feat: add keys to organization provision daemons (#14627)

This commit is contained in:
Garrett Delfosse
2024-09-16 16:02:08 -04:00
committed by GitHub
parent 4afce19fb7
commit 335eb05223
32 changed files with 728 additions and 72 deletions

View File

@ -64,6 +64,20 @@ func TestProvisionerKeys(t *testing.T) {
err = outsideOrgAdmin.DeleteProvisionerKey(ctx, owner.OrganizationID, "key")
require.ErrorContains(t, err, "Resource not found")
// org admin cannot create reserved provisioner keys
_, err = orgAdmin.CreateProvisionerKey(ctx, owner.OrganizationID, codersdk.CreateProvisionerKeyRequest{
Name: codersdk.ProvisionerKeyNameBuiltIn,
})
require.ErrorContains(t, err, "reserved")
_, err = orgAdmin.CreateProvisionerKey(ctx, owner.OrganizationID, codersdk.CreateProvisionerKeyRequest{
Name: codersdk.ProvisionerKeyNameUserAuth,
})
require.ErrorContains(t, err, "reserved")
_, err = orgAdmin.CreateProvisionerKey(ctx, owner.OrganizationID, codersdk.CreateProvisionerKeyRequest{
Name: codersdk.ProvisionerKeyNamePSK,
})
require.ErrorContains(t, err, "reserved")
// org admin can list provisioner keys and get an empty list
keys, err := orgAdmin.ListProvisionerKeys(ctx, owner.OrganizationID)
require.NoError(t, err, "org admin list provisioner keys")
@ -111,4 +125,12 @@ func TestProvisionerKeys(t *testing.T) {
// org admin cannot delete a provisioner key that doesn't exist
err = orgAdmin.DeleteProvisionerKey(ctx, owner.OrganizationID, "key")
require.ErrorContains(t, err, "Resource not found")
// org admin cannot delete reserved provisioner keys
err = orgAdmin.DeleteProvisionerKey(ctx, owner.OrganizationID, codersdk.ProvisionerKeyNameBuiltIn)
require.ErrorContains(t, err, "reserved")
err = orgAdmin.DeleteProvisionerKey(ctx, owner.OrganizationID, codersdk.ProvisionerKeyNameUserAuth)
require.ErrorContains(t, err, "reserved")
err = orgAdmin.DeleteProvisionerKey(ctx, owner.OrganizationID, codersdk.ProvisionerKeyNamePSK)
require.ErrorContains(t, err, "reserved")
}