1package server 2 3import ( 4 "reflect" 5 "strings" 6 "testing" 7 "time" 8 9 "github.com/hashicorp/hcl" 10 "github.com/hashicorp/hcl/hcl/ast" 11) 12 13func TestLoadConfigFile(t *testing.T) { 14 config, err := LoadConfigFile("./test-fixtures/config.hcl") 15 if err != nil { 16 t.Fatalf("err: %s", err) 17 } 18 19 expected := &Config{ 20 Listeners: []*Listener{ 21 &Listener{ 22 Type: "tcp", 23 Config: map[string]interface{}{ 24 "address": "127.0.0.1:443", 25 }, 26 }, 27 }, 28 29 Storage: &Storage{ 30 Type: "consul", 31 RedirectAddr: "foo", 32 Config: map[string]string{ 33 "foo": "bar", 34 }, 35 }, 36 37 HAStorage: &Storage{ 38 Type: "consul", 39 RedirectAddr: "snafu", 40 Config: map[string]string{ 41 "bar": "baz", 42 }, 43 DisableClustering: true, 44 }, 45 46 Telemetry: &Telemetry{ 47 StatsdAddr: "bar", 48 StatsiteAddr: "foo", 49 DisableHostname: false, 50 DogStatsDAddr: "127.0.0.1:7254", 51 DogStatsDTags: []string{"tag_1:val_1", "tag_2:val_2"}, 52 PrometheusRetentionTime: prometheusDefaultRetentionTime, 53 }, 54 55 DisableCache: true, 56 DisableCacheRaw: true, 57 DisableMlock: true, 58 DisableMlockRaw: true, 59 DisablePrintableCheckRaw: true, 60 DisablePrintableCheck: true, 61 EnableUI: true, 62 EnableUIRaw: true, 63 64 EnableRawEndpoint: true, 65 EnableRawEndpointRaw: true, 66 67 DisableSealWrap: true, 68 DisableSealWrapRaw: true, 69 70 MaxLeaseTTL: 10 * time.Hour, 71 MaxLeaseTTLRaw: "10h", 72 DefaultLeaseTTL: 10 * time.Hour, 73 DefaultLeaseTTLRaw: "10h", 74 ClusterName: "testcluster", 75 76 PidFile: "./pidfile", 77 } 78 if !reflect.DeepEqual(config, expected) { 79 t.Fatalf("expected \n\n%#v\n\n to be \n\n%#v\n\n", config, expected) 80 } 81} 82 83func TestLoadConfigFile_topLevel(t *testing.T) { 84 config, err := LoadConfigFile("./test-fixtures/config2.hcl") 85 if err != nil { 86 t.Fatalf("err: %s", err) 87 } 88 89 expected := &Config{ 90 Listeners: []*Listener{ 91 &Listener{ 92 Type: "tcp", 93 Config: map[string]interface{}{ 94 "address": "127.0.0.1:443", 95 }, 96 }, 97 }, 98 99 Storage: &Storage{ 100 Type: "consul", 101 RedirectAddr: "top_level_api_addr", 102 ClusterAddr: "top_level_cluster_addr", 103 Config: map[string]string{ 104 "foo": "bar", 105 }, 106 }, 107 108 HAStorage: &Storage{ 109 Type: "consul", 110 RedirectAddr: "top_level_api_addr", 111 ClusterAddr: "top_level_cluster_addr", 112 Config: map[string]string{ 113 "bar": "baz", 114 }, 115 DisableClustering: true, 116 }, 117 118 Telemetry: &Telemetry{ 119 StatsdAddr: "bar", 120 StatsiteAddr: "foo", 121 DisableHostname: false, 122 DogStatsDAddr: "127.0.0.1:7254", 123 DogStatsDTags: []string{"tag_1:val_1", "tag_2:val_2"}, 124 PrometheusRetentionTime: 30 * time.Second, 125 PrometheusRetentionTimeRaw: "30s", 126 }, 127 128 DisableCache: true, 129 DisableCacheRaw: true, 130 DisableMlock: true, 131 DisableMlockRaw: true, 132 EnableUI: true, 133 EnableUIRaw: true, 134 135 EnableRawEndpoint: true, 136 EnableRawEndpointRaw: true, 137 138 DisableSealWrap: true, 139 DisableSealWrapRaw: true, 140 141 MaxLeaseTTL: 10 * time.Hour, 142 MaxLeaseTTLRaw: "10h", 143 DefaultLeaseTTL: 10 * time.Hour, 144 DefaultLeaseTTLRaw: "10h", 145 ClusterName: "testcluster", 146 147 PidFile: "./pidfile", 148 149 APIAddr: "top_level_api_addr", 150 ClusterAddr: "top_level_cluster_addr", 151 } 152 if !reflect.DeepEqual(config, expected) { 153 t.Fatalf("expected \n\n%#v\n\n to be \n\n%#v\n\n", config, expected) 154 } 155} 156 157func TestLoadConfigFile_json(t *testing.T) { 158 config, err := LoadConfigFile("./test-fixtures/config.hcl.json") 159 if err != nil { 160 t.Fatalf("err: %s", err) 161 } 162 163 expected := &Config{ 164 Listeners: []*Listener{ 165 &Listener{ 166 Type: "tcp", 167 Config: map[string]interface{}{ 168 "address": "127.0.0.1:443", 169 }, 170 }, 171 }, 172 173 Storage: &Storage{ 174 Type: "consul", 175 Config: map[string]string{ 176 "foo": "bar", 177 }, 178 DisableClustering: true, 179 }, 180 181 ClusterCipherSuites: "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", 182 183 Telemetry: &Telemetry{ 184 StatsiteAddr: "baz", 185 StatsdAddr: "", 186 DisableHostname: false, 187 CirconusAPIToken: "", 188 CirconusAPIApp: "", 189 CirconusAPIURL: "", 190 CirconusSubmissionInterval: "", 191 CirconusCheckSubmissionURL: "", 192 CirconusCheckID: "", 193 CirconusCheckForceMetricActivation: "", 194 CirconusCheckInstanceID: "", 195 CirconusCheckSearchTag: "", 196 CirconusCheckDisplayName: "", 197 CirconusCheckTags: "", 198 CirconusBrokerID: "", 199 CirconusBrokerSelectTag: "", 200 PrometheusRetentionTime: prometheusDefaultRetentionTime, 201 }, 202 203 MaxLeaseTTL: 10 * time.Hour, 204 MaxLeaseTTLRaw: "10h", 205 DefaultLeaseTTL: 10 * time.Hour, 206 DefaultLeaseTTLRaw: "10h", 207 ClusterName: "testcluster", 208 DisableCacheRaw: interface{}(nil), 209 DisableMlockRaw: interface{}(nil), 210 EnableUI: true, 211 EnableUIRaw: true, 212 PidFile: "./pidfile", 213 EnableRawEndpoint: true, 214 EnableRawEndpointRaw: true, 215 DisableSealWrap: true, 216 DisableSealWrapRaw: true, 217 } 218 if !reflect.DeepEqual(config, expected) { 219 t.Fatalf("expected \n\n%#v\n\n to be \n\n%#v\n\n", config, expected) 220 } 221} 222 223func TestLoadConfigFile_json2(t *testing.T) { 224 config, err := LoadConfigFile("./test-fixtures/config2.hcl.json") 225 if err != nil { 226 t.Fatalf("err: %s", err) 227 } 228 229 expected := &Config{ 230 Listeners: []*Listener{ 231 &Listener{ 232 Type: "tcp", 233 Config: map[string]interface{}{ 234 "address": "127.0.0.1:443", 235 }, 236 }, 237 &Listener{ 238 Type: "tcp", 239 Config: map[string]interface{}{ 240 "address": "127.0.0.1:444", 241 }, 242 }, 243 }, 244 245 Storage: &Storage{ 246 Type: "consul", 247 Config: map[string]string{ 248 "foo": "bar", 249 }, 250 DisableClustering: true, 251 }, 252 253 HAStorage: &Storage{ 254 Type: "consul", 255 Config: map[string]string{ 256 "bar": "baz", 257 }, 258 }, 259 260 CacheSize: 45678, 261 262 EnableUI: true, 263 264 EnableRawEndpoint: true, 265 266 DisableSealWrap: true, 267 268 Telemetry: &Telemetry{ 269 StatsiteAddr: "foo", 270 StatsdAddr: "bar", 271 DisableHostname: true, 272 CirconusAPIToken: "0", 273 CirconusAPIApp: "vault", 274 CirconusAPIURL: "http://api.circonus.com/v2", 275 CirconusSubmissionInterval: "10s", 276 CirconusCheckSubmissionURL: "https://someplace.com/metrics", 277 CirconusCheckID: "0", 278 CirconusCheckForceMetricActivation: "true", 279 CirconusCheckInstanceID: "node1:vault", 280 CirconusCheckSearchTag: "service:vault", 281 CirconusCheckDisplayName: "node1:vault", 282 CirconusCheckTags: "cat1:tag1,cat2:tag2", 283 CirconusBrokerID: "0", 284 CirconusBrokerSelectTag: "dc:sfo", 285 PrometheusRetentionTime: 30 * time.Second, 286 PrometheusRetentionTimeRaw: "30s", 287 }, 288 } 289 if !reflect.DeepEqual(config, expected) { 290 } 291} 292 293func TestLoadConfigDir(t *testing.T) { 294 config, err := LoadConfigDir("./test-fixtures/config-dir") 295 if err != nil { 296 t.Fatalf("err: %s", err) 297 } 298 299 expected := &Config{ 300 DisableCache: true, 301 DisableMlock: true, 302 303 DisableClustering: false, 304 DisableClusteringRaw: false, 305 306 APIAddr: "https://vault.local", 307 ClusterAddr: "https://127.0.0.1:444", 308 309 Listeners: []*Listener{ 310 &Listener{ 311 Type: "tcp", 312 Config: map[string]interface{}{ 313 "address": "127.0.0.1:443", 314 }, 315 }, 316 }, 317 318 Storage: &Storage{ 319 Type: "consul", 320 Config: map[string]string{ 321 "foo": "bar", 322 }, 323 RedirectAddr: "https://vault.local", 324 ClusterAddr: "https://127.0.0.1:444", 325 DisableClustering: false, 326 }, 327 328 EnableUI: true, 329 330 EnableRawEndpoint: true, 331 332 Telemetry: &Telemetry{ 333 StatsiteAddr: "qux", 334 StatsdAddr: "baz", 335 DisableHostname: true, 336 PrometheusRetentionTime: prometheusDefaultRetentionTime, 337 }, 338 339 MaxLeaseTTL: 10 * time.Hour, 340 DefaultLeaseTTL: 10 * time.Hour, 341 ClusterName: "testcluster", 342 } 343 if !reflect.DeepEqual(config, expected) { 344 t.Fatalf("expected \n\n%#v\n\n to be \n\n%#v\n\n", config, expected) 345 } 346} 347 348func TestParseListeners(t *testing.T) { 349 obj, _ := hcl.Parse(strings.TrimSpace(` 350listener "tcp" { 351 address = "127.0.0.1:443" 352 cluster_address = "127.0.0.1:8201" 353 tls_disable = false 354 tls_cert_file = "./certs/server.crt" 355 tls_key_file = "./certs/server.key" 356 tls_client_ca_file = "./certs/rootca.crt" 357 tls_min_version = "tls12" 358 tls_require_and_verify_client_cert = true 359 tls_disable_client_certs = true 360}`)) 361 362 var config Config 363 list, _ := obj.Node.(*ast.ObjectList) 364 objList := list.Filter("listener") 365 parseListeners(&config, objList) 366 listeners := config.Listeners 367 if len(listeners) == 0 { 368 t.Fatalf("expected at least one listener in the config") 369 } 370 listener := listeners[0] 371 if listener.Type != "tcp" { 372 t.Fatalf("expected tcp listener in the config") 373 } 374 375 expected := &Config{ 376 Listeners: []*Listener{ 377 &Listener{ 378 Type: "tcp", 379 Config: map[string]interface{}{ 380 "address": "127.0.0.1:443", 381 "cluster_address": "127.0.0.1:8201", 382 "tls_disable": false, 383 "tls_cert_file": "./certs/server.crt", 384 "tls_key_file": "./certs/server.key", 385 "tls_client_ca_file": "./certs/rootca.crt", 386 "tls_min_version": "tls12", 387 "tls_require_and_verify_client_cert": true, 388 "tls_disable_client_certs": true, 389 }, 390 }, 391 }, 392 } 393 394 if !reflect.DeepEqual(config, *expected) { 395 t.Fatalf("expected \n\n%#v\n\n to be \n\n%#v\n\n", config, *expected) 396 } 397 398} 399