UNPKG

hashi-vault-js

Version:

A node.js module to interact with the Hashicorp Vault API.

github.com/rod4n4m1/hashi-vault-js

rod4n4m1/hashi-vault-js

101 lines (86 loc) 3.09 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
const Vault = require('../Vault'); let key = null; const RoleId = process.env.ROLE_ID; const SecretId = process.env.SECRET_ID; const ClientCert = process.env.CLIENT_CERT; const ClientKey = process.env.CLIENT_KEY; const CACert = process.env.CA_CERT; const VaultUrl = process.env.VAULT_URL; const RootToken = process.env.VAULT_ROOT_TOKEN; const vault = new Vault( { https: true, cert: ClientCert, key: ClientKey, cacert: CACert, baseUrl: VaultUrl, rootPath: 'pki', timeout: 10000, proxy: false }); const CertParams = { role: "acme", commonName: "www.vault.acme.com", altNames: "www1.vault.acme.com", ipSans: "10.0.0.200", uriSans: "", otherSans: "", ttL: "365d", format: "pem_bundle", pkFormat: "der", excludeCnFromSans: false }; // Set jest async callback timeout jest.setTimeout(10000); //TODO: Improve expect assertion on all tests test('genPkiCertificate: the result is a new certificate issued', async () => { const data = await vault.genPkiCertificate(RootToken, CertParams); console.log(data); key = data.serial_number; return expect(data).toBeDefined(); }); test('revokePkiCertificate: the result is a revoked certificate', async () => { const data = await vault.revokePkiCertificate(RootToken, key); console.log(data); return expect(data).toBeDefined(); }); test('listCertificates: the result is a list of issued certificates', async () => { const data = await vault.listCertificates(RootToken); console.log(data); key = data.keys[0]; return expect(data).toBeDefined(); }); test('readCertificate: the result is the first certificate from previous list', async () => { const data = await vault.readCertificate(key); console.log(data); return expect(data).toBeDefined(); }); test('setCrlConfig: the result is the PKI CRL set', async () => { const data = await vault.setCrlConfig(RootToken, '720h', false); console.log(data); return expect(data).toBeDefined(); }); test('readCrlConfig: the result is the PKI CRL configuration', async () => { const data = await vault.readCrlConfig(RootToken); console.log(data); return expect(data).toBeDefined(); }); test('setPkiUrls: the result is the PKI URLs set', async () => { const data = await vault.setPkiUrls(RootToken, [ 'https://vault.local:8200/v1/pki/crl' ], [ 'https://vault.local:8200/v1/pki/ca' ], [ 'https://vault.local:8200/v1/pki/oscp' ]); console.log(data); return expect(data).toBeDefined(); }); test('readPkiUrls: the result is the PKI URLs configuration', async () => { const data = await vault.readPkiUrls(RootToken); console.log(data); return expect(data).toBeDefined(); }); test('readPkiCrl: the result is the Certificate Revocation List (CRL) on PEM format', async () => { const data = await vault.readPkiCrl('pem'); console.log(data); return expect(data).toBeDefined(); }); test('rotatePkiCrl: the result is the Certificate Revocation List (CRL) rotation', async () => { const data = await vault.rotatePkiCrl(RootToken); console.log(data); return expect(data).toBeDefined(); });