From f499d578ce3c6874b8ba60893999ed73358f73a2 Mon Sep 17 00:00:00 2001 From: Ryan Cragun Date: Wed, 18 Dec 2024 15:32:08 -0700 Subject: [PATCH] fix tests Always use the type when verifying storage and seals. We'll also update an older test that didn't use real storage types during migration to use real storage types. Signed-off-by: Ryan Cragun --- command/operator_migrate_test.go | 25 ++++++++-------- command/server/config.go | 49 +++++++++++++++++--------------- internalshared/configutil/kms.go | 3 +- 3 files changed, 40 insertions(+), 37 deletions(-) diff --git a/command/operator_migrate_test.go b/command/operator_migrate_test.go index 15190b2640f59..2de2692d144ee 100644 --- a/command/operator_migrate_test.go +++ b/command/operator_migrate_test.go @@ -18,6 +18,7 @@ import ( "time" "github.com/go-test/deep" + log "github.com/hashicorp/go-hclog" "github.com/hashicorp/go-secure-stdlib/base62" "github.com/hashicorp/vault/command/server" @@ -190,23 +191,23 @@ func TestMigration(t *testing.T) { cmd := new(OperatorMigrateCommand) cfgName := filepath.Join(t.TempDir(), "migrator") os.WriteFile(cfgName, []byte(` -storage_source "src_type" { +storage_source "consul" { path = "src_path" } -storage_destination "dest_type" { +storage_destination "raft" { path = "dest_path" }`), 0o644) expCfg := &migratorConfig{ StorageSource: &server.Storage{ - Type: "src_type", + Type: "consul", Config: map[string]string{ "path": "src_path", }, }, StorageDestination: &server.Storage{ - Type: "dest_type", + Type: "raft", Config: map[string]string{ "path": "dest_path", }, @@ -230,41 +231,41 @@ storage_destination "dest_type" { // missing source verifyBad(` -storage_destination "dest_type" { +storage_destination "raft" { path = "dest_path" }`) // missing destination verifyBad(` -storage_source "src_type" { +storage_source "consul" { path = "src_path" }`) // duplicate source verifyBad(` -storage_source "src_type" { +storage_source "consul" { path = "src_path" } -storage_source "src_type2" { +storage_source "raft" { path = "src_path" } -storage_destination "dest_type" { +storage_destination "raft" { path = "dest_path" }`) // duplicate destination verifyBad(` -storage_source "src_type" { +storage_source "consul" { path = "src_path" } -storage_destination "dest_type" { +storage_destination "raft" { path = "dest_path" } -storage_destination "dest_type2" { +storage_destination "consul" { path = "dest_path" }`) }) diff --git a/command/server/config.go b/command/server/config.go index 6e2ff9adb2b4d..e34d071761d8b 100644 --- a/command/server/config.go +++ b/command/server/config.go @@ -1022,29 +1022,32 @@ func ParseStorage(result *Config, list *ast.ObjectList, name string) error { // config. Physical storage types which don't contain such keys should include // an empty array. var storageAddressKeys = map[string][]string{ - "aerospike": {"hostname"}, - "alicloudoss": {"endpoint"}, - "azure": {"arm_endpoint"}, - "cassandra": {"hosts"}, - "cockroachdb": {"connection_url"}, - "consul": {"address", "service_address"}, - "couchdb": {"endpoint"}, - "dynamodb": {"endpoint"}, - "etcd": {"address", "discovery_srv"}, - "filesystem": {}, - "foundationdb": {}, - "gcs": {}, - "inmem": {}, - "manta": {"url"}, - "mssql": {"server"}, - "mysql": {"address"}, - "oci": {}, - "postgresql": {"connection_url"}, - "raft": {}, // retry_join is handled separately in normalizeRaftRetryJoin() - "s3": {"endpoint"}, - "spanner": {}, - "swift": {"auth_url", "storage_url"}, - "zookeeper": {"address"}, + "aerospike": {"hostname"}, + "alicloudoss": {"endpoint"}, + "azure": {"arm_endpoint"}, + "cassandra": {"hosts"}, + "cockroachdb": {"connection_url"}, + "consul": {"address", "service_address"}, + "couchdb": {"endpoint"}, + "dynamodb": {"endpoint"}, + "etcd": {"address", "discovery_srv"}, + "filesystem": {}, + "foundationdb": {}, + "gcs": {}, + "inmem": {}, + "inmem_ha": {}, + "inmem_transactional": {}, + "inmem_transactional_ha": {}, + "manta": {"url"}, + "mssql": {"server"}, + "mysql": {"address"}, + "oci": {}, + "postgresql": {"connection_url"}, + "raft": {}, // retry_join is handled separately in normalizeRaftRetryJoin() + "s3": {"endpoint"}, + "spanner": {}, + "swift": {"auth_url", "storage_url"}, + "zookeeper": {"address"}, } // normalizeStorageConfigAddresses takes a storage name, a configuration key diff --git a/internalshared/configutil/kms.go b/internalshared/configutil/kms.go index 36e6539a7556f..fbddde17fda82 100644 --- a/internalshared/configutil/kms.go +++ b/internalshared/configutil/kms.go @@ -158,7 +158,7 @@ func parseKMS(result *[]*KMS, list *ast.ObjectList, blockName string, maxKMS int if err != nil { return multierror.Prefix(err, fmt.Sprintf("%s.%s:", blockName, key)) } - strMap[k], err = normalizeKMSSealConfigAddrs(name, k, s) + strMap[k], err = normalizeKMSSealConfigAddrs(key, k, s) if err != nil { return multierror.Prefix(err, fmt.Sprintf("%s.%s:", blockName, key)) } @@ -231,7 +231,6 @@ var kmsSealAddressKeys = map[string][]string{ wrapping.WrapperTypeOciKms.String(): {"key_id", "crypto_endpoint", "management_endpoint"}, wrapping.WrapperTypePkcs11.String(): {}, wrapping.WrapperTypeTransit.String(): {"address"}, - "pkcs11-disabled": {}, // only used in tests } // normalizeKMSSealConfigAddrs takes a kms seal type, a config key, and its