Ejemplo n.º 1
0
 def setUpClass(cls):
     """Use the ServerManager class to launch a vault server process."""
     config_paths = [get_config_file_path('vault-tls.hcl')]
     if distutils.spawn.find_executable('consul') is None and cls.enable_vault_ha:
         logging.warning('Unable to run Vault in HA mode, consul binary not found in path.')
         cls.enable_vault_ha = False
     if is_enterprise():
         # TODO: figure out why this bit isn't working
         logging.warning('Unable to run Vault in HA mode, enterprise Vault version not currently supported.')
         cls.enable_vault_ha = False
     if cls.enable_vault_ha:
         config_paths = [
             get_config_file_path('vault-ha-node1.hcl'),
             get_config_file_path('vault-ha-node2.hcl'),
         ]
     cls.manager = ServerManager(
         config_paths=config_paths,
         client=create_client(),
         use_consul=cls.enable_vault_ha,
     )
     try:
         cls.manager.start()
         cls.manager.initialize()
         cls.manager.unseal()
     except Exception:
         cls.manager.stop()
         raise
Ejemplo n.º 2
0
import logging
from unittest import TestCase, skipIf

from tests import utils
from tests.utils.hvac_integration_test_case import HvacIntegrationTestCase


@skipIf(
    utils.vault_version_lt('1.4.0') or not utils.is_enterprise(),
    'Transform secrets engine only supported with Enterprise Vault',
)
class TestTransform(HvacIntegrationTestCase, TestCase):
    TEST_MOUNT_POINT = 'transform-integration-test'

    def setUp(self):
        super(TestTransform, self).setUp()
        self.client.sys.enable_secrets_engine(
            backend_type='transform',
            path=self.TEST_MOUNT_POINT,
        )

    def tearDown(self):
        self.client.sys.disable_secrets_engine(path=self.TEST_MOUNT_POINT)
        super(TestTransform, self).tearDown()

    def test_create_or_update_role(self):
        create_response = self.client.secrets.transform.create_or_update_role(
            name='test_role',
            transformations=[
                'creditcard-fpe',
                'creditcard-masking',
Ejemplo n.º 3
0
import logging
from unittest import TestCase, skipIf

from tests import utils
from tests.utils.hvac_integration_test_case import HvacIntegrationTestCase


@skipIf(
    utils.vault_version_lt("1.4.0") or not utils.is_enterprise(),
    "Transform secrets engine only supported with Enterprise Vault",
)
class TestTransform(HvacIntegrationTestCase, TestCase):
    TEST_MOUNT_POINT = "transform-integration-test"

    def setUp(self):
        super(TestTransform, self).setUp()
        self.client.sys.enable_secrets_engine(
            backend_type="transform",
            path=self.TEST_MOUNT_POINT,
        )

    def tearDown(self):
        self.client.sys.disable_secrets_engine(path=self.TEST_MOUNT_POINT)
        super(TestTransform, self).tearDown()

    def test_create_or_update_role(self):
        create_response = self.client.secrets.transform.create_or_update_role(
            name="test_role",
            transformations=[
                "creditcard-fpe",
                "creditcard-masking",
Ejemplo n.º 4
0
import logging
from unittest import TestCase, skipIf

from tests import utils
from tests.utils.hvac_integration_test_case import HvacIntegrationTestCase


@skipIf(not utils.is_enterprise(),
        "Namespaces only supported with Enterprise Vault")
class TestNamespace(HvacIntegrationTestCase, TestCase):
    def test_list_namespaces(self):
        test_namespace_name = 'python-hvac'
        create_namespace_response = self.client.sys.create_namespace(
            path=test_namespace_name)
        logging.debug('create_namespace_response: %s' %
                      create_namespace_response)

        # Verify the namespace we just created is retrievable in a listing.
        list_namespaces_response = self.client.sys.list_namespaces()
        logging.debug('list_namespaces_response: %s' %
                      list_namespaces_response)
        self.assertIn(
            member='%s/' % test_namespace_name,
            container=list_namespaces_response['data']['keys'],
        )