+gQXOOtbZI=
github.com/gruntwork-io/terratest v0.28.15/go.mod h1:PkVylPuUNmItkfOTwSiFreYA4FkanK8AluBuNeGxQOw=
github.com/gruntwork-io/terratest v0.32.1 h1:Uho3H7VWD4tEulWov7pWW90V3XATLKxSh88AtrxTYvU=
github.com/hashicorp/errwrap v1.0.0 h1:hLrqtEDnRye3+sgx6z4qVLNuviH3MR5aQ0ykNJa/UYA=
github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
github.com/hashicorp/go-cleanhttp v0.5.0/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80=
Expand Down
10 changes: 6 additions & 4 deletions test/vault_cluster_s3_backend_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ const VAULT_CLUSTER_S3_BACKEND_PATH = "examples/vault-s3-backend"

const VAR_S3_BUCKET_NAME = "s3_bucket_name"
const VAR_FORCE_DESTROY_S3_BUCKET = "force_destroy_s3_bucket"
const VAR_CONSUL_AGENT_SERVICE_REGISTRATION_ADDRESS = "consul_agent_service_registration_address"

// Test the Vault with S3 Backend example by:
//
Expand Down Expand Up @@ -39,10 +40,11 @@ func runVaultWithS3BackendClusterTest(t *testing.T, amiId string, awsRegion, ssh
test_structure.RunTestStage(t, "deploy", func() {
uniqueId := random.UniqueId()
terraformVars := map[string]interface{}{
VAR_S3_BUCKET_NAME: s3BucketName(uniqueId),
VAR_FORCE_DESTROY_S3_BUCKET: true,
VAR_CONSUL_CLUSTER_NAME: fmt.Sprintf("consul-test-%s", uniqueId),
VAR_CONSUL_CLUSTER_TAG_KEY: fmt.Sprintf("consul-test-%s", uniqueId),
VAR_S3_BUCKET_NAME: s3BucketName(uniqueId),
VAR_FORCE_DESTROY_S3_BUCKET: true,
VAR_CONSUL_CLUSTER_NAME: fmt.Sprintf("consul-test-%s", uniqueId),
VAR_CONSUL_CLUSTER_TAG_KEY: fmt.Sprintf("consul-test-%s", uniqueId),
VAR_CONSUL_AGENT_SERVICE_REGISTRATION_ADDRESS: "127.0.0.1:8500",
}
deployCluster(t, amiId, awsRegion, examplesDir, uniqueId, terraformVars)
})
Expand Down