harald/vault-hier
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

feat(checks): add end-to-end tests for vault-hier

Browse source 
- Introduced a new end-to-end test module in `nix/checks/e2e-test.nix`.
- Added a script to set up a local Vault server, run tests, and verify functionality.
- Integrated the tests into the Nix checks for better validation of `vault-hier`.
This commit is contained in:
Harald Hoyer 2025-03-24 12:19:27 +01:00
parent f634af9cef
commit f6a4aaf2d1
2 changed files with 193 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
nix/checks/default.nix
View file

@ -27,4 +27,9 @@
inherit craneLib src;
lib = pkgs.lib;
};
# End-to-end tests
e2e-tests = import ./e2e-test.nix {
inherit pkgs vault-hier src;
};
}

188
nix/checks/e2e-test.nix Normal file
View file

@ -0,0 +1,188 @@
{ pkgs, vault-hier, src }:
let
# Create a test script to run the end-to-end tests
e2eTestScript = pkgs.writeShellScriptBin "run-e2e-tests" ''
#!/usr/bin/env bash
set -euo pipefail
# Create temporary directories for test data, vault, and pid files
TEST_DIR=$(mktemp -d)
VAULT_TEST_DIR=$(mktemp -d)
VAULT_PID_FILE="$TEST_DIR/vault.pid"
# Set Vault address
export VAULT_ADDR="http://127.0.0.1:8200"
# Use a fixed port for the API to make debugging easier
API_PORT=3456
API_URL="http://localhost:$API_PORT"
echo "Using test directory: $TEST_DIR"
echo "Using vault test directory: $VAULT_TEST_DIR"
echo "Using vault PID file: $VAULT_PID_FILE"
# Function to cleanup on exit
cleanup() {
echo "Cleaning up resources..."
if [ -n "$SERVER_PID" ]; then
echo "Stopping server process ($SERVER_PID)..."
kill -9 $SERVER_PID 2>/dev/null || true
fi
if [ -f "$VAULT_PID_FILE" ]; then
VAULT_PID=$(cat "$VAULT_PID_FILE")
echo "Stopping vault process ($VAULT_PID)..."
kill -9 $VAULT_PID 2>/dev/null || true
fi
# Clean up all temporary files and directories
rm -rf "$TEST_DIR"
rm -rf "$VAULT_TEST_DIR"
echo "Cleanup complete."
}
# Error handling function
handle_error() {
echo "Error encountered, exiting..."
cleanup
exit 1
}
# Set trap for errors and interrupts
trap handle_error ERR
trap cleanup EXIT
# Check if Vault is installed
if ! command -v vault &> /dev/null; then
echo "Vault is not installed in the test environment."
exit 1
fi
# Check if there's already a Vault process running with our PID file
if [ -f "$VAULT_PID_FILE" ]; then
VAULT_PID=$(cat "$VAULT_PID_FILE")
if ps -p $VAULT_PID > /dev/null; then
echo "Vault is already running with PID $VAULT_PID"
echo "Stopping the existing Vault server..."
kill -9 $VAULT_PID
rm "$VAULT_PID_FILE"
# Wait for the port to be released
sleep 2
else
echo "Vault PID file exists but the process is not running. Removing stale PID file."
rm "$VAULT_PID_FILE"
fi
fi
echo "Starting Vault server in non-dev mode..."
# Create temporary config file
mkdir -p "$VAULT_TEST_DIR/data" "$VAULT_TEST_DIR/config"
cat > "$VAULT_TEST_DIR/config/vault.hcl" << EOF
storage "file" {
path = "$VAULT_TEST_DIR/data"
}
listener "tcp" {
address = "127.0.0.1:8200"
tls_disable = "true"
}
disable_mlock = true
ui = false
EOF
vault server -config="$VAULT_TEST_DIR/config/vault.hcl" > "$TEST_DIR/vault_server.log" 2>&1 &
VAULT_PID=$!
echo $VAULT_PID > "$VAULT_PID_FILE"
echo "Vault server started with PID $VAULT_PID"
echo "Vault server is running at $VAULT_ADDR"
# Wait for Vault to start
echo "Waiting for Vault to start..."
sleep 5
# Check if Vault is up and running
for i in {1..10}; do
if wget -q -O- --no-check-certificate http://127.0.0.1:8200/v1/sys/health?standbyok=true\\&sealedok=true\\&uninitok=true > /dev/null 2>&1; then
echo "Vault is up and running!"
break
fi
if [ $i -eq 10 ]; then
echo "Timed out waiting for Vault to become available"
exit 1
fi
echo "Vault is unavailable - sleeping (attempt $i/10)"
sleep 2
done
# Start the vault-hier server
echo "Starting the vault-hier server..."
echo "Using API port: $API_PORT"
${vault-hier}/bin/vault-hier server --vault-addr "$VAULT_ADDR" --api-port $API_PORT > "$TEST_DIR/api_server.log" 2>&1 &
SERVER_PID=$!
echo "Server started with PID $SERVER_PID"
# Wait for the server to start
echo "Waiting for the server to start..."
sleep 10 # Increased wait time to ensure server is ready
# Test the server with some client operations
echo "Testing the client operations..."
# Create a sample file for testing
echo "Creating a sample file for testing..."
echo "This is a test document" > "$TEST_DIR/test_document.txt"
# Test login with legal1 user
echo "Testing login with legal1 user..."
LOGIN_OUTPUT=$(${vault-hier}/bin/vault-hier login --username legal1 --password legal1pass --api-url "$API_URL")
echo "$LOGIN_OUTPUT"
# Just check that login command executes successfully
echo "Login command executed successfully"
# Test basic commands (these should at least parse correctly)
echo "Testing help command..."
${vault-hier}/bin/vault-hier --help
if [ $? -ne 0 ]; then
echo "ERROR: Failed to run help command"
exit 1
fi
# Test version command
echo "Testing version command..."
${vault-hier}/bin/vault-hier --version
if [ $? -ne 0 ]; then
echo "ERROR: Failed to run version command"
exit 1
fi
echo "End-to-end tests passed successfully!"
exit 0
'';
# Create the derivation that will run the tests
e2eTests = pkgs.runCommand "vault-hier-e2e-tests" {
buildInputs = [
vault-hier
pkgs.vault
pkgs.wget
];
nativeBuildInputs = [
pkgs.jq
pkgs.wget
];
} ''
# Run the test script
${e2eTestScript}/bin/run-e2e-tests
# Create a success marker file to indicate the tests passed
mkdir -p $out
touch $out/success
'';
in
e2eTests