Updating instructions for testing

petems · Nov 20, 2021 · 5385ce0 · 5385ce0
1 parent 16916f9
commit 5385ce0
Show file tree

Hide file tree

Showing 5 changed files with 33 additions and 13 deletions.
diff --git a/.gitignore b/.gitignore
@@ -22,3 +22,4 @@
 /convert_report.txt
 /update_report.txt
 .DS_Store
+vault.zip
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -58,16 +58,27 @@ To run a specific spec test set the `SPEC` variable:
 
     bundle exec rake spec SPEC=spec/foo_spec.rb:123
 
+The tests require a version of `vault` to be avaliable on the command-line.
 
+```
+#!/bin/bash
+VAULT_VERSION=1.3.0
+cd /tmp/
+curl -sLo vault.zip https://releases.hashicorp.com/vault/${VAULT_VERSION}/vault_${VAULT_VERSION}_linux_amd64.zip
+unzip vault.zip
+mkdir -p /usr/local/bin
+mv vault /usr/local/bin
+export PATH="/usr/local/bin:$PATH"
+```
 
-## Integration tests
+### Docker enviroment for tests
 
-The unit tests just check the code runs, not that it does exactly what
-we want on a real machine. For that we're using
-[beaker](https://github.com/puppetlabs/beaker).
+If you want a quick Docker lab to run the tests on:
 
-This fires up a simple Docker cluster and runs a series of
-simple tests against it after applying the module. You can run this
-with:
+```
+docker run --rm -it -e SPEC_OPTS='--fail-fast --format documentation' -v /tmp/rspec:/var/cache/rspec -v $PWD:/module -w /module ruby:2.7.3 /bin/bash
+```
 
-    bundle exec rake acceptance
+From there, you can run `./download_vault.sh` to download vault and then run: `export PATH="~/bin:$PATH"` to add it to the path.
+
+After that you can run the tests with `bundle exec rake spec`
diff --git a/README.md b/README.md
@@ -153,11 +153,13 @@ strip_from_keys:
   - "vault:"
 ```
 
-`default_field:`: The default field within data to return. If not present, the lookup will be the full contents of the secret data.
+`default_field`: The default field within data to return. If not present, the lookup will be the full contents of the secret data.
 
-`mounts:`: The list of mounts you want to do lookups against. This is treated as the backend hiearchy for lookup. It is recomended you use [Trusted Facts](https://puppet.com/docs/puppet/5.3/lang_facts_and_builtin_vars.html#trusted-facts) within the hierachy to ensure lookups are restricted to the correct hierachy points. See [Mounts](#mounts).
+`mounts`: The list of mounts you want to do lookups against. This is treated as the backend hiearchy for lookup. It is recomended you use [Trusted Facts](https://puppet.com/docs/puppet/5.3/lang_facts_and_builtin_vars.html#trusted-facts) within the hierachy to ensure lookups are restricted to the correct hierachy points. See [Mounts](#mounts).
 
-`:ssl_verify`: Specify whether to verify SSL certificates (default: true)
+`ssl_verify`: Specify whether to verify SSL certificates (default: true)
+
+`strict_mode`: Whether to fail loudly when we get a 403 response or no result from Vault. Otherwise we get an empty result, which means passwords could become empty strings.
 
 `v1_lookup`: whether to lookup within kv v1 hierarchy (default `true`) - disable if you only use kv v2 :) See [Less lookups](#less-lookups).
 

diff --git a/download_vault.sh b/download_vault.sh
@@ -0,0 +1,8 @@
+#!/bin/bash
+VAULT_VERSION=1.3.0
+cd /tmp/
+curl -sLo vault.zip https://releases.hashicorp.com/vault/${VAULT_VERSION}/vault_${VAULT_VERSION}_linux_amd64.zip
+unzip vault.zip
+mkdir -p /usr/local/bin
+mv vault /usr/local/bin
+echo 'Now run: export PATH="/usr/local/bin:$PATH"'
diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb
@@ -55,5 +55,3 @@ def self.create_function(_name, &block)
     config.warnings = false
   end
 end
-
-require 'puppetlabs_spec_helper/module_spec_helper'
-Original file line number
+Diff line change
@@ Expand Up / @@ -55,5 +55,3 @@ def self.create_function(_name, &block) @@
         config.warnings = false
       end
     end
-    require 'puppetlabs_spec_helper/module_spec_helper'