Transit Secret benchmark fail to run with the example configuration provided
Closed this issue · 1 comments
On https://github.com/hashicorp/vault-benchmark/blob/main/docs/tests/secret-transit.md#example-configuration there is this Example Configuration:
test "transit_sign" "transit_sign_test_1" {
weight = 25
}
test "transit_verify" "transit_verify_test_1" {
weight = 25
config {
verify_config {
signature_algorithm = "pkcs1v15"
}
}
}
test "transit_encrypt" "transit_encrypt_test_1" {
weight = 25
}
test "transit_decrypt" "transit_decrypt_test_1" {
weight = 25
config {
payload_len = 64
}
}
Running this with the vault-benchmark v0.2.0 binary results in this error message:
[ERROR] vault-benchmark: error loading config: error="failed to parse config: error decoding to struct: benchmark_config.hcl:18,9-22: Unsupported block type; Blocks of type "verify_config" are not expected here.
Removing the config block from the transit_verify test definition results in a running config:
test "transit_sign" "transit_sign_test_1" {
weight = 25
}
test "transit_verify" "transit_verify_test_1" {
weight = 25
}
test "transit_encrypt" "transit_encrypt_test_1" {
weight = 25
}
test "transit_decrypt" "transit_decrypt_test_1" {
weight = 25
config {
payload_len = 64
}
}
But I don't know if that config part is necessary for the test to run as intended.
Can you please also check?
Thanks.
@umutkacar thank you for find this! I've submitted a PR (#164) to improve the docs around this. To answer your questions directly: 1) the verify_config
should actually be verify
and 2) no the config
part in this case isn't required, the benchmark tests will use defaults defined in the tests instead. If you wanted to override those defaults, however, you would need to include that parameter.