mirror of
https://github.com/coder/coder.git
synced 2025-07-09 11:45:56 +00:00
feat: add keys to organization provision daemons (#14627)
This commit is contained in:
@ -64,6 +64,20 @@ func TestProvisionerKeys(t *testing.T) {
|
||||
err = outsideOrgAdmin.DeleteProvisionerKey(ctx, owner.OrganizationID, "key")
|
||||
require.ErrorContains(t, err, "Resource not found")
|
||||
|
||||
// org admin cannot create reserved provisioner keys
|
||||
_, err = orgAdmin.CreateProvisionerKey(ctx, owner.OrganizationID, codersdk.CreateProvisionerKeyRequest{
|
||||
Name: codersdk.ProvisionerKeyNameBuiltIn,
|
||||
})
|
||||
require.ErrorContains(t, err, "reserved")
|
||||
_, err = orgAdmin.CreateProvisionerKey(ctx, owner.OrganizationID, codersdk.CreateProvisionerKeyRequest{
|
||||
Name: codersdk.ProvisionerKeyNameUserAuth,
|
||||
})
|
||||
require.ErrorContains(t, err, "reserved")
|
||||
_, err = orgAdmin.CreateProvisionerKey(ctx, owner.OrganizationID, codersdk.CreateProvisionerKeyRequest{
|
||||
Name: codersdk.ProvisionerKeyNamePSK,
|
||||
})
|
||||
require.ErrorContains(t, err, "reserved")
|
||||
|
||||
// org admin can list provisioner keys and get an empty list
|
||||
keys, err := orgAdmin.ListProvisionerKeys(ctx, owner.OrganizationID)
|
||||
require.NoError(t, err, "org admin list provisioner keys")
|
||||
@ -111,4 +125,12 @@ func TestProvisionerKeys(t *testing.T) {
|
||||
// org admin cannot delete a provisioner key that doesn't exist
|
||||
err = orgAdmin.DeleteProvisionerKey(ctx, owner.OrganizationID, "key")
|
||||
require.ErrorContains(t, err, "Resource not found")
|
||||
|
||||
// org admin cannot delete reserved provisioner keys
|
||||
err = orgAdmin.DeleteProvisionerKey(ctx, owner.OrganizationID, codersdk.ProvisionerKeyNameBuiltIn)
|
||||
require.ErrorContains(t, err, "reserved")
|
||||
err = orgAdmin.DeleteProvisionerKey(ctx, owner.OrganizationID, codersdk.ProvisionerKeyNameUserAuth)
|
||||
require.ErrorContains(t, err, "reserved")
|
||||
err = orgAdmin.DeleteProvisionerKey(ctx, owner.OrganizationID, codersdk.ProvisionerKeyNamePSK)
|
||||
require.ErrorContains(t, err, "reserved")
|
||||
}
|
||||
|
Reference in New Issue
Block a user