Deps update and test improvements

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "vault-mgmt"
-version = "0.1.3"
+version = "0.1.4"
 edition = "2021"
 description = "Manage your vault installation in Kubernetes (upgrades, unseal, step-down, ...)."
 license = "MIT"
@@ -19,45 +19,58 @@ name = "vault-mgmt"
 path = "src/main.rs"
 
 [dependencies]
-anyhow = "1.0.69"
-clap = { version = "4.2.1", features = ["derive", "wrap_help"] }
-tracing = "0.1.37"
-tracing-subscriber = { version = "0.3.16", features = [
+anyhow = "1.0.86"
+clap = { version = "4.5.15", features = ["derive", "wrap_help"] }
+tracing = "0.1.40"
+tracing-subscriber = { version = "0.3.18", features = [
     "registry",
     "env-filter",
 ] }
-tokio = { version = "1.14.0", features = ["full"] }
-tokio-util = "0.7.7"
-tokio-rustls = { version = "0.24.0", features = ["dangerous_configuration"] }
-hyper = { version = "0.14.25", features = ["backports"] }
-hyper-rustls = "0.24.0"
+tokio = { version = "1.39.2", features = ["full"] }
+tokio-util = "0.7.11"
+tokio-rustls = "0.26.0"
+hyper = "1.4.1"
+hyper-rustls = "0.27.2"
 tower = "0.4.13"
-futures-util = "0.3.27"
-kube = { version = "0.81.0", default-features = false, features = [
+futures-util = "0.3.30"
+kube = { version = "0.93.1", default-features = false, features = [
     "client",
     "config",
     "runtime",
     "rustls-tls",
     "derive",
     "ws",
 ] }
-k8s-openapi = { version = "0.17.0", features = ["v1_24"] }
-serde_json = "1.0.94"
+k8s-openapi = { version = "0.22.0", features = ["v1_24"] }
+serde_json = "1.0.122"
 secrecy = { version = "0.8.0", features = ["serde"] }
 prettytable = "0.10.0"
-owo-colors = { version = "3", features = ["supports-colors"] }
-serde_yaml = "0.9.21"
-which = "4.4.0"
+serde_yaml = "0.9.34"
+which = "6.0.2"
 rand = "0.8.5"
-serde = "1.0.160"
+serde = "1.0.206"
 tower-test = "0.4.0"
-http = "0.2.9"
-async-trait = "0.1.68"
-wiremock = "0.5.18"
-clap_complete = "4.3.1"
-self_update = { version = "0.37.0", default-features = false, features = [
+http = "1.1.0"
+async-trait = "0.1.81"
+wiremock = "0.6.1"
+clap_complete = "4.5.14"
+self_update = { version = "0.41.0", default-features = false, features = [
     "rustls",
     "compression-flate2",
     "archive-tar",
 ] }
 tokio-retry = "0.3.0"
+rustls = { version = "0.23.12", default-features = false, features = [
+    "log",
+    "logging",
+    "ring",
+    "std",
+    "tls12",
+] }
+http-body-util = "0.1.2"
+hyper-util = { version = "0.1.7", features = [
+    "client-legacy",
+    "http1",
+    "tokio",
+] }
+rustls-native-certs = "0.7.1"

README.md

@@ -15,7 +15,7 @@
 ## Testing
 Unit tests can be run normally by cargo: `cargo test`.
 
-End-to-end tests require a Kubernetes cluster and will install, upgrade and uninstall (except on failure) several deployments of a Vault cluster in the current `kubecontext` (namespace is set by environment variable `VAULT_MGMT_E2E_NAMESPACE`, defaulting to `vault-mgmt-e2e`).
+End-to-end tests require a Kubernetes cluster and will install, upgrade and uninstall (except on failure) several deployments of a Vault cluster in the current `kubecontext` (namespace is set by environment variable `VAULT_MGMT_E2E_NAMESPACE`, defaulting to `vault-mgmt-e2e`). You can create the Namespace and NetworkPolicy from `e2e-preparation.yaml`.
 The Pods are using `emptyDir` as storage and should not consume a PV.
 The storage is not part of the tests, only the clustering and active/standby transitions.
 You can run those tests by calling `cargo test --ignored` with a working `kubeconfig` and existing namespace.

e2e-preparation.yaml

@@ -0,0 +1,25 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: vault-mgmt-e2e
+
+---
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: vault-mgmt-e2e
+  namespace: vault-mgmt-e2e
+spec:
+  podSelector: {}
+  policyTypes:
+    - Ingress
+    - Egress
+  ingress:
+    - from:
+        - podSelector: {}
+  egress:
+    - to:
+        - podSelector: {}
+    - to:
+        - ipBlock:
+            cidr: 0.0.0.0/0

src/helpers.rs

@@ -2,7 +2,7 @@ use k8s_openapi::api::{apps::v1::StatefulSet, core::v1::Pod};
 use kube::{api::ListParams, Api};
 use tokio::io::{AsyncRead, AsyncWrite};
 
-use crate::HttpForwarderService;
+use crate::{BytesBody, HttpForwarderService};
 
 pub const LABEL_KEY_VAULT_ACTIVE: &str = "vault-active";
 pub const LABEL_KEY_VAULT_SEALED: &str = "vault-sealed";
@@ -73,7 +73,11 @@ impl PodApi {
         ))
     }
 
-    pub async fn http(&self, pod: &str, port: u16) -> anyhow::Result<HttpForwarderService> {
+    pub async fn http(
+        &self,
+        pod: &str,
+        port: u16,
+    ) -> anyhow::Result<HttpForwarderService<BytesBody>> {
         let pf = self.portforward(pod, port).await?;
 
         if self.tls {