/*
* Copyright 2016-2020 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* https://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.cloud.vault.config.databases;
import java.net.InetSocketAddress;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.SQLException;
import java.util.Collections;
import javax.sql.DataSource;
import org.junit.BeforeClass;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.cloud.vault.util.CanConnect;
import org.springframework.cloud.vault.util.VaultRule;
import org.springframework.test.context.junit4.SpringRunner;
import org.springframework.vault.core.VaultOperations;
import static org.assertj.core.api.Assertions.assertThat;
import static org.junit.Assume.assumeTrue;
/**
* Integration tests using the postgresql secret backend. In case this test should fail
* because of SSL make sure you run the test within the
* spring-cloud-vault-config/spring-cloud-vault-config directory as the keystore is
* referenced with {@code ../work/keystore.jks}.
*
* @author Mark Paluch
*/
@RunWith(SpringRunner.class)
@SpringBootTest(classes = VaultConfigPostgreSqlTests.TestApplication.class, properties = {
"spring.cloud.vault.postgresql.enabled=true",
"spring.cloud.vault.postgresql.role=readonly",
"spring.datasource.url=jdbc:postgresql://localhost:5432/postgres?ssl=false",
"spring.main.allow-bean-definition-overriding=true" })
public class VaultConfigPostgreSqlTests {
private static final String POSTGRES_HOST = "localhost";
private static final int POSTGRES_PORT = 5432;
private static final String CONNECTION_URL = String.format(
"postgresql://springvault:springvault@%s:%d/postgres?sslmode=disable",
POSTGRES_HOST, POSTGRES_PORT);
private static final String CREATE_USER_AND_GRANT_SQL = "CREATE ROLE \"{{name}}\" WITH "
+ "LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}';\n"
+ "GRANT SELECT ON ALL TABLES IN SCHEMA public TO \"{{name}}\";";
@Value("${spring.datasource.username}")
String username;
@Value("${spring.datasource.password}")
String password;
@Autowired
DataSource dataSource;
/**
* Initialize the postgresql secret backend.
*/
@BeforeClass
public static void beforeClass() {
assumeTrue(CanConnect.to(new InetSocketAddress(POSTGRES_HOST, POSTGRES_PORT)));
VaultRule vaultRule = new VaultRule();
vaultRule.before();
if (!vaultRule.prepare().hasSecretBackend("postgresql")) {
vaultRule.prepare().mountSecret("postgresql");
}
VaultOperations vaultOperations = vaultRule.prepare().getVaultOperations();
vaultOperations.write("postgresql/config/connection",
Collections.singletonMap("connection_url", CONNECTION_URL));
vaultOperations.write("postgresql/roles/readonly",
Collections.singletonMap("sql", CREATE_USER_AND_GRANT_SQL));
}
@Test
public void shouldConnectUsingDataSource() throws SQLException {
Connection connection = this.dataSource.getConnection();
assertThat(connection.getSchema()).isEqualTo("public");
connection.close();
}
@Test
public void shouldConnectUsingJdbcUrlConnection() throws SQLException {
String url = String.format("jdbc:postgresql://%s:%d/postgres?ssl=false",
POSTGRES_HOST, POSTGRES_PORT);
DriverManager.getConnection(url, this.username, this.password).close();
}
@SpringBootApplication
public static class TestApplication {
public static void main(String[] args) {
SpringApplication.run(TestApplication.class, args);
}
}
}
