README
¶
Tests
This folder contains automated tests for this Module. All of the tests are written in Go. Most of these are "integration tests" that deploy real infrastructure using Terraform and verify that infrastructure works as expected using a helper library called Terratest.
WARNING WARNING WARNING
Note #1: Many of these tests create real resources in an AWS account and then try to clean those resources up at the end of a test run. That means these tests may cost you money to run! When adding tests, please be considerate of the resources you create and take extra care to clean everything up when you're done!
Note #2: Never forcefully shut the tests down (e.g. by hitting CTRL + C) or the cleanup tasks won't run!
Note #3: We set -timeout 60m on all tests not because they necessarily take that long, but because Go has a
default test timeout of 10 minutes, after which it forcefully kills the tests with a SIGQUIT, preventing the cleanup
tasks from running. Therefore, we set an overlying long timeout to make sure all tests have enough time to finish and
clean up.
Running the tests
Prerequisites
- Install the latest version of Go.
- Install dep for Go dependency management.
- Install Terraform.
- Configure your AWS credentials using one of the options supported by the AWS
SDK. Usually, the easiest option is to
set the
AWS_ACCESS_KEY_IDandAWS_SECRET_ACCESS_KEYenvironment variables.
One-time setup
Download Go dependencies using dep:
cd test
dep ensure
Run all the tests
cd test
go test -v -timeout 60m
Run a specific test
To run a specific test called TestFoo:
cd test
go test -v -timeout 60m -run TestFoo
Special note on the root-example test
As part of the tests for the root example, we try to connect to the Vault cluster via its ELB. If you've configure the test to set up a Route 53 domain name for the ELB, the tests will try to talk to Vault via this domain name; otherwise, they will talk directly to the ELB's domain name, albeit with the TLS check disabled, as the TLS cert will not include the ELB's domain name (since that's generated dynamically).
To tell the tests to use a Route 53 domain name for the ELB, specify the domain to use (which must already be
configured with a Route 53 hosted zone in your AWS account!) using the VAULT_HOSTED_ZONE_DOMAIN_NAME environment
variable:
cd test
export VAULT_HOSTED_ZONE_DOMAIN_NAME="gruntwork.in"
go test -v -timeout 60m
Documentation
¶
Index ¶
Constants ¶
const ( Leader VaultStatus = 200 Standby = 429 Uninitialized = 501 Sealed = 503 )
const AMI_VAR_AWS_REGION = "aws_region"
const AMI_VAR_CA_PUBLIC_KEY = "ca_public_key_path"
const AMI_VAR_TLS_PRIVATE_KEY = "tls_private_key_path"
const AMI_VAR_TLS_PUBLIC_KEY = "tls_public_key_path"
const AMI_VAR_VAULT_DOWNLOAD_URL = "VAULT_DOWNLOAD_URL"
const ENV_VAR_AWS_REGION = "AWS_DEFAULT_REGION"
const OUTPUT_VAULT_CLUSTER_ASG_NAME = "asg_name_vault_cluster"
const PRIVATE_TLS_CERT_PATH = "modules/private-tls-cert"
const REPO_ROOT = "../"
const SAVED_TLS_CERT = "TlsCert"
const VAR_AMI_ID = "ami_id"
const VAR_CA_COMMON_NAME = "ca_common_name"
const VAR_CA_PUBLIC_KEY_FILE_PATH = "ca_public_key_file_path"
const VAR_COMMON_NAME = "common_name"
const VAR_CONSUL_CLUSTER_NAME = "consul_cluster_name"
const VAR_CONSUL_CLUSTER_TAG_KEY = "consul_cluster_tag_key"
const VAR_DNS_NAMES = "dns_names"
const VAR_IP_ADDRESSES = "ip_addresses"
const VAR_ORGANIZATION_NAME = "organization_name"
const VAR_OWNER = "owner"
const VAR_PRIVATE_KEY_FILE_PATH = "private_key_file_path"
const VAR_PUBLIC_KEY_FILE_PATH = "public_key_file_path"
const VAR_SSH_KEY_NAME = "ssh_key_name"
const VAR_VALIDITY_PERIOD_HOURS = "validity_period_hours"
const VAR_VAULT_CLUSTER_NAME = "vault_cluster_name"
const VAR_VAULT_CLUSTER_SIZE = "vault_cluster_size"
const VAULT_CLUSTER_PUBLIC_OUTPUT_ELB_DNS_NAME = "vault_elb_dns_name"
const VAULT_CLUSTER_PUBLIC_OUTPUT_FQDN = "vault_fully_qualified_domain_name"
const WORK_DIR = "./"
Variables ¶
var UnsealKeyRegex = regexp.MustCompile("^Unseal Key \\d: (.+)$")
Functions ¶
This section is empty.
Source Files