update docs and tests, export vault container type

testcontainers · Mar 20, 2023 · 06c286c · 06c286c
1 parent 0c7645e
commit 06c286c
Show file tree

Hide file tree

Showing 3 changed files with 59 additions and 66 deletions.
diff --git a/docs/modules/vault.md b/docs/modules/vault.md
@@ -21,15 +21,43 @@ It takes a context and zero or more Option values to configure the container.
 
 ### Use CLI to read data from Vault container:
 <!--codeinclude-->
-[Use CLI to read data](../../modules/vault/vault_test.go) inside_block:TestVaultFirstSecretPathWithCLI
+[Use CLI to read data](../../modules/vault/vault_test.go) inside_block:TestVaultGetSecretPathWithCLI
 <!--/codeinclude-->
 
 ### Use HTTP API to read data from Vault container:
 <!--codeinclude-->
-[Use HTTP API to read data](../../modules/vault/vault_test.go) inside_block:TestVaultFirstSecretPathWithHTTP
+[Use HTTP API to read data](../../modules/vault/vault_test.go) inside_block:TestVaultGetSecretPathWithHTTP
 <!--/codeinclude-->
 
 ### Use client library to read data from Vault container:
 <!--codeinclude-->
-[Use library to read data](../../modules/vault/vault_test.go) inside_block:TestVaultFirstSecretPathWithClient
+[Use library to read data](../../modules/vault/vault_test.go) inside_block:TestVaultGetSecretPathWithClient
+<!--/codeinclude-->
+
+## Container Options
+
+You can set below options to create Vault container.
+
+### Image 
+If you need to set a different Vault image, you can use the `WithImageName`. Default image name is `vault:1.13.0`
+<!--codeinclude-->
+[Set image name](../../modules/vault/vault_test.go) inside_block:WithImageName
+<!--/codeinclude-->
+
+### Token
+If you need to add token authentication, you can use the `WithToken`.
+<!--codeinclude-->
+[Add token authentication](../../modules/vault/vault_test.go) inside_block:WithToken
+<!--/codeinclude-->
+
+### Log Level
+If you need to change log level, you can use the `WithLogLevel`. Default log level is `info`
+<!--codeinclude-->
+[Change log level](../../modules/vault/vault_test.go) inside_block:WithLogLevel
+<!--/codeinclude-->
+
+### Command
+If you need to run vault command in the container, you can use the `WithInitCommand`.
+<!--codeinclude-->
+[Run init command](../../modules/vault/vault_test.go) inside_block:WithInitCommand
 <!--/codeinclude-->
diff --git a/modules/vault/vault.go b/modules/vault/vault.go
@@ -18,13 +18,13 @@ const (
 // ContainerOptions is a function that can be used to configure the Vault container
 type ContainerOptions func(req *testcontainers.ContainerRequest)
 
-// vaultContainer represents the vault container type used in the module
-type vaultContainer struct {
+// VaultContainer represents the vault container type used in the module
+type VaultContainer struct {
 	testcontainers.Container
 }
 
 // StartContainer creates an instance of the vault container type
-func StartContainer(ctx context.Context, opts ...ContainerOptions) (*vaultContainer, error) {
+func StartContainer(ctx context.Context, opts ...ContainerOptions) (*VaultContainer, error) {
 	req := testcontainers.ContainerRequest{
 		Image:        defaultImageName,
 		ExposedPorts: []string{defaultPort + "/tcp"},
@@ -49,7 +49,7 @@ func StartContainer(ctx context.Context, opts ...ContainerOptions) (*vaultContai
 		return nil, err
 	}
 
-	return &vaultContainer{container}, nil
+	return &VaultContainer{container}, nil
 }
 
 // WithImageName is an option function that sets the Docker image name for the Vault
@@ -89,7 +89,7 @@ func WithInitCommand(commands ...string) ContainerOptions {
 
 // HttpHostAddress returns the http host address of Vault.
 // It returns a string with the format http://<host>:<port>
-func (v *vaultContainer) HttpHostAddress(ctx context.Context) (string, error) {
+func (v *VaultContainer) HttpHostAddress(ctx context.Context) (string, error) {
 	host, err := v.Host(ctx)
 	if err != nil {
 		return "", err

diff --git a/modules/vault/vault_test.go b/modules/vault/vault_test.go
@@ -1,4 +1,4 @@
-package vault
+package vault_test
 
 import (
 	"context"
@@ -12,6 +12,7 @@ import (
 	vaultClient "github.com/hashicorp/vault-client-go"
 	"github.com/hashicorp/vault-client-go/schema"
 	"github.com/stretchr/testify/assert"
+	testcontainervault "github.com/testcontainers/testcontainers-go/modules/vault"
 	"github.com/tidwall/gjson"
 )
 
@@ -21,18 +22,29 @@ const (
 
 var (
 	ctx   = context.Background()
-	vault *vaultContainer
+	vault *testcontainervault.VaultContainer
 )
 
 func TestMain(m *testing.M) {
 	var err error
+	opts := []testcontainervault.ContainerOptions{
+		// WithImageName {
+		testcontainervault.WithImageName("vault:1.13.0"),
+		// }
+		// WithToken {
+		testcontainervault.WithToken(token),
+		// }
+		// WithLogLevel {
+		testcontainervault.WithLogLevel(testcontainervault.Debug),
+		// }
+		// WithInitCommand {
+		testcontainervault.WithInitCommand("secrets enable transit", "write -f transit/keys/my-key"),
+		testcontainervault.WithInitCommand("kv put secret/test1 foo1=bar1"),
+		// }
+	}
+
 	// StartContainer {
-	vault, err = StartContainer(ctx,
-		WithLogLevel(Debug),
-		WithToken(token),
-		WithInitCommand("secrets enable transit", "write -f transit/keys/my-key"),
-		WithInitCommand("kv put secret/test1 foo1=bar1"),
-		WithInitCommand("kv put secret/test2 foo2=bar2 foo3=bar3"))
+	vault, err = testcontainervault.StartContainer(ctx, opts...)
 	// }
 	if err != nil {
 		log.Fatal(err)
@@ -48,7 +60,7 @@ func TestMain(m *testing.M) {
 	os.Exit(c)
 }
 
-func TestVaultFirstSecretPathWithCLI(t *testing.T) {
+func TestVaultGetSecretPathWithCLI(t *testing.T) {
 	exec, reader, err := vault.Exec(ctx, []string{"vault", "kv", "get", "-format=json", "secret/test1"})
 	assert.Nil(t, err)
 	assert.Equal(t, 0, exec)
@@ -59,19 +71,7 @@ func TestVaultFirstSecretPathWithCLI(t *testing.T) {
 	assert.Equal(t, "bar1", gjson.Get(string(bytes), "data.data.foo1").String())
 }
 
-func TestVaultSecondSecretPathWithCLI(t *testing.T) {
-	exec, reader, err := vault.Exec(ctx, []string{"vault", "kv", "get", "-format=json", "secret/test2"})
-	assert.Nil(t, err)
-	assert.Equal(t, 0, exec)
-
-	bytes, err := io.ReadAll(reader)
-	assert.Nil(t, err)
-
-	assert.Equal(t, "bar2", gjson.Get(string(bytes), "data.data.foo2").String())
-	assert.Equal(t, "bar3", gjson.Get(string(bytes), "data.data.foo3").String())
-}
-
-func TestVaultFirstSecretPathWithHTTP(t *testing.T) {
+func TestVaultGetSecretPathWithHTTP(t *testing.T) {
 	hostAddress, err := vault.HttpHostAddress(ctx)
 	assert.Nil(t, err)
 
@@ -88,25 +88,7 @@ func TestVaultFirstSecretPathWithHTTP(t *testing.T) {
 	assert.Equal(t, "bar1", gjson.Get(string(body), "data.data.foo1").String())
 }
 
-func TestVaultSecondSecretPathWithHTTP(t *testing.T) {
-	hostAddress, err := vault.HttpHostAddress(ctx)
-	assert.Nil(t, err)
-
-	request, _ := http.NewRequest(http.MethodGet, hostAddress+"/v1/secret/data/test2", nil)
-	request.Header.Add("X-Vault-Token", token)
-
-	response, err := http.DefaultClient.Do(request)
-	assert.Nil(t, err)
-	defer response.Body.Close()
-
-	body, err := io.ReadAll(response.Body)
-	assert.Nil(t, err)
-
-	assert.Equal(t, "bar2", gjson.Get(string(body), "data.data.foo2").String())
-	assert.Equal(t, "bar3", gjson.Get(string(body), "data.data.foo3").String())
-}
-
-func TestVaultFirstSecretPathWithClient(t *testing.T) {
+func TestVaultGetSecretPathWithClient(t *testing.T) {
 	hostAddress, _ := vault.HttpHostAddress(ctx)
 	client, err := vaultClient.New(
 		vaultClient.WithAddress(hostAddress),
@@ -122,23 +104,6 @@ func TestVaultFirstSecretPathWithClient(t *testing.T) {
 	assert.Equal(t, "bar1", s.Data["data"].(map[string]interface{})["foo1"])
 }
 
-func TestVaultSecondSecretPathWithClient(t *testing.T) {
-	hostAddress, _ := vault.HttpHostAddress(ctx)
-	client, err := vaultClient.New(
-		vaultClient.WithAddress(hostAddress),
-		vaultClient.WithRequestTimeout(30*time.Second),
-	)
-	assert.Nil(t, err)
-
-	err = client.SetToken(token)
-	assert.Nil(t, err)
-
-	s, err := client.Secrets.KVv2Read(ctx, "test2")
-	assert.Nil(t, err)
-	assert.Equal(t, "bar2", s.Data["data"].(map[string]interface{})["foo2"])
-	assert.Equal(t, "bar3", s.Data["data"].(map[string]interface{})["foo3"])
-}
-
 func TestVaultWriteSecretWithClient(t *testing.T) {
 	hostAddress, _ := vault.HttpHostAddress(ctx)
 	client, err := vaultClient.New(