Simple Vault introduction

Today a tiny introduction to Vault from HashiCorp. I will just show the simplest usage. But this will help to get a first idea of Vault and the features.

Requirements

Preparation

Start Vault Server

Copy Root Token value to clipboard!!!

Insomnia

Create new environment “vault” under “Manage Environments” and store here your URL as “base_url” and Root Token as “api_key”.

insomnia vault environment

Now we create 4 simple requests

insomnia requests

for all requests we add Header

insomnia header

For first URL (POST: Add new secret) we use “{{ base_url }}/secret/MyFirstSecret” and we add following body as JSON.

After send the key:value is stored inside Vault. You can modify the request (e.q. “{{ base_url }}/secret/MySecondSecret”) and send some more.

Our next request is to show all keys (GET: Get list of secret keys) “{{ base_url }}/secret?list=true”. The Preview will show similar output.

insomnia get vault keys

3rd request is to get the value from a specific key (GET: Get value of specific secret) “{{ base_url }}/secret/MySecret”.

insomnia get vault value

Last request is for delete (DEL: Delete specific secret) “{{ base_url }}/secret/MySecret”.

Tipp: if you lost the root token (Vault server is running) you can find the value!

HTTP inspection with Wuzz

Wuzz is a very easy command line tool for HTTP(S) inspection with very much potential. In this tutorial I will show the installation on Debian 8.7 (jessie).

Preparation

Configure go (for user)

Install wuzz

If everything is going well, the terminal should look like this and you can start.

example wuzz cli

Create REST API mock server with Docker

This time again a tutorial with various instructions. It is a REST API services for development and testing purposes and some simple Docker instructions.

Preconditions

Note: For Mac OS X and Windows use Docker Toolbox!

Create and connect into Boot2Docker VM

Create Dockerfile (inside VM)

Create Docker image and container (inside VM)

Run application in browser

Now open a browser and call URL like: http://<192.168.99.100>:8888/__manage. You can now begin to create and use REST API resources.

REST testing with jMeter

Testing RESTful application is very simple with jMeter. In the first part of the tutorial in this series, the basics are shown. As requests can be created and evaluated. The request going to http://httpbin.org.

Preconditions

  • JAVA is installed
  • jMeter is installed

Steps

Create new “Thread-Group” on “Test Plan” (Add – Threads (User) – Thread Group)

jmeter thread group

Now add one “HTTP Request” inside the “Thread Group” (Add – Sampler – HTTP Request)

jmeter http request

Inside the “HTTP Request” we add now a “HTTP Header Manager” (Add – Config Element – HTTP Header Manager). For configuring we add the Name/Value – “Content-Type”/”application/json”.

jmeter http header manager

At the end we add the “View Results Tree” on “Thread Group” (Add – Listener – View Results Tree)

jmeter view results tree

Our first request example will be a “GET”. On HTTP Request we add following values.

  • Server Name or IP: httpbin.org
  • Method: GET
  • Path: /ip
  • Implementation: HttpClient4
  • Follow Redirects: yes
  • Use KeepAlive: yes

jmeter get request

After save we can start the first run. How to see result will show later. Now second request with POST example. For this we modify the HTTP Request with following values.

  • Method: POST
  • Path: /post
  • Send Parameters With the Request: {“firstName”:”harry”;”lastName”:”Hirsch”}
  • Include Equals?: yes

jmeter post request

Now save and run again. On View Results Tree we can check the results for every http request (Sampler results, Request, Response data).

jmeter rest results

For the JSON response, switching from Text to JSON view. The same way can used for PUT, DELETE or other requests.