Testcontainers-java: Adding Hashicorp Vault as a specialized container type

Created on 19 Apr 2017  路  7Comments  路  Source: testcontainers/testcontainers-java

I would like to contribute a Vault container type for testing interactions with Vault in junit. The Vault container type would be initialized to something like the following:

  @ClassRule
  public static VaultContainer vaultContainer = new VaultContainer<>("vault:0.6.5")
    .withCreateContainerCmdModifier(cmd -> cmd.withCapAdd(IPC_LOCK))
    .withExposedPorts(8200)
    .withVaultAddress("http://0.0.0.0:8200")
    .withVaultRootToken("test-root-token")
    .withSecretInVault("secret/test","secret=password1234");

This way if your app depends on Vault for secret management you can test the integration in junit. With the withSecretInVault("secret/test","secret=password1234") feature above you can preload Vault with secrets that your app needs.

It will use the official Vault image from Docker hub

Also I just noticed in https://github.com/testcontainers/testcontainers-java/issues/302 that another user is creating a Vault container for their test.

Let me know if this would be something the project would be interested in.

picture mikeoswald
👍1

All 7 comments

Are there any real benefits over using a GenericContainer and configuration using environment variables?

I also think we want to push the idea of having specialized containers provided by the community as modules/libs, so we don't have to integrate them into one big monolithic testcontainers-java repository. So maybe it would be the best idea to create your own repo for this specialized container and we try to curate a list of external testcontainers modules somewhere in the docs.

kiview picture kiview on 21 Apr 2017

The Vault container does allow you to pass in a few ENV variables such as Vault Address, and Vault Token, but doesn't let you preload secrets for testing. That's the main piece I would like to contribute as part of the specialized container.

Adding this as a separate repo is fine, similar to the testcontainers-java-module-dynalite repo?

mikeoswald picture mikeoswald on 24 Apr 2017

Sorry for the slow response. Yes, it'd be good to have this! if you could use testcontainers-java-module-dynalite as a basis that'd be great. Some of the things which are currently part of the testcontainers-java repo will eventually move out as well.

Thank you!

rnorth picture rnorth on 24 Apr 2017
👍1

Sounds good! Looking forward to contribute, I'll probably create a repo on my own user account for now until you create a specific repo in your org for this. Thanks.

mikeoswald picture mikeoswald on 24 Apr 2017
👍1

@rnorth @kiview Sorry for the long delay. I have pushed the Vault container code here: https://github.com/mikeoswald/testcontainers-java-module-vault

Once you create a repo in the testcontainers org I can submit a pull request against it.

Looking forward to getting this reviewed and merged in. Thanks

mikeoswald picture mikeoswald on 7 Jun 2017
👍1

Great, thanks for your effort!
Don't you want to change the copyright disclaimer in README.md and LICENSE to your name? Might have been copy paste error in this case :wink:

I've created an empty repo:
https://github.com/testcontainers/testcontainers-java-module-vault

kiview picture kiview on 7 Jun 2017

@kiview thanks for the comment. I modified the copyright and license info to my employer and my name is listed in the AUTHORS. Thanks, PR is here: https://github.com/testcontainers/testcontainers-java-module-vault/issues/1

mikeoswald picture mikeoswald on 7 Jun 2017
Was this page helpful?
0 / 5 - 0 ratings

Related issues

ayedo picture ayedo  路  3Comments
oneiros-de picture oneiros-de  路  3Comments
richard77 picture richard77  路  3Comments
chomhanks picture chomhanks  路  3Comments
michael-simons picture michael-simons  路  3Comments