Documentation
¶
Index ¶
- Constants
- Variables
- type Config
- type Controller
- type HandlerProperties
- type TestController
- func (tc *TestController) AddClusterControllerMember(t *testing.T, opts *TestControllerOpts) *TestController
- func (tc *TestController) ApiAddrs() []string
- func (tc *TestController) AuthTokenRepo() *authtoken.Repository
- func (tc *TestController) Cancel()
- func (tc *TestController) Client() *api.Client
- func (tc *TestController) ClusterAddrs() []string
- func (tc *TestController) Config() *Config
- func (tc *TestController) Context() context.Context
- func (tc *TestController) Controller() *Controller
- func (tc *TestController) DbConn() *gorm.DB
- func (tc *TestController) IamRepo() *iam.Repository
- func (tc *TestController) Kms() *kms.Kms
- func (tc *TestController) Logger() hclog.Logger
- func (tc *TestController) Name() string
- func (tc *TestController) Server() *base.Server
- func (tc *TestController) ServersRepo() *servers.Repository
- func (tc *TestController) Shutdown()
- func (tc *TestController) Token() *authtokens.AuthToken
- func (tc *TestController) UnprivilegedToken() *authtokens.AuthToken
- func (tc *TestController) WaitForNextWorkerStatusUpdate(workerId string) error
- type TestControllerOpts
Constants ¶
View Source
const ( DefaultTestPasswordAuthMethodId = "ampw_1234567890" DefaultTestOidcAuthMethodId = "amoidc_1234567890" DefaultTestLoginName = "admin" DefaultTestUnprivilegedLoginName = "user" DefaultTestPassword = "passpass" DefaultTestUserId = "u_1234567890" DefaultTestPasswordAccountId = intglobals.NewPasswordAccountPrefix + "_1234567890" DefaultTestOidcAccountId = "acctoidc_1234567890" DefaultTestUnprivilegedPasswordAccountId = intglobals.NewPasswordAccountPrefix + "_0987654321" DefaultTestUnprivilegedOidcAccountId = "acctoidc_0987654321" )
Variables ¶
View Source
var RecoveryNonceCleanupInterval = 2 * time.Minute
This is exported so it can be tweaked in tests
Functions ¶
This section is empty.
Types ¶
type Config ¶
type Config struct {
// The base Server object, containing things shared between Controllers and
// Workers
*base.Server
// The underlying configuration, passed in here to avoid duplicating values
// everywhere
RawConfig *config.Config
// If set, authorization checking occurrs but failures are ignored
DisableAuthorizationFailures bool
}
type Controller ¶
type Controller struct {
// Repo factory methods
AuthTokenRepoFn common.AuthTokenRepoFactory
VaultCredentialRepoFn common.VaultCredentialRepoFactory
IamRepoFn common.IamRepoFactory
OidcRepoFn common.OidcAuthRepoFactory
PasswordAuthRepoFn common.PasswordAuthRepoFactory
ServersRepoFn common.ServersRepoFactory
SessionRepoFn common.SessionRepoFactory
StaticHostRepoFn common.StaticRepoFactory
TargetRepoFn common.TargetRepoFactory
// contains filtered or unexported fields
}
func (*Controller) Shutdown ¶
func (c *Controller) Shutdown(serversOnly bool) error
func (*Controller) Start ¶
func (c *Controller) Start() error
func (*Controller) WorkerStatusUpdateTimes ¶
func (c *Controller) WorkerStatusUpdateTimes() *sync.Map
WorkerStatusUpdateTimes returns the map, which specifically is held in _this_ controller, not the DB. It's used in tests to verify that a given controller is receiving updates from an expected set of workers, to test out balancing and auto reconnection.
type HandlerProperties ¶
type HandlerProperties struct {
ListenerConfig *listenerutil.ListenerConfig
CancelCtx context.Context
}
type TestController ¶
type TestController struct {
// contains filtered or unexported fields
}
TestController wraps a base.Server and Controller to provide a fully-programmatic controller for tests. Error checking (for instance, for valid config) is not stringent at the moment.
func NewTestController ¶
func NewTestController(t *testing.T, opts *TestControllerOpts) *TestController
func (*TestController) AddClusterControllerMember ¶
func (tc *TestController) AddClusterControllerMember(t *testing.T, opts *TestControllerOpts) *TestController
func (*TestController) ApiAddrs ¶
func (tc *TestController) ApiAddrs() []string
func (*TestController) AuthTokenRepo ¶
func (tc *TestController) AuthTokenRepo() *authtoken.Repository
func (*TestController) Cancel ¶
func (tc *TestController) Cancel()
func (*TestController) Client ¶
func (tc *TestController) Client() *api.Client
func (*TestController) ClusterAddrs ¶
func (tc *TestController) ClusterAddrs() []string
func (*TestController) Config ¶
func (tc *TestController) Config() *Config
func (*TestController) Context ¶
func (tc *TestController) Context() context.Context
func (*TestController) Controller ¶
func (tc *TestController) Controller() *Controller
Controller returns the underlying controller
func (*TestController) DbConn ¶
func (tc *TestController) DbConn() *gorm.DB
func (*TestController) IamRepo ¶
func (tc *TestController) IamRepo() *iam.Repository
func (*TestController) Kms ¶
func (tc *TestController) Kms() *kms.Kms
func (*TestController) Logger ¶
func (tc *TestController) Logger() hclog.Logger
func (*TestController) Name ¶
func (tc *TestController) Name() string
func (*TestController) Server ¶ added in v0.1.6
func (tc *TestController) Server() *base.Server
Server returns the underlying base server
func (*TestController) ServersRepo ¶
func (tc *TestController) ServersRepo() *servers.Repository
func (*TestController) Shutdown ¶
func (tc *TestController) Shutdown()
Shutdown runs any cleanup functions; be sure to run this after your test is done
func (*TestController) Token ¶
func (tc *TestController) Token() *authtokens.AuthToken
func (*TestController) UnprivilegedToken ¶ added in v0.1.6
func (tc *TestController) UnprivilegedToken() *authtokens.AuthToken
func (*TestController) WaitForNextWorkerStatusUpdate ¶ added in v0.5.0
func (tc *TestController) WaitForNextWorkerStatusUpdate(workerId string) error
WaitForNextWorkerStatusUpdate waits for the next status check from a worker to come in. If it does not come in within the default status grace period, this function returns an error.
type TestControllerOpts ¶
type TestControllerOpts struct {
// ConfigHcl is the HCL to be parsed to generate the initial config.
// Overrides Config if both are set.
ConfigHcl string
// Config; if not provided a dev one will be created, unless ConfigHcl is
// set.
Config *config.Config
// DefaultPasswordAuthMethodId is the default password method ID to use, if set.
DefaultPasswordAuthMethodId string
// DefaultOidcAuthMethodId is the default OIDC method ID to use, if set.
DefaultOidcAuthMethodId string
// DefaultLoginName is the login name used when creating the default admin account.
DefaultLoginName string
// DefaultUnprivilegedLoginName is the login name used when creating the default unprivileged account.
DefaultUnprivilegedLoginName string
// DefaultPassword is the password used when creating the default accounts.
DefaultPassword string
// DisableInitialLoginRoleCreation can be set true to disable creating the
// global scope login role automatically.
DisableInitialLoginRoleCreation bool
// DisableAuthMethodCreation can be set true to disable creating an auth
// method automatically.
DisableAuthMethodCreation bool
// DisableOidcAuthMethodCreation can be set true to disable the built-in
// OIDC listener. Useful for e.g. unix listener tests.
DisableOidcAuthMethodCreation bool
// DisableScopesCreation can be set true to disable creating scopes
// automatically.
DisableScopesCreation bool
// DisableHostResourcesCreation can be set true to disable creating a host
// catalog and related resources automatically.
DisableHostResourcesCreation bool
// DisableTargetCreation can be set true to disable creating a target
// automatically.
DisableTargetCreation bool
// DisableDatabaseCreation can be set true to disable creating a dev
// database
DisableDatabaseCreation bool
// DisableDatabaseDestruction can be set true to allow a database to be
// created but examined after-the-fact
DisableDatabaseDestruction bool
// If set, instead of creating a dev database, it will connect to an
// existing database given the url
DatabaseUrl string
// If true, the controller will not be started
DisableAutoStart bool
// DisableAuthorizationFailures will still cause authz checks to be
// performed but they won't cause 403 Forbidden. Useful for API-level
// testing to avoid a lot of faff.
DisableAuthorizationFailures bool
// The controller KMS to use, or one will be created
RootKms wrapping.Wrapper
// The worker auth KMS to use, or one will be created
WorkerAuthKms wrapping.Wrapper
// The recovery KMS to use, or one will be created
RecoveryKms wrapping.Wrapper
// Disables KMS key creation. Only valid when a database url is specified,
// at the moment.
DisableKmsKeyCreation bool
// The name to use for the controller, otherwise one will be randomly
// generated, unless provided in a non-nil Config
Name string
// The suffix to use for initial resources
InitialResourcesSuffix string
// The logger to use, or one will be created
Logger hclog.Logger
// A cluster address for overriding the advertised controller listener
// (overrides address provided in config, if any)
PublicClusterAddr string
// The amount of time to wait before marking connections as closed when a
// worker has not reported in
StatusGracePeriodDuration time.Duration
}
Source Files
¶
Directories
¶
| Path | Synopsis |
|---|---|
|
Package common contains types and helper functions that are used across the different packages under internal/server/controller.
|
Package common contains types and helper functions that are used across the different packages under internal/server/controller. |
Click to show internal directories.
Click to hide internal directories.