Version: v0.11.1 Latest Latest

This package is not in the latest version of its module.

Go to latest
Published: Nov 23, 2022 License: MPL-2.0 Imports: 119 Imported by: 0




View Source
const (
	DefaultOrgId                             = "o_1234567890"
	DefaultProjectId                         = "p_1234567890"
	DefaultTestPasswordAuthMethodId          = "ampw_1234567890"
	DefaultTestOidcAuthMethodId              = "amoidc_1234567890"
	DefaultTestLoginName                     = "admin"
	DefaultTestUnprivilegedLoginName         = "user"
	DefaultTestPassword                      = "passpass"
	DefaultTestUserId                        = "u_1234567890"
	DefaultTestPasswordAccountId             = intglobals.NewPasswordAccountPrefix + "_1234567890"
	DefaultTestOidcAccountId                 = "acctoidc_1234567890"
	DefaultTestUnprivilegedPasswordAccountId = intglobals.NewPasswordAccountPrefix + "_0987654321"
	DefaultTestUnprivilegedOidcAccountId     = "acctoidc_0987654321"
	DefaultTestPluginId                      = "pl_1234567890"


View Source
var NonceCleanupInterval = 2 * time.Minute

This is exported so it can be tweaked in tests


This section is empty.


type Config

type Config struct {
	// The base Server object, containing things shared between Controllers and
	// Workers
	// The underlying configuration, passed in here to avoid duplicating values
	// everywhere
	RawConfig *config.Config
	// If set, authorization checking occurrs but failures are ignored
	DisableAuthorizationFailures bool

func TestControllerConfig

func TestControllerConfig(t testing.TB, ctx context.Context, tc *TestController, opts *TestControllerOpts) *Config

TestControllerConfig provides a way to create a config for a TestController. The tc passed as a parameter will be modified by this func.

type Controller

type Controller struct {

	// Repo factory methods
	AuthTokenRepoFn         common.AuthTokenRepoFactory
	VaultCredentialRepoFn   common.VaultCredentialRepoFactory
	StaticCredentialRepoFn  common.StaticCredentialRepoFactory
	IamRepoFn               common.IamRepoFactory
	OidcRepoFn              common.OidcAuthRepoFactory
	PasswordAuthRepoFn      common.PasswordAuthRepoFactory
	ServersRepoFn           common.ServersRepoFactory
	SessionRepoFn           session.RepositoryFactory
	ConnectionRepoFn        common.ConnectionRepoFactory
	StaticHostRepoFn        common.StaticRepoFactory
	PluginHostRepoFn        common.PluginHostRepoFactory
	HostPluginRepoFn        common.HostPluginRepoFactory
	TargetRepoFn            target.RepositoryFactory
	WorkerAuthRepoStorageFn common.WorkerAuthRepoStorageFactory

	// Used to signal the Health Service to start
	// replying to queries with "503 Service Unavailable".
	HealthService *health.Service
	// contains filtered or unexported fields

func New

func New(ctx context.Context, conf *Config) (*Controller, error)

func (*Controller) GetHealthHandler

func (c *Controller) GetHealthHandler(lcfg *listenerutil.ListenerConfig) (http.Handler, error)

GetHealthHandler returns a gRPC Gateway mux that is registered against the controller's gRPC health service to make it accessible from an HTTP API.

func (*Controller) Shutdown

func (c *Controller) Shutdown() error

func (*Controller) Start

func (c *Controller) Start() error

func (*Controller) WorkerStatusUpdateTimes

func (c *Controller) WorkerStatusUpdateTimes() *sync.Map

WorkerStatusUpdateTimes returns the map, which specifically is held in _this_ controller, not the DB. It's used in tests to verify that a given controller is receiving updates from an expected set of workers, to test out balancing and auto reconnection.

type HandlerProperties

type HandlerProperties struct {
	ListenerConfig *listenerutil.ListenerConfig
	CancelCtx      context.Context

type TestController

type TestController struct {
	// contains filtered or unexported fields

TestController wraps a base.Server and Controller to provide a fully-programmatic controller for tests. Error checking (for instance, for valid config) is not stringent at the moment.

func NewTestController

func NewTestController(t testing.TB, opts *TestControllerOpts) *TestController

func (*TestController) AddClusterControllerMember

func (tc *TestController) AddClusterControllerMember(t testing.TB, opts *TestControllerOpts) *TestController

func (*TestController) ApiAddrs

func (tc *TestController) ApiAddrs() []string

func (*TestController) AuthTokenRepo

func (tc *TestController) AuthTokenRepo() *authtoken.Repository

func (*TestController) Cancel

func (tc *TestController) Cancel()

func (*TestController) Client

func (tc *TestController) Client() *api.Client

func (*TestController) ClusterAddrs

func (tc *TestController) ClusterAddrs() []string

func (*TestController) Config

func (tc *TestController) Config() *Config

func (*TestController) ConnectionsRepo

func (tc *TestController) ConnectionsRepo() *session.ConnectionRepository

func (*TestController) Context

func (tc *TestController) Context() context.Context

func (*TestController) Controller

func (tc *TestController) Controller() *Controller

Controller returns the underlying controller

func (*TestController) DbConn

func (tc *TestController) DbConn() *db.DB

func (*TestController) IamRepo

func (tc *TestController) IamRepo() *iam.Repository

func (*TestController) Kms

func (tc *TestController) Kms() *kms.Kms

func (*TestController) Logger

func (tc *TestController) Logger() hclog.Logger

func (*TestController) Name

func (tc *TestController) Name() string

func (*TestController) Server

func (tc *TestController) Server() *base.Server

Server returns the underlying base server

func (*TestController) ServersRepo

func (tc *TestController) ServersRepo() *server.Repository

func (*TestController) Shutdown

func (tc *TestController) Shutdown()

Shutdown runs any cleanup functions; be sure to run this after your test is done

func (*TestController) Token

func (tc *TestController) Token() *authtokens.AuthToken

func (*TestController) UnprivilegedToken

func (tc *TestController) UnprivilegedToken() *authtokens.AuthToken

func (*TestController) WaitForNextWorkerStatusUpdate

func (tc *TestController) WaitForNextWorkerStatusUpdate(workerStatusName string) error

WaitForNextWorkerStatusUpdate waits for the next status check from a worker to come in. If it does not come in within the default status grace period, this function returns an error.

type TestControllerOpts

type TestControllerOpts struct {
	// ConfigHcl is the HCL to be parsed to generate the initial config.
	// Overrides Config if both are set.
	ConfigHcl string

	// Config; if not provided a dev one will be created, unless ConfigHcl is
	// set.
	Config *config.Config

	// DefaultPasswordAuthMethodId is the default password method ID to use, if set.
	DefaultPasswordAuthMethodId string

	// DefaultOidcAuthMethodId is the default OIDC method ID to use, if set.
	DefaultOidcAuthMethodId string

	// DefaultLoginName is the login name used when creating the default admin account.
	DefaultLoginName string

	// DefaultUnprivilegedLoginName is the login name used when creating the default unprivileged account.
	DefaultUnprivilegedLoginName string

	// DefaultPassword is the password used when creating the default accounts.
	DefaultPassword string

	// DisableInitialLoginRoleCreation can be set true to disable creating the
	// global scope login role automatically.
	DisableInitialLoginRoleCreation bool

	// DisableAuthMethodCreation can be set true to disable creating an auth
	// method automatically.
	DisableAuthMethodCreation bool

	// DisableOidcAuthMethodCreation can be set true to disable the built-in
	// OIDC listener. Useful for e.g. unix listener tests.
	DisableOidcAuthMethodCreation bool

	// DisableScopesCreation can be set true to disable creating scopes
	// automatically.
	DisableScopesCreation bool

	// DisableHostResourcesCreation can be set true to disable creating a host
	// catalog and related resources automatically.
	DisableHostResourcesCreation bool

	// DisableTargetCreation can be set true to disable creating a target
	// automatically.
	DisableTargetCreation bool

	// DisableDatabaseCreation can be set true to disable creating a dev
	// database
	DisableDatabaseCreation bool

	// DisableDatabaseDestruction can be set true to allow a database to be
	// created but examined after-the-fact
	DisableDatabaseDestruction bool

	// DatabaseUrl will cause the test controller to connect to an existing
	// database given the url instead of creating a new one
	DatabaseUrl string

	// DisableDatabaseTemplate forces using a fresh Postgres instance in Docker
	// instead of using a local templated version. Useful for CI of external
	// repos, like Terraform.
	DisableDatabaseTemplate bool

	// If true, the controller will not be started
	DisableAutoStart bool

	// DisableEventing, if true the test controller will not create events
	// You must not run the test in parallel (no calls to t.Parallel) since the
	// this option relies on modifying the system wide default eventer.
	DisableEventing bool

	// DisableAuthorizationFailures will still cause authz checks to be
	// performed but they won't cause 403 Forbidden. Useful for API-level
	// testing to avoid a lot of faff.
	DisableAuthorizationFailures bool

	// The controller KMS to use, or one will be created
	RootKms wrapping.Wrapper

	// The worker auth KMS to use, or one will be created
	WorkerAuthKms wrapping.Wrapper

	// The recovery KMS to use, or one will be created
	RecoveryKms wrapping.Wrapper

	// Disables KMS key creation. Only valid when a database url is specified,
	// at the moment.
	DisableKmsKeyCreation bool

	// The name to use for the controller, otherwise one will be randomly
	// generated, unless provided in a non-nil Config
	Name string

	// The suffix to use for initial resources
	InitialResourcesSuffix string

	// The logger to use, or one will be created
	Logger hclog.Logger

	// The registerer to use for registering all the collectors.  Nil means
	// no metrics are registered.
	PrometheusRegisterer prometheus.Registerer

	// A cluster address for overriding the advertised controller listener
	// (overrides address provided in config, if any)
	PublicClusterAddr string

	// The amount of time to wait before marking connections as canceling when a
	// worker has not reported in
	WorkerStatusGracePeriodDuration time.Duration

	// The period of time after which it will consider other controllers to be
	// no longer accessible, based on time since their last status update in the
	// database
	LivenessTimeToStaleDuration time.Duration

	// The amount of time between the scheduler waking up to run it's registered
	// jobs.
	SchedulerRunJobInterval time.Duration


Path Synopsis
Package common contains types and helper functions that are used across the different packages under internal/server/controller.
Package common contains types and helper functions that are used across the different packages under internal/server/controller.
Package metric provides functions to initialize the controller specific collectors and hooks to measure metrics and update the relevant collectors.
Package metric provides functions to initialize the controller specific collectors and hooks to measure metrics and update the relevant collectors.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL