apisix/t/cli/test_etcd.sh

#!/usr/bin/env bash

#
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements.  See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License.  You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#

. ./t/cli/common.sh

# check etcd while enable auth
git checkout conf/config.yaml

export ETCDCTL_API=3
etcdctl version
etcdctl --endpoints=127.0.0.1:2379 user add "root:apache-api6"
etcdctl --endpoints=127.0.0.1:2379 role add root
etcdctl --endpoints=127.0.0.1:2379 user grant-role root root
etcdctl --endpoints=127.0.0.1:2379 user get root
etcdctl --endpoints=127.0.0.1:2379 auth enable
etcdctl --endpoints=127.0.0.1:2379 --user=root:apache-api6 del /apisix --prefix

echo '
etcd:
  host:
    - "http://127.0.0.1:2379"
  prefix: "/apisix"
  timeout: 30
  user: root
  password: apache-api6
' > conf/config.yaml

make init
cmd_res=`etcdctl --endpoints=127.0.0.1:2379 --user=root:apache-api6 get /apisix --prefix`
etcdctl --endpoints=127.0.0.1:2379 --user=root:apache-api6 auth disable
etcdctl --endpoints=127.0.0.1:2379 role delete root
etcdctl --endpoints=127.0.0.1:2379 user delete root

init_kv=(
"/apisix/consumers/ init_dir"
"/apisix/global_rules/ init_dir"
"/apisix/plugin_metadata/ init_dir"
"/apisix/plugins/ init_dir"
"/apisix/proto/ init_dir"
"/apisix/routes/ init_dir"
"/apisix/services/ init_dir"
"/apisix/ssl/ init_dir"
"/apisix/stream_routes/ init_dir"
"/apisix/upstreams/ init_dir"
)

IFS=$'\n'
for kv in ${init_kv[@]}
do
count=`echo $cmd_res | grep -c ${kv} || true`
if [ $count -ne 1 ]; then
    echo "failed: failed to match ${kv}"
    exit 1
fi
done

echo "passed: etcd auth enabled and init kv has been set up correctly"

out=$(make init 2>&1 || true)
if ! echo "$out" | grep 'authentication is not enabled'; then
    echo "failed: properly handle the error when connecting to etcd without auth"
    exit 1
fi

echo "passed: properly handle the error when connecting to etcd without auth"

# Check etcd connect refused
git checkout conf/config.yaml

echo '
etcd:
  host:
    - "http://127.0.0.1:2389"
  prefix: "/apisix"
' > conf/config.yaml

out=$(make init 2>&1 || true)
if ! echo "$out" | grep "connection refused"; then
    echo "failed: apisix should echo \"connection refused\""
    exit 1
fi

echo "passed: Show connection refused info successfully"

# Check etcd auth error
git checkout conf/config.yaml

export ETCDCTL_API=3
etcdctl version
etcdctl --endpoints=127.0.0.1:2379 user add "root:apache-api6"
etcdctl --endpoints=127.0.0.1:2379 role add root
etcdctl --endpoints=127.0.0.1:2379 user grant-role root root
etcdctl --endpoints=127.0.0.1:2379 user get root
etcdctl --endpoints=127.0.0.1:2379 auth enable
etcdctl --endpoints=127.0.0.1:2379 --user=root:apache-api6 del /apisix --prefix

echo '
etcd:
  host:
    - "http://127.0.0.1:2379"
  prefix: "/apisix"
  timeout: 30
  user: root
  password: apache-api7
' > conf/config.yaml

out=$(make init 2>&1 || true)
if ! echo "$out" | grep "invalid user ID or password"; then
    echo "failed: should echo \"invalid user ID or password\""
    exit 1
fi

echo "passed: show password error successfully"

# clean etcd auth
etcdctl --endpoints=127.0.0.1:2379 --user=root:apache-api6 auth disable
etcdctl --endpoints=127.0.0.1:2379 role delete root
etcdctl --endpoints=127.0.0.1:2379 user delete root