UNPKG

hashi-vault-js

Version:

A node.js module to interact with the Hashicorp Vault API.

github.com/kyndryl-open-source/hashi-vault-js

kyndryl-open-source/hashi-vault-js

71 lines (62 loc) 2.28 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
import Vault from '../src/Vault.js'; const SECRET1={ name: "slack5", secrets: { bot_token1: "xoxb-123456789012-1234567890123-1w1lln0tt3llmys3cr3tatm3", bot_token2: "xoxb-123456789013-1234567890124-1w1lln0tt3llmys3cr3tatm3" } }; const SECRET2={ name: "slack5", secrets: { bot_token1: "xoxb-123456789013-1234567890124-1w1lln0tt3llmys3cr3tatm3", bot_token2: "xoxb-123456789014-1234567890125-1w1lln0tt3llmys3cr3tatm3" } }; const Metadata = { tag1: "development", tag2: "unit-test" }; let token = null; let newSecretId = null; const RoleId = process.env.ROLE_ID; const SecretId = process.env.SECRET_ID; const ClientCert = process.env.CLIENT_CERT; const ClientKey = process.env.CLIENT_KEY; const CACert = process.env.CA_CERT; const VaultUrl = process.env.VAULT_URL; const AppRole = process.env.APPROLE; const vault = new Vault( { https: true, cert: ClientCert, key: ClientKey, cacert: CACert, baseUrl: VaultUrl, timeout: 1000, proxy: false }); //TODO: Improve expect assertion on all tests //TODO: Automatically delete previous data on KV engine //TODO: Automatically clean up /$RootPath mount point test('loginWithAppRole: the result is a new AppRole authentication token', async () => { const data = await vault.loginWithAppRole(RoleId, SecretId); console.log(data); token = data.client_token; return expect(data).toBeDefined(); }); test('readAppRoleSecretId: the result is the AppRole secret-id information', async () => { const data = await vault.readAppRoleSecretId(token, AppRole, SecretId); //console.log('readAppRoleSecretId output:\n',data); return expect(data).toBeDefined(); }); test('generateAppRoleSecretId: the result is new AppRole secret-id generated', async () => { const data = await vault.generateAppRoleSecretId(token, AppRole, JSON.stringify(Metadata)); //console.log('generateAppRoleSecretId output:\n',data); newSecretId = data.secret_id; return expect(data).toBeDefined(); }); test('destroyAppRoleSecretId: the result is an AppRole secret-id destroyed - HTTP 204', async () => { const data = await vault.destroyAppRoleSecretId(token, AppRole, newSecretId); //console.log('generateAppRoleSecretId output:\n',data); return expect(data).toBeDefined(); });