harald/vault-hier
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
vault-hier/test_local.sh
Harald Hoyer c132ba1722 fix(test): ensure vault-hier processes are terminated 
- Add `killall vault-hier` to cleanup script in `test_local.sh`.
- Prevent potential leftover processes from interfering with tests.
2025-03-20 17:02:00 +01:00

260 lines
7.6 KiB
Bash
Executable file
Raw Permalink Blame History

#!/usr/bin/env bash
set -e
# Detect OS and handle accordingly
if [[ "$OSTYPE" == "darwin"* ]]; then
# macOS
export VAULT_ADDR="http://127.0.0.1:8200"
VAULT_PID_FILE="/tmp/vault.pid"
elif [[ "$OSTYPE" == "linux-gnu"* ]]; then
# Linux
export VAULT_ADDR="http://127.0.0.1:8200"
VAULT_PID_FILE="/tmp/vault.pid"
else
# Windows or other
export VAULT_ADDR="http://127.0.0.1:8200"
VAULT_PID_FILE="./vault.pid"
fi
# Use a fixed port for the API to make debugging easier
API_PORT=3456
API_URL="http://localhost:$API_PORT"
# Error handling function
handle_error() {
echo "Error encountered, showing logs:"
if [ -f "./api_server.log" ]; then
echo "=== API Server Log ==="
cat ./api_server.log
echo "======================"
fi
if [ -f "./vault_server.log" ]; then
echo "=== Vault Server Log ==="
tail -n 100 ./vault_server.log
echo "======================="
fi
# Call cleanup
cleanup
exit 1
}
# Function to cleanup on exit
cleanup() {
echo "Cleaning up resources..."
if [ -n "$SERVER_PID" ]; then
echo "Stopping server process ($SERVER_PID)..."
kill -9 $SERVER_PID 2>/dev/null || true
fi
if [ -f "$VAULT_PID_FILE" ]; then
VAULT_PID=$(cat "$VAULT_PID_FILE")
echo "Stopping vault process ($VAULT_PID)..."
kill -9 $VAULT_PID 2>/dev/null || true
rm -f "$VAULT_PID_FILE"
fi
killall vault-hier
rm -f test_document.txt
rm -rf /tmp/vault-test
# We'll keep the logs for inspection
# rm -f ./vault_server.log
# rm -f ./api_server.log
echo "Cleanup complete."
}
# Set trap for errors and interrupts
trap handle_error ERR
trap cleanup EXIT
# Check if Vault is installed
if ! command -v vault &> /dev/null; then
echo "Vault is not installed. Please install it first."
exit 1
fi
# Check if there's already a Vault process running
if [ -f "$VAULT_PID_FILE" ]; then
VAULT_PID=$(cat "$VAULT_PID_FILE")
if ps -p $VAULT_PID > /dev/null; then
echo "Vault is already running with PID $VAULT_PID"
echo "Stopping the existing Vault server..."
kill -9 $VAULT_PID
rm "$VAULT_PID_FILE"
# Wait for the port to be released
sleep 2
else
echo "Vault PID file exists but the process is not running. Removing stale PID file."
rm "$VAULT_PID_FILE"
fi
fi
echo "Starting Vault server in non-dev mode..."
# Create temporary config file
rm -fr /tmp/vault-test/data /tmp/vault-test/config
mkdir -p /tmp/vault-test/data /tmp/vault-test/config
cat > /tmp/vault-test/config/vault.hcl << EOF
storage "file" {
path = "/tmp/vault-test/data"
}
listener "tcp" {
address = "127.0.0.1:8200"
tls_disable = "true"
}
disable_mlock = true
ui = false
EOF
vault server -config=/tmp/vault-test/config/vault.hcl > ./vault_server.log 2>&1 &
VAULT_PID=$!
echo $VAULT_PID > "$VAULT_PID_FILE"
echo "Vault server started with PID $VAULT_PID"
echo "Vault server is running at $VAULT_ADDR"
# Wait for Vault to start
echo "Waiting for Vault to start..."
sleep 5
# Check if Vault is up and running
for i in {1..10}; do
if wget -q -O- --no-check-certificate http://127.0.0.1:8200/v1/sys/health?standbyok=true\\&sealedok=true\\&uninitok=true > /dev/null 2>&1; then
echo "Vault is up and running!"
break
fi
if [ $i -eq 10 ]; then
echo "Timed out waiting for Vault to become available"
exit 1
fi
echo "Vault is unavailable - sleeping (attempt $i/10)"
sleep 2
done
# Build and run the Rust application with the server command
echo "Building and running the vault-hier server..."
echo "Using API port: $API_PORT"
cargo build && cargo run server --vault-addr "$VAULT_ADDR" --api-port $API_PORT > ./api_server.log 2>&1 &
SERVER_PID=$!
echo "Server started with PID $SERVER_PID"
# Wait for the server to start
echo "Waiting for the server to start..."
sleep 10 # Increased wait time to ensure server is ready
# Test the server with some client operations
echo "Testing the client operations..."
# Create a sample file for testing
echo "Creating a sample file for testing..."
echo "This is a test document" > test_document.txt
# Test login with legal1 user
echo "Testing login with legal1 user..."
LOGIN_OUTPUT=$(cargo run login --username legal1 --password legal1pass --api-url "$API_URL")
echo "$LOGIN_OUTPUT"
LEGAL_TOKEN=$(echo "$LOGIN_OUTPUT" | grep "Token:" | awk '{print $2}' | tr -d '"')
if [ -z "$LEGAL_TOKEN" ]; then
echo "Login failed for legal1. Could not get token."
handle_error
fi
echo "Login successful for legal1, got token: ${LEGAL_TOKEN:0:8}..."
# Test upload document
echo "Testing document upload..."
UPLOAD_OUTPUT=$(cargo run upload --name "Test Document" --file test_document.txt --api-url "$API_URL")
echo "$UPLOAD_OUTPUT"
DOC_ID=$(echo "$UPLOAD_OUTPUT" | grep "Document ID:" | awk '{print $3}' | tr -d '"')
if [ -z "$DOC_ID" ]; then
echo "Upload failed. Could not get document ID."
handle_error
fi
echo "Upload successful, got document ID: $DOC_ID"
# Test using direct curl with the legal token
echo "Testing document signing with legal token via curl..."
echo "Using token: $LEGAL_TOKEN"
SIGN_OUTPUT=$(curl -s -X POST "$API_URL/api/documents/$DOC_ID/sign" \
-H "Content-Type: application/json" \
-d "{\"username\":\"legal1\",\"token\":\"$LEGAL_TOKEN\"}")
echo "$SIGN_OUTPUT"
if echo "$SIGN_OUTPUT" | grep -q "signatures"; then
echo "Document signed successfully"
else
echo "Signing failed with curl. Trying with finance user..."
# Try with finance user
echo "Testing login with finance1 user..."
LOGIN_OUTPUT=$(cargo run login --username finance1 --password finance1pass --api-url "$API_URL")
echo "$LOGIN_OUTPUT"
FINANCE_TOKEN=$(echo "$LOGIN_OUTPUT" | grep "Token:" | awk '{print $2}' | tr -d '"')
if [ -z "$FINANCE_TOKEN" ]; then
echo "Login failed for finance1. Could not get token."
handle_error
fi
echo "Login successful for finance1, got token: ${FINANCE_TOKEN:0:8}..."
echo "Testing document signing with finance token via curl..."
SIGN_OUTPUT=$(curl -s -X POST "$API_URL/api/documents/$DOC_ID/sign" \
-H "Content-Type: application/json" \
-d "{\"username\":\"finance1\",\"token\":\"$FINANCE_TOKEN\"}")
echo "$SIGN_OUTPUT"
if ! echo "$SIGN_OUTPUT" | grep -q "signatures"; then
echo "Signing failed with both legal and finance users. Skipping rest of test."
handle_error
fi
fi
# Test verification
echo "Testing document verification..."
VERIFY_OUTPUT=$(cargo run verify --document-id "$DOC_ID" --api-url "$API_URL")
echo "$VERIFY_OUTPUT"
if echo "$VERIFY_OUTPUT" | grep -q "Verification result"; then
echo "Verification successful"
else
echo "Verification failed"
handle_error
fi
# Test getting document details
echo "Testing get document details..."
GET_OUTPUT=$(cargo run get --document-id "$DOC_ID" --api-url "$API_URL")
echo "$GET_OUTPUT"
if echo "$GET_OUTPUT" | grep -q "Document details"; then
echo "Get document successful"
else
echo "Get document failed"
handle_error
fi
# Check if the credentials file was created
if [ -f "vault-credentials.txt" ] || [ -f "vault-credentials.json" ]; then
echo "Test successful! Credentials were saved"
if [ -f "vault-credentials.txt" ]; then
# Extract the unseal keys for demonstration
UNSEAL_KEYS=$(grep "Key" vault-credentials.txt | head -n 3 | awk '{print $3}')
ROOT_TOKEN=$(grep "Root Token" vault-credentials.txt | awk '{print $3}')
echo "Root Token: $ROOT_TOKEN"
echo "First 3 Unseal Keys (needed for threshold):"
echo "$UNSEAL_KEYS"
fi
fi
echo -e "\nTest complete! All tests passed."
Reference in a new issue View git blame Copy permalink