WIP: Split integrations into single images and turn to GH action

- adds integration.yml for integration tests - …where 389ds is added as service container and initialized in a later step after checkout - …and where a shibboleth server is also added service container TODOS: - [ ] double check integration tests config/paths/etc (was copy paste) Signed-off-by: Arthur Schiwon <[email protected]>
nextcloud · Jul 31, 2023 · ad57116 · ad57116
1 parent 4db6f20
commit ad57116
Show file tree

Hide file tree

Showing 7 changed files with 260 additions and 26 deletions.
diff --git a/.drone.yml b/.drone.yml
@@ -24,6 +24,24 @@ steps:
       - chown -R apache:apache /var/www/html/
       - cd /var/www/html/apps/user_saml/tests/integration && vendor/bin/behat
 
+services:
+  - name: ldap
+    image: quay.io/389ds/dirsrv:latest
+    environment:
+      DS_DM_PASSWORD: admin
+    command:
+      # initialization
+      - dsconf localhost backend create --suffix dc=idptestbed --be-name userRoot
+      # adding own schema
+      - dsconf localhost schema attributetypes add --oid 1.3.6.1.4.1.49213.1.1.1 --desc 'whether user or group should be available in Nextcloud' --single-value --syntax 1.3.6.1.4.1.1466.115.121.1.7 nextcloudEnabled
+      - dsconf localhost schema attributetypes add --oid 1.3.6.1.4.1.49213.1.1.2 --desc 'defines how much disk space is available for the user (e.g. 2 GB)' --single-value --syntax 1.3.6.1.4.1.1466.115.121.1.15 nextcloudQuota
+      - dsconf localhost schema objectclasses add --oid 1.3.6.1.4.1.49213.1.2.1 --must cn --may nextcloudEnabled nextcloudQuota --kind AUXILIARY nextcloudUser
+      - dsconf localhost schema objectclasses add --oid 1.3.6.1.4.1.49213.1.2.2 --must cn --may nextcloudEnabled --kind AUXILIARY nextcloudGroup
+      # populating test data
+      #- dsconf localhost backend import dc=idptestbed /resources/users.ldif
+      # Problem, cannot mount/copy into service container.
+      # Also, switching to GH workflows (making it worse however)
+
 trigger:
   branch:
     - master

diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml
@@ -0,0 +1,125 @@
+name: Integration tests
+
+on:
+  pull_request:
+    paths:
+      - '.github/workflows/integration.yml'
+      - 'appinfo/**'
+      - 'lib/**'
+      - 'tests/**'
+      - 'composer.*'
+  push:
+    branches:
+      - main
+      - master
+      - stable*
+
+env:
+  APP_NAME: user_saml
+  LDAP_SUFFIX: dc=idptestbed
+
+jobs:
+  integration:
+    runs-on: ubuntu-latest
+
+    strategy:
+      fail-fast: false
+      matrix:
+        php-versions: ["8.0"]
+        databases: ["sqlite"]
+        server-versions: ["master"]
+
+
+    name: Integration php${{ matrix.php-versions }}-${{ matrix.databases }}-${{ matrix.server-versions }}
+
+    services:
+      directory:
+        image: quay.io/389ds/dirsrv:latest
+        ports:
+          - 389:3389/tcp
+        env:
+          DS_DM_PASSWORD: admin
+          DS_SUFFIX_NAME: dc=idptestbed
+      sso:
+        image: ghcr.io/nextcloud/continuous-integration-user_saml_shibboleth-idp:latest
+        ports:
+          - 4443:8443/tcp
+
+    steps:
+      - name: Checkout server
+        uses: actions/checkout@v3
+        with:
+          repository: nextcloud/server
+          ref: ${{ matrix.server-versions }}
+
+      - name: Checkout submodules
+        shell: bash
+        run: |
+          auth_header="$(git config --local --get http.https://github.com/.extraheader)"
+          git submodule sync --recursive
+          git -c "http.extraheader=$auth_header" -c protocol.version=2 submodule update --init --force --recursive --depth=1
+
+      - name: Checkout app
+        uses: actions/checkout@v3
+        with:
+          path: apps/${{ env.APP_NAME }}
+
+      - name: Initialize LDAP Service
+        shell: bash
+        run: |
+          CONTAINER_NAME=$(docker ps -a | grep dirsrv | awk '{ print $1; }')
+          # Initialize LDAP Database. May wait until server is ready.
+          while : ; do
+            sleep 1
+            if docker exec ${CONTAINER_NAME} dsconf localhost backend create --suffix "${{ env.LDAP_SUFFIX }}" --be-name ci_root; then
+              break;
+            fi
+            if [ $(docker exec ${CONTAINER_NAME} dsconf localhost backend suffix list | grep "${{ env.LDAP_SUFFIX }}" | wc -l) -eq 1 ]; then
+              break
+            fi
+          done
+          # Add custom schema
+          docker cp apps/${{ env.APP_NAME }}/tests/integration/data/98nextcloud-schema.ldif ${CONTAINER_NAME}:/etc/dirsrv/slapd-localhost/schema/
+          docker exec ${CONTAINER_NAME} dsconf localhost schema reload
+          # Add test entries
+          docker cp apps/${{ env.APP_NAME }}/tests/integration/data/entries.ldif ${CONTAINER_NAME}:/var/opt/
+          docker exec ${CONTAINER_NAME} dsconf localhost backend import "${{ env.LDAP_SUFFIX }}" /var/opt/entries.ldif
+
+      - name: Set up php ${{ matrix.php-versions }}
+        uses: shivammathur/setup-php@4bd44f22a98a19e0950cbad5f31095157cc9621b # v2
+        with:
+          php-version: ${{ matrix.php-versions }}
+          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
+          extensions: apcu, bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite
+          coverage: none
+          ini-file: development
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Set up dependencies
+        working-directory: apps/${{ env.APP_NAME }}
+        run: composer i --no-dev
+
+      - name: Set up Nextcloud
+        run: |
+          if [ "${{ matrix.databases }}" = "mysql" ]; then
+            export DB_PORT=4444
+          elif [ "${{ matrix.databases }}" = "pgsql" ]; then
+            export DB_PORT=4445
+          fi
+          mkdir data
+          ./occ maintenance:install --verbose --database=${{ matrix.databases }} --database-name=nextcloud --database-host=127.0.0.1 --database-port=$DB_PORT --database-user=root --database-pass=rootpassword --admin-user admin --admin-pass admin
+          ./occ config:system:set memcache.local --value="\\OC\\Memcache\\APCu"
+          ./occ config:system:set memcache.distributed --value="\\OC\\Memcache\\APCu"
+          ./occ app:enable --force ${{ env.APP_NAME }}
+          php -S localhost:8080 &
+
+      - name: Run behat
+        working-directory: apps/${{ env.APP_NAME }}/tests/integration
+        run: |
+          composer install
+          ./vendor/bin/behat --colors
+
+      - name: Dump nextcloud.log
+        if: always()
+        run: cat data/nextcloud.log
diff --git a/tests/integration/data/98nextcloud-schema.ldif b/tests/integration/data/98nextcloud-schema.ldif
@@ -0,0 +1,13 @@
+dn: cn=schema
+objectClass: top
+objectClass: ldapSubentry
+objectClass: subschema
+cn: schema
+aci: (target="ldap:///cn=schema")(targetattr !="aci")(version 3.0;acl "anonymous, no acis"; allow (read, search, compare) userdn = "ldap:///anyone";)
+modifiersName: cn=Directory Manager
+modifyTimestamp: 20230412120423Z
+objectClasses: ( 1.3.6.1.4.1.49213.1.2.1 NAME 'nextcloudUser' AUXILIARY MUST cn MAY (nextcloudEnabled $ nextcloudQuota ) X-ORIGIN 'user defined' )
+objectClasses: ( 1.3.6.1.4.1.49213.1.2.2 NAME 'nextcloudGroup' AUXILIARY MUST cn MAY nextcloudEnabled X-ORIGIN 'user defined' )
+attributeTypes: ( 1.3.6.1.4.1.49213.1.1.1 NAME 'nextcloudEnabled' DESC 'whether user or group should be available in Nextcloud' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE X-ORIGIN 'user defined' )
+attributeTypes: ( 1.3.6.1.4.1.49213.1.1.2 NAME 'nextcloudQuota' DESC 'defines how much disk space is available for the user (e.g. 2 GB)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'user defined' )
+nsSchemaCSN: 64369e47000000000000
diff --git a/tests/integration/data/entries.ldif b/tests/integration/data/entries.ldif
@@ -0,0 +1,64 @@
+
+dn: dc=idptestbed
+objectClass: top
+objectClass: domain
+dc: idptestbed
+description: dc=idptestbed
+
+dn: cn=admin,dc=idptestbed
+objectClass: simpleSecurityObject
+objectClass: organizationalRole
+cn: admin
+userPassword: password
+description: LDAP administrator
+
+dn: ou=Groups,dc=idptestbed
+objectClass: top
+objectClass: organizationalunit
+ou: Groups
+
+dn: ou=People,dc=idptestbed
+objectClass: top
+objectClass: organizationalunit
+ou: People
+
+dn: uid=student1,ou=People,dc=idptestbed
+objectClass: organizationalPerson
+objectClass: person
+objectClass: top
+objectClass: inetOrgPerson
+objectClass: nextcloudUser
+givenName: Stud
+uid: student1
+sn: Ent
+cn: Stud Ent
+mail: [email protected]
+userPassword: password
+nextcloudQuota: 200 MB
+
+dn: uid=student2,ou=People,dc=idptestbed
+objectClass: organizationalPerson
+objectClass: person
+objectClass: top
+objectClass: inetOrgPerson
+objectClass: nextcloudUser
+givenName: Stud
+uid: student2
+sn: Ent2
+cn: Stud Ent2
+mail: [email protected]
+userPassword: password
+nextcloudQuota: 1 GB
+
+dn: uid=staff1,ou=People,dc=idptestbed
+objectClass: organizationalPerson
+objectClass: person
+objectClass: top
+objectClass: inetOrgPerson
+objectClass: nextcloudUser
+givenName: St
+uid: staff1
+sn: aff
+cn: St aff
+mail: [email protected]
+userPassword: password
diff --git a/tests/integration/features/EnvironmentVariable.feature b/tests/integration/features/EnvironmentVariable.feature
@@ -4,8 +4,8 @@ Feature: EnvironmentVariable
     And The setting "type" is set to "environment-variable"
     And The setting "general-uid_mapping" is set to "REMOTE_USER"
     And The environment variable "REMOTE_USER" is set to "not-provisioned-user"
-    When I send a GET request to "http://localhost/index.php/login"
-    Then I should be redirected to "http://localhost/index.php/apps/dashboard/"
+    When I send a GET request to "http://localhost:8080/index.php/login"
+    Then I should be redirected to "http://localhost:8080/index.php/apps/dashboard/"
     Then The user value "id" should be "not-provisioned-user"
     And The last login timestamp of "not-provisioned-user" should not be empty
 
@@ -15,8 +15,8 @@ Feature: EnvironmentVariable
     And The setting "general-require_provisioned_account" is set to "1"
     And The setting "general-uid_mapping" is set to "REMOTE_USER"
     And The environment variable "REMOTE_USER" is set to "provisioned-user"
-    When I send a GET request to "http://localhost/index.php/login"
-    Then I should be redirected to "http://localhost/index.php/apps/dashboard/"
+    When I send a GET request to "http://localhost:8080/index.php/login"
+    Then I should be redirected to "http://localhost:8080/index.php/apps/dashboard/"
     Then The user value "id" should be "provisioned-user"
     And The last login timestamp of "provisioned-user" should not be empty
 
@@ -25,5 +25,5 @@ Feature: EnvironmentVariable
     And The setting "general-require_provisioned_account" is set to "1"
     And The setting "general-uid_mapping" is set to "REMOTE_USER"
     And The environment variable "REMOTE_USER" is set to "certainly-not-provisioned-user"
-    When I send a GET request to "http://localhost/index.php/login"
-    Then I should be redirected to "http://localhost/index.php/apps/user_saml/saml/notProvisioned"
+    When I send a GET request to "http://localhost:8080/index.php/login"
+    Then I should be redirected to "http://localhost:8080/index.php/apps/user_saml/saml/notProvisioned"