diff --git a/api/auth_token.go b/api/auth_token.go index 86595175bca0..b75e839acecf 100644 --- a/api/auth_token.go +++ b/api/auth_token.go @@ -15,14 +15,19 @@ func (a *Auth) Token() *TokenAuth { } func (c *TokenAuth) Create(opts *TokenCreateRequest) (*Secret, error) { + return c.CreateWithContext(context.Background(), opts) +} + +func (c *TokenAuth) CreateWithContext(ctx context.Context, opts *TokenCreateRequest) (*Secret, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + r := c.c.NewRequest("POST", "/v1/auth/token/create") if err := r.SetJSONBody(opts); err != nil { return nil, err } - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return nil, err } @@ -32,14 +37,19 @@ func (c *TokenAuth) Create(opts *TokenCreateRequest) (*Secret, error) { } func (c *TokenAuth) CreateOrphan(opts *TokenCreateRequest) (*Secret, error) { + return c.CreateOrphanWithContext(context.Background(), opts) +} + +func (c *TokenAuth) CreateOrphanWithContext(ctx context.Context, opts *TokenCreateRequest) (*Secret, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + r := c.c.NewRequest("POST", "/v1/auth/token/create-orphan") if err := r.SetJSONBody(opts); err != nil { return nil, err } - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return nil, err } @@ -49,14 +59,19 @@ func (c *TokenAuth) CreateOrphan(opts *TokenCreateRequest) (*Secret, error) { } func (c *TokenAuth) CreateWithRole(opts *TokenCreateRequest, roleName string) (*Secret, error) { + return c.CreateWithRoleWithContext(context.Background(), opts, roleName) +} + +func (c *TokenAuth) CreateWithRoleWithContext(ctx context.Context, opts *TokenCreateRequest, roleName string) (*Secret, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + r := c.c.NewRequest("POST", "/v1/auth/token/create/"+roleName) if err := r.SetJSONBody(opts); err != nil { return nil, err } - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return nil, err } @@ -66,6 +81,13 @@ func (c *TokenAuth) CreateWithRole(opts *TokenCreateRequest, roleName string) (* } func (c *TokenAuth) Lookup(token string) (*Secret, error) { + return c.LookupWithContext(context.Background(), token) +} + +func (c *TokenAuth) LookupWithContext(ctx context.Context, token string) (*Secret, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + r := c.c.NewRequest("POST", "/v1/auth/token/lookup") if err := r.SetJSONBody(map[string]interface{}{ "token": token, @@ -73,9 +95,7 @@ func (c *TokenAuth) Lookup(token string) (*Secret, error) { return nil, err } - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return nil, err } @@ -85,6 +105,13 @@ func (c *TokenAuth) Lookup(token string) (*Secret, error) { } func (c *TokenAuth) LookupAccessor(accessor string) (*Secret, error) { + return c.LookupAccessorWithContext(context.Background(), accessor) +} + +func (c *TokenAuth) LookupAccessorWithContext(ctx context.Context, accessor string) (*Secret, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + r := c.c.NewRequest("POST", "/v1/auth/token/lookup-accessor") if err := r.SetJSONBody(map[string]interface{}{ "accessor": accessor, @@ -92,9 +119,7 @@ func (c *TokenAuth) LookupAccessor(accessor string) (*Secret, error) { return nil, err } - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return nil, err } @@ -104,11 +129,16 @@ func (c *TokenAuth) LookupAccessor(accessor string) (*Secret, error) { } func (c *TokenAuth) LookupSelf() (*Secret, error) { - r := c.c.NewRequest("GET", "/v1/auth/token/lookup-self") + return c.LookupSelfWithContext(context.Background()) +} - ctx, cancelFunc := context.WithCancel(context.Background()) +func (c *TokenAuth) LookupSelfWithContext(ctx context.Context) (*Secret, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + + r := c.c.NewRequest("GET", "/v1/auth/token/lookup-self") + + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return nil, err } @@ -118,6 +148,13 @@ func (c *TokenAuth) LookupSelf() (*Secret, error) { } func (c *TokenAuth) RenewAccessor(accessor string, increment int) (*Secret, error) { + return c.RenewAccessorWithContext(context.Background(), accessor, increment) +} + +func (c *TokenAuth) RenewAccessorWithContext(ctx context.Context, accessor string, increment int) (*Secret, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + r := c.c.NewRequest("POST", "/v1/auth/token/renew-accessor") if err := r.SetJSONBody(map[string]interface{}{ "accessor": accessor, @@ -126,9 +163,7 @@ func (c *TokenAuth) RenewAccessor(accessor string, increment int) (*Secret, erro return nil, err } - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return nil, err } @@ -138,6 +173,13 @@ func (c *TokenAuth) RenewAccessor(accessor string, increment int) (*Secret, erro } func (c *TokenAuth) Renew(token string, increment int) (*Secret, error) { + return c.RenewWithContext(context.Background(), token, increment) +} + +func (c *TokenAuth) RenewWithContext(ctx context.Context, token string, increment int) (*Secret, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + r := c.c.NewRequest("PUT", "/v1/auth/token/renew") if err := r.SetJSONBody(map[string]interface{}{ "token": token, @@ -146,9 +188,7 @@ func (c *TokenAuth) Renew(token string, increment int) (*Secret, error) { return nil, err } - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return nil, err } @@ -158,6 +198,13 @@ func (c *TokenAuth) Renew(token string, increment int) (*Secret, error) { } func (c *TokenAuth) RenewSelf(increment int) (*Secret, error) { + return c.RenewSelfWithContext(context.Background(), increment) +} + +func (c *TokenAuth) RenewSelfWithContext(ctx context.Context, increment int) (*Secret, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + r := c.c.NewRequest("PUT", "/v1/auth/token/renew-self") body := map[string]interface{}{"increment": increment} @@ -165,9 +212,7 @@ func (c *TokenAuth) RenewSelf(increment int) (*Secret, error) { return nil, err } - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return nil, err } @@ -176,9 +221,17 @@ func (c *TokenAuth) RenewSelf(increment int) (*Secret, error) { return ParseSecret(resp.Body) } -// RenewTokenAsSelf behaves like renew-self, but authenticates using a provided -// token instead of the token attached to the client. +// RenewTokenAsSelf wraps RenewTokenAsSelfWithContext using context.Background. func (c *TokenAuth) RenewTokenAsSelf(token string, increment int) (*Secret, error) { + return c.RenewTokenAsSelfWithContext(context.Background(), token, increment) +} + +// RenewTokenAsSelfWithContext behaves like renew-self, but authenticates using a provided +// token instead of the token attached to the client. +func (c *TokenAuth) RenewTokenAsSelfWithContext(ctx context.Context, token string, increment int) (*Secret, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + r := c.c.NewRequest("PUT", "/v1/auth/token/renew-self") r.ClientToken = token @@ -187,9 +240,7 @@ func (c *TokenAuth) RenewTokenAsSelf(token string, increment int) (*Secret, erro return nil, err } - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return nil, err } @@ -198,9 +249,17 @@ func (c *TokenAuth) RenewTokenAsSelf(token string, increment int) (*Secret, erro return ParseSecret(resp.Body) } -// RevokeAccessor revokes a token associated with the given accessor -// along with all the child tokens. +// RevokeAccessor wraps RevokeAccessorWithContext using context.Background. func (c *TokenAuth) RevokeAccessor(accessor string) error { + return c.RevokeAccessorWithContext(context.Background(), accessor) +} + +// RevokeAccessorWithContext revokes a token associated with the given accessor +// along with all the child tokens. +func (c *TokenAuth) RevokeAccessorWithContext(ctx context.Context, accessor string) error { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + r := c.c.NewRequest("POST", "/v1/auth/token/revoke-accessor") if err := r.SetJSONBody(map[string]interface{}{ "accessor": accessor, @@ -208,9 +267,7 @@ func (c *TokenAuth) RevokeAccessor(accessor string) error { return err } - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return err } @@ -219,9 +276,17 @@ func (c *TokenAuth) RevokeAccessor(accessor string) error { return nil } -// RevokeOrphan revokes a token without revoking the tree underneath it (so -// child tokens are orphaned rather than revoked) +// RevokeOrphan wraps RevokeOrphanWithContext using context.Background. func (c *TokenAuth) RevokeOrphan(token string) error { + return c.RevokeOrphanWithContext(context.Background(), token) +} + +// RevokeOrphanWithContext revokes a token without revoking the tree underneath it (so +// child tokens are orphaned rather than revoked) +func (c *TokenAuth) RevokeOrphanWithContext(ctx context.Context, token string) error { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + r := c.c.NewRequest("PUT", "/v1/auth/token/revoke-orphan") if err := r.SetJSONBody(map[string]interface{}{ "token": token, @@ -229,9 +294,7 @@ func (c *TokenAuth) RevokeOrphan(token string) error { return err } - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return err } @@ -240,15 +303,21 @@ func (c *TokenAuth) RevokeOrphan(token string) error { return nil } -// RevokeSelf revokes the token making the call. The `token` parameter is kept +// RevokeSelf wraps RevokeSelfWithContext using context.Background. +func (c *TokenAuth) RevokeSelf(token string) error { + return c.RevokeSelfWithContext(context.Background(), token) +} + +// RevokeSelfWithContext revokes the token making the call. The `token` parameter is kept // for backwards compatibility but is ignored; only the client's set token has // an effect. -func (c *TokenAuth) RevokeSelf(token string) error { +func (c *TokenAuth) RevokeSelfWithContext(ctx context.Context, token string) error { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + r := c.c.NewRequest("PUT", "/v1/auth/token/revoke-self") - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return err } @@ -257,10 +326,18 @@ func (c *TokenAuth) RevokeSelf(token string) error { return nil } -// RevokeTree is the "normal" revoke operation that revokes the given token and +// RevokeTree wraps RevokeTreeWithContext using context.Background. +func (c *TokenAuth) RevokeTree(token string) error { + return c.RevokeTreeWithContext(context.Background(), token) +} + +// RevokeTreeWithContext is the "normal" revoke operation that revokes the given token and // the entire tree underneath -- all of its child tokens, their child tokens, // etc. -func (c *TokenAuth) RevokeTree(token string) error { +func (c *TokenAuth) RevokeTreeWithContext(ctx context.Context, token string) error { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + r := c.c.NewRequest("PUT", "/v1/auth/token/revoke") if err := r.SetJSONBody(map[string]interface{}{ "token": token, @@ -268,9 +345,7 @@ func (c *TokenAuth) RevokeTree(token string) error { return err } - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return err } diff --git a/api/client.go b/api/client.go index 3ce57a1de2e5..99813a21b19c 100644 --- a/api/client.go +++ b/api/client.go @@ -1097,6 +1097,9 @@ func (c *Client) NewRequest(method, requestPath string) *Request { // RawRequest performs the raw request given. This request may be against // a Vault server not configured with this client. This is an advanced operation // that generally won't need to be called externally. +// +// Deprecated: This method should not be used directly. Use higher level +// methods instead. func (c *Client) RawRequest(r *Request) (*Response, error) { return c.RawRequestWithContext(context.Background(), r) } @@ -1104,7 +1107,19 @@ func (c *Client) RawRequest(r *Request) (*Response, error) { // RawRequestWithContext performs the raw request given. This request may be against // a Vault server not configured with this client. This is an advanced operation // that generally won't need to be called externally. +// +// Deprecated: This method should not be used directly. Use higher level +// methods instead. func (c *Client) RawRequestWithContext(ctx context.Context, r *Request) (*Response, error) { + // Note: we purposefully do not call cancel manually. The reason is + // when canceled, the request.Body will EOF when reading due to the way + // it streams data in. Cancel will still be run when the timeout is + // hit, so this doesn't really harm anything. + ctx, _ = c.withConfiguredTimeout(ctx) + return c.rawRequestWithContext(ctx, r) +} + +func (c *Client) rawRequestWithContext(ctx context.Context, r *Request) (*Response, error) { c.modifyLock.RLock() token := c.token @@ -1116,7 +1131,6 @@ func (c *Client) RawRequestWithContext(ctx context.Context, r *Request) (*Respon checkRetry := c.config.CheckRetry backoff := c.config.Backoff httpClient := c.config.HttpClient - timeout := c.config.Timeout outputCurlString := c.config.OutputCurlString logger := c.config.Logger c.config.modifyLock.RUnlock() @@ -1162,13 +1176,6 @@ START: return nil, LastOutputStringError } - if timeout != 0 { - // Note: we purposefully do not call cancel manually. The reason is - // when canceled, the request.Body will EOF when reading due to the way - // it streams data in. Cancel will still be run when the timeout is - // hit, so this doesn't really harm anything. - ctx, _ = context.WithTimeout(ctx, timeout) - } req.Request = req.Request.WithContext(ctx) if backoff == nil { @@ -1387,6 +1394,17 @@ func (c *Client) WithResponseCallbacks(callbacks ...ResponseCallback) *Client { return &c2 } +// withConfiguredTimeout wraps the context with a timeout from the client configuration. +func (c *Client) withConfiguredTimeout(ctx context.Context) (context.Context, context.CancelFunc) { + timeout := c.ClientTimeout() + + if timeout > 0 { + return context.WithTimeout(ctx, timeout) + } + + return ctx, func() {} +} + // RecordState returns a response callback that will record the state returned // by Vault in a response header. func RecordState(state *string) ResponseCallback { diff --git a/api/help.go b/api/help.go index 321bd597c1a2..bdc8eefc0e70 100644 --- a/api/help.go +++ b/api/help.go @@ -5,14 +5,20 @@ import ( "fmt" ) -// Help reads the help information for the given path. +// Help wraps HelpWithContext using context.Background. func (c *Client) Help(path string) (*Help, error) { + return c.HelpWithContext(context.Background(), path) +} + +// HelpWithContext reads the help information for the given path. +func (c *Client) HelpWithContext(ctx context.Context, path string) (*Help, error) { + ctx, cancelFunc := c.withConfiguredTimeout(ctx) + defer cancelFunc() + r := c.NewRequest("GET", fmt.Sprintf("/v1/%s", path)) r.Params.Add("help", "1") - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.RawRequestWithContext(ctx, r) + resp, err := c.rawRequestWithContext(ctx, r) if err != nil { return nil, err } diff --git a/api/logical.go b/api/logical.go index f7d2b4a4050c..e352293082c0 100644 --- a/api/logical.go +++ b/api/logical.go @@ -49,10 +49,21 @@ func (c *Client) Logical() *Logical { } func (c *Logical) Read(path string) (*Secret, error) { - return c.ReadWithData(path, nil) + return c.ReadWithDataWithContext(context.Background(), path, nil) +} + +func (c *Logical) ReadWithContext(ctx context.Context, path string) (*Secret, error) { + return c.ReadWithDataWithContext(ctx, path, nil) } func (c *Logical) ReadWithData(path string, data map[string][]string) (*Secret, error) { + return c.ReadWithDataWithContext(context.Background(), path, data) +} + +func (c *Logical) ReadWithDataWithContext(ctx context.Context, path string, data map[string][]string) (*Secret, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + r := c.c.NewRequest("GET", "/v1/"+path) var values url.Values @@ -69,9 +80,7 @@ func (c *Logical) ReadWithData(path string, data map[string][]string) (*Secret, r.Params = values } - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + resp, err := c.c.rawRequestWithContext(ctx, r) if resp != nil { defer resp.Body.Close() } @@ -97,15 +106,20 @@ func (c *Logical) ReadWithData(path string, data map[string][]string) (*Secret, } func (c *Logical) List(path string) (*Secret, error) { + return c.ListWithContext(context.Background(), path) +} + +func (c *Logical) ListWithContext(ctx context.Context, path string) (*Secret, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + r := c.c.NewRequest("LIST", "/v1/"+path) // Set this for broader compatibility, but we use LIST above to be able to // handle the wrapping lookup function r.Method = "GET" r.Params.Set("list", "true") - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + resp, err := c.c.rawRequestWithContext(ctx, r) if resp != nil { defer resp.Body.Close() } @@ -131,9 +145,10 @@ func (c *Logical) List(path string) (*Secret, error) { } func (c *Logical) Write(path string, data map[string]interface{}) (*Secret, error) { - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() + return c.WriteWithContext(context.Background(), path, data) +} +func (c *Logical) WriteWithContext(ctx context.Context, path string, data map[string]interface{}) (*Secret, error) { r := c.c.NewRequest("PUT", "/v1/"+path) if err := r.SetJSONBody(data); err != nil { return nil, err @@ -153,14 +168,21 @@ func (c *Logical) JSONMergePatch(ctx context.Context, path string, data map[stri } func (c *Logical) WriteBytes(path string, data []byte) (*Secret, error) { + return c.WriteBytesWithContext(context.Background(), path, data) +} + +func (c *Logical) WriteBytesWithContext(ctx context.Context, path string, data []byte) (*Secret, error) { r := c.c.NewRequest("PUT", "/v1/"+path) r.BodyBytes = data - return c.write(context.Background(), path, r) + return c.write(ctx, path, r) } func (c *Logical) write(ctx context.Context, path string, request *Request) (*Secret, error) { - resp, err := c.c.RawRequestWithContext(ctx, request) + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + + resp, err := c.c.rawRequestWithContext(ctx, request) if resp != nil { defer resp.Body.Close() } @@ -185,10 +207,21 @@ func (c *Logical) write(ctx context.Context, path string, request *Request) (*Se } func (c *Logical) Delete(path string) (*Secret, error) { - return c.DeleteWithData(path, nil) + return c.DeleteWithContext(context.Background(), path) +} + +func (c *Logical) DeleteWithContext(ctx context.Context, path string) (*Secret, error) { + return c.DeleteWithDataWithContext(ctx, path, nil) } func (c *Logical) DeleteWithData(path string, data map[string][]string) (*Secret, error) { + return c.DeleteWithDataWithContext(context.Background(), path, data) +} + +func (c *Logical) DeleteWithDataWithContext(ctx context.Context, path string, data map[string][]string) (*Secret, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + r := c.c.NewRequest("DELETE", "/v1/"+path) var values url.Values @@ -205,9 +238,7 @@ func (c *Logical) DeleteWithData(path string, data map[string][]string) (*Secret r.Params = values } - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + resp, err := c.c.rawRequestWithContext(ctx, r) if resp != nil { defer resp.Body.Close() } @@ -232,6 +263,13 @@ func (c *Logical) DeleteWithData(path string, data map[string][]string) (*Secret } func (c *Logical) Unwrap(wrappingToken string) (*Secret, error) { + return c.UnwrapWithContext(context.Background(), wrappingToken) +} + +func (c *Logical) UnwrapWithContext(ctx context.Context, wrappingToken string) (*Secret, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + var data map[string]interface{} wt := strings.TrimSpace(wrappingToken) if wrappingToken != "" { @@ -249,9 +287,7 @@ func (c *Logical) Unwrap(wrappingToken string) (*Secret, error) { return nil, err } - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + resp, err := c.c.rawRequestWithContext(ctx, r) if resp != nil { defer resp.Body.Close() } diff --git a/api/plugin_helpers.go b/api/plugin_helpers.go index 9acd6a58a467..e7da60cc55da 100644 --- a/api/plugin_helpers.go +++ b/api/plugin_helpers.go @@ -1,6 +1,7 @@ package api import ( + "context" "crypto/tls" "crypto/x509" "encoding/base64" @@ -67,9 +68,14 @@ func (f *PluginAPIClientMeta) GetTLSConfig() *TLSConfig { return nil } -// VaultPluginTLSProvider is run inside a plugin and retrieves the response -// wrapped TLS certificate from vault. It returns a configured TLS Config. +// VaultPluginTLSProvider wraps VaultPluginTLSProviderContext using context.Background. func VaultPluginTLSProvider(apiTLSConfig *TLSConfig) func() (*tls.Config, error) { + return VaultPluginTLSProviderContext(context.Background(), apiTLSConfig) +} + +// VaultPluginTLSProviderContext is run inside a plugin and retrieves the response +// wrapped TLS certificate from vault. It returns a configured TLS Config. +func VaultPluginTLSProviderContext(ctx context.Context, apiTLSConfig *TLSConfig) func() (*tls.Config, error) { if os.Getenv(PluginMetadataModeEnv) == "true" { return nil } @@ -121,7 +127,7 @@ func VaultPluginTLSProvider(apiTLSConfig *TLSConfig) func() (*tls.Config, error) // Reset token value to make sure nothing has been set by default client.ClearToken() - secret, err := client.Logical().Unwrap(unwrapToken) + secret, err := client.Logical().UnwrapWithContext(ctx, unwrapToken) if err != nil { return nil, errwrap.Wrapf("error during token unwrap request: {{err}}", err) } diff --git a/api/ssh.go b/api/ssh.go index 837eac4ff78d..465c26d8aa7b 100644 --- a/api/ssh.go +++ b/api/ssh.go @@ -24,16 +24,22 @@ func (c *Client) SSHWithMountPoint(mountPoint string) *SSH { } } -// Credential invokes the SSH backend API to create a credential to establish an SSH session. +// Credential wraps CredentialWithContext using context.Background. func (c *SSH) Credential(role string, data map[string]interface{}) (*Secret, error) { + return c.CredentialWithContext(context.Background(), role, data) +} + +// CredentialWithContext invokes the SSH backend API to create a credential to establish an SSH session. +func (c *SSH) CredentialWithContext(ctx context.Context, role string, data map[string]interface{}) (*Secret, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + r := c.c.NewRequest("PUT", fmt.Sprintf("/v1/%s/creds/%s", c.MountPoint, role)) if err := r.SetJSONBody(data); err != nil { return nil, err } - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return nil, err } @@ -42,17 +48,23 @@ func (c *SSH) Credential(role string, data map[string]interface{}) (*Secret, err return ParseSecret(resp.Body) } -// SignKey signs the given public key and returns a signed public key to pass -// along with the SSH request. +// SignKey wraps SignKeyWithContext using context.Background. func (c *SSH) SignKey(role string, data map[string]interface{}) (*Secret, error) { + return c.SignKeyWithContext(context.Background(), role, data) +} + +// SignKeyWithContext signs the given public key and returns a signed public key to pass +// along with the SSH request. +func (c *SSH) SignKeyWithContext(ctx context.Context, role string, data map[string]interface{}) (*Secret, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + r := c.c.NewRequest("PUT", fmt.Sprintf("/v1/%s/sign/%s", c.MountPoint, role)) if err := r.SetJSONBody(data); err != nil { return nil, err } - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return nil, err } diff --git a/api/ssh_agent.go b/api/ssh_agent.go index fda70bcdddaa..04e02b3f58c5 100644 --- a/api/ssh_agent.go +++ b/api/ssh_agent.go @@ -206,6 +206,14 @@ func (c *Client) SSHHelperWithMountPoint(mountPoint string) *SSHHelper { // an echo response message is returned. This feature is used by ssh-helper to verify if // its configured correctly. func (c *SSHHelper) Verify(otp string) (*SSHVerifyResponse, error) { + return c.VerifyWithContext(context.Background(), otp) +} + +// VerifyWithContext the same as Verify but with a custom context. +func (c *SSHHelper) VerifyWithContext(ctx context.Context, otp string) (*SSHVerifyResponse, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + data := map[string]interface{}{ "otp": otp, } @@ -215,9 +223,7 @@ func (c *SSHHelper) Verify(otp string) (*SSHVerifyResponse, error) { return nil, err } - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return nil, err } diff --git a/api/sys_audit.go b/api/sys_audit.go index d0c6408366f1..c2542de60534 100644 --- a/api/sys_audit.go +++ b/api/sys_audit.go @@ -9,6 +9,13 @@ import ( ) func (c *Sys) AuditHash(path string, input string) (string, error) { + return c.AuditHashWithContext(context.Background(), path, input) +} + +func (c *Sys) AuditHashWithContext(ctx context.Context, path string, input string) (string, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + body := map[string]interface{}{ "input": input, } @@ -18,9 +25,7 @@ func (c *Sys) AuditHash(path string, input string) (string, error) { return "", err } - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return "", err } @@ -47,11 +52,16 @@ func (c *Sys) AuditHash(path string, input string) (string, error) { } func (c *Sys) ListAudit() (map[string]*Audit, error) { - r := c.c.NewRequest("GET", "/v1/sys/audit") + return c.ListAuditWithContext(context.Background()) +} - ctx, cancelFunc := context.WithCancel(context.Background()) +func (c *Sys) ListAuditWithContext(ctx context.Context) (map[string]*Audit, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + + r := c.c.NewRequest("GET", "/v1/sys/audit") + + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return nil, err } @@ -85,14 +95,19 @@ func (c *Sys) EnableAudit( } func (c *Sys) EnableAuditWithOptions(path string, options *EnableAuditOptions) error { + return c.EnableAuditWithOptionsWithContext(context.Background(), path, options) +} + +func (c *Sys) EnableAuditWithOptionsWithContext(ctx context.Context, path string, options *EnableAuditOptions) error { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + r := c.c.NewRequest("PUT", fmt.Sprintf("/v1/sys/audit/%s", path)) if err := r.SetJSONBody(options); err != nil { return err } - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return err } @@ -102,11 +117,16 @@ func (c *Sys) EnableAuditWithOptions(path string, options *EnableAuditOptions) e } func (c *Sys) DisableAudit(path string) error { - r := c.c.NewRequest("DELETE", fmt.Sprintf("/v1/sys/audit/%s", path)) + return c.DisableAuditWithContext(context.Background(), path) +} - ctx, cancelFunc := context.WithCancel(context.Background()) +func (c *Sys) DisableAuditWithContext(ctx context.Context, path string) error { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + + r := c.c.NewRequest("DELETE", fmt.Sprintf("/v1/sys/audit/%s", path)) + + resp, err := c.c.rawRequestWithContext(ctx, r) if err == nil { defer resp.Body.Close() diff --git a/api/sys_auth.go b/api/sys_auth.go index 46abae4effd0..dc348127b4e7 100644 --- a/api/sys_auth.go +++ b/api/sys_auth.go @@ -9,11 +9,16 @@ import ( ) func (c *Sys) ListAuth() (map[string]*AuthMount, error) { - r := c.c.NewRequest("GET", "/v1/sys/auth") + return c.ListAuthWithContext(context.Background()) +} - ctx, cancelFunc := context.WithCancel(context.Background()) +func (c *Sys) ListAuthWithContext(ctx context.Context) (map[string]*AuthMount, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + + r := c.c.NewRequest("GET", "/v1/sys/auth") + + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return nil, err } @@ -45,14 +50,19 @@ func (c *Sys) EnableAuth(path, authType, desc string) error { } func (c *Sys) EnableAuthWithOptions(path string, options *EnableAuthOptions) error { + return c.EnableAuthWithOptionsWithContext(context.Background(), path, options) +} + +func (c *Sys) EnableAuthWithOptionsWithContext(ctx context.Context, path string, options *EnableAuthOptions) error { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + r := c.c.NewRequest("POST", fmt.Sprintf("/v1/sys/auth/%s", path)) if err := r.SetJSONBody(options); err != nil { return err } - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return err } @@ -62,11 +72,16 @@ func (c *Sys) EnableAuthWithOptions(path string, options *EnableAuthOptions) err } func (c *Sys) DisableAuth(path string) error { - r := c.c.NewRequest("DELETE", fmt.Sprintf("/v1/sys/auth/%s", path)) + return c.DisableAuthWithContext(context.Background(), path) +} - ctx, cancelFunc := context.WithCancel(context.Background()) +func (c *Sys) DisableAuthWithContext(ctx context.Context, path string) error { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + + r := c.c.NewRequest("DELETE", fmt.Sprintf("/v1/sys/auth/%s", path)) + + resp, err := c.c.rawRequestWithContext(ctx, r) if err == nil { defer resp.Body.Close() } diff --git a/api/sys_capabilities.go b/api/sys_capabilities.go index 64b3951dd101..328bf5abcb0b 100644 --- a/api/sys_capabilities.go +++ b/api/sys_capabilities.go @@ -9,10 +9,24 @@ import ( ) func (c *Sys) CapabilitiesSelf(path string) ([]string, error) { - return c.Capabilities(c.c.Token(), path) + return c.CapabilitiesSelfWithContext(context.Background(), path) +} + +func (c *Sys) CapabilitiesSelfWithContext(ctx context.Context, path string) ([]string, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + + return c.CapabilitiesWithContext(ctx, c.c.Token(), path) } func (c *Sys) Capabilities(token, path string) ([]string, error) { + return c.CapabilitiesWithContext(context.Background(), token, path) +} + +func (c *Sys) CapabilitiesWithContext(ctx context.Context, token, path string) ([]string, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + body := map[string]string{ "token": token, "path": path, @@ -28,9 +42,7 @@ func (c *Sys) Capabilities(token, path string) ([]string, error) { return nil, err } - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return nil, err } diff --git a/api/sys_config_cors.go b/api/sys_config_cors.go index ef136dcbb66f..d9aad606a196 100644 --- a/api/sys_config_cors.go +++ b/api/sys_config_cors.go @@ -8,11 +8,16 @@ import ( ) func (c *Sys) CORSStatus() (*CORSResponse, error) { - r := c.c.NewRequest("GET", "/v1/sys/config/cors") + return c.CORSStatusWithContext(context.Background()) +} - ctx, cancelFunc := context.WithCancel(context.Background()) +func (c *Sys) CORSStatusWithContext(ctx context.Context) (*CORSResponse, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + + r := c.c.NewRequest("GET", "/v1/sys/config/cors") + + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return nil, err } @@ -36,14 +41,19 @@ func (c *Sys) CORSStatus() (*CORSResponse, error) { } func (c *Sys) ConfigureCORS(req *CORSRequest) error { + return c.ConfigureCORSWithContext(context.Background(), req) +} + +func (c *Sys) ConfigureCORSWithContext(ctx context.Context, req *CORSRequest) error { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + r := c.c.NewRequest("PUT", "/v1/sys/config/cors") if err := r.SetJSONBody(req); err != nil { return err } - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + resp, err := c.c.rawRequestWithContext(ctx, r) if err == nil { defer resp.Body.Close() } @@ -51,11 +61,16 @@ func (c *Sys) ConfigureCORS(req *CORSRequest) error { } func (c *Sys) DisableCORS() error { - r := c.c.NewRequest("DELETE", "/v1/sys/config/cors") + return c.DisableCORSWithContext(context.Background()) +} - ctx, cancelFunc := context.WithCancel(context.Background()) +func (c *Sys) DisableCORSWithContext(ctx context.Context) error { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + + r := c.c.NewRequest("DELETE", "/v1/sys/config/cors") + + resp, err := c.c.rawRequestWithContext(ctx, r) if err == nil { defer resp.Body.Close() } diff --git a/api/sys_generate_root.go b/api/sys_generate_root.go index 870dacb09e08..e23b491c743f 100644 --- a/api/sys_generate_root.go +++ b/api/sys_generate_root.go @@ -3,23 +3,36 @@ package api import "context" func (c *Sys) GenerateRootStatus() (*GenerateRootStatusResponse, error) { - return c.generateRootStatusCommon("/v1/sys/generate-root/attempt") + return c.GenerateRootStatusWithContext(context.Background()) } func (c *Sys) GenerateDROperationTokenStatus() (*GenerateRootStatusResponse, error) { - return c.generateRootStatusCommon("/v1/sys/replication/dr/secondary/generate-operation-token/attempt") + return c.GenerateDROperationTokenStatusWithContext(context.Background()) } func (c *Sys) GenerateRecoveryOperationTokenStatus() (*GenerateRootStatusResponse, error) { - return c.generateRootStatusCommon("/v1/sys/generate-recovery-token/attempt") + return c.GenerateRecoveryOperationTokenStatusWithContext(context.Background()) } -func (c *Sys) generateRootStatusCommon(path string) (*GenerateRootStatusResponse, error) { - r := c.c.NewRequest("GET", path) +func (c *Sys) GenerateRootStatusWithContext(ctx context.Context) (*GenerateRootStatusResponse, error) { + return c.generateRootStatusCommonWithContext(ctx, "/v1/sys/generate-root/attempt") +} - ctx, cancelFunc := context.WithCancel(context.Background()) +func (c *Sys) GenerateDROperationTokenStatusWithContext(ctx context.Context) (*GenerateRootStatusResponse, error) { + return c.generateRootStatusCommonWithContext(ctx, "/v1/sys/replication/dr/secondary/generate-operation-token/attempt") +} + +func (c *Sys) GenerateRecoveryOperationTokenStatusWithContext(ctx context.Context) (*GenerateRootStatusResponse, error) { + return c.generateRootStatusCommonWithContext(ctx, "/v1/sys/generate-recovery-token/attempt") +} + +func (c *Sys) generateRootStatusCommonWithContext(ctx context.Context, path string) (*GenerateRootStatusResponse, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + + r := c.c.NewRequest("GET", path) + + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return nil, err } @@ -31,18 +44,33 @@ func (c *Sys) generateRootStatusCommon(path string) (*GenerateRootStatusResponse } func (c *Sys) GenerateRootInit(otp, pgpKey string) (*GenerateRootStatusResponse, error) { - return c.generateRootInitCommon("/v1/sys/generate-root/attempt", otp, pgpKey) + return c.GenerateRootInitWithContext(context.Background(), otp, pgpKey) } func (c *Sys) GenerateDROperationTokenInit(otp, pgpKey string) (*GenerateRootStatusResponse, error) { - return c.generateRootInitCommon("/v1/sys/replication/dr/secondary/generate-operation-token/attempt", otp, pgpKey) + return c.GenerateDROperationTokenInitWithContext(context.Background(), otp, pgpKey) } func (c *Sys) GenerateRecoveryOperationTokenInit(otp, pgpKey string) (*GenerateRootStatusResponse, error) { - return c.generateRootInitCommon("/v1/sys/generate-recovery-token/attempt", otp, pgpKey) + return c.GenerateRecoveryOperationTokenInitWithContext(context.Background(), otp, pgpKey) } -func (c *Sys) generateRootInitCommon(path, otp, pgpKey string) (*GenerateRootStatusResponse, error) { +func (c *Sys) GenerateRootInitWithContext(ctx context.Context, otp, pgpKey string) (*GenerateRootStatusResponse, error) { + return c.generateRootInitCommonWithContext(ctx, "/v1/sys/generate-root/attempt", otp, pgpKey) +} + +func (c *Sys) GenerateDROperationTokenInitWithContext(ctx context.Context, otp, pgpKey string) (*GenerateRootStatusResponse, error) { + return c.generateRootInitCommonWithContext(ctx, "/v1/sys/replication/dr/secondary/generate-operation-token/attempt", otp, pgpKey) +} + +func (c *Sys) GenerateRecoveryOperationTokenInitWithContext(ctx context.Context, otp, pgpKey string) (*GenerateRootStatusResponse, error) { + return c.generateRootInitCommonWithContext(ctx, "/v1/sys/generate-recovery-token/attempt", otp, pgpKey) +} + +func (c *Sys) generateRootInitCommonWithContext(ctx context.Context, path, otp, pgpKey string) (*GenerateRootStatusResponse, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + body := map[string]interface{}{ "otp": otp, "pgp_key": pgpKey, @@ -53,9 +81,7 @@ func (c *Sys) generateRootInitCommon(path, otp, pgpKey string) (*GenerateRootSta return nil, err } - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return nil, err } @@ -67,23 +93,36 @@ func (c *Sys) generateRootInitCommon(path, otp, pgpKey string) (*GenerateRootSta } func (c *Sys) GenerateRootCancel() error { - return c.generateRootCancelCommon("/v1/sys/generate-root/attempt") + return c.GenerateRootCancelWithContext(context.Background()) } func (c *Sys) GenerateDROperationTokenCancel() error { - return c.generateRootCancelCommon("/v1/sys/replication/dr/secondary/generate-operation-token/attempt") + return c.GenerateDROperationTokenCancelWithContext(context.Background()) } func (c *Sys) GenerateRecoveryOperationTokenCancel() error { - return c.generateRootCancelCommon("/v1/sys/generate-recovery-token/attempt") + return c.GenerateRecoveryOperationTokenCancelWithContext(context.Background()) } -func (c *Sys) generateRootCancelCommon(path string) error { - r := c.c.NewRequest("DELETE", path) +func (c *Sys) GenerateRootCancelWithContext(ctx context.Context) error { + return c.generateRootCancelCommonWithContext(ctx, "/v1/sys/generate-root/attempt") +} - ctx, cancelFunc := context.WithCancel(context.Background()) +func (c *Sys) GenerateDROperationTokenCancelWithContext(ctx context.Context) error { + return c.generateRootCancelCommonWithContext(ctx, "/v1/sys/replication/dr/secondary/generate-operation-token/attempt") +} + +func (c *Sys) GenerateRecoveryOperationTokenCancelWithContext(ctx context.Context) error { + return c.generateRootCancelCommonWithContext(ctx, "/v1/sys/generate-recovery-token/attempt") +} + +func (c *Sys) generateRootCancelCommonWithContext(ctx context.Context, path string) error { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + + r := c.c.NewRequest("DELETE", path) + + resp, err := c.c.rawRequestWithContext(ctx, r) if err == nil { defer resp.Body.Close() } @@ -91,18 +130,33 @@ func (c *Sys) generateRootCancelCommon(path string) error { } func (c *Sys) GenerateRootUpdate(shard, nonce string) (*GenerateRootStatusResponse, error) { - return c.generateRootUpdateCommon("/v1/sys/generate-root/update", shard, nonce) + return c.GenerateRootUpdateWithContext(context.Background(), shard, nonce) } func (c *Sys) GenerateDROperationTokenUpdate(shard, nonce string) (*GenerateRootStatusResponse, error) { - return c.generateRootUpdateCommon("/v1/sys/replication/dr/secondary/generate-operation-token/update", shard, nonce) + return c.GenerateDROperationTokenUpdateWithContext(context.Background(), shard, nonce) } func (c *Sys) GenerateRecoveryOperationTokenUpdate(shard, nonce string) (*GenerateRootStatusResponse, error) { - return c.generateRootUpdateCommon("/v1/sys/generate-recovery-token/update", shard, nonce) + return c.GenerateRecoveryOperationTokenUpdateWithContext(context.Background(), shard, nonce) } -func (c *Sys) generateRootUpdateCommon(path, shard, nonce string) (*GenerateRootStatusResponse, error) { +func (c *Sys) GenerateRootUpdateWithContext(ctx context.Context, shard, nonce string) (*GenerateRootStatusResponse, error) { + return c.generateRootUpdateCommonWithContext(ctx, "/v1/sys/generate-root/update", shard, nonce) +} + +func (c *Sys) GenerateDROperationTokenUpdateWithContext(ctx context.Context, shard, nonce string) (*GenerateRootStatusResponse, error) { + return c.generateRootUpdateCommonWithContext(ctx, "/v1/sys/replication/dr/secondary/generate-operation-token/update", shard, nonce) +} + +func (c *Sys) GenerateRecoveryOperationTokenUpdateWithContext(ctx context.Context, shard, nonce string) (*GenerateRootStatusResponse, error) { + return c.generateRootUpdateCommonWithContext(ctx, "/v1/sys/generate-recovery-token/update", shard, nonce) +} + +func (c *Sys) generateRootUpdateCommonWithContext(ctx context.Context, path, shard, nonce string) (*GenerateRootStatusResponse, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + body := map[string]interface{}{ "key": shard, "nonce": nonce, @@ -113,9 +167,7 @@ func (c *Sys) generateRootUpdateCommon(path, shard, nonce string) (*GenerateRoot return nil, err } - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return nil, err } diff --git a/api/sys_hastatus.go b/api/sys_hastatus.go index 408da0509109..fb12a51adba8 100644 --- a/api/sys_hastatus.go +++ b/api/sys_hastatus.go @@ -6,11 +6,16 @@ import ( ) func (c *Sys) HAStatus() (*HAStatusResponse, error) { - r := c.c.NewRequest("GET", "/v1/sys/ha-status") + return c.HAStatusWithContext(context.Background()) +} - ctx, cancelFunc := context.WithCancel(context.Background()) +func (c *Sys) HAStatusWithContext(ctx context.Context) (*HAStatusResponse, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + + r := c.c.NewRequest("GET", "/v1/sys/ha-status") + + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return nil, err } diff --git a/api/sys_health.go b/api/sys_health.go index d5d7796008fa..a49c2db1f976 100644 --- a/api/sys_health.go +++ b/api/sys_health.go @@ -3,6 +3,13 @@ package api import "context" func (c *Sys) Health() (*HealthResponse, error) { + return c.HealthWithContext(context.Background()) +} + +func (c *Sys) HealthWithContext(ctx context.Context) (*HealthResponse, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + r := c.c.NewRequest("GET", "/v1/sys/health") // If the code is 400 or above it will automatically turn into an error, // but the sys/health API defaults to returning 5xx when not sealed or @@ -13,9 +20,7 @@ func (c *Sys) Health() (*HealthResponse, error) { r.Params.Add("drsecondarycode", "299") r.Params.Add("performancestandbycode", "299") - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return nil, err } diff --git a/api/sys_init.go b/api/sys_init.go index 0e499c6e3c63..e373ffc5c7da 100644 --- a/api/sys_init.go +++ b/api/sys_init.go @@ -3,11 +3,16 @@ package api import "context" func (c *Sys) InitStatus() (bool, error) { - r := c.c.NewRequest("GET", "/v1/sys/init") + return c.InitStatusWithContext(context.Background()) +} - ctx, cancelFunc := context.WithCancel(context.Background()) +func (c *Sys) InitStatusWithContext(ctx context.Context) (bool, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + + r := c.c.NewRequest("GET", "/v1/sys/init") + + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return false, err } @@ -19,14 +24,19 @@ func (c *Sys) InitStatus() (bool, error) { } func (c *Sys) Init(opts *InitRequest) (*InitResponse, error) { + return c.InitWithContext(context.Background(), opts) +} + +func (c *Sys) InitWithContext(ctx context.Context, opts *InitRequest) (*InitResponse, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + r := c.c.NewRequest("PUT", "/v1/sys/init") if err := r.SetJSONBody(opts); err != nil { return nil, err } - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return nil, err } diff --git a/api/sys_leader.go b/api/sys_leader.go index 1c6be8d88095..824ede5a2d00 100644 --- a/api/sys_leader.go +++ b/api/sys_leader.go @@ -6,11 +6,16 @@ import ( ) func (c *Sys) Leader() (*LeaderResponse, error) { - r := c.c.NewRequest("GET", "/v1/sys/leader") + return c.LeaderWithContext(context.Background()) +} - ctx, cancelFunc := context.WithCancel(context.Background()) +func (c *Sys) LeaderWithContext(ctx context.Context) (*LeaderResponse, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + + r := c.c.NewRequest("GET", "/v1/sys/leader") + + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return nil, err } diff --git a/api/sys_leases.go b/api/sys_leases.go index e018015deddd..9e098b4b0a2e 100644 --- a/api/sys_leases.go +++ b/api/sys_leases.go @@ -6,6 +6,13 @@ import ( ) func (c *Sys) Renew(id string, increment int) (*Secret, error) { + return c.RenewWithContext(context.Background(), id, increment) +} + +func (c *Sys) RenewWithContext(ctx context.Context, id string, increment int) (*Secret, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + r := c.c.NewRequest("PUT", "/v1/sys/leases/renew") body := map[string]interface{}{ @@ -16,9 +23,7 @@ func (c *Sys) Renew(id string, increment int) (*Secret, error) { return nil, err } - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return nil, err } @@ -28,6 +33,13 @@ func (c *Sys) Renew(id string, increment int) (*Secret, error) { } func (c *Sys) Lookup(id string) (*Secret, error) { + return c.LookupWithContext(context.Background(), id) +} + +func (c *Sys) LookupWithContext(ctx context.Context, id string) (*Secret, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + r := c.c.NewRequest("PUT", "/v1/sys/leases/lookup") body := map[string]interface{}{ @@ -37,9 +49,7 @@ func (c *Sys) Lookup(id string) (*Secret, error) { return nil, err } - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return nil, err } @@ -49,6 +59,13 @@ func (c *Sys) Lookup(id string) (*Secret, error) { } func (c *Sys) Revoke(id string) error { + return c.RevokeWithContext(context.Background(), id) +} + +func (c *Sys) RevokeWithContext(ctx context.Context, id string) error { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + r := c.c.NewRequest("PUT", "/v1/sys/leases/revoke") body := map[string]interface{}{ "lease_id": id, @@ -57,9 +74,7 @@ func (c *Sys) Revoke(id string) error { return err } - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + resp, err := c.c.rawRequestWithContext(ctx, r) if err == nil { defer resp.Body.Close() } @@ -67,11 +82,16 @@ func (c *Sys) Revoke(id string) error { } func (c *Sys) RevokePrefix(id string) error { - r := c.c.NewRequest("PUT", "/v1/sys/leases/revoke-prefix/"+id) + return c.RevokePrefixWithContext(context.Background(), id) +} - ctx, cancelFunc := context.WithCancel(context.Background()) +func (c *Sys) RevokePrefixWithContext(ctx context.Context, id string) error { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + + r := c.c.NewRequest("PUT", "/v1/sys/leases/revoke-prefix/"+id) + + resp, err := c.c.rawRequestWithContext(ctx, r) if err == nil { defer resp.Body.Close() } @@ -79,11 +99,16 @@ func (c *Sys) RevokePrefix(id string) error { } func (c *Sys) RevokeForce(id string) error { - r := c.c.NewRequest("PUT", "/v1/sys/leases/revoke-force/"+id) + return c.RevokeForceWithContext(context.Background(), id) +} - ctx, cancelFunc := context.WithCancel(context.Background()) +func (c *Sys) RevokeForceWithContext(ctx context.Context, id string) error { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + + r := c.c.NewRequest("PUT", "/v1/sys/leases/revoke-force/"+id) + + resp, err := c.c.rawRequestWithContext(ctx, r) if err == nil { defer resp.Body.Close() } @@ -91,6 +116,13 @@ func (c *Sys) RevokeForce(id string) error { } func (c *Sys) RevokeWithOptions(opts *RevokeOptions) error { + return c.RevokeWithOptionsWithContext(context.Background(), opts) +} + +func (c *Sys) RevokeWithOptionsWithContext(ctx context.Context, opts *RevokeOptions) error { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + if opts == nil { return errors.New("nil options provided") } @@ -115,9 +147,7 @@ func (c *Sys) RevokeWithOptions(opts *RevokeOptions) error { } } - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + resp, err := c.c.rawRequestWithContext(ctx, r) if err == nil { defer resp.Body.Close() } diff --git a/api/sys_mounts.go b/api/sys_mounts.go index 8a0c5b985470..35321a2ce463 100644 --- a/api/sys_mounts.go +++ b/api/sys_mounts.go @@ -10,11 +10,16 @@ import ( ) func (c *Sys) ListMounts() (map[string]*MountOutput, error) { - r := c.c.NewRequest("GET", "/v1/sys/mounts") + return c.ListMountsWithContext(context.Background()) +} - ctx, cancelFunc := context.WithCancel(context.Background()) +func (c *Sys) ListMountsWithContext(ctx context.Context) (map[string]*MountOutput, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + + r := c.c.NewRequest("GET", "/v1/sys/mounts") + + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return nil, err } @@ -38,14 +43,19 @@ func (c *Sys) ListMounts() (map[string]*MountOutput, error) { } func (c *Sys) Mount(path string, mountInfo *MountInput) error { + return c.MountWithContext(context.Background(), path, mountInfo) +} + +func (c *Sys) MountWithContext(ctx context.Context, path string, mountInfo *MountInput) error { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + r := c.c.NewRequest("POST", fmt.Sprintf("/v1/sys/mounts/%s", path)) if err := r.SetJSONBody(mountInfo); err != nil { return err } - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return err } @@ -55,27 +65,37 @@ func (c *Sys) Mount(path string, mountInfo *MountInput) error { } func (c *Sys) Unmount(path string) error { - r := c.c.NewRequest("DELETE", fmt.Sprintf("/v1/sys/mounts/%s", path)) + return c.UnmountWithContext(context.Background(), path) +} - ctx, cancelFunc := context.WithCancel(context.Background()) +func (c *Sys) UnmountWithContext(ctx context.Context, path string) error { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + + r := c.c.NewRequest("DELETE", fmt.Sprintf("/v1/sys/mounts/%s", path)) + + resp, err := c.c.rawRequestWithContext(ctx, r) if err == nil { defer resp.Body.Close() } return err } -// Remount kicks off a remount operation, polls the status endpoint using -// the migration ID till either success or failure state is observed +// Remount wraps RemountWithContext using context.Background. func (c *Sys) Remount(from, to string) error { - remountResp, err := c.StartRemount(from, to) + return c.RemountWithContext(context.Background(), from, to) +} + +// RemountWithContext kicks off a remount operation, polls the status endpoint using +// the migration ID till either success or failure state is observed +func (c *Sys) RemountWithContext(ctx context.Context, from, to string) error { + remountResp, err := c.StartRemountWithContext(ctx, from, to) if err != nil { return err } for { - remountStatusResp, err := c.RemountStatus(remountResp.MigrationID) + remountStatusResp, err := c.RemountStatusWithContext(ctx, remountResp.MigrationID) if err != nil { return err } @@ -89,8 +109,16 @@ func (c *Sys) Remount(from, to string) error { } } -// StartRemount kicks off a mount migration and returns a response with the migration ID +// StartRemount wraps StartRemountWithContext using context.Background. func (c *Sys) StartRemount(from, to string) (*MountMigrationOutput, error) { + return c.StartRemountWithContext(context.Background(), from, to) +} + +// StartRemountWithContext kicks off a mount migration and returns a response with the migration ID +func (c *Sys) StartRemountWithContext(ctx context.Context, from, to string) (*MountMigrationOutput, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + body := map[string]interface{}{ "from": from, "to": to, @@ -101,9 +129,7 @@ func (c *Sys) StartRemount(from, to string) (*MountMigrationOutput, error) { return nil, err } - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return nil, err } @@ -125,13 +151,19 @@ func (c *Sys) StartRemount(from, to string) (*MountMigrationOutput, error) { return &result, err } -// RemountStatus checks the status of a mount migration operation with the provided ID +// RemountStatus wraps RemountStatusWithContext using context.Background. func (c *Sys) RemountStatus(migrationID string) (*MountMigrationStatusOutput, error) { - r := c.c.NewRequest("GET", fmt.Sprintf("/v1/sys/remount/status/%s", migrationID)) + return c.RemountStatusWithContext(context.Background(), migrationID) +} - ctx, cancelFunc := context.WithCancel(context.Background()) +// RemountStatusWithContext checks the status of a mount migration operation with the provided ID +func (c *Sys) RemountStatusWithContext(ctx context.Context, migrationID string) (*MountMigrationStatusOutput, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + + r := c.c.NewRequest("GET", fmt.Sprintf("/v1/sys/remount/status/%s", migrationID)) + + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return nil, err } @@ -154,14 +186,19 @@ func (c *Sys) RemountStatus(migrationID string) (*MountMigrationStatusOutput, er } func (c *Sys) TuneMount(path string, config MountConfigInput) error { + return c.TuneMountWithContext(context.Background(), path, config) +} + +func (c *Sys) TuneMountWithContext(ctx context.Context, path string, config MountConfigInput) error { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + r := c.c.NewRequest("POST", fmt.Sprintf("/v1/sys/mounts/%s/tune", path)) if err := r.SetJSONBody(config); err != nil { return err } - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + resp, err := c.c.rawRequestWithContext(ctx, r) if err == nil { defer resp.Body.Close() } @@ -169,11 +206,16 @@ func (c *Sys) TuneMount(path string, config MountConfigInput) error { } func (c *Sys) MountConfig(path string) (*MountConfigOutput, error) { - r := c.c.NewRequest("GET", fmt.Sprintf("/v1/sys/mounts/%s/tune", path)) + return c.MountConfigWithContext(context.Background(), path) +} - ctx, cancelFunc := context.WithCancel(context.Background()) +func (c *Sys) MountConfigWithContext(ctx context.Context, path string) (*MountConfigOutput, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + + r := c.c.NewRequest("GET", fmt.Sprintf("/v1/sys/mounts/%s/tune", path)) + + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return nil, err } diff --git a/api/sys_plugins.go b/api/sys_plugins.go index c17072d958ab..8305f51d7d62 100644 --- a/api/sys_plugins.go +++ b/api/sys_plugins.go @@ -29,9 +29,17 @@ type ListPluginsResponse struct { Names []string `json:"names"` } -// ListPlugins lists all plugins in the catalog and returns their names as a -// list of strings. +// ListPlugins wraps ListPluginsWithContext using context.Background. func (c *Sys) ListPlugins(i *ListPluginsInput) (*ListPluginsResponse, error) { + return c.ListPluginsWithContext(context.Background(), i) +} + +// ListPluginsWithContext lists all plugins in the catalog and returns their names as a +// list of strings. +func (c *Sys) ListPluginsWithContext(ctx context.Context, i *ListPluginsInput) (*ListPluginsResponse, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + path := "" method := "" if i.Type == consts.PluginTypeUnknown { @@ -50,9 +58,7 @@ func (c *Sys) ListPlugins(i *ListPluginsInput) (*ListPluginsResponse, error) { req.Params.Set("list", "true") } - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, req) + resp, err := c.c.rawRequestWithContext(ctx, req) if err != nil && resp == nil { return nil, err } @@ -66,7 +72,7 @@ func (c *Sys) ListPlugins(i *ListPluginsInput) (*ListPluginsResponse, error) { // switch it to a LIST. if resp.StatusCode == 405 { req.Params.Set("list", "true") - resp, err := c.c.RawRequestWithContext(ctx, req) + resp, err := c.c.rawRequestWithContext(ctx, req) if err != nil { return nil, err } @@ -142,14 +148,20 @@ type GetPluginResponse struct { SHA256 string `json:"sha256"` } -// GetPlugin retrieves information about the plugin. +// GetPlugin wraps GetPluginWithContext using context.Background. func (c *Sys) GetPlugin(i *GetPluginInput) (*GetPluginResponse, error) { + return c.GetPluginWithContext(context.Background(), i) +} + +// GetPluginWithContext retrieves information about the plugin. +func (c *Sys) GetPluginWithContext(ctx context.Context, i *GetPluginInput) (*GetPluginResponse, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + path := catalogPathByType(i.Type, i.Name) req := c.c.NewRequest(http.MethodGet, path) - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, req) + resp, err := c.c.rawRequestWithContext(ctx, req) if err != nil { return nil, err } @@ -183,8 +195,16 @@ type RegisterPluginInput struct { SHA256 string `json:"sha256,omitempty"` } -// RegisterPlugin registers the plugin with the given information. +// RegisterPlugin wraps RegisterPluginWithContext using context.Background. func (c *Sys) RegisterPlugin(i *RegisterPluginInput) error { + return c.RegisterPluginWithContext(context.Background(), i) +} + +// RegisterPluginWithContext registers the plugin with the given information. +func (c *Sys) RegisterPluginWithContext(ctx context.Context, i *RegisterPluginInput) error { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + path := catalogPathByType(i.Type, i.Name) req := c.c.NewRequest(http.MethodPut, path) @@ -192,9 +212,7 @@ func (c *Sys) RegisterPlugin(i *RegisterPluginInput) error { return err } - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, req) + resp, err := c.c.rawRequestWithContext(ctx, req) if err == nil { defer resp.Body.Close() } @@ -210,15 +228,21 @@ type DeregisterPluginInput struct { Type consts.PluginType `json:"type"` } -// DeregisterPlugin removes the plugin with the given name from the plugin -// catalog. +// DeregisterPlugin wraps DeregisterPluginWithContext using context.Background. func (c *Sys) DeregisterPlugin(i *DeregisterPluginInput) error { + return c.DeregisterPluginWithContext(context.Background(), i) +} + +// DeregisterPluginWithContext removes the plugin with the given name from the plugin +// catalog. +func (c *Sys) DeregisterPluginWithContext(ctx context.Context, i *DeregisterPluginInput) error { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + path := catalogPathByType(i.Type, i.Name) req := c.c.NewRequest(http.MethodDelete, path) - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, req) + resp, err := c.c.rawRequestWithContext(ctx, req) if err == nil { defer resp.Body.Close() } @@ -237,9 +261,17 @@ type ReloadPluginInput struct { Scope string `json:"scope"` } -// ReloadPlugin reloads mounted plugin backends, possibly returning -// reloadId for a cluster scoped reload +// ReloadPlugin wraps ReloadPluginWithContext using context.Background. func (c *Sys) ReloadPlugin(i *ReloadPluginInput) (string, error) { + return c.ReloadPluginWithContext(context.Background(), i) +} + +// ReloadPluginWithContext reloads mounted plugin backends, possibly returning +// reloadId for a cluster scoped reload +func (c *Sys) ReloadPluginWithContext(ctx context.Context, i *ReloadPluginInput) (string, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + path := "/v1/sys/plugins/reload/backend" req := c.c.NewRequest(http.MethodPut, path) @@ -247,10 +279,7 @@ func (c *Sys) ReloadPlugin(i *ReloadPluginInput) (string, error) { return "", err } - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - - resp, err := c.c.RawRequestWithContext(ctx, req) + resp, err := c.c.rawRequestWithContext(ctx, req) if err != nil { return "", err } @@ -287,16 +316,21 @@ type ReloadPluginStatusInput struct { ReloadID string `json:"reload_id"` } -// ReloadPluginStatus retrieves the status of a reload operation +// ReloadPluginStatus wraps ReloadPluginStatusWithContext using context.Background. func (c *Sys) ReloadPluginStatus(reloadStatusInput *ReloadPluginStatusInput) (*ReloadStatusResponse, error) { + return c.ReloadPluginStatusWithContext(context.Background(), reloadStatusInput) +} + +// ReloadPluginStatusWithContext retrieves the status of a reload operation +func (c *Sys) ReloadPluginStatusWithContext(ctx context.Context, reloadStatusInput *ReloadPluginStatusInput) (*ReloadStatusResponse, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + path := "/v1/sys/plugins/reload/backend/status" req := c.c.NewRequest(http.MethodGet, path) req.Params.Add("reload_id", reloadStatusInput.ReloadID) - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - - resp, err := c.c.RawRequestWithContext(ctx, req) + resp, err := c.c.rawRequestWithContext(ctx, req) if err != nil { return nil, err } diff --git a/api/sys_policy.go b/api/sys_policy.go index c0c239f960c6..aaa80d758d1a 100644 --- a/api/sys_policy.go +++ b/api/sys_policy.go @@ -9,15 +9,20 @@ import ( ) func (c *Sys) ListPolicies() ([]string, error) { + return c.ListPoliciesWithContext(context.Background()) +} + +func (c *Sys) ListPoliciesWithContext(ctx context.Context) ([]string, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + r := c.c.NewRequest("LIST", "/v1/sys/policies/acl") // Set this for broader compatibility, but we use LIST above to be able to // handle the wrapping lookup function r.Method = "GET" r.Params.Set("list", "true") - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return nil, err } @@ -41,11 +46,16 @@ func (c *Sys) ListPolicies() ([]string, error) { } func (c *Sys) GetPolicy(name string) (string, error) { - r := c.c.NewRequest("GET", fmt.Sprintf("/v1/sys/policies/acl/%s", name)) + return c.GetPolicyWithContext(context.Background(), name) +} - ctx, cancelFunc := context.WithCancel(context.Background()) +func (c *Sys) GetPolicyWithContext(ctx context.Context, name string) (string, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + + r := c.c.NewRequest("GET", fmt.Sprintf("/v1/sys/policies/acl/%s", name)) + + resp, err := c.c.rawRequestWithContext(ctx, r) if resp != nil { defer resp.Body.Close() if resp.StatusCode == 404 { @@ -72,6 +82,13 @@ func (c *Sys) GetPolicy(name string) (string, error) { } func (c *Sys) PutPolicy(name, rules string) error { + return c.PutPolicyWithContext(context.Background(), name, rules) +} + +func (c *Sys) PutPolicyWithContext(ctx context.Context, name, rules string) error { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + body := map[string]string{ "policy": rules, } @@ -81,9 +98,7 @@ func (c *Sys) PutPolicy(name, rules string) error { return err } - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return err } @@ -93,11 +108,16 @@ func (c *Sys) PutPolicy(name, rules string) error { } func (c *Sys) DeletePolicy(name string) error { - r := c.c.NewRequest("DELETE", fmt.Sprintf("/v1/sys/policies/acl/%s", name)) + return c.DeletePolicyWithContext(context.Background(), name) +} - ctx, cancelFunc := context.WithCancel(context.Background()) +func (c *Sys) DeletePolicyWithContext(ctx context.Context, name string) error { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + + r := c.c.NewRequest("DELETE", fmt.Sprintf("/v1/sys/policies/acl/%s", name)) + + resp, err := c.c.rawRequestWithContext(ctx, r) if err == nil { defer resp.Body.Close() } diff --git a/api/sys_raft.go b/api/sys_raft.go index 7dc10959ac32..c512284b3f7d 100644 --- a/api/sys_raft.go +++ b/api/sys_raft.go @@ -108,18 +108,24 @@ type AutopilotServer struct { Meta map[string]string `mapstructure:"meta"` } -// RaftJoin adds the node from which this call is invoked from to the raft -// cluster represented by the leader address in the parameter. +// RaftJoin wraps RaftJoinWithContext using context.Background. func (c *Sys) RaftJoin(opts *RaftJoinRequest) (*RaftJoinResponse, error) { + return c.RaftJoinWithContext(context.Background(), opts) +} + +// RaftJoinWithContext adds the node from which this call is invoked from to the raft +// cluster represented by the leader address in the parameter. +func (c *Sys) RaftJoinWithContext(ctx context.Context, opts *RaftJoinRequest) (*RaftJoinResponse, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + r := c.c.NewRequest("POST", "/v1/sys/storage/raft/join") if err := r.SetJSONBody(opts); err != nil { return nil, err } - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return nil, err } @@ -130,12 +136,9 @@ func (c *Sys) RaftJoin(opts *RaftJoinRequest) (*RaftJoinResponse, error) { return &result, err } -// RaftSnapshot is a thin wrapper around RaftSnapshotWithContext +// RaftSnapshot wraps RaftSnapshotWithContext using context.Background. func (c *Sys) RaftSnapshot(snapWriter io.Writer) error { - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - - return c.RaftSnapshotWithContext(ctx, snapWriter) + return c.RaftSnapshotWithContext(context.Background(), snapWriter) } // RaftSnapshotWithContext invokes the API that takes the snapshot of the raft cluster and @@ -207,12 +210,9 @@ func (c *Sys) RaftSnapshotWithContext(ctx context.Context, snapWriter io.Writer) return nil } -// RaftSnapshotRestore is a thin wrapper around RaftSnapshotRestoreWithContext +// RaftSnapshotRestore wraps RaftSnapshotRestoreWithContext using context.Background. func (c *Sys) RaftSnapshotRestore(snapReader io.Reader, force bool) error { - ctx, cancel := context.WithCancel(context.Background()) - defer cancel() - - return c.RaftSnapshotRestoreWithContext(ctx, snapReader, force) + return c.RaftSnapshotRestoreWithContext(context.Background(), snapReader, force) } // RaftSnapshotRestoreWithContext reads the snapshot from the io.Reader and installs that @@ -235,13 +235,19 @@ func (c *Sys) RaftSnapshotRestoreWithContext(ctx context.Context, snapReader io. return nil } -// RaftAutopilotState returns the state of the raft cluster as seen by autopilot. +// RaftAutopilotState wraps RaftAutopilotStateWithContext using context.Background. func (c *Sys) RaftAutopilotState() (*AutopilotState, error) { - r := c.c.NewRequest("GET", "/v1/sys/storage/raft/autopilot/state") + return c.RaftAutopilotStateWithContext(context.Background()) +} - ctx, cancelFunc := context.WithCancel(context.Background()) +// RaftAutopilotStateWithContext returns the state of the raft cluster as seen by autopilot. +func (c *Sys) RaftAutopilotStateWithContext(ctx context.Context) (*AutopilotState, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + + r := c.c.NewRequest("GET", "/v1/sys/storage/raft/autopilot/state") + + resp, err := c.c.rawRequestWithContext(ctx, r) if resp != nil { defer resp.Body.Close() if resp.StatusCode == 404 { @@ -269,13 +275,19 @@ func (c *Sys) RaftAutopilotState() (*AutopilotState, error) { return &result, err } -// RaftAutopilotConfiguration fetches the autopilot config. +// RaftAutopilotConfiguration wraps RaftAutopilotConfigurationWithContext using context.Background. func (c *Sys) RaftAutopilotConfiguration() (*AutopilotConfig, error) { - r := c.c.NewRequest("GET", "/v1/sys/storage/raft/autopilot/configuration") + return c.RaftAutopilotConfigurationWithContext(context.Background()) +} - ctx, cancelFunc := context.WithCancel(context.Background()) +// RaftAutopilotConfigurationWithContext fetches the autopilot config. +func (c *Sys) RaftAutopilotConfigurationWithContext(ctx context.Context) (*AutopilotConfig, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + + r := c.c.NewRequest("GET", "/v1/sys/storage/raft/autopilot/configuration") + + resp, err := c.c.rawRequestWithContext(ctx, r) if resp != nil { defer resp.Body.Close() if resp.StatusCode == 404 { @@ -311,17 +323,23 @@ func (c *Sys) RaftAutopilotConfiguration() (*AutopilotConfig, error) { return &result, err } -// PutRaftAutopilotConfiguration allows modifying the raft autopilot configuration +// PutRaftAutopilotConfiguration wraps PutRaftAutopilotConfigurationWithContext using context.Background. func (c *Sys) PutRaftAutopilotConfiguration(opts *AutopilotConfig) error { + return c.PutRaftAutopilotConfigurationWithContext(context.Background(), opts) +} + +// PutRaftAutopilotConfigurationWithContext allows modifying the raft autopilot configuration +func (c *Sys) PutRaftAutopilotConfigurationWithContext(ctx context.Context, opts *AutopilotConfig) error { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + r := c.c.NewRequest("POST", "/v1/sys/storage/raft/autopilot/configuration") if err := r.SetJSONBody(opts); err != nil { return err } - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return err } diff --git a/api/sys_rekey.go b/api/sys_rekey.go index 153e486c6d60..06bb3047f1bc 100644 --- a/api/sys_rekey.go +++ b/api/sys_rekey.go @@ -8,11 +8,16 @@ import ( ) func (c *Sys) RekeyStatus() (*RekeyStatusResponse, error) { - r := c.c.NewRequest("GET", "/v1/sys/rekey/init") + return c.RekeyStatusWithContext(context.Background()) +} - ctx, cancelFunc := context.WithCancel(context.Background()) +func (c *Sys) RekeyStatusWithContext(ctx context.Context) (*RekeyStatusResponse, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + + r := c.c.NewRequest("GET", "/v1/sys/rekey/init") + + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return nil, err } @@ -24,11 +29,16 @@ func (c *Sys) RekeyStatus() (*RekeyStatusResponse, error) { } func (c *Sys) RekeyRecoveryKeyStatus() (*RekeyStatusResponse, error) { - r := c.c.NewRequest("GET", "/v1/sys/rekey-recovery-key/init") + return c.RekeyRecoveryKeyStatusWithContext(context.Background()) +} - ctx, cancelFunc := context.WithCancel(context.Background()) +func (c *Sys) RekeyRecoveryKeyStatusWithContext(ctx context.Context) (*RekeyStatusResponse, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + + r := c.c.NewRequest("GET", "/v1/sys/rekey-recovery-key/init") + + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return nil, err } @@ -40,11 +50,16 @@ func (c *Sys) RekeyRecoveryKeyStatus() (*RekeyStatusResponse, error) { } func (c *Sys) RekeyVerificationStatus() (*RekeyVerificationStatusResponse, error) { - r := c.c.NewRequest("GET", "/v1/sys/rekey/verify") + return c.RekeyVerificationStatusWithContext(context.Background()) +} - ctx, cancelFunc := context.WithCancel(context.Background()) +func (c *Sys) RekeyVerificationStatusWithContext(ctx context.Context) (*RekeyVerificationStatusResponse, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + + r := c.c.NewRequest("GET", "/v1/sys/rekey/verify") + + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return nil, err } @@ -56,11 +71,16 @@ func (c *Sys) RekeyVerificationStatus() (*RekeyVerificationStatusResponse, error } func (c *Sys) RekeyRecoveryKeyVerificationStatus() (*RekeyVerificationStatusResponse, error) { - r := c.c.NewRequest("GET", "/v1/sys/rekey-recovery-key/verify") + return c.RekeyRecoveryKeyVerificationStatusWithContext(context.Background()) +} - ctx, cancelFunc := context.WithCancel(context.Background()) +func (c *Sys) RekeyRecoveryKeyVerificationStatusWithContext(ctx context.Context) (*RekeyVerificationStatusResponse, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + + r := c.c.NewRequest("GET", "/v1/sys/rekey-recovery-key/verify") + + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return nil, err } @@ -72,14 +92,19 @@ func (c *Sys) RekeyRecoveryKeyVerificationStatus() (*RekeyVerificationStatusResp } func (c *Sys) RekeyInit(config *RekeyInitRequest) (*RekeyStatusResponse, error) { + return c.RekeyInitWithContext(context.Background(), config) +} + +func (c *Sys) RekeyInitWithContext(ctx context.Context, config *RekeyInitRequest) (*RekeyStatusResponse, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + r := c.c.NewRequest("PUT", "/v1/sys/rekey/init") if err := r.SetJSONBody(config); err != nil { return nil, err } - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return nil, err } @@ -91,14 +116,19 @@ func (c *Sys) RekeyInit(config *RekeyInitRequest) (*RekeyStatusResponse, error) } func (c *Sys) RekeyRecoveryKeyInit(config *RekeyInitRequest) (*RekeyStatusResponse, error) { + return c.RekeyRecoveryKeyInitWithContext(context.Background(), config) +} + +func (c *Sys) RekeyRecoveryKeyInitWithContext(ctx context.Context, config *RekeyInitRequest) (*RekeyStatusResponse, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + r := c.c.NewRequest("PUT", "/v1/sys/rekey-recovery-key/init") if err := r.SetJSONBody(config); err != nil { return nil, err } - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return nil, err } @@ -110,11 +140,16 @@ func (c *Sys) RekeyRecoveryKeyInit(config *RekeyInitRequest) (*RekeyStatusRespon } func (c *Sys) RekeyCancel() error { - r := c.c.NewRequest("DELETE", "/v1/sys/rekey/init") + return c.RekeyCancelWithContext(context.Background()) +} - ctx, cancelFunc := context.WithCancel(context.Background()) +func (c *Sys) RekeyCancelWithContext(ctx context.Context) error { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + + r := c.c.NewRequest("DELETE", "/v1/sys/rekey/init") + + resp, err := c.c.rawRequestWithContext(ctx, r) if err == nil { defer resp.Body.Close() } @@ -122,11 +157,16 @@ func (c *Sys) RekeyCancel() error { } func (c *Sys) RekeyRecoveryKeyCancel() error { - r := c.c.NewRequest("DELETE", "/v1/sys/rekey-recovery-key/init") + return c.RekeyRecoveryKeyCancelWithContext(context.Background()) +} - ctx, cancelFunc := context.WithCancel(context.Background()) +func (c *Sys) RekeyRecoveryKeyCancelWithContext(ctx context.Context) error { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + + r := c.c.NewRequest("DELETE", "/v1/sys/rekey-recovery-key/init") + + resp, err := c.c.rawRequestWithContext(ctx, r) if err == nil { defer resp.Body.Close() } @@ -134,11 +174,16 @@ func (c *Sys) RekeyRecoveryKeyCancel() error { } func (c *Sys) RekeyVerificationCancel() error { - r := c.c.NewRequest("DELETE", "/v1/sys/rekey/verify") + return c.RekeyVerificationCancelWithContext(context.Background()) +} - ctx, cancelFunc := context.WithCancel(context.Background()) +func (c *Sys) RekeyVerificationCancelWithContext(ctx context.Context) error { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + + r := c.c.NewRequest("DELETE", "/v1/sys/rekey/verify") + + resp, err := c.c.rawRequestWithContext(ctx, r) if err == nil { defer resp.Body.Close() } @@ -146,11 +191,16 @@ func (c *Sys) RekeyVerificationCancel() error { } func (c *Sys) RekeyRecoveryKeyVerificationCancel() error { - r := c.c.NewRequest("DELETE", "/v1/sys/rekey-recovery-key/verify") + return c.RekeyRecoveryKeyVerificationCancelWithContext(context.Background()) +} - ctx, cancelFunc := context.WithCancel(context.Background()) +func (c *Sys) RekeyRecoveryKeyVerificationCancelWithContext(ctx context.Context) error { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + + r := c.c.NewRequest("DELETE", "/v1/sys/rekey-recovery-key/verify") + + resp, err := c.c.rawRequestWithContext(ctx, r) if err == nil { defer resp.Body.Close() } @@ -158,6 +208,13 @@ func (c *Sys) RekeyRecoveryKeyVerificationCancel() error { } func (c *Sys) RekeyUpdate(shard, nonce string) (*RekeyUpdateResponse, error) { + return c.RekeyUpdateWithContext(context.Background(), shard, nonce) +} + +func (c *Sys) RekeyUpdateWithContext(ctx context.Context, shard, nonce string) (*RekeyUpdateResponse, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + body := map[string]interface{}{ "key": shard, "nonce": nonce, @@ -168,9 +225,7 @@ func (c *Sys) RekeyUpdate(shard, nonce string) (*RekeyUpdateResponse, error) { return nil, err } - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return nil, err } @@ -182,6 +237,13 @@ func (c *Sys) RekeyUpdate(shard, nonce string) (*RekeyUpdateResponse, error) { } func (c *Sys) RekeyRecoveryKeyUpdate(shard, nonce string) (*RekeyUpdateResponse, error) { + return c.RekeyRecoveryKeyUpdateWithContext(context.Background(), shard, nonce) +} + +func (c *Sys) RekeyRecoveryKeyUpdateWithContext(ctx context.Context, shard, nonce string) (*RekeyUpdateResponse, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + body := map[string]interface{}{ "key": shard, "nonce": nonce, @@ -192,9 +254,7 @@ func (c *Sys) RekeyRecoveryKeyUpdate(shard, nonce string) (*RekeyUpdateResponse, return nil, err } - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return nil, err } @@ -206,11 +266,16 @@ func (c *Sys) RekeyRecoveryKeyUpdate(shard, nonce string) (*RekeyUpdateResponse, } func (c *Sys) RekeyRetrieveBackup() (*RekeyRetrieveResponse, error) { - r := c.c.NewRequest("GET", "/v1/sys/rekey/backup") + return c.RekeyRetrieveBackupWithContext(context.Background()) +} - ctx, cancelFunc := context.WithCancel(context.Background()) +func (c *Sys) RekeyRetrieveBackupWithContext(ctx context.Context) (*RekeyRetrieveResponse, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + + r := c.c.NewRequest("GET", "/v1/sys/rekey/backup") + + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return nil, err } @@ -234,11 +299,16 @@ func (c *Sys) RekeyRetrieveBackup() (*RekeyRetrieveResponse, error) { } func (c *Sys) RekeyRetrieveRecoveryBackup() (*RekeyRetrieveResponse, error) { - r := c.c.NewRequest("GET", "/v1/sys/rekey/recovery-key-backup") + return c.RekeyRetrieveRecoveryBackupWithContext(context.Background()) +} - ctx, cancelFunc := context.WithCancel(context.Background()) +func (c *Sys) RekeyRetrieveRecoveryBackupWithContext(ctx context.Context) (*RekeyRetrieveResponse, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + + r := c.c.NewRequest("GET", "/v1/sys/rekey/recovery-key-backup") + + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return nil, err } @@ -262,11 +332,16 @@ func (c *Sys) RekeyRetrieveRecoveryBackup() (*RekeyRetrieveResponse, error) { } func (c *Sys) RekeyDeleteBackup() error { - r := c.c.NewRequest("DELETE", "/v1/sys/rekey/backup") + return c.RekeyDeleteBackupWithContext(context.Background()) +} - ctx, cancelFunc := context.WithCancel(context.Background()) +func (c *Sys) RekeyDeleteBackupWithContext(ctx context.Context) error { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + + r := c.c.NewRequest("DELETE", "/v1/sys/rekey/backup") + + resp, err := c.c.rawRequestWithContext(ctx, r) if err == nil { defer resp.Body.Close() } @@ -275,11 +350,16 @@ func (c *Sys) RekeyDeleteBackup() error { } func (c *Sys) RekeyDeleteRecoveryBackup() error { - r := c.c.NewRequest("DELETE", "/v1/sys/rekey/recovery-key-backup") + return c.RekeyDeleteRecoveryBackupWithContext(context.Background()) +} - ctx, cancelFunc := context.WithCancel(context.Background()) +func (c *Sys) RekeyDeleteRecoveryBackupWithContext(ctx context.Context) error { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + + r := c.c.NewRequest("DELETE", "/v1/sys/rekey/recovery-key-backup") + + resp, err := c.c.rawRequestWithContext(ctx, r) if err == nil { defer resp.Body.Close() } @@ -288,6 +368,13 @@ func (c *Sys) RekeyDeleteRecoveryBackup() error { } func (c *Sys) RekeyVerificationUpdate(shard, nonce string) (*RekeyVerificationUpdateResponse, error) { + return c.RekeyVerificationUpdateWithContext(context.Background(), shard, nonce) +} + +func (c *Sys) RekeyVerificationUpdateWithContext(ctx context.Context, shard, nonce string) (*RekeyVerificationUpdateResponse, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + body := map[string]interface{}{ "key": shard, "nonce": nonce, @@ -298,9 +385,7 @@ func (c *Sys) RekeyVerificationUpdate(shard, nonce string) (*RekeyVerificationUp return nil, err } - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return nil, err } @@ -312,6 +397,13 @@ func (c *Sys) RekeyVerificationUpdate(shard, nonce string) (*RekeyVerificationUp } func (c *Sys) RekeyRecoveryKeyVerificationUpdate(shard, nonce string) (*RekeyVerificationUpdateResponse, error) { + return c.RekeyRecoveryKeyVerificationUpdateWithContext(context.Background(), shard, nonce) +} + +func (c *Sys) RekeyRecoveryKeyVerificationUpdateWithContext(ctx context.Context, shard, nonce string) (*RekeyVerificationUpdateResponse, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) + defer cancelFunc() + body := map[string]interface{}{ "key": shard, "nonce": nonce, @@ -322,9 +414,7 @@ func (c *Sys) RekeyRecoveryKeyVerificationUpdate(shard, nonce string) (*RekeyVer return nil, err } - ctx, cancelFunc := context.WithCancel(context.Background()) - defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return nil, err } diff --git a/api/sys_rotate.go b/api/sys_rotate.go index e081587b1178..dc0140f0c9d9 100644 --- a/api/sys_rotate.go +++ b/api/sys_rotate.go @@ -8,11 +8,16 @@ import ( ) func (c *Sys) Rotate() error { - r := c.c.NewRequest("POST", "/v1/sys/rotate") + return c.RotateWithContext(context.Background()) +} - ctx, cancelFunc := context.WithCancel(context.Background()) +func (c *Sys) RotateWithContext(ctx context.Context) error { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + + r := c.c.NewRequest("POST", "/v1/sys/rotate") + + resp, err := c.c.rawRequestWithContext(ctx, r) if err == nil { defer resp.Body.Close() } @@ -20,11 +25,16 @@ func (c *Sys) Rotate() error { } func (c *Sys) KeyStatus() (*KeyStatus, error) { - r := c.c.NewRequest("GET", "/v1/sys/key-status") + return c.KeyStatusWithContext(context.Background()) +} - ctx, cancelFunc := context.WithCancel(context.Background()) +func (c *Sys) KeyStatusWithContext(ctx context.Context) (*KeyStatus, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + + r := c.c.NewRequest("GET", "/v1/sys/key-status") + + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return nil, err } diff --git a/api/sys_seal.go b/api/sys_seal.go index 20d41a28f343..f57e19ea1b38 100644 --- a/api/sys_seal.go +++ b/api/sys_seal.go @@ -3,23 +3,38 @@ package api import "context" func (c *Sys) SealStatus() (*SealStatusResponse, error) { + return c.SealStatusWithContext(context.Background()) +} + +func (c *Sys) SealStatusWithContext(ctx context.Context) (*SealStatusResponse, error) { r := c.c.NewRequest("GET", "/v1/sys/seal-status") - return sealStatusRequest(c, r) + return sealStatusRequestWithContext(ctx, c, r) } func (c *Sys) Seal() error { - r := c.c.NewRequest("PUT", "/v1/sys/seal") + return c.SealWithContext(context.Background()) +} - ctx, cancelFunc := context.WithCancel(context.Background()) +func (c *Sys) SealWithContext(ctx context.Context) error { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) - if err == nil { - defer resp.Body.Close() + + r := c.c.NewRequest("PUT", "/v1/sys/seal") + + resp, err := c.c.rawRequestWithContext(ctx, r) + if err != nil { + return err } - return err + defer resp.Body.Close() + + return nil } func (c *Sys) ResetUnsealProcess() (*SealStatusResponse, error) { + return c.ResetUnsealProcessWithContext(context.Background()) +} + +func (c *Sys) ResetUnsealProcessWithContext(ctx context.Context) (*SealStatusResponse, error) { body := map[string]interface{}{"reset": true} r := c.c.NewRequest("PUT", "/v1/sys/unseal") @@ -27,10 +42,14 @@ func (c *Sys) ResetUnsealProcess() (*SealStatusResponse, error) { return nil, err } - return sealStatusRequest(c, r) + return sealStatusRequestWithContext(ctx, c, r) } func (c *Sys) Unseal(shard string) (*SealStatusResponse, error) { + return c.UnsealWithContext(context.Background(), shard) +} + +func (c *Sys) UnsealWithContext(ctx context.Context, shard string) (*SealStatusResponse, error) { body := map[string]interface{}{"key": shard} r := c.c.NewRequest("PUT", "/v1/sys/unseal") @@ -38,22 +57,28 @@ func (c *Sys) Unseal(shard string) (*SealStatusResponse, error) { return nil, err } - return sealStatusRequest(c, r) + return sealStatusRequestWithContext(ctx, c, r) } func (c *Sys) UnsealWithOptions(opts *UnsealOpts) (*SealStatusResponse, error) { + return c.UnsealWithOptionsWithContext(context.Background(), opts) +} + +func (c *Sys) UnsealWithOptionsWithContext(ctx context.Context, opts *UnsealOpts) (*SealStatusResponse, error) { r := c.c.NewRequest("PUT", "/v1/sys/unseal") + if err := r.SetJSONBody(opts); err != nil { return nil, err } - return sealStatusRequest(c, r) + return sealStatusRequestWithContext(ctx, c, r) } -func sealStatusRequest(c *Sys, r *Request) (*SealStatusResponse, error) { - ctx, cancelFunc := context.WithCancel(context.Background()) +func sealStatusRequestWithContext(ctx context.Context, c *Sys, r *Request) (*SealStatusResponse, error) { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + + resp, err := c.c.rawRequestWithContext(ctx, r) if err != nil { return nil, err } diff --git a/api/sys_stepdown.go b/api/sys_stepdown.go index 55dc6fbcb7bd..2ef681e9fedf 100644 --- a/api/sys_stepdown.go +++ b/api/sys_stepdown.go @@ -3,11 +3,16 @@ package api import "context" func (c *Sys) StepDown() error { - r := c.c.NewRequest("PUT", "/v1/sys/step-down") + return c.StepDownWithContext(context.Background()) +} - ctx, cancelFunc := context.WithCancel(context.Background()) +func (c *Sys) StepDownWithContext(ctx context.Context) error { + ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) defer cancelFunc() - resp, err := c.c.RawRequestWithContext(ctx, r) + + r := c.c.NewRequest("PUT", "/v1/sys/step-down") + + resp, err := c.c.rawRequestWithContext(ctx, r) if resp != nil && resp.Body != nil { resp.Body.Close() } diff --git a/builtin/credential/aws/backend_e2e_test.go b/builtin/credential/aws/backend_e2e_test.go index ac2bb22f129a..0e8186a44362 100644 --- a/builtin/credential/aws/backend_e2e_test.go +++ b/builtin/credential/aws/backend_e2e_test.go @@ -63,10 +63,10 @@ func TestBackend_E2E_Initialize(t *testing.T) { "policies": "default", "bound_subnet_id": "subnet-abcdef", } - if _, err := core.Client.Logical().Write("auth/aws/role/test-role", data); err != nil { + if _, err := core.Client.Logical().WriteWithContext(context.Background(), "auth/aws/role/test-role", data); err != nil { t.Fatal(err) } - role, err := core.Client.Logical().Read("auth/aws/role/test-role") + role, err := core.Client.Logical().ReadWithContext(context.Background(), "auth/aws/role/test-role") if err != nil { t.Fatal(err) } diff --git a/builtin/credential/cert/backend_test.go b/builtin/credential/cert/backend_test.go index db400dab780a..8a58c4575f6f 100644 --- a/builtin/credential/cert/backend_test.go +++ b/builtin/credential/cert/backend_test.go @@ -272,7 +272,7 @@ func TestBackend_PermittedDNSDomainsIntermediateCA(t *testing.T) { var err error // Mount /pki as a root CA - err = client.Sys().Mount("pki", &api.MountInput{ + err = client.Sys().MountWithContext(context.Background(), "pki", &api.MountInput{ Type: "pki", Config: api.MountConfigInput{ DefaultLeaseTTL: "16h", @@ -285,7 +285,7 @@ func TestBackend_PermittedDNSDomainsIntermediateCA(t *testing.T) { // Set the cluster's certificate as the root CA in /pki pemBundleRootCA := string(cluster.CACertPEM) + string(cluster.CAKeyPEM) - _, err = client.Logical().Write("pki/config/ca", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "pki/config/ca", map[string]interface{}{ "pem_bundle": pemBundleRootCA, }) if err != nil { @@ -293,7 +293,7 @@ func TestBackend_PermittedDNSDomainsIntermediateCA(t *testing.T) { } // Mount /pki2 to operate as an intermediate CA - err = client.Sys().Mount("pki2", &api.MountInput{ + err = client.Sys().MountWithContext(context.Background(), "pki2", &api.MountInput{ Type: "pki", Config: api.MountConfigInput{ DefaultLeaseTTL: "16h", @@ -305,14 +305,14 @@ func TestBackend_PermittedDNSDomainsIntermediateCA(t *testing.T) { } // Create a CSR for the intermediate CA - secret, err := client.Logical().Write("pki2/intermediate/generate/internal", nil) + secret, err := client.Logical().WriteWithContext(context.Background(), "pki2/intermediate/generate/internal", nil) if err != nil { t.Fatal(err) } intermediateCSR := secret.Data["csr"].(string) // Sign the intermediate CSR using /pki - secret, err = client.Logical().Write("pki/root/sign-intermediate", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "pki/root/sign-intermediate", map[string]interface{}{ "permitted_dns_domains": ".myvault.com", "csr": intermediateCSR, }) @@ -322,7 +322,7 @@ func TestBackend_PermittedDNSDomainsIntermediateCA(t *testing.T) { intermediateCertPEM := secret.Data["certificate"].(string) // Configure the intermediate cert as the CA in /pki2 - _, err = client.Logical().Write("pki2/intermediate/set-signed", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "pki2/intermediate/set-signed", map[string]interface{}{ "certificate": intermediateCertPEM, }) if err != nil { @@ -330,7 +330,7 @@ func TestBackend_PermittedDNSDomainsIntermediateCA(t *testing.T) { } // Create a role on the intermediate CA mount - _, err = client.Logical().Write("pki2/roles/myvault-dot-com", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "pki2/roles/myvault-dot-com", map[string]interface{}{ "allowed_domains": "myvault.com", "allow_subdomains": "true", "max_ttl": "5m", @@ -340,7 +340,7 @@ func TestBackend_PermittedDNSDomainsIntermediateCA(t *testing.T) { } // Issue a leaf cert using the intermediate CA - secret, err = client.Logical().Write("pki2/issue/myvault-dot-com", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "pki2/issue/myvault-dot-com", map[string]interface{}{ "common_name": "cert.myvault.com", "format": "pem", "ip_sans": "127.0.0.1", @@ -360,7 +360,7 @@ func TestBackend_PermittedDNSDomainsIntermediateCA(t *testing.T) { } // Set the intermediate CA cert as a trusted certificate in the backend - _, err = client.Logical().Write("auth/cert/certs/myvault-dot-com", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/cert/certs/myvault-dot-com", map[string]interface{}{ "display_name": "myvault.com", "policies": "default", "certificate": intermediateCertPEM, @@ -447,7 +447,7 @@ func TestBackend_PermittedDNSDomainsIntermediateCA(t *testing.T) { // Create a new api client with the desired TLS configuration newClient := getAPIClient(cores[0].Listeners[0].Address.Port, cores[0].TLSConfig) - secret, err = newClient.Logical().Write("auth/cert/login", map[string]interface{}{ + secret, err = newClient.Logical().WriteWithContext(context.Background(), "auth/cert/login", map[string]interface{}{ "name": "myvault-dot-com", }) if err != nil { diff --git a/builtin/logical/pki/backend_test.go b/builtin/logical/pki/backend_test.go index 02fe209ec7c6..5f6cbb4a8080 100644 --- a/builtin/logical/pki/backend_test.go +++ b/builtin/logical/pki/backend_test.go @@ -62,7 +62,7 @@ func TestPKI_RequireCN(t *testing.T) { client := cluster.Cores[0].Client var err error - err = client.Sys().Mount("pki", &api.MountInput{ + err = client.Sys().MountWithContext(context.Background(), "pki", &api.MountInput{ Type: "pki", Config: api.MountConfigInput{ DefaultLeaseTTL: "16h", @@ -73,7 +73,7 @@ func TestPKI_RequireCN(t *testing.T) { t.Fatal(err) } - resp, err := client.Logical().Write("pki/root/generate/internal", map[string]interface{}{ + resp, err := client.Logical().WriteWithContext(context.Background(), "pki/root/generate/internal", map[string]interface{}{ "common_name": "myvault.com", }) if err != nil { @@ -84,7 +84,7 @@ func TestPKI_RequireCN(t *testing.T) { } // Create a role which does require CN (default) - _, err = client.Logical().Write("pki/roles/example", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "pki/roles/example", map[string]interface{}{ "allowed_domains": "foobar.com,zipzap.com,abc.com,xyz.com", "allow_bare_domains": true, "allow_subdomains": true, @@ -96,7 +96,7 @@ func TestPKI_RequireCN(t *testing.T) { // Issue a cert with require_cn set to true and with common name supplied. // It should succeed. - resp, err = client.Logical().Write("pki/issue/example", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "pki/issue/example", map[string]interface{}{ "common_name": "foobar.com", }) if err != nil { @@ -105,13 +105,13 @@ func TestPKI_RequireCN(t *testing.T) { // Issue a cert with require_cn set to true and with out supplying the // common name. It should error out. - resp, err = client.Logical().Write("pki/issue/example", map[string]interface{}{}) + resp, err = client.Logical().WriteWithContext(context.Background(), "pki/issue/example", map[string]interface{}{}) if err == nil { t.Fatalf("expected an error due to missing common_name") } // Modify the role to make the common name optional - _, err = client.Logical().Write("pki/roles/example", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "pki/roles/example", map[string]interface{}{ "allowed_domains": "foobar.com,zipzap.com,abc.com,xyz.com", "allow_bare_domains": true, "allow_subdomains": true, @@ -124,7 +124,7 @@ func TestPKI_RequireCN(t *testing.T) { // Issue a cert with require_cn set to false and without supplying the // common name. It should succeed. - resp, err = client.Logical().Write("pki/issue/example", map[string]interface{}{}) + resp, err = client.Logical().WriteWithContext(context.Background(), "pki/issue/example", map[string]interface{}{}) if err != nil { t.Fatal(err) } @@ -135,7 +135,7 @@ func TestPKI_RequireCN(t *testing.T) { // Issue a cert with require_cn set to false and with a common name. It // should succeed. - resp, err = client.Logical().Write("pki/issue/example", map[string]interface{}{}) + resp, err = client.Logical().WriteWithContext(context.Background(), "pki/issue/example", map[string]interface{}{}) if err != nil { t.Fatal(err) } @@ -159,7 +159,7 @@ func TestPKI_DeviceCert(t *testing.T) { client := cluster.Cores[0].Client var err error - err = client.Sys().Mount("pki", &api.MountInput{ + err = client.Sys().MountWithContext(context.Background(), "pki", &api.MountInput{ Type: "pki", Config: api.MountConfigInput{ DefaultLeaseTTL: "16h", @@ -170,7 +170,7 @@ func TestPKI_DeviceCert(t *testing.T) { t.Fatal(err) } - resp, err := client.Logical().Write("pki/root/generate/internal", map[string]interface{}{ + resp, err := client.Logical().WriteWithContext(context.Background(), "pki/root/generate/internal", map[string]interface{}{ "common_name": "myvault.com", "not_after": "9999-12-31T23:59:59Z", }) @@ -197,7 +197,7 @@ func TestPKI_DeviceCert(t *testing.T) { } // Create a role which does require CN (default) - _, err = client.Logical().Write("pki/roles/example", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "pki/roles/example", map[string]interface{}{ "allowed_domains": "foobar.com,zipzap.com,abc.com,xyz.com", "allow_bare_domains": true, "allow_subdomains": true, @@ -209,7 +209,7 @@ func TestPKI_DeviceCert(t *testing.T) { // Issue a cert with require_cn set to true and with common name supplied. // It should succeed. - resp, err = client.Logical().Write("pki/issue/example", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "pki/issue/example", map[string]interface{}{ "common_name": "foobar.com", }) if err != nil { @@ -245,7 +245,7 @@ func TestBackend_InvalidParameter(t *testing.T) { client := cluster.Cores[0].Client var err error - err = client.Sys().Mount("pki", &api.MountInput{ + err = client.Sys().MountWithContext(context.Background(), "pki", &api.MountInput{ Type: "pki", Config: api.MountConfigInput{ DefaultLeaseTTL: "16h", @@ -256,7 +256,7 @@ func TestBackend_InvalidParameter(t *testing.T) { t.Fatal(err) } - _, err = client.Logical().Write("pki/root/generate/internal", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "pki/root/generate/internal", map[string]interface{}{ "common_name": "myvault.com", "not_after": "9999-12-31T23:59:59Z", "ttl": "25h", @@ -265,7 +265,7 @@ func TestBackend_InvalidParameter(t *testing.T) { t.Fatal(err) } - _, err = client.Logical().Write("pki/root/generate/internal", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "pki/root/generate/internal", map[string]interface{}{ "common_name": "myvault.com", "not_after": "9999-12-31T23:59:59", }) @@ -2156,7 +2156,7 @@ func TestBackend_Root_Idempotency(t *testing.T) { client := cluster.Cores[0].Client var err error - err = client.Sys().Mount("pki", &api.MountInput{ + err = client.Sys().MountWithContext(context.Background(), "pki", &api.MountInput{ Type: "pki", Config: api.MountConfigInput{ DefaultLeaseTTL: "16h", @@ -2167,7 +2167,7 @@ func TestBackend_Root_Idempotency(t *testing.T) { t.Fatal(err) } - resp, err := client.Logical().Write("pki/root/generate/internal", map[string]interface{}{ + resp, err := client.Logical().WriteWithContext(context.Background(), "pki/root/generate/internal", map[string]interface{}{ "common_name": "myvault.com", }) if err != nil { @@ -2176,7 +2176,7 @@ func TestBackend_Root_Idempotency(t *testing.T) { if resp == nil { t.Fatal("expected ca info") } - resp, err = client.Logical().Read("pki/cert/ca_chain") + resp, err = client.Logical().ReadWithContext(context.Background(), "pki/cert/ca_chain") if err != nil { t.Fatalf("error reading ca_chain: %v", err) } @@ -2184,7 +2184,7 @@ func TestBackend_Root_Idempotency(t *testing.T) { r1Data := resp.Data // Try again, make sure it's a 204 and same CA - resp, err = client.Logical().Write("pki/root/generate/internal", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "pki/root/generate/internal", map[string]interface{}{ "common_name": "myvault.com", }) if err != nil { @@ -2196,7 +2196,7 @@ func TestBackend_Root_Idempotency(t *testing.T) { if resp.Data != nil || len(resp.Warnings) == 0 { t.Fatalf("bad response: %#v", *resp) } - resp, err = client.Logical().Read("pki/cert/ca_chain") + resp, err = client.Logical().ReadWithContext(context.Background(), "pki/cert/ca_chain") if err != nil { t.Fatalf("error reading ca_chain: %v", err) } @@ -2205,7 +2205,7 @@ func TestBackend_Root_Idempotency(t *testing.T) { t.Fatal("got different ca certs") } - resp, err = client.Logical().Delete("pki/root") + resp, err = client.Logical().DeleteWithContext(context.Background(), "pki/root") if err != nil { t.Fatal(err) } @@ -2213,7 +2213,7 @@ func TestBackend_Root_Idempotency(t *testing.T) { t.Fatal("expected nil response") } // Make sure it behaves the same - resp, err = client.Logical().Delete("pki/root") + resp, err = client.Logical().DeleteWithContext(context.Background(), "pki/root") if err != nil { t.Fatal(err) } @@ -2221,12 +2221,12 @@ func TestBackend_Root_Idempotency(t *testing.T) { t.Fatal("expected nil response") } - _, err = client.Logical().Read("pki/cert/ca_chain") + _, err = client.Logical().ReadWithContext(context.Background(), "pki/cert/ca_chain") if err == nil { t.Fatal("expected error") } - resp, err = client.Logical().Write("pki/root/generate/internal", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "pki/root/generate/internal", map[string]interface{}{ "common_name": "myvault.com", }) if err != nil { @@ -2236,7 +2236,7 @@ func TestBackend_Root_Idempotency(t *testing.T) { t.Fatal("expected ca info") } - _, err = client.Logical().Read("pki/cert/ca_chain") + _, err = client.Logical().ReadWithContext(context.Background(), "pki/cert/ca_chain") if err != nil { t.Fatal(err) } @@ -2256,7 +2256,7 @@ func TestBackend_SignIntermediate_AllowedPastCA(t *testing.T) { client := cluster.Cores[0].Client var err error - err = client.Sys().Mount("root", &api.MountInput{ + err = client.Sys().MountWithContext(context.Background(), "root", &api.MountInput{ Type: "pki", Config: api.MountConfigInput{ DefaultLeaseTTL: "16h", @@ -2266,7 +2266,7 @@ func TestBackend_SignIntermediate_AllowedPastCA(t *testing.T) { if err != nil { t.Fatal(err) } - err = client.Sys().Mount("int", &api.MountInput{ + err = client.Sys().MountWithContext(context.Background(), "int", &api.MountInput{ Type: "pki", Config: api.MountConfigInput{ DefaultLeaseTTL: "4h", @@ -2278,7 +2278,7 @@ func TestBackend_SignIntermediate_AllowedPastCA(t *testing.T) { } // Direct issuing from root - _, err = client.Logical().Write("root/root/generate/internal", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "root/root/generate/internal", map[string]interface{}{ "ttl": "40h", "common_name": "myvault.com", }) @@ -2286,7 +2286,7 @@ func TestBackend_SignIntermediate_AllowedPastCA(t *testing.T) { t.Fatal(err) } - _, err = client.Logical().Write("root/roles/test", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "root/roles/test", map[string]interface{}{ "allow_bare_domains": true, "allow_subdomains": true, }) @@ -2294,7 +2294,7 @@ func TestBackend_SignIntermediate_AllowedPastCA(t *testing.T) { t.Fatal(err) } - resp, err := client.Logical().Write("int/intermediate/generate/internal", map[string]interface{}{ + resp, err := client.Logical().WriteWithContext(context.Background(), "int/intermediate/generate/internal", map[string]interface{}{ "common_name": "myint.com", }) if err != nil { @@ -2303,7 +2303,7 @@ func TestBackend_SignIntermediate_AllowedPastCA(t *testing.T) { csr := resp.Data["csr"] - _, err = client.Logical().Write("root/sign/test", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "root/sign/test", map[string]interface{}{ "common_name": "myint.com", "csr": csr, "ttl": "60h", @@ -2312,7 +2312,7 @@ func TestBackend_SignIntermediate_AllowedPastCA(t *testing.T) { t.Fatal("expected error") } - _, err = client.Logical().Write("root/sign-verbatim/test", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "root/sign-verbatim/test", map[string]interface{}{ "common_name": "myint.com", "other_sans": "1.3.6.1.4.1.311.20.2.3;utf8:caadmin@example.com", "csr": csr, @@ -2322,7 +2322,7 @@ func TestBackend_SignIntermediate_AllowedPastCA(t *testing.T) { t.Fatal("expected error") } - resp, err = client.Logical().Write("root/root/sign-intermediate", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "root/root/sign-intermediate", map[string]interface{}{ "common_name": "myint.com", "other_sans": "1.3.6.1.4.1.311.20.2.3;utf8:caadmin@example.com", "csr": csr, @@ -2650,7 +2650,7 @@ func TestBackend_OID_SANs(t *testing.T) { client := cluster.Cores[0].Client var err error - err = client.Sys().Mount("root", &api.MountInput{ + err = client.Sys().MountWithContext(context.Background(), "root", &api.MountInput{ Type: "pki", Config: api.MountConfigInput{ DefaultLeaseTTL: "16h", @@ -2666,7 +2666,7 @@ func TestBackend_OID_SANs(t *testing.T) { var block *pem.Block var cert *x509.Certificate - _, err = client.Logical().Write("root/root/generate/internal", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "root/root/generate/internal", map[string]interface{}{ "ttl": "40h", "common_name": "myvault.com", }) @@ -2674,7 +2674,7 @@ func TestBackend_OID_SANs(t *testing.T) { t.Fatal(err) } - _, err = client.Logical().Write("root/roles/test", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "root/roles/test", map[string]interface{}{ "allowed_domains": []string{"foobar.com", "zipzap.com"}, "allow_bare_domains": true, "allow_subdomains": true, @@ -2688,7 +2688,7 @@ func TestBackend_OID_SANs(t *testing.T) { // Get a baseline before adding OID SANs. In the next sections we'll verify // that the SANs are all added even as the OID SAN inclusion forces other // adding logic (custom rather than built-in Golang logic) - resp, err = client.Logical().Write("root/issue/test", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "root/issue/test", map[string]interface{}{ "common_name": "foobar.com", "ip_sans": "1.2.3.4", "alt_names": "foobar.com,foo.foobar.com,bar.foobar.com", @@ -2714,7 +2714,7 @@ func TestBackend_OID_SANs(t *testing.T) { } // First test some bad stuff that shouldn't work - resp, err = client.Logical().Write("root/issue/test", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "root/issue/test", map[string]interface{}{ "common_name": "foobar.com", "ip_sans": "1.2.3.4", "alt_names": "foo.foobar.com,bar.foobar.com", @@ -2726,7 +2726,7 @@ func TestBackend_OID_SANs(t *testing.T) { t.Fatal("expected error") } - resp, err = client.Logical().Write("root/issue/test", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "root/issue/test", map[string]interface{}{ "common_name": "foobar.com", "ip_sans": "1.2.3.4", "alt_names": "foo.foobar.com,bar.foobar.com", @@ -2738,7 +2738,7 @@ func TestBackend_OID_SANs(t *testing.T) { t.Fatal("expected error") } - resp, err = client.Logical().Write("root/issue/test", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "root/issue/test", map[string]interface{}{ "common_name": "foobar.com", "ip_sans": "1.2.3.4", "alt_names": "foo.foobar.com,bar.foobar.com", @@ -2750,7 +2750,7 @@ func TestBackend_OID_SANs(t *testing.T) { t.Fatal("expected error") } - resp, err = client.Logical().Write("root/issue/test", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "root/issue/test", map[string]interface{}{ "common_name": "foobar.com", "ip_sans": "1.2.3.4", "alt_names": "foo.foobar.com,bar.foobar.com", @@ -2762,7 +2762,7 @@ func TestBackend_OID_SANs(t *testing.T) { t.Fatal("expected error") } - resp, err = client.Logical().Write("root/issue/test", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "root/issue/test", map[string]interface{}{ "common_name": "foobar.com", "ip_sans": "1.2.3.4", "alt_names": "foo.foobar.com,bar.foobar.com", @@ -2775,7 +2775,7 @@ func TestBackend_OID_SANs(t *testing.T) { } // Valid for first possibility - resp, err = client.Logical().Write("root/issue/test", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "root/issue/test", map[string]interface{}{ "common_name": "foobar.com", "ip_sans": "1.2.3.4", "alt_names": "foo.foobar.com,bar.foobar.com", @@ -2805,7 +2805,7 @@ func TestBackend_OID_SANs(t *testing.T) { } // Valid for second possibility - resp, err = client.Logical().Write("root/issue/test", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "root/issue/test", map[string]interface{}{ "common_name": "foobar.com", "ip_sans": "1.2.3.4", "alt_names": "foo.foobar.com,bar.foobar.com", @@ -2841,7 +2841,7 @@ func TestBackend_OID_SANs(t *testing.T) { fmt.Sprintf("%s;%s:%s", oid1, type1, val1), fmt.Sprintf("%s;%s:%s", oid2, type2, val2), } - resp, err = client.Logical().Write("root/issue/test", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "root/issue/test", map[string]interface{}{ "common_name": "foobar.com", "ip_sans": "1.2.3.4", "alt_names": "foo.foobar.com,bar.foobar.com", @@ -2893,7 +2893,7 @@ func TestBackend_AllowedSerialNumbers(t *testing.T) { client := cluster.Cores[0].Client var err error - err = client.Sys().Mount("root", &api.MountInput{ + err = client.Sys().MountWithContext(context.Background(), "root", &api.MountInput{ Type: "pki", Config: api.MountConfigInput{ DefaultLeaseTTL: "16h", @@ -2909,7 +2909,7 @@ func TestBackend_AllowedSerialNumbers(t *testing.T) { var block *pem.Block var cert *x509.Certificate - _, err = client.Logical().Write("root/root/generate/internal", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "root/root/generate/internal", map[string]interface{}{ "ttl": "40h", "common_name": "myvault.com", }) @@ -2918,7 +2918,7 @@ func TestBackend_AllowedSerialNumbers(t *testing.T) { } // First test that Serial Numbers are not allowed - _, err = client.Logical().Write("root/roles/test", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "root/roles/test", map[string]interface{}{ "allow_any_name": true, "enforce_hostnames": false, }) @@ -2926,7 +2926,7 @@ func TestBackend_AllowedSerialNumbers(t *testing.T) { t.Fatal(err) } - resp, err = client.Logical().Write("root/issue/test", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "root/issue/test", map[string]interface{}{ "common_name": "foobar", "ttl": "1h", }) @@ -2934,7 +2934,7 @@ func TestBackend_AllowedSerialNumbers(t *testing.T) { t.Fatal(err) } - resp, err = client.Logical().Write("root/issue/test", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "root/issue/test", map[string]interface{}{ "common_name": "foobar", "ttl": "1h", "serial_number": "foobar", @@ -2944,7 +2944,7 @@ func TestBackend_AllowedSerialNumbers(t *testing.T) { } // Update the role to allow serial numbers - _, err = client.Logical().Write("root/roles/test", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "root/roles/test", map[string]interface{}{ "allow_any_name": true, "enforce_hostnames": false, "allowed_serial_numbers": "f00*,b4r*", @@ -2953,7 +2953,7 @@ func TestBackend_AllowedSerialNumbers(t *testing.T) { t.Fatal(err) } - resp, err = client.Logical().Write("root/issue/test", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "root/issue/test", map[string]interface{}{ "common_name": "foobar", "ttl": "1h", // Not a valid serial number @@ -2964,7 +2964,7 @@ func TestBackend_AllowedSerialNumbers(t *testing.T) { } // Valid for first possibility - resp, err = client.Logical().Write("root/issue/test", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "root/issue/test", map[string]interface{}{ "common_name": "foobar", "serial_number": "f00bar", }) @@ -2985,7 +2985,7 @@ func TestBackend_AllowedSerialNumbers(t *testing.T) { } // Valid for second possibility - resp, err = client.Logical().Write("root/issue/test", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "root/issue/test", map[string]interface{}{ "common_name": "foobar", "serial_number": "b4rf00", }) @@ -3020,7 +3020,7 @@ func TestBackend_URI_SANs(t *testing.T) { client := cluster.Cores[0].Client var err error - err = client.Sys().Mount("root", &api.MountInput{ + err = client.Sys().MountWithContext(context.Background(), "root", &api.MountInput{ Type: "pki", Config: api.MountConfigInput{ DefaultLeaseTTL: "16h", @@ -3031,7 +3031,7 @@ func TestBackend_URI_SANs(t *testing.T) { t.Fatal(err) } - _, err = client.Logical().Write("root/root/generate/internal", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "root/root/generate/internal", map[string]interface{}{ "ttl": "40h", "common_name": "myvault.com", }) @@ -3039,7 +3039,7 @@ func TestBackend_URI_SANs(t *testing.T) { t.Fatal(err) } - _, err = client.Logical().Write("root/roles/test", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "root/roles/test", map[string]interface{}{ "allowed_domains": []string{"foobar.com", "zipzap.com"}, "allow_bare_domains": true, "allow_subdomains": true, @@ -3051,7 +3051,7 @@ func TestBackend_URI_SANs(t *testing.T) { } // First test some bad stuff that shouldn't work - _, err = client.Logical().Write("root/issue/test", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "root/issue/test", map[string]interface{}{ "common_name": "foobar.com", "ip_sans": "1.2.3.4", "alt_names": "foo.foobar.com,bar.foobar.com", @@ -3063,7 +3063,7 @@ func TestBackend_URI_SANs(t *testing.T) { } // Test valid single entry - _, err = client.Logical().Write("root/issue/test", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "root/issue/test", map[string]interface{}{ "common_name": "foobar.com", "ip_sans": "1.2.3.4", "alt_names": "foo.foobar.com,bar.foobar.com", @@ -3075,7 +3075,7 @@ func TestBackend_URI_SANs(t *testing.T) { } // Test globed entry - _, err = client.Logical().Write("root/issue/test", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "root/issue/test", map[string]interface{}{ "common_name": "foobar.com", "ip_sans": "1.2.3.4", "alt_names": "foo.foobar.com,bar.foobar.com", @@ -3087,7 +3087,7 @@ func TestBackend_URI_SANs(t *testing.T) { } // Test multiple entries - resp, err := client.Logical().Write("root/issue/test", map[string]interface{}{ + resp, err := client.Logical().WriteWithContext(context.Background(), "root/issue/test", map[string]interface{}{ "common_name": "foobar.com", "ip_sans": "1.2.3.4", "alt_names": "foo.foobar.com,bar.foobar.com", @@ -3136,7 +3136,7 @@ func TestBackend_AllowedURISANsTemplate(t *testing.T) { client := cluster.Cores[0].Client // Write test policy for userpass auth method. - err := client.Sys().PutPolicy("test", ` + err := client.Sys().PutPolicyWithContext(context.Background(), "test", ` path "pki/*" { capabilities = ["update"] }`) @@ -3150,7 +3150,7 @@ func TestBackend_AllowedURISANsTemplate(t *testing.T) { } // Configure test role for userpass. - if _, err := client.Logical().Write("auth/userpass/users/userpassname", map[string]interface{}{ + if _, err := client.Logical().WriteWithContext(context.Background(), "auth/userpass/users/userpassname", map[string]interface{}{ "password": "test", "policies": "test", }); err != nil { @@ -3158,7 +3158,7 @@ func TestBackend_AllowedURISANsTemplate(t *testing.T) { } // Login userpass for test role and keep client token. - secret, err := client.Logical().Write("auth/userpass/login/userpassname", map[string]interface{}{ + secret, err := client.Logical().WriteWithContext(context.Background(), "auth/userpass/login/userpassname", map[string]interface{}{ "password": "test", }) if err != nil || secret == nil { @@ -3167,14 +3167,14 @@ func TestBackend_AllowedURISANsTemplate(t *testing.T) { userpassToken := secret.Auth.ClientToken // Get auth accessor for identity template. - auths, err := client.Sys().ListAuth() + auths, err := client.Sys().ListAuthWithContext(context.Background()) if err != nil { t.Fatal(err) } userpassAccessor := auths["userpass/"].Accessor // Mount PKI. - err = client.Sys().Mount("pki", &api.MountInput{ + err = client.Sys().MountWithContext(context.Background(), "pki", &api.MountInput{ Type: "pki", Config: api.MountConfigInput{ DefaultLeaseTTL: "16h", @@ -3186,7 +3186,7 @@ func TestBackend_AllowedURISANsTemplate(t *testing.T) { } // Generate internal CA. - _, err = client.Logical().Write("pki/root/generate/internal", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "pki/root/generate/internal", map[string]interface{}{ "ttl": "40h", "common_name": "myvault.com", }) @@ -3195,7 +3195,7 @@ func TestBackend_AllowedURISANsTemplate(t *testing.T) { } // Write role PKI. - _, err = client.Logical().Write("pki/roles/test", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "pki/roles/test", map[string]interface{}{ "allowed_uri_sans": []string{ "spiffe://domain/{{identity.entity.aliases." + userpassAccessor + ".name}}", "spiffe://domain/{{identity.entity.aliases." + userpassAccessor + ".name}}/*", "spiffe://domain/foo", @@ -3209,27 +3209,27 @@ func TestBackend_AllowedURISANsTemplate(t *testing.T) { // Issue certificate with identity templating client.SetToken(userpassToken) - _, err = client.Logical().Write("pki/issue/test", map[string]interface{}{"uri_sans": "spiffe://domain/userpassname, spiffe://domain/foo"}) + _, err = client.Logical().WriteWithContext(context.Background(), "pki/issue/test", map[string]interface{}{"uri_sans": "spiffe://domain/userpassname, spiffe://domain/foo"}) if err != nil { t.Fatal(err) } // Issue certificate with identity templating and glob client.SetToken(userpassToken) - _, err = client.Logical().Write("pki/issue/test", map[string]interface{}{"uri_sans": "spiffe://domain/userpassname/bar"}) + _, err = client.Logical().WriteWithContext(context.Background(), "pki/issue/test", map[string]interface{}{"uri_sans": "spiffe://domain/userpassname/bar"}) if err != nil { t.Fatal(err) } // Issue certificate with non-matching identity template parameter client.SetToken(userpassToken) - _, err = client.Logical().Write("pki/issue/test", map[string]interface{}{"uri_sans": "spiffe://domain/unknownuser"}) + _, err = client.Logical().WriteWithContext(context.Background(), "pki/issue/test", map[string]interface{}{"uri_sans": "spiffe://domain/unknownuser"}) if err == nil { t.Fatal(err) } // Set allowed_uri_sans_template to false. - _, err = client.Logical().Write("pki/roles/test", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "pki/roles/test", map[string]interface{}{ "allowed_uri_sans_template": false, }) if err != nil { @@ -3237,7 +3237,7 @@ func TestBackend_AllowedURISANsTemplate(t *testing.T) { } // Issue certificate with userpassToken. - _, err = client.Logical().Write("pki/issue/test", map[string]interface{}{"uri_sans": "spiffe://domain/users/userpassname"}) + _, err = client.Logical().WriteWithContext(context.Background(), "pki/issue/test", map[string]interface{}{"uri_sans": "spiffe://domain/users/userpassname"}) if err == nil { t.Fatal("expected error") } @@ -3260,7 +3260,7 @@ func TestBackend_AllowedDomainsTemplate(t *testing.T) { client := cluster.Cores[0].Client // Write test policy for userpass auth method. - err := client.Sys().PutPolicy("test", ` + err := client.Sys().PutPolicyWithContext(context.Background(), "test", ` path "pki/*" { capabilities = ["update"] }`) @@ -3274,7 +3274,7 @@ func TestBackend_AllowedDomainsTemplate(t *testing.T) { } // Configure test role for userpass. - if _, err := client.Logical().Write("auth/userpass/users/userpassname", map[string]interface{}{ + if _, err := client.Logical().WriteWithContext(context.Background(), "auth/userpass/users/userpassname", map[string]interface{}{ "password": "test", "policies": "test", }); err != nil { @@ -3288,14 +3288,14 @@ func TestBackend_AllowedDomainsTemplate(t *testing.T) { } // Get auth accessor for identity template. - auths, err := client.Sys().ListAuth() + auths, err := client.Sys().ListAuthWithContext(context.Background()) if err != nil { t.Fatal(err) } userpassAccessor := auths["userpass/"].Accessor // Mount PKI. - err = client.Sys().Mount("pki", &api.MountInput{ + err = client.Sys().MountWithContext(context.Background(), "pki", &api.MountInput{ Type: "pki", Config: api.MountConfigInput{ DefaultLeaseTTL: "16h", @@ -3307,7 +3307,7 @@ func TestBackend_AllowedDomainsTemplate(t *testing.T) { } // Generate internal CA. - _, err = client.Logical().Write("pki/root/generate/internal", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "pki/root/generate/internal", map[string]interface{}{ "ttl": "40h", "common_name": "myvault.com", }) @@ -3316,7 +3316,7 @@ func TestBackend_AllowedDomainsTemplate(t *testing.T) { } // Write role PKI. - _, err = client.Logical().Write("pki/roles/test", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "pki/roles/test", map[string]interface{}{ "allowed_domains": []string{ "foobar.com", "zipzap.com", "{{identity.entity.aliases." + userpassAccessor + ".name}}", "foo.{{identity.entity.aliases." + userpassAccessor + ".name}}.example.com", @@ -3336,31 +3336,31 @@ func TestBackend_AllowedDomainsTemplate(t *testing.T) { if err != nil || secret == nil { t.Fatal(err) } - _, err = client.Logical().Write("pki/issue/test", map[string]interface{}{"common_name": "userpassname"}) + _, err = client.Logical().WriteWithContext(context.Background(), "pki/issue/test", map[string]interface{}{"common_name": "userpassname"}) if err != nil { t.Fatal(err) } // Issue certificate for foobar.com to verify allowed_domain_templae doesnt break plain domains. - _, err = client.Logical().Write("pki/issue/test", map[string]interface{}{"common_name": "foobar.com"}) + _, err = client.Logical().WriteWithContext(context.Background(), "pki/issue/test", map[string]interface{}{"common_name": "foobar.com"}) if err != nil { t.Fatal(err) } // Issue certificate for unknown userpassname. - _, err = client.Logical().Write("pki/issue/test", map[string]interface{}{"common_name": "unknownuserpassname"}) + _, err = client.Logical().WriteWithContext(context.Background(), "pki/issue/test", map[string]interface{}{"common_name": "unknownuserpassname"}) if err == nil { t.Fatal("expected error") } // Issue certificate for foo.userpassname.domain. - _, err = client.Logical().Write("pki/issue/test", map[string]interface{}{"common_name": "foo.userpassname.example.com"}) + _, err = client.Logical().WriteWithContext(context.Background(), "pki/issue/test", map[string]interface{}{"common_name": "foo.userpassname.example.com"}) if err != nil { t.Fatal("expected error") } // Set allowed_domains_template to false. - _, err = client.Logical().Write("pki/roles/test", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "pki/roles/test", map[string]interface{}{ "allowed_domains_template": false, }) if err != nil { @@ -3368,7 +3368,7 @@ func TestBackend_AllowedDomainsTemplate(t *testing.T) { } // Issue certificate with userpassToken. - _, err = client.Logical().Write("pki/issue/test", map[string]interface{}{"common_name": "userpassname"}) + _, err = client.Logical().WriteWithContext(context.Background(), "pki/issue/test", map[string]interface{}{"common_name": "userpassname"}) if err == nil { t.Fatal("expected error") } @@ -3510,7 +3510,7 @@ func TestBackend_RevokePlusTidy_Intermediate(t *testing.T) { var err error // Mount /pki as a root CA - err = client.Sys().Mount("pki", &api.MountInput{ + err = client.Sys().MountWithContext(context.Background(), "pki", &api.MountInput{ Type: "pki", Config: api.MountConfigInput{ DefaultLeaseTTL: "16h", @@ -3523,7 +3523,7 @@ func TestBackend_RevokePlusTidy_Intermediate(t *testing.T) { // Set the cluster's certificate as the root CA in /pki pemBundleRootCA := string(cluster.CACertPEM) + string(cluster.CAKeyPEM) - _, err = client.Logical().Write("pki/config/ca", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "pki/config/ca", map[string]interface{}{ "pem_bundle": pemBundleRootCA, }) if err != nil { @@ -3531,7 +3531,7 @@ func TestBackend_RevokePlusTidy_Intermediate(t *testing.T) { } // Mount /pki2 to operate as an intermediate CA - err = client.Sys().Mount("pki2", &api.MountInput{ + err = client.Sys().MountWithContext(context.Background(), "pki2", &api.MountInput{ Type: "pki", Config: api.MountConfigInput{ DefaultLeaseTTL: "16h", @@ -3543,14 +3543,14 @@ func TestBackend_RevokePlusTidy_Intermediate(t *testing.T) { } // Create a CSR for the intermediate CA - secret, err := client.Logical().Write("pki2/intermediate/generate/internal", nil) + secret, err := client.Logical().WriteWithContext(context.Background(), "pki2/intermediate/generate/internal", nil) if err != nil { t.Fatal(err) } intermediateCSR := secret.Data["csr"].(string) // Sign the intermediate CSR using /pki - secret, err = client.Logical().Write("pki/root/sign-intermediate", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "pki/root/sign-intermediate", map[string]interface{}{ "permitted_dns_domains": ".myvault.com", "csr": intermediateCSR, "ttl": "10s", @@ -3562,7 +3562,7 @@ func TestBackend_RevokePlusTidy_Intermediate(t *testing.T) { intermediateCASerialColon := strings.ReplaceAll(strings.ToLower(intermediateCertSerial), ":", "-") // Get the intermediate cert after signing - secret, err = client.Logical().Read("pki/cert/" + intermediateCASerialColon) + secret, err = client.Logical().ReadWithContext(context.Background(), "pki/cert/"+intermediateCASerialColon) if err != nil { t.Fatal(err) } @@ -3571,7 +3571,7 @@ func TestBackend_RevokePlusTidy_Intermediate(t *testing.T) { } // Issue a revoke on on /pki - _, err = client.Logical().Write("pki/revoke", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "pki/revoke", map[string]interface{}{ "serial_number": intermediateCertSerial, }) if err != nil { @@ -3583,7 +3583,7 @@ func TestBackend_RevokePlusTidy_Intermediate(t *testing.T) { time.Sleep(3 * time.Second) // Issue a tidy on /pki - _, err = client.Logical().Write("pki/tidy", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "pki/tidy", map[string]interface{}{ "tidy_cert_store": true, "tidy_revoked_certs": true, "safety_buffer": "1s", @@ -3631,7 +3631,7 @@ func TestBackend_RevokePlusTidy_Intermediate(t *testing.T) { time.Sleep(10 * time.Second) // Issue a tidy on /pki - _, err = client.Logical().Write("pki/tidy", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "pki/tidy", map[string]interface{}{ "tidy_cert_store": true, "tidy_revoked_certs": true, "safety_buffer": "1s", @@ -3645,7 +3645,7 @@ func TestBackend_RevokePlusTidy_Intermediate(t *testing.T) { // Issue a tidy-status on /pki { - tidyStatus, err := client.Logical().Read("pki/tidy-status") + tidyStatus, err := client.Logical().ReadWithContext(context.Background(), "pki/tidy-status") if err != nil { t.Fatal(err) } @@ -3770,7 +3770,7 @@ func TestBackend_Root_FullCAChain(t *testing.T) { var err error // Generate a root CA at /pki-root - err = client.Sys().Mount("pki-root", &api.MountInput{ + err = client.Sys().MountWithContext(context.Background(), "pki-root", &api.MountInput{ Type: "pki", Config: api.MountConfigInput{ DefaultLeaseTTL: "16h", @@ -3781,7 +3781,7 @@ func TestBackend_Root_FullCAChain(t *testing.T) { t.Fatal(err) } - resp, err := client.Logical().Write("pki-root/root/generate/exported", map[string]interface{}{ + resp, err := client.Logical().WriteWithContext(context.Background(), "pki-root/root/generate/exported", map[string]interface{}{ "common_name": "root myvault.com", }) if err != nil { @@ -3794,7 +3794,7 @@ func TestBackend_Root_FullCAChain(t *testing.T) { rootCert := rootData["certificate"].(string) // Validate that root's /cert/ca-chain now contains the certificate. - resp, err = client.Logical().Read("pki-root/cert/ca_chain") + resp, err = client.Logical().ReadWithContext(context.Background(), "pki-root/cert/ca_chain") if err != nil { t.Fatal(err) } @@ -3808,7 +3808,7 @@ func TestBackend_Root_FullCAChain(t *testing.T) { } // Now generate an intermediate at /pki-intermediate, signed by the root. - err = client.Sys().Mount("pki-intermediate", &api.MountInput{ + err = client.Sys().MountWithContext(context.Background(), "pki-intermediate", &api.MountInput{ Type: "pki", Config: api.MountConfigInput{ DefaultLeaseTTL: "16h", @@ -3819,7 +3819,7 @@ func TestBackend_Root_FullCAChain(t *testing.T) { t.Fatal(err) } - resp, err = client.Logical().Write("pki-intermediate/intermediate/generate/exported", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "pki-intermediate/intermediate/generate/exported", map[string]interface{}{ "common_name": "intermediate myvault.com", }) if err != nil { @@ -3831,7 +3831,7 @@ func TestBackend_Root_FullCAChain(t *testing.T) { intermediateData := resp.Data intermediateKey := intermediateData["private_key"].(string) - resp, err = client.Logical().Write("pki-root/root/sign-intermediate", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "pki-root/root/sign-intermediate", map[string]interface{}{ "csr": intermediateData["csr"], "format": "pem_bundle", }) @@ -3844,7 +3844,7 @@ func TestBackend_Root_FullCAChain(t *testing.T) { intermediateSignedData := resp.Data intermediateCert := intermediateSignedData["certificate"].(string) - resp, err = client.Logical().Write("pki-intermediate/intermediate/set-signed", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "pki-intermediate/intermediate/set-signed", map[string]interface{}{ "certificate": intermediateCert + "\n" + rootCert + "\n", }) if err != nil { @@ -3853,7 +3853,7 @@ func TestBackend_Root_FullCAChain(t *testing.T) { // Validate that intermediate's ca_chain field now includes the full // chain. - resp, err = client.Logical().Read("pki-intermediate/cert/ca_chain") + resp, err = client.Logical().ReadWithContext(context.Background(), "pki-intermediate/cert/ca_chain") if err != nil { t.Fatal(err) } @@ -3871,7 +3871,7 @@ func TestBackend_Root_FullCAChain(t *testing.T) { // Finally, import this signing cert chain into a new mount to ensure // "external" CAs behave as expected. - err = client.Sys().Mount("pki-external", &api.MountInput{ + err = client.Sys().MountWithContext(context.Background(), "pki-external", &api.MountInput{ Type: "pki", Config: api.MountConfigInput{ DefaultLeaseTTL: "16h", @@ -3882,7 +3882,7 @@ func TestBackend_Root_FullCAChain(t *testing.T) { t.Fatal(err) } - resp, err = client.Logical().Write("pki-external/config/ca", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "pki-external/config/ca", map[string]interface{}{ "pem_bundle": intermediateKey + "\n" + intermediateCert + "\n" + rootCert + "\n", }) if err != nil { @@ -3890,7 +3890,7 @@ func TestBackend_Root_FullCAChain(t *testing.T) { } // Validate the external chain information was loaded correctly. - resp, err = client.Logical().Read("pki-external/cert/ca_chain") + resp, err = client.Logical().ReadWithContext(context.Background(), "pki-external/cert/ca_chain") if err != nil { t.Fatal(err) } @@ -3950,7 +3950,7 @@ func RoleIssuanceRegressionHelper(t *testing.T, client *api.Client, index int, t for _, AllowLocalhost := range test.AllowLocalhost.ToValues() { for _, AllowWildcardCertificates := range test.AllowWildcardCertificates.ToValues() { role := fmt.Sprintf("issuance-regression-%d-bare-%v-glob-%v-subdomains-%v-localhost-%v-wildcard-%v", index, AllowBareDomains, AllowGlobDomains, AllowSubdomains, AllowLocalhost, AllowWildcardCertificates) - resp, err := client.Logical().Write("pki/roles/"+role, map[string]interface{}{ + resp, err := client.Logical().WriteWithContext(context.Background(), "pki/roles/"+role, map[string]interface{}{ "allowed_domains": test.AllowedDomains, "allow_bare_domains": AllowBareDomains, "allow_glob_domains": AllowGlobDomains, @@ -3967,7 +3967,7 @@ func RoleIssuanceRegressionHelper(t *testing.T, client *api.Client, index int, t t.Fatal(err) } - resp, err = client.Logical().Write("pki/issue/"+role, map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "pki/issue/"+role, map[string]interface{}{ "common_name": test.CommonName, }) @@ -4158,7 +4158,7 @@ func TestBackend_Roles_IssuanceRegression(t *testing.T) { var err error // Generate a root CA at /pki to use for our tests - err = client.Sys().Mount("pki", &api.MountInput{ + err = client.Sys().MountWithContext(context.Background(), "pki", &api.MountInput{ Type: "pki", Config: api.MountConfigInput{ DefaultLeaseTTL: "12h", @@ -4169,7 +4169,7 @@ func TestBackend_Roles_IssuanceRegression(t *testing.T) { t.Fatal(err) } - resp, err := client.Logical().Write("pki/root/generate/exported", map[string]interface{}{ + resp, err := client.Logical().WriteWithContext(context.Background(), "pki/root/generate/exported", map[string]interface{}{ "common_name": "myvault.com", "ttl": "128h", "key_type": "ec", diff --git a/builtin/logical/pki/ca_test.go b/builtin/logical/pki/ca_test.go index c1ba77cbde41..6ec791f6fd58 100644 --- a/builtin/logical/pki/ca_test.go +++ b/builtin/logical/pki/ca_test.go @@ -155,7 +155,7 @@ func TestBackend_CA_Steps(t *testing.T) { // Setup backends var rsaRoot, rsaInt, ecRoot, ecInt, edRoot, edInt *backend { - if err := client.Sys().Mount("rsaroot", &api.MountInput{ + if err := client.Sys().MountWithContext(context.Background(), "rsaroot", &api.MountInput{ Type: "pki", Config: api.MountConfigInput{ DefaultLeaseTTL: "16h", @@ -166,7 +166,7 @@ func TestBackend_CA_Steps(t *testing.T) { } rsaRoot = b - if err := client.Sys().Mount("rsaint", &api.MountInput{ + if err := client.Sys().MountWithContext(context.Background(), "rsaint", &api.MountInput{ Type: "pki", Config: api.MountConfigInput{ DefaultLeaseTTL: "16h", @@ -177,7 +177,7 @@ func TestBackend_CA_Steps(t *testing.T) { } rsaInt = b - if err := client.Sys().Mount("ecroot", &api.MountInput{ + if err := client.Sys().MountWithContext(context.Background(), "ecroot", &api.MountInput{ Type: "pki", Config: api.MountConfigInput{ DefaultLeaseTTL: "16h", @@ -188,7 +188,7 @@ func TestBackend_CA_Steps(t *testing.T) { } ecRoot = b - if err := client.Sys().Mount("ecint", &api.MountInput{ + if err := client.Sys().MountWithContext(context.Background(), "ecint", &api.MountInput{ Type: "pki", Config: api.MountConfigInput{ DefaultLeaseTTL: "16h", @@ -199,7 +199,7 @@ func TestBackend_CA_Steps(t *testing.T) { } ecInt = b - if err := client.Sys().Mount("ed25519root", &api.MountInput{ + if err := client.Sys().MountWithContext(context.Background(), "ed25519root", &api.MountInput{ Type: "pki", Config: api.MountConfigInput{ DefaultLeaseTTL: "16h", @@ -210,7 +210,7 @@ func TestBackend_CA_Steps(t *testing.T) { } edRoot = b - if err := client.Sys().Mount("ed25519int", &api.MountInput{ + if err := client.Sys().MountWithContext(context.Background(), "ed25519int", &api.MountInput{ Type: "pki", Config: api.MountConfigInput{ DefaultLeaseTTL: "16h", @@ -259,7 +259,7 @@ func runSteps(t *testing.T, rootB, intB *backend, client *api.Client, rootName, { // Attempt import but only provide one the cert { - _, err := client.Logical().Write(rootName+"config/ca", map[string]interface{}{ + _, err := client.Logical().WriteWithContext(context.Background(), rootName+"config/ca", map[string]interface{}{ "pem_bundle": caCert, }) if err == nil { @@ -269,7 +269,7 @@ func runSteps(t *testing.T, rootB, intB *backend, client *api.Client, rootName, // Same but with only the key { - _, err := client.Logical().Write(rootName+"config/ca", map[string]interface{}{ + _, err := client.Logical().WriteWithContext(context.Background(), rootName+"config/ca", map[string]interface{}{ "pem_bundle": caKey, }) if err == nil { @@ -279,7 +279,7 @@ func runSteps(t *testing.T, rootB, intB *backend, client *api.Client, rootName, // Import CA bundle { - _, err := client.Logical().Write(rootName+"config/ca", map[string]interface{}{ + _, err := client.Logical().WriteWithContext(context.Background(), rootName+"config/ca", map[string]interface{}{ "pem_bundle": strings.Join([]string{caKey, caCert}, "\n"), }) if err != nil { @@ -292,7 +292,7 @@ func runSteps(t *testing.T, rootB, intB *backend, client *api.Client, rootName, // cert/ca path { - resp, err := client.Logical().Read(rootName + "cert/ca") + resp, err := client.Logical().ReadWithContext(context.Background(), rootName+"cert/ca") if err != nil { t.Fatal(err) } @@ -359,7 +359,7 @@ func runSteps(t *testing.T, rootB, intB *backend, client *api.Client, rootName, { // Set CRL config { - _, err := client.Logical().Write(rootName+"config/crl", map[string]interface{}{ + _, err := client.Logical().WriteWithContext(context.Background(), rootName+"config/crl", map[string]interface{}{ "expiry": "16h", }) if err != nil { @@ -369,7 +369,7 @@ func runSteps(t *testing.T, rootB, intB *backend, client *api.Client, rootName, // Verify it { - resp, err := client.Logical().Read(rootName + "config/crl") + resp, err := client.Logical().ReadWithContext(context.Background(), rootName+"config/crl") if err != nil { t.Fatal(err) } @@ -390,7 +390,7 @@ func runSteps(t *testing.T, rootB, intB *backend, client *api.Client, rootName, { // First, delete the existing CA info { - _, err := client.Logical().Delete(rootName + "root") + _, err := client.Logical().DeleteWithContext(context.Background(), rootName+"root") if err != nil { t.Fatal(err) } @@ -399,7 +399,7 @@ func runSteps(t *testing.T, rootB, intB *backend, client *api.Client, rootName, var rootPEM, rootKey, rootPEMBundle string // Test exported root generation { - resp, err := client.Logical().Write(rootName+"root/generate/exported", map[string]interface{}{ + resp, err := client.Logical().WriteWithContext(context.Background(), rootName+"root/generate/exported", map[string]interface{}{ "common_name": "Root Cert", "ttl": "180h", }) @@ -421,7 +421,7 @@ func runSteps(t *testing.T, rootB, intB *backend, client *api.Client, rootName, var intPEM, intCSR, intKey string // Test exported intermediate CSR generation { - resp, err := client.Logical().Write(intName+"intermediate/generate/exported", map[string]interface{}{ + resp, err := client.Logical().WriteWithContext(context.Background(), intName+"intermediate/generate/exported", map[string]interface{}{ "common_name": "intermediate.cert.com", "ttl": "180h", }) @@ -441,7 +441,7 @@ func runSteps(t *testing.T, rootB, intB *backend, client *api.Client, rootName, // Test signing { - resp, err := client.Logical().Write(rootName+"root/sign-intermediate", map[string]interface{}{ + resp, err := client.Logical().WriteWithContext(context.Background(), rootName+"root/sign-intermediate", map[string]interface{}{ "common_name": "intermediate.cert.com", "ttl": "10s", "csr": intCSR, @@ -458,7 +458,7 @@ func runSteps(t *testing.T, rootB, intB *backend, client *api.Client, rootName, // Test setting signed { - resp, err := client.Logical().Write(intName+"intermediate/set-signed", map[string]interface{}{ + resp, err := client.Logical().WriteWithContext(context.Background(), intName+"intermediate/set-signed", map[string]interface{}{ "certificate": intPEM, }) if err != nil { @@ -471,7 +471,7 @@ func runSteps(t *testing.T, rootB, intB *backend, client *api.Client, rootName, // Verify we can find it via the root { - resp, err := client.Logical().Read(rootName + "cert/" + intSerialNumber) + resp, err := client.Logical().ReadWithContext(context.Background(), rootName+"cert/"+intSerialNumber) if err != nil { t.Fatal(err) } @@ -485,7 +485,7 @@ func runSteps(t *testing.T, rootB, intB *backend, client *api.Client, rootName, // Revoke the intermediate { - resp, err := client.Logical().Write(rootName+"revoke", map[string]interface{}{ + resp, err := client.Logical().WriteWithContext(context.Background(), rootName+"revoke", map[string]interface{}{ "serial_number": intSerialNumber, }) if err != nil { @@ -501,7 +501,7 @@ func runSteps(t *testing.T, rootB, intB *backend, client *api.Client, rootName, t.Helper() // Verify it is now revoked { - resp, err := client.Logical().Read(rootName + "cert/" + intSerialNumber) + resp, err := client.Logical().ReadWithContext(context.Background(), rootName+"cert/"+intSerialNumber) if err != nil { t.Fatal(err) } @@ -559,7 +559,7 @@ func runSteps(t *testing.T, rootB, intB *backend, client *api.Client, rootName, } verifyTidyStatus := func(expectedCertStoreDeleteCount int, expectedRevokedCertDeletedCount int) { - tidyStatus, err := client.Logical().Read(rootName + "tidy-status") + tidyStatus, err := client.Logical().ReadWithContext(context.Background(), rootName+"tidy-status") if err != nil { t.Fatal(err) } @@ -594,7 +594,7 @@ func runSteps(t *testing.T, rootB, intB *backend, client *api.Client, rootName, { // Run with a high safety buffer, nothing should happen { - resp, err := client.Logical().Write(rootName+"tidy", map[string]interface{}{ + resp, err := client.Logical().WriteWithContext(context.Background(), rootName+"tidy", map[string]interface{}{ "safety_buffer": "3h", "tidy_cert_store": true, "tidy_revoked_certs": true, @@ -617,7 +617,7 @@ func runSteps(t *testing.T, rootB, intB *backend, client *api.Client, rootName, // Run with both values set false, nothing should happen { - resp, err := client.Logical().Write(rootName+"tidy", map[string]interface{}{ + resp, err := client.Logical().WriteWithContext(context.Background(), rootName+"tidy", map[string]interface{}{ "safety_buffer": "1s", "tidy_cert_store": false, "tidy_revoked_certs": false, @@ -640,7 +640,7 @@ func runSteps(t *testing.T, rootB, intB *backend, client *api.Client, rootName, // Run with a short safety buffer and both set to true, both should be cleared { - resp, err := client.Logical().Write(rootName+"tidy", map[string]interface{}{ + resp, err := client.Logical().WriteWithContext(context.Background(), rootName+"tidy", map[string]interface{}{ "safety_buffer": "1s", "tidy_cert_store": true, "tidy_revoked_certs": true, diff --git a/builtin/logical/pki/crl_test.go b/builtin/logical/pki/crl_test.go index 1aa56ba3eccd..867c8fcc49e9 100644 --- a/builtin/logical/pki/crl_test.go +++ b/builtin/logical/pki/crl_test.go @@ -1,6 +1,7 @@ package pki import ( + "context" "crypto/x509" "testing" @@ -24,7 +25,7 @@ func TestBackend_CRL_EnableDisable(t *testing.T) { client := cluster.Cores[0].Client var err error - err = client.Sys().Mount("pki", &api.MountInput{ + err = client.Sys().MountWithContext(context.Background(), "pki", &api.MountInput{ Type: "pki", Config: api.MountConfigInput{ DefaultLeaseTTL: "16h", @@ -32,7 +33,7 @@ func TestBackend_CRL_EnableDisable(t *testing.T) { }, }) - resp, err := client.Logical().Write("pki/root/generate/internal", map[string]interface{}{ + resp, err := client.Logical().WriteWithContext(context.Background(), "pki/root/generate/internal", map[string]interface{}{ "ttl": "40h", "common_name": "myvault.com", }) @@ -41,7 +42,7 @@ func TestBackend_CRL_EnableDisable(t *testing.T) { } caSerial := resp.Data["serial_number"] - _, err = client.Logical().Write("pki/roles/test", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "pki/roles/test", map[string]interface{}{ "allow_bare_domains": true, "allow_subdomains": true, "allowed_domains": "foobar.com", @@ -53,7 +54,7 @@ func TestBackend_CRL_EnableDisable(t *testing.T) { serials := make(map[int]string) for i := 0; i < 6; i++ { - resp, err := client.Logical().Write("pki/issue/test", map[string]interface{}{ + resp, err := client.Logical().WriteWithContext(context.Background(), "pki/issue/test", map[string]interface{}{ "common_name": "test.foobar.com", }) if err != nil { @@ -63,7 +64,7 @@ func TestBackend_CRL_EnableDisable(t *testing.T) { } test := func(num int) { - resp, err := client.Logical().Read("pki/cert/crl") + resp, err := client.Logical().ReadWithContext(context.Background(), "pki/cert/crl") if err != nil { t.Fatal(err) } @@ -79,14 +80,14 @@ func TestBackend_CRL_EnableDisable(t *testing.T) { } revoke := func(num int) { - resp, err = client.Logical().Write("pki/revoke", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "pki/revoke", map[string]interface{}{ "serial_number": serials[num], }) if err != nil { t.Fatal(err) } - resp, err = client.Logical().Write("pki/revoke", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "pki/revoke", map[string]interface{}{ "serial_number": caSerial, }) if err == nil { @@ -95,7 +96,7 @@ func TestBackend_CRL_EnableDisable(t *testing.T) { } toggle := func(disabled bool) { - _, err = client.Logical().Write("pki/config/crl", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "pki/config/crl", map[string]interface{}{ "disable": disabled, }) if err != nil { diff --git a/builtin/logical/ssh/backend_test.go b/builtin/logical/ssh/backend_test.go index adee82aa1b83..2137468c9a5e 100644 --- a/builtin/logical/ssh/backend_test.go +++ b/builtin/logical/ssh/backend_test.go @@ -1464,14 +1464,14 @@ func TestBackend_DefExtTemplatingEnabled(t *testing.T) { client := cluster.Cores[0].Client // Get auth accessor for identity template. - auths, err := client.Sys().ListAuth() + auths, err := client.Sys().ListAuthWithContext(context.Background()) if err != nil { t.Fatal(err) } userpassAccessor := auths["userpass/"].Accessor // Write SSH role. - _, err = client.Logical().Write("ssh/roles/test", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "ssh/roles/test", map[string]interface{}{ "key_type": "ca", "allowed_extensions": "login@zipzap.com", "allow_user_certificates": true, @@ -1490,7 +1490,7 @@ func TestBackend_DefExtTemplatingEnabled(t *testing.T) { // Issue SSH certificate with default extensions templating enabled, and no user-provided extensions client.SetToken(userpassToken) - resp, err := client.Logical().Write("ssh/sign/test", map[string]interface{}{ + resp, err := client.Logical().WriteWithContext(context.Background(), "ssh/sign/test", map[string]interface{}{ "public_key": publicKey4096, }) if err != nil { @@ -1518,7 +1518,7 @@ func TestBackend_DefExtTemplatingEnabled(t *testing.T) { userProvidedExtensionPermissions := map[string]string{ "login@zipzap.com": "some_other_user_name", } - resp, err = client.Logical().Write("ssh/sign/test", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "ssh/sign/test", map[string]interface{}{ "public_key": publicKey4096, "extensions": userProvidedExtensionPermissions, }) @@ -1542,7 +1542,7 @@ func TestBackend_DefExtTemplatingEnabled(t *testing.T) { invalidUserProvidedExtensionPermissions := map[string]string{ "login@foobar.com": "{{identity.entity.metadata}}", } - resp, err = client.Logical().Write("ssh/sign/test", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "ssh/sign/test", map[string]interface{}{ "public_key": publicKey4096, "extensions": invalidUserProvidedExtensionPermissions, }) @@ -1557,7 +1557,7 @@ func TestBackend_EmptyAllowedExtensionFailsClosed(t *testing.T) { client := cluster.Cores[0].Client // Get auth accessor for identity template. - auths, err := client.Sys().ListAuth() + auths, err := client.Sys().ListAuthWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -1565,7 +1565,7 @@ func TestBackend_EmptyAllowedExtensionFailsClosed(t *testing.T) { // Write SSH role to test with no allowed extension. We also provide a templated default extension, // to verify that it's not actually being evaluated - _, err = client.Logical().Write("ssh/roles/test_allow_all_extensions", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "ssh/roles/test_allow_all_extensions", map[string]interface{}{ "key_type": "ca", "allow_user_certificates": true, "allowed_users": "tuber", @@ -1585,7 +1585,7 @@ func TestBackend_EmptyAllowedExtensionFailsClosed(t *testing.T) { userProvidedAnyExtensionPermissions := map[string]string{ "login@foobar.com": "not_userpassname", } - _, err = client.Logical().Write("ssh/sign/test_allow_all_extensions", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "ssh/sign/test_allow_all_extensions", map[string]interface{}{ "public_key": publicKey4096, "extensions": userProvidedAnyExtensionPermissions, }) @@ -1604,7 +1604,7 @@ func TestBackend_DefExtTemplatingDisabled(t *testing.T) { client := cluster.Cores[0].Client // Get auth accessor for identity template. - auths, err := client.Sys().ListAuth() + auths, err := client.Sys().ListAuthWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -1612,7 +1612,7 @@ func TestBackend_DefExtTemplatingDisabled(t *testing.T) { // Write SSH role to test with any extension. We also provide a templated default extension, // to verify that it's not actually being evaluated - _, err = client.Logical().Write("ssh/roles/test_allow_all_extensions", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "ssh/roles/test_allow_all_extensions", map[string]interface{}{ "key_type": "ca", "allow_user_certificates": true, "allowed_users": "tuber", @@ -1635,7 +1635,7 @@ func TestBackend_DefExtTemplatingDisabled(t *testing.T) { "login@foobar.com": "{{identity.entity.aliases." + userpassAccessor + ".name}}", "login@zipzap.com": "some_other_user_name", } - resp, err := client.Logical().Write("ssh/sign/test_allow_all_extensions", map[string]interface{}{ + resp, err := client.Logical().WriteWithContext(context.Background(), "ssh/sign/test_allow_all_extensions", map[string]interface{}{ "public_key": publicKey4096, "extensions": defaultExtensionPermissions, }) @@ -1661,7 +1661,7 @@ func TestBackend_DefExtTemplatingDisabled(t *testing.T) { "login@foobar.com": "not_userpassname", "login@zipzap.com": "some_other_user_name", } - resp, err = client.Logical().Write("ssh/sign/test_allow_all_extensions", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "ssh/sign/test_allow_all_extensions", map[string]interface{}{ "public_key": publicKey4096, "extensions": userProvidedAnyExtensionPermissions, }) @@ -1698,7 +1698,7 @@ func getSshCaTestCluster(t *testing.T, userIdentity string) (*vault.TestCluster, client := cluster.Cores[0].Client // Write test policy for userpass auth method. - err := client.Sys().PutPolicy("test", ` + err := client.Sys().PutPolicyWithContext(context.Background(), "test", ` path "ssh/*" { capabilities = ["update"] }`) @@ -1712,7 +1712,7 @@ func getSshCaTestCluster(t *testing.T, userIdentity string) (*vault.TestCluster, } // Configure test role for userpass. - if _, err := client.Logical().Write("auth/userpass/users/"+userIdentity, map[string]interface{}{ + if _, err := client.Logical().WriteWithContext(context.Background(), "auth/userpass/users/"+userIdentity, map[string]interface{}{ "password": "test", "policies": "test", }); err != nil { @@ -1720,7 +1720,7 @@ func getSshCaTestCluster(t *testing.T, userIdentity string) (*vault.TestCluster, } // Login userpass for test role and keep client token. - secret, err := client.Logical().Write("auth/userpass/login/"+userIdentity, map[string]interface{}{ + secret, err := client.Logical().WriteWithContext(context.Background(), "auth/userpass/login/"+userIdentity, map[string]interface{}{ "password": "test", }) if err != nil || secret == nil { @@ -1729,7 +1729,7 @@ func getSshCaTestCluster(t *testing.T, userIdentity string) (*vault.TestCluster, userpassToken := secret.Auth.ClientToken // Mount SSH. - err = client.Sys().Mount("ssh", &api.MountInput{ + err = client.Sys().MountWithContext(context.Background(), "ssh", &api.MountInput{ Type: "ssh", Config: api.MountConfigInput{ DefaultLeaseTTL: "16h", @@ -1741,7 +1741,7 @@ func getSshCaTestCluster(t *testing.T, userIdentity string) (*vault.TestCluster, } // Configure SSH CA. - _, err = client.Logical().Write("ssh/config/ca", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "ssh/config/ca", map[string]interface{}{ "public_key": testCAPublicKey, "private_key": testCAPrivateKey, }) @@ -1759,21 +1759,21 @@ func testAllowedUsersTemplate(t *testing.T, testAllowedUsersTemplate string, client := cluster.Cores[0].Client // set metadata "ssh_username" to userpass username - tokenLookupResponse, err := client.Logical().Write("/auth/token/lookup", map[string]interface{}{ + tokenLookupResponse, err := client.Logical().WriteWithContext(context.Background(), "/auth/token/lookup", map[string]interface{}{ "token": userpassToken, }) if err != nil { t.Fatal(err) } entityID := tokenLookupResponse.Data["entity_id"].(string) - _, err = client.Logical().Write("/identity/entity/id/"+entityID, map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "/identity/entity/id/"+entityID, map[string]interface{}{ "metadata": testEntityMetadata, }) if err != nil { t.Fatal(err) } - _, err = client.Logical().Write("ssh/roles/my-role", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "ssh/roles/my-role", map[string]interface{}{ "key_type": testCaKeyType, "allow_user_certificates": true, "allowed_users": testAllowedUsersTemplate, @@ -1785,7 +1785,7 @@ func testAllowedUsersTemplate(t *testing.T, testAllowedUsersTemplate string, // sign SSH key as userpass user client.SetToken(userpassToken) - signResponse, err := client.Logical().Write("ssh/sign/my-role", map[string]interface{}{ + signResponse, err := client.Logical().WriteWithContext(context.Background(), "ssh/sign/my-role", map[string]interface{}{ "public_key": testCAPublicKey, "valid_principals": expectedValidPrincipal, }) diff --git a/builtin/logical/transit/path_config_test.go b/builtin/logical/transit/path_config_test.go index f6dee45090dc..87f665104ca6 100644 --- a/builtin/logical/transit/path_config_test.go +++ b/builtin/logical/transit/path_config_test.go @@ -348,7 +348,7 @@ func TestTransit_UpdateKeyConfigWithAutorotation(t *testing.T) { cores := cluster.Cores vault.TestWaitActive(t, cores[0].Core) client := cores[0].Client - err := client.Sys().Mount("transit", &api.MountInput{ + err := client.Sys().MountWithContext(context.Background(), "transit", &api.MountInput{ Type: "transit", }) if err != nil { @@ -363,13 +363,13 @@ func TestTransit_UpdateKeyConfigWithAutorotation(t *testing.T) { } keyName := hex.EncodeToString(keyNameBytes) - _, err = client.Logical().Write(fmt.Sprintf("transit/keys/%s", keyName), map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), fmt.Sprintf("transit/keys/%s", keyName), map[string]interface{}{ "auto_rotate_period": test.initialAutoRotatePeriod, }) if err != nil { t.Fatal(err) } - resp, err := client.Logical().Write(fmt.Sprintf("transit/keys/%s/config", keyName), map[string]interface{}{ + resp, err := client.Logical().WriteWithContext(context.Background(), fmt.Sprintf("transit/keys/%s/config", keyName), map[string]interface{}{ "auto_rotate_period": test.newAutoRotatePeriod, }) switch { @@ -380,7 +380,7 @@ func TestTransit_UpdateKeyConfigWithAutorotation(t *testing.T) { } if !test.shouldError { - resp, err = client.Logical().Read(fmt.Sprintf("transit/keys/%s", keyName)) + resp, err = client.Logical().ReadWithContext(context.Background(), fmt.Sprintf("transit/keys/%s", keyName)) if err != nil { t.Fatal(err) } diff --git a/builtin/logical/transit/path_keys_test.go b/builtin/logical/transit/path_keys_test.go index 04c1d8da092d..3d91e6608e62 100644 --- a/builtin/logical/transit/path_keys_test.go +++ b/builtin/logical/transit/path_keys_test.go @@ -1,6 +1,7 @@ package transit_test import ( + "context" "encoding/hex" "encoding/json" "fmt" @@ -39,7 +40,7 @@ func TestTransit_Issue_2958(t *testing.T) { client := cores[0].Client - err := client.Sys().EnableAuditWithOptions("file", &api.EnableAuditOptions{ + err := client.Sys().EnableAuditWithOptionsWithContext(context.Background(), "file", &api.EnableAuditOptions{ Type: "file", Options: map[string]string{ "file_path": "/dev/null", @@ -49,45 +50,45 @@ func TestTransit_Issue_2958(t *testing.T) { t.Fatal(err) } - err = client.Sys().Mount("transit", &api.MountInput{ + err = client.Sys().MountWithContext(context.Background(), "transit", &api.MountInput{ Type: "transit", }) if err != nil { t.Fatal(err) } - _, err = client.Logical().Write("transit/keys/foo", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "transit/keys/foo", map[string]interface{}{ "type": "ecdsa-p256", }) if err != nil { t.Fatal(err) } - _, err = client.Logical().Write("transit/keys/foobar", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "transit/keys/foobar", map[string]interface{}{ "type": "ecdsa-p384", }) if err != nil { t.Fatal(err) } - _, err = client.Logical().Write("transit/keys/bar", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "transit/keys/bar", map[string]interface{}{ "type": "ed25519", }) if err != nil { t.Fatal(err) } - _, err = client.Logical().Read("transit/keys/foo") + _, err = client.Logical().ReadWithContext(context.Background(), "transit/keys/foo") if err != nil { t.Fatal(err) } - _, err = client.Logical().Read("transit/keys/foobar") + _, err = client.Logical().ReadWithContext(context.Background(), "transit/keys/foobar") if err != nil { t.Fatal(err) } - _, err = client.Logical().Read("transit/keys/bar") + _, err = client.Logical().ReadWithContext(context.Background(), "transit/keys/bar") if err != nil { t.Fatal(err) } @@ -144,7 +145,7 @@ func TestTransit_CreateKeyWithAutorotation(t *testing.T) { cores := cluster.Cores vault.TestWaitActive(t, cores[0].Core) client := cores[0].Client - err := client.Sys().Mount("transit", &api.MountInput{ + err := client.Sys().MountWithContext(context.Background(), "transit", &api.MountInput{ Type: "transit", }) if err != nil { @@ -159,7 +160,7 @@ func TestTransit_CreateKeyWithAutorotation(t *testing.T) { } keyName := hex.EncodeToString(keyNameBytes) - _, err = client.Logical().Write(fmt.Sprintf("transit/keys/%s", keyName), map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), fmt.Sprintf("transit/keys/%s", keyName), map[string]interface{}{ "auto_rotate_period": test.autoRotatePeriod, }) switch { @@ -170,7 +171,7 @@ func TestTransit_CreateKeyWithAutorotation(t *testing.T) { } if !test.shouldError { - resp, err := client.Logical().Read(fmt.Sprintf("transit/keys/%s", keyName)) + resp, err := client.Logical().ReadWithContext(context.Background(), fmt.Sprintf("transit/keys/%s", keyName)) if err != nil { t.Fatal(err) } diff --git a/changelog/14388.txt b/changelog/14388.txt new file mode 100644 index 000000000000..5db7af579608 --- /dev/null +++ b/changelog/14388.txt @@ -0,0 +1,3 @@ +```release-note:improvement +api: Add context-aware functions to vault/api for each API wrapper function. +``` diff --git a/command/agent/alicloud_end_to_end_test.go b/command/agent/alicloud_end_to_end_test.go index 1684ecae4ad7..e4660f99e9b5 100644 --- a/command/agent/alicloud_end_to_end_test.go +++ b/command/agent/alicloud_end_to_end_test.go @@ -60,7 +60,7 @@ func TestAliCloudEndToEnd(t *testing.T) { t.Fatal(err) } - if _, err := client.Logical().Write("auth/alicloud/role/test", map[string]interface{}{ + if _, err := client.Logical().WriteWithContext(context.Background(), "auth/alicloud/role/test", map[string]interface{}{ "arn": os.Getenv(envVarAlicloudRoleArn), }); err != nil { t.Fatal(err) diff --git a/command/agent/approle_end_to_end_test.go b/command/agent/approle_end_to_end_test.go index 35186cd8e606..382073110efa 100644 --- a/command/agent/approle_end_to_end_test.go +++ b/command/agent/approle_end_to_end_test.go @@ -93,7 +93,7 @@ func testAppRoleEndToEnd(t *testing.T, removeSecretIDFile bool, bindSecretID boo t.Fatal(err) } - _, err = client.Logical().Write("auth/approle/role/test1", addConstraints(!bindSecretID, map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/approle/role/test1", addConstraints(!bindSecretID, map[string]interface{}{ "bind_secret_id": bindSecretID, "token_ttl": "6s", "token_max_ttl": "10s", @@ -109,7 +109,7 @@ func testAppRoleEndToEnd(t *testing.T, removeSecretIDFile bool, bindSecretID boo secretID1 := "" secretID2 := "" if bindSecretID { - resp, err := client.Logical().Write("auth/approle/role/test1/secret-id", nil) + resp, err := client.Logical().WriteWithContext(context.Background(), "auth/approle/role/test1/secret-id", nil) if err != nil { t.Fatal(err) } @@ -117,13 +117,13 @@ func testAppRoleEndToEnd(t *testing.T, removeSecretIDFile bool, bindSecretID boo } else { logger.Trace("skipped write to auth/approle/role/test1/secret-id") } - resp, err := client.Logical().Read("auth/approle/role/test1/role-id") + resp, err := client.Logical().ReadWithContext(context.Background(), "auth/approle/role/test1/role-id") if err != nil { t.Fatal(err) } roleID1 := resp.Data["role_id"].(string) - _, err = client.Logical().Write("auth/approle/role/test2", addConstraints(!bindSecretID, map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/approle/role/test2", addConstraints(!bindSecretID, map[string]interface{}{ "bind_secret_id": bindSecretID, "token_ttl": "6s", "token_max_ttl": "10s", @@ -132,7 +132,7 @@ func testAppRoleEndToEnd(t *testing.T, removeSecretIDFile bool, bindSecretID boo t.Fatal(err) } if bindSecretID { - resp, err = client.Logical().Write("auth/approle/role/test2/secret-id", nil) + resp, err = client.Logical().WriteWithContext(context.Background(), "auth/approle/role/test2/secret-id", nil) if err != nil { t.Fatal(err) } @@ -140,7 +140,7 @@ func testAppRoleEndToEnd(t *testing.T, removeSecretIDFile bool, bindSecretID boo } else { logger.Trace("skipped write to auth/approle/role/test2/secret-id") } - resp, err = client.Logical().Read("auth/approle/role/test2/role-id") + resp, err = client.Logical().ReadWithContext(context.Background(), "auth/approle/role/test2/role-id") if err != nil { t.Fatal(err) } @@ -321,7 +321,7 @@ func testAppRoleEndToEnd(t *testing.T, removeSecretIDFile bool, bindSecretID boo } } client.SetToken(string(val)) - secret, err := client.Auth().Token().LookupSelf() + secret, err := client.Auth().Token().LookupSelfWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -345,7 +345,7 @@ func testAppRoleEndToEnd(t *testing.T, removeSecretIDFile bool, bindSecretID boo if time.Now().After(timeout) { break } - secret, err := client.Auth().Token().LookupSelf() + secret, err := client.Auth().Token().LookupSelfWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -385,7 +385,7 @@ func testAppRoleEndToEnd(t *testing.T, removeSecretIDFile bool, bindSecretID boo if time.Now().After(timeout) { break } - secret, err := client.Auth().Token().LookupSelf() + secret, err := client.Auth().Token().LookupSelfWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -455,7 +455,7 @@ func testAppRoleWithWrapping(t *testing.T, bindSecretID bool, secretIDLess bool, t.Fatal(err) } - _, err = client.Logical().Write("auth/approle/role/test1", addConstraints(!bindSecretID, map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/approle/role/test1", addConstraints(!bindSecretID, map[string]interface{}{ "bind_secret_id": bindSecretID, "token_ttl": "6s", "token_max_ttl": "10s", @@ -474,7 +474,7 @@ func testAppRoleWithWrapping(t *testing.T, bindSecretID bool, secretIDLess bool, secret := "" secretID1 := "" if bindSecretID { - resp, err := client.Logical().Write("auth/approle/role/test1/secret-id", nil) + resp, err := client.Logical().WriteWithContext(context.Background(), "auth/approle/role/test1/secret-id", nil) if err != nil { t.Fatal(err) } @@ -482,7 +482,7 @@ func testAppRoleWithWrapping(t *testing.T, bindSecretID bool, secretIDLess bool, } else { logger.Trace("skipped write to auth/approle/role/test1/secret-id") } - resp, err := client.Logical().Read("auth/approle/role/test1/role-id") + resp, err := client.Logical().ReadWithContext(context.Background(), "auth/approle/role/test1/role-id") if err != nil { t.Fatal(err) } @@ -664,7 +664,7 @@ func testAppRoleWithWrapping(t *testing.T, bindSecretID bool, secretIDLess bool, } client.SetToken(string(val)) - secret, err := client.Auth().Token().LookupSelf() + secret, err := client.Auth().Token().LookupSelfWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -690,7 +690,7 @@ func testAppRoleWithWrapping(t *testing.T, bindSecretID bool, secretIDLess bool, if time.Now().After(timeout) { break } - secret, err := client.Auth().Token().LookupSelf() + secret, err := client.Auth().Token().LookupSelfWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -708,7 +708,7 @@ func testAppRoleWithWrapping(t *testing.T, bindSecretID bool, secretIDLess bool, logger.Trace("origToken set into client", "origToken", origToken) if bindSecretID { - resp, err = client.Logical().Write("auth/approle/role/test1/secret-id", nil) + resp, err = client.Logical().WriteWithContext(context.Background(), "auth/approle/role/test1/secret-id", nil) if err != nil { t.Fatal(err) } @@ -732,7 +732,7 @@ func testAppRoleWithWrapping(t *testing.T, bindSecretID bool, secretIDLess bool, if time.Now().After(timeout) { break } - secret, err := client.Auth().Token().LookupSelf() + secret, err := client.Auth().Token().LookupSelfWithContext(context.Background()) if err != nil { t.Fatal(err) } diff --git a/command/agent/auth/auth_test.go b/command/agent/auth/auth_test.go index 05c24fe1fa39..b2d2c26ad86c 100644 --- a/command/agent/auth/auth_test.go +++ b/command/agent/auth/auth_test.go @@ -33,7 +33,7 @@ func newUserpassTestMethod(t *testing.T, client *api.Client) AuthMethod { } func (u *userpassTestMethod) Authenticate(_ context.Context, client *api.Client) (string, http.Header, map[string]interface{}, error) { - _, err := client.Logical().Write("auth/userpass/users/foo", map[string]interface{}{ + _, err := client.Logical().WriteWithContext(context.Background(), "auth/userpass/users/foo", map[string]interface{}{ "password": "bar", }) if err != nil { diff --git a/command/agent/auto_auth_preload_token_end_to_end_test.go b/command/agent/auto_auth_preload_token_end_to_end_test.go index 3f8d972a32cf..8ecabd1158b8 100644 --- a/command/agent/auto_auth_preload_token_end_to_end_test.go +++ b/command/agent/auto_auth_preload_token_end_to_end_test.go @@ -48,7 +48,7 @@ func TestTokenPreload_UsingAutoAuth(t *testing.T) { } // Setup Approle - _, err := client.Logical().Write("auth/approle/role/test1", map[string]interface{}{ + _, err := client.Logical().WriteWithContext(context.Background(), "auth/approle/role/test1", map[string]interface{}{ "bind_secret_id": "true", "token_ttl": "3s", "token_max_ttl": "10s", @@ -58,13 +58,13 @@ func TestTokenPreload_UsingAutoAuth(t *testing.T) { t.Fatal(err) } - resp, err := client.Logical().Write("auth/approle/role/test1/secret-id", nil) + resp, err := client.Logical().WriteWithContext(context.Background(), "auth/approle/role/test1/secret-id", nil) if err != nil { t.Fatal(err) } secretID1 := resp.Data["secret_id"].(string) - resp, err = client.Logical().Read("auth/approle/role/test1/role-id") + resp, err = client.Logical().ReadWithContext(context.Background(), "auth/approle/role/test1/role-id") if err != nil { t.Fatal(err) } @@ -108,7 +108,7 @@ func TestTokenPreload_UsingAutoAuth(t *testing.T) { } // Setup Preload Token - tokenRespRaw, err := client.Logical().Write("auth/token/create", map[string]interface{}{ + tokenRespRaw, err := client.Logical().WriteWithContext(context.Background(), "auth/token/create", map[string]interface{}{ "ttl": "10s", "explicit-max-ttl": "15s", "policies": []string{""}, @@ -222,7 +222,7 @@ func TestTokenPreload_UsingAutoAuth(t *testing.T) { wrappedToken := map[string]interface{}{ "token": authToken.Token, } - unwrapResp, err := client.Logical().Write("sys/wrapping/unwrap", wrappedToken) + unwrapResp, err := client.Logical().WriteWithContext(context.Background(), "sys/wrapping/unwrap", wrappedToken) if err != nil { t.Fatalf("error unwrapping token: %s", err) } diff --git a/command/agent/aws_end_to_end_test.go b/command/agent/aws_end_to_end_test.go index ca7b419648c7..71fcd427100c 100644 --- a/command/agent/aws_end_to_end_test.go +++ b/command/agent/aws_end_to_end_test.go @@ -70,7 +70,7 @@ func TestAWSEndToEnd(t *testing.T) { t.Fatal(err) } - if _, err := client.Logical().Write("auth/aws/role/test", map[string]interface{}{ + if _, err := client.Logical().WriteWithContext(context.Background(), "auth/aws/role/test", map[string]interface{}{ "auth_type": "iam", "policies": "default", // Retain thru the account number of the given arn and wildcard the rest. diff --git a/command/agent/cache/cache_test.go b/command/agent/cache/cache_test.go index bee5fc0e87f7..0b16b663f9ca 100644 --- a/command/agent/cache/cache_test.go +++ b/command/agent/cache/cache_test.go @@ -92,7 +92,7 @@ func setupClusterAndAgentCommon(ctx context.Context, t *testing.T, coreConfig *v } // Add an admin policy - if err := activeClient.Sys().PutPolicy("admin", policyAdmin); err != nil { + if err := activeClient.Sys().PutPolicyWithContext(context.Background(), "admin", policyAdmin); err != nil { t.Fatal(err) } @@ -105,7 +105,7 @@ func setupClusterAndAgentCommon(ctx context.Context, t *testing.T, coreConfig *v t.Fatal(err) } - _, err = activeClient.Logical().Write("auth/userpass/users/foo", map[string]interface{}{ + _, err = activeClient.Logical().WriteWithContext(context.Background(), "auth/userpass/users/foo", map[string]interface{}{ "password": "bar", "policies": []string{"admin"}, }) @@ -174,7 +174,7 @@ func setupClusterAndAgentCommon(ctx context.Context, t *testing.T, coreConfig *v // Login via userpass method to derive a managed token. Set that token as the // testClient's token - resp, err := testClient.Logical().Write("auth/userpass/login/foo", map[string]interface{}{ + resp, err := testClient.Logical().WriteWithContext(context.Background(), "auth/userpass/login/foo", map[string]interface{}{ "password": "bar", }) if err != nil { @@ -264,7 +264,7 @@ func TestCache_AutoAuthTokenStripping(t *testing.T) { // Empty the token in the client. Auto-auth token should be put to use. testClient.SetToken("") - secret, err := testClient.Auth().Token().LookupSelf() + secret, err := testClient.Auth().Token().LookupSelfWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -272,7 +272,7 @@ func TestCache_AutoAuthTokenStripping(t *testing.T) { t.Fatalf("failed to strip off auto-auth token on lookup-self") } - secret, err = testClient.Auth().Token().Lookup("") + secret, err = testClient.Auth().Token().LookupWithContext(context.Background(), "") if err != nil { t.Fatal(err) } @@ -329,7 +329,7 @@ func TestCache_AutoAuthClientTokenProxyStripping(t *testing.T) { // Empty the token in the client. Auto-auth token should be put to use. testClient.SetToken(dummyToken) - _, err = testClient.Auth().Token().LookupSelf() + _, err = testClient.Auth().Token().LookupSelfWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -351,7 +351,7 @@ func TestCache_ConcurrentRequests(t *testing.T) { cleanup, _, testClient, _ := setupClusterAndAgent(namespace.RootContext(nil), t, coreConfig) defer cleanup() - err := testClient.Sys().Mount("kv", &api.MountInput{ + err := testClient.Sys().MountWithContext(context.Background(), "kv", &api.MountInput{ Type: "kv", }) if err != nil { @@ -364,13 +364,13 @@ func TestCache_ConcurrentRequests(t *testing.T) { go func(i int) { defer wg.Done() key := fmt.Sprintf("kv/foo/%d_%d", i, rand.Int()) - _, err := testClient.Logical().Write(key, map[string]interface{}{ + _, err := testClient.Logical().WriteWithContext(context.Background(), key, map[string]interface{}{ "key": key, }) if err != nil { t.Fatal(err) } - secret, err := testClient.Logical().Read(key) + secret, err := testClient.Logical().ReadWithContext(context.Background(), key) if err != nil { t.Fatal(err) } @@ -402,7 +402,7 @@ func TestCache_TokenRevocations_RevokeOrphan(t *testing.T) { sampleSpace[token1] = "token" // Mount the kv backend - err := testClient.Sys().Mount("kv", &api.MountInput{ + err := testClient.Sys().MountWithContext(context.Background(), "kv", &api.MountInput{ Type: "kv", }) if err != nil { @@ -410,7 +410,7 @@ func TestCache_TokenRevocations_RevokeOrphan(t *testing.T) { } // Create a secret in the backend - _, err = testClient.Logical().Write("kv/foo", map[string]interface{}{ + _, err = testClient.Logical().WriteWithContext(context.Background(), "kv/foo", map[string]interface{}{ "value": "bar", "ttl": "1h", }) @@ -419,14 +419,14 @@ func TestCache_TokenRevocations_RevokeOrphan(t *testing.T) { } // Read the secret and create a lease - leaseResp, err := testClient.Logical().Read("kv/foo") + leaseResp, err := testClient.Logical().ReadWithContext(context.Background(), "kv/foo") if err != nil { t.Fatal(err) } lease1 := leaseResp.LeaseID sampleSpace[lease1] = "lease" - resp, err := testClient.Logical().Write("auth/token/create", nil) + resp, err := testClient.Logical().WriteWithContext(context.Background(), "auth/token/create", nil) if err != nil { t.Fatal(err) } @@ -435,14 +435,14 @@ func TestCache_TokenRevocations_RevokeOrphan(t *testing.T) { testClient.SetToken(token2) - leaseResp, err = testClient.Logical().Read("kv/foo") + leaseResp, err = testClient.Logical().ReadWithContext(context.Background(), "kv/foo") if err != nil { t.Fatal(err) } lease2 := leaseResp.LeaseID sampleSpace[lease2] = "lease" - resp, err = testClient.Logical().Write("auth/token/create", nil) + resp, err = testClient.Logical().WriteWithContext(context.Background(), "auth/token/create", nil) if err != nil { t.Fatal(err) } @@ -451,7 +451,7 @@ func TestCache_TokenRevocations_RevokeOrphan(t *testing.T) { testClient.SetToken(token3) - leaseResp, err = testClient.Logical().Read("kv/foo") + leaseResp, err = testClient.Logical().ReadWithContext(context.Background(), "kv/foo") if err != nil { t.Fatal(err) } @@ -469,7 +469,7 @@ func TestCache_TokenRevocations_RevokeOrphan(t *testing.T) { // including the child tokens and leases of the child tokens should be // untouched. testClient.SetToken(token2) - err = testClient.Auth().Token().RevokeOrphan(token2) + err = testClient.Auth().Token().RevokeOrphanWithContext(context.Background(), token2) if err != nil { t.Fatal(err) } @@ -503,7 +503,7 @@ func TestCache_TokenRevocations_LeafLevelToken(t *testing.T) { sampleSpace[token1] = "token" // Mount the kv backend - err := testClient.Sys().Mount("kv", &api.MountInput{ + err := testClient.Sys().MountWithContext(context.Background(), "kv", &api.MountInput{ Type: "kv", }) if err != nil { @@ -511,7 +511,7 @@ func TestCache_TokenRevocations_LeafLevelToken(t *testing.T) { } // Create a secret in the backend - _, err = testClient.Logical().Write("kv/foo", map[string]interface{}{ + _, err = testClient.Logical().WriteWithContext(context.Background(), "kv/foo", map[string]interface{}{ "value": "bar", "ttl": "1h", }) @@ -520,14 +520,14 @@ func TestCache_TokenRevocations_LeafLevelToken(t *testing.T) { } // Read the secret and create a lease - leaseResp, err := testClient.Logical().Read("kv/foo") + leaseResp, err := testClient.Logical().ReadWithContext(context.Background(), "kv/foo") if err != nil { t.Fatal(err) } lease1 := leaseResp.LeaseID sampleSpace[lease1] = "lease" - resp, err := testClient.Logical().Write("auth/token/create", nil) + resp, err := testClient.Logical().WriteWithContext(context.Background(), "auth/token/create", nil) if err != nil { t.Fatal(err) } @@ -536,14 +536,14 @@ func TestCache_TokenRevocations_LeafLevelToken(t *testing.T) { testClient.SetToken(token2) - leaseResp, err = testClient.Logical().Read("kv/foo") + leaseResp, err = testClient.Logical().ReadWithContext(context.Background(), "kv/foo") if err != nil { t.Fatal(err) } lease2 := leaseResp.LeaseID sampleSpace[lease2] = "lease" - resp, err = testClient.Logical().Write("auth/token/create", nil) + resp, err = testClient.Logical().WriteWithContext(context.Background(), "auth/token/create", nil) if err != nil { t.Fatal(err) } @@ -552,7 +552,7 @@ func TestCache_TokenRevocations_LeafLevelToken(t *testing.T) { testClient.SetToken(token3) - leaseResp, err = testClient.Logical().Read("kv/foo") + leaseResp, err = testClient.Logical().ReadWithContext(context.Background(), "kv/foo") if err != nil { t.Fatal(err) } @@ -569,7 +569,7 @@ func TestCache_TokenRevocations_LeafLevelToken(t *testing.T) { // token, evict entries for all the child tokens and their respective // leases. testClient.SetToken(token3) - err = testClient.Auth().Token().RevokeSelf("") + err = testClient.Auth().Token().RevokeSelfWithContext(context.Background(), "") if err != nil { t.Fatal(err) } @@ -603,7 +603,7 @@ func TestCache_TokenRevocations_IntermediateLevelToken(t *testing.T) { sampleSpace[token1] = "token" // Mount the kv backend - err := testClient.Sys().Mount("kv", &api.MountInput{ + err := testClient.Sys().MountWithContext(context.Background(), "kv", &api.MountInput{ Type: "kv", }) if err != nil { @@ -611,7 +611,7 @@ func TestCache_TokenRevocations_IntermediateLevelToken(t *testing.T) { } // Create a secret in the backend - _, err = testClient.Logical().Write("kv/foo", map[string]interface{}{ + _, err = testClient.Logical().WriteWithContext(context.Background(), "kv/foo", map[string]interface{}{ "value": "bar", "ttl": "1h", }) @@ -620,14 +620,14 @@ func TestCache_TokenRevocations_IntermediateLevelToken(t *testing.T) { } // Read the secret and create a lease - leaseResp, err := testClient.Logical().Read("kv/foo") + leaseResp, err := testClient.Logical().ReadWithContext(context.Background(), "kv/foo") if err != nil { t.Fatal(err) } lease1 := leaseResp.LeaseID sampleSpace[lease1] = "lease" - resp, err := testClient.Logical().Write("auth/token/create", nil) + resp, err := testClient.Logical().WriteWithContext(context.Background(), "auth/token/create", nil) if err != nil { t.Fatal(err) } @@ -636,14 +636,14 @@ func TestCache_TokenRevocations_IntermediateLevelToken(t *testing.T) { testClient.SetToken(token2) - leaseResp, err = testClient.Logical().Read("kv/foo") + leaseResp, err = testClient.Logical().ReadWithContext(context.Background(), "kv/foo") if err != nil { t.Fatal(err) } lease2 := leaseResp.LeaseID sampleSpace[lease2] = "lease" - resp, err = testClient.Logical().Write("auth/token/create", nil) + resp, err = testClient.Logical().WriteWithContext(context.Background(), "auth/token/create", nil) if err != nil { t.Fatal(err) } @@ -652,7 +652,7 @@ func TestCache_TokenRevocations_IntermediateLevelToken(t *testing.T) { testClient.SetToken(token3) - leaseResp, err = testClient.Logical().Read("kv/foo") + leaseResp, err = testClient.Logical().ReadWithContext(context.Background(), "kv/foo") if err != nil { t.Fatal(err) } @@ -669,7 +669,7 @@ func TestCache_TokenRevocations_IntermediateLevelToken(t *testing.T) { // belonging to this token, evict entries for all the child tokens and // their respective leases. testClient.SetToken(token2) - err = testClient.Auth().Token().RevokeSelf("") + err = testClient.Auth().Token().RevokeSelfWithContext(context.Background(), "") if err != nil { t.Fatal(err) } @@ -701,7 +701,7 @@ func TestCache_TokenRevocations_TopLevelToken(t *testing.T) { sampleSpace[token1] = "token" // Mount the kv backend - err := testClient.Sys().Mount("kv", &api.MountInput{ + err := testClient.Sys().MountWithContext(context.Background(), "kv", &api.MountInput{ Type: "kv", }) if err != nil { @@ -709,7 +709,7 @@ func TestCache_TokenRevocations_TopLevelToken(t *testing.T) { } // Create a secret in the backend - _, err = testClient.Logical().Write("kv/foo", map[string]interface{}{ + _, err = testClient.Logical().WriteWithContext(context.Background(), "kv/foo", map[string]interface{}{ "value": "bar", "ttl": "1h", }) @@ -718,14 +718,14 @@ func TestCache_TokenRevocations_TopLevelToken(t *testing.T) { } // Read the secret and create a lease - leaseResp, err := testClient.Logical().Read("kv/foo") + leaseResp, err := testClient.Logical().ReadWithContext(context.Background(), "kv/foo") if err != nil { t.Fatal(err) } lease1 := leaseResp.LeaseID sampleSpace[lease1] = "lease" - resp, err := testClient.Logical().Write("auth/token/create", nil) + resp, err := testClient.Logical().WriteWithContext(context.Background(), "auth/token/create", nil) if err != nil { t.Fatal(err) } @@ -734,14 +734,14 @@ func TestCache_TokenRevocations_TopLevelToken(t *testing.T) { testClient.SetToken(token2) - leaseResp, err = testClient.Logical().Read("kv/foo") + leaseResp, err = testClient.Logical().ReadWithContext(context.Background(), "kv/foo") if err != nil { t.Fatal(err) } lease2 := leaseResp.LeaseID sampleSpace[lease2] = "lease" - resp, err = testClient.Logical().Write("auth/token/create", nil) + resp, err = testClient.Logical().WriteWithContext(context.Background(), "auth/token/create", nil) if err != nil { t.Fatal(err) } @@ -750,7 +750,7 @@ func TestCache_TokenRevocations_TopLevelToken(t *testing.T) { testClient.SetToken(token3) - leaseResp, err = testClient.Logical().Read("kv/foo") + leaseResp, err = testClient.Logical().ReadWithContext(context.Background(), "kv/foo") if err != nil { t.Fatal(err) } @@ -767,7 +767,7 @@ func TestCache_TokenRevocations_TopLevelToken(t *testing.T) { // to this token, evict entries for all the child tokens and their // respective leases. testClient.SetToken(token1) - err = testClient.Auth().Token().RevokeSelf("") + err = testClient.Auth().Token().RevokeSelfWithContext(context.Background(), "") if err != nil { t.Fatal(err) } @@ -797,7 +797,7 @@ func TestCache_TokenRevocations_Shutdown(t *testing.T) { sampleSpace[token1] = "token" // Mount the kv backend - err := testClient.Sys().Mount("kv", &api.MountInput{ + err := testClient.Sys().MountWithContext(context.Background(), "kv", &api.MountInput{ Type: "kv", }) if err != nil { @@ -805,7 +805,7 @@ func TestCache_TokenRevocations_Shutdown(t *testing.T) { } // Create a secret in the backend - _, err = testClient.Logical().Write("kv/foo", map[string]interface{}{ + _, err = testClient.Logical().WriteWithContext(context.Background(), "kv/foo", map[string]interface{}{ "value": "bar", "ttl": "1h", }) @@ -814,14 +814,14 @@ func TestCache_TokenRevocations_Shutdown(t *testing.T) { } // Read the secret and create a lease - leaseResp, err := testClient.Logical().Read("kv/foo") + leaseResp, err := testClient.Logical().ReadWithContext(context.Background(), "kv/foo") if err != nil { t.Fatal(err) } lease1 := leaseResp.LeaseID sampleSpace[lease1] = "lease" - resp, err := testClient.Logical().Write("auth/token/create", nil) + resp, err := testClient.Logical().WriteWithContext(context.Background(), "auth/token/create", nil) if err != nil { t.Fatal(err) } @@ -830,14 +830,14 @@ func TestCache_TokenRevocations_Shutdown(t *testing.T) { testClient.SetToken(token2) - leaseResp, err = testClient.Logical().Read("kv/foo") + leaseResp, err = testClient.Logical().ReadWithContext(context.Background(), "kv/foo") if err != nil { t.Fatal(err) } lease2 := leaseResp.LeaseID sampleSpace[lease2] = "lease" - resp, err = testClient.Logical().Write("auth/token/create", nil) + resp, err = testClient.Logical().WriteWithContext(context.Background(), "auth/token/create", nil) if err != nil { t.Fatal(err) } @@ -846,7 +846,7 @@ func TestCache_TokenRevocations_Shutdown(t *testing.T) { testClient.SetToken(token3) - leaseResp, err = testClient.Logical().Read("kv/foo") + leaseResp, err = testClient.Logical().ReadWithContext(context.Background(), "kv/foo") if err != nil { t.Fatal(err) } @@ -886,7 +886,7 @@ func TestCache_TokenRevocations_BaseContextCancellation(t *testing.T) { sampleSpace[token1] = "token" // Mount the kv backend - err := testClient.Sys().Mount("kv", &api.MountInput{ + err := testClient.Sys().MountWithContext(context.Background(), "kv", &api.MountInput{ Type: "kv", }) if err != nil { @@ -894,7 +894,7 @@ func TestCache_TokenRevocations_BaseContextCancellation(t *testing.T) { } // Create a secret in the backend - _, err = testClient.Logical().Write("kv/foo", map[string]interface{}{ + _, err = testClient.Logical().WriteWithContext(context.Background(), "kv/foo", map[string]interface{}{ "value": "bar", "ttl": "1h", }) @@ -903,14 +903,14 @@ func TestCache_TokenRevocations_BaseContextCancellation(t *testing.T) { } // Read the secret and create a lease - leaseResp, err := testClient.Logical().Read("kv/foo") + leaseResp, err := testClient.Logical().ReadWithContext(context.Background(), "kv/foo") if err != nil { t.Fatal(err) } lease1 := leaseResp.LeaseID sampleSpace[lease1] = "lease" - resp, err := testClient.Logical().Write("auth/token/create", nil) + resp, err := testClient.Logical().WriteWithContext(context.Background(), "auth/token/create", nil) if err != nil { t.Fatal(err) } @@ -919,14 +919,14 @@ func TestCache_TokenRevocations_BaseContextCancellation(t *testing.T) { testClient.SetToken(token2) - leaseResp, err = testClient.Logical().Read("kv/foo") + leaseResp, err = testClient.Logical().ReadWithContext(context.Background(), "kv/foo") if err != nil { t.Fatal(err) } lease2 := leaseResp.LeaseID sampleSpace[lease2] = "lease" - resp, err = testClient.Logical().Write("auth/token/create", nil) + resp, err = testClient.Logical().WriteWithContext(context.Background(), "auth/token/create", nil) if err != nil { t.Fatal(err) } @@ -935,7 +935,7 @@ func TestCache_TokenRevocations_BaseContextCancellation(t *testing.T) { testClient.SetToken(token3) - leaseResp, err = testClient.Logical().Read("kv/foo") + leaseResp, err = testClient.Logical().ReadWithContext(context.Background(), "kv/foo") if err != nil { t.Fatal(err) } @@ -972,13 +972,13 @@ func TestCache_NonCacheable(t *testing.T) { defer cleanup() // Query mounts first - origMounts, err := testClient.Sys().ListMounts() + origMounts, err := testClient.Sys().ListMountsWithContext(context.Background()) if err != nil { t.Fatal(err) } // Mount a kv backend - if err := testClient.Sys().Mount("kv", &api.MountInput{ + if err := testClient.Sys().MountWithContext(context.Background(), "kv", &api.MountInput{ Type: "kv", Options: map[string]string{ "version": "2", @@ -988,7 +988,7 @@ func TestCache_NonCacheable(t *testing.T) { } // Query mounts again - newMounts, err := testClient.Sys().ListMounts() + newMounts, err := testClient.Sys().ListMountsWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -1020,7 +1020,7 @@ func TestCache_Caching_AuthResponse(t *testing.T) { cleanup, _, testClient, _ := setupClusterAndAgent(namespace.RootContext(nil), t, nil) defer cleanup() - resp, err := testClient.Logical().Write("auth/token/create", nil) + resp, err := testClient.Logical().WriteWithContext(context.Background(), "auth/token/create", nil) if err != nil { t.Fatal(err) } @@ -1028,7 +1028,7 @@ func TestCache_Caching_AuthResponse(t *testing.T) { testClient.SetToken(token) authTokeCreateReq := func(t *testing.T, policies map[string]interface{}) *api.Secret { - resp, err := testClient.Logical().Write("auth/token/create", policies) + resp, err := testClient.Logical().WriteWithContext(context.Background(), "auth/token/create", policies) if err != nil { t.Fatal(err) } @@ -1079,7 +1079,7 @@ func TestCache_Caching_LeaseResponse(t *testing.T) { cleanup, client, testClient, _ := setupClusterAndAgent(namespace.RootContext(nil), t, coreConfig) defer cleanup() - err := client.Sys().Mount("kv", &api.MountInput{ + err := client.Sys().MountWithContext(context.Background(), "kv", &api.MountInput{ Type: "kv", }) if err != nil { @@ -1089,14 +1089,14 @@ func TestCache_Caching_LeaseResponse(t *testing.T) { // Test proxy by issuing two different requests { // Write data to the lease-kv backend - _, err := testClient.Logical().Write("kv/foo", map[string]interface{}{ + _, err := testClient.Logical().WriteWithContext(context.Background(), "kv/foo", map[string]interface{}{ "value": "bar", "ttl": "1h", }) if err != nil { t.Fatal(err) } - _, err = testClient.Logical().Write("kv/foobar", map[string]interface{}{ + _, err = testClient.Logical().WriteWithContext(context.Background(), "kv/foobar", map[string]interface{}{ "value": "bar", "ttl": "1h", }) @@ -1104,12 +1104,12 @@ func TestCache_Caching_LeaseResponse(t *testing.T) { t.Fatal(err) } - firstResp, err := testClient.Logical().Read("kv/foo") + firstResp, err := testClient.Logical().ReadWithContext(context.Background(), "kv/foo") if err != nil { t.Fatal(err) } - secondResp, err := testClient.Logical().Read("kv/foobar") + secondResp, err := testClient.Logical().ReadWithContext(context.Background(), "kv/foobar") if err != nil { t.Fatal(err) } @@ -1122,7 +1122,7 @@ func TestCache_Caching_LeaseResponse(t *testing.T) { // Test caching behavior by issue the same request twice { - _, err := testClient.Logical().Write("kv/baz", map[string]interface{}{ + _, err := testClient.Logical().WriteWithContext(context.Background(), "kv/baz", map[string]interface{}{ "value": "foo", "ttl": "1h", }) @@ -1130,12 +1130,12 @@ func TestCache_Caching_LeaseResponse(t *testing.T) { t.Fatal(err) } - proxiedResp, err := testClient.Logical().Read("kv/baz") + proxiedResp, err := testClient.Logical().ReadWithContext(context.Background(), "kv/baz") if err != nil { t.Fatal(err) } - cachedResp, err := testClient.Logical().Read("kv/baz") + cachedResp, err := testClient.Logical().ReadWithContext(context.Background(), "kv/baz") if err != nil { t.Fatal(err) } @@ -1181,7 +1181,7 @@ func testCachingCacheClearCommon(t *testing.T, clearType string) { cleanup, client, testClient, leaseCache := setupClusterAndAgent(namespace.RootContext(nil), t, coreConfig) defer cleanup() - err := client.Sys().Mount("kv", &api.MountInput{ + err := client.Sys().MountWithContext(context.Background(), "kv", &api.MountInput{ Type: "kv", }) if err != nil { @@ -1189,7 +1189,7 @@ func testCachingCacheClearCommon(t *testing.T, clearType string) { } // Write data to the lease-kv backend - _, err = testClient.Logical().Write("kv/foo", map[string]interface{}{ + _, err = testClient.Logical().WriteWithContext(context.Background(), "kv/foo", map[string]interface{}{ "value": "bar", "ttl": "1h", }) @@ -1198,7 +1198,7 @@ func testCachingCacheClearCommon(t *testing.T, clearType string) { } // Proxy this request, agent should cache the response - resp, err := testClient.Logical().Read("kv/foo") + resp, err := testClient.Logical().ReadWithContext(context.Background(), "kv/foo") if err != nil { t.Fatal(err) } @@ -1228,7 +1228,7 @@ func testCachingCacheClearCommon(t *testing.T, clearType string) { case "token": data["value"] = testClient.Token() case "token_accessor": - lookupResp, err := client.Auth().Token().Lookup(testClient.Token()) + lookupResp, err := client.Auth().Token().LookupWithContext(context.Background(), testClient.Token()) if err != nil { t.Fatal(err) } @@ -1285,7 +1285,7 @@ func TestCache_AuthTokenCreateOrphan(t *testing.T) { Policies: []string{"default"}, NoParent: true, } - resp, err := testClient.Auth().Token().Create(reqOpts) + resp, err := testClient.Auth().Token().CreateWithContext(context.Background(), reqOpts) if err != nil { t.Fatal(err) } @@ -1312,7 +1312,7 @@ func TestCache_AuthTokenCreateOrphan(t *testing.T) { // Use the test client but set the token to one that's not managed by agent testClient.SetToken(clusterClient.Token()) - resp, err := testClient.Auth().Token().Create(reqOpts) + resp, err := testClient.Auth().Token().CreateWithContext(context.Background(), reqOpts) if err != nil { t.Fatal(err) } @@ -1336,7 +1336,7 @@ func TestCache_AuthTokenCreateOrphan(t *testing.T) { reqOpts := &api.TokenCreateRequest{ Policies: []string{"default"}, } - resp, err := testClient.Auth().Token().CreateOrphan(reqOpts) + resp, err := testClient.Auth().Token().CreateOrphanWithContext(context.Background(), reqOpts) if err != nil { t.Fatal(err) } @@ -1362,7 +1362,7 @@ func TestCache_AuthTokenCreateOrphan(t *testing.T) { // Use the test client but set the token to one that's not managed by agent testClient.SetToken(clusterClient.Token()) - resp, err := testClient.Auth().Token().CreateOrphan(reqOpts) + resp, err := testClient.Auth().Token().CreateOrphanWithContext(context.Background(), reqOpts) if err != nil { t.Fatal(err) } diff --git a/command/agent/cache_end_to_end_test.go b/command/agent/cache_end_to_end_test.go index 4ad056a850cc..69d3e3fc0bd7 100644 --- a/command/agent/cache_end_to_end_test.go +++ b/command/agent/cache_end_to_end_test.go @@ -71,7 +71,7 @@ func TestCache_UsingAutoAuthToken(t *testing.T) { defer os.Setenv(api.EnvVaultCACert, os.Getenv(api.EnvVaultCACert)) os.Setenv(api.EnvVaultCACert, fmt.Sprintf("%s/ca_cert.pem", cluster.TempDir)) - err = client.Sys().Mount("kv", &api.MountInput{ + err = client.Sys().MountWithContext(context.Background(), "kv", &api.MountInput{ Type: "kv", }) if err != nil { @@ -79,7 +79,7 @@ func TestCache_UsingAutoAuthToken(t *testing.T) { } // Create a secret in the backend - _, err = client.Logical().Write("kv/foo", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "kv/foo", map[string]interface{}{ "value": "bar", "ttl": "1h", }) @@ -88,7 +88,7 @@ func TestCache_UsingAutoAuthToken(t *testing.T) { } // Add an kv-admin policy - if err := client.Sys().PutPolicy("test-autoauth", policyAutoAuthAppRole); err != nil { + if err := client.Sys().PutPolicyWithContext(context.Background(), "test-autoauth", policyAutoAuthAppRole); err != nil { t.Fatal(err) } @@ -100,7 +100,7 @@ func TestCache_UsingAutoAuthToken(t *testing.T) { t.Fatal(err) } - _, err = client.Logical().Write("auth/approle/role/test1", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/approle/role/test1", map[string]interface{}{ "bind_secret_id": "true", "token_ttl": "3s", "token_max_ttl": "10s", @@ -110,13 +110,13 @@ func TestCache_UsingAutoAuthToken(t *testing.T) { t.Fatal(err) } - resp, err := client.Logical().Write("auth/approle/role/test1/secret-id", nil) + resp, err := client.Logical().WriteWithContext(context.Background(), "auth/approle/role/test1/secret-id", nil) if err != nil { t.Fatal(err) } secretID1 := resp.Data["secret_id"].(string) - resp, err = client.Logical().Read("auth/approle/role/test1/role-id") + resp, err = client.Logical().ReadWithContext(context.Background(), "auth/approle/role/test1/role-id") if err != nil { t.Fatal(err) } @@ -343,7 +343,7 @@ func TestCache_UsingAutoAuthToken(t *testing.T) { // Empty the token in the client to ensure that auto-auth token is used testClient.SetToken("") - resp, err = testClient.Logical().Read("auth/token/lookup-self") + resp, err = testClient.Logical().ReadWithContext(context.Background(), "auth/token/lookup-self") if err != nil { t.Fatal(err) } @@ -354,14 +354,14 @@ func TestCache_UsingAutoAuthToken(t *testing.T) { // This block tests lease creation caching using the auto-auth token. { - resp, err = testClient.Logical().Read("kv/foo") + resp, err = testClient.Logical().ReadWithContext(context.Background(), "kv/foo") if err != nil { t.Fatal(err) } origReqID := resp.RequestID - resp, err = testClient.Logical().Read("kv/foo") + resp, err = testClient.Logical().ReadWithContext(context.Background(), "kv/foo") if err != nil { t.Fatal(err) } @@ -379,7 +379,7 @@ func TestCache_UsingAutoAuthToken(t *testing.T) { // This block tests auth token creation caching (child, non-orphan tokens) // using the auto-auth token. { - resp, err = testClient.Logical().Write("auth/token/create", nil) + resp, err = testClient.Logical().WriteWithContext(context.Background(), "auth/token/create", nil) if err != nil { t.Fatal(err) } @@ -388,7 +388,7 @@ func TestCache_UsingAutoAuthToken(t *testing.T) { // Sleep for a bit to allow renewer logic to kick in time.Sleep(20 * time.Millisecond) - resp, err = testClient.Logical().Write("auth/token/create", nil) + resp, err = testClient.Logical().WriteWithContext(context.Background(), "auth/token/create", nil) if err != nil { t.Fatal(err) } @@ -405,7 +405,7 @@ func TestCache_UsingAutoAuthToken(t *testing.T) { // Empty the token in the client to ensure that auto-auth token is used testClient.SetToken(client.Token()) - resp, err = testClient.Logical().Read("auth/token/lookup-self") + resp, err = testClient.Logical().ReadWithContext(context.Background(), "auth/token/lookup-self") if err != nil { t.Fatal(err) } diff --git a/command/agent/cert_end_to_end_test.go b/command/agent/cert_end_to_end_test.go index bacb188021cd..127274b5df30 100644 --- a/command/agent/cert_end_to_end_test.go +++ b/command/agent/cert_end_to_end_test.go @@ -90,7 +90,7 @@ func testCertEndToEnd(t *testing.T, withCertRoleName, ahWrapping bool) { certificatePEM := pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: cluster.CACert.Raw}) certRoleName := "test" - _, err = client.Logical().Write(fmt.Sprintf("auth/cert/certs/%s", certRoleName), map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), fmt.Sprintf("auth/cert/certs/%s", certRoleName), map[string]interface{}{ "certificate": string(certificatePEM), "policies": "default", }) @@ -327,7 +327,7 @@ func TestCertEndToEnd_CertsInConfig(t *testing.T) { // ///////////// // Mount /pki as a root CA - err := client.Sys().Mount("pki", &api.MountInput{ + err := client.Sys().MountWithContext(context.Background(), "pki", &api.MountInput{ Type: "pki", Config: api.MountConfigInput{ DefaultLeaseTTL: "16h", @@ -340,7 +340,7 @@ func TestCertEndToEnd_CertsInConfig(t *testing.T) { // Set the cluster's certificate as the root CA in /pki pemBundleRootCA := string(cluster.CACertPEM) + string(cluster.CAKeyPEM) - _, err = client.Logical().Write("pki/config/ca", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "pki/config/ca", map[string]interface{}{ "pem_bundle": pemBundleRootCA, }) if err != nil { @@ -348,7 +348,7 @@ func TestCertEndToEnd_CertsInConfig(t *testing.T) { } // Mount /pki2 to operate as an intermediate CA - err = client.Sys().Mount("pki2", &api.MountInput{ + err = client.Sys().MountWithContext(context.Background(), "pki2", &api.MountInput{ Type: "pki", Config: api.MountConfigInput{ DefaultLeaseTTL: "16h", @@ -360,14 +360,14 @@ func TestCertEndToEnd_CertsInConfig(t *testing.T) { } // Create a CSR for the intermediate CA - secret, err := client.Logical().Write("pki2/intermediate/generate/internal", nil) + secret, err := client.Logical().WriteWithContext(context.Background(), "pki2/intermediate/generate/internal", nil) if err != nil { t.Fatal(err) } intermediateCSR := secret.Data["csr"].(string) // Sign the intermediate CSR using /pki - secret, err = client.Logical().Write("pki/root/sign-intermediate", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "pki/root/sign-intermediate", map[string]interface{}{ "permitted_dns_domains": ".myvault.com", "csr": intermediateCSR, }) @@ -377,7 +377,7 @@ func TestCertEndToEnd_CertsInConfig(t *testing.T) { intermediateCertPEM := secret.Data["certificate"].(string) // Configure the intermediate cert as the CA in /pki2 - _, err = client.Logical().Write("pki2/intermediate/set-signed", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "pki2/intermediate/set-signed", map[string]interface{}{ "certificate": intermediateCertPEM, }) if err != nil { @@ -385,7 +385,7 @@ func TestCertEndToEnd_CertsInConfig(t *testing.T) { } // Create a role on the intermediate CA mount - _, err = client.Logical().Write("pki2/roles/myvault-dot-com", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "pki2/roles/myvault-dot-com", map[string]interface{}{ "allowed_domains": "myvault.com", "allow_subdomains": "true", "max_ttl": "5m", @@ -395,7 +395,7 @@ func TestCertEndToEnd_CertsInConfig(t *testing.T) { } // Issue a leaf cert using the intermediate CA - secret, err = client.Logical().Write("pki2/issue/myvault-dot-com", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "pki2/issue/myvault-dot-com", map[string]interface{}{ "common_name": "cert.myvault.com", "format": "pem", "ip_sans": "127.0.0.1", @@ -457,7 +457,7 @@ func TestCertEndToEnd_CertsInConfig(t *testing.T) { } // Set the intermediate CA cert as a trusted certificate in the backend - _, err = client.Logical().Write("auth/cert/certs/myvault-dot-com", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/cert/certs/myvault-dot-com", map[string]interface{}{ "display_name": "myvault.com", "policies": "default", "certificate": intermediateCertPEM, diff --git a/command/agent/cf_end_to_end_test.go b/command/agent/cf_end_to_end_test.go index 6bc1fa8b6a07..17963fda729f 100644 --- a/command/agent/cf_end_to_end_test.go +++ b/command/agent/cf_end_to_end_test.go @@ -68,7 +68,7 @@ func TestCFEndToEnd(t *testing.T) { defer mockCFAPI.Close() // Configure a CA certificate like a Vault operator would in setting up CF. - if _, err := client.Logical().Write("auth/cf/config", map[string]interface{}{ + if _, err := client.Logical().WriteWithContext(context.Background(), "auth/cf/config", map[string]interface{}{ "identity_ca_certificates": testCFCerts.CACertificate, "cf_api_addr": mockCFAPI.URL, "cf_username": cfAPI.AuthUsername, @@ -78,7 +78,7 @@ func TestCFEndToEnd(t *testing.T) { } // Configure a role to be used for logging in, another thing a Vault operator would do. - if _, err := client.Logical().Write("auth/cf/roles/test-role", map[string]interface{}{ + if _, err := client.Logical().WriteWithContext(context.Background(), "auth/cf/roles/test-role", map[string]interface{}{ "bound_instance_ids": cfAPI.FoundServiceGUID, "bound_organization_ids": cfAPI.FoundOrgGUID, "bound_space_ids": cfAPI.FoundSpaceGUID, diff --git a/command/agent/jwt_end_to_end_test.go b/command/agent/jwt_end_to_end_test.go index c2d74d9f37dc..96ea28d67a52 100644 --- a/command/agent/jwt_end_to_end_test.go +++ b/command/agent/jwt_end_to_end_test.go @@ -53,7 +53,7 @@ func testJWTEndToEnd(t *testing.T, ahWrapping bool) { t.Fatal(err) } - _, err = client.Logical().Write("auth/jwt/config", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/jwt/config", map[string]interface{}{ "bound_issuer": "https://team-vault.auth0.com/", "jwt_validation_pubkeys": TestECDSAPubKey, "jwt_supported_algs": "ES256", @@ -62,7 +62,7 @@ func testJWTEndToEnd(t *testing.T, ahWrapping bool) { t.Fatal(err) } - _, err = client.Logical().Write("auth/jwt/role/test", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/jwt/role/test", map[string]interface{}{ "role_type": "jwt", "bound_subject": "r3qXcK2bix9eFECzsU3Sbmh0K16fatW6@clients", "bound_audiences": "https://vault.plugin.auth.jwt.test", diff --git a/command/agent_test.go b/command/agent_test.go index 4b62020e1dfb..2f191aa951a7 100644 --- a/command/agent_test.go +++ b/command/agent_test.go @@ -1,6 +1,7 @@ package command import ( + "context" "encoding/json" "fmt" "io/ioutil" @@ -75,7 +76,7 @@ func TestAgent_Cache_UnixListener(t *testing.T) { t.Fatal(err) } - _, err = client.Logical().Write("auth/jwt/config", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/jwt/config", map[string]interface{}{ "bound_issuer": "https://team-vault.auth0.com/", "jwt_validation_pubkeys": agent.TestECDSAPubKey, }) @@ -83,7 +84,7 @@ func TestAgent_Cache_UnixListener(t *testing.T) { t.Fatal(err) } - _, err = client.Logical().Write("auth/jwt/role/test", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/jwt/role/test", map[string]interface{}{ "role_type": "jwt", "bound_subject": "r3qXcK2bix9eFECzsU3Sbmh0K16fatW6@clients", "bound_audiences": "https://vault.plugin.auth.jwt.test", @@ -218,7 +219,7 @@ cache { time.Sleep(1 * time.Second) // Invoke lookup self through the agent - secret, err := testClient.Auth().Token().LookupSelf() + secret, err := testClient.Auth().Token().LookupSelfWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -263,7 +264,7 @@ func testAgentExitAfterAuth(t *testing.T, viaFlag bool) { t.Fatal(err) } - _, err = client.Logical().Write("auth/jwt/config", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/jwt/config", map[string]interface{}{ "bound_issuer": "https://team-vault.auth0.com/", "jwt_validation_pubkeys": agent.TestECDSAPubKey, "jwt_supported_algs": "ES256", @@ -272,7 +273,7 @@ func testAgentExitAfterAuth(t *testing.T, viaFlag bool) { t.Fatal(err) } - _, err = client.Logical().Write("auth/jwt/role/test", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/jwt/role/test", map[string]interface{}{ "role_type": "jwt", "bound_subject": "r3qXcK2bix9eFECzsU3Sbmh0K16fatW6@clients", "bound_audiences": "https://vault.plugin.auth.jwt.test", @@ -1306,7 +1307,7 @@ func TestAgent_Template_Retry(t *testing.T) { methodConf, cleanup := prepAgentApproleKV(t, serverClient) defer cleanup() - err := serverClient.Sys().TuneMount("secret", api.MountConfigInput{ + err := serverClient.Sys().TuneMountWithContext(context.Background(), "secret", api.MountConfigInput{ Options: map[string]string{ "version": "2", }, @@ -1315,7 +1316,7 @@ func TestAgent_Template_Retry(t *testing.T) { t.Fatal(err) } - _, err = serverClient.Logical().Write("secret/data/otherapp", map[string]interface{}{ + _, err = serverClient.Logical().WriteWithContext(context.Background(), "secret/data/otherapp", map[string]interface{}{ "data": map[string]interface{}{ "username": "barstuff", "password": "zap", @@ -1499,7 +1500,7 @@ path "/secret/*" { } ` // Add an kv-admin policy - if err := client.Sys().PutPolicy("test-autoauth", policyAutoAuthAppRole); err != nil { + if err := client.Sys().PutPolicyWithContext(context.Background(), "test-autoauth", policyAutoAuthAppRole); err != nil { t.Fatal(err) } @@ -1511,7 +1512,7 @@ path "/secret/*" { t.Fatal(err) } - _, err = client.Logical().Write("auth/approle/role/test1", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/approle/role/test1", map[string]interface{}{ "bind_secret_id": "true", "token_ttl": "1h", "token_max_ttl": "2h", @@ -1521,14 +1522,14 @@ path "/secret/*" { t.Fatal(err) } - resp, err := client.Logical().Write("auth/approle/role/test1/secret-id", nil) + resp, err := client.Logical().WriteWithContext(context.Background(), "auth/approle/role/test1/secret-id", nil) if err != nil { t.Fatal(err) } secretID := resp.Data["secret_id"].(string) secretIDFile := makeTempFile(t, "secret_id.txt", secretID+"\n") - resp, err = client.Logical().Read("auth/approle/role/test1/role-id") + resp, err = client.Logical().ReadWithContext(context.Background(), "auth/approle/role/test1/role-id") if err != nil { t.Fatal(err) } @@ -1590,7 +1591,7 @@ func TestAgent_Cache_Retry(t *testing.T) { defer os.Setenv(api.EnvVaultAddress, os.Getenv(api.EnvVaultAddress)) os.Unsetenv(api.EnvVaultAddress) - _, err := serverClient.Logical().Write("secret/foo", map[string]interface{}{ + _, err := serverClient.Logical().WriteWithContext(context.Background(), "secret/foo", map[string]interface{}{ "bar": "baz", }) if err != nil { @@ -1688,7 +1689,7 @@ vault { if err != nil { t.Fatal(err) } - secret, err := client.Logical().Read("secret/foo") + secret, err := client.Logical().ReadWithContext(context.Background(), "secret/foo") switch { case (err != nil || secret == nil) && tc.expectError: case (err == nil || secret != nil) && !tc.expectError: @@ -1742,7 +1743,7 @@ func TestAgent_TemplateConfig_ExitOnRetryFailure(t *testing.T) { autoAuthConfig, cleanup := prepAgentApproleKV(t, serverClient) defer cleanup() - err := serverClient.Sys().TuneMount("secret", api.MountConfigInput{ + err := serverClient.Sys().TuneMountWithContext(context.Background(), "secret", api.MountConfigInput{ Options: map[string]string{ "version": "2", }, @@ -1751,7 +1752,7 @@ func TestAgent_TemplateConfig_ExitOnRetryFailure(t *testing.T) { t.Fatal(err) } - _, err = serverClient.Logical().Write("secret/data/otherapp", map[string]interface{}{ + _, err = serverClient.Logical().WriteWithContext(context.Background(), "secret/data/otherapp", map[string]interface{}{ "data": map[string]interface{}{ "username": "barstuff", "password": "zap", diff --git a/command/approle_concurrency_integ_test.go b/command/approle_concurrency_integ_test.go index 5dbcce064c8d..2b465e586bf2 100644 --- a/command/approle_concurrency_integ_test.go +++ b/command/approle_concurrency_integ_test.go @@ -45,7 +45,7 @@ func TestAppRole_Integ_ConcurrentLogins(t *testing.T) { t.Fatal(err) } - _, err = client.Logical().Write("auth/approle/role/role1", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/approle/role/role1", map[string]interface{}{ "bind_secret_id": "true", "period": "300", }) @@ -53,13 +53,13 @@ func TestAppRole_Integ_ConcurrentLogins(t *testing.T) { t.Fatal(err) } - secret, err := client.Logical().Write("auth/approle/role/role1/secret-id", nil) + secret, err := client.Logical().WriteWithContext(context.Background(), "auth/approle/role/role1/secret-id", nil) if err != nil { t.Fatal(err) } secretID := secret.Data["secret_id"].(string) - secret, err = client.Logical().Read("auth/approle/role/role1/role-id") + secret, err = client.Logical().ReadWithContext(context.Background(), "auth/approle/role/role1/role-id") if err != nil { t.Fatal(err) } diff --git a/command/audit_disable_test.go b/command/audit_disable_test.go index 0a7e8e4dcd99..17043326c481 100644 --- a/command/audit_disable_test.go +++ b/command/audit_disable_test.go @@ -1,6 +1,7 @@ package command import ( + "context" "strings" "testing" @@ -63,7 +64,7 @@ func TestAuditDisableCommand_Run(t *testing.T) { client, closer := testVaultServer(t) defer closer() - if err := client.Sys().EnableAuditWithOptions("file", &api.EnableAuditOptions{ + if err := client.Sys().EnableAuditWithOptionsWithContext(context.Background(), "file", &api.EnableAuditOptions{ Type: "file", Options: map[string]string{ "file_path": "discard", @@ -93,7 +94,7 @@ func TestAuditDisableCommand_Run(t *testing.T) { client, closer := testVaultServer(t) defer closer() - if err := client.Sys().EnableAuditWithOptions("integration_audit_disable", &api.EnableAuditOptions{ + if err := client.Sys().EnableAuditWithOptionsWithContext(context.Background(), "integration_audit_disable", &api.EnableAuditOptions{ Type: "file", Options: map[string]string{ "file_path": "discard", @@ -118,7 +119,7 @@ func TestAuditDisableCommand_Run(t *testing.T) { t.Errorf("expected %q to contain %q", combined, expected) } - mounts, err := client.Sys().ListMounts() + mounts, err := client.Sys().ListMountsWithContext(context.Background()) if err != nil { t.Fatal(err) } diff --git a/command/audit_enable_test.go b/command/audit_enable_test.go index 1f55703c27bf..b0526d5679ed 100644 --- a/command/audit_enable_test.go +++ b/command/audit_enable_test.go @@ -1,6 +1,7 @@ package command import ( + "context" "io/ioutil" "os" "strings" @@ -108,7 +109,7 @@ func TestAuditEnableCommand_Run(t *testing.T) { t.Errorf("expected %q to contain %q", combined, expected) } - audits, err := client.Sys().ListAudit() + audits, err := client.Sys().ListAuditWithContext(context.Background()) if err != nil { t.Fatal(err) } diff --git a/command/audit_list_test.go b/command/audit_list_test.go index 9cbb0af5eee3..3660f5275c6a 100644 --- a/command/audit_list_test.go +++ b/command/audit_list_test.go @@ -1,6 +1,7 @@ package command import ( + "context" "strings" "testing" @@ -57,7 +58,7 @@ func TestAuditListCommand_Run(t *testing.T) { client, closer := testVaultServer(t) defer closer() - if err := client.Sys().EnableAuditWithOptions("file", &api.EnableAuditOptions{ + if err := client.Sys().EnableAuditWithOptionsWithContext(context.Background(), "file", &api.EnableAuditOptions{ Type: "file", Options: map[string]string{ "file_path": "discard", diff --git a/command/auth_disable_test.go b/command/auth_disable_test.go index 51419b86637a..3b1ba9cc9dd9 100644 --- a/command/auth_disable_test.go +++ b/command/auth_disable_test.go @@ -1,6 +1,7 @@ package command import ( + "context" "strings" "testing" @@ -95,7 +96,7 @@ func TestAuthDisableCommand_Run(t *testing.T) { t.Errorf("expected %q to contain %q", combined, expected) } - auths, err := client.Sys().ListAuth() + auths, err := client.Sys().ListAuthWithContext(context.Background()) if err != nil { t.Fatal(err) } diff --git a/command/auth_enable_test.go b/command/auth_enable_test.go index 0cc125fc9756..a1574a4d22dc 100644 --- a/command/auth_enable_test.go +++ b/command/auth_enable_test.go @@ -1,6 +1,7 @@ package command import ( + "context" "io/ioutil" "strings" "testing" @@ -105,7 +106,7 @@ func TestAuthEnableCommand_Run(t *testing.T) { t.Errorf("expected %q to contain %q", combined, expected) } - auths, err := client.Sys().ListAuth() + auths, err := client.Sys().ListAuthWithContext(context.Background()) if err != nil { t.Fatal(err) } diff --git a/command/auth_move_test.go b/command/auth_move_test.go index 035938efe5aa..5143e086c5ea 100644 --- a/command/auth_move_test.go +++ b/command/auth_move_test.go @@ -1,6 +1,7 @@ package command import ( + "context" "strings" "testing" @@ -104,7 +105,7 @@ func TestAuthMoveCommand_Run(t *testing.T) { t.Errorf("expected %q to contain %q", combined, expected) } - mounts, err := client.Sys().ListAuth() + mounts, err := client.Sys().ListAuthWithContext(context.Background()) if err != nil { t.Fatal(err) } diff --git a/command/auth_tune_test.go b/command/auth_tune_test.go index 227330ea774e..b890877ad332 100644 --- a/command/auth_tune_test.go +++ b/command/auth_tune_test.go @@ -1,6 +1,7 @@ package command import ( + "context" "strings" "testing" @@ -109,7 +110,7 @@ func TestAuthTuneCommand_Run(t *testing.T) { t.Errorf("expected %q to contain %q", combined, expected) } - auths, err := client.Sys().ListAuth() + auths, err := client.Sys().ListAuthWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -175,7 +176,7 @@ func TestAuthTuneCommand_Run(t *testing.T) { t.Errorf("expected %q to contain %q", combined, expected) } - auths, err := client.Sys().ListAuth() + auths, err := client.Sys().ListAuthWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -218,7 +219,7 @@ func TestAuthTuneCommand_Run(t *testing.T) { t.Errorf("expected %q to contain %q", combined, expected) } - auths, err := client.Sys().ListAuth() + auths, err := client.Sys().ListAuthWithContext(context.Background()) if err != nil { t.Fatal(err) } diff --git a/command/base_predict_test.go b/command/base_predict_test.go index 12f364106f7a..65b08b99a04c 100644 --- a/command/base_predict_test.go +++ b/command/base_predict_test.go @@ -1,6 +1,7 @@ package command import ( + "context" "reflect" "testing" @@ -16,25 +17,25 @@ func TestPredictVaultPaths(t *testing.T) { defer closer() data := map[string]interface{}{"a": "b"} - if _, err := client.Logical().Write("secret/bar", data); err != nil { + if _, err := client.Logical().WriteWithContext(context.Background(), "secret/bar", data); err != nil { t.Fatal(err) } - if _, err := client.Logical().Write("secret/foo", data); err != nil { + if _, err := client.Logical().WriteWithContext(context.Background(), "secret/foo", data); err != nil { t.Fatal(err) } - if _, err := client.Logical().Write("secret/zip/zap", data); err != nil { + if _, err := client.Logical().WriteWithContext(context.Background(), "secret/zip/zap", data); err != nil { t.Fatal(err) } - if _, err := client.Logical().Write("secret/zip/zonk", data); err != nil { + if _, err := client.Logical().WriteWithContext(context.Background(), "secret/zip/zonk", data); err != nil { t.Fatal(err) } - if _, err := client.Logical().Write("secret/zip/twoot", data); err != nil { + if _, err := client.Logical().WriteWithContext(context.Background(), "secret/zip/twoot", data); err != nil { t.Fatal(err) } - if err := client.Sys().Mount("level1a/level2a/level3a", &api.MountInput{Type: "kv"}); err != nil { + if err := client.Sys().MountWithContext(context.Background(), "level1a/level2a/level3a", &api.MountInput{Type: "kv"}); err != nil { t.Fatal(err) } - if err := client.Sys().Mount("level1a/level2a/level3b", &api.MountInput{Type: "kv"}); err != nil { + if err := client.Sys().MountWithContext(context.Background(), "level1a/level2a/level3b", &api.MountInput{Type: "kv"}); err != nil { t.Fatal(err) } @@ -230,7 +231,7 @@ func TestPredict_Audits(t *testing.T) { badClient, badCloser := testVaultServerBad(t) defer badCloser() - if err := client.Sys().EnableAuditWithOptions("file", &api.EnableAuditOptions{ + if err := client.Sys().EnableAuditWithOptionsWithContext(context.Background(), "file", &api.EnableAuditOptions{ Type: "file", Options: map[string]string{ "file_path": "discard", @@ -495,13 +496,13 @@ func TestPredict_Paths(t *testing.T) { defer closer() data := map[string]interface{}{"a": "b"} - if _, err := client.Logical().Write("secret/bar", data); err != nil { + if _, err := client.Logical().WriteWithContext(context.Background(), "secret/bar", data); err != nil { t.Fatal(err) } - if _, err := client.Logical().Write("secret/foo", data); err != nil { + if _, err := client.Logical().WriteWithContext(context.Background(), "secret/foo", data); err != nil { t.Fatal(err) } - if _, err := client.Logical().Write("secret/zip/zap", data); err != nil { + if _, err := client.Logical().WriteWithContext(context.Background(), "secret/zip/zap", data); err != nil { t.Fatal(err) } @@ -571,10 +572,10 @@ func TestPredict_ListPaths(t *testing.T) { defer badCloser() data := map[string]interface{}{"a": "b"} - if _, err := client.Logical().Write("secret/bar", data); err != nil { + if _, err := client.Logical().WriteWithContext(context.Background(), "secret/bar", data); err != nil { t.Fatal(err) } - if _, err := client.Logical().Write("secret/foo", data); err != nil { + if _, err := client.Logical().WriteWithContext(context.Background(), "secret/foo", data); err != nil { t.Fatal(err) } diff --git a/command/command_test.go b/command/command_test.go index 8de036e40ffb..76ab22575156 100644 --- a/command/command_test.go +++ b/command/command_test.go @@ -236,7 +236,7 @@ func testVaultServerBad(tb testing.TB) (*api.Client, func()) { func testTokenAndAccessor(tb testing.TB, client *api.Client) (string, string) { tb.Helper() - secret, err := client.Auth().Token().Create(&api.TokenCreateRequest{ + secret, err := client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Policies: []string{"default"}, TTL: "30m", }) diff --git a/command/debug_test.go b/command/debug_test.go index a1489cec4bef..3c6ca4567c07 100644 --- a/command/debug_test.go +++ b/command/debug_test.go @@ -2,6 +2,7 @@ package command import ( "archive/tar" + "context" "encoding/json" "fmt" "io/ioutil" @@ -640,7 +641,7 @@ func TestDebugCommand_PartialPermissions(t *testing.T) { defer closer() // Create a new token with default policy - resp, err := client.Logical().Write("auth/token/create", map[string]interface{}{ + resp, err := client.Logical().WriteWithContext(context.Background(), "auth/token/create", map[string]interface{}{ "policies": "default", }) if err != nil { diff --git a/command/delete_test.go b/command/delete_test.go index e26d393b16fe..5cebe3c55cd9 100644 --- a/command/delete_test.go +++ b/command/delete_test.go @@ -1,6 +1,7 @@ package command import ( + "context" "strings" "testing" @@ -81,7 +82,7 @@ func TestDeleteCommand_Run(t *testing.T) { client, closer := testVaultServer(t) defer closer() - if _, err := client.Logical().Write("secret/delete/foo", map[string]interface{}{ + if _, err := client.Logical().WriteWithContext(context.Background(), "secret/delete/foo", map[string]interface{}{ "foo": "bar", }); err != nil { t.Fatal(err) @@ -103,7 +104,7 @@ func TestDeleteCommand_Run(t *testing.T) { t.Errorf("expected %q to contain %q", combined, expected) } - secret, _ := client.Logical().Read("secret/delete/foo") + secret, _ := client.Logical().ReadWithContext(context.Background(), "secret/delete/foo") if secret != nil { t.Errorf("expected deletion: %#v", secret) } diff --git a/command/kv_metadata_patch_test.go b/command/kv_metadata_patch_test.go index 40b74dc8d9ee..7c10d07fdc4b 100644 --- a/command/kv_metadata_patch_test.go +++ b/command/kv_metadata_patch_test.go @@ -1,6 +1,7 @@ package command import ( + "context" "encoding/json" "io" "strings" @@ -62,7 +63,7 @@ func TestKvMetadataPatchCommand_EmptyArgs(t *testing.T) { client, closer := testVaultServer(t) defer closer() - if err := client.Sys().Mount("kv/", &api.MountInput{ + if err := client.Sys().MountWithContext(context.Background(), "kv/", &api.MountInput{ Type: "kv-v2", }); err != nil { t.Fatalf("kv-v2 mount error: %#v", err) @@ -179,7 +180,7 @@ func TestKvMetadataPatchCommand_Flags(t *testing.T) { secretPath := basePath + "my-secret" metadataPath := basePath + "metadata/" + "my-secret" - if err := client.Sys().Mount(basePath, &api.MountInput{ + if err := client.Sys().MountWithContext(context.Background(), basePath, &api.MountInput{ Type: "kv-v2", }); err != nil { t.Fatalf("kv-v2 mount error: %#v", err) @@ -192,7 +193,7 @@ func TestKvMetadataPatchCommand_Flags(t *testing.T) { t.Fatalf("initial metadata put failed, code: %d, output: %s", code, combined) } - initialMetadata, err := client.Logical().Read(metadataPath) + initialMetadata, err := client.Logical().ReadWithContext(context.Background(), metadataPath) if err != nil { t.Fatalf("metadata read failed, err: %#v", err) } @@ -208,7 +209,7 @@ func TestKvMetadataPatchCommand_Flags(t *testing.T) { t.Fatalf("expected code to be %d but was %d for patch cmd with args %#v", tc.code, code, patchArgs) } - patchedMetadata, err := client.Logical().Read(metadataPath) + patchedMetadata, err := client.Logical().ReadWithContext(context.Background(), metadataPath) if err != nil { t.Fatalf("metadata read failed, err: %#v", err) } @@ -235,7 +236,7 @@ func TestKvMetadataPatchCommand_CasWarning(t *testing.T) { defer closer() basePath := "kv/" - if err := client.Sys().Mount(basePath, &api.MountInput{ + if err := client.Sys().MountWithContext(context.Background(), basePath, &api.MountInput{ Type: "kv-v2", }); err != nil { t.Fatalf("kv-v2 mount error: %#v", err) @@ -254,7 +255,7 @@ func TestKvMetadataPatchCommand_CasWarning(t *testing.T) { "cas_required": true, } - _, err := client.Logical().Write(basePath+"config", casConfig) + _, err := client.Logical().WriteWithContext(context.Background(), basePath+"config", casConfig) if err != nil { t.Fatalf("config write failed, err: #%v", err) } diff --git a/command/kv_metadata_put_test.go b/command/kv_metadata_put_test.go index a952802cc469..d726ad24fda2 100644 --- a/command/kv_metadata_put_test.go +++ b/command/kv_metadata_put_test.go @@ -1,6 +1,7 @@ package command import ( + "context" "encoding/json" "strings" "testing" @@ -26,7 +27,7 @@ func TestKvMetadataPutCommand_DeleteVersionAfter(t *testing.T) { defer closer() basePath := t.Name() + "/" - if err := client.Sys().Mount(basePath, &api.MountInput{ + if err := client.Sys().MountWithContext(context.Background(), basePath, &api.MountInput{ Type: "kv-v2", }); err != nil { t.Fatal(err) @@ -48,7 +49,7 @@ func TestKvMetadataPutCommand_DeleteVersionAfter(t *testing.T) { t.Fatalf("expected %q but received %q", success, combined) } - secret, err := client.Logical().Read(metaFullPath) + secret, err := client.Logical().ReadWithContext(context.Background(), metaFullPath) if err != nil { t.Fatal(err) } @@ -71,7 +72,7 @@ func TestKvMetadataPutCommand_DeleteVersionAfter(t *testing.T) { t.Errorf("expected %q but received %q", success, combined) } - secret, err = client.Logical().Read(metaFullPath) + secret, err = client.Logical().ReadWithContext(context.Background(), metaFullPath) if err != nil { t.Fatal(err) } @@ -87,7 +88,7 @@ func TestKvMetadataPutCommand_CustomMetadata(t *testing.T) { basePath := t.Name() + "/" secretPath := basePath + "secret/my-secret" - if err := client.Sys().Mount(basePath, &api.MountInput{ + if err := client.Sys().MountWithContext(context.Background(), basePath, &api.MountInput{ Type: "kv-v2", }); err != nil { t.Fatalf("kv-v2 mount error: %#v", err) @@ -110,7 +111,7 @@ func TestKvMetadataPutCommand_CustomMetadata(t *testing.T) { t.Fatalf("Expected command output %q but received %q", expectedOutput, commandOutput) } - metadata, err := client.Logical().Read(metaFullPath) + metadata, err := client.Logical().ReadWithContext(context.Background(), metaFullPath) if err != nil { t.Fatalf("Metadata read error: %#v", err) } @@ -141,7 +142,7 @@ func TestKvMetadataPutCommand_CustomMetadata(t *testing.T) { t.Fatalf("Expected command output %q but received %q", expectedOutput, commandOutput) } - metadata, err = client.Logical().Read(metaFullPath) + metadata, err = client.Logical().ReadWithContext(context.Background(), metaFullPath) if err != nil { t.Fatalf("Metadata read error: %#v", err) @@ -163,7 +164,7 @@ func TestKvMetadataPutCommand_UnprovidedFlags(t *testing.T) { basePath := t.Name() + "/" secretPath := basePath + "my-secret" - if err := client.Sys().Mount(basePath, &api.MountInput{ + if err := client.Sys().MountWithContext(context.Background(), basePath, &api.MountInput{ Type: "kv-v2", }); err != nil { t.Fatalf("kv-v2 mount error: %#v", err) @@ -186,7 +187,7 @@ func TestKvMetadataPutCommand_UnprovidedFlags(t *testing.T) { t.Fatalf("expected 0 exit status but received %d", code) } - secret, err := client.Logical().Read(basePath + "metadata/" + "my-secret") + secret, err := client.Logical().ReadWithContext(context.Background(), basePath+"metadata/"+"my-secret") if err != nil { t.Fatal(err) } diff --git a/command/kv_test.go b/command/kv_test.go index 74c97f798ee6..6c12ba77a5b0 100644 --- a/command/kv_test.go +++ b/command/kv_test.go @@ -1,6 +1,7 @@ package command import ( + "context" "fmt" "io" "strings" @@ -151,7 +152,7 @@ func TestKVPutCommand(t *testing.T) { client, closer := testVaultServer(t) defer closer() - if err := client.Sys().Mount("kv/", &api.MountInput{ + if err := client.Sys().MountWithContext(context.Background(), "kv/", &api.MountInput{ Type: "kv-v2", }); err != nil { t.Fatal(err) @@ -176,7 +177,7 @@ func TestKVPutCommand(t *testing.T) { client, closer := testVaultServer(t) defer closer() - if err := client.Sys().Mount("kv/", &api.MountInput{ + if err := client.Sys().MountWithContext(context.Background(), "kv/", &api.MountInput{ Type: "kv-v2", }); err != nil { t.Fatal(err) @@ -283,7 +284,7 @@ func TestKVPutCommand(t *testing.T) { t.Fatalf("expected 0 to be %d", code) } - secret, err := client.Logical().Read("secret/write/stdin_full") + secret, err := client.Logical().ReadWithContext(context.Background(), "secret/write/stdin_full") if err != nil { t.Fatal(err) } @@ -318,7 +319,7 @@ func TestKVPutCommand(t *testing.T) { t.Fatalf("expected 0 to be %d", code) } - secret, err := client.Logical().Read("secret/write/stdin_value") + secret, err := client.Logical().ReadWithContext(context.Background(), "secret/write/stdin_value") if err != nil { t.Fatal(err) } @@ -346,7 +347,7 @@ func TestKVPutCommand(t *testing.T) { t.Fatalf("expected 0 to be %d", code) } - secret, err := client.Logical().Read("secret/write/integration") + secret, err := client.Logical().ReadWithContext(context.Background(), "secret/write/integration") if err != nil { t.Fatal(err) } @@ -460,7 +461,7 @@ func TestKVGetCommand(t *testing.T) { client, closer := testVaultServer(t) defer closer() - if err := client.Sys().Mount("kv/", &api.MountInput{ + if err := client.Sys().MountWithContext(context.Background(), "kv/", &api.MountInput{ Type: "kv-v2", }); err != nil { t.Fatal(err) @@ -469,13 +470,13 @@ func TestKVGetCommand(t *testing.T) { // Give time for the upgrade code to run/finish time.Sleep(time.Second) - if _, err := client.Logical().Write("secret/read/foo", map[string]interface{}{ + if _, err := client.Logical().WriteWithContext(context.Background(), "secret/read/foo", map[string]interface{}{ "foo": "bar", }); err != nil { t.Fatal(err) } - if _, err := client.Logical().Write("kv/data/read/foo", map[string]interface{}{ + if _, err := client.Logical().WriteWithContext(context.Background(), "kv/data/read/foo", map[string]interface{}{ "data": map[string]interface{}{ "foo": "bar", }, @@ -579,7 +580,7 @@ func TestKVMetadataGetCommand(t *testing.T) { client, closer := testVaultServer(t) defer closer() - if err := client.Sys().Mount("kv/", &api.MountInput{ + if err := client.Sys().MountWithContext(context.Background(), "kv/", &api.MountInput{ Type: "kv-v2", }); err != nil { t.Fatal(err) @@ -588,7 +589,7 @@ func TestKVMetadataGetCommand(t *testing.T) { // Give time for the upgrade code to run/finish time.Sleep(time.Second) - if _, err := client.Logical().Write("kv/data/foo", map[string]interface{}{ + if _, err := client.Logical().WriteWithContext(context.Background(), "kv/data/foo", map[string]interface{}{ "data": map[string]interface{}{ "foo": "bar", }, @@ -669,7 +670,7 @@ func TestKVPatchCommand_ArgValidation(t *testing.T) { client, closer := testVaultServer(t) defer closer() - if err := client.Sys().Mount("kv/", &api.MountInput{ + if err := client.Sys().MountWithContext(context.Background(), "kv/", &api.MountInput{ Type: "kv-v2", }); err != nil { t.Fatalf("kv-v2 mount attempt failed - err: %#v\n", err) @@ -705,13 +706,13 @@ func TestKvPatchCommand_StdinFull(t *testing.T) { client, closer := testVaultServer(t) defer closer() - if err := client.Sys().Mount("kv/", &api.MountInput{ + if err := client.Sys().MountWithContext(context.Background(), "kv/", &api.MountInput{ Type: "kv-v2", }); err != nil { t.Fatalf("kv-v2 mount attempt failed - err: %#v\n", err) } - if _, err := client.Logical().Write("kv/data/patch/foo", map[string]interface{}{ + if _, err := client.Logical().WriteWithContext(context.Background(), "kv/data/patch/foo", map[string]interface{}{ "data": map[string]interface{}{ "foo": "a", }, @@ -738,7 +739,7 @@ func TestKvPatchCommand_StdinFull(t *testing.T) { t.Fatalf("expected code to be 0 but was %d for patch cmd with args %#v\n", code, args) } - secret, err := client.Logical().Read("kv/data/patch/foo") + secret, err := client.Logical().ReadWithContext(context.Background(), "kv/data/patch/foo") if err != nil { t.Fatalf("read failed, err: %#v\n", err) } @@ -768,13 +769,13 @@ func TestKvPatchCommand_StdinValue(t *testing.T) { client, closer := testVaultServer(t) defer closer() - if err := client.Sys().Mount("kv/", &api.MountInput{ + if err := client.Sys().MountWithContext(context.Background(), "kv/", &api.MountInput{ Type: "kv-v2", }); err != nil { t.Fatalf("kv-v2 mount attempt failed - err: %#v\n", err) } - if _, err := client.Logical().Write("kv/data/patch/foo", map[string]interface{}{ + if _, err := client.Logical().WriteWithContext(context.Background(), "kv/data/patch/foo", map[string]interface{}{ "data": map[string]interface{}{ "foo": "a", }, @@ -800,7 +801,7 @@ func TestKvPatchCommand_StdinValue(t *testing.T) { } } - secret, err := client.Logical().Read("kv/data/patch/foo") + secret, err := client.Logical().ReadWithContext(context.Background(), "kv/data/patch/foo") if err != nil { t.Fatalf("read failed, err: %#v\n", err) } @@ -826,7 +827,7 @@ func TestKVPatchCommand_RWMethodNotExists(t *testing.T) { client, closer := testVaultServer(t) defer closer() - if err := client.Sys().Mount("kv/", &api.MountInput{ + if err := client.Sys().MountWithContext(context.Background(), "kv/", &api.MountInput{ Type: "kv-v2", }); err != nil { t.Fatalf("kv-v2 mount attempt failed - err: %#v\n", err) @@ -849,13 +850,13 @@ func TestKVPatchCommand_RWMethodSucceeds(t *testing.T) { client, closer := testVaultServer(t) defer closer() - if err := client.Sys().Mount("kv/", &api.MountInput{ + if err := client.Sys().MountWithContext(context.Background(), "kv/", &api.MountInput{ Type: "kv-v2", }); err != nil { t.Fatalf("kv-v2 mount attempt failed - err: %#v\n", err) } - if _, err := client.Logical().Write("kv/data/patch/foo", map[string]interface{}{ + if _, err := client.Logical().WriteWithContext(context.Background(), "kv/data/patch/foo", map[string]interface{}{ "data": map[string]interface{}{ "foo": "a", "bar": "b", @@ -933,7 +934,7 @@ func TestKVPatchCommand_CAS(t *testing.T) { client, closer := testVaultServer(t) defer closer() - if err := client.Sys().Mount("kv/", &api.MountInput{ + if err := client.Sys().MountWithContext(context.Background(), "kv/", &api.MountInput{ Type: "kv-v2", }); err != nil { t.Fatalf("kv-v2 mount attempt failed - err: %#v\n", err) @@ -953,7 +954,7 @@ func TestKVPatchCommand_CAS(t *testing.T) { kvClient.SetToken(secretAuth.ClientToken) - _, err = kvClient.Logical().Write("kv/data/foo", map[string]interface{}{"data": map[string]interface{}{"bar": "baz"}}) + _, err = kvClient.Logical().WriteWithContext(context.Background(), "kv/data/foo", map[string]interface{}{"data": map[string]interface{}{"bar": "baz"}}) if err != nil { t.Fatal(err) } @@ -970,7 +971,7 @@ func TestKVPatchCommand_CAS(t *testing.T) { } } - secret, err := kvClient.Logical().Read("kv/data/foo") + secret, err := kvClient.Logical().ReadWithContext(context.Background(), "kv/data/foo") if err != nil { t.Fatal(err) } @@ -1012,7 +1013,7 @@ func TestKVPatchCommand_Methods(t *testing.T) { client, closer := testVaultServer(t) defer closer() - if err := client.Sys().Mount("kv/", &api.MountInput{ + if err := client.Sys().MountWithContext(context.Background(), "kv/", &api.MountInput{ Type: "kv-v2", }); err != nil { t.Fatalf("kv-v2 mount attempt failed - err: %#v\n", err) @@ -1032,7 +1033,7 @@ func TestKVPatchCommand_Methods(t *testing.T) { kvClient.SetToken(secretAuth.ClientToken) - _, err = kvClient.Logical().Write("kv/data/foo", map[string]interface{}{"data": map[string]interface{}{"bar": "baz"}}) + _, err = kvClient.Logical().WriteWithContext(context.Background(), "kv/data/foo", map[string]interface{}{"data": map[string]interface{}{"bar": "baz"}}) if err != nil { t.Fatal(err) } @@ -1043,7 +1044,7 @@ func TestKVPatchCommand_Methods(t *testing.T) { t.Fatalf("expected code to be %d but was %d", tc.code, code) } - secret, err := kvClient.Logical().Read("kv/data/foo") + secret, err := kvClient.Logical().ReadWithContext(context.Background(), "kv/data/foo") if err != nil { t.Fatal(err) } @@ -1086,7 +1087,7 @@ func TestKVPatchCommand_403Fallback(t *testing.T) { client, closer := testVaultServer(t) defer closer() - if err := client.Sys().Mount("kv/", &api.MountInput{ + if err := client.Sys().MountWithContext(context.Background(), "kv/", &api.MountInput{ Type: "kv-v2", }); err != nil { t.Fatalf("kv-v2 mount attempt failed - err: %#v\n", err) @@ -1107,7 +1108,7 @@ func TestKVPatchCommand_403Fallback(t *testing.T) { kvClient.SetToken(secretAuth.ClientToken) // Write a value then attempt to patch it - _, err = kvClient.Logical().Write("kv/data/foo", map[string]interface{}{"data": map[string]interface{}{"bar": "baz"}}) + _, err = kvClient.Logical().WriteWithContext(context.Background(), "kv/data/foo", map[string]interface{}{"data": map[string]interface{}{"bar": "baz"}}) if err != nil { t.Fatal(err) } @@ -1167,7 +1168,7 @@ func TestKVPatchCommand_RWMethodPolicyVariations(t *testing.T) { client, closer := testVaultServer(t) defer closer() - if err := client.Sys().Mount("kv/", &api.MountInput{ + if err := client.Sys().MountWithContext(context.Background(), "kv/", &api.MountInput{ Type: "kv-v2", }); err != nil { t.Fatalf("kv-v2 mount attempt failed - err: %#v\n", err) @@ -1180,7 +1181,7 @@ func TestKVPatchCommand_RWMethodPolicyVariations(t *testing.T) { client.SetToken(secretAuth.ClientToken) - if _, err := client.Logical().Write("kv/data/foo", map[string]interface{}{ + if _, err := client.Logical().WriteWithContext(context.Background(), "kv/data/foo", map[string]interface{}{ "data": map[string]interface{}{ "foo": "bar", "bar": "baz", @@ -1254,11 +1255,11 @@ func TestPadEqualSigns(t *testing.T) { func createTokenForPolicy(t *testing.T, client *api.Client, policy string) (*api.SecretAuth, error) { t.Helper() - if err := client.Sys().PutPolicy("policy", policy); err != nil { + if err := client.Sys().PutPolicyWithContext(context.Background(), "policy", policy); err != nil { return nil, err } - secret, err := client.Auth().Token().Create(&api.TokenCreateRequest{ + secret, err := client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Policies: []string{"policy"}, TTL: "30m", }) diff --git a/command/lease_lookup_test.go b/command/lease_lookup_test.go index 4de63200f5ce..f43405ef27b9 100644 --- a/command/lease_lookup_test.go +++ b/command/lease_lookup_test.go @@ -1,6 +1,7 @@ package command import ( + "context" "strings" "testing" @@ -22,13 +23,13 @@ func testLeaseLookupCommand(tb testing.TB) (*cli.MockUi, *LeaseLookupCommand) { // testLeaseLookupCommandMountAndLease mounts a leased secret backend and returns // the leaseID of an item. func testLeaseLookupCommandMountAndLease(tb testing.TB, client *api.Client) string { - if err := client.Sys().Mount("testing", &api.MountInput{ + if err := client.Sys().MountWithContext(context.Background(), "testing", &api.MountInput{ Type: "generic-leased", }); err != nil { tb.Fatal(err) } - if _, err := client.Logical().Write("testing/foo", map[string]interface{}{ + if _, err := client.Logical().WriteWithContext(context.Background(), "testing/foo", map[string]interface{}{ "key": "value", "lease": "5m", }); err != nil { @@ -36,7 +37,7 @@ func testLeaseLookupCommandMountAndLease(tb testing.TB, client *api.Client) stri } // Read the secret back to get the leaseID - secret, err := client.Logical().Read("testing/foo") + secret, err := client.Logical().ReadWithContext(context.Background(), "testing/foo") if err != nil { tb.Fatal(err) } diff --git a/command/lease_renew_test.go b/command/lease_renew_test.go index aa3b32d0d8b3..fbbd700ae80e 100644 --- a/command/lease_renew_test.go +++ b/command/lease_renew_test.go @@ -1,6 +1,7 @@ package command import ( + "context" "strings" "testing" @@ -22,13 +23,13 @@ func testLeaseRenewCommand(tb testing.TB) (*cli.MockUi, *LeaseRenewCommand) { // testLeaseRenewCommandMountAndLease mounts a leased secret backend and returns // the leaseID of an item. func testLeaseRenewCommandMountAndLease(tb testing.TB, client *api.Client) string { - if err := client.Sys().Mount("testing", &api.MountInput{ + if err := client.Sys().MountWithContext(context.Background(), "testing", &api.MountInput{ Type: "generic-leased", }); err != nil { tb.Fatal(err) } - if _, err := client.Logical().Write("testing/foo", map[string]interface{}{ + if _, err := client.Logical().WriteWithContext(context.Background(), "testing/foo", map[string]interface{}{ "key": "value", "lease": "5m", }); err != nil { @@ -36,7 +37,7 @@ func testLeaseRenewCommandMountAndLease(tb testing.TB, client *api.Client) strin } // Read the secret back to get the leaseID - secret, err := client.Logical().Read("testing/foo") + secret, err := client.Logical().ReadWithContext(context.Background(), "testing/foo") if err != nil { tb.Fatal(err) } diff --git a/command/lease_revoke_test.go b/command/lease_revoke_test.go index 1aa58c38ac76..0c544c7b4337 100644 --- a/command/lease_revoke_test.go +++ b/command/lease_revoke_test.go @@ -1,6 +1,7 @@ package command import ( + "context" "strings" "testing" @@ -78,7 +79,7 @@ func TestLeaseRevokeCommand_Run(t *testing.T) { client, closer := testVaultServer(t) defer closer() - if err := client.Sys().Mount("secret-leased", &api.MountInput{ + if err := client.Sys().MountWithContext(context.Background(), "secret-leased", &api.MountInput{ Type: "generic-leased", }); err != nil { t.Fatal(err) @@ -89,10 +90,10 @@ func TestLeaseRevokeCommand_Run(t *testing.T) { "key": "value", "lease": "1m", } - if _, err := client.Logical().Write(path, data); err != nil { + if _, err := client.Logical().WriteWithContext(context.Background(), path, data); err != nil { t.Fatal(err) } - secret, err := client.Logical().Read(path) + secret, err := client.Logical().ReadWithContext(context.Background(), path) if err != nil { t.Fatal(err) } diff --git a/command/list_test.go b/command/list_test.go index b1b6680507f1..fa36b3aedd53 100644 --- a/command/list_test.go +++ b/command/list_test.go @@ -1,6 +1,7 @@ package command import ( + "context" "strings" "testing" @@ -77,7 +78,7 @@ func TestListCommand_Run(t *testing.T) { "secret/list/baz", } for _, k := range keys { - if _, err := client.Logical().Write(k, map[string]interface{}{ + if _, err := client.Logical().WriteWithContext(context.Background(), k, map[string]interface{}{ "foo": "bar", }); err != nil { t.Fatal(err) diff --git a/command/login_test.go b/command/login_test.go index aefdd2585190..d6a247318784 100644 --- a/command/login_test.go +++ b/command/login_test.go @@ -1,6 +1,7 @@ package command import ( + "context" "strings" "testing" @@ -48,7 +49,7 @@ func TestLoginCommand_Run(t *testing.T) { if err := client.Sys().EnableAuth("my-auth", "userpass", ""); err != nil { t.Fatal(err) } - if _, err := client.Logical().Write("auth/my-auth/users/test", map[string]interface{}{ + if _, err := client.Logical().WriteWithContext(context.Background(), "auth/my-auth/users/test", map[string]interface{}{ "password": "test", "policies": "default", }); err != nil { @@ -98,7 +99,7 @@ func TestLoginCommand_Run(t *testing.T) { client, closer := testVaultServer(t) defer closer() - secret, err := client.Auth().Token().Create(&api.TokenCreateRequest{ + secret, err := client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Policies: []string{"default"}, TTL: "30m", }) @@ -144,7 +145,7 @@ func TestLoginCommand_Run(t *testing.T) { client, closer := testVaultServer(t) defer closer() - secret, err := client.Auth().Token().Create(&api.TokenCreateRequest{ + secret, err := client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Policies: []string{"default"}, TTL: "30m", }) @@ -187,7 +188,7 @@ func TestLoginCommand_Run(t *testing.T) { if err := client.Sys().EnableAuth("userpass", "userpass", ""); err != nil { t.Fatal(err) } - if _, err := client.Logical().Write("auth/userpass/users/test", map[string]interface{}{ + if _, err := client.Logical().WriteWithContext(context.Background(), "auth/userpass/users/test", map[string]interface{}{ "password": "test", "policies": "default", }); err != nil { @@ -265,7 +266,7 @@ func TestLoginCommand_Run(t *testing.T) { if err := client.Sys().EnableAuth("userpass", "userpass", ""); err != nil { t.Fatal(err) } - if _, err := client.Logical().Write("auth/userpass/users/test", map[string]interface{}{ + if _, err := client.Logical().WriteWithContext(context.Background(), "auth/userpass/users/test", map[string]interface{}{ "password": "test", "policies": "default", }); err != nil { @@ -302,7 +303,7 @@ func TestLoginCommand_Run(t *testing.T) { client.SetToken(token) // Ensure the resulting token is unwrapped - secret, err := client.Auth().Token().LookupSelf() + secret, err := client.Auth().Token().LookupSelfWithContext(context.Background()) if err != nil { t.Error(err) } @@ -324,7 +325,7 @@ func TestLoginCommand_Run(t *testing.T) { if err := client.Sys().EnableAuth("userpass", "userpass", ""); err != nil { t.Fatal(err) } - if _, err := client.Logical().Write("auth/userpass/users/test", map[string]interface{}{ + if _, err := client.Logical().WriteWithContext(context.Background(), "auth/userpass/users/test", map[string]interface{}{ "password": "test", "policies": "default", }); err != nil { @@ -367,7 +368,7 @@ func TestLoginCommand_Run(t *testing.T) { // Ensure the resulting token is, in fact, still wrapped. client.SetToken(token) - secret, err := client.Logical().Unwrap("") + secret, err := client.Logical().UnwrapWithContext(context.Background(), "") if err != nil { t.Error(err) } @@ -385,7 +386,7 @@ func TestLoginCommand_Run(t *testing.T) { if err := client.Sys().EnableAuth("userpass", "userpass", ""); err != nil { t.Fatal(err) } - if _, err := client.Logical().Write("auth/userpass/users/test", map[string]interface{}{ + if _, err := client.Logical().WriteWithContext(context.Background(), "auth/userpass/users/test", map[string]interface{}{ "password": "test", "policies": "default", }); err != nil { diff --git a/command/operator_generate_root_test.go b/command/operator_generate_root_test.go index b4489718efbe..fadd7560623e 100644 --- a/command/operator_generate_root_test.go +++ b/command/operator_generate_root_test.go @@ -3,6 +3,7 @@ package command import ( + "context" "encoding/base64" "io" "os" @@ -255,7 +256,7 @@ func TestOperatorGenerateRootCommand_Run(t *testing.T) { defer closer() // Initialize a generation - if _, err := client.Sys().GenerateRootInit("", ""); err != nil { + if _, err := client.Sys().GenerateRootInitWithContext(context.Background(), "", ""); err != nil { t.Fatal(err) } @@ -275,7 +276,7 @@ func TestOperatorGenerateRootCommand_Run(t *testing.T) { t.Errorf("expected %q to contain %q", combined, expected) } - status, err := client.Sys().GenerateRootStatus() + status, err := client.Sys().GenerateRootStatusWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -307,7 +308,7 @@ func TestOperatorGenerateRootCommand_Run(t *testing.T) { t.Errorf("expected %q to contain %q", combined, expected) } - status, err := client.Sys().GenerateRootStatus() + status, err := client.Sys().GenerateRootStatusWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -343,7 +344,7 @@ func TestOperatorGenerateRootCommand_Run(t *testing.T) { t.Errorf("expected %q to contain %q", combined, expected) } - status, err := client.Sys().GenerateRootStatus() + status, err := client.Sys().GenerateRootStatusWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -386,7 +387,7 @@ func TestOperatorGenerateRootCommand_Run(t *testing.T) { defer closer() // Initialize a generation - status, err := client.Sys().GenerateRootInit("", "") + status, err := client.Sys().GenerateRootInitWithContext(context.Background(), "", "") if err != nil { t.Fatal(err) } @@ -447,7 +448,7 @@ func TestOperatorGenerateRootCommand_Run(t *testing.T) { defer closer() // Initialize a generation - status, err := client.Sys().GenerateRootInit("", "") + status, err := client.Sys().GenerateRootInitWithContext(context.Background(), "", "") if err != nil { t.Fatal(err) } diff --git a/command/operator_init_test.go b/command/operator_init_test.go index 491d623a1473..7e1466a8743a 100644 --- a/command/operator_init_test.go +++ b/command/operator_init_test.go @@ -3,6 +3,7 @@ package command import ( + "context" "fmt" "os" "regexp" @@ -143,7 +144,7 @@ func TestOperatorInitCommand_Run(t *testing.T) { } // Now init to verify the init response code - if _, err := client.Sys().Init(&api.InitRequest{ + if _, err := client.Sys().InitWithContext(context.Background(), &api.InitRequest{ SecretShares: 1, SecretThreshold: 1, }); err != nil { @@ -175,7 +176,7 @@ func TestOperatorInitCommand_Run(t *testing.T) { t.Errorf("expected %d to be %d: %s", code, exp, ui.ErrorWriter.String()) } - init, err := client.Sys().InitStatus() + init, err := client.Sys().InitStatusWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -198,7 +199,7 @@ func TestOperatorInitCommand_Run(t *testing.T) { // Try unsealing with those keys - only use 3, which is the default // threshold. for i, key := range keys[:3] { - resp, err := client.Sys().Unseal(key) + resp, err := client.Sys().UnsealWithContext(context.Background(), key) if err != nil { t.Fatal(err) } @@ -209,7 +210,7 @@ func TestOperatorInitCommand_Run(t *testing.T) { } } - status, err := client.Sys().SealStatus() + status, err := client.Sys().SealStatusWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -237,7 +238,7 @@ func TestOperatorInitCommand_Run(t *testing.T) { t.Errorf("expected %d to be %d: %s", code, exp, ui.ErrorWriter.String()) } - init, err := client.Sys().InitStatus() + init, err := client.Sys().InitStatusWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -260,7 +261,7 @@ func TestOperatorInitCommand_Run(t *testing.T) { // Try unsealing with those keys - only use 3, which is the default // threshold. for i, key := range keys[:keyThreshold] { - resp, err := client.Sys().Unseal(key) + resp, err := client.Sys().UnsealWithContext(context.Background(), key) if err != nil { t.Fatal(err) } @@ -271,7 +272,7 @@ func TestOperatorInitCommand_Run(t *testing.T) { } } - status, err := client.Sys().SealStatus() + status, err := client.Sys().SealStatusWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -320,7 +321,7 @@ func TestOperatorInitCommand_Run(t *testing.T) { // Try unsealing with one key decryptedKey := testPGPDecrypt(t, pgpkeys.TestPrivKey1, keys[0]) - if _, err := client.Sys().Unseal(decryptedKey); err != nil { + if _, err := client.Sys().UnsealWithContext(context.Background(), decryptedKey); err != nil { t.Fatal(err) } diff --git a/command/operator_rekey_test.go b/command/operator_rekey_test.go index 31617e5ac4bc..6ba2a4049be3 100644 --- a/command/operator_rekey_test.go +++ b/command/operator_rekey_test.go @@ -3,6 +3,7 @@ package command import ( + "context" "io" "reflect" "regexp" @@ -117,7 +118,7 @@ func TestOperatorRekeyCommand_Run(t *testing.T) { } // Now init to verify the init response - if _, err := client.Sys().RekeyInit(&api.RekeyInitRequest{ + if _, err := client.Sys().RekeyInitWithContext(context.Background(), &api.RekeyInitRequest{ SecretShares: 1, SecretThreshold: 1, }); err != nil { @@ -148,7 +149,7 @@ func TestOperatorRekeyCommand_Run(t *testing.T) { defer closer() // Initialize a rekey - if _, err := client.Sys().RekeyInit(&api.RekeyInitRequest{ + if _, err := client.Sys().RekeyInitWithContext(context.Background(), &api.RekeyInitRequest{ SecretShares: 1, SecretThreshold: 1, }); err != nil { @@ -171,7 +172,7 @@ func TestOperatorRekeyCommand_Run(t *testing.T) { t.Errorf("expected %q to contain %q", combined, expected) } - status, err := client.Sys().GenerateRootStatus() + status, err := client.Sys().GenerateRootStatusWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -205,7 +206,7 @@ func TestOperatorRekeyCommand_Run(t *testing.T) { t.Errorf("expected %q to contain %q", combined, expected) } - status, err := client.Sys().RekeyStatus() + status, err := client.Sys().RekeyStatusWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -242,7 +243,7 @@ func TestOperatorRekeyCommand_Run(t *testing.T) { t.Errorf("expected %q to contain %q", combined, expected) } - status, err := client.Sys().RekeyStatus() + status, err := client.Sys().RekeyStatusWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -261,7 +262,7 @@ func TestOperatorRekeyCommand_Run(t *testing.T) { defer closer() // Initialize a rekey - status, err := client.Sys().RekeyInit(&api.RekeyInitRequest{ + status, err := client.Sys().RekeyInitWithContext(context.Background(), &api.RekeyInitRequest{ SecretShares: 1, SecretThreshold: 1, }) @@ -307,7 +308,7 @@ func TestOperatorRekeyCommand_Run(t *testing.T) { if err := client.Sys().Seal(); err != nil { t.Fatal(err) } - sealStatus, err := client.Sys().Unseal(unsealKey) + sealStatus, err := client.Sys().UnsealWithContext(context.Background(), unsealKey) if err != nil { t.Fatal(err) } @@ -323,7 +324,7 @@ func TestOperatorRekeyCommand_Run(t *testing.T) { defer closer() // Initialize a rekey - status, err := client.Sys().RekeyInit(&api.RekeyInitRequest{ + status, err := client.Sys().RekeyInitWithContext(context.Background(), &api.RekeyInitRequest{ SecretShares: 1, SecretThreshold: 1, }) @@ -383,7 +384,7 @@ func TestOperatorRekeyCommand_Run(t *testing.T) { if err := client.Sys().Seal(); err != nil { t.Fatal(err) } - sealStatus, err := client.Sys().Unseal(unsealKey) + sealStatus, err := client.Sys().UnsealWithContext(context.Background(), unsealKey) if err != nil { t.Fatal(err) } @@ -416,7 +417,7 @@ func TestOperatorRekeyCommand_Run(t *testing.T) { } // Get the status for the nonce - status, err := client.Sys().RekeyStatus() + status, err := client.Sys().RekeyStatusWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -479,7 +480,7 @@ func TestOperatorRekeyCommand_Run(t *testing.T) { t.Errorf("expected %d to be %d: %s", code, exp, ui.ErrorWriter.String()) } - secret, err := client.Sys().RekeyRetrieveBackup() + secret, err := client.Sys().RekeyRetrieveBackupWithContext(context.Background()) if err == nil { t.Errorf("expected error: %#v", secret) } diff --git a/command/operator_seal_test.go b/command/operator_seal_test.go index 86722d2e84dd..7557b0b8ee29 100644 --- a/command/operator_seal_test.go +++ b/command/operator_seal_test.go @@ -1,6 +1,7 @@ package command import ( + "context" "strings" "testing" @@ -83,7 +84,7 @@ func TestOperatorSealCommand_Run(t *testing.T) { t.Errorf("expected %q to contain %q", combined, expected) } - sealStatus, err := client.Sys().SealStatus() + sealStatus, err := client.Sys().SealStatusWithContext(context.Background()) if err != nil { t.Fatal(err) } diff --git a/command/operator_unseal_test.go b/command/operator_unseal_test.go index 06d618cacf72..a633721034fe 100644 --- a/command/operator_unseal_test.go +++ b/command/operator_unseal_test.go @@ -2,6 +2,7 @@ package command import ( "bytes" + "context" "encoding/json" "io/ioutil" "os" @@ -59,7 +60,7 @@ func TestOperatorUnsealCommand_Run(t *testing.T) { } // Enter an unseal key - if _, err := client.Sys().Unseal(keys[0]); err != nil { + if _, err := client.Sys().UnsealWithContext(context.Background(), keys[0]); err != nil { t.Fatal(err) } @@ -106,7 +107,7 @@ func TestOperatorUnsealCommand_Run(t *testing.T) { } } - status, err := client.Sys().SealStatus() + status, err := client.Sys().SealStatusWithContext(context.Background()) if err != nil { t.Fatal(err) } diff --git a/command/path_map_upgrade_api_test.go b/command/path_map_upgrade_api_test.go index 57c1f773405a..83cb18f4f4cd 100644 --- a/command/path_map_upgrade_api_test.go +++ b/command/path_map_upgrade_api_test.go @@ -1,6 +1,7 @@ package command import ( + "context" "testing" log "github.com/hashicorp/go-hclog" @@ -45,7 +46,7 @@ func TestPathMap_Upgrade_API(t *testing.T) { } // Create an app-id - _, err = client.Logical().Write("auth/app-id/map/app-id/test-app-id", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/app-id/map/app-id/test-app-id", map[string]interface{}{ "policy": "test-policy", }) if err != nil { @@ -53,7 +54,7 @@ func TestPathMap_Upgrade_API(t *testing.T) { } // Create a user-id - _, err = client.Logical().Write("auth/app-id/map/user-id/test-user-id", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/app-id/map/user-id/test-user-id", map[string]interface{}{ "value": "test-app-id", }) if err != nil { @@ -61,7 +62,7 @@ func TestPathMap_Upgrade_API(t *testing.T) { } // Perform a login. It should succeed. - _, err = client.Logical().Write("auth/app-id/login", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/app-id/login", map[string]interface{}{ "app_id": "test-app-id", "user_id": "test-user-id", }) @@ -70,20 +71,20 @@ func TestPathMap_Upgrade_API(t *testing.T) { } // List the hashed app-ids in the storage - secret, err := client.Logical().List("auth/app-id/map/app-id") + secret, err := client.Logical().ListWithContext(context.Background(), "auth/app-id/map/app-id") if err != nil { t.Fatal(err) } hashedAppID := secret.Data["keys"].([]interface{})[0].(string) // Try reading it. This used to cause an issue which is fixed in [GH-3806]. - _, err = client.Logical().Read("auth/app-id/map/app-id/" + hashedAppID) + _, err = client.Logical().ReadWithContext(context.Background(), "auth/app-id/map/app-id/"+hashedAppID) if err != nil { t.Fatal(err) } // Ensure that there was no issue by performing another login - _, err = client.Logical().Write("auth/app-id/login", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/app-id/login", map[string]interface{}{ "app_id": "test-app-id", "user_id": "test-user-id", }) diff --git a/command/plugin_deregister_test.go b/command/plugin_deregister_test.go index 9696c2f33c66..b8d0fa2d19e0 100644 --- a/command/plugin_deregister_test.go +++ b/command/plugin_deregister_test.go @@ -1,6 +1,7 @@ package command import ( + "context" "strings" "testing" @@ -88,7 +89,7 @@ func TestPluginDeregisterCommand_Run(t *testing.T) { ui, cmd := testPluginDeregisterCommand(t) cmd.client = client - if err := client.Sys().RegisterPlugin(&api.RegisterPluginInput{ + if err := client.Sys().RegisterPluginWithContext(context.Background(), &api.RegisterPluginInput{ Name: pluginName, Type: consts.PluginTypeCredential, Command: pluginName, @@ -111,7 +112,7 @@ func TestPluginDeregisterCommand_Run(t *testing.T) { t.Errorf("expected %q to contain %q", combined, expected) } - resp, err := client.Sys().ListPlugins(&api.ListPluginsInput{ + resp, err := client.Sys().ListPluginsWithContext(context.Background(), &api.ListPluginsInput{ Type: consts.PluginTypeCredential, }) if err != nil { diff --git a/command/plugin_register_test.go b/command/plugin_register_test.go index 05b358e6f478..c58df9a5a9a5 100644 --- a/command/plugin_register_test.go +++ b/command/plugin_register_test.go @@ -1,6 +1,7 @@ package command import ( + "context" "strings" "testing" @@ -103,7 +104,7 @@ func TestPluginRegisterCommand_Run(t *testing.T) { t.Errorf("expected %q to contain %q", combined, expected) } - resp, err := client.Sys().ListPlugins(&api.ListPluginsInput{ + resp, err := client.Sys().ListPluginsWithContext(context.Background(), &api.ListPluginsInput{ Type: consts.PluginTypeCredential, }) if err != nil { diff --git a/command/plugin_reload_test.go b/command/plugin_reload_test.go index 99b0c03c7f6e..3ccc997e79fc 100644 --- a/command/plugin_reload_test.go +++ b/command/plugin_reload_test.go @@ -1,6 +1,7 @@ package command import ( + "context" "strings" "testing" @@ -94,7 +95,7 @@ func TestPluginReloadCommand_Run(t *testing.T) { ui, cmd := testPluginReloadCommand(t) cmd.client = client - if err := client.Sys().RegisterPlugin(&api.RegisterPluginInput{ + if err := client.Sys().RegisterPluginWithContext(context.Background(), &api.RegisterPluginInput{ Name: pluginName, Type: consts.PluginTypeCredential, Command: pluginName, diff --git a/command/plugin_test.go b/command/plugin_test.go index 786abdb52f4e..6a0a97770808 100644 --- a/command/plugin_test.go +++ b/command/plugin_test.go @@ -1,6 +1,7 @@ package command import ( + "context" "crypto/sha256" "fmt" "io" @@ -67,7 +68,7 @@ func testPluginCreateAndRegister(tb testing.TB, client *api.Client, dir, name st pth, sha256Sum := testPluginCreate(tb, dir, name) - if err := client.Sys().RegisterPlugin(&api.RegisterPluginInput{ + if err := client.Sys().RegisterPluginWithContext(context.Background(), &api.RegisterPluginInput{ Name: name, Type: pluginType, Command: name, diff --git a/command/policy_delete_test.go b/command/policy_delete_test.go index 2c822de9d4fd..d8b84654b07a 100644 --- a/command/policy_delete_test.go +++ b/command/policy_delete_test.go @@ -1,6 +1,7 @@ package command import ( + "context" "reflect" "strings" "testing" @@ -77,7 +78,7 @@ func TestPolicyDeleteCommand_Run(t *testing.T) { defer closer() policy := `path "secret/" {}` - if err := client.Sys().PutPolicy("my-policy", policy); err != nil { + if err := client.Sys().PutPolicyWithContext(context.Background(), "my-policy", policy); err != nil { t.Fatal(err) } @@ -97,7 +98,7 @@ func TestPolicyDeleteCommand_Run(t *testing.T) { t.Errorf("expected %q to contain %q", combined, expected) } - policies, err := client.Sys().ListPolicies() + policies, err := client.Sys().ListPoliciesWithContext(context.Background()) if err != nil { t.Fatal(err) } diff --git a/command/policy_read_test.go b/command/policy_read_test.go index 8cd7c066b8ce..ca09c8cb5065 100644 --- a/command/policy_read_test.go +++ b/command/policy_read_test.go @@ -1,6 +1,7 @@ package command import ( + "context" "strings" "testing" @@ -76,7 +77,7 @@ func TestPolicyReadCommand_Run(t *testing.T) { defer closer() policy := `path "secret/" {}` - if err := client.Sys().PutPolicy("my-policy", policy); err != nil { + if err := client.Sys().PutPolicyWithContext(context.Background(), "my-policy", policy); err != nil { t.Fatal(err) } diff --git a/command/policy_write_test.go b/command/policy_write_test.go index c8db7dc9ddc2..f89667cccbd4 100644 --- a/command/policy_write_test.go +++ b/command/policy_write_test.go @@ -2,6 +2,7 @@ package command import ( "bytes" + "context" "io" "io/ioutil" "os" @@ -123,7 +124,7 @@ func TestPolicyWriteCommand_Run(t *testing.T) { t.Errorf("expected %q to contain %q", combined, expected) } - policies, err := client.Sys().ListPolicies() + policies, err := client.Sys().ListPoliciesWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -164,7 +165,7 @@ func TestPolicyWriteCommand_Run(t *testing.T) { t.Errorf("expected %q to contain %q", combined, expected) } - policies, err := client.Sys().ListPolicies() + policies, err := client.Sys().ListPoliciesWithContext(context.Background()) if err != nil { t.Fatal(err) } diff --git a/command/read_test.go b/command/read_test.go index 13f41da7e4a1..78f7e0ae4340 100644 --- a/command/read_test.go +++ b/command/read_test.go @@ -1,6 +1,7 @@ package command import ( + "context" "strings" "testing" @@ -83,7 +84,7 @@ func TestReadCommand_Run(t *testing.T) { client, closer := testVaultServer(t) defer closer() - if _, err := client.Logical().Write("secret/read/foo", map[string]interface{}{ + if _, err := client.Logical().WriteWithContext(context.Background(), "secret/read/foo", map[string]interface{}{ "foo": "bar", }); err != nil { t.Fatal(err) diff --git a/command/rotate_test.go b/command/rotate_test.go index 37ac32340590..7560a3f63c7f 100644 --- a/command/rotate_test.go +++ b/command/rotate_test.go @@ -1,6 +1,7 @@ package command import ( + "context" "strings" "testing" @@ -83,7 +84,7 @@ func TestOperatorRotateCommand_Run(t *testing.T) { t.Errorf("expected %q to contain %q", combined, expected) } - status, err := client.Sys().KeyStatus() + status, err := client.Sys().KeyStatusWithContext(context.Background()) if err != nil { t.Fatal(err) } diff --git a/command/secrets_disable_test.go b/command/secrets_disable_test.go index 567c8956d630..f6b07a859b9a 100644 --- a/command/secrets_disable_test.go +++ b/command/secrets_disable_test.go @@ -1,6 +1,7 @@ package command import ( + "context" "strings" "testing" @@ -88,7 +89,7 @@ func TestSecretsDisableCommand_Run(t *testing.T) { client, closer := testVaultServer(t) defer closer() - if err := client.Sys().Mount("my-secret/", &api.MountInput{ + if err := client.Sys().MountWithContext(context.Background(), "my-secret/", &api.MountInput{ Type: "generic", }); err != nil { t.Fatal(err) @@ -110,7 +111,7 @@ func TestSecretsDisableCommand_Run(t *testing.T) { t.Errorf("expected %q to contain %q", combined, expected) } - mounts, err := client.Sys().ListMounts() + mounts, err := client.Sys().ListMountsWithContext(context.Background()) if err != nil { t.Fatal(err) } diff --git a/command/secrets_enable_test.go b/command/secrets_enable_test.go index 814f4731204f..a8dff093fe4d 100644 --- a/command/secrets_enable_test.go +++ b/command/secrets_enable_test.go @@ -1,6 +1,7 @@ package command import ( + "context" "io/ioutil" "strings" "testing" @@ -127,7 +128,7 @@ func TestSecretsEnableCommand_Run(t *testing.T) { t.Errorf("expected %q to contain %q", combined, expected) } - mounts, err := client.Sys().ListMounts() + mounts, err := client.Sys().ListMountsWithContext(context.Background()) if err != nil { t.Fatal(err) } diff --git a/command/secrets_move_test.go b/command/secrets_move_test.go index 153fbeb2cdc0..4aed4460e0d0 100644 --- a/command/secrets_move_test.go +++ b/command/secrets_move_test.go @@ -1,6 +1,7 @@ package command import ( + "context" "strings" "testing" @@ -97,7 +98,7 @@ func TestSecretsMoveCommand_Run(t *testing.T) { t.Errorf("expected %q to contain %q", combined, expected) } - mounts, err := client.Sys().ListMounts() + mounts, err := client.Sys().ListMountsWithContext(context.Background()) if err != nil { t.Fatal(err) } diff --git a/command/secrets_tune_test.go b/command/secrets_tune_test.go index f51b8fb34b78..b1e35c6d8c9e 100644 --- a/command/secrets_tune_test.go +++ b/command/secrets_tune_test.go @@ -1,6 +1,7 @@ package command import ( + "context" "strings" "testing" @@ -80,7 +81,7 @@ func TestSecretsTuneCommand_Run(t *testing.T) { cmd.client = client // Mount - if err := client.Sys().Mount("kv", &api.MountInput{ + if err := client.Sys().MountWithContext(context.Background(), "kv", &api.MountInput{ Type: "kv", Options: map[string]string{ "version": "2", @@ -90,7 +91,7 @@ func TestSecretsTuneCommand_Run(t *testing.T) { } // confirm default max_versions - mounts, err := client.Sys().ListMounts() + mounts, err := client.Sys().ListMountsWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -125,7 +126,7 @@ func TestSecretsTuneCommand_Run(t *testing.T) { t.Errorf("expected %q to contain %q", combined, expected) } - mounts, err = client.Sys().ListMounts() + mounts, err = client.Sys().ListMountsWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -155,7 +156,7 @@ func TestSecretsTuneCommand_Run(t *testing.T) { cmd.client = client // Mount - if err := client.Sys().Mount("mount_tune_integration", &api.MountInput{ + if err := client.Sys().MountWithContext(context.Background(), "mount_tune_integration", &api.MountInput{ Type: "pki", }); err != nil { t.Fatal(err) @@ -184,7 +185,7 @@ func TestSecretsTuneCommand_Run(t *testing.T) { t.Errorf("expected %q to contain %q", combined, expected) } - mounts, err := client.Sys().ListMounts() + mounts, err := client.Sys().ListMountsWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -232,7 +233,7 @@ func TestSecretsTuneCommand_Run(t *testing.T) { cmd.client = client // Mount - if err := client.Sys().Mount("mount_tune_integration", &api.MountInput{ + if err := client.Sys().MountWithContext(context.Background(), "mount_tune_integration", &api.MountInput{ Type: "pki", Description: "initial description", }); err != nil { @@ -253,7 +254,7 @@ func TestSecretsTuneCommand_Run(t *testing.T) { t.Errorf("expected %q to contain %q", combined, expected) } - mounts, err := client.Sys().ListMounts() + mounts, err := client.Sys().ListMountsWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -275,7 +276,7 @@ func TestSecretsTuneCommand_Run(t *testing.T) { cmd.client = client // Mount - if err := client.Sys().Mount("mount_tune_integration", &api.MountInput{ + if err := client.Sys().MountWithContext(context.Background(), "mount_tune_integration", &api.MountInput{ Type: "pki", Description: "initial description", }); err != nil { @@ -296,7 +297,7 @@ func TestSecretsTuneCommand_Run(t *testing.T) { t.Errorf("expected %q to contain %q", combined, expected) } - mounts, err := client.Sys().ListMounts() + mounts, err := client.Sys().ListMountsWithContext(context.Background()) if err != nil { t.Fatal(err) } diff --git a/command/server/server_seal_transit_acc_test.go b/command/server/server_seal_transit_acc_test.go index e7d4d00e5d6b..15039df43e1f 100644 --- a/command/server/server_seal_transit_acc_test.go +++ b/command/server/server_seal_transit_acc_test.go @@ -61,7 +61,7 @@ func TestTransitSeal_TokenRenewal(t *testing.T) { req := &api.TokenCreateRequest{ Period: "5s", } - rsp, err := remoteClient.Auth().Token().Create(req) + rsp, err := remoteClient.Auth().Token().CreateWithContext(context.Background(), req) if err != nil { t.Fatalf("err: %s", err) } diff --git a/command/token_capabilities_test.go b/command/token_capabilities_test.go index 874db49129af..f52f59912902 100644 --- a/command/token_capabilities_test.go +++ b/command/token_capabilities_test.go @@ -1,6 +1,7 @@ package command import ( + "context" "strings" "testing" @@ -67,11 +68,11 @@ func TestTokenCapabilitiesCommand_Run(t *testing.T) { defer closer() policy := `path "secret/foo" { capabilities = ["read"] }` - if err := client.Sys().PutPolicy("policy", policy); err != nil { + if err := client.Sys().PutPolicyWithContext(context.Background(), "policy", policy); err != nil { t.Error(err) } - secret, err := client.Auth().Token().Create(&api.TokenCreateRequest{ + secret, err := client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Policies: []string{"policy"}, TTL: "30m", }) @@ -107,11 +108,11 @@ func TestTokenCapabilitiesCommand_Run(t *testing.T) { defer closer() policy := `path "secret/foo" { capabilities = ["read"] }` - if err := client.Sys().PutPolicy("policy", policy); err != nil { + if err := client.Sys().PutPolicyWithContext(context.Background(), "policy", policy); err != nil { t.Error(err) } - secret, err := client.Auth().Token().Create(&api.TokenCreateRequest{ + secret, err := client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Policies: []string{"policy"}, TTL: "30m", }) diff --git a/command/token_create_test.go b/command/token_create_test.go index 1fd11b1e9f84..714ab5042075 100644 --- a/command/token_create_test.go +++ b/command/token_create_test.go @@ -1,6 +1,7 @@ package command import ( + "context" "reflect" "strings" "testing" @@ -115,7 +116,7 @@ func TestTokenCreateCommand_Run(t *testing.T) { } token := strings.TrimSpace(ui.OutputWriter.String()) - secret, err := client.Auth().Token().Lookup(token) + secret, err := client.Auth().Token().LookupWithContext(context.Background(), token) if secret == nil || err != nil { t.Fatal(err) } @@ -140,7 +141,7 @@ func TestTokenCreateCommand_Run(t *testing.T) { } token := strings.TrimSpace(ui.OutputWriter.String()) - secret, err := client.Auth().Token().Lookup(token) + secret, err := client.Auth().Token().LookupWithContext(context.Background(), token) if secret == nil || err != nil { t.Fatal(err) } @@ -176,7 +177,7 @@ func TestTokenCreateCommand_Run(t *testing.T) { } token := strings.TrimSpace(ui.OutputWriter.String()) - secret, err := client.Auth().Token().Lookup(token) + secret, err := client.Auth().Token().LookupWithContext(context.Background(), token) if secret == nil || err != nil { t.Fatal(err) } diff --git a/command/token_renew_test.go b/command/token_renew_test.go index c958d4d55af6..a067973f5575 100644 --- a/command/token_renew_test.go +++ b/command/token_renew_test.go @@ -1,6 +1,7 @@ package command import ( + "context" "encoding/json" "strconv" "strings" @@ -106,7 +107,7 @@ func TestTokenRenewCommand_Run(t *testing.T) { t.Errorf("expected %d to be %d", code, exp) } - secret, err := client.Auth().Token().Lookup(token) + secret, err := client.Auth().Token().LookupWithContext(context.Background(), token) if err != nil { t.Fatal(err) } @@ -141,7 +142,7 @@ func TestTokenRenewCommand_Run(t *testing.T) { t.Errorf("expected %d to be %d", code, exp) } - secret, err := client.Auth().Token().Lookup(token) + secret, err := client.Auth().Token().LookupWithContext(context.Background(), token) if err != nil { t.Fatal(err) } @@ -180,7 +181,7 @@ func TestTokenRenewCommand_Run(t *testing.T) { } client.SetToken(oldToken) - secret, err := client.Auth().Token().Lookup(token) + secret, err := client.Auth().Token().LookupWithContext(context.Background(), token) if err != nil { t.Fatal(err) } diff --git a/command/token_revoke_test.go b/command/token_revoke_test.go index 7f66e9d4a0d8..0ba276470475 100644 --- a/command/token_revoke_test.go +++ b/command/token_revoke_test.go @@ -1,6 +1,7 @@ package command import ( + "context" "strings" "testing" @@ -129,7 +130,7 @@ func TestTokenRevokeCommand_Run(t *testing.T) { t.Errorf("expected %q to contain %q", combined, expected) } - secret, err := client.Auth().Token().Lookup(token) + secret, err := client.Auth().Token().LookupWithContext(context.Background(), token) if secret != nil || err == nil { t.Errorf("expected token to be revoked: %#v", secret) } @@ -157,7 +158,7 @@ func TestTokenRevokeCommand_Run(t *testing.T) { t.Errorf("expected %q to contain %q", combined, expected) } - secret, err := client.Auth().Token().LookupSelf() + secret, err := client.Auth().Token().LookupSelfWithContext(context.Background()) if secret != nil || err == nil { t.Errorf("expected token to be revoked: %#v", secret) } @@ -188,7 +189,7 @@ func TestTokenRevokeCommand_Run(t *testing.T) { t.Errorf("expected %q to contain %q", combined, expected) } - secret, err := client.Auth().Token().Lookup(token) + secret, err := client.Auth().Token().LookupWithContext(context.Background(), token) if secret != nil || err == nil { t.Errorf("expected token to be revoked: %#v", secret) } diff --git a/command/unwrap_test.go b/command/unwrap_test.go index 4a06418b027c..8875502df49a 100644 --- a/command/unwrap_test.go +++ b/command/unwrap_test.go @@ -1,6 +1,7 @@ package command import ( + "context" "strings" "testing" @@ -22,7 +23,7 @@ func testUnwrapCommand(tb testing.TB) (*cli.MockUi, *UnwrapCommand) { func testUnwrapWrappedToken(tb testing.TB, client *api.Client, data map[string]interface{}) string { tb.Helper() - wrapped, err := client.Logical().Write("sys/wrapping/wrap", data) + wrapped, err := client.Logical().WriteWithContext(context.Background(), "sys/wrapping/wrap", data) if err != nil { tb.Fatal(err) } diff --git a/command/write_test.go b/command/write_test.go index 03aab4c79af2..efc3dfe871fb 100644 --- a/command/write_test.go +++ b/command/write_test.go @@ -1,6 +1,7 @@ package command import ( + "context" "io" "strings" "testing" @@ -121,7 +122,7 @@ func TestWriteCommand_Run(t *testing.T) { client, closer := testVaultServer(t) defer closer() - if err := client.Sys().Mount("transit/", &api.MountInput{ + if err := client.Sys().MountWithContext(context.Background(), "transit/", &api.MountInput{ Type: "transit", }); err != nil { t.Fatal(err) @@ -138,7 +139,7 @@ func TestWriteCommand_Run(t *testing.T) { t.Fatalf("expected %d to be %d: %q", code, exp, ui.ErrorWriter.String()) } - secret, err := client.Logical().Read("transit/keys/my-key") + secret, err := client.Logical().ReadWithContext(context.Background(), "transit/keys/my-key") if err != nil { t.Fatal(err) } @@ -170,7 +171,7 @@ func TestWriteCommand_Run(t *testing.T) { t.Fatalf("expected 0 to be %d", code) } - secret, err := client.Logical().Read("secret/write/stdin_full") + secret, err := client.Logical().ReadWithContext(context.Background(), "secret/write/stdin_full") if err != nil { t.Fatal(err) } @@ -205,7 +206,7 @@ func TestWriteCommand_Run(t *testing.T) { t.Fatalf("expected 0 to be %d", code) } - secret, err := client.Logical().Read("secret/write/stdin_value") + secret, err := client.Logical().ReadWithContext(context.Background(), "secret/write/stdin_value") if err != nil { t.Fatal(err) } @@ -233,7 +234,7 @@ func TestWriteCommand_Run(t *testing.T) { t.Fatalf("expected 0 to be %d", code) } - secret, err := client.Logical().Read("secret/write/integration") + secret, err := client.Logical().ReadWithContext(context.Background(), "secret/write/integration") if err != nil { t.Fatal(err) } diff --git a/http/auth_token_test.go b/http/auth_token_test.go index 552a32cbdd93..911132d9af71 100644 --- a/http/auth_token_test.go +++ b/http/auth_token_test.go @@ -1,6 +1,7 @@ package http import ( + "context" "strings" "testing" @@ -22,7 +23,7 @@ func TestAuthTokenCreate(t *testing.T) { } client.SetToken(token) - secret, err := client.Auth().Token().Create(&api.TokenCreateRequest{ + secret, err := client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Lease: "1h", }) if err != nil { @@ -37,7 +38,7 @@ func TestAuthTokenCreate(t *testing.T) { Renewable: new(bool), } - secret, err = client.Auth().Token().Create(renewCreateRequest) + secret, err = client.Auth().Token().CreateWithContext(context.Background(), renewCreateRequest) if err != nil { t.Fatal(err) } @@ -49,7 +50,7 @@ func TestAuthTokenCreate(t *testing.T) { } *renewCreateRequest.Renewable = true - secret, err = client.Auth().Token().Create(renewCreateRequest) + secret, err = client.Auth().Token().CreateWithContext(context.Background(), renewCreateRequest) if err != nil { t.Fatal(err) } @@ -65,7 +66,7 @@ func TestAuthTokenCreate(t *testing.T) { ExplicitMaxTTL: "1800s", } - secret, err = client.Auth().Token().Create(explicitMaxCreateRequest) + secret, err = client.Auth().Token().CreateWithContext(context.Background(), explicitMaxCreateRequest) if err != nil { t.Fatal(err) } @@ -74,7 +75,7 @@ func TestAuthTokenCreate(t *testing.T) { } explicitMaxCreateRequest.ExplicitMaxTTL = "2h" - secret, err = client.Auth().Token().Create(explicitMaxCreateRequest) + secret, err = client.Auth().Token().CreateWithContext(context.Background(), explicitMaxCreateRequest) if err != nil { t.Fatal(err) } @@ -98,7 +99,7 @@ func TestAuthTokenLookup(t *testing.T) { client.SetToken(token) // Create a new token ... - secret2, err := client.Auth().Token().Create(&api.TokenCreateRequest{ + secret2, err := client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Lease: "1h", }) if err != nil { @@ -106,7 +107,7 @@ func TestAuthTokenLookup(t *testing.T) { } // lookup details of this token - secret, err := client.Auth().Token().Lookup(secret2.Auth.ClientToken) + secret, err := client.Auth().Token().LookupWithContext(context.Background(), secret2.Auth.ClientToken) if err != nil { t.Fatalf("unable to lookup details of token, err = %v", err) } @@ -131,7 +132,7 @@ func TestAuthTokenLookupSelf(t *testing.T) { client.SetToken(token) // you should be able to lookup your own token - secret, err := client.Auth().Token().LookupSelf() + secret, err := client.Auth().Token().LookupSelfWithContext(context.Background()) if err != nil { t.Fatalf("should be allowed to lookup self, err = %v", err) } @@ -159,7 +160,7 @@ func TestAuthTokenRenew(t *testing.T) { client.SetToken(token) // The default root token is not renewable, so this should not work - _, err = client.Auth().Token().Renew(token, 0) + _, err = client.Auth().Token().RenewWithContext(context.Background(), token, 0) if err == nil { t.Fatal("should not be allowed to renew root token") } @@ -168,7 +169,7 @@ func TestAuthTokenRenew(t *testing.T) { } // Create a new token that should be renewable - secret, err := client.Auth().Token().Create(&api.TokenCreateRequest{ + secret, err := client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Lease: "1h", }) if err != nil { @@ -177,7 +178,7 @@ func TestAuthTokenRenew(t *testing.T) { client.SetToken(secret.Auth.ClientToken) // Now attempt a renew with the new token - secret, err = client.Auth().Token().Renew(secret.Auth.ClientToken, 3600) + secret, err = client.Auth().Token().RenewWithContext(context.Background(), secret.Auth.ClientToken, 3600) if err != nil { t.Fatal(err) } @@ -191,7 +192,7 @@ func TestAuthTokenRenew(t *testing.T) { } // Do the same thing with the self variant - secret, err = client.Auth().Token().RenewSelf(3600) + secret, err = client.Auth().Token().RenewSelfWithContext(context.Background(), 3600) if err != nil { t.Fatal(err) } diff --git a/http/forwarding_test.go b/http/forwarding_test.go index f0225a42230e..2be614a457fa 100644 --- a/http/forwarding_test.go +++ b/http/forwarding_test.go @@ -2,6 +2,7 @@ package http import ( "bytes" + "context" "encoding/base64" "encoding/json" "fmt" @@ -61,7 +62,7 @@ func TestHTTP_Fallback_Bad_Address(t *testing.T) { } client.SetToken(cluster.RootToken) - secret, err := client.Auth().Token().LookupSelf() + secret, err := client.Auth().Token().LookupSelfWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -109,7 +110,7 @@ func TestHTTP_Fallback_Disabled(t *testing.T) { } client.SetToken(cluster.RootToken) - secret, err := client.Auth().Token().LookupSelf() + secret, err := client.Auth().Token().LookupSelfWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -529,7 +530,7 @@ func TestHTTP_Forwarding_ClientTLS(t *testing.T) { t.Fatal(err) } - secret, err := client.Logical().Write("auth/cert/login", nil) + secret, err := client.Logical().WriteWithContext(context.Background(), "auth/cert/login", nil) if err != nil { t.Fatal(err) } @@ -546,7 +547,7 @@ func TestHTTP_Forwarding_ClientTLS(t *testing.T) { t.Fatalf("bad client token: %#v", *secret.Auth) } client.SetToken(secret.Auth.ClientToken) - secret, err = client.Auth().Token().LookupSelf() + secret, err = client.Auth().Token().LookupSelfWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -594,7 +595,7 @@ func TestHTTP_Forwarding_LocalOnly(t *testing.T) { vault.TestWaitActive(t, cores[0].Core) testLocalOnly := func(client *api.Client) { - _, err := client.Logical().Read("sys/config/state/sanitized") + _, err := client.Logical().ReadWithContext(context.Background(), "sys/config/state/sanitized") if err == nil { t.Fatal("expected error") } diff --git a/http/handler_test.go b/http/handler_test.go index 382c57c25056..dbe35d75ab21 100644 --- a/http/handler_test.go +++ b/http/handler_test.go @@ -843,7 +843,7 @@ func TestHandler_Parse_Form(t *testing.T) { client := cores[0].Client client.SetToken(cluster.RootToken) - apiResp, err := client.Logical().Read("secret/foo") + apiResp, err := client.Logical().ReadWithContext(context.Background(), "secret/foo") if err != nil { t.Fatal(err) } diff --git a/http/plugin_test.go b/http/plugin_test.go index e14e4df09706..eb663f3cee3c 100644 --- a/http/plugin_test.go +++ b/http/plugin_test.go @@ -1,6 +1,7 @@ package http import ( + "context" "encoding/json" "io/ioutil" "os" @@ -54,7 +55,7 @@ func getPluginClusterAndCore(t testing.TB, logger log.Logger) (*vault.TestCluste vault.TestAddTestPlugin(t, core.Core, "mock-plugin", consts.PluginTypeSecrets, "TestPlugin_PluginMain", []string{}, "") // Mount the mock plugin - err = core.Client.Sys().Mount("mock", &api.MountInput{ + err = core.Client.Sys().MountWithContext(context.Background(), "mock", &api.MountInput{ Type: "mock-plugin", }) if err != nil { @@ -102,14 +103,14 @@ func TestPlugin_MockList(t *testing.T) { cluster, core := getPluginClusterAndCore(t, logger) defer cluster.Cleanup() - _, err := core.Client.Logical().Write("mock/kv/foo", map[string]interface{}{ + _, err := core.Client.Logical().WriteWithContext(context.Background(), "mock/kv/foo", map[string]interface{}{ "value": "baz", }) if err != nil { t.Fatal(err) } - keys, err := core.Client.Logical().List("mock/kv/") + keys, err := core.Client.Logical().ListWithContext(context.Background(), "mock/kv/") if err != nil { t.Fatal(err) } @@ -117,14 +118,14 @@ func TestPlugin_MockList(t *testing.T) { t.Fatal(keys) } - _, err = core.Client.Logical().Write("mock/kv/zoo", map[string]interface{}{ + _, err = core.Client.Logical().WriteWithContext(context.Background(), "mock/kv/zoo", map[string]interface{}{ "value": "baz", }) if err != nil { t.Fatal(err) } - keys, err = core.Client.Logical().List("mock/kv/") + keys, err = core.Client.Logical().ListWithContext(context.Background(), "mock/kv/") if err != nil { t.Fatal(err) } @@ -165,7 +166,7 @@ func TestPlugin_GetParams(t *testing.T) { cluster, core := getPluginClusterAndCore(t, logger) defer cluster.Cleanup() - _, err := core.Client.Logical().Write("mock/kv/foo", map[string]interface{}{ + _, err := core.Client.Logical().WriteWithContext(context.Background(), "mock/kv/foo", map[string]interface{}{ "value": "baz", }) if err != nil { diff --git a/http/sys_hostinfo_test.go b/http/sys_hostinfo_test.go index af313a382b2b..76ad4839540c 100644 --- a/http/sys_hostinfo_test.go +++ b/http/sys_hostinfo_test.go @@ -1,6 +1,7 @@ package http import ( + "context" "encoding/json" "testing" @@ -19,7 +20,7 @@ func TestSysHostInfo(t *testing.T) { vault.TestWaitActive(t, cores[0].Core) // Query against the active node, should get host information back - secret, err := cores[0].Client.Logical().Read("sys/host-info") + secret, err := cores[0].Client.Logical().ReadWithContext(context.Background(), "sys/host-info") if err != nil { t.Fatal(err) } @@ -54,7 +55,7 @@ func TestSysHostInfo(t *testing.T) { } // Query against a standby, should error - secret, err = cores[1].Client.Logical().Read("sys/host-info") + secret, err = cores[1].Client.Logical().ReadWithContext(context.Background(), "sys/host-info") if err == nil || secret != nil { t.Fatalf("expected error on standby node, HostInfo: %v", secret) } diff --git a/http/sys_mounts_test.go b/http/sys_mounts_test.go index 7c113d987950..b6d42cf9e089 100644 --- a/http/sys_mounts_test.go +++ b/http/sys_mounts_test.go @@ -1,6 +1,7 @@ package http import ( + "context" "fmt" "math/rand" "testing" @@ -29,10 +30,10 @@ func TestSysMountConfig(t *testing.T) { if err != nil { t.Fatal(err) } - defer client.Sys().Unmount(path) + defer client.Sys().UnmountWithContext(context.Background(), path) // Get config info for this mount - mountConfig, err := client.Sys().MountConfig(path) + mountConfig, err := client.Sys().MountConfigWithContext(context.Background(), path) if err != nil { t.Fatal(err) } @@ -60,6 +61,6 @@ func testMount(client *api.Client) (string, error) { rand.Seed(time.Now().UTC().UnixNano()) randInt := rand.New(rand.NewSource(time.Now().UnixNano())).Int() path := fmt.Sprintf("testmount-%d", randInt) - err := client.Sys().Mount(path, &api.MountInput{Type: "kv"}) + err := client.Sys().MountWithContext(context.Background(), path, &api.MountInput{Type: "kv"}) return path, err } diff --git a/http/sys_wrapping_test.go b/http/sys_wrapping_test.go index ab82b927c5f8..1c382ebb09f7 100644 --- a/http/sys_wrapping_test.go +++ b/http/sys_wrapping_test.go @@ -1,6 +1,7 @@ package http import ( + "context" "encoding/json" "reflect" "testing" @@ -29,7 +30,7 @@ func TestHTTP_Wrapping(t *testing.T) { client.SetToken(cluster.RootToken) // Write a value that we will use with wrapping for lookup - _, err := client.Logical().Write("secret/foo", map[string]interface{}{ + _, err := client.Logical().WriteWithContext(context.Background(), "secret/foo", map[string]interface{}{ "zip": "zap", }) if err != nil { @@ -47,19 +48,19 @@ func TestHTTP_Wrapping(t *testing.T) { // First test: basic things that should fail, lookup edition // Root token isn't a wrapping token - _, err = client.Logical().Write("sys/wrapping/lookup", nil) + _, err = client.Logical().WriteWithContext(context.Background(), "sys/wrapping/lookup", nil) if err == nil { t.Fatal("expected error") } // Not supplied - _, err = client.Logical().Write("sys/wrapping/lookup", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "sys/wrapping/lookup", map[string]interface{}{ "foo": "bar", }) if err == nil { t.Fatal("expected error") } // Nonexistent token isn't a wrapping token - _, err = client.Logical().Write("sys/wrapping/lookup", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "sys/wrapping/lookup", map[string]interface{}{ "token": "bar", }) if err == nil { @@ -68,24 +69,24 @@ func TestHTTP_Wrapping(t *testing.T) { // Second: basic things that should fail, unwrap edition // Root token isn't a wrapping token - _, err = client.Logical().Unwrap(cluster.RootToken) + _, err = client.Logical().UnwrapWithContext(context.Background(), cluster.RootToken) if err == nil { t.Fatal("expected error") } // Root token isn't a wrapping token - _, err = client.Logical().Write("sys/wrapping/unwrap", nil) + _, err = client.Logical().WriteWithContext(context.Background(), "sys/wrapping/unwrap", nil) if err == nil { t.Fatal("expected error") } // Not supplied - _, err = client.Logical().Write("sys/wrapping/unwrap", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "sys/wrapping/unwrap", map[string]interface{}{ "foo": "bar", }) if err == nil { t.Fatal("expected error") } // Nonexistent token isn't a wrapping token - _, err = client.Logical().Write("sys/wrapping/unwrap", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "sys/wrapping/unwrap", map[string]interface{}{ "token": "bar", }) if err == nil { @@ -97,7 +98,7 @@ func TestHTTP_Wrapping(t *testing.T) { // // Create a wrapping token - secret, err := client.Logical().Read("secret/foo") + secret, err := client.Logical().ReadWithContext(context.Background(), "secret/foo") if err != nil { t.Fatal(err) } @@ -108,7 +109,7 @@ func TestHTTP_Wrapping(t *testing.T) { // Test this twice to ensure no ill effect to the wrapping token as a result of the lookup for i := 0; i < 2; i++ { - secret, err = client.Logical().Write("sys/wrapping/lookup", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "sys/wrapping/lookup", map[string]interface{}{ "token": wrapInfo.Token, }) if err != nil { @@ -131,7 +132,7 @@ func TestHTTP_Wrapping(t *testing.T) { // // Create a wrapping token - secret, err = client.Logical().Read("secret/foo") + secret, err = client.Logical().ReadWithContext(context.Background(), "secret/foo") if err != nil { t.Fatal(err) } @@ -142,7 +143,7 @@ func TestHTTP_Wrapping(t *testing.T) { // Test unwrap via the client token client.SetToken(wrapInfo.Token) - secret, err = client.Logical().Write("sys/wrapping/unwrap", nil) + secret, err = client.Logical().WriteWithContext(context.Background(), "sys/wrapping/unwrap", nil) if err != nil { t.Fatal(err) } @@ -151,14 +152,14 @@ func TestHTTP_Wrapping(t *testing.T) { } ret1 := secret // Should be expired and fail - _, err = client.Logical().Write("sys/wrapping/unwrap", nil) + _, err = client.Logical().WriteWithContext(context.Background(), "sys/wrapping/unwrap", nil) if err == nil { t.Fatal("expected err") } // Create a wrapping token client.SetToken(cluster.RootToken) - secret, err = client.Logical().Read("secret/foo") + secret, err = client.Logical().ReadWithContext(context.Background(), "secret/foo") if err != nil { t.Fatal(err) } @@ -168,7 +169,7 @@ func TestHTTP_Wrapping(t *testing.T) { wrapInfo = secret.WrapInfo // Test as a separate token - secret, err = client.Logical().Write("sys/wrapping/unwrap", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "sys/wrapping/unwrap", map[string]interface{}{ "token": wrapInfo.Token, }) if err != nil { @@ -176,7 +177,7 @@ func TestHTTP_Wrapping(t *testing.T) { } ret2 := secret // Should be expired and fail - _, err = client.Logical().Write("sys/wrapping/unwrap", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "sys/wrapping/unwrap", map[string]interface{}{ "token": wrapInfo.Token, }) if err == nil { @@ -184,7 +185,7 @@ func TestHTTP_Wrapping(t *testing.T) { } // Create a wrapping token - secret, err = client.Logical().Read("secret/foo") + secret, err = client.Logical().ReadWithContext(context.Background(), "secret/foo") if err != nil { t.Fatal(err) } @@ -195,20 +196,20 @@ func TestHTTP_Wrapping(t *testing.T) { // Read response directly client.SetToken(wrapInfo.Token) - secret, err = client.Logical().Read("cubbyhole/response") + secret, err = client.Logical().ReadWithContext(context.Background(), "cubbyhole/response") if err != nil { t.Fatal(err) } ret3 := secret // Should be expired and fail - _, err = client.Logical().Write("cubbyhole/response", nil) + _, err = client.Logical().WriteWithContext(context.Background(), "cubbyhole/response", nil) if err == nil { t.Fatal("expected err") } // Create a wrapping token client.SetToken(cluster.RootToken) - secret, err = client.Logical().Read("secret/foo") + secret, err = client.Logical().ReadWithContext(context.Background(), "secret/foo") if err != nil { t.Fatal(err) } @@ -218,13 +219,13 @@ func TestHTTP_Wrapping(t *testing.T) { wrapInfo = secret.WrapInfo // Read via Unwrap method - secret, err = client.Logical().Unwrap(wrapInfo.Token) + secret, err = client.Logical().UnwrapWithContext(context.Background(), wrapInfo.Token) if err != nil { t.Fatal(err) } ret4 := secret // Should be expired and fail - _, err = client.Logical().Unwrap(wrapInfo.Token) + _, err = client.Logical().UnwrapWithContext(context.Background(), wrapInfo.Token) if err == nil { t.Fatal("expected err") } @@ -269,7 +270,7 @@ func TestHTTP_Wrapping(t *testing.T) { client.SetWrappingLookupFunc(func(operation, path string) string { return "" }) - secret, err = client.Logical().Write("sys/wrapping/wrap", data) + secret, err = client.Logical().WriteWithContext(context.Background(), "sys/wrapping/wrap", data) if err == nil { t.Fatal("expected error") } @@ -282,11 +283,11 @@ func TestHTTP_Wrapping(t *testing.T) { return api.DefaultWrappingLookupFunc(operation, path) }) - secret, err = client.Logical().Write("sys/wrapping/wrap", data) + secret, err = client.Logical().WriteWithContext(context.Background(), "sys/wrapping/wrap", data) if err != nil { t.Fatal(err) } - secret, err = client.Logical().Unwrap(secret.WrapInfo.Token) + secret, err = client.Logical().UnwrapWithContext(context.Background(), secret.WrapInfo.Token) if err != nil { t.Fatal(err) } @@ -299,7 +300,7 @@ func TestHTTP_Wrapping(t *testing.T) { // // Create a wrapping token - secret, err = client.Logical().Read("secret/foo") + secret, err = client.Logical().ReadWithContext(context.Background(), "secret/foo") if err != nil { t.Fatal(err) } @@ -314,7 +315,7 @@ func TestHTTP_Wrapping(t *testing.T) { } // Test rewrapping - secret, err = client.Logical().Write("sys/wrapping/rewrap", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "sys/wrapping/rewrap", map[string]interface{}{ "token": wrapInfo.Token, }) if err != nil { @@ -327,7 +328,7 @@ func TestHTTP_Wrapping(t *testing.T) { } // Should be expired and fail - _, err = client.Logical().Write("sys/wrapping/unwrap", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "sys/wrapping/unwrap", map[string]interface{}{ "token": wrapInfo.Token, }) if err == nil { @@ -336,12 +337,12 @@ func TestHTTP_Wrapping(t *testing.T) { // Attempt unwrapping the rewrapped token wrapToken := secret.WrapInfo.Token - secret, err = client.Logical().Unwrap(wrapToken) + secret, err = client.Logical().UnwrapWithContext(context.Background(), wrapToken) if err != nil { t.Fatal(err) } // Should be expired and fail - _, err = client.Logical().Unwrap(wrapToken) + _, err = client.Logical().UnwrapWithContext(context.Background(), wrapToken) if err == nil { t.Fatal("expected err") } diff --git a/http/unwrapping_raw_body_test.go b/http/unwrapping_raw_body_test.go index 6ba24b7c9098..36b084cb4759 100644 --- a/http/unwrapping_raw_body_test.go +++ b/http/unwrapping_raw_body_test.go @@ -1,6 +1,7 @@ package http import ( + "context" "testing" kv "github.com/hashicorp/vault-plugin-secrets-kv" @@ -26,7 +27,7 @@ func TestUnwrapping_Raw_Body(t *testing.T) { client := cluster.Cores[0].Client // Mount a k/v backend, version 2 - err := client.Sys().Mount("kv", &api.MountInput{ + err := client.Sys().MountWithContext(context.Background(), "kv", &api.MountInput{ Type: "kv", Options: map[string]string{"version": "2"}, }) @@ -37,7 +38,7 @@ func TestUnwrapping_Raw_Body(t *testing.T) { client.SetWrappingLookupFunc(func(operation, path string) string { return "5m" }) - secret, err := client.Logical().Write("kv/foo/bar", map[string]interface{}{ + secret, err := client.Logical().WriteWithContext(context.Background(), "kv/foo/bar", map[string]interface{}{ "a": "b", }) if err != nil { @@ -52,7 +53,7 @@ func TestUnwrapping_Raw_Body(t *testing.T) { wrapToken := secret.WrapInfo.Token client.SetWrappingLookupFunc(nil) - secret, err = client.Logical().Unwrap(wrapToken) + secret, err = client.Logical().UnwrapWithContext(context.Background(), wrapToken) if err != nil { t.Fatal(err) } diff --git a/vault/expiration_integ_test.go b/vault/expiration_integ_test.go index 2e2d54fcc900..bda40b102be8 100644 --- a/vault/expiration_integ_test.go +++ b/vault/expiration_integ_test.go @@ -1,6 +1,7 @@ package vault_test import ( + "context" "encoding/json" "testing" "time" @@ -38,7 +39,7 @@ func TestExpiration_RenewToken_TestCluster(t *testing.T) { } // Tune the mount - err = client.Sys().TuneMount("auth/approle", api.MountConfigInput{ + err = client.Sys().TuneMountWithContext(context.Background(), "auth/approle", api.MountConfigInput{ DefaultLeaseTTL: "5s", MaxLeaseTTL: "5s", }) @@ -47,7 +48,7 @@ func TestExpiration_RenewToken_TestCluster(t *testing.T) { } // Create role - resp, err := client.Logical().Write("auth/approle/role/role-period", map[string]interface{}{ + resp, err := client.Logical().WriteWithContext(context.Background(), "auth/approle/role/role-period", map[string]interface{}{ "period": "5s", }) if err != nil { @@ -55,7 +56,7 @@ func TestExpiration_RenewToken_TestCluster(t *testing.T) { } // Get role_id - resp, err = client.Logical().Read("auth/approle/role/role-period/role-id") + resp, err = client.Logical().ReadWithContext(context.Background(), "auth/approle/role/role-period/role-id") if err != nil { t.Fatal(err) } @@ -65,7 +66,7 @@ func TestExpiration_RenewToken_TestCluster(t *testing.T) { roleID := resp.Data["role_id"] // Get secret_id - resp, err = client.Logical().Write("auth/approle/role/role-period/secret-id", map[string]interface{}{}) + resp, err = client.Logical().WriteWithContext(context.Background(), "auth/approle/role/role-period/secret-id", map[string]interface{}{}) if err != nil { t.Fatal(err) } @@ -75,7 +76,7 @@ func TestExpiration_RenewToken_TestCluster(t *testing.T) { secretID := resp.Data["secret_id"] // Login - resp, err = client.Logical().Write("auth/approle/login", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "auth/approle/login", map[string]interface{}{ "role_id": roleID, "secret_id": secretID, }) @@ -97,7 +98,7 @@ func TestExpiration_RenewToken_TestCluster(t *testing.T) { time.Sleep(3 * time.Second) // Renew - resp, err = client.Logical().Write("auth/token/renew", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "auth/token/renew", map[string]interface{}{ "token": roleToken, }) if err != nil { @@ -108,7 +109,7 @@ func TestExpiration_RenewToken_TestCluster(t *testing.T) { } // Perform token lookup and verify TTL - resp, err = client.Auth().Token().Lookup(roleToken) + resp, err = client.Auth().Token().LookupWithContext(context.Background(), roleToken) if err != nil { t.Fatal(err) } @@ -133,7 +134,7 @@ func TestExpiration_RenewToken_TestCluster(t *testing.T) { time.Sleep(3 * time.Second) // Do a second renewal to ensure that period can be renewed past sys/mount max_ttl - resp, err = client.Logical().Write("auth/token/renew", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "auth/token/renew", map[string]interface{}{ "token": roleToken, }) if err != nil { @@ -144,7 +145,7 @@ func TestExpiration_RenewToken_TestCluster(t *testing.T) { } // Perform token lookup and verify TTL - resp, err = client.Auth().Token().Lookup(roleToken) + resp, err = client.Auth().Token().LookupWithContext(context.Background(), roleToken) if err != nil { t.Fatal(err) } diff --git a/vault/external_tests/api/renewer_integration_test.go b/vault/external_tests/api/renewer_integration_test.go index c5ea4fae9e91..984f22937129 100644 --- a/vault/external_tests/api/renewer_integration_test.go +++ b/vault/external_tests/api/renewer_integration_test.go @@ -1,6 +1,7 @@ package api import ( + "context" "testing" "time" @@ -18,13 +19,13 @@ func TestRenewer_Renew(t *testing.T) { t.Run("kv", func(t *testing.T) { t.Parallel() - if _, err := client.Logical().Write("secret/value", map[string]interface{}{ + if _, err := client.Logical().WriteWithContext(context.Background(), "secret/value", map[string]interface{}{ "foo": "bar", }); err != nil { t.Fatal(err) } - secret, err := client.Logical().Read("secret/value") + secret, err := client.Logical().ReadWithContext(context.Background(), "secret/value") if err != nil { t.Fatal(err) } @@ -53,13 +54,13 @@ func TestRenewer_Renew(t *testing.T) { t.Run("transit", func(t *testing.T) { t.Parallel() - if err := client.Sys().Mount("transit", &api.MountInput{ + if err := client.Sys().MountWithContext(context.Background(), "transit", &api.MountInput{ Type: "transit", }); err != nil { t.Fatal(err) } - secret, err := client.Logical().Write("transit/encrypt/my-app", map[string]interface{}{ + secret, err := client.Logical().WriteWithContext(context.Background(), "transit/encrypt/my-app", map[string]interface{}{ "plaintext": "Zm9vCg==", }) if err != nil { @@ -93,19 +94,19 @@ func TestRenewer_Renew(t *testing.T) { cleanup, pgURL := postgreshelper.PrepareTestContainer(t, "") defer cleanup() - if err := client.Sys().Mount("database", &api.MountInput{ + if err := client.Sys().MountWithContext(context.Background(), "database", &api.MountInput{ Type: "database", }); err != nil { t.Fatal(err) } - if _, err := client.Logical().Write("database/config/postgresql", map[string]interface{}{ + if _, err := client.Logical().WriteWithContext(context.Background(), "database/config/postgresql", map[string]interface{}{ "plugin_name": "postgresql-database-plugin", "connection_url": pgURL, "allowed_roles": "readonly", }); err != nil { t.Fatal(err) } - if _, err := client.Logical().Write("database/roles/readonly", map[string]interface{}{ + if _, err := client.Logical().WriteWithContext(context.Background(), "database/roles/readonly", map[string]interface{}{ "db_name": "postgresql", "creation_statements": `` + `CREATE ROLE "{{name}}" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}';` + @@ -116,7 +117,7 @@ func TestRenewer_Renew(t *testing.T) { t.Fatal(err) } - secret, err := client.Logical().Read("database/creds/readonly") + secret, err := client.Logical().ReadWithContext(context.Background(), "database/creds/readonly") if err != nil { t.Fatal(err) } @@ -172,7 +173,7 @@ func TestRenewer_Renew(t *testing.T) { t.Run("auth", func(t *testing.T) { t.Parallel() - secret, err := client.Auth().Token().Create(&api.TokenCreateRequest{ + secret, err := client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Policies: []string{"default"}, TTL: "5s", ExplicitMaxTTL: "10s", diff --git a/vault/external_tests/api/secret_test.go b/vault/external_tests/api/secret_test.go index c904c0a59932..160e29be3259 100644 --- a/vault/external_tests/api/secret_test.go +++ b/vault/external_tests/api/secret_test.go @@ -1,6 +1,7 @@ package api import ( + "context" "encoding/json" "reflect" "strings" @@ -169,14 +170,14 @@ func TestSecret_TokenID(t *testing.T) { if err := client.Sys().EnableAuth("userpass", "userpass", ""); err != nil { t.Fatal(err) } - if _, err := client.Logical().Write("auth/userpass/users/test", map[string]interface{}{ + if _, err := client.Logical().WriteWithContext(context.Background(), "auth/userpass/users/test", map[string]interface{}{ "password": "test", "policies": "default", }); err != nil { t.Fatal(err) } - secret, err := client.Logical().Write("auth/userpass/login/test", map[string]interface{}{ + secret, err := client.Logical().WriteWithContext(context.Background(), "auth/userpass/login/test", map[string]interface{}{ "password": "test", }) if err != nil || secret == nil { @@ -199,7 +200,7 @@ func TestSecret_TokenID(t *testing.T) { client, closer := testVaultServer(t) defer closer() - secret, err := client.Auth().Token().Create(&api.TokenCreateRequest{ + secret, err := client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Policies: []string{"default"}, }) if err != nil { @@ -222,7 +223,7 @@ func TestSecret_TokenID(t *testing.T) { client, closer := testVaultServer(t) defer closer() - secret, err := client.Auth().Token().Create(&api.TokenCreateRequest{ + secret, err := client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Policies: []string{"default"}, }) if err != nil { @@ -230,7 +231,7 @@ func TestSecret_TokenID(t *testing.T) { } token := secret.Auth.ClientToken - secret, err = client.Auth().Token().Lookup(token) + secret, err = client.Auth().Token().LookupWithContext(context.Background(), token) if err != nil { t.Fatal(err) } @@ -250,7 +251,7 @@ func TestSecret_TokenID(t *testing.T) { client, closer := testVaultServer(t) defer closer() - secret, err := client.Auth().Token().Create(&api.TokenCreateRequest{ + secret, err := client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Policies: []string{"default"}, }) if err != nil { @@ -259,7 +260,7 @@ func TestSecret_TokenID(t *testing.T) { token := secret.Auth.ClientToken client.SetToken(token) - secret, err = client.Auth().Token().LookupSelf() + secret, err = client.Auth().Token().LookupSelfWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -279,7 +280,7 @@ func TestSecret_TokenID(t *testing.T) { client, closer := testVaultServer(t) defer closer() - secret, err := client.Auth().Token().Create(&api.TokenCreateRequest{ + secret, err := client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Policies: []string{"default"}, }) if err != nil { @@ -287,7 +288,7 @@ func TestSecret_TokenID(t *testing.T) { } token := secret.Auth.ClientToken - secret, err = client.Auth().Token().Renew(token, 0) + secret, err = client.Auth().Token().RenewWithContext(context.Background(), token, 0) if err != nil { t.Fatal(err) } @@ -307,7 +308,7 @@ func TestSecret_TokenID(t *testing.T) { client, closer := testVaultServer(t) defer closer() - secret, err := client.Auth().Token().Create(&api.TokenCreateRequest{ + secret, err := client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Policies: []string{"default"}, }) if err != nil { @@ -316,7 +317,7 @@ func TestSecret_TokenID(t *testing.T) { token := secret.Auth.ClientToken client.SetToken(token) - secret, err = client.Auth().Token().RenewSelf(0) + secret, err = client.Auth().Token().RenewSelfWithContext(context.Background(), 0) if err != nil { t.Fatal(err) } @@ -437,14 +438,14 @@ func TestSecret_TokenAccessor(t *testing.T) { if err := client.Sys().EnableAuth("userpass", "userpass", ""); err != nil { t.Fatal(err) } - if _, err := client.Logical().Write("auth/userpass/users/test", map[string]interface{}{ + if _, err := client.Logical().WriteWithContext(context.Background(), "auth/userpass/users/test", map[string]interface{}{ "password": "test", "policies": "default", }); err != nil { t.Fatal(err) } - secret, err := client.Logical().Write("auth/userpass/login/test", map[string]interface{}{ + secret, err := client.Logical().WriteWithContext(context.Background(), "auth/userpass/login/test", map[string]interface{}{ "password": "test", }) if err != nil || secret == nil { @@ -467,7 +468,7 @@ func TestSecret_TokenAccessor(t *testing.T) { client, closer := testVaultServer(t) defer closer() - secret, err := client.Auth().Token().Create(&api.TokenCreateRequest{ + secret, err := client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Policies: []string{"default"}, }) if err != nil { @@ -490,7 +491,7 @@ func TestSecret_TokenAccessor(t *testing.T) { client, closer := testVaultServer(t) defer closer() - secret, err := client.Auth().Token().Create(&api.TokenCreateRequest{ + secret, err := client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Policies: []string{"default"}, }) if err != nil { @@ -498,7 +499,7 @@ func TestSecret_TokenAccessor(t *testing.T) { } token, accessor := secret.Auth.ClientToken, secret.Auth.Accessor - secret, err = client.Auth().Token().Lookup(token) + secret, err = client.Auth().Token().LookupWithContext(context.Background(), token) if err != nil { t.Fatal(err) } @@ -518,7 +519,7 @@ func TestSecret_TokenAccessor(t *testing.T) { client, closer := testVaultServer(t) defer closer() - secret, err := client.Auth().Token().Create(&api.TokenCreateRequest{ + secret, err := client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Policies: []string{"default"}, }) if err != nil { @@ -527,7 +528,7 @@ func TestSecret_TokenAccessor(t *testing.T) { token, accessor := secret.Auth.ClientToken, secret.Auth.Accessor client.SetToken(token) - secret, err = client.Auth().Token().LookupSelf() + secret, err = client.Auth().Token().LookupSelfWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -547,7 +548,7 @@ func TestSecret_TokenAccessor(t *testing.T) { client, closer := testVaultServer(t) defer closer() - secret, err := client.Auth().Token().Create(&api.TokenCreateRequest{ + secret, err := client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Policies: []string{"default"}, }) if err != nil { @@ -555,7 +556,7 @@ func TestSecret_TokenAccessor(t *testing.T) { } token, accessor := secret.Auth.ClientToken, secret.Auth.Accessor - secret, err = client.Auth().Token().Renew(token, 0) + secret, err = client.Auth().Token().RenewWithContext(context.Background(), token, 0) if err != nil { t.Fatal(err) } @@ -575,7 +576,7 @@ func TestSecret_TokenAccessor(t *testing.T) { client, closer := testVaultServer(t) defer closer() - secret, err := client.Auth().Token().Create(&api.TokenCreateRequest{ + secret, err := client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Policies: []string{"default"}, }) if err != nil { @@ -584,7 +585,7 @@ func TestSecret_TokenAccessor(t *testing.T) { token, accessor := secret.Auth.ClientToken, secret.Auth.Accessor client.SetToken(token) - secret, err = client.Auth().Token().RenewSelf(0) + secret, err = client.Auth().Token().RenewSelfWithContext(context.Background(), 0) if err != nil { t.Fatal(err) } @@ -673,7 +674,7 @@ func TestSecret_TokenRemainingUses(t *testing.T) { if err := client.Sys().EnableAuth("userpass", "userpass", ""); err != nil { t.Fatal(err) } - if _, err := client.Logical().Write("auth/userpass/users/test", map[string]interface{}{ + if _, err := client.Logical().WriteWithContext(context.Background(), "auth/userpass/users/test", map[string]interface{}{ "password": "test", "policies": "default", "num_uses": uses, @@ -681,7 +682,7 @@ func TestSecret_TokenRemainingUses(t *testing.T) { t.Fatal(err) } - secret, err := client.Logical().Write("auth/userpass/login/test", map[string]interface{}{ + secret, err := client.Logical().WriteWithContext(context.Background(), "auth/userpass/login/test", map[string]interface{}{ "password": "test", }) if err != nil || secret == nil { @@ -707,7 +708,7 @@ func TestSecret_TokenRemainingUses(t *testing.T) { uses := 5 - secret, err := client.Auth().Token().Create(&api.TokenCreateRequest{ + secret, err := client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Policies: []string{"default"}, NumUses: uses, }) @@ -734,7 +735,7 @@ func TestSecret_TokenRemainingUses(t *testing.T) { uses := 5 - secret, err := client.Auth().Token().Create(&api.TokenCreateRequest{ + secret, err := client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Policies: []string{"default"}, NumUses: uses, }) @@ -743,7 +744,7 @@ func TestSecret_TokenRemainingUses(t *testing.T) { } token := secret.Auth.ClientToken - secret, err = client.Auth().Token().Lookup(token) + secret, err = client.Auth().Token().LookupWithContext(context.Background(), token) if err != nil { t.Fatal(err) } @@ -765,7 +766,7 @@ func TestSecret_TokenRemainingUses(t *testing.T) { uses := 5 - secret, err := client.Auth().Token().Create(&api.TokenCreateRequest{ + secret, err := client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Policies: []string{"default"}, NumUses: uses, }) @@ -775,7 +776,7 @@ func TestSecret_TokenRemainingUses(t *testing.T) { token := secret.Auth.ClientToken client.SetToken(token) - secret, err = client.Auth().Token().LookupSelf() + secret, err = client.Auth().Token().LookupSelfWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -798,7 +799,7 @@ func TestSecret_TokenRemainingUses(t *testing.T) { uses := 5 - secret, err := client.Auth().Token().Create(&api.TokenCreateRequest{ + secret, err := client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Policies: []string{"default"}, NumUses: uses, }) @@ -807,7 +808,7 @@ func TestSecret_TokenRemainingUses(t *testing.T) { } token := secret.Auth.ClientToken - secret, err = client.Auth().Token().Renew(token, 0) + secret, err = client.Auth().Token().RenewWithContext(context.Background(), token, 0) if err != nil { t.Fatal(err) } @@ -831,7 +832,7 @@ func TestSecret_TokenRemainingUses(t *testing.T) { uses := 5 - secret, err := client.Auth().Token().Create(&api.TokenCreateRequest{ + secret, err := client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Policies: []string{"default"}, NumUses: uses, }) @@ -841,7 +842,7 @@ func TestSecret_TokenRemainingUses(t *testing.T) { token := secret.Auth.ClientToken client.SetToken(token) - secret, err = client.Auth().Token().RenewSelf(0) + secret, err = client.Auth().Token().RenewSelfWithContext(context.Background(), 0) if err != nil { t.Fatal(err) } @@ -976,14 +977,14 @@ func TestSecret_TokenPolicies(t *testing.T) { if err := client.Sys().EnableAuth("userpass", "userpass", ""); err != nil { t.Fatal(err) } - if _, err := client.Logical().Write("auth/userpass/users/test", map[string]interface{}{ + if _, err := client.Logical().WriteWithContext(context.Background(), "auth/userpass/users/test", map[string]interface{}{ "password": "test", "policies": strings.Join(policies, ","), }); err != nil { t.Fatal(err) } - secret, err := client.Logical().Write("auth/userpass/login/test", map[string]interface{}{ + secret, err := client.Logical().WriteWithContext(context.Background(), "auth/userpass/login/test", map[string]interface{}{ "password": "test", }) if err != nil || secret == nil { @@ -1007,7 +1008,7 @@ func TestSecret_TokenPolicies(t *testing.T) { policies := []string{"bar", "default", "foo"} - secret, err := client.Auth().Token().Create(&api.TokenCreateRequest{ + secret, err := client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Policies: policies, }) if err != nil { @@ -1031,7 +1032,7 @@ func TestSecret_TokenPolicies(t *testing.T) { policies := []string{"bar", "default", "foo"} - secret, err := client.Auth().Token().Create(&api.TokenCreateRequest{ + secret, err := client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Policies: policies, }) if err != nil { @@ -1039,7 +1040,7 @@ func TestSecret_TokenPolicies(t *testing.T) { } token := secret.Auth.ClientToken - secret, err = client.Auth().Token().Lookup(token) + secret, err = client.Auth().Token().LookupWithContext(context.Background(), token) if err != nil { t.Fatal(err) } @@ -1061,7 +1062,7 @@ func TestSecret_TokenPolicies(t *testing.T) { policies := []string{"bar", "default", "foo"} - secret, err := client.Auth().Token().Create(&api.TokenCreateRequest{ + secret, err := client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Policies: policies, }) if err != nil { @@ -1070,7 +1071,7 @@ func TestSecret_TokenPolicies(t *testing.T) { token := secret.Auth.ClientToken client.SetToken(token) - secret, err = client.Auth().Token().LookupSelf() + secret, err = client.Auth().Token().LookupSelfWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -1092,7 +1093,7 @@ func TestSecret_TokenPolicies(t *testing.T) { policies := []string{"bar", "default", "foo"} - secret, err := client.Auth().Token().Create(&api.TokenCreateRequest{ + secret, err := client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Policies: policies, }) if err != nil { @@ -1100,7 +1101,7 @@ func TestSecret_TokenPolicies(t *testing.T) { } token := secret.Auth.ClientToken - secret, err = client.Auth().Token().Renew(token, 0) + secret, err = client.Auth().Token().RenewWithContext(context.Background(), token, 0) if err != nil { t.Fatal(err) } @@ -1122,7 +1123,7 @@ func TestSecret_TokenPolicies(t *testing.T) { policies := []string{"bar", "default", "foo"} - secret, err := client.Auth().Token().Create(&api.TokenCreateRequest{ + secret, err := client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Policies: policies, }) if err != nil { @@ -1131,7 +1132,7 @@ func TestSecret_TokenPolicies(t *testing.T) { token := secret.Auth.ClientToken client.SetToken(token) - secret, err = client.Auth().Token().RenewSelf(0) + secret, err = client.Auth().Token().RenewSelfWithContext(context.Background(), 0) if err != nil { t.Fatal(err) } @@ -1274,14 +1275,14 @@ func TestSecret_TokenMetadata(t *testing.T) { if err := client.Sys().EnableAuth("userpass", "userpass", ""); err != nil { t.Fatal(err) } - if _, err := client.Logical().Write("auth/userpass/users/test", map[string]interface{}{ + if _, err := client.Logical().WriteWithContext(context.Background(), "auth/userpass/users/test", map[string]interface{}{ "password": "test", "policies": "default", }); err != nil { t.Fatal(err) } - secret, err := client.Logical().Write("auth/userpass/login/test", map[string]interface{}{ + secret, err := client.Logical().WriteWithContext(context.Background(), "auth/userpass/login/test", map[string]interface{}{ "password": "test", }) if err != nil || secret == nil { @@ -1305,7 +1306,7 @@ func TestSecret_TokenMetadata(t *testing.T) { metadata := map[string]string{"username": "test"} - secret, err := client.Auth().Token().Create(&api.TokenCreateRequest{ + secret, err := client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Metadata: metadata, Policies: []string{"default"}, }) @@ -1330,7 +1331,7 @@ func TestSecret_TokenMetadata(t *testing.T) { metadata := map[string]string{"username": "test"} - secret, err := client.Auth().Token().Create(&api.TokenCreateRequest{ + secret, err := client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Metadata: metadata, Policies: []string{"default"}, }) @@ -1339,7 +1340,7 @@ func TestSecret_TokenMetadata(t *testing.T) { } token := secret.Auth.ClientToken - secret, err = client.Auth().Token().Lookup(token) + secret, err = client.Auth().Token().LookupWithContext(context.Background(), token) if err != nil { t.Fatal(err) } @@ -1361,7 +1362,7 @@ func TestSecret_TokenMetadata(t *testing.T) { metadata := map[string]string{"username": "test"} - secret, err := client.Auth().Token().Create(&api.TokenCreateRequest{ + secret, err := client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Metadata: metadata, Policies: []string{"default"}, }) @@ -1371,7 +1372,7 @@ func TestSecret_TokenMetadata(t *testing.T) { token := secret.Auth.ClientToken client.SetToken(token) - secret, err = client.Auth().Token().LookupSelf() + secret, err = client.Auth().Token().LookupSelfWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -1393,7 +1394,7 @@ func TestSecret_TokenMetadata(t *testing.T) { metadata := map[string]string{"username": "test"} - secret, err := client.Auth().Token().Create(&api.TokenCreateRequest{ + secret, err := client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Metadata: metadata, Policies: []string{"default"}, }) @@ -1402,7 +1403,7 @@ func TestSecret_TokenMetadata(t *testing.T) { } token := secret.Auth.ClientToken - secret, err = client.Auth().Token().Renew(token, 0) + secret, err = client.Auth().Token().RenewWithContext(context.Background(), token, 0) if err != nil { t.Fatal(err) } @@ -1424,7 +1425,7 @@ func TestSecret_TokenMetadata(t *testing.T) { metadata := map[string]string{"username": "test"} - secret, err := client.Auth().Token().Create(&api.TokenCreateRequest{ + secret, err := client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Metadata: metadata, Policies: []string{"default"}, }) @@ -1434,7 +1435,7 @@ func TestSecret_TokenMetadata(t *testing.T) { token := secret.Auth.ClientToken client.SetToken(token) - secret, err = client.Auth().Token().RenewSelf(0) + secret, err = client.Auth().Token().RenewSelfWithContext(context.Background(), 0) if err != nil { t.Fatal(err) } @@ -1566,14 +1567,14 @@ func TestSecret_TokenIsRenewable(t *testing.T) { if err := client.Sys().EnableAuth("userpass", "userpass", ""); err != nil { t.Fatal(err) } - if _, err := client.Logical().Write("auth/userpass/users/test", map[string]interface{}{ + if _, err := client.Logical().WriteWithContext(context.Background(), "auth/userpass/users/test", map[string]interface{}{ "password": "test", "policies": "default", }); err != nil { t.Fatal(err) } - secret, err := client.Logical().Write("auth/userpass/login/test", map[string]interface{}{ + secret, err := client.Logical().WriteWithContext(context.Background(), "auth/userpass/login/test", map[string]interface{}{ "password": "test", }) if err != nil || secret == nil { @@ -1597,7 +1598,7 @@ func TestSecret_TokenIsRenewable(t *testing.T) { renewable := true - secret, err := client.Auth().Token().Create(&api.TokenCreateRequest{ + secret, err := client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Policies: []string{"default"}, Renewable: &renewable, }) @@ -1622,7 +1623,7 @@ func TestSecret_TokenIsRenewable(t *testing.T) { renewable := true - secret, err := client.Auth().Token().Create(&api.TokenCreateRequest{ + secret, err := client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Policies: []string{"default"}, Renewable: &renewable, }) @@ -1631,7 +1632,7 @@ func TestSecret_TokenIsRenewable(t *testing.T) { } token := secret.Auth.ClientToken - secret, err = client.Auth().Token().Lookup(token) + secret, err = client.Auth().Token().LookupWithContext(context.Background(), token) if err != nil { t.Fatal(err) } @@ -1653,7 +1654,7 @@ func TestSecret_TokenIsRenewable(t *testing.T) { renewable := true - secret, err := client.Auth().Token().Create(&api.TokenCreateRequest{ + secret, err := client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Policies: []string{"default"}, Renewable: &renewable, }) @@ -1663,7 +1664,7 @@ func TestSecret_TokenIsRenewable(t *testing.T) { token := secret.Auth.ClientToken client.SetToken(token) - secret, err = client.Auth().Token().LookupSelf() + secret, err = client.Auth().Token().LookupSelfWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -1685,7 +1686,7 @@ func TestSecret_TokenIsRenewable(t *testing.T) { renewable := true - secret, err := client.Auth().Token().Create(&api.TokenCreateRequest{ + secret, err := client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Policies: []string{"default"}, Renewable: &renewable, }) @@ -1694,7 +1695,7 @@ func TestSecret_TokenIsRenewable(t *testing.T) { } token := secret.Auth.ClientToken - secret, err = client.Auth().Token().Renew(token, 0) + secret, err = client.Auth().Token().RenewWithContext(context.Background(), token, 0) if err != nil { t.Fatal(err) } @@ -1716,7 +1717,7 @@ func TestSecret_TokenIsRenewable(t *testing.T) { renewable := true - secret, err := client.Auth().Token().Create(&api.TokenCreateRequest{ + secret, err := client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Policies: []string{"default"}, Renewable: &renewable, }) @@ -1726,7 +1727,7 @@ func TestSecret_TokenIsRenewable(t *testing.T) { token := secret.Auth.ClientToken client.SetToken(token) - secret, err = client.Auth().Token().RenewSelf(0) + secret, err = client.Auth().Token().RenewSelfWithContext(context.Background(), 0) if err != nil { t.Fatal(err) } @@ -1840,7 +1841,7 @@ func TestSecret_TokenTTL(t *testing.T) { if err := client.Sys().EnableAuth("userpass", "userpass", ""); err != nil { t.Fatal(err) } - if _, err := client.Logical().Write("auth/userpass/users/test", map[string]interface{}{ + if _, err := client.Logical().WriteWithContext(context.Background(), "auth/userpass/users/test", map[string]interface{}{ "password": "test", "policies": "default", "ttl": ttl.String(), @@ -1849,7 +1850,7 @@ func TestSecret_TokenTTL(t *testing.T) { t.Fatal(err) } - secret, err := client.Logical().Write("auth/userpass/login/test", map[string]interface{}{ + secret, err := client.Logical().WriteWithContext(context.Background(), "auth/userpass/login/test", map[string]interface{}{ "password": "test", }) if err != nil || secret == nil { @@ -1873,7 +1874,7 @@ func TestSecret_TokenTTL(t *testing.T) { ttl := 30 * time.Minute - secret, err := client.Auth().Token().Create(&api.TokenCreateRequest{ + secret, err := client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Policies: []string{"default"}, TTL: ttl.String(), ExplicitMaxTTL: ttl.String(), @@ -1899,7 +1900,7 @@ func TestSecret_TokenTTL(t *testing.T) { ttl := 30 * time.Minute - secret, err := client.Auth().Token().Create(&api.TokenCreateRequest{ + secret, err := client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Policies: []string{"default"}, TTL: ttl.String(), ExplicitMaxTTL: ttl.String(), @@ -1909,7 +1910,7 @@ func TestSecret_TokenTTL(t *testing.T) { } token := secret.Auth.ClientToken - secret, err = client.Auth().Token().Lookup(token) + secret, err = client.Auth().Token().LookupWithContext(context.Background(), token) if err != nil { t.Fatal(err) } @@ -1931,7 +1932,7 @@ func TestSecret_TokenTTL(t *testing.T) { ttl := 30 * time.Minute - secret, err := client.Auth().Token().Create(&api.TokenCreateRequest{ + secret, err := client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Policies: []string{"default"}, TTL: ttl.String(), ExplicitMaxTTL: ttl.String(), @@ -1942,7 +1943,7 @@ func TestSecret_TokenTTL(t *testing.T) { token := secret.Auth.ClientToken client.SetToken(token) - secret, err = client.Auth().Token().LookupSelf() + secret, err = client.Auth().Token().LookupSelfWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -1964,7 +1965,7 @@ func TestSecret_TokenTTL(t *testing.T) { ttl := 30 * time.Minute - secret, err := client.Auth().Token().Create(&api.TokenCreateRequest{ + secret, err := client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Policies: []string{"default"}, TTL: ttl.String(), ExplicitMaxTTL: ttl.String(), @@ -1974,7 +1975,7 @@ func TestSecret_TokenTTL(t *testing.T) { } token := secret.Auth.ClientToken - secret, err = client.Auth().Token().Renew(token, 0) + secret, err = client.Auth().Token().RenewWithContext(context.Background(), token, 0) if err != nil { t.Fatal(err) } @@ -1996,7 +1997,7 @@ func TestSecret_TokenTTL(t *testing.T) { ttl := 30 * time.Minute - secret, err := client.Auth().Token().Create(&api.TokenCreateRequest{ + secret, err := client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Policies: []string{"default"}, TTL: ttl.String(), ExplicitMaxTTL: ttl.String(), @@ -2007,7 +2008,7 @@ func TestSecret_TokenTTL(t *testing.T) { token := secret.Auth.ClientToken client.SetToken(token) - secret, err = client.Auth().Token().RenewSelf(0) + secret, err = client.Auth().Token().RenewSelfWithContext(context.Background(), 0) if err != nil { t.Fatal(err) } diff --git a/vault/external_tests/approle/wrapped_secretid_test.go b/vault/external_tests/approle/wrapped_secretid_test.go index 6a90d5c7b102..9dac3a31d5c8 100644 --- a/vault/external_tests/approle/wrapped_secretid_test.go +++ b/vault/external_tests/approle/wrapped_secretid_test.go @@ -1,6 +1,7 @@ package approle import ( + "context" "testing" log "github.com/hashicorp/go-hclog" @@ -44,7 +45,7 @@ func TestApproleSecretId_Wrapped(t *testing.T) { t.Fatal(err) } - _, err = client.Logical().Write("auth/approle/role/test-role-1", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/approle/role/test-role-1", map[string]interface{}{ "name": "test-role-1", }) require.NoError(t, err) @@ -53,7 +54,7 @@ func TestApproleSecretId_Wrapped(t *testing.T) { return "5m" }) - resp, err := client.Logical().Write("/auth/approle/role/test-role-1/secret-id", map[string]interface{}{}) + resp, err := client.Logical().WriteWithContext(context.Background(), "/auth/approle/role/test-role-1/secret-id", map[string]interface{}{}) require.NoError(t, err) wrappedAccessor := resp.WrapInfo.WrappedAccessor @@ -63,7 +64,7 @@ func TestApproleSecretId_Wrapped(t *testing.T) { return api.DefaultWrappingLookupFunc(operation, path) }) - unwrappedSecretid, err := client.Logical().Unwrap(wrappingToken) + unwrappedSecretid, err := client.Logical().UnwrapWithContext(context.Background(), wrappingToken) require.NoError(t, err) unwrappedAccessor := unwrappedSecretid.Data["secret_id_accessor"].(string) @@ -104,12 +105,12 @@ func TestApproleSecretId_NotWrapped(t *testing.T) { t.Fatal(err) } - _, err = client.Logical().Write("auth/approle/role/test-role-1", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/approle/role/test-role-1", map[string]interface{}{ "name": "test-role-1", }) require.NoError(t, err) - resp, err := client.Logical().Write("/auth/approle/role/test-role-1/secret-id", map[string]interface{}{}) + resp, err := client.Logical().WriteWithContext(context.Background(), "/auth/approle/role/test-role-1/secret-id", map[string]interface{}{}) require.NoError(t, err) if resp.WrapInfo != nil && resp.WrapInfo.WrappedAccessor != "" { diff --git a/vault/external_tests/expiration/expiration_test.go b/vault/external_tests/expiration/expiration_test.go index 122e11f18ae0..f7ab7319c699 100644 --- a/vault/external_tests/expiration/expiration_test.go +++ b/vault/external_tests/expiration/expiration_test.go @@ -1,6 +1,7 @@ package expiration import ( + "context" "encoding/json" "reflect" "testing" @@ -23,7 +24,7 @@ func TestExpiration_irrevocableLeaseCountsAPI(t *testing.T) { params := make(map[string][]string) params["type"] = []string{"irrevocable"} - resp, err := client.Logical().ReadWithData("sys/leases/count", params) + resp, err := client.Logical().ReadWithDataWithContext(context.Background(), "sys/leases/count", params) if err != nil { t.Fatal(err) } @@ -63,7 +64,7 @@ func TestExpiration_irrevocableLeaseCountsAPI(t *testing.T) { t.Fatal(err) } - resp, err = client.Logical().ReadWithData("sys/leases/count", params) + resp, err = client.Logical().ReadWithDataWithContext(context.Background(), "sys/leases/count", params) if err != nil { t.Fatal(err) } @@ -129,7 +130,7 @@ func TestExpiration_irrevocableLeaseListAPI(t *testing.T) { params := make(map[string][]string) params["type"] = []string{"irrevocable"} - resp, err := client.Logical().ReadWithData("sys/leases", params) + resp, err := client.Logical().ReadWithDataWithContext(context.Background(), "sys/leases", params) if err != nil { t.Fatal(err) } @@ -170,7 +171,7 @@ func TestExpiration_irrevocableLeaseListAPI(t *testing.T) { t.Fatal(err) } - resp, err = client.Logical().ReadWithData("sys/leases", params) + resp, err = client.Logical().ReadWithDataWithContext(context.Background(), "sys/leases", params) if err != nil { t.Fatal(err) } @@ -239,7 +240,7 @@ func TestExpiration_irrevocableLeaseListAPI_includeAll(t *testing.T) { params := make(map[string][]string) params["type"] = []string{"irrevocable"} - resp, err := client.Logical().ReadWithData("sys/leases", params) + resp, err := client.Logical().ReadWithDataWithContext(context.Background(), "sys/leases", params) if err != nil { t.Fatalf("unexpected error: %v", err) } @@ -253,7 +254,7 @@ func TestExpiration_irrevocableLeaseListAPI_includeAll(t *testing.T) { // now try it with the no limit on return size - we expect no errors and many results params["limit"] = []string{"none"} - resp, err = client.Logical().ReadWithData("sys/leases", params) + resp, err = client.Logical().ReadWithDataWithContext(context.Background(), "sys/leases", params) if err != nil { t.Fatalf("unexpected error when using limit=none: %v", err) } diff --git a/vault/external_tests/identity/aliases_test.go b/vault/external_tests/identity/aliases_test.go index 059524275404..c95c079cc6ab 100644 --- a/vault/external_tests/identity/aliases_test.go +++ b/vault/external_tests/identity/aliases_test.go @@ -1,6 +1,7 @@ package identity import ( + "context" "testing" "github.com/hashicorp/vault/api" @@ -34,7 +35,7 @@ func TestIdentityStore_ListAlias(t *testing.T) { t.Fatal(err) } - mounts, err := client.Sys().ListAuth() + mounts, err := client.Sys().ListAuthWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -50,7 +51,7 @@ func TestIdentityStore_ListAlias(t *testing.T) { t.Fatal("did not find github accessor") } - resp, err := client.Logical().Write("identity/entity", nil) + resp, err := client.Logical().WriteWithContext(context.Background(), "identity/entity", nil) if err != nil { t.Fatalf("err:%v resp:%#v", err, resp) } @@ -61,7 +62,7 @@ func TestIdentityStore_ListAlias(t *testing.T) { entityID := resp.Data["id"].(string) // Create an alias - resp, err = client.Logical().Write("identity/entity-alias", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "identity/entity-alias", map[string]interface{}{ "name": "testaliasname", "mount_accessor": githubAccessor, }) @@ -71,7 +72,7 @@ func TestIdentityStore_ListAlias(t *testing.T) { testAliasCanonicalID := resp.Data["canonical_id"].(string) testAliasAliasID := resp.Data["id"].(string) - resp, err = client.Logical().Write("identity/entity-alias", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "identity/entity-alias", map[string]interface{}{ "name": "entityalias", "mount_accessor": githubAccessor, "canonical_id": entityID, @@ -81,7 +82,7 @@ func TestIdentityStore_ListAlias(t *testing.T) { } entityAliasAliasID := resp.Data["id"].(string) - resp, err = client.Logical().List("identity/entity-alias/id") + resp, err = client.Logical().ListWithContext(context.Background(), "identity/entity-alias/id") if err != nil { t.Fatalf("err:%v resp:%#v", err, resp) } @@ -118,7 +119,7 @@ func TestIdentityStore_ListAlias(t *testing.T) { } // Now do the same with entity info - resp, err = client.Logical().List("identity/entity/id") + resp, err = client.Logical().ListWithContext(context.Background(), "identity/entity/id") if err != nil { t.Fatalf("err:%v resp:%#v", err, resp) } @@ -193,20 +194,20 @@ func TestIdentityStore_RenameAlias_CannotMergeEntity(t *testing.T) { t.Fatal(err) } - _, err = client.Logical().Write("auth/userpass/users/bsmith", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/userpass/users/bsmith", map[string]interface{}{ "password": "training", }) if err != nil { t.Fatal(err) } - _, err = client.Logical().Write("auth/userpass/login/bsmith", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/userpass/login/bsmith", map[string]interface{}{ "password": "training", }) if err != nil { t.Fatal(err) } - mounts, err := client.Sys().ListAuth() + mounts, err := client.Sys().ListAuthWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -223,7 +224,7 @@ func TestIdentityStore_RenameAlias_CannotMergeEntity(t *testing.T) { } // Now create a new unrelated entity and alias - entityResp, err := client.Logical().Write("identity/entity", map[string]interface{}{ + entityResp, err := client.Logical().WriteWithContext(context.Background(), "identity/entity", map[string]interface{}{ "name": "bob-smith", }) if err != nil { @@ -233,7 +234,7 @@ func TestIdentityStore_RenameAlias_CannotMergeEntity(t *testing.T) { t.Fatalf("expected a non-nil response") } - aliasResp, err := client.Logical().Write("identity/entity-alias", map[string]interface{}{ + aliasResp, err := client.Logical().WriteWithContext(context.Background(), "identity/entity-alias", map[string]interface{}{ "name": "bob", "mount_accessor": mountAccessor, }) @@ -243,7 +244,7 @@ func TestIdentityStore_RenameAlias_CannotMergeEntity(t *testing.T) { aliasID2 := aliasResp.Data["id"].(string) // Rename this new alias to have the same name as the one implicitly created by our login as bsmith - _, err = client.Logical().Write("identity/entity-alias/id/"+aliasID2, map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "identity/entity-alias/id/"+aliasID2, map[string]interface{}{ "name": "bsmith", }) if err == nil { diff --git a/vault/external_tests/identity/entities_test.go b/vault/external_tests/identity/entities_test.go index 3e92ae34eb6a..068608099764 100644 --- a/vault/external_tests/identity/entities_test.go +++ b/vault/external_tests/identity/entities_test.go @@ -1,6 +1,7 @@ package identity import ( + "context" "strings" "testing" @@ -38,7 +39,7 @@ func TestIdentityStore_EntityDisabled(t *testing.T) { } // Tune the mount - err = client.Sys().TuneMount("auth/approle", api.MountConfigInput{ + err = client.Sys().TuneMountWithContext(context.Background(), "auth/approle", api.MountConfigInput{ DefaultLeaseTTL: "5m", MaxLeaseTTL: "5m", }) @@ -47,7 +48,7 @@ func TestIdentityStore_EntityDisabled(t *testing.T) { } // Create role - resp, err := client.Logical().Write("auth/approle/role/role-period", map[string]interface{}{ + resp, err := client.Logical().WriteWithContext(context.Background(), "auth/approle/role/role-period", map[string]interface{}{ "period": "5m", }) if err != nil { @@ -55,7 +56,7 @@ func TestIdentityStore_EntityDisabled(t *testing.T) { } // Get role_id - resp, err = client.Logical().Read("auth/approle/role/role-period/role-id") + resp, err = client.Logical().ReadWithContext(context.Background(), "auth/approle/role/role-period/role-id") if err != nil { t.Fatal(err) } @@ -65,7 +66,7 @@ func TestIdentityStore_EntityDisabled(t *testing.T) { roleID := resp.Data["role_id"] // Get secret_id - resp, err = client.Logical().Write("auth/approle/role/role-period/secret-id", map[string]interface{}{}) + resp, err = client.Logical().WriteWithContext(context.Background(), "auth/approle/role/role-period/secret-id", map[string]interface{}{}) if err != nil { t.Fatal(err) } @@ -75,7 +76,7 @@ func TestIdentityStore_EntityDisabled(t *testing.T) { secretID := resp.Data["secret_id"] // Login - resp, err = client.Logical().Write("auth/approle/login", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "auth/approle/login", map[string]interface{}{ "role_id": roleID, "secret_id": secretID, }) @@ -95,7 +96,7 @@ func TestIdentityStore_EntityDisabled(t *testing.T) { roleToken := resp.Auth.ClientToken client.SetToken(roleToken) - resp, err = client.Auth().Token().LookupSelf() + resp, err = client.Auth().Token().LookupSelfWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -112,7 +113,7 @@ func TestIdentityStore_EntityDisabled(t *testing.T) { } client.SetToken(cluster.RootToken) - resp, err = client.Logical().Write("identity/entity/id/"+entityID, map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "identity/entity/id/"+entityID, map[string]interface{}{ "disabled": true, }) if err != nil { @@ -121,7 +122,7 @@ func TestIdentityStore_EntityDisabled(t *testing.T) { // This call should now fail client.SetToken(roleToken) - resp, err = client.Auth().Token().LookupSelf() + resp, err = client.Auth().Token().LookupSelfWithContext(context.Background()) if err == nil { t.Fatalf("expected error, got %#v", *resp) } @@ -131,7 +132,7 @@ func TestIdentityStore_EntityDisabled(t *testing.T) { // Attempting to get a new token should also now fail client.SetToken("") - resp, err = client.Logical().Write("auth/approle/login", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "auth/approle/login", map[string]interface{}{ "role_id": roleID, "secret_id": secretID, }) @@ -143,7 +144,7 @@ func TestIdentityStore_EntityDisabled(t *testing.T) { } client.SetToken(cluster.RootToken) - resp, err = client.Logical().Write("identity/entity/id/"+entityID, map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "identity/entity/id/"+entityID, map[string]interface{}{ "disabled": false, }) if err != nil { @@ -151,14 +152,14 @@ func TestIdentityStore_EntityDisabled(t *testing.T) { } client.SetToken(roleToken) - resp, err = client.Auth().Token().LookupSelf() + resp, err = client.Auth().Token().LookupSelfWithContext(context.Background()) if err != nil { t.Fatal(err) } // Getting a new token should now work again too client.SetToken("") - resp, err = client.Logical().Write("auth/approle/login", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "auth/approle/login", map[string]interface{}{ "role_id": roleID, "secret_id": secretID, }) @@ -202,7 +203,7 @@ func TestIdentityStore_EntityPoliciesInInitialAuth(t *testing.T) { } // Tune the mount - err = client.Sys().TuneMount("auth/approle", api.MountConfigInput{ + err = client.Sys().TuneMountWithContext(context.Background(), "auth/approle", api.MountConfigInput{ DefaultLeaseTTL: "5m", MaxLeaseTTL: "5m", }) @@ -211,7 +212,7 @@ func TestIdentityStore_EntityPoliciesInInitialAuth(t *testing.T) { } // Create role - resp, err := client.Logical().Write("auth/approle/role/role-period", map[string]interface{}{ + resp, err := client.Logical().WriteWithContext(context.Background(), "auth/approle/role/role-period", map[string]interface{}{ "period": "5m", }) if err != nil { @@ -219,7 +220,7 @@ func TestIdentityStore_EntityPoliciesInInitialAuth(t *testing.T) { } // Get role_id - resp, err = client.Logical().Read("auth/approle/role/role-period/role-id") + resp, err = client.Logical().ReadWithContext(context.Background(), "auth/approle/role/role-period/role-id") if err != nil { t.Fatal(err) } @@ -229,7 +230,7 @@ func TestIdentityStore_EntityPoliciesInInitialAuth(t *testing.T) { roleID := resp.Data["role_id"] // Get secret_id - resp, err = client.Logical().Write("auth/approle/role/role-period/secret-id", map[string]interface{}{}) + resp, err = client.Logical().WriteWithContext(context.Background(), "auth/approle/role/role-period/secret-id", map[string]interface{}{}) if err != nil { t.Fatal(err) } @@ -239,7 +240,7 @@ func TestIdentityStore_EntityPoliciesInInitialAuth(t *testing.T) { secretID := resp.Data["secret_id"] // Login - resp, err = client.Logical().Write("auth/approle/login", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "auth/approle/login", map[string]interface{}{ "role_id": roleID, "secret_id": secretID, }) @@ -267,7 +268,7 @@ func TestIdentityStore_EntityPoliciesInInitialAuth(t *testing.T) { // Check policies client.SetToken(resp.Auth.ClientToken) - resp, err = client.Auth().Token().LookupSelf() + resp, err = client.Auth().Token().LookupSelfWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -300,7 +301,7 @@ func TestIdentityStore_EntityPoliciesInInitialAuth(t *testing.T) { // Write more policies into the entity client.SetToken(cluster.RootToken) - resp, err = client.Logical().Write("identity/entity/id/"+entityID, map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "identity/entity/id/"+entityID, map[string]interface{}{ "policies": []string{"foo", "bar"}, }) if err != nil { @@ -309,7 +310,7 @@ func TestIdentityStore_EntityPoliciesInInitialAuth(t *testing.T) { // Reauthenticate to get a token with updated policies client.SetToken("") - resp, err = client.Logical().Write("auth/approle/login", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "auth/approle/login", map[string]interface{}{ "role_id": roleID, "secret_id": secretID, }) @@ -338,7 +339,7 @@ func TestIdentityStore_EntityPoliciesInInitialAuth(t *testing.T) { // Validate the policies on lookup again -- this ensures that the right // policies were encoded on the token but all were looked up successfully client.SetToken(resp.Auth.ClientToken) - resp, err = client.Auth().Token().LookupSelf() + resp, err = client.Auth().Token().LookupSelfWithContext(context.Background()) if err != nil { t.Fatal(err) } diff --git a/vault/external_tests/identity/group_aliases_test.go b/vault/external_tests/identity/group_aliases_test.go index b75533b56613..6a5debaf311a 100644 --- a/vault/external_tests/identity/group_aliases_test.go +++ b/vault/external_tests/identity/group_aliases_test.go @@ -1,6 +1,7 @@ package identity import ( + "context" "testing" "github.com/hashicorp/vault/api" @@ -37,14 +38,14 @@ func TestIdentityStore_GroupAliasLocalMount(t *testing.T) { } // Extract out the mount accessor for LDAP auth - auths, err := client.Sys().ListAuth() + auths, err := client.Sys().ListAuthWithContext(context.Background()) if err != nil { t.Fatal(err) } ldapMountAccessor := auths["ldap/"].Accessor // Create an external group - secret, err := client.Logical().Write("identity/group", map[string]interface{}{ + secret, err := client.Logical().WriteWithContext(context.Background(), "identity/group", map[string]interface{}{ "type": "external", }) if err != nil { @@ -53,7 +54,7 @@ func TestIdentityStore_GroupAliasLocalMount(t *testing.T) { groupID := secret.Data["id"].(string) // Attempt to create a group alias against a local mount should fail - secret, err = client.Logical().Write("identity/group-alias", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "identity/group-alias", map[string]interface{}{ "name": "testuser", "mount_accessor": ldapMountAccessor, "canonical_id": groupID, diff --git a/vault/external_tests/identity/groups_test.go b/vault/external_tests/identity/groups_test.go index 12dd29a51f55..a2dc4f9a1635 100644 --- a/vault/external_tests/identity/groups_test.go +++ b/vault/external_tests/identity/groups_test.go @@ -1,6 +1,7 @@ package identity import ( + "context" "testing" "github.com/hashicorp/vault/api" @@ -36,7 +37,7 @@ func TestIdentityStore_ListGroupAlias(t *testing.T) { t.Fatal(err) } - mounts, err := client.Sys().ListAuth() + mounts, err := client.Sys().ListAuthWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -52,7 +53,7 @@ func TestIdentityStore_ListGroupAlias(t *testing.T) { t.Fatal("did not find github accessor") } - resp, err := client.Logical().Write("identity/group", map[string]interface{}{ + resp, err := client.Logical().WriteWithContext(context.Background(), "identity/group", map[string]interface{}{ "type": "external", }) if err != nil { @@ -61,7 +62,7 @@ func TestIdentityStore_ListGroupAlias(t *testing.T) { groupID := resp.Data["id"].(string) - resp, err = client.Logical().Write("identity/group-alias", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "identity/group-alias", map[string]interface{}{ "name": "groupalias", "mount_accessor": githubAccessor, "canonical_id": groupID, @@ -71,7 +72,7 @@ func TestIdentityStore_ListGroupAlias(t *testing.T) { } aliasID := resp.Data["id"].(string) - resp, err = client.Logical().List("identity/group-alias/id") + resp, err = client.Logical().ListWithContext(context.Background(), "identity/group-alias/id") if err != nil { t.Fatalf("err:%v resp:%#v", err, resp) } @@ -105,7 +106,7 @@ func TestIdentityStore_ListGroupAlias(t *testing.T) { } // Now do the same with group info - resp, err = client.Logical().List("identity/group/id") + resp, err = client.Logical().ListWithContext(context.Background(), "identity/group/id") if err != nil { t.Fatalf("err:%v resp:%#v", err, resp) } @@ -173,7 +174,7 @@ func TestIdentityStore_ExternalGroupMembershipsAcrossMounts(t *testing.T) { } // Extract out the mount accessor for LDAP auth - auths, err := client.Sys().ListAuth() + auths, err := client.Sys().ListAuthWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -183,7 +184,7 @@ func TestIdentityStore_ExternalGroupMembershipsAcrossMounts(t *testing.T) { defer cleanup() // Configure LDAP auth - secret, err := client.Logical().Write("auth/ldap/config", map[string]interface{}{ + secret, err := client.Logical().WriteWithContext(context.Background(), "auth/ldap/config", map[string]interface{}{ "url": cfg.Url, "userattr": cfg.UserAttr, "userdn": cfg.UserDN, @@ -197,7 +198,7 @@ func TestIdentityStore_ExternalGroupMembershipsAcrossMounts(t *testing.T) { } // Create a group in LDAP auth - _, err = client.Logical().Write("auth/ldap/groups/testgroup1", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/ldap/groups/testgroup1", map[string]interface{}{ "policies": "testgroup1-policy", }) if err != nil { @@ -205,7 +206,7 @@ func TestIdentityStore_ExternalGroupMembershipsAcrossMounts(t *testing.T) { } // Tie the group to a user - _, err = client.Logical().Write("auth/ldap/users/hermes conrad", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/ldap/users/hermes conrad", map[string]interface{}{ "policies": "default", "groups": "testgroup1", }) @@ -214,7 +215,7 @@ func TestIdentityStore_ExternalGroupMembershipsAcrossMounts(t *testing.T) { } // Create an external group - secret, err = client.Logical().Write("identity/group", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "identity/group", map[string]interface{}{ "type": "external", }) if err != nil { @@ -223,7 +224,7 @@ func TestIdentityStore_ExternalGroupMembershipsAcrossMounts(t *testing.T) { ldapExtGroupID1 := secret.Data["id"].(string) // Associate a group from LDAP auth as a group-alias in the external group - _, err = client.Logical().Write("identity/group-alias", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "identity/group-alias", map[string]interface{}{ "name": "testgroup1", "mount_accessor": ldapMountAccessor1, "canonical_id": ldapExtGroupID1, @@ -233,7 +234,7 @@ func TestIdentityStore_ExternalGroupMembershipsAcrossMounts(t *testing.T) { } // Login using LDAP - secret, err = client.Logical().Write("auth/ldap/login/hermes conrad", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "auth/ldap/login/hermes conrad", map[string]interface{}{ "password": "hermes", }) if err != nil { @@ -247,7 +248,7 @@ func TestIdentityStore_ExternalGroupMembershipsAcrossMounts(t *testing.T) { // // Extract the entity ID of the token - secret, err = client.Logical().Write("auth/token/lookup", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "auth/token/lookup", map[string]interface{}{ "token": ldapClientToken, }) if err != nil { @@ -264,7 +265,7 @@ func TestIdentityStore_ExternalGroupMembershipsAcrossMounts(t *testing.T) { } // Extract the mount accessor - auths, err = client.Sys().ListAuth() + auths, err = client.Sys().ListAuthWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -272,7 +273,7 @@ func TestIdentityStore_ExternalGroupMembershipsAcrossMounts(t *testing.T) { // Create an entity-alias asserting that the user "hermes conrad" from the first // and second LDAP mounts as the same. - _, err = client.Logical().Write("identity/entity-alias", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "identity/entity-alias", map[string]interface{}{ "name": "hermes conrad", "mount_accessor": ldapMountAccessor2, "canonical_id": entityID, @@ -285,7 +286,7 @@ func TestIdentityStore_ExternalGroupMembershipsAcrossMounts(t *testing.T) { defer cleanup2() // Configure LDAP auth - secret, err = client.Logical().Write("auth/ldap2/config", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "auth/ldap2/config", map[string]interface{}{ "url": cfg2.Url, "userattr": cfg2.UserAttr, "userdn": cfg2.UserDN, @@ -299,7 +300,7 @@ func TestIdentityStore_ExternalGroupMembershipsAcrossMounts(t *testing.T) { } // Create a group in second LDAP auth - _, err = client.Logical().Write("auth/ldap2/groups/testgroup2", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/ldap2/groups/testgroup2", map[string]interface{}{ "policies": "testgroup2-policy", }) if err != nil { @@ -307,7 +308,7 @@ func TestIdentityStore_ExternalGroupMembershipsAcrossMounts(t *testing.T) { } // Create a user in second LDAP auth - _, err = client.Logical().Write("auth/ldap2/users/hermes conrad", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/ldap2/users/hermes conrad", map[string]interface{}{ "policies": "default", "groups": "testgroup2", }) @@ -316,7 +317,7 @@ func TestIdentityStore_ExternalGroupMembershipsAcrossMounts(t *testing.T) { } // Create another external group - secret, err = client.Logical().Write("identity/group", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "identity/group", map[string]interface{}{ "type": "external", }) if err != nil { @@ -325,7 +326,7 @@ func TestIdentityStore_ExternalGroupMembershipsAcrossMounts(t *testing.T) { ldapExtGroupID2 := secret.Data["id"].(string) // Create a group-alias tying the external group to "testgroup2" group in second LDAP - _, err = client.Logical().Write("identity/group-alias", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "identity/group-alias", map[string]interface{}{ "name": "testgroup2", "mount_accessor": ldapMountAccessor2, "canonical_id": ldapExtGroupID2, @@ -335,7 +336,7 @@ func TestIdentityStore_ExternalGroupMembershipsAcrossMounts(t *testing.T) { } // Login using second LDAP - _, err = client.Logical().Write("auth/ldap2/login/hermes conrad", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/ldap2/login/hermes conrad", map[string]interface{}{ "password": "hermes", }) if err != nil { @@ -348,7 +349,7 @@ func TestIdentityStore_ExternalGroupMembershipsAcrossMounts(t *testing.T) { // // Check that entityID is present in both the external groups - secret, err = client.Logical().Read("identity/group/id/" + ldapExtGroupID1) + secret, err = client.Logical().ReadWithContext(context.Background(), "identity/group/id/"+ldapExtGroupID1) if err != nil { t.Fatal(err) } @@ -365,7 +366,7 @@ func TestIdentityStore_ExternalGroupMembershipsAcrossMounts(t *testing.T) { t.Fatalf("missing entity ID %q first external group with ID %q", entityID, ldapExtGroupID1) } - secret, err = client.Logical().Read("identity/group/id/" + ldapExtGroupID2) + secret, err = client.Logical().ReadWithContext(context.Background(), "identity/group/id/"+ldapExtGroupID2) if err != nil { t.Fatal(err) } diff --git a/vault/external_tests/identity/identity_test.go b/vault/external_tests/identity/identity_test.go index 72f4c9b9e902..b96283de3482 100644 --- a/vault/external_tests/identity/identity_test.go +++ b/vault/external_tests/identity/identity_test.go @@ -1,6 +1,7 @@ package identity import ( + "context" "fmt" "testing" @@ -38,7 +39,7 @@ func TestIdentityStore_ExternalGroupMemberships_DifferentMounts(t *testing.T) { vault.TestWaitActive(t, core) // Create a entity - secret, err := client.Logical().Write("identity/entity", map[string]interface{}{ + secret, err := client.Logical().WriteWithContext(context.Background(), "identity/entity", map[string]interface{}{ "name": "testentityname", }) require.NoError(t, err) @@ -52,7 +53,7 @@ func TestIdentityStore_ExternalGroupMemberships_DifferentMounts(t *testing.T) { setupFunc := func(path string, cfg *ldaputil.ConfigEntry) string { // Create an external group - resp, err := client.Logical().Write("identity/group", map[string]interface{}{ + resp, err := client.Logical().WriteWithContext(context.Background(), "identity/group", map[string]interface{}{ "type": "external", "name": path + "ldap_admin_staff", "policies": []string{"admin-policy"}, @@ -69,13 +70,13 @@ func TestIdentityStore_ExternalGroupMemberships_DifferentMounts(t *testing.T) { require.NoError(t, err) // Take out its accessor - auth, err := client.Sys().ListAuth() + auth, err := client.Sys().ListAuthWithContext(context.Background()) require.NoError(t, err) accessor := auth[path+"/"].Accessor require.NotEmpty(t, accessor) // Create an external group alias - resp, err = client.Logical().Write("identity/group-alias", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "identity/group-alias", map[string]interface{}{ "name": "admin_staff", "canonical_id": groupID, "mount_accessor": accessor, @@ -83,20 +84,20 @@ func TestIdentityStore_ExternalGroupMemberships_DifferentMounts(t *testing.T) { require.NoError(t, err) // Create a user in Vault - _, err = client.Logical().Write("auth/"+path+"/users/hermes conrad", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/"+path+"/users/hermes conrad", map[string]interface{}{ "password": "hermes", }) require.NoError(t, err) // Create an entity alias - client.Logical().Write("identity/entity-alias", map[string]interface{}{ + client.Logical().WriteWithContext(context.Background(), "identity/entity-alias", map[string]interface{}{ "name": "hermes conrad", "canonical_id": entityID, "mount_accessor": accessor, }) // Configure LDAP auth - secret, err = client.Logical().Write("auth/"+path+"/config", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "auth/"+path+"/config", map[string]interface{}{ "url": cfg.Url, "userattr": cfg.UserAttr, "userdn": cfg.UserDN, @@ -107,7 +108,7 @@ func TestIdentityStore_ExternalGroupMemberships_DifferentMounts(t *testing.T) { }) require.NoError(t, err) - secret, err = client.Logical().Write("auth/"+path+"/login/hermes conrad", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "auth/"+path+"/login/hermes conrad", map[string]interface{}{ "password": "hermes", }) require.NoError(t, err) @@ -116,7 +117,7 @@ func TestIdentityStore_ExternalGroupMemberships_DifferentMounts(t *testing.T) { require.NoError(t, err) require.Contains(t, policies, "admin-policy") - secret, err = client.Logical().Read("identity/group/id/" + groupID) + secret, err = client.Logical().ReadWithContext(context.Background(), "identity/group/id/"+groupID) require.NoError(t, err) require.Contains(t, secret.Data["member_entity_ids"], entityID) @@ -127,16 +128,16 @@ func TestIdentityStore_ExternalGroupMemberships_DifferentMounts(t *testing.T) { // Remove hermes conrad from admin_staff group removeLdapGroupMember(t, config1, "admin_staff", "hermes conrad") - secret, err = client.Logical().Write("auth/ldap/login/hermes conrad", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "auth/ldap/login/hermes conrad", map[string]interface{}{ "password": "hermes", }) require.NoError(t, err) - secret, err = client.Logical().Read("identity/group/id/" + groupID1) + secret, err = client.Logical().ReadWithContext(context.Background(), "identity/group/id/"+groupID1) require.NoError(t, err) require.NotContains(t, secret.Data["member_entity_ids"], entityID) - secret, err = client.Logical().Read("identity/group/id/" + groupID2) + secret, err = client.Logical().ReadWithContext(context.Background(), "identity/group/id/"+groupID2) require.NoError(t, err) require.Contains(t, secret.Data["member_entity_ids"], entityID) } @@ -174,14 +175,14 @@ func TestIdentityStore_Integ_GroupAliases(t *testing.T) { t.Fatal(err) } - auth, err := client.Sys().ListAuth() + auth, err := client.Sys().ListAuthWithContext(context.Background()) if err != nil { t.Fatal(err) } accessor := auth["ldap/"].Accessor - secret, err := client.Logical().Write("identity/group", map[string]interface{}{ + secret, err := client.Logical().WriteWithContext(context.Background(), "identity/group", map[string]interface{}{ "type": "external", "name": "ldap_ship_crew", }) @@ -190,7 +191,7 @@ func TestIdentityStore_Integ_GroupAliases(t *testing.T) { } shipCrewGroupID := secret.Data["id"].(string) - secret, err = client.Logical().Write("identity/group", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "identity/group", map[string]interface{}{ "type": "external", "name": "ldap_admin_staff", }) @@ -199,7 +200,7 @@ func TestIdentityStore_Integ_GroupAliases(t *testing.T) { } adminStaffGroupID := secret.Data["id"].(string) - secret, err = client.Logical().Write("identity/group", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "identity/group", map[string]interface{}{ "type": "external", "name": "ldap_devops", }) @@ -208,7 +209,7 @@ func TestIdentityStore_Integ_GroupAliases(t *testing.T) { } devopsGroupID := secret.Data["id"].(string) - secret, err = client.Logical().Write("identity/group-alias", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "identity/group-alias", map[string]interface{}{ "name": "ship_crew", "canonical_id": shipCrewGroupID, "mount_accessor": accessor, @@ -217,7 +218,7 @@ func TestIdentityStore_Integ_GroupAliases(t *testing.T) { t.Fatal(err) } - secret, err = client.Logical().Write("identity/group-alias", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "identity/group-alias", map[string]interface{}{ "name": "admin_staff", "canonical_id": adminStaffGroupID, "mount_accessor": accessor, @@ -226,7 +227,7 @@ func TestIdentityStore_Integ_GroupAliases(t *testing.T) { t.Fatal(err) } - secret, err = client.Logical().Write("identity/group-alias", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "identity/group-alias", map[string]interface{}{ "name": "devops", "canonical_id": devopsGroupID, "mount_accessor": accessor, @@ -235,7 +236,7 @@ func TestIdentityStore_Integ_GroupAliases(t *testing.T) { t.Fatal(err) } - secret, err = client.Logical().Read("identity/group/id/" + shipCrewGroupID) + secret, err = client.Logical().ReadWithContext(context.Background(), "identity/group/id/"+shipCrewGroupID) if err != nil { t.Fatal(err) } @@ -246,7 +247,7 @@ func TestIdentityStore_Integ_GroupAliases(t *testing.T) { t.Fatalf("bad: group alias: %#v\n", aliasMap) } - secret, err = client.Logical().Read("identity/group/id/" + adminStaffGroupID) + secret, err = client.Logical().ReadWithContext(context.Background(), "identity/group/id/"+adminStaffGroupID) if err != nil { t.Fatal(err) } @@ -261,7 +262,7 @@ func TestIdentityStore_Integ_GroupAliases(t *testing.T) { defer cleanup() // Configure LDAP auth - secret, err = client.Logical().Write("auth/ldap/config", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "auth/ldap/config", map[string]interface{}{ "url": cfg.Url, "userattr": cfg.UserAttr, "userdn": cfg.UserDN, @@ -275,7 +276,7 @@ func TestIdentityStore_Integ_GroupAliases(t *testing.T) { } // Create a local group in LDAP backend - secret, err = client.Logical().Write("auth/ldap/groups/devops", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "auth/ldap/groups/devops", map[string]interface{}{ "policies": "default", }) if err != nil { @@ -283,7 +284,7 @@ func TestIdentityStore_Integ_GroupAliases(t *testing.T) { } // Create a local group in LDAP backend - secret, err = client.Logical().Write("auth/ldap/groups/engineers", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "auth/ldap/groups/engineers", map[string]interface{}{ "policies": "default", }) if err != nil { @@ -291,7 +292,7 @@ func TestIdentityStore_Integ_GroupAliases(t *testing.T) { } // Create a local user in LDAP - secret, err = client.Logical().Write("auth/ldap/users/hermes conrad", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "auth/ldap/users/hermes conrad", map[string]interface{}{ "policies": "default", "groups": "engineers,devops", }) @@ -300,7 +301,7 @@ func TestIdentityStore_Integ_GroupAliases(t *testing.T) { } // Login with LDAP and create a token - secret, err = client.Logical().Write("auth/ldap/login/hermes conrad", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "auth/ldap/login/hermes conrad", map[string]interface{}{ "password": "hermes", }) if err != nil { @@ -309,7 +310,7 @@ func TestIdentityStore_Integ_GroupAliases(t *testing.T) { token := secret.Auth.ClientToken // Lookup the token to get the entity ID - secret, err = client.Auth().Token().Lookup(token) + secret, err = client.Auth().Token().LookupWithContext(context.Background(), token) if err != nil { t.Fatal(err) } @@ -326,7 +327,7 @@ func TestIdentityStore_Integ_GroupAliases(t *testing.T) { addLdapGroupMember(t, cfg, "ship_crew", "hermes conrad") // Re-login with LDAP - secret, err = client.Logical().Write("auth/ldap/login/hermes conrad", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "auth/ldap/login/hermes conrad", map[string]interface{}{ "password": "hermes", }) if err != nil { @@ -406,7 +407,7 @@ func TestIdentityStore_Integ_GroupAliases(t *testing.T) { t.Fatalf("failed to remove entity ID from the group") } - _, err = client.Auth().Token().Renew(token, 0) + _, err = client.Auth().Token().RenewWithContext(context.Background(), token, 0) if err != nil { t.Fatal(err) } @@ -417,7 +418,7 @@ func TestIdentityStore_Integ_GroupAliases(t *testing.T) { assertMember(t, client, entityID, "engineer", devopsGroupID, true) // Remove user hermes conrad from the devops group in LDAP backend - secret, err = client.Logical().Write("auth/ldap/users/hermes conrad", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "auth/ldap/users/hermes conrad", map[string]interface{}{ "policies": "default", "groups": "engineers", }) @@ -427,7 +428,7 @@ func TestIdentityStore_Integ_GroupAliases(t *testing.T) { // Renewing the token now should remove its entity ID from the devops // group - _, err = client.Auth().Token().Renew(token, 0) + _, err = client.Auth().Token().RenewWithContext(context.Background(), token, 0) if err != nil { t.Fatal(err) } @@ -470,7 +471,7 @@ func TestIdentityStore_Integ_RemoveFromExternalGroup(t *testing.T) { t.Fatal(err) } - auth, err := client.Sys().ListAuth() + auth, err := client.Sys().ListAuthWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -478,7 +479,7 @@ func TestIdentityStore_Integ_RemoveFromExternalGroup(t *testing.T) { accessor := auth["ldap/"].Accessor adminPolicy := "admin_policy" - secret, err := client.Logical().Write("identity/group", map[string]interface{}{ + secret, err := client.Logical().WriteWithContext(context.Background(), "identity/group", map[string]interface{}{ "type": "external", "name": "ldap_admin_staff", "policies": []string{adminPolicy}, @@ -489,7 +490,7 @@ func TestIdentityStore_Integ_RemoveFromExternalGroup(t *testing.T) { adminStaffGroupID := secret.Data["id"].(string) adminGroupName := "admin_staff" - secret, err = client.Logical().Write("identity/group-alias", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "identity/group-alias", map[string]interface{}{ "name": adminGroupName, "canonical_id": adminStaffGroupID, "mount_accessor": accessor, @@ -498,7 +499,7 @@ func TestIdentityStore_Integ_RemoveFromExternalGroup(t *testing.T) { t.Fatal(err) } - secret, err = client.Logical().Read("identity/group/id/" + adminStaffGroupID) + secret, err = client.Logical().ReadWithContext(context.Background(), "identity/group/id/"+adminStaffGroupID) if err != nil { t.Fatal(err) } @@ -513,7 +514,7 @@ func TestIdentityStore_Integ_RemoveFromExternalGroup(t *testing.T) { defer cleanup() // Configure LDAP auth - secret, err = client.Logical().Write("auth/ldap/config", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "auth/ldap/config", map[string]interface{}{ "url": cfg.Url, "userattr": cfg.UserAttr, "userdn": cfg.UserDN, @@ -527,7 +528,7 @@ func TestIdentityStore_Integ_RemoveFromExternalGroup(t *testing.T) { } // Create a local user in LDAP - secret, err = client.Logical().Write("auth/ldap/users/hermes conrad", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "auth/ldap/users/hermes conrad", map[string]interface{}{ "policies": "default", }) if err != nil { @@ -535,7 +536,7 @@ func TestIdentityStore_Integ_RemoveFromExternalGroup(t *testing.T) { } // Login with LDAP and create a token - secret, err = client.Logical().Write("auth/ldap/login/hermes conrad", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "auth/ldap/login/hermes conrad", map[string]interface{}{ "password": "hermes", }) if err != nil { @@ -551,7 +552,7 @@ func TestIdentityStore_Integ_RemoveFromExternalGroup(t *testing.T) { } // Lookup the token to get the entity ID - secret, err = client.Auth().Token().Lookup(token) + secret, err = client.Auth().Token().LookupWithContext(context.Background(), token) if err != nil { t.Fatal(err) } @@ -563,7 +564,7 @@ func TestIdentityStore_Integ_RemoveFromExternalGroup(t *testing.T) { removeLdapGroupMember(t, cfg, adminGroupName, "hermes conrad") // Re-login with LDAP - secret, err = client.Logical().Write("auth/ldap/login/hermes conrad", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "auth/ldap/login/hermes conrad", map[string]interface{}{ "password": "hermes", }) if err != nil { @@ -584,7 +585,7 @@ func TestIdentityStore_Integ_RemoveFromExternalGroup(t *testing.T) { addLdapGroupMember(t, cfg, adminGroupName, "hermes conrad") // Re-login with LDAP - secret, err = client.Logical().Write("auth/ldap/login/hermes conrad", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "auth/ldap/login/hermes conrad", map[string]interface{}{ "password": "hermes", }) if err != nil { @@ -606,7 +607,7 @@ func TestIdentityStore_Integ_RemoveFromExternalGroup(t *testing.T) { oldToken := client.Token() client.SetToken(secret.Auth.ClientToken) - secret, err = client.Auth().Token().RenewSelf(1) + secret, err = client.Auth().Token().RenewSelfWithContext(context.Background(), 1) if err != nil { t.Fatal(err) } @@ -623,7 +624,7 @@ func TestIdentityStore_Integ_RemoveFromExternalGroup(t *testing.T) { func assertMember(t *testing.T, client *api.Client, entityID, groupName, groupID string, expectFound bool) { t.Helper() - secret, err := client.Logical().Read("identity/group/id/" + groupID) + secret, err := client.Logical().ReadWithContext(context.Background(), "identity/group/id/"+groupID) if err != nil { t.Fatal(err) } diff --git a/vault/external_tests/identity/login_mfa_duo_test.go b/vault/external_tests/identity/login_mfa_duo_test.go index 233afd4fd893..a30d5952cb06 100644 --- a/vault/external_tests/identity/login_mfa_duo_test.go +++ b/vault/external_tests/identity/login_mfa_duo_test.go @@ -1,6 +1,7 @@ package identity import ( + "context" "fmt" "net/http" "reflect" @@ -59,18 +60,18 @@ path "secret/foo" { } ` - auths, err := client.Sys().ListAuth() + auths, err := client.Sys().ListAuthWithContext(context.Background()) if err != nil { return fmt.Errorf("failed to list auth mount") } mountAccessor := auths["userpass/"].Accessor - err = client.Sys().PutPolicy("mfa_policy", rules) + err = client.Sys().PutPolicyWithContext(context.Background(), "mfa_policy", rules) if err != nil { return fmt.Errorf("failed to create mfa_policy: %v", err) } - _, err = client.Logical().Write("auth/userpass/users/vaultmfa", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/userpass/users/vaultmfa", map[string]interface{}{ "password": "testpassword", "policies": "mfa_policy", }) @@ -78,7 +79,7 @@ path "secret/foo" { return fmt.Errorf("failed to configure userpass backend: %v", err) } - secret, err := client.Logical().Write("auth/userpass/login/vaultmfa", map[string]interface{}{ + secret, err := client.Logical().WriteWithContext(context.Background(), "auth/userpass/login/vaultmfa", map[string]interface{}{ "password": "testpassword", }) if err != nil { @@ -87,7 +88,7 @@ path "secret/foo" { userpassToken := secret.Auth.ClientToken - secret, err = client.Logical().Write("auth/token/lookup", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "auth/token/lookup", map[string]interface{}{ "token": userpassToken, }) if err != nil { @@ -102,7 +103,7 @@ path "secret/foo" { "integration_key": integration_key, "api_hostname": api_hostname, } - _, err = client.Logical().Write("sys/mfa/method/duo/my_duo", mfaConfigData) + _, err = client.Logical().WriteWithContext(context.Background(), "sys/mfa/method/duo/my_duo", mfaConfigData) if err != nil { return fmt.Errorf("failed to persist TOTP MFA configuration: %v", err) } @@ -111,7 +112,7 @@ path "secret/foo" { genericData := map[string]interface{}{ "somedata": "which can only be read if MFA succeeds", } - _, err = client.Logical().Write("secret/foo", genericData) + _, err = client.Logical().WriteWithContext(context.Background(), "secret/foo", genericData) if err != nil { return fmt.Errorf("failed to store data in generic backend: %v", err) } @@ -179,19 +180,19 @@ func TestInteg_LoginMFADUO(t *testing.T) { func mfaGenerateLoginDUOTest(client *api.Client) error { var err error - auths, err := client.Sys().ListAuth() + auths, err := client.Sys().ListAuthWithContext(context.Background()) if err != nil { return fmt.Errorf("failed to list auth mount") } mountAccessor := auths["userpass/"].Accessor - _, err = client.Logical().Write("auth/userpass/users/vaultmfa", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/userpass/users/vaultmfa", map[string]interface{}{ "password": "testpassword", }) if err != nil { return fmt.Errorf("failed to configure userpass backend: %v", err) } - secret, err := client.Logical().Write("identity/entity", map[string]interface{}{ + secret, err := client.Logical().WriteWithContext(context.Background(), "identity/entity", map[string]interface{}{ "name": "test", }) if err != nil { @@ -199,7 +200,7 @@ func mfaGenerateLoginDUOTest(client *api.Client) error { } entityID := secret.Data["id"].(string) - _, err = client.Logical().Write("identity/entity-alias", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "identity/entity-alias", map[string]interface{}{ "name": "vaultmfa", "canonical_id": entityID, "mount_accessor": mountAccessor, @@ -218,7 +219,7 @@ func mfaGenerateLoginDUOTest(client *api.Client) error { "integration_key": integration_key, "api_hostname": api_hostname, } - resp, err := client.Logical().Write("identity/mfa/method/duo", mfaConfigData) + resp, err := client.Logical().WriteWithContext(context.Background(), "identity/mfa/method/duo", mfaConfigData) if err != nil || (resp == nil) { return fmt.Errorf("bad: resp: %#v\n err: %v", resp, err) @@ -230,7 +231,7 @@ func mfaGenerateLoginDUOTest(client *api.Client) error { } // creating MFAEnforcementConfig - _, err = client.Logical().Write("identity/mfa/login-enforcement/randomName", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "identity/mfa/login-enforcement/randomName", map[string]interface{}{ "auth_method_accessors": []string{mountAccessor}, "auth_method_types": []string{"userpass"}, "identity_entity_ids": []string{entityID}, @@ -242,7 +243,7 @@ func mfaGenerateLoginDUOTest(client *api.Client) error { } } - secret, err = client.Logical().Write("auth/userpass/login/vaultmfa", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "auth/userpass/login/vaultmfa", map[string]interface{}{ "password": "testpassword", }) if err != nil { @@ -272,7 +273,7 @@ func mfaGenerateLoginDUOTest(client *api.Client) error { } // validation - secret, err = client.Logical().Write("sys/mfa/validate", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "sys/mfa/validate", map[string]interface{}{ "mfa_request_id": secret.Auth.MFARequirement.MFARequestID, "mfa_payload": map[string][]string{ methodID: {}, diff --git a/vault/external_tests/identity/login_mfa_okta_test.go b/vault/external_tests/identity/login_mfa_okta_test.go index c80825af4a33..e358bf485e47 100644 --- a/vault/external_tests/identity/login_mfa_okta_test.go +++ b/vault/external_tests/identity/login_mfa_okta_test.go @@ -1,6 +1,7 @@ package identity import ( + "context" "fmt" "reflect" "testing" @@ -43,7 +44,7 @@ func TestOktaEngineMFA(t *testing.T) { t.Fatalf("failed to enable okta auth: %v", err) } - _, err = client.Logical().Write("auth/okta/config", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/okta/config", map[string]interface{}{ "base_url": "okta.com", "org_name": org_name, "api_token": api_token, @@ -52,14 +53,14 @@ func TestOktaEngineMFA(t *testing.T) { t.Fatalf("error configuring okta mount: %v", err) } - _, err = client.Logical().Write("auth/okta/groups/testgroup", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/okta/groups/testgroup", map[string]interface{}{ "policies": "default", }) if err != nil { t.Fatalf("error configuring okta group, %v", err) } - _, err = client.Logical().Write("auth/okta/login/", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/okta/login/", map[string]interface{}{ "password": "", }) if err != nil { @@ -101,20 +102,20 @@ path "secret/foo" { } ` - err = client.Sys().PutPolicy("mfa_policy", rules) + err = client.Sys().PutPolicyWithContext(context.Background(), "mfa_policy", rules) if err != nil { return fmt.Errorf("failed to create mfa_policy: %v", err) } // listing auth mounts to find the mount accessor for the userpass - auths, err := client.Sys().ListAuth() + auths, err := client.Sys().ListAuthWithContext(context.Background()) if err != nil { return fmt.Errorf("error listing auth mounts") } mountAccessor := auths["userpass/"].Accessor // creating a user in userpass - _, err = client.Logical().Write("auth/userpass/users/testuser", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/userpass/users/testuser", map[string]interface{}{ "password": "testpassword", }) if err != nil { @@ -122,7 +123,7 @@ path "secret/foo" { } // creating an identity with email metadata to be used for MFA validation - secret, err := client.Logical().Write("identity/entity", map[string]interface{}{ + secret, err := client.Logical().WriteWithContext(context.Background(), "identity/entity", map[string]interface{}{ "name": "test-entity", "policies": "mfa_policy", "metadata": map[string]string{ @@ -135,7 +136,7 @@ path "secret/foo" { entityID := secret.Data["id"].(string) // assigning the entity ID to the testuser alias - _, err = client.Logical().Write("identity/entity-alias", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "identity/entity-alias", map[string]interface{}{ "name": "testuser", "canonical_id": entityID, "mount_accessor": mountAccessor, @@ -151,7 +152,7 @@ path "secret/foo" { "primary_email": true, "username_format": "{{entity.metadata.email}}", } - _, err = client.Logical().Write("sys/mfa/method/okta/my_okta", mfaConfigData) + _, err = client.Logical().WriteWithContext(context.Background(), "sys/mfa/method/okta/my_okta", mfaConfigData) if err != nil { return fmt.Errorf("failed to persist TOTP MFA configuration: %v", err) } @@ -160,7 +161,7 @@ path "secret/foo" { genericData := map[string]interface{}{ "somedata": "which can only be read if MFA succeeds", } - _, err = client.Logical().Write("secret/foo", genericData) + _, err = client.Logical().WriteWithContext(context.Background(), "secret/foo", genericData) if err != nil { return fmt.Errorf("failed to store data in generic backend: %v", err) } @@ -171,7 +172,7 @@ path "secret/foo" { defer client.SetToken(originalToken) // login to the testuser - secret, err = client.Logical().Write("auth/userpass/login/testuser", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "auth/userpass/login/testuser", map[string]interface{}{ "password": "testpassword", }) if err != nil { @@ -181,7 +182,7 @@ path "secret/foo" { userpassToken := secret.Auth.ClientToken client.SetToken(userpassToken) - secret, err = client.Logical().Read("secret/foo") + secret, err = client.Logical().ReadWithContext(context.Background(), "secret/foo") if err != nil { return fmt.Errorf("failed to read the secret: %v", err) } @@ -224,20 +225,20 @@ func TestInteg_LoginMFAOkta(t *testing.T) { func mfaGenerateOktaLoginMFATest(client *api.Client) error { var err error - auths, err := client.Sys().ListAuth() + auths, err := client.Sys().ListAuthWithContext(context.Background()) if err != nil { return fmt.Errorf("failed to list auth mounts") } mountAccessor := auths["userpass/"].Accessor - _, err = client.Logical().Write("auth/userpass/users/testuser", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/userpass/users/testuser", map[string]interface{}{ "password": "testpassword", }) if err != nil { return fmt.Errorf("failed to configure userpass backend: %v", err) } - secret, err := client.Logical().Write("identity/entity", map[string]interface{}{ + secret, err := client.Logical().WriteWithContext(context.Background(), "identity/entity", map[string]interface{}{ "name": "test-entity", "metadata": map[string]string{ "email": "", @@ -248,7 +249,7 @@ func mfaGenerateOktaLoginMFATest(client *api.Client) error { } entityID := secret.Data["id"].(string) - _, err = client.Logical().Write("identity/entity-alias", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "identity/entity-alias", map[string]interface{}{ "name": "testuser", "canonical_id": entityID, "mount_accessor": mountAccessor, @@ -269,7 +270,7 @@ func mfaGenerateOktaLoginMFATest(client *api.Client) error { "primary_email": true, "username_format": "{{entity.metadata.email}}", } - resp, err := client.Logical().Write("identity/mfa/method-id/okta", mfaConfigData) + resp, err := client.Logical().WriteWithContext(context.Background(), "identity/mfa/method-id/okta", mfaConfigData) if err != nil || (resp == nil) { return fmt.Errorf("bad: resp: %#v\n err: %v", resp, err) @@ -280,7 +281,7 @@ func mfaGenerateOktaLoginMFATest(client *api.Client) error { return fmt.Errorf("method ID is empty") } // creating MFAEnforcementConfig - _, err = client.Logical().Write("identity/mfa/login-enforcement/randomName", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "identity/mfa/login-enforcement/randomName", map[string]interface{}{ "auth_method_accessors": []string{mountAccessor}, "auth_method_types": []string{"userpass"}, "identity_entity_ids": []string{entityID}, @@ -292,7 +293,7 @@ func mfaGenerateOktaLoginMFATest(client *api.Client) error { } } - secret, err = client.Logical().Write("auth/userpass/login/testuser", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "auth/userpass/login/testuser", map[string]interface{}{ "password": "testpassword", }) if err != nil { @@ -322,7 +323,7 @@ func mfaGenerateOktaLoginMFATest(client *api.Client) error { } // validation - secret, err = client.Logical().Write("sys/mfa/validate", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "sys/mfa/validate", map[string]interface{}{ "mfa_request_id": secret.Auth.MFARequirement.MFARequestID, "mfa_payload": map[string][]string{ methodID: {}, @@ -338,7 +339,7 @@ func mfaGenerateOktaLoginMFATest(client *api.Client) error { } client.SetToken(client.Token()) - secret, err = client.Logical().Write("auth/token/lookup", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "auth/token/lookup", map[string]interface{}{ "token": userpassToken, }) if err != nil { diff --git a/vault/external_tests/identity/login_mfa_totp_test.go b/vault/external_tests/identity/login_mfa_totp_test.go index 19869bdb7825..ace0633f1fe4 100644 --- a/vault/external_tests/identity/login_mfa_totp_test.go +++ b/vault/external_tests/identity/login_mfa_totp_test.go @@ -45,7 +45,7 @@ func TestLoginMfaGenerateTOTPTestAuditIncluded(t *testing.T) { client := cluster.Cores[0].Client // Enable the audit backend - err := client.Sys().EnableAuditWithOptions("noop", &api.EnableAuditOptions{Type: "noop"}) + err := client.Sys().EnableAuditWithOptionsWithContext(context.Background(), "noop", &api.EnableAuditOptions{Type: "noop"}) if err != nil { t.Fatal(err) } @@ -54,7 +54,7 @@ func TestLoginMfaGenerateTOTPTestAuditIncluded(t *testing.T) { mountInfo := &api.MountInput{ Type: "totp", } - err = client.Sys().Mount("totp", mountInfo) + err = client.Sys().MountWithContext(context.Background(), "totp", mountInfo) if err != nil { t.Fatalf("failed to mount totp backend: %v", err) } @@ -68,14 +68,14 @@ func TestLoginMfaGenerateTOTPTestAuditIncluded(t *testing.T) { } // Creating a user in the userpass auth mount - _, err = client.Logical().Write("auth/userpass/users/testuser", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/userpass/users/testuser", map[string]interface{}{ "password": "testpassword", }) if err != nil { t.Fatalf("failed to configure userpass backend: %v", err) } - auths, err := client.Sys().ListAuth() + auths, err := client.Sys().ListAuthWithContext(context.Background()) if err != nil { t.Fatalf("bb") } @@ -93,7 +93,7 @@ func TestLoginMfaGenerateTOTPTestAuditIncluded(t *testing.T) { var entityID string var groupID string { - resp, err := userClient.Logical().Write("identity/entity", map[string]interface{}{ + resp, err := userClient.Logical().WriteWithContext(context.Background(), "identity/entity", map[string]interface{}{ "name": "test-entity", "metadata": map[string]string{ "email": "test@hashicorp.com", @@ -106,7 +106,7 @@ func TestLoginMfaGenerateTOTPTestAuditIncluded(t *testing.T) { entityID = resp.Data["id"].(string) // Create a group - resp, err = client.Logical().Write("identity/group", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "identity/group", map[string]interface{}{ "name": "engineering", "member_entity_ids": []string{entityID}, }) @@ -115,7 +115,7 @@ func TestLoginMfaGenerateTOTPTestAuditIncluded(t *testing.T) { } groupID = resp.Data["id"].(string) - _, err = client.Logical().Write("identity/entity-alias", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "identity/entity-alias", map[string]interface{}{ "name": "testuser", "canonical_id": entityID, "mount_accessor": mountAccessor, @@ -133,7 +133,7 @@ func TestLoginMfaGenerateTOTPTestAuditIncluded(t *testing.T) { // login MFA { // create a config - resp1, err := client.Logical().Write("identity/mfa/method/totp", map[string]interface{}{ + resp1, err := client.Logical().WriteWithContext(context.Background(), "identity/mfa/method/totp", map[string]interface{}{ "issuer": "yCorp", "period": 5, "algorithm": "SHA1", @@ -152,7 +152,7 @@ func TestLoginMfaGenerateTOTPTestAuditIncluded(t *testing.T) { t.Fatalf("method ID is empty") } - secret, err := client.Logical().Write(fmt.Sprintf("identity/mfa/method/totp/admin-generate"), map[string]interface{}{ + secret, err := client.Logical().WriteWithContext(context.Background(), fmt.Sprintf("identity/mfa/method/totp/admin-generate"), map[string]interface{}{ "entity_id": entityID, "method_id": methodID, }) @@ -161,21 +161,21 @@ func TestLoginMfaGenerateTOTPTestAuditIncluded(t *testing.T) { } totpURL := secret.Data["url"].(string) - _, err = client.Logical().Write("totp/keys/loginMFA", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "totp/keys/loginMFA", map[string]interface{}{ "url": totpURL, }) if err != nil { t.Fatalf("failed to register a TOTP URL: %v", err) } - secret, err = client.Logical().Read("totp/code/loginMFA") + secret, err = client.Logical().ReadWithContext(context.Background(), "totp/code/loginMFA") if err != nil { t.Fatalf("failed to create totp passcode: %v", err) } totpPasscode = secret.Data["code"].(string) // creating MFAEnforcementConfig - _, err = client.Logical().Write("identity/mfa/login-enforcement/randomName", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "identity/mfa/login-enforcement/randomName", map[string]interface{}{ "auth_method_accessors": []string{mountAccessor}, "auth_method_types": []string{"userpass"}, "identity_group_ids": []string{groupID}, @@ -189,7 +189,7 @@ func TestLoginMfaGenerateTOTPTestAuditIncluded(t *testing.T) { // MFA single-phase login userClient.AddHeader("X-Vault-MFA", fmt.Sprintf("%s:%s", methodID, totpPasscode)) - secret, err = userClient.Logical().Write("auth/userpass/login/testuser", map[string]interface{}{ + secret, err = userClient.Logical().WriteWithContext(context.Background(), "auth/userpass/login/testuser", map[string]interface{}{ "password": "testpassword", }) if err != nil { @@ -199,7 +199,7 @@ func TestLoginMfaGenerateTOTPTestAuditIncluded(t *testing.T) { userpassToken = secret.Auth.ClientToken userClient.SetToken(client.Token()) - secret, err = userClient.Logical().Write("auth/token/lookup", map[string]interface{}{ + secret, err = userClient.Logical().WriteWithContext(context.Background(), "auth/token/lookup", map[string]interface{}{ "token": userpassToken, }) if err != nil { @@ -219,7 +219,7 @@ func TestLoginMfaGenerateTOTPTestAuditIncluded(t *testing.T) { headers := user2Client.Headers() headers.Del("X-Vault-MFA") user2Client.SetHeaders(headers) - secret, err = user2Client.Logical().Write("auth/userpass/login/testuser", map[string]interface{}{ + secret, err = user2Client.Logical().WriteWithContext(context.Background(), "auth/userpass/login/testuser", map[string]interface{}{ "password": "testpassword", }) if err != nil { @@ -256,13 +256,13 @@ func TestLoginMfaGenerateTOTPTestAuditIncluded(t *testing.T) { // waiting for 5 seconds so that a fresh code could be generated time.Sleep(5 * time.Second) // getting a fresh totp passcode for the validation step - totpResp, err := client.Logical().Read("totp/code/loginMFA") + totpResp, err := client.Logical().ReadWithContext(context.Background(), "totp/code/loginMFA") if err != nil { t.Fatalf("failed to create totp passcode: %v", err) } totpPasscode = totpResp.Data["code"].(string) - secret, err = user2Client.Logical().Write("sys/mfa/validate", map[string]interface{}{ + secret, err = user2Client.Logical().WriteWithContext(context.Background(), "sys/mfa/validate", map[string]interface{}{ "mfa_request_id": secret.Auth.MFARequirement.MFARequestID, "mfa_payload": map[string][]string{ methodID: {totpPasscode}, @@ -291,7 +291,7 @@ func TestLoginMfaGenerateTOTPTestAuditIncluded(t *testing.T) { } // check for login request expiration - secret, err = user2Client.Logical().Write("auth/userpass/login/testuser", map[string]interface{}{ + secret, err = user2Client.Logical().WriteWithContext(context.Background(), "auth/userpass/login/testuser", map[string]interface{}{ "password": "testpassword", }) if err != nil { @@ -302,7 +302,7 @@ func TestLoginMfaGenerateTOTPTestAuditIncluded(t *testing.T) { t.Fatalf("two phase login returned nil MFARequirement") } - _, err = user2Client.Logical().Write("sys/mfa/validate", map[string]interface{}{ + _, err = user2Client.Logical().WriteWithContext(context.Background(), "sys/mfa/validate", map[string]interface{}{ "mfa_request_id": secret.Auth.MFARequirement.MFARequestID, "mfa_payload": map[string][]string{ methodID: {totpPasscode}, @@ -316,7 +316,7 @@ func TestLoginMfaGenerateTOTPTestAuditIncluded(t *testing.T) { } // Destroy the secret so that the token can self generate - _, err = userClient.Logical().Write(fmt.Sprintf("identity/mfa/method/totp/admin-destroy"), map[string]interface{}{ + _, err = userClient.Logical().WriteWithContext(context.Background(), fmt.Sprintf("identity/mfa/method/totp/admin-destroy"), map[string]interface{}{ "entity_id": entityID, "method_id": methodID, }) diff --git a/vault/external_tests/identity/oidc_provider_test.go b/vault/external_tests/identity/oidc_provider_test.go index 3b849566097b..5a338740df5c 100644 --- a/vault/external_tests/identity/oidc_provider_test.go +++ b/vault/external_tests/identity/oidc_provider_test.go @@ -529,7 +529,7 @@ func TestOIDC_Auth_Code_Flow_Confidential_CAP_Client(t *testing.T) { client.SetToken(clientToken) // Update allowed client IDs before the authentication flow - _, err = client.Logical().Write("identity/oidc/provider/test-provider", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "identity/oidc/provider/test-provider", map[string]interface{}{ "allowed_client_ids": []string{clientID}, }) require.NoError(t, err) @@ -599,7 +599,7 @@ func TestOIDC_Auth_Code_Flow_Confidential_CAP_Client(t *testing.T) { // Assert that the access token is no longer able to obtain user info // after removing the client from the provider's allowed client ids - _, err = client.Logical().Write("identity/oidc/provider/test-provider", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "identity/oidc/provider/test-provider", map[string]interface{}{ "allowed_client_ids": []string{}, }) require.NoError(t, err) @@ -860,7 +860,7 @@ func TestOIDC_Auth_Code_Flow_Public_CAP_Client(t *testing.T) { client.SetToken(clientToken) // Update allowed client IDs before the authentication flow - _, err = client.Logical().Write("identity/oidc/provider/test-provider", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "identity/oidc/provider/test-provider", map[string]interface{}{ "allowed_client_ids": []string{clientID}, }) require.NoError(t, err) @@ -935,7 +935,7 @@ func TestOIDC_Auth_Code_Flow_Public_CAP_Client(t *testing.T) { // Assert that the access token is no longer able to obtain user info // after removing the client from the provider's allowed client ids - _, err = client.Logical().Write("identity/oidc/provider/test-provider", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "identity/oidc/provider/test-provider", map[string]interface{}{ "allowed_client_ids": []string{}, }) require.NoError(t, err) diff --git a/vault/external_tests/kv/kv_patch_test.go b/vault/external_tests/kv/kv_patch_test.go index 52e60215dd74..98f9725fc64a 100644 --- a/vault/external_tests/kv/kv_patch_test.go +++ b/vault/external_tests/kv/kv_patch_test.go @@ -237,7 +237,7 @@ func TestKV_Patch_RootToken(t *testing.T) { client.SetToken(cluster.RootToken) // Enable KVv2 - err := client.Sys().Mount("kv", &api.MountInput{ + err := client.Sys().MountWithContext(context.Background(), "kv", &api.MountInput{ Type: "kv-v2", }) if err != nil { @@ -252,7 +252,7 @@ func TestKV_Patch_RootToken(t *testing.T) { }, } - return client.Logical().Write("kv/data/foo", data) + return client.Logical().WriteWithContext(context.Background(), "kv/data/foo", data) }) if err != nil { @@ -273,7 +273,7 @@ func TestKV_Patch_RootToken(t *testing.T) { } secretRaw, err := kvRequestWithRetry(t, func() (interface{}, error) { - return client.Logical().Read("kv/data/foo") + return client.Logical().ReadWithContext(context.Background(), "kv/data/foo") }) if err != nil { t.Fatal(err) diff --git a/vault/external_tests/kv/kvv2_upgrade_test.go b/vault/external_tests/kv/kvv2_upgrade_test.go index 3d3eb486f207..320b8353f946 100644 --- a/vault/external_tests/kv/kvv2_upgrade_test.go +++ b/vault/external_tests/kv/kvv2_upgrade_test.go @@ -48,7 +48,7 @@ func TestKVv2_UpgradePaths(t *testing.T) { client := core.Client // Enable KVv2 - err := client.Sys().Mount("kv", &api.MountInput{ + err := client.Sys().MountWithContext(context.Background(), "kv", &api.MountInput{ Type: "kv-v2", }) if err != nil { diff --git a/vault/external_tests/metrics/core_metrics_int_test.go b/vault/external_tests/metrics/core_metrics_int_test.go index cc19ae0a7b48..2b4a52d0b375 100644 --- a/vault/external_tests/metrics/core_metrics_int_test.go +++ b/vault/external_tests/metrics/core_metrics_int_test.go @@ -49,7 +49,7 @@ func TestMountTableMetrics(t *testing.T) { } // Mount new kv - if err = client.Sys().Mount("kv", &api.MountInput{ + if err = client.Sys().MountWithContext(context.Background(), "kv", &api.MountInput{ Type: "kv", Options: map[string]string{ "version": "2", @@ -166,7 +166,7 @@ func TestLeaderReElectionMetrics(t *testing.T) { t.Errorf("unseal metric or leader metric are missing") } - err = client.Sys().StepDown() + err = client.Sys().StepDownWithContext(context.Background()) if err != nil { t.Fatal(err) } diff --git a/vault/external_tests/mfa/login_mfa_test.go b/vault/external_tests/mfa/login_mfa_test.go index cd8dfd6849ed..fba6f02bd8c1 100644 --- a/vault/external_tests/mfa/login_mfa_test.go +++ b/vault/external_tests/mfa/login_mfa_test.go @@ -1,6 +1,7 @@ package mfa import ( + "context" "fmt" "strings" "testing" @@ -37,7 +38,7 @@ func TestLoginMFA_Method_CRUD(t *testing.T) { t.Fatalf("failed to enable userpass auth: %v", err) } - auths, err := client.Sys().ListAuth() + auths, err := client.Sys().ListAuthWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -110,7 +111,7 @@ func TestLoginMFA_Method_CRUD(t *testing.T) { t.Run(tc.methodName, func(t *testing.T) { // create a new method config myPath := fmt.Sprintf("identity/mfa/method/%s", tc.methodName) - resp, err := client.Logical().Write(myPath, tc.configData) + resp, err := client.Logical().WriteWithContext(context.Background(), myPath, tc.configData) if err != nil { t.Fatal(err) } @@ -123,7 +124,7 @@ func TestLoginMFA_Method_CRUD(t *testing.T) { myNewPath := fmt.Sprintf("%s/%s", myPath, methodId) // read it back - resp, err = client.Logical().Read(myNewPath) + resp, err = client.Logical().ReadWithContext(context.Background(), myNewPath) if err != nil { t.Fatal(err) } @@ -133,7 +134,7 @@ func TestLoginMFA_Method_CRUD(t *testing.T) { } // listing should show it - resp, err = client.Logical().List(myPath) + resp, err = client.Logical().ListWithContext(context.Background(), myPath) if err != nil { t.Fatal(err) } @@ -143,12 +144,12 @@ func TestLoginMFA_Method_CRUD(t *testing.T) { // update it tc.configData[tc.keyToUpdate] = tc.valueToUpdate - _, err = client.Logical().Write(myNewPath, tc.configData) + _, err = client.Logical().WriteWithContext(context.Background(), myNewPath, tc.configData) if err != nil { t.Fatal(err) } - resp, err = client.Logical().Read(myNewPath) + resp, err = client.Logical().ReadWithContext(context.Background(), myNewPath) if err != nil { t.Fatal(err) } @@ -165,13 +166,13 @@ func TestLoginMFA_Method_CRUD(t *testing.T) { } // delete it - _, err = client.Logical().Delete(myNewPath) + _, err = client.Logical().DeleteWithContext(context.Background(), myNewPath) if err != nil { t.Fatal(err) } // try to read it again - should 404 - resp, err = client.Logical().Read(myNewPath) + resp, err = client.Logical().ReadWithContext(context.Background(), myNewPath) if !(resp == nil && err == nil) { t.Fatal("expected a 404 but didn't get one") } @@ -199,7 +200,7 @@ func TestLoginMFA_LoginEnforcement_CRUD(t *testing.T) { configIDs := make([]string, 0) for i := 0; i < 2; i++ { - resp, err := client.Logical().Write("identity/mfa/method/totp", map[string]interface{}{ + resp, err := client.Logical().WriteWithContext(context.Background(), "identity/mfa/method/totp", map[string]interface{}{ "issuer": fmt.Sprintf("fooCorp%d", i), "period": 10, "algorithm": "SHA1", @@ -223,7 +224,7 @@ func TestLoginMFA_LoginEnforcement_CRUD(t *testing.T) { t.Fatal(err) } - auths, err := client.Sys().ListAuth() + auths, err := client.Sys().ListAuthWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -234,19 +235,19 @@ func TestLoginMFA_LoginEnforcement_CRUD(t *testing.T) { } // create a few entities - resp, err := client.Logical().Write("identity/entity", map[string]interface{}{"name": "bob"}) + resp, err := client.Logical().WriteWithContext(context.Background(), "identity/entity", map[string]interface{}{"name": "bob"}) if err != nil { t.Fatal(err) } bobId := resp.Data["id"].(string) - resp, err = client.Logical().Write("identity/entity", map[string]interface{}{"name": "alice"}) + resp, err = client.Logical().WriteWithContext(context.Background(), "identity/entity", map[string]interface{}{"name": "alice"}) if err != nil { t.Fatal(err) } aliceId := resp.Data["id"].(string) // create a few groups - resp, err = client.Logical().Write("identity/group", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "identity/group", map[string]interface{}{ "metadata": map[string]interface{}{"rad": true}, "member_entity_ids": []string{aliceId}, }) @@ -255,7 +256,7 @@ func TestLoginMFA_LoginEnforcement_CRUD(t *testing.T) { } radGroupId := resp.Data["id"].(string) - resp, err = client.Logical().Write("identity/group", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "identity/group", map[string]interface{}{ "metadata": map[string]interface{}{"sad": true}, "member_entity_ids": []string{bobId}, }) @@ -271,13 +272,13 @@ func TestLoginMFA_LoginEnforcement_CRUD(t *testing.T) { } // create a login enforcement config - _, err = client.Logical().Write(myPath, data) + _, err = client.Logical().WriteWithContext(context.Background(), myPath, data) if err != nil { t.Fatal(err) } // read it back - resp, err = client.Logical().Read(myPath) + resp, err = client.Logical().ReadWithContext(context.Background(), myPath) if err != nil { t.Fatal(err) } @@ -292,7 +293,7 @@ func TestLoginMFA_LoginEnforcement_CRUD(t *testing.T) { } // listing should show it - resp, err = client.Logical().List("identity/mfa/login-enforcement") + resp, err = client.Logical().ListWithContext(context.Background(), "identity/mfa/login-enforcement") if err != nil { t.Fatal(err) } @@ -303,13 +304,13 @@ func TestLoginMFA_LoginEnforcement_CRUD(t *testing.T) { // update it data["identity_group_ids"] = []string{radGroupId, sadGroupId} data["identity_entity_ids"] = []string{bobId, aliceId} - _, err = client.Logical().Write(myPath, data) + _, err = client.Logical().WriteWithContext(context.Background(), myPath, data) if err != nil { t.Fatal(err) } // read it back - resp, err = client.Logical().Read(myPath) + resp, err = client.Logical().ReadWithContext(context.Background(), myPath) if err != nil { t.Fatal(err) } @@ -324,13 +325,13 @@ func TestLoginMFA_LoginEnforcement_CRUD(t *testing.T) { } // delete it - _, err = client.Logical().Delete(myPath) + _, err = client.Logical().DeleteWithContext(context.Background(), myPath) if err != nil { t.Fatal(err) } // try to read it back again - should 404 - resp, err = client.Logical().Read(myPath) + resp, err = client.Logical().ReadWithContext(context.Background(), myPath) // when both the response and the error are nil on a read request, that gets translated into a 404 if !(resp == nil && err == nil) { @@ -351,7 +352,7 @@ func TestLoginMFA_LoginEnforcement_MethodIdsIsRequired(t *testing.T) { client := cluster.Cores[0].Client // create a login enforcement config, which should fail - _, err := client.Logical().Write("identity/mfa/login-enforcement/foo", map[string]interface{}{}) + _, err := client.Logical().WriteWithContext(context.Background(), "identity/mfa/login-enforcement/foo", map[string]interface{}{}) if err == nil { t.Fatal("expected an error but didn't get one") } @@ -377,7 +378,7 @@ func TestLoginMFA_LoginEnforcement_RequiredParameters(t *testing.T) { configIDs := make([]string, 0) for i := 0; i < 2; i++ { - resp, err := client.Logical().Write("identity/mfa/method/totp", map[string]interface{}{ + resp, err := client.Logical().WriteWithContext(context.Background(), "identity/mfa/method/totp", map[string]interface{}{ "issuer": fmt.Sprintf("fooCorp%d", i), "period": 10, "algorithm": "SHA1", @@ -394,7 +395,7 @@ func TestLoginMFA_LoginEnforcement_RequiredParameters(t *testing.T) { } // create a login enforcement config, which should fail - _, err := client.Logical().Write("identity/mfa/login-enforcement/foo", map[string]interface{}{ + _, err := client.Logical().WriteWithContext(context.Background(), "identity/mfa/login-enforcement/foo", map[string]interface{}{ "mfa_method_ids": []string{configIDs[0], configIDs[1]}, }) if err == nil { @@ -416,7 +417,7 @@ func TestLoginMFA_UpdateNonExistentConfig(t *testing.T) { vault.TestWaitActive(t, core) client := cluster.Cores[0].Client - _, err := client.Logical().Write("mfa/method/totp/a51884c6-51f2-bdc3-f4c5-0da64fe4d061", map[string]interface{}{ + _, err := client.Logical().WriteWithContext(context.Background(), "mfa/method/totp/a51884c6-51f2-bdc3-f4c5-0da64fe4d061", map[string]interface{}{ "issuer": "yCorp", "period": 10, "algorithm": "SHA1", diff --git a/vault/external_tests/misc/recover_from_panic_test.go b/vault/external_tests/misc/recover_from_panic_test.go index 403b589e2974..78afdae409c0 100644 --- a/vault/external_tests/misc/recover_from_panic_test.go +++ b/vault/external_tests/misc/recover_from_panic_test.go @@ -1,6 +1,7 @@ package misc import ( + "context" "testing" "github.com/hashicorp/go-hclog" @@ -31,14 +32,14 @@ func TestRecoverFromPanic(t *testing.T) { vault.TestWaitActive(t, core.Core) client := core.Client - err := client.Sys().Mount("noop", &api.MountInput{ + err := client.Sys().MountWithContext(context.Background(), "noop", &api.MountInput{ Type: "noop", }) if err != nil { t.Fatal(err) } - _, err = client.Logical().Read("noop/panic") + _, err = client.Logical().ReadWithContext(context.Background(), "noop/panic") if err == nil { t.Fatal("expected error") } diff --git a/vault/external_tests/misc/recovery_test.go b/vault/external_tests/misc/recovery_test.go index f43fff8d125e..82cc745597d9 100644 --- a/vault/external_tests/misc/recovery_test.go +++ b/vault/external_tests/misc/recovery_test.go @@ -1,6 +1,7 @@ package misc import ( + "context" "path" "testing" @@ -41,18 +42,18 @@ func TestRecovery(t *testing.T) { client := cluster.Cores[0].Client rootToken = client.Token() fooVal := map[string]interface{}{"bar": 1.0} - _, err = client.Logical().Write("secret/foo", fooVal) + _, err = client.Logical().WriteWithContext(context.Background(), "secret/foo", fooVal) if err != nil { t.Fatal(err) } - secret, err := client.Logical().List("secret/") + secret, err := client.Logical().ListWithContext(context.Background(), "secret/") if err != nil { t.Fatal(err) } if diff := deep.Equal(secret.Data["keys"], []interface{}{"foo"}); len(diff) > 0 { t.Fatalf("got=%v, want=%v, diff: %v", secret.Data["keys"], []string{"foo"}, diff) } - mounts, err := cluster.Cores[0].Client.Sys().ListMounts() + mounts, err := cluster.Cores[0].Client.Sys().ListMountsWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -95,7 +96,7 @@ func TestRecovery(t *testing.T) { } client.SetToken(recoveryToken) - secret, err := client.Logical().List(path.Join("sys/raw/logical", secretUUID)) + secret, err := client.Logical().ListWithContext(context.Background(), path.Join("sys/raw/logical", secretUUID)) if err != nil { t.Fatal(err) } @@ -103,7 +104,7 @@ func TestRecovery(t *testing.T) { t.Fatalf("got=%v, want=%v, diff: %v", secret.Data, []string{"foo"}, diff) } - _, err = client.Logical().Delete(path.Join("sys/raw/logical", secretUUID, "foo")) + _, err = client.Logical().DeleteWithContext(context.Background(), path.Join("sys/raw/logical", secretUUID, "foo")) if err != nil { t.Fatal(err) } @@ -131,7 +132,7 @@ func TestRecovery(t *testing.T) { client := cluster.Cores[0].Client client.SetToken(rootToken) - secret, err := client.Logical().List("secret/") + secret, err := client.Logical().ListWithContext(context.Background(), "secret/") if err != nil { t.Fatal(err) } diff --git a/vault/external_tests/policy/acl_templating_test.go b/vault/external_tests/policy/acl_templating_test.go index 396222363f71..410611af34ea 100644 --- a/vault/external_tests/policy/acl_templating_test.go +++ b/vault/external_tests/policy/acl_templating_test.go @@ -1,6 +1,7 @@ package policy import ( + "context" "fmt" "testing" @@ -58,7 +59,7 @@ path "secret/{{ identity.groups.names.foobar.name}}/*" { vault.TestWaitActive(t, core) client := cluster.Cores[0].Client - resp, err := client.Logical().Write("identity/entity", map[string]interface{}{ + resp, err := client.Logical().WriteWithContext(context.Background(), "identity/entity", map[string]interface{}{ "name": "entity_name", "policies": []string{ "goodPolicy1", @@ -70,7 +71,7 @@ path "secret/{{ identity.groups.names.foobar.name}}/*" { } entityID := resp.Data["id"].(string) - resp, err = client.Logical().Write("identity/group", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "identity/group", map[string]interface{}{ "policies": []string{ "goodPolicy2", }, @@ -84,7 +85,7 @@ path "secret/{{ identity.groups.names.foobar.name}}/*" { } groupID := resp.Data["id"] - resp, err = client.Logical().Write("identity/group", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "identity/group", map[string]interface{}{ "name": "foobar", }) if err != nil { @@ -102,14 +103,14 @@ path "secret/{{ identity.groups.names.foobar.name}}/*" { // Create an external group and renew the token. This should add external // group policies to the token. - auths, err := client.Sys().ListAuth() + auths, err := client.Sys().ListAuthWithContext(context.Background()) if err != nil { t.Fatal(err) } userpassAccessor := auths["userpass/"].Accessor // Create an alias - resp, err = client.Logical().Write("identity/entity-alias", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "identity/entity-alias", map[string]interface{}{ "name": "testuser", "mount_accessor": userpassAccessor, "canonical_id": entityID, @@ -119,7 +120,7 @@ path "secret/{{ identity.groups.names.foobar.name}}/*" { } // Add a user to userpass backend - _, err = client.Logical().Write("auth/userpass/users/testuser", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/userpass/users/testuser", map[string]interface{}{ "password": "testpassword", }) if err != nil { @@ -129,17 +130,17 @@ path "secret/{{ identity.groups.names.foobar.name}}/*" { // Write in policies goodPolicy1 = fmt.Sprintf(goodPolicy1, userpassAccessor) goodPolicy2 = fmt.Sprintf(goodPolicy2, groupID) - err = client.Sys().PutPolicy("goodPolicy1", goodPolicy1) + err = client.Sys().PutPolicyWithContext(context.Background(), "goodPolicy1", goodPolicy1) if err != nil { t.Fatal(err) } - err = client.Sys().PutPolicy("goodPolicy2", goodPolicy2) + err = client.Sys().PutPolicyWithContext(context.Background(), "goodPolicy2", goodPolicy2) if err != nil { t.Fatal(err) } // Authenticate - secret, err := client.Logical().Write("auth/userpass/login/testuser", map[string]interface{}{ + secret, err := client.Logical().WriteWithContext(context.Background(), "auth/userpass/login/testuser", map[string]interface{}{ "password": "testpassword", }) if err != nil { @@ -181,7 +182,7 @@ path "secret/{{ identity.groups.names.foobar.name}}/*" { runTests := func(failGroupName bool) { for _, test := range tests { - resp, err := client.Logical().Write(test.path, map[string]interface{}{"zip": "zap"}) + resp, err := client.Logical().WriteWithContext(context.Background(), test.path, map[string]interface{}{"zip": "zap"}) fail := test.fail if test.name == "bad group name" { fail = failGroupName @@ -204,7 +205,7 @@ path "secret/{{ identity.groups.names.foobar.name}}/*" { client.SetToken(rootToken) // Test that a policy with bad group membership doesn't kill the other paths - err = client.Sys().PutPolicy("badPolicy1", badPolicy1) + err = client.Sys().PutPolicyWithContext(context.Background(), "badPolicy1", badPolicy1) if err != nil { t.Fatal(err) } @@ -213,7 +214,7 @@ path "secret/{{ identity.groups.names.foobar.name}}/*" { // Test that adding group membership now allows access client.SetToken(rootToken) - resp, err = client.Logical().Write("identity/group", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "identity/group", map[string]interface{}{ "id": foobarGroupID, "member_entity_ids": []string{ entityID, diff --git a/vault/external_tests/policy/policy_test.go b/vault/external_tests/policy/policy_test.go index 9e9af07fbf20..9ae31a75bf91 100644 --- a/vault/external_tests/policy/policy_test.go +++ b/vault/external_tests/policy/policy_test.go @@ -1,6 +1,7 @@ package policy import ( + "context" "testing" "time" @@ -51,7 +52,7 @@ func TestPolicy_NoDefaultPolicy(t *testing.T) { cleanup, cfg := ldaphelper.PrepareTestContainer(t, "latest") defer cleanup() - _, err = client.Logical().Write("auth/ldap/config", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/ldap/config", map[string]interface{}{ "url": cfg.Url, "userattr": cfg.UserAttr, "userdn": cfg.UserDN, @@ -66,7 +67,7 @@ func TestPolicy_NoDefaultPolicy(t *testing.T) { } // Create a local user in LDAP - secret, err := client.Logical().Write("auth/ldap/users/hermes conrad", map[string]interface{}{ + secret, err := client.Logical().WriteWithContext(context.Background(), "auth/ldap/users/hermes conrad", map[string]interface{}{ "policies": "foo", }) if err != nil { @@ -74,7 +75,7 @@ func TestPolicy_NoDefaultPolicy(t *testing.T) { } // Login with LDAP and create a token - secret, err = client.Logical().Write("auth/ldap/login/hermes conrad", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "auth/ldap/login/hermes conrad", map[string]interface{}{ "password": "hermes", }) if err != nil { @@ -83,7 +84,7 @@ func TestPolicy_NoDefaultPolicy(t *testing.T) { token := secret.Auth.ClientToken // Lookup the token to get the entity ID - secret, err = client.Auth().Token().Lookup(token) + secret, err = client.Auth().Token().LookupWithContext(context.Background(), token) if err != nil { t.Fatal(err) } @@ -128,7 +129,7 @@ func TestPolicy_NoConfiguredPolicy(t *testing.T) { cleanup, cfg := ldaphelper.PrepareTestContainer(t, "latest") defer cleanup() - _, err = client.Logical().Write("auth/ldap/config", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/ldap/config", map[string]interface{}{ "url": cfg.Url, "userattr": cfg.UserAttr, "userdn": cfg.UserDN, @@ -143,13 +144,13 @@ func TestPolicy_NoConfiguredPolicy(t *testing.T) { } // Create a local user in LDAP without any policies configured - secret, err := client.Logical().Write("auth/ldap/users/hermes conrad", map[string]interface{}{}) + secret, err := client.Logical().WriteWithContext(context.Background(), "auth/ldap/users/hermes conrad", map[string]interface{}{}) if err != nil { t.Fatal(err) } // Login with LDAP and create a token - secret, err = client.Logical().Write("auth/ldap/login/hermes conrad", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "auth/ldap/login/hermes conrad", map[string]interface{}{ "password": "hermes", }) if err != nil { @@ -158,7 +159,7 @@ func TestPolicy_NoConfiguredPolicy(t *testing.T) { token := secret.Auth.ClientToken // Lookup the token to get the entity ID - secret, err = client.Auth().Token().Lookup(token) + secret, err = client.Auth().Token().LookupWithContext(context.Background(), token) if err != nil { t.Fatal(err) } @@ -170,7 +171,7 @@ func TestPolicy_NoConfiguredPolicy(t *testing.T) { // Renew the token with an increment of 2 hours to ensure that lease renewal // occurred and can be checked against the default lease duration with a // big enough delta. - secret, err = client.Logical().Write("auth/token/renew", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "auth/token/renew", map[string]interface{}{ "token": token, "increment": "2h", }) @@ -244,20 +245,20 @@ func TestPolicy_TokenRenewal(t *testing.T) { if len(tc.tokenPolicies) > 0 { data["token_policies"] = tc.tokenPolicies } - _, err = client.Logical().Write("auth/userpass/users/testuser", data) + _, err = client.Logical().WriteWithContext(context.Background(), "auth/userpass/users/testuser", data) if err != nil { t.Fatal(err) } // Set up entity if we're testing against an identity_policies if len(tc.identityPolicies) > 0 { - auths, err := client.Sys().ListAuth() + auths, err := client.Sys().ListAuthWithContext(context.Background()) if err != nil { t.Fatal(err) } userpassAccessor := auths["userpass/"].Accessor - resp, err := client.Logical().Write("identity/entity", map[string]interface{}{ + resp, err := client.Logical().WriteWithContext(context.Background(), "identity/entity", map[string]interface{}{ "name": "test-entity", "policies": tc.identityPolicies, }) @@ -267,7 +268,7 @@ func TestPolicy_TokenRenewal(t *testing.T) { entityID := resp.Data["id"].(string) // Create an alias - resp, err = client.Logical().Write("identity/entity-alias", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "identity/entity-alias", map[string]interface{}{ "name": "testuser", "mount_accessor": userpassAccessor, "canonical_id": entityID, @@ -278,7 +279,7 @@ func TestPolicy_TokenRenewal(t *testing.T) { } // Authenticate - secret, err := client.Logical().Write("auth/userpass/login/testuser", map[string]interface{}{ + secret, err := client.Logical().WriteWithContext(context.Background(), "auth/userpass/login/testuser", map[string]interface{}{ "password": "testpassword", }) if err != nil { @@ -302,7 +303,7 @@ func TestPolicy_TokenRenewal(t *testing.T) { } // Renew token - secret, err = client.Logical().Write("auth/token/renew", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "auth/token/renew", map[string]interface{}{ "token": clientToken, }) if err != nil { diff --git a/vault/external_tests/quotas/quotas_test.go b/vault/external_tests/quotas/quotas_test.go index 24cdce3db97e..10ed223986a9 100644 --- a/vault/external_tests/quotas/quotas_test.go +++ b/vault/external_tests/quotas/quotas_test.go @@ -1,6 +1,7 @@ package quotas import ( + "context" "fmt" "testing" "time" @@ -43,21 +44,21 @@ func setupMounts(t *testing.T, client *api.Client) { t.Fatal(err) } - _, err = client.Logical().Write("auth/userpass/users/foo", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/userpass/users/foo", map[string]interface{}{ "password": "bar", }) if err != nil { t.Fatal(err) } - err = client.Sys().Mount("pki", &api.MountInput{ + err = client.Sys().MountWithContext(context.Background(), "pki", &api.MountInput{ Type: "pki", }) if err != nil { t.Fatal(err) } - _, err = client.Logical().Write("pki/root/generate/internal", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "pki/root/generate/internal", map[string]interface{}{ "common_name": "testvault.com", "ttl": "200h", "ip_sans": "127.0.0.1", @@ -66,7 +67,7 @@ func setupMounts(t *testing.T, client *api.Client) { t.Fatal(err) } - _, err = client.Logical().Write("pki/roles/test", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "pki/roles/test", map[string]interface{}{ "require_cn": false, "allowed_domains": "testvault.com", "allow_subdomains": true, @@ -80,10 +81,10 @@ func setupMounts(t *testing.T, client *api.Client) { func teardownMounts(t *testing.T, client *api.Client) { t.Helper() - if err := client.Sys().Unmount("pki"); err != nil { + if err := client.Sys().UnmountWithContext(context.Background(), "pki"); err != nil { t.Fatal(err) } - if err := client.Sys().DisableAuth("userpass"); err != nil { + if err := client.Sys().DisableAuthWithContext(context.Background(), "userpass"); err != nil { t.Fatal(err) } } @@ -134,25 +135,25 @@ func TestQuotas_RateLimit_DupName(t *testing.T) { vault.TestWaitActive(t, core) // create a rate limit quota w/ 'secret' path - _, err := client.Logical().Write("sys/quotas/rate-limit/secret-rlq", map[string]interface{}{ + _, err := client.Logical().WriteWithContext(context.Background(), "sys/quotas/rate-limit/secret-rlq", map[string]interface{}{ "rate": 7.7, "path": "secret", }) require.NoError(t, err) - s, err := client.Logical().Read("sys/quotas/rate-limit/secret-rlq") + s, err := client.Logical().ReadWithContext(context.Background(), "sys/quotas/rate-limit/secret-rlq") require.NoError(t, err) require.NotEmpty(t, s.Data) // create a rate limit quota w/ empty path (same name) - _, err = client.Logical().Write("sys/quotas/rate-limit/secret-rlq", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "sys/quotas/rate-limit/secret-rlq", map[string]interface{}{ "rate": 7.7, "path": "", }) require.NoError(t, err) // list again and verify that only 1 item is returned - s, err = client.Logical().List("sys/quotas/rate-limit") + s, err = client.Logical().ListWithContext(context.Background(), "sys/quotas/rate-limit") require.NoError(t, err) require.Len(t, s.Data, 1, "incorrect number of quotas") @@ -168,25 +169,25 @@ func TestQuotas_RateLimit_DupPath(t *testing.T) { client := cluster.Cores[0].Client vault.TestWaitActive(t, core) // create a global rate limit quota - _, err := client.Logical().Write("sys/quotas/rate-limit/global-rlq", map[string]interface{}{ + _, err := client.Logical().WriteWithContext(context.Background(), "sys/quotas/rate-limit/global-rlq", map[string]interface{}{ "rate": 10, "path": "", }) require.NoError(t, err) // create a rate limit quota w/ 'secret' path - _, err = client.Logical().Write("sys/quotas/rate-limit/secret-rlq", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "sys/quotas/rate-limit/secret-rlq", map[string]interface{}{ "rate": 7.7, "path": "secret", }) require.NoError(t, err) - s, err := client.Logical().Read("sys/quotas/rate-limit/secret-rlq") + s, err := client.Logical().ReadWithContext(context.Background(), "sys/quotas/rate-limit/secret-rlq") require.NoError(t, err) require.NotEmpty(t, s.Data) // create a rate limit quota w/ empty path (same name) - _, err = client.Logical().Write("sys/quotas/rate-limit/secret-rlq", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "sys/quotas/rate-limit/secret-rlq", map[string]interface{}{ "rate": 7.7, "path": "", }) @@ -207,18 +208,18 @@ func TestQuotas_RateLimitQuota_ExemptPaths(t *testing.T) { client := cluster.Cores[0].Client vault.TestWaitActive(t, core) - _, err := client.Logical().Write("sys/quotas/rate-limit/rlq", map[string]interface{}{ + _, err := client.Logical().WriteWithContext(context.Background(), "sys/quotas/rate-limit/rlq", map[string]interface{}{ "rate": 7.7, }) require.NoError(t, err) // ensure exempt paths are not empty by default - resp, err := client.Logical().Read("sys/quotas/config") + resp, err := client.Logical().ReadWithContext(context.Background(), "sys/quotas/config") require.NoError(t, err) require.NotEmpty(t, resp.Data["rate_limit_exempt_paths"].([]interface{}), "expected no exempt paths by default") reqFunc := func(numSuccess, numFail *atomic.Int32) { - _, err := client.Logical().Read("sys/quotas/rate-limit/rlq") + _, err := client.Logical().ReadWithContext(context.Background(), "sys/quotas/rate-limit/rlq") if err != nil { numFail.Add(1) @@ -236,7 +237,7 @@ func TestQuotas_RateLimitQuota_ExemptPaths(t *testing.T) { // allow time (1s) for rate limit to refill before updating the quota config time.Sleep(time.Second) - _, err = client.Logical().Write("sys/quotas/config", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "sys/quotas/config", map[string]interface{}{ "rate_limit_exempt_paths": []string{"sys/quotas/rate-limit"}, }) require.NoError(t, err) @@ -257,14 +258,14 @@ func TestQuotas_RateLimitQuota_Mount(t *testing.T) { client := cluster.Cores[0].Client vault.TestWaitActive(t, core) - err := client.Sys().Mount("pki", &api.MountInput{ + err := client.Sys().MountWithContext(context.Background(), "pki", &api.MountInput{ Type: "pki", }) if err != nil { t.Fatal(err) } - _, err = client.Logical().Write("pki/root/generate/internal", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "pki/root/generate/internal", map[string]interface{}{ "common_name": "testvault.com", "ttl": "200h", "ip_sans": "127.0.0.1", @@ -273,7 +274,7 @@ func TestQuotas_RateLimitQuota_Mount(t *testing.T) { t.Fatal(err) } - _, err = client.Logical().Write("pki/roles/test", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "pki/roles/test", map[string]interface{}{ "require_cn": false, "allowed_domains": "testvault.com", "allow_subdomains": true, @@ -285,7 +286,7 @@ func TestQuotas_RateLimitQuota_Mount(t *testing.T) { } reqFunc := func(numSuccess, numFail *atomic.Int32) { - _, err := client.Logical().Read("pki/cert/ca_chain") + _, err := client.Logical().ReadWithContext(context.Background(), "pki/cert/ca_chain") if err != nil { numFail.Add(1) @@ -297,7 +298,7 @@ func TestQuotas_RateLimitQuota_Mount(t *testing.T) { // Create a rate limit quota with a low RPS of 7.7, which means we can process // ⌈7.7⌉*2 requests in the span of roughly a second -- 8 initially, followed // by a refill rate of 7.7 per-second. - _, err = client.Logical().Write("sys/quotas/rate-limit/rlq", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "sys/quotas/rate-limit/rlq", map[string]interface{}{ "rate": 7.7, "path": "pki/", }) @@ -321,7 +322,7 @@ func TestQuotas_RateLimitQuota_Mount(t *testing.T) { } // update the rate limit quota with a high RPS such that no requests should fail - _, err = client.Logical().Write("sys/quotas/rate-limit/rlq", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "sys/quotas/rate-limit/rlq", map[string]interface{}{ "rate": 10000.0, "path": "pki/", }) @@ -347,14 +348,14 @@ func TestQuotas_RateLimitQuota_MountPrecedence(t *testing.T) { vault.TestWaitActive(t, core) // create PKI mount - err := client.Sys().Mount("pki", &api.MountInput{ + err := client.Sys().MountWithContext(context.Background(), "pki", &api.MountInput{ Type: "pki", }) if err != nil { t.Fatal(err) } - _, err = client.Logical().Write("pki/root/generate/internal", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "pki/root/generate/internal", map[string]interface{}{ "common_name": "testvault.com", "ttl": "200h", "ip_sans": "127.0.0.1", @@ -363,7 +364,7 @@ func TestQuotas_RateLimitQuota_MountPrecedence(t *testing.T) { t.Fatal(err) } - _, err = client.Logical().Write("pki/roles/test", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "pki/roles/test", map[string]interface{}{ "require_cn": false, "allowed_domains": "testvault.com", "allow_subdomains": true, @@ -375,7 +376,7 @@ func TestQuotas_RateLimitQuota_MountPrecedence(t *testing.T) { } // create a root rate limit quota - _, err = client.Logical().Write("sys/quotas/rate-limit/root-rlq", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "sys/quotas/rate-limit/root-rlq", map[string]interface{}{ "name": "root-rlq", "rate": 14.7, }) @@ -384,7 +385,7 @@ func TestQuotas_RateLimitQuota_MountPrecedence(t *testing.T) { } // create a mount rate limit quota with a lower RPS than the root rate limit quota - _, err = client.Logical().Write("sys/quotas/rate-limit/mount-rlq", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "sys/quotas/rate-limit/mount-rlq", map[string]interface{}{ "name": "mount-rlq", "rate": 7.7, "path": "pki/", @@ -395,7 +396,7 @@ func TestQuotas_RateLimitQuota_MountPrecedence(t *testing.T) { // ensure mount rate limit quota takes precedence over root rate limit quota reqFunc := func(numSuccess, numFail *atomic.Int32) { - _, err := client.Logical().Read("pki/cert/ca_chain") + _, err := client.Logical().ReadWithContext(context.Background(), "pki/cert/ca_chain") if err != nil { numFail.Add(1) @@ -439,7 +440,7 @@ func TestQuotas_RateLimitQuota(t *testing.T) { t.Fatal(err) } - _, err = client.Logical().Write("auth/userpass/users/foo", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/userpass/users/foo", map[string]interface{}{ "password": "bar", }) if err != nil { @@ -449,7 +450,7 @@ func TestQuotas_RateLimitQuota(t *testing.T) { // Create a rate limit quota with a low RPS of 7.7, which means we can process // ⌈7.7⌉*2 requests in the span of roughly a second -- 8 initially, followed // by a refill rate of 7.7 per-second. - _, err = client.Logical().Write("sys/quotas/rate-limit/rlq", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "sys/quotas/rate-limit/rlq", map[string]interface{}{ "rate": 7.7, }) if err != nil { @@ -457,7 +458,7 @@ func TestQuotas_RateLimitQuota(t *testing.T) { } reqFunc := func(numSuccess, numFail *atomic.Int32) { - _, err := client.Logical().Read("sys/quotas/rate-limit/rlq") + _, err := client.Logical().ReadWithContext(context.Background(), "sys/quotas/rate-limit/rlq") if err != nil { numFail.Add(1) @@ -485,7 +486,7 @@ func TestQuotas_RateLimitQuota(t *testing.T) { time.Sleep(time.Second) // update the rate limit quota with a high RPS such that no requests should fail - _, err = client.Logical().Write("sys/quotas/rate-limit/rlq", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "sys/quotas/rate-limit/rlq", map[string]interface{}{ "rate": 10000.0, }) if err != nil { diff --git a/vault/external_tests/raft/raft_autopilot_test.go b/vault/external_tests/raft/raft_autopilot_test.go index 8e7f930b7f81..93b9f63c2ed4 100644 --- a/vault/external_tests/raft/raft_autopilot_test.go +++ b/vault/external_tests/raft/raft_autopilot_test.go @@ -32,7 +32,7 @@ func TestRaft_Autopilot_Disable(t *testing.T) { client := cluster.Cores[0].Client - state, err := client.Sys().RaftAutopilotState() + state, err := client.Sys().RaftAutopilotStateWithContext(context.Background()) require.NoError(t, err) require.Nil(t, nil, state) } @@ -47,7 +47,7 @@ func TestRaft_Autopilot_Stabilization_And_State(t *testing.T) { // Check that autopilot execution state is running client := cluster.Cores[0].Client - state, err := client.Sys().RaftAutopilotState() + state, err := client.Sys().RaftAutopilotStateWithContext(context.Background()) require.NoError(t, err) require.Equal(t, true, state.Healthy) require.Len(t, state.Servers, 1) @@ -55,7 +55,7 @@ func TestRaft_Autopilot_Stabilization_And_State(t *testing.T) { require.Equal(t, "alive", state.Servers["core-0"].NodeStatus) require.Equal(t, "leader", state.Servers["core-0"].Status) - config, err := client.Sys().RaftAutopilotConfiguration() + config, err := client.Sys().RaftAutopilotConfigurationWithContext(context.Background()) require.NoError(t, err) // Wait for 110% of the stabilization time to add nodes @@ -78,7 +78,7 @@ func TestRaft_Autopilot_Stabilization_And_State(t *testing.T) { joinFunc(core) time.Sleep(2 * time.Second) - state, err = client.Sys().RaftAutopilotState() + state, err = client.Sys().RaftAutopilotStateWithContext(context.Background()) require.NoError(t, err) require.Equal(t, false, state.Healthy) require.Len(t, state.Servers, numServers) @@ -91,7 +91,7 @@ func TestRaft_Autopilot_Stabilization_And_State(t *testing.T) { deadline := time.Now().Add(stabilizationWaitDuration) healthy := false for time.Now().Before(deadline) { - state, err := client.Sys().RaftAutopilotState() + state, err := client.Sys().RaftAutopilotStateWithContext(context.Background()) require.NoError(t, err) if state.Healthy { healthy = true @@ -108,7 +108,7 @@ func TestRaft_Autopilot_Stabilization_And_State(t *testing.T) { deadline = time.Now().Add(2 * autopilot.DefaultReconcileInterval) failed := true for time.Now().Before(deadline) { - state, err = client.Sys().RaftAutopilotState() + state, err = client.Sys().RaftAutopilotStateWithContext(context.Background()) require.NoError(t, err) if state.Servers[nodeID].Status == "voter" { failed = false @@ -123,7 +123,7 @@ func TestRaft_Autopilot_Stabilization_And_State(t *testing.T) { } joinAndStabilizeFunc(cluster.Cores[1], "core-1", 2) joinAndStabilizeFunc(cluster.Cores[2], "core-2", 3) - state, err = client.Sys().RaftAutopilotState() + state, err = client.Sys().RaftAutopilotStateWithContext(context.Background()) require.NoError(t, err) require.Equal(t, []string{"core-0", "core-1", "core-2"}, state.Voters) } @@ -138,13 +138,13 @@ func TestRaft_Autopilot_Configuration(t *testing.T) { client := cluster.Cores[0].Client configCheckFunc := func(config *api.AutopilotConfig) { - conf, err := client.Sys().RaftAutopilotConfiguration() + conf, err := client.Sys().RaftAutopilotConfigurationWithContext(context.Background()) require.NoError(t, err) require.Equal(t, config, conf) } writeConfigFunc := func(config map[string]interface{}, expectError bool) { - resp, err := client.Logical().Write("sys/storage/raft/autopilot/configuration", config) + resp, err := client.Logical().WriteWithContext(context.Background(), "sys/storage/raft/autopilot/configuration", config) if expectError { require.Error(t, err) return @@ -242,7 +242,7 @@ func TestRaft_Autopilot_Stabilization_Delay(t *testing.T) { // Check that autopilot execution state is running client := cluster.Cores[0].Client - state, err := client.Sys().RaftAutopilotState() + state, err := client.Sys().RaftAutopilotStateWithContext(context.Background()) require.NotNil(t, state) require.NoError(t, err) require.Equal(t, true, state.Healthy) @@ -251,12 +251,12 @@ func TestRaft_Autopilot_Stabilization_Delay(t *testing.T) { require.Equal(t, "alive", state.Servers["core-0"].NodeStatus) require.Equal(t, "leader", state.Servers["core-0"].Status) - _, err = client.Logical().Write("sys/storage/raft/autopilot/configuration", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "sys/storage/raft/autopilot/configuration", map[string]interface{}{ "server_stabilization_time": "5s", }) require.NoError(t, err) - config, err := client.Sys().RaftAutopilotConfiguration() + config, err := client.Sys().RaftAutopilotConfigurationWithContext(context.Background()) require.NoError(t, err) // Wait for 110% of the stabilization time to add nodes @@ -295,7 +295,7 @@ func TestRaft_Autopilot_Stabilization_Delay(t *testing.T) { deadline := time.Now().Add(stabilizationWaitDuration) var core1healthy, core2healthy bool for time.Now().Before(deadline) { - state, err := client.Sys().RaftAutopilotState() + state, err := client.Sys().RaftAutopilotStateWithContext(context.Background()) require.NoError(t, err) core1healthy = state.Servers["core-1"] != nil && state.Servers["core-1"].Healthy core2healthy = state.Servers["core-2"] != nil && state.Servers["core-2"].Healthy @@ -306,12 +306,12 @@ func TestRaft_Autopilot_Stabilization_Delay(t *testing.T) { } time.Sleep(2 * time.Second) // wait for reconciliation - state, err = client.Sys().RaftAutopilotState() + state, err = client.Sys().RaftAutopilotStateWithContext(context.Background()) require.NoError(t, err) require.Equal(t, []string{"core-0", "core-1"}, state.Voters) for time.Now().Before(core2shouldBeHealthyAt) { - state, err := client.Sys().RaftAutopilotState() + state, err := client.Sys().RaftAutopilotStateWithContext(context.Background()) require.NoError(t, err) core2healthy = state.Servers["core-2"].Healthy time.Sleep(1 * time.Second) @@ -320,7 +320,7 @@ func TestRaft_Autopilot_Stabilization_Delay(t *testing.T) { deadline = time.Now().Add(10 * time.Second) for time.Now().Before(deadline) { - state, err = client.Sys().RaftAutopilotState() + state, err = client.Sys().RaftAutopilotStateWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -343,7 +343,7 @@ func TestRaft_AutoPilot_Peersets_Equivalent(t *testing.T) { // Create a very large stabilization time so we can test the state between // joining and promotions client := cluster.Cores[0].Client - _, err := client.Logical().Write("sys/storage/raft/autopilot/configuration", map[string]interface{}{ + _, err := client.Logical().WriteWithContext(context.Background(), "sys/storage/raft/autopilot/configuration", map[string]interface{}{ "server_stabilization_time": "1h", }) require.NoError(t, err) diff --git a/vault/external_tests/raft/raft_test.go b/vault/external_tests/raft/raft_test.go index 967cd1507e5d..ed16b2972d6d 100644 --- a/vault/external_tests/raft/raft_test.go +++ b/vault/external_tests/raft/raft_test.go @@ -105,7 +105,7 @@ func TestRaft_BoltDBMetrics(t *testing.T) { // Write a few keys for i := 0; i < 50; i++ { - _, err := leaderClient.Logical().Write(fmt.Sprintf("secret/%d", i), map[string]interface{}{ + _, err := leaderClient.Logical().WriteWithContext(context.Background(), fmt.Sprintf("secret/%d", i), map[string]interface{}{ fmt.Sprintf("foo%d", i): fmt.Sprintf("bar%d", i), }) if err != nil { @@ -282,7 +282,7 @@ func TestRaft_Join(t *testing.T) { req.LeaderClientCert = string(cluster.CACertPEM) req.LeaderClientKey = string(cluster.CAKeyPEM) } - resp, err := client.Sys().RaftJoin(req) + resp, err := client.Sys().RaftJoinWithContext(context.Background(), req) if err != nil { t.Fatal(err) } @@ -294,14 +294,14 @@ func TestRaft_Join(t *testing.T) { joinFunc(cluster.Cores[1].Client, false) joinFunc(cluster.Cores[2].Client, false) - _, err := cluster.Cores[0].Client.Logical().Write("sys/storage/raft/remove-peer", map[string]interface{}{ + _, err := cluster.Cores[0].Client.Logical().WriteWithContext(context.Background(), "sys/storage/raft/remove-peer", map[string]interface{}{ "server_id": "core-1", }) if err != nil { t.Fatal(err) } - _, err = cluster.Cores[0].Client.Logical().Write("sys/storage/raft/remove-peer", map[string]interface{}{ + _, err = cluster.Cores[0].Client.Logical().WriteWithContext(context.Background(), "sys/storage/raft/remove-peer", map[string]interface{}{ "server_id": "core-2", }) if err != nil { @@ -331,7 +331,7 @@ func TestRaft_RemovePeer(t *testing.T) { "core-2": true, }) - _, err := client.Logical().Write("sys/storage/raft/remove-peer", map[string]interface{}{ + _, err := client.Logical().WriteWithContext(context.Background(), "sys/storage/raft/remove-peer", map[string]interface{}{ "server_id": "core-2", }) if err != nil { @@ -343,7 +343,7 @@ func TestRaft_RemovePeer(t *testing.T) { "core-1": true, }) - _, err = client.Logical().Write("sys/storage/raft/remove-peer", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "sys/storage/raft/remove-peer", map[string]interface{}{ "server_id": "core-1", }) if err != nil { @@ -425,7 +425,7 @@ func TestRaft_Configuration(t *testing.T) { } client := cluster.Cores[0].Client - secret, err := client.Logical().Read("sys/storage/raft/configuration") + secret, err := client.Logical().ReadWithContext(context.Background(), "sys/storage/raft/configuration") if err != nil { t.Fatal(err) } @@ -481,7 +481,7 @@ func TestRaft_SnapshotAPI(t *testing.T) { // Write a few keys for i := 0; i < 10; i++ { - _, err := leaderClient.Logical().Write(fmt.Sprintf("secret/%d", i), map[string]interface{}{ + _, err := leaderClient.Logical().WriteWithContext(context.Background(), fmt.Sprintf("secret/%d", i), map[string]interface{}{ "test": "data", }) if err != nil { @@ -491,7 +491,7 @@ func TestRaft_SnapshotAPI(t *testing.T) { // Take a snapshot buf := new(bytes.Buffer) - err := leaderClient.Sys().RaftSnapshot(buf) + err := leaderClient.Sys().RaftSnapshotWithContext(context.Background(), buf) if err != nil { t.Fatal(err) } @@ -505,7 +505,7 @@ func TestRaft_SnapshotAPI(t *testing.T) { // Write a few more keys for i := 10; i < 20; i++ { - _, err := leaderClient.Logical().Write(fmt.Sprintf("secret/%d", i), map[string]interface{}{ + _, err := leaderClient.Logical().WriteWithContext(context.Background(), fmt.Sprintf("secret/%d", i), map[string]interface{}{ "test": "data", }) if err != nil { @@ -513,13 +513,13 @@ func TestRaft_SnapshotAPI(t *testing.T) { } } // Restore snapshot - err = leaderClient.Sys().RaftSnapshotRestore(bytes.NewReader(snap), false) + err = leaderClient.Sys().RaftSnapshotRestoreWithContext(context.Background(), bytes.NewReader(snap), false) if err != nil { t.Fatal(err) } // List kv to make sure we removed the extra keys - secret, err := leaderClient.Logical().List("secret/") + secret, err := leaderClient.Logical().ListWithContext(context.Background(), "secret/") if err != nil { t.Fatal(err) } @@ -546,7 +546,7 @@ func TestRaft_SnapshotAPI_MidstreamFailure(t *testing.T) { // will never make it into the tar part, it'll fail merely when trying to // decompress the stream. for i := 0; i < 1000; i++ { - _, err := leaderClient.Logical().Write(fmt.Sprintf("secret/%d", i), map[string]interface{}{ + _, err := leaderClient.Logical().WriteWithContext(context.Background(), fmt.Sprintf("secret/%d", i), map[string]interface{}{ "test": "data", }) if err != nil { @@ -567,7 +567,7 @@ func TestRaft_SnapshotAPI_MidstreamFailure(t *testing.T) { setErr(errors.New("seal failure")) // Take a snapshot - err := leaderClient.Sys().RaftSnapshot(w) + err := leaderClient.Sys().RaftSnapshotWithContext(context.Background(), w) w.Close() if err == nil || err != api.ErrIncompleteSnapshot { t.Fatalf("expected err=%v, got: %v", api.ErrIncompleteSnapshot, err) @@ -646,7 +646,7 @@ func TestRaft_SnapshotAPI_RekeyRotate_Backward(t *testing.T) { // Write a few keys for i := 0; i < 10; i++ { - _, err := leaderClient.Logical().Write(fmt.Sprintf("secret/%d", i), map[string]interface{}{ + _, err := leaderClient.Logical().WriteWithContext(context.Background(), fmt.Sprintf("secret/%d", i), map[string]interface{}{ "test": "data", }) if err != nil { @@ -688,7 +688,7 @@ func TestRaft_SnapshotAPI_RekeyRotate_Backward(t *testing.T) { if tCaseLocal.Rotate { // Rotate - err = leaderClient.Sys().Rotate() + err = leaderClient.Sys().RotateWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -741,7 +741,7 @@ func TestRaft_SnapshotAPI_RekeyRotate_Backward(t *testing.T) { // Write some data so we can make sure we can read it later. This is testing // that we correctly reload the keyring - _, err = leaderClient.Logical().Write("secret/foo", map[string]interface{}{ + _, err = leaderClient.Logical().WriteWithContext(context.Background(), "secret/foo", map[string]interface{}{ "test": "data", }) if err != nil { @@ -756,7 +756,7 @@ func TestRaft_SnapshotAPI_RekeyRotate_Backward(t *testing.T) { activeCore := testhelpers.DeriveStableActiveCore(t, cluster) // Read the value. - data, err := activeCore.Client.Logical().Read("secret/foo") + data, err := activeCore.Client.Logical().ReadWithContext(context.Background(), "secret/foo") if err != nil { t.Fatal(err) } @@ -847,7 +847,7 @@ func TestRaft_SnapshotAPI_RekeyRotate_Forward(t *testing.T) { // Write a few keys for i := 0; i < 10; i++ { - _, err := leaderClient.Logical().Write(fmt.Sprintf("secret/%d", i), map[string]interface{}{ + _, err := leaderClient.Logical().WriteWithContext(context.Background(), fmt.Sprintf("secret/%d", i), map[string]interface{}{ "test": "data", }) if err != nil { @@ -900,7 +900,7 @@ func TestRaft_SnapshotAPI_RekeyRotate_Forward(t *testing.T) { } // Rotate - err = leaderClient.Sys().Rotate() + err = leaderClient.Sys().RotateWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -998,7 +998,7 @@ func TestRaft_SnapshotAPI_RekeyRotate_Forward(t *testing.T) { // Write some data so we can make sure we can read it later. This is testing // that we correctly reload the keyring - _, err = leaderClient.Logical().Write("secret/foo", map[string]interface{}{ + _, err = leaderClient.Logical().WriteWithContext(context.Background(), "secret/foo", map[string]interface{}{ "test": "data", }) if err != nil { @@ -1013,7 +1013,7 @@ func TestRaft_SnapshotAPI_RekeyRotate_Forward(t *testing.T) { activeCore := testhelpers.DeriveStableActiveCore(t, cluster) // Read the value. - data, err := activeCore.Client.Logical().Read("secret/foo") + data, err := activeCore.Client.Logical().ReadWithContext(context.Background(), "secret/foo") if err != nil { t.Fatal(err) } @@ -1034,7 +1034,7 @@ func TestRaft_SnapshotAPI_DifferentCluster(t *testing.T) { // Write a few keys for i := 0; i < 10; i++ { - _, err := leaderClient.Logical().Write(fmt.Sprintf("secret/%d", i), map[string]interface{}{ + _, err := leaderClient.Logical().WriteWithContext(context.Background(), fmt.Sprintf("secret/%d", i), map[string]interface{}{ "test": "data", }) if err != nil { @@ -1136,7 +1136,7 @@ func BenchmarkRaft_SingleNode(b *testing.B) { b.ResetTimer() for i := 0; i < b.N; i++ { key := fmt.Sprintf("secret/%x", md5.Sum([]byte(fmt.Sprintf("%s-%d", testName, i)))) - _, err := leaderClient.Logical().Write(key, map[string]interface{}{ + _, err := leaderClient.Logical().WriteWithContext(context.Background(), key, map[string]interface{}{ "test": data, }) if err != nil { @@ -1177,7 +1177,7 @@ func TestRaft_Join_InitStatus(t *testing.T) { LeaderAPIAddr: leaderAPI, LeaderCACert: string(cluster.CACertPEM), } - resp, err := client.Sys().RaftJoin(req) + resp, err := client.Sys().RaftJoinWithContext(context.Background(), req) if err != nil { t.Fatal(err) } @@ -1190,7 +1190,7 @@ func TestRaft_Join_InitStatus(t *testing.T) { t.Helper() client := cluster.Cores[coreIdx].Client - initialized, err := client.Sys().InitStatus() + initialized, err := client.Sys().InitStatusWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -1199,7 +1199,7 @@ func TestRaft_Join_InitStatus(t *testing.T) { t.Errorf("core %d: expected init=%v, sys/init returned %v", coreIdx, expected, initialized) } - status, err := client.Sys().SealStatus() + status, err := client.Sys().SealStatusWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -1208,7 +1208,7 @@ func TestRaft_Join_InitStatus(t *testing.T) { t.Errorf("core %d: expected init=%v, sys/seal-status returned %v", coreIdx, expected, status.Initialized) } - health, err := client.Sys().Health() + health, err := client.Sys().HealthWithContext(context.Background()) if err != nil { t.Fatal(err) } diff --git a/vault/external_tests/raftha/raft_ha_test.go b/vault/external_tests/raftha/raft_ha_test.go index e650b6bbb6d2..5f876b9389dd 100644 --- a/vault/external_tests/raftha/raft_ha_test.go +++ b/vault/external_tests/raftha/raft_ha_test.go @@ -1,6 +1,7 @@ package raftha import ( + "context" "sync/atomic" "testing" @@ -86,7 +87,7 @@ func testRaftHANewCluster(t *testing.T, bundler teststorage.PhysicalBackendBundl req.LeaderClientCert = string(cluster.CACertPEM) req.LeaderClientKey = string(cluster.CAKeyPEM) } - resp, err := client.Sys().RaftJoin(req) + resp, err := client.Sys().RaftJoinWithContext(context.Background(), req) if err != nil { t.Fatal(err) } @@ -107,14 +108,14 @@ func testRaftHANewCluster(t *testing.T, bundler teststorage.PhysicalBackendBundl }) // Test remove peers - _, err := leaderClient.Logical().Write("sys/storage/raft/remove-peer", map[string]interface{}{ + _, err := leaderClient.Logical().WriteWithContext(context.Background(), "sys/storage/raft/remove-peer", map[string]interface{}{ "server_id": "core-1", }) if err != nil { t.Fatal(err) } - _, err = leaderClient.Logical().Write("sys/storage/raft/remove-peer", map[string]interface{}{ + _, err = leaderClient.Logical().WriteWithContext(context.Background(), "sys/storage/raft/remove-peer", map[string]interface{}{ "server_id": "core-2", }) if err != nil { @@ -202,7 +203,7 @@ func TestRaft_HA_ExistingCluster(t *testing.T) { leaderClient := cluster.Cores[0].Client leaderClient.SetToken(clusterRootToken) { - _, err := leaderClient.Logical().Write("sys/storage/raft/bootstrap", nil) + _, err := leaderClient.Logical().WriteWithContext(context.Background(), "sys/storage/raft/bootstrap", nil) if err != nil { t.Fatal(err) } @@ -220,7 +221,7 @@ func TestRaft_HA_ExistingCluster(t *testing.T) { req := &api.RaftJoinRequest{ LeaderCACert: string(cluster.CACertPEM), } - resp, err := client.Sys().RaftJoin(req) + resp, err := client.Sys().RaftJoinWithContext(context.Background(), req) if err != nil { t.Fatal(err) } diff --git a/vault/external_tests/response/allowed_response_headers_test.go b/vault/external_tests/response/allowed_response_headers_test.go index 3232b27bf095..9aef0732c725 100644 --- a/vault/external_tests/response/allowed_response_headers_test.go +++ b/vault/external_tests/response/allowed_response_headers_test.go @@ -108,7 +108,7 @@ func TestIdentityStore_EntityDisabled(t *testing.T) { } // Tune the mount - err = client.Sys().TuneMount("auth/headtest", api.MountConfigInput{ + err = client.Sys().TuneMountWithContext(context.Background(), "auth/headtest", api.MountConfigInput{ AllowedResponseHeaders: []string{"WwW-AuthenTicate"}, }) if err != nil { diff --git a/vault/external_tests/router/router_ext_test.go b/vault/external_tests/router/router_ext_test.go index bf4018c2861b..d748168fbe4d 100644 --- a/vault/external_tests/router/router_ext_test.go +++ b/vault/external_tests/router/router_ext_test.go @@ -1,6 +1,7 @@ package router import ( + "context" "testing" "github.com/hashicorp/vault/api" @@ -55,7 +56,7 @@ func testRouter_MountSubpath(t *testing.T, mountPoints []string) { for _, mp := range mountPoints { t.Logf("mounting %s", "s/"+mp) var err error - err = client.Sys().Mount("s/"+mp, mountInput) + err = client.Sys().MountWithContext(context.Background(), "s/"+mp, mountInput) if err != nil { t.Fatalf("err: %v", err) } diff --git a/vault/external_tests/token/batch_token_test.go b/vault/external_tests/token/batch_token_test.go index a344b5eed944..63a30ab25af4 100644 --- a/vault/external_tests/token/batch_token_test.go +++ b/vault/external_tests/token/batch_token_test.go @@ -1,6 +1,7 @@ package token import ( + "context" "strings" "testing" "time" @@ -35,14 +36,14 @@ func TestBatchTokens(t *testing.T) { var err error // Set up a KV path - err = client.Sys().Mount("kv", &api.MountInput{ + err = client.Sys().MountWithContext(context.Background(), "kv", &api.MountInput{ Type: "kv", }) if err != nil { t.Fatal(err) } - _, err = client.Logical().Write("kv/foo", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "kv/foo", map[string]interface{}{ "foo": "bar", "ttl": "5m", }) @@ -51,7 +52,7 @@ func TestBatchTokens(t *testing.T) { } // Write the test policy - err = client.Sys().PutPolicy("test", ` + err = client.Sys().PutPolicyWithContext(context.Background(), "test", ` path "kv/*" { capabilities = ["read"] }`) @@ -68,7 +69,7 @@ path "kv/*" { } // Tune the mount - if err = client.Sys().TuneMount("auth/approle", api.MountConfigInput{ + if err = client.Sys().TuneMountWithContext(context.Background(), "auth/approle", api.MountConfigInput{ DefaultLeaseTTL: "5s", MaxLeaseTTL: "5s", }); err != nil { @@ -76,7 +77,7 @@ path "kv/*" { } // Create role - resp, err := client.Logical().Write("auth/approle/role/test", map[string]interface{}{ + resp, err := client.Logical().WriteWithContext(context.Background(), "auth/approle/role/test", map[string]interface{}{ "policies": "test", }) if err != nil { @@ -84,7 +85,7 @@ path "kv/*" { } // Get role_id - resp, err = client.Logical().Read("auth/approle/role/test/role-id") + resp, err = client.Logical().ReadWithContext(context.Background(), "auth/approle/role/test/role-id") if err != nil { t.Fatal(err) } @@ -94,7 +95,7 @@ path "kv/*" { roleID := resp.Data["role_id"] // Get secret_id - resp, err = client.Logical().Write("auth/approle/role/test/secret-id", map[string]interface{}{}) + resp, err = client.Logical().WriteWithContext(context.Background(), "auth/approle/role/test/secret-id", map[string]interface{}{}) if err != nil { t.Fatal(err) } @@ -106,19 +107,19 @@ path "kv/*" { // Login testLogin := func(mountTuneType, roleType string, batch bool) string { t.Helper() - if err = client.Sys().TuneMount("auth/approle", api.MountConfigInput{ + if err = client.Sys().TuneMountWithContext(context.Background(), "auth/approle", api.MountConfigInput{ TokenType: mountTuneType, }); err != nil { t.Fatal(err) } - _, err = client.Logical().Write("auth/approle/role/test", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/approle/role/test", map[string]interface{}{ "token_type": roleType, }) if err != nil { t.Fatal(err) } - resp, err = client.Logical().Write("auth/approle/login", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "auth/approle/login", map[string]interface{}{ "role_id": roleID, "secret_id": secretID, }) @@ -158,7 +159,7 @@ path "kv/*" { finalToken := testLogin("batch", "batch", true) client.SetToken(finalToken) - resp, err = client.Logical().Read("kv/foo") + resp, err = client.Logical().ReadWithContext(context.Background(), "kv/foo") if err != nil { t.Fatal(err) } @@ -179,7 +180,7 @@ path "kv/*" { lastDuration := resp.LeaseDuration for i := 0; i < 3; i++ { time.Sleep(time.Second) - resp, err = client.Sys().Renew(leaseID, 0) + resp, err = client.Sys().RenewWithContext(context.Background(), leaseID, 0) if err != nil { t.Fatal(err) } @@ -191,7 +192,7 @@ path "kv/*" { client.SetToken(rootToken) time.Sleep(2 * time.Second) - resp, err = client.Logical().Write("sys/leases/lookup", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "sys/leases/lookup", map[string]interface{}{ "lease_id": leaseID, }) if err == nil { @@ -221,14 +222,14 @@ func TestBatchToken_ParentLeaseRevoke(t *testing.T) { var err error // Set up a KV path - err = client.Sys().Mount("kv", &api.MountInput{ + err = client.Sys().MountWithContext(context.Background(), "kv", &api.MountInput{ Type: "kv", }) if err != nil { t.Fatal(err) } - _, err = client.Logical().Write("kv/foo", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "kv/foo", map[string]interface{}{ "foo": "bar", "ttl": "5m", }) @@ -237,7 +238,7 @@ func TestBatchToken_ParentLeaseRevoke(t *testing.T) { } // Write the test policy - err = client.Sys().PutPolicy("test", ` + err = client.Sys().PutPolicyWithContext(context.Background(), "test", ` path "kv/*" { capabilities = ["read"] }`) @@ -246,7 +247,7 @@ path "kv/*" { } // Create a second root token - secret, err := client.Auth().Token().Create(&api.TokenCreateRequest{ + secret, err := client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Policies: []string{"root"}, }) if err != nil { @@ -256,7 +257,7 @@ path "kv/*" { // Use this new token to create a batch token client.SetToken(rootToken2) - secret, err = client.Auth().Token().Create(&api.TokenCreateRequest{ + secret, err = client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Policies: []string{"test"}, Type: "batch", }) @@ -265,7 +266,7 @@ path "kv/*" { } batchToken := secret.Auth.ClientToken client.SetToken(batchToken) - _, err = client.Auth().Token().LookupSelf() + _, err = client.Auth().Token().LookupSelfWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -274,7 +275,7 @@ path "kv/*" { } // Get a lease with the batch token - resp, err := client.Logical().Read("kv/foo") + resp, err := client.Logical().ReadWithContext(context.Background(), "kv/foo") if err != nil { t.Fatal(err) } @@ -287,7 +288,7 @@ path "kv/*" { leaseID := resp.LeaseID // Check the lease - resp, err = client.Logical().Write("sys/leases/lookup", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "sys/leases/lookup", map[string]interface{}{ "lease_id": leaseID, }) if err != nil { @@ -296,7 +297,7 @@ path "kv/*" { // Revoke the parent client.SetToken(rootToken2) - err = client.Auth().Token().RevokeSelf("") + err = client.Auth().Token().RevokeSelfWithContext(context.Background(), "") if err != nil { t.Fatal(err) } @@ -305,13 +306,13 @@ path "kv/*" { // Verify the batch token is not usable anymore client.SetToken(rootToken) - _, err = client.Auth().Token().Lookup(batchToken) + _, err = client.Auth().Token().LookupWithContext(context.Background(), batchToken) if err == nil { t.Fatal("expected error") } // Verify the lease has been revoked - resp, err = client.Logical().Write("sys/leases/lookup", map[string]interface{}{ + resp, err = client.Logical().WriteWithContext(context.Background(), "sys/leases/lookup", map[string]interface{}{ "lease_id": leaseID, }) if err == nil { @@ -336,14 +337,14 @@ func TestTokenStore_Roles_Batch(t *testing.T) { // Test service { - _, err = client.Logical().Write("auth/token/roles/testrole", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/token/roles/testrole", map[string]interface{}{ "bound_cidrs": []string{}, "token_type": "service", }) if err != nil { t.Fatal(err) } - secret, err = client.Auth().Token().CreateWithRole(&api.TokenCreateRequest{ + secret, err = client.Auth().Token().CreateWithRoleWithContext(context.Background(), &api.TokenCreateRequest{ Policies: []string{"default"}, Type: "batch", }, "testrole") @@ -351,7 +352,7 @@ func TestTokenStore_Roles_Batch(t *testing.T) { t.Fatal(err) } client.SetToken(secret.Auth.ClientToken) - _, err = client.Auth().Token().LookupSelf() + _, err = client.Auth().Token().LookupSelfWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -363,14 +364,14 @@ func TestTokenStore_Roles_Batch(t *testing.T) { // Test batch { client.SetToken(rootToken) - _, err = client.Logical().Write("auth/token/roles/testrole", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/token/roles/testrole", map[string]interface{}{ "token_type": "batch", }) // Orphan not set so we should error if err == nil { t.Fatal("expected error") } - _, err = client.Logical().Write("auth/token/roles/testrole", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/token/roles/testrole", map[string]interface{}{ "token_type": "batch", "orphan": true, }) @@ -378,7 +379,7 @@ func TestTokenStore_Roles_Batch(t *testing.T) { if err == nil { t.Fatal("expected error") } - _, err = client.Logical().Write("auth/token/roles/testrole", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/token/roles/testrole", map[string]interface{}{ "token_type": "batch", "orphan": true, "renewable": false, @@ -386,7 +387,7 @@ func TestTokenStore_Roles_Batch(t *testing.T) { if err != nil { t.Fatal(err) } - secret, err = client.Auth().Token().CreateWithRole(&api.TokenCreateRequest{ + secret, err = client.Auth().Token().CreateWithRoleWithContext(context.Background(), &api.TokenCreateRequest{ Policies: []string{"default"}, Type: "service", }, "testrole") @@ -394,7 +395,7 @@ func TestTokenStore_Roles_Batch(t *testing.T) { t.Fatal(err) } client.SetToken(secret.Auth.ClientToken) - _, err = client.Auth().Token().LookupSelf() + _, err = client.Auth().Token().LookupSelfWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -406,14 +407,14 @@ func TestTokenStore_Roles_Batch(t *testing.T) { // Test default-service { client.SetToken(rootToken) - _, err = client.Logical().Write("auth/token/roles/testrole", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/token/roles/testrole", map[string]interface{}{ "token_type": "default-service", }) if err != nil { t.Fatal(err) } // Client specifies batch - secret, err = client.Auth().Token().CreateWithRole(&api.TokenCreateRequest{ + secret, err = client.Auth().Token().CreateWithRoleWithContext(context.Background(), &api.TokenCreateRequest{ Policies: []string{"default"}, Type: "batch", }, "testrole") @@ -421,7 +422,7 @@ func TestTokenStore_Roles_Batch(t *testing.T) { t.Fatal(err) } client.SetToken(secret.Auth.ClientToken) - _, err = client.Auth().Token().LookupSelf() + _, err = client.Auth().Token().LookupSelfWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -430,7 +431,7 @@ func TestTokenStore_Roles_Batch(t *testing.T) { } // Client specifies service client.SetToken(rootToken) - secret, err = client.Auth().Token().CreateWithRole(&api.TokenCreateRequest{ + secret, err = client.Auth().Token().CreateWithRoleWithContext(context.Background(), &api.TokenCreateRequest{ Policies: []string{"default"}, Type: "service", }, "testrole") @@ -438,7 +439,7 @@ func TestTokenStore_Roles_Batch(t *testing.T) { t.Fatal(err) } client.SetToken(secret.Auth.ClientToken) - _, err = client.Auth().Token().LookupSelf() + _, err = client.Auth().Token().LookupSelfWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -447,14 +448,14 @@ func TestTokenStore_Roles_Batch(t *testing.T) { } // Client doesn't specify client.SetToken(rootToken) - secret, err = client.Auth().Token().CreateWithRole(&api.TokenCreateRequest{ + secret, err = client.Auth().Token().CreateWithRoleWithContext(context.Background(), &api.TokenCreateRequest{ Policies: []string{"default"}, }, "testrole") if err != nil { t.Fatal(err) } client.SetToken(secret.Auth.ClientToken) - _, err = client.Auth().Token().LookupSelf() + _, err = client.Auth().Token().LookupSelfWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -466,14 +467,14 @@ func TestTokenStore_Roles_Batch(t *testing.T) { // Test default-batch { client.SetToken(rootToken) - _, err = client.Logical().Write("auth/token/roles/testrole", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/token/roles/testrole", map[string]interface{}{ "token_type": "default-batch", }) if err != nil { t.Fatal(err) } // Client specifies batch - secret, err = client.Auth().Token().CreateWithRole(&api.TokenCreateRequest{ + secret, err = client.Auth().Token().CreateWithRoleWithContext(context.Background(), &api.TokenCreateRequest{ Policies: []string{"default"}, Type: "batch", }, "testrole") @@ -481,7 +482,7 @@ func TestTokenStore_Roles_Batch(t *testing.T) { t.Fatal(err) } client.SetToken(secret.Auth.ClientToken) - _, err = client.Auth().Token().LookupSelf() + _, err = client.Auth().Token().LookupSelfWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -490,7 +491,7 @@ func TestTokenStore_Roles_Batch(t *testing.T) { } // Client specifies service client.SetToken(rootToken) - secret, err = client.Auth().Token().CreateWithRole(&api.TokenCreateRequest{ + secret, err = client.Auth().Token().CreateWithRoleWithContext(context.Background(), &api.TokenCreateRequest{ Policies: []string{"default"}, Type: "service", }, "testrole") @@ -498,7 +499,7 @@ func TestTokenStore_Roles_Batch(t *testing.T) { t.Fatal(err) } client.SetToken(secret.Auth.ClientToken) - _, err = client.Auth().Token().LookupSelf() + _, err = client.Auth().Token().LookupSelfWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -507,14 +508,14 @@ func TestTokenStore_Roles_Batch(t *testing.T) { } // Client doesn't specify client.SetToken(rootToken) - secret, err = client.Auth().Token().CreateWithRole(&api.TokenCreateRequest{ + secret, err = client.Auth().Token().CreateWithRoleWithContext(context.Background(), &api.TokenCreateRequest{ Policies: []string{"default"}, }, "testrole") if err != nil { t.Fatal(err) } client.SetToken(secret.Auth.ClientToken) - _, err = client.Auth().Token().LookupSelf() + _, err = client.Auth().Token().LookupSelfWithContext(context.Background()) if err != nil { t.Fatal(err) } diff --git a/vault/external_tests/token/token_test.go b/vault/external_tests/token/token_test.go index 16cac188c6d3..5990c70af0fe 100644 --- a/vault/external_tests/token/token_test.go +++ b/vault/external_tests/token/token_test.go @@ -1,6 +1,7 @@ package token import ( + "context" "encoding/base64" "reflect" "sort" @@ -30,7 +31,7 @@ func TestTokenStore_CreateOrphanResponse(t *testing.T) { vault.TestWaitActive(t, core) client := cluster.Cores[0].Client - secret, err := client.Auth().Token().CreateOrphan(&api.TokenCreateRequest{ + secret, err := client.Auth().Token().CreateOrphanWithContext(context.Background(), &api.TokenCreateRequest{ Policies: []string{"default"}, }) if err != nil { @@ -66,14 +67,14 @@ func TestTokenStore_TokenInvalidEntityID(t *testing.T) { } // Add a user to userpass backend - _, err = client.Logical().Write("auth/userpass/users/testuser", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/userpass/users/testuser", map[string]interface{}{ "password": "testpassword", }) if err != nil { t.Fatal(err) } - secret, err := client.Logical().Write("auth/userpass/login/testuser", map[string]interface{}{ + secret, err := client.Logical().WriteWithContext(context.Background(), "auth/userpass/login/testuser", map[string]interface{}{ "password": "testpassword", }) if err != nil { @@ -81,7 +82,7 @@ func TestTokenStore_TokenInvalidEntityID(t *testing.T) { } clientToken := secret.Auth.ClientToken - secret, err = client.Logical().Write("auth/token/lookup", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "auth/token/lookup", map[string]interface{}{ "token": clientToken, }) if err != nil { @@ -90,14 +91,14 @@ func TestTokenStore_TokenInvalidEntityID(t *testing.T) { entityID := secret.Data["entity_id"].(string) - _, err = client.Logical().Delete("identity/entity/id/" + entityID) + _, err = client.Logical().DeleteWithContext(context.Background(), "identity/entity/id/"+entityID) if err != nil { t.Fatal(err) } client.SetToken(clientToken) - secret, err = client.Logical().Write("auth/token/lookup-self", nil) + secret, err = client.Logical().WriteWithContext(context.Background(), "auth/token/lookup-self", nil) if err == nil { t.Fatalf("expected error due to token being invalid when its entity is invalid") } @@ -132,7 +133,7 @@ func TestTokenStore_IdentityPolicies(t *testing.T) { defer cleanup() // Configure LDAP auth - _, err = client.Logical().Write("auth/ldap/config", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/ldap/config", map[string]interface{}{ "url": cfg.Url, "userattr": cfg.UserAttr, "userdn": cfg.UserDN, @@ -146,7 +147,7 @@ func TestTokenStore_IdentityPolicies(t *testing.T) { } // Create group in LDAP auth - _, err = client.Logical().Write("auth/ldap/groups/testgroup1", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/ldap/groups/testgroup1", map[string]interface{}{ "policies": "testgroup1-policy", }) if err != nil { @@ -155,7 +156,7 @@ func TestTokenStore_IdentityPolicies(t *testing.T) { // Create user in LDAP auth. We add two groups, but we should filter out // the ones that don't match aliases later (we will check for this) - _, err = client.Logical().Write("auth/ldap/users/hermes conrad", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/ldap/users/hermes conrad", map[string]interface{}{ "policies": "default", "groups": "testgroup1,testgroup2", }) @@ -164,7 +165,7 @@ func TestTokenStore_IdentityPolicies(t *testing.T) { } // Login using LDAP - secret, err := client.Logical().Write("auth/ldap/login/hermes conrad", map[string]interface{}{ + secret, err := client.Logical().WriteWithContext(context.Background(), "auth/ldap/login/hermes conrad", map[string]interface{}{ "password": "hermes", }) if err != nil { @@ -181,7 +182,7 @@ func TestTokenStore_IdentityPolicies(t *testing.T) { } // At this point there shouldn't be any identity policy on the token - secret, err = client.Logical().Write("auth/token/lookup", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "auth/token/lookup", map[string]interface{}{ "token": ldapClientToken, }) if err != nil { @@ -194,7 +195,7 @@ func TestTokenStore_IdentityPolicies(t *testing.T) { // Extract the entity ID of the token and set some policies on the entity entityID := secret.Data["entity_id"].(string) - _, err = client.Logical().Write("identity/entity/id/"+entityID, map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "identity/entity/id/"+entityID, map[string]interface{}{ "policies": []string{ "entity_policy_1", "entity_policy_2", @@ -205,7 +206,7 @@ func TestTokenStore_IdentityPolicies(t *testing.T) { } // Lookup the token and expect entity policies on the token - secret, err = client.Logical().Write("auth/token/lookup", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "auth/token/lookup", map[string]interface{}{ "token": ldapClientToken, }) if err != nil { @@ -228,7 +229,7 @@ func TestTokenStore_IdentityPolicies(t *testing.T) { } // Create identity group and add entity as its member - secret, err = client.Logical().Write("identity/group", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "identity/group", map[string]interface{}{ "policies": []string{ "group_policy_1", "group_policy_2", @@ -242,7 +243,7 @@ func TestTokenStore_IdentityPolicies(t *testing.T) { } // Lookup token and expect both entity and group policies on the token - secret, err = client.Logical().Write("auth/token/lookup", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "auth/token/lookup", map[string]interface{}{ "token": ldapClientToken, }) if err != nil { @@ -268,14 +269,14 @@ func TestTokenStore_IdentityPolicies(t *testing.T) { // Create an external group and renew the token. This should add external // group policies to the token. - auths, err := client.Sys().ListAuth() + auths, err := client.Sys().ListAuthWithContext(context.Background()) if err != nil { t.Fatal(err) } ldapMountAccessor1 := auths["ldap/"].Accessor // Create an external group - secret, err = client.Logical().Write("identity/group", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "identity/group", map[string]interface{}{ "type": "external", "policies": []string{ "external_group_policy_1", @@ -288,7 +289,7 @@ func TestTokenStore_IdentityPolicies(t *testing.T) { ldapExtGroupID1 := secret.Data["id"].(string) // Associate a group from LDAP auth as a group-alias in the external group - _, err = client.Logical().Write("identity/group-alias", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "identity/group-alias", map[string]interface{}{ "name": "testgroup1", "mount_accessor": ldapMountAccessor1, "canonical_id": ldapExtGroupID1, @@ -298,14 +299,14 @@ func TestTokenStore_IdentityPolicies(t *testing.T) { } // Renew token to refresh external group memberships - secret, err = client.Auth().Token().Renew(ldapClientToken, 10) + secret, err = client.Auth().Token().RenewWithContext(context.Background(), ldapClientToken, 10) if err != nil { t.Fatal(err) } // Lookup token and expect entity, group and external group policies on the // token - secret, err = client.Logical().Write("auth/token/lookup", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "auth/token/lookup", map[string]interface{}{ "token": ldapClientToken, }) if err != nil { @@ -333,7 +334,7 @@ func TestTokenStore_IdentityPolicies(t *testing.T) { // Log in and get a new token, then renew it. See issue #4829. The logic is // continued after the next block. - secret, err = client.Logical().Write("auth/ldap/login/hermes conrad", map[string]interface{}{ + secret, err = client.Logical().WriteWithContext(context.Background(), "auth/ldap/login/hermes conrad", map[string]interface{}{ "password": "hermes", }) if err != nil { @@ -344,12 +345,12 @@ func TestTokenStore_IdentityPolicies(t *testing.T) { // Check that the lease for the token contains only the single group; this // should be true for both as one was fresh and the other was a renew // (which is why we do the renew check on the 4839 token after this block) - secret, err = client.Logical().List("sys/raw/sys/expire/id/auth/ldap/login/hermes conrad/") + secret, err = client.Logical().ListWithContext(context.Background(), "sys/raw/sys/expire/id/auth/ldap/login/hermes conrad/") if err != nil { t.Fatal(err) } for _, key := range secret.Data["keys"].([]interface{}) { - secret, err := client.Logical().Read("sys/raw/sys/expire/id/auth/ldap/login/hermes conrad/" + key.(string)) + secret, err := client.Logical().ReadWithContext(context.Background(), "sys/raw/sys/expire/id/auth/ldap/login/hermes conrad/"+key.(string)) if err != nil { t.Fatal(err) } @@ -363,7 +364,7 @@ func TestTokenStore_IdentityPolicies(t *testing.T) { } } - secret, err = client.Auth().Token().Renew(token4829, 10) + secret, err = client.Auth().Token().RenewWithContext(context.Background(), token4829, 10) if err != nil { t.Fatal(err) } @@ -390,7 +391,7 @@ path "auth/token/create" { var err error var secret *api.Secret - _, err = client.Logical().Write("sys/policies/acl/test", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "sys/policies/acl/test", map[string]interface{}{ "policy": testPolicy, }) if err != nil { @@ -398,41 +399,41 @@ path "auth/token/create" { } // Test normally - _, err = client.Logical().Write("auth/token/roles/testrole", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/token/roles/testrole", map[string]interface{}{ "bound_cidrs": []string{}, }) if err != nil { t.Fatal(err) } - secret, err = client.Auth().Token().CreateWithRole(&api.TokenCreateRequest{ + secret, err = client.Auth().Token().CreateWithRoleWithContext(context.Background(), &api.TokenCreateRequest{ Policies: []string{"default"}, }, "testrole") if err != nil { t.Fatal(err) } client.SetToken(secret.Auth.ClientToken) - _, err = client.Auth().Token().LookupSelf() + _, err = client.Auth().Token().LookupSelfWithContext(context.Background()) if err != nil { t.Fatal(err) } // CIDR blocks, containing localhost client.SetToken(rootToken) - _, err = client.Logical().Write("auth/token/roles/testrole", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/token/roles/testrole", map[string]interface{}{ "bound_cidrs": []string{"127.0.0.1/32", "1.2.3.4/8", "5.6.7.8/24"}, "allowed_policies": "test", }) if err != nil { t.Fatal(err) } - secret, err = client.Auth().Token().CreateWithRole(&api.TokenCreateRequest{ + secret, err = client.Auth().Token().CreateWithRoleWithContext(context.Background(), &api.TokenCreateRequest{ Policies: []string{"test", "default"}, }, "testrole") if err != nil { t.Fatal(err) } client.SetToken(secret.Auth.ClientToken) - _, err = client.Auth().Token().LookupSelf() + _, err = client.Auth().Token().LookupSelfWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -440,7 +441,7 @@ path "auth/token/create" { // Before moving on, validate that a child token created from this token // inherits the bound cidr blocks client.SetToken(secret.Auth.ClientToken) - childSecret, err := client.Auth().Token().Create(&api.TokenCreateRequest{ + childSecret, err := client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Policies: []string{"default"}, }) if err != nil { @@ -450,7 +451,7 @@ path "auth/token/create" { t.Fatal(err) } client.SetToken(childSecret.Auth.ClientToken) - childInfo, err := client.Auth().Token().LookupSelf() + childInfo, err := client.Auth().Token().LookupSelfWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -460,20 +461,20 @@ path "auth/token/create" { // CIDR blocks, not containing localhost (should fail) client.SetToken(rootToken) - _, err = client.Logical().Write("auth/token/roles/testrole", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/token/roles/testrole", map[string]interface{}{ "bound_cidrs": []string{"1.2.3.4/8", "5.6.7.8/24"}, }) if err != nil { t.Fatal(err) } - secret, err = client.Auth().Token().CreateWithRole(&api.TokenCreateRequest{ + secret, err = client.Auth().Token().CreateWithRoleWithContext(context.Background(), &api.TokenCreateRequest{ Policies: []string{"default"}, }, "testrole") if err != nil { t.Fatal(err) } client.SetToken(secret.Auth.ClientToken) - _, err = client.Auth().Token().LookupSelf() + _, err = client.Auth().Token().LookupSelfWithContext(context.Background()) if err == nil { t.Fatal("expected error") } @@ -483,38 +484,38 @@ path "auth/token/create" { // Root token, no ttl, should work client.SetToken(rootToken) - _, err = client.Logical().Write("auth/token/roles/testrole", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/token/roles/testrole", map[string]interface{}{ "bound_cidrs": []string{"1.2.3.4/8", "5.6.7.8/24"}, "allowed_policies": "", }) if err != nil { t.Fatal(err) } - secret, err = client.Auth().Token().CreateWithRole(&api.TokenCreateRequest{}, "testrole") + secret, err = client.Auth().Token().CreateWithRoleWithContext(context.Background(), &api.TokenCreateRequest{}, "testrole") if err != nil { t.Fatal(err) } client.SetToken(secret.Auth.ClientToken) - _, err = client.Auth().Token().LookupSelf() + _, err = client.Auth().Token().LookupSelfWithContext(context.Background()) if err != nil { t.Fatal(err) } // Root token, ttl, should not work client.SetToken(rootToken) - _, err = client.Logical().Write("auth/token/roles/testrole", map[string]interface{}{ + _, err = client.Logical().WriteWithContext(context.Background(), "auth/token/roles/testrole", map[string]interface{}{ "bound_cidrs": []string{"1.2.3.4/8", "5.6.7.8/24"}, "period": 3600, }) if err != nil { t.Fatal(err) } - secret, err = client.Auth().Token().CreateWithRole(&api.TokenCreateRequest{}, "testrole") + secret, err = client.Auth().Token().CreateWithRoleWithContext(context.Background(), &api.TokenCreateRequest{}, "testrole") if err != nil { t.Fatal(err) } client.SetToken(secret.Auth.ClientToken) - _, err = client.Auth().Token().LookupSelf() + _, err = client.Auth().Token().LookupSelfWithContext(context.Background()) if err == nil { t.Fatal("expected error") } @@ -553,7 +554,7 @@ func TestTokenStore_RevocationOnStartup(t *testing.T) { var tokens []string // Create tokens for i := 0; i < 500; i++ { - secret, err = client.Auth().Token().Create(&api.TokenCreateRequest{ + secret, err = client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Policies: []string{"default"}, }) if err != nil { @@ -563,7 +564,7 @@ func TestTokenStore_RevocationOnStartup(t *testing.T) { } const tokenPath string = "sys/raw/sys/token/id/" - secret, err = client.Logical().List(tokenPath) + secret, err = client.Logical().ListWithContext(context.Background(), tokenPath) if err != nil { t.Fatal(err) } @@ -571,7 +572,7 @@ func TestTokenStore_RevocationOnStartup(t *testing.T) { // Get the list of leases const leasePath string = "sys/raw/sys/expire/id/auth/token/create/" - secret, err = client.Logical().List(leasePath) + secret, err = client.Logical().ListWithContext(context.Background(), leasePath) if err != nil { t.Fatal(err) } @@ -584,7 +585,7 @@ func TestTokenStore_RevocationOnStartup(t *testing.T) { var validLeases []string // Fake times in the past for _, lease := range leases { - secret, err = client.Logical().Read(leasePath + lease.(string)) + secret, err = client.Logical().ReadWithContext(context.Background(), leasePath+lease.(string)) if err != nil { t.Fatal(err) } @@ -602,7 +603,7 @@ func TestTokenStore_RevocationOnStartup(t *testing.T) { if err != nil { t.Fatal(err) } - if _, err := client.Logical().Write(leasePath+lease.(string), map[string]interface{}{ + if _, err := client.Logical().WriteWithContext(context.Background(), leasePath+lease.(string), map[string]interface{}{ "value": string(jsonEntry), }); err != nil { t.Fatal(err) @@ -615,7 +616,7 @@ func TestTokenStore_RevocationOnStartup(t *testing.T) { var status *api.SealStatusResponse for i := 0; i < len(cluster.BarrierKeys); i++ { - status, err = client.Sys().Unseal(string(base64.StdEncoding.EncodeToString(cluster.BarrierKeys[i]))) + status, err = client.Sys().UnsealWithContext(context.Background(), string(base64.StdEncoding.EncodeToString(cluster.BarrierKeys[i]))) if err != nil { t.Fatal(err) } @@ -632,7 +633,7 @@ func TestTokenStore_RevocationOnStartup(t *testing.T) { for i, token := range tokens { client.SetToken(token) - _, err := client.Logical().Write("cubbyhole/foo", map[string]interface{}{ + _, err := client.Logical().WriteWithContext(context.Background(), "cubbyhole/foo", map[string]interface{}{ "value": "bar", }) if err == nil { @@ -643,7 +644,7 @@ func TestTokenStore_RevocationOnStartup(t *testing.T) { expectedLeases := len(leases) - len(validLeases) client.SetToken(rootToken) - secret, err = client.Logical().List(leasePath) + secret, err = client.Logical().ListWithContext(context.Background(), leasePath) if err != nil { t.Fatal(err) } @@ -667,7 +668,7 @@ func TestTokenStore_RevocationOnStartup(t *testing.T) { } expectedTokens := totalTokens - len(validLeases) - secret, err = client.Logical().List(tokenPath) + secret, err = client.Logical().ListWithContext(context.Background(), tokenPath) if err != nil { t.Fatal(err) } diff --git a/vault/logical_system_integ_test.go b/vault/logical_system_integ_test.go index 5a26849f2df7..6570fee866d5 100644 --- a/vault/logical_system_integ_test.go +++ b/vault/logical_system_integ_test.go @@ -1,6 +1,7 @@ package vault_test import ( + "context" "fmt" "io/ioutil" "os" @@ -231,13 +232,13 @@ func testPlugin_CatalogRemoved(t *testing.T, btype logical.BackendType, testMoun case logical.TypeLogical: // Add plugin back to the catalog vault.TestAddTestPlugin(t, core.Core, "mock-plugin", consts.PluginTypeSecrets, "TestBackend_PluginMainLogical", []string{}, "") - _, err = core.Client.Logical().Write("sys/mounts/mock-0", map[string]interface{}{ + _, err = core.Client.Logical().WriteWithContext(context.Background(), "sys/mounts/mock-0", map[string]interface{}{ "type": "test", }) case logical.TypeCredential: // Add plugin back to the catalog vault.TestAddTestPlugin(t, core.Core, "mock-plugin", consts.PluginTypeCredential, "TestBackend_PluginMainCredentials", []string{}, "") - _, err = core.Client.Logical().Write("sys/auth/mock-0", map[string]interface{}{ + _, err = core.Client.Logical().WriteWithContext(context.Background(), "sys/auth/mock-0", map[string]interface{}{ "type": "test", }) } @@ -300,7 +301,7 @@ func testPlugin_continueOnError(t *testing.T, btype logical.BackendType, mismatc switch btype { case logical.TypeCredential: vault.TestAddTestPlugin(t, core.Core, mountPoint, consts.PluginTypeCredential, "TestBackend_PluginMainCredentials", []string{}, cluster.TempDir) - _, err = core.Client.Logical().Write(fmt.Sprintf("sys/auth/%s", mountPoint), map[string]interface{}{ + _, err = core.Client.Logical().WriteWithContext(context.Background(), fmt.Sprintf("sys/auth/%s", mountPoint), map[string]interface{}{ "type": "mock-plugin", }) if err != nil { @@ -476,7 +477,7 @@ func testSystemBackend_PluginReload(t *testing.T, reqData map[string]interface{} for i := 0; i < 2; i++ { // Update internal value in the backend - resp, err := client.Logical().Write(fmt.Sprintf("mock-%d/internal", i), map[string]interface{}{ + resp, err := client.Logical().WriteWithContext(context.Background(), fmt.Sprintf("mock-%d/internal", i), map[string]interface{}{ "value": "baz", }) if err != nil { @@ -488,7 +489,7 @@ func testSystemBackend_PluginReload(t *testing.T, reqData map[string]interface{} } // Perform plugin reload - resp, err := client.Logical().Write("sys/plugins/reload/backend", reqData) + resp, err := client.Logical().WriteWithContext(context.Background(), "sys/plugins/reload/backend", reqData) if err != nil { t.Fatalf("err: %v", err) } @@ -501,7 +502,7 @@ func testSystemBackend_PluginReload(t *testing.T, reqData map[string]interface{} for i := 0; i < 2; i++ { // Ensure internal backed value is reset - resp, err := client.Logical().Read(fmt.Sprintf("mock-%d/internal", i)) + resp, err := client.Logical().ReadWithContext(context.Background(), fmt.Sprintf("mock-%d/internal", i)) if err != nil { t.Fatalf("err: %v", err) } @@ -557,7 +558,7 @@ func testSystemBackendMock(t *testing.T, numCores, numMounts int, backendType lo options := map[string]interface{}{ "type": "mock-plugin", } - resp, err := client.Logical().Write(fmt.Sprintf("sys/mounts/mock-%d", i), options) + resp, err := client.Logical().WriteWithContext(context.Background(), fmt.Sprintf("sys/mounts/mock-%d", i), options) if err != nil { t.Fatalf("err: %v", err) } @@ -572,7 +573,7 @@ func testSystemBackendMock(t *testing.T, numCores, numMounts int, backendType lo options := map[string]interface{}{ "type": "mock-plugin", } - resp, err := client.Logical().Write(fmt.Sprintf("sys/auth/mock-%d", i), options) + resp, err := client.Logical().WriteWithContext(context.Background(), fmt.Sprintf("sys/auth/mock-%d", i), options) if err != nil { t.Fatalf("err: %v", err) } @@ -627,7 +628,7 @@ func testSystemBackend_SingleCluster_Env(t *testing.T, env []string) *vault.Test "type": "mock-plugin", } - resp, err := client.Logical().Write("sys/mounts/mock", options) + resp, err := client.Logical().WriteWithContext(context.Background(), "sys/mounts/mock", options) if err != nil { t.Fatalf("err: %v", err) } @@ -740,7 +741,7 @@ func TestSystemBackend_InternalUIResultantACL(t *testing.T) { defer cluster.Cleanup() client := cluster.Cores[0].Client - resp, err := client.Auth().Token().Create(&api.TokenCreateRequest{ + resp, err := client.Auth().Token().CreateWithContext(context.Background(), &api.TokenCreateRequest{ Policies: []string{"default"}, }) if err != nil { @@ -758,7 +759,7 @@ func TestSystemBackend_InternalUIResultantACL(t *testing.T) { client.SetToken(resp.Auth.ClientToken) - resp, err = client.Logical().Read("sys/internal/ui/resultant-acl") + resp, err = client.Logical().ReadWithContext(context.Background(), "sys/internal/ui/resultant-acl") if err != nil { t.Fatal(err) } @@ -886,7 +887,7 @@ func TestSystemBackend_HAStatus(t *testing.T) { vault.RetryUntil(t, 15*time.Second, func() error { // Use standby deliberately to make sure it forwards client := cluster.Cores[1].Client - resp, err := client.Sys().HAStatus() + resp, err := client.Sys().HAStatusWithContext(context.Background()) if err != nil { t.Fatal(err) } @@ -910,7 +911,7 @@ func TestSystemBackend_VersionHistory_unauthenticated(t *testing.T) { client := cluster.Cores[0].Client client.SetToken("") - resp, err := client.Logical().List("sys/version-history") + resp, err := client.Logical().ListWithContext(context.Background(), "sys/version-history") if resp != nil { t.Fatalf("expected nil response, resp: %#v", resp) @@ -937,7 +938,7 @@ func TestSystemBackend_VersionHistory_authenticated(t *testing.T) { defer cluster.Cleanup() client := cluster.Cores[0].Client - resp, err := client.Logical().List("sys/version-history") + resp, err := client.Logical().ListWithContext(context.Background(), "sys/version-history") if err != nil || resp == nil { t.Fatalf("request failed, err: %v, resp: %#v", err, resp) }