def test_should_catch_service_account_invalid_abort_the_run(hvac): config = { "vault_addr": "http://someaddr.com", "vault_sa_role": "invalid", "vault_kv_version": "1", } fake_client = MagicMock() fake_client.auth_kubernetes.side_effect = InvalidRequest() hvac.Client.return_value = fake_client with pytest.raises(InvalidExperiment): create_vault_client(config)
def test_should_catch_approle_invalid_secret_id_abort_the_run(hvac): config = { "vault_addr": "http://someaddr.com", "vault_role_id": "mighty_id", "vault_role_secret": "expired", } fake_client = MagicMock() fake_client.auth_approle.side_effect = InvalidRequest() hvac.Client.return_value = fake_client with pytest.raises(InvalidExperiment): create_vault_client(config)
assert vault_client.token == fake_auth_object["auth"]["client_token"] fake_client.auth_approle.assert_called_with( config["vault_role_id"], config["vault_role_secret"] ) @patch("chaoslib.secret.hvac") def test_should_catch_approle_invalid_secret_id_abort_the_run(hvac): config = { "vault_addr": "http://someaddr.com", "vault_role_id": "mighty_id", "vault_role_secret": "expired", } fake_client = MagicMock() fake_client.auth_approle.side_effect = InvalidRequest() hvac.Client.return_value = fake_client with pytest.raises(InvalidExperiment): create_vault_client(config) @patch("chaoslib.secret.hvac") def test_should_auth_with_token(hvac): config = { "vault_addr": "http://someaddr.com", "vault_token": "not_awesome_token", "vault_kv_version": "1", } fake_client = MagicMock()