VaultClientWrapper fallback to auth config when vaultadmin config not…

… defined Issue: BB-622
scality · Nov 7, 2024 · 840f6bf · 840f6bf
1 parent 6694ca8
commit 840f6bf
Show file tree

Hide file tree

Showing 6 changed files with 70 additions and 1 deletion.
diff --git a/extensions/utils/VaultClientWrapper.js b/extensions/utils/VaultClientWrapper.js
@@ -1,3 +1,4 @@
+const assert = require('assert');
 const { ChainableTemporaryCredentials } = require('aws-sdk');
 const { errorUtils } = require('arsenal');
 
@@ -11,7 +12,8 @@ class VaultClientWrapper {
         this._authConfig = authConfig;
         this._transport = this._authConfig.transport;
         this._clientId = id;
-        this._vaultConf = vaultConf;
+        this._vaultConf = vaultConf || this._authConfig.vault;
+        assert(this._vaultConf, 'Vault configuration is missing');
         this.logger = logger;
 
         const Agent = this._transport === 'https' ? HttpsAgent.Agent : HttpAgent.Agent;

diff --git a/tests/functional/lifecycle/LifecycleConductor.spec.js b/tests/functional/lifecycle/LifecycleConductor.spec.js
@@ -180,6 +180,13 @@ describe('lifecycle conductor', function lifecycleConductor() {
                     backlogControl: {
                         enabled: true,
                     },
+                    auth: {
+                        type: 'none',
+                        vault: {
+                            host: '127.0.0.1',
+                            port: 8500,
+                        },
+                    },
                 },
                 bucketProcessor: {
                     groupId: 'a',
@@ -283,6 +290,13 @@ describe('lifecycle conductor', function lifecycleConductor() {
                     backlogControl: {
                         enabled: true,
                     },
+                    auth: {
+                        type: 'none',
+                        vault: {
+                            host: '127.0.0.1',
+                            port: 8500,
+                        },
+                    },
                 },
                 bucketProcessor: {
                     groupId: 'a',
@@ -546,6 +560,13 @@ describe('lifecycle conductor', function lifecycleConductor() {
                 bucketd: {
                     host: '127.0.0.1',
                 },
+                auth: {
+                    type: 'none',
+                    vault: {
+                        host: '127.0.0.1',
+                        port: 8500,
+                    },
+                },
             },
         },
         mockBucketd: true,

diff --git a/tests/functional/lifecycle/configObjects.js b/tests/functional/lifecycle/configObjects.js
@@ -24,6 +24,10 @@ const lcConfig = {
         cronRule: '*/5 * * * * *',
         concurrentIndexesBuildLimit: 2,
         bucketSource: 'mongodb',
+        vaultAdmin: {
+            host: '127.0.0.1',
+            port: 8500,
+        },
     },
     bucketProcessor: {
         groupId: `bucket-processor-test-${Math.random()}`,

diff --git a/tests/unit/gc/GarbageCollector.spec.js b/tests/unit/gc/GarbageCollector.spec.js
@@ -34,6 +34,10 @@ describe('garbage collector', function garbageCollector() {
                 consumer: {
                     groupId: 'backbeat-gc-consumer-group',
                 },
+                vaultAdmin: {
+                    host: '127.0.0.1',
+                    port: 8500,
+                },
             },
         });
         gcTask = new GarbageCollectorTask(gc);

diff --git a/tests/unit/lifecycle/LifecycleConductor.spec.js b/tests/unit/lifecycle/LifecycleConductor.spec.js
@@ -73,6 +73,10 @@ function makeLifecycleConductorWithFilters(options, markers) {
                     accounts: accountsDenied,
                 },
             },
+            vaultAdmin: {
+                host: '127.0.0.1',
+                port: 8500,
+            },
         },
     };
 

diff --git a/tests/unit/utils/VaultClientWrapper.spec.js b/tests/unit/utils/VaultClientWrapper.spec.js
@@ -0,0 +1,34 @@
+'use strict'; // eslint-disable-line
+
+const assert = require('assert');
+const sinon = require('sinon');
+
+const FakeLogger = require('../../utils/fakeLogger');
+const VaultClientWrapper = require('../../../extensions/utils/VaultClientWrapper');
+const { errors } = require('arsenal');
+
+describe('VaultClientWrapper', () => {
+    afterEach(() => {
+        sinon.restore();
+    });
+
+    describe('constructor', () => {
+        it('should fallback to authConfig vault if vaultConf is not provided', () => {
+            const vaultClientWrapper = new VaultClientWrapper(
+                'id',
+                undefined,
+                { type: 'none', vault: { host: '127.0.0.1', port: 8500 } },
+                FakeLogger,
+            );
+            assert.strictEqual(vaultClientWrapper._vaultConf.host, '127.0.0.1');
+            assert.strictEqual(vaultClientWrapper._vaultConf.port, 8500);
+        });
+
+        it('should throw an error if vault configuration is missing', () => {
+            assert.throws(() =>
+                new VaultClientWrapper('id', undefined, { type: 'none' }, FakeLogger),
+            );
+        });
+    });
+
+});