UNPKG

hashi-vault-js

Version:

A node.js module to interact with the Hashicorp Vault API.

github.com/kyndryl-open-source/hashi-vault-js

kyndryl-open-source/hashi-vault-js

95 lines (78 loc) 2.87 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
// Jest unit test for Vault.js // AD secret engine -- roles // This test will create a new AD role, update it, retrieve its credentials, and delete the AD role. import Vault from '../src/Vault.js'; const BindDN = process.env.LDAP_BIND_DN; const BindPass = process.env.LDAP_BIND_PASS; const LdapUrl = process.env.LDAP_SECURE_URL; const ClientCert = process.env.CLIENT_CERT; const ClientKey = process.env.CLIENT_KEY; const CACert = process.env.CA_CERT; const VaultUrl = process.env.VAULT_URL; const RootToken = process.env.VAULT_ROOT_TOKEN; const vault = new Vault( { https: true, cert: ClientCert, key: ClientKey, cacert: CACert, baseUrl: VaultUrl, rootPath: 'ad', timeout: 3000, proxy: false }); const RoleName = "my-application"; const RolePayload1 = { name: RoleName, service_account_name: 'nathan.hale@chatopsknight.com', ttl: '1h' }; const RolePayload2 = { name: RoleName, service_account_name: 'nathan.hale@chatopsknight.com', ttl: '6h' }; test('createADRole: the result is an AD role created - HTTP 204', async () => { const data = await vault.createADRole(RootToken, RolePayload1); console.log(data); return expect(data).toBeDefined(); }); test('readADRole: the result is an AD role information retrieved', async () => { const data = await vault.readADRole(RootToken, RoleName); console.log(data); return expect(data).toBeDefined(); }); test('updateADRole: the result is an AD role updated - HTTP 204', async () => { const data = await vault.updateADRole(RootToken, RolePayload2); console.log(data); return expect(data).toBeDefined(); }); test('readADRole: the result is an AD role information retrieved', async () => { const data = await vault.readADRole(RootToken, RoleName); console.log(data); return expect(data).toBeDefined(); }); test('getADRoleCred: the result is an AD role credential information retrieved', async () => { const data = await vault.getADRoleCred(RootToken, RoleName); console.log(data); return expect(data).toBeDefined(); }); test('rotateADRoleCred: the result is an AD role credential rotated', async () => { const data = await vault.rotateADRoleCred(RootToken, RoleName); console.log(data); return expect(data).toBeDefined(); }); test('getADRoleCred: the result is an AD role credential information retrieved', async () => { const data = await vault.getADRoleCred(RootToken, RoleName); console.log(data); return expect(data).toBeDefined(); }); test('listADRoles: the result is the AD roles listed', async () => { const data = await vault.listADRoles(RootToken); console.log(data); return expect(data).toBeDefined(); }); test('deleteADRole: the result is an AD role deleted - HTTP 204', async () => { const data = await vault.deleteADRole(RootToken, RoleName); console.log(data); return expect(data).toBeDefined(); });