Skip to content

Commit

Permalink
WIP: Split integrations into single images and turn to GH action
Browse files Browse the repository at this point in the history
- adds integration.yml for integration tests
- …where 389ds is added as service container and initialized in a later
  step after checkout
- …and where a shibboleth server is also added service container

TODOS:
- [ ] double check integration tests config/paths/etc (was copy paste)

Signed-off-by: Arthur Schiwon <[email protected]>
  • Loading branch information
blizzz committed Jul 31, 2023
1 parent 4db6f20 commit f1ecb28
Show file tree
Hide file tree
Showing 7 changed files with 258 additions and 26 deletions.
18 changes: 18 additions & 0 deletions .drone.yml
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,24 @@ steps:
- chown -R apache:apache /var/www/html/
- cd /var/www/html/apps/user_saml/tests/integration && vendor/bin/behat

services:
- name: ldap
image: quay.io/389ds/dirsrv:latest
environment:
DS_DM_PASSWORD: admin
command:
# initialization
- dsconf localhost backend create --suffix dc=idptestbed --be-name userRoot
# adding own schema
- dsconf localhost schema attributetypes add --oid 1.3.6.1.4.1.49213.1.1.1 --desc 'whether user or group should be available in Nextcloud' --single-value --syntax 1.3.6.1.4.1.1466.115.121.1.7 nextcloudEnabled
- dsconf localhost schema attributetypes add --oid 1.3.6.1.4.1.49213.1.1.2 --desc 'defines how much disk space is available for the user (e.g. 2 GB)' --single-value --syntax 1.3.6.1.4.1.1466.115.121.1.15 nextcloudQuota
- dsconf localhost schema objectclasses add --oid 1.3.6.1.4.1.49213.1.2.1 --must cn --may nextcloudEnabled nextcloudQuota --kind AUXILIARY nextcloudUser
- dsconf localhost schema objectclasses add --oid 1.3.6.1.4.1.49213.1.2.2 --must cn --may nextcloudEnabled --kind AUXILIARY nextcloudGroup
# populating test data
#- dsconf localhost backend import dc=idptestbed /resources/users.ldif
# Problem, cannot mount/copy into service container.
# Also, switching to GH workflows (making it worse however)

trigger:
branch:
- master
Expand Down
123 changes: 123 additions & 0 deletions .github/workflows/integration.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,123 @@
name: Integration tests

on:
pull_request:
paths:
- '.github/workflows/integration.yml'
- 'appinfo/**'
- 'lib/**'
- 'tests/**'
- 'composer.*'
push:
branches:
- main
- master
- stable*

env:
APP_NAME: user_saml
LDAP_SUFFIX: dc=idptestbed

jobs:
integration:
runs-on: ubuntu-latest

strategy:
fail-fast: false
matrix:
php-versions: ["8.0"]
databases: ["sqlite"]
server-versions: ["master"]


name: Integration php${{ matrix.php-versions }}-${{ matrix.databases }}-${{ matrix.server-versions }}

services:
directory:
image: quay.io/389ds/dirsrv:latest
ports:
- 389:3389/tcp
env:
DS_DM_PASSWORD: admin
DS_SUFFIX_NAME: dc=idptestbed
sso:
image: ghcr.io/nextcloud/continuous-integration-user_saml_shibboleth-idp:latest
ports:
- 4443:8443/tcp

steps:
- name: Checkout server
uses: actions/checkout@v3
with:
repository: nextcloud/server
ref: ${{ matrix.server-versions }}

- name: Checkout submodules
shell: bash
run: |
auth_header="$(git config --local --get http.https://github.com/.extraheader)"
git submodule sync --recursive
git -c "http.extraheader=$auth_header" -c protocol.version=2 submodule update --init --force --recursive --depth=1
- name: Checkout app
uses: actions/checkout@v3
with:
path: apps/${{ env.APP_NAME }}

- name: Initialize LDAP Service
shell: bash
run: |
CONTAINER_NAME=$(docker ps -a | grep dirsrv | awk '{ print $1; }')
# Initialize LDAP Database. May wait until server is ready.
while : ; do
sleep 1
if docker exec ${CONTAINER_NAME} dsconf localhost backend create --suffix "${{ env.LDAP_SUFFIX }}" --be-name ci_root; then
break;
fi
if [ $(docker exec ${CONTAINER_NAME} dsconf localhost backend suffix list | grep "${{ env.LDAP_SUFFIX }}" | wc -l) -eq 1 ]; then
break
fi
done
# Add custom schema
docker cp apps/${{ env.APP_NAME }}/tests/integration/data/98nextcloud-schema.ldif ${CONTAINER_NAME}:/etc/dirsrv/slapd-localhost/schema/
docker exec ${CONTAINER_NAME} dsconf localhost schema reload
# Add test entries
docker cp apps/${{ env.APP_NAME }}/tests/integration/data/entries.ldif ${CONTAINER_NAME}:/var/opt/
docker exec ${CONTAINER_NAME} dsconf localhost backend import "${{ env.LDAP_SUFFIX }}" /var/opt/entries.ldif
- name: Set up php ${{ matrix.php-versions }}
uses: shivammathur/setup-php@4bd44f22a98a19e0950cbad5f31095157cc9621b # v2
with:
php-version: ${{ matrix.php-versions }}
# https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite
coverage: none
ini-file: development
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

- name: Set up dependencies
working-directory: apps/${{ env.APP_NAME }}
run: composer i --no-dev

- name: Set up Nextcloud
run: |
if [ "${{ matrix.databases }}" = "mysql" ]; then
export DB_PORT=4444
elif [ "${{ matrix.databases }}" = "pgsql" ]; then
export DB_PORT=4445
fi
mkdir data
./occ maintenance:install --verbose --database=${{ matrix.databases }} --database-name=nextcloud --database-host=127.0.0.1 --database-port=$DB_PORT --database-user=root --database-pass=rootpassword --admin-user admin --admin-pass admin
./occ app:enable --force ${{ env.APP_NAME }}
php -S localhost:8080 &
- name: Run behat
working-directory: apps/${{ env.APP_NAME }}/tests/integration
run: |
composer install
./vendor/bin/behat --colors
- name: Dump nextcloud.log
if: always()
run: cat data/nextcloud.log
13 changes: 13 additions & 0 deletions tests/integration/data/98nextcloud-schema.ldif
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
dn: cn=schema
objectClass: top
objectClass: ldapSubentry
objectClass: subschema
cn: schema
aci: (target="ldap:///cn=schema")(targetattr !="aci")(version 3.0;acl "anonymous, no acis"; allow (read, search, compare) userdn = "ldap:///anyone";)
modifiersName: cn=Directory Manager
modifyTimestamp: 20230412120423Z
objectClasses: ( 1.3.6.1.4.1.49213.1.2.1 NAME 'nextcloudUser' AUXILIARY MUST cn MAY (nextcloudEnabled $ nextcloudQuota ) X-ORIGIN 'user defined' )
objectClasses: ( 1.3.6.1.4.1.49213.1.2.2 NAME 'nextcloudGroup' AUXILIARY MUST cn MAY nextcloudEnabled X-ORIGIN 'user defined' )
attributeTypes: ( 1.3.6.1.4.1.49213.1.1.1 NAME 'nextcloudEnabled' DESC 'whether user or group should be available in Nextcloud' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE X-ORIGIN 'user defined' )
attributeTypes: ( 1.3.6.1.4.1.49213.1.1.2 NAME 'nextcloudQuota' DESC 'defines how much disk space is available for the user (e.g. 2 GB)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'user defined' )
nsSchemaCSN: 64369e47000000000000
64 changes: 64 additions & 0 deletions tests/integration/data/entries.ldif
Original file line number Diff line number Diff line change
@@ -0,0 +1,64 @@

dn: dc=idptestbed
objectClass: top
objectClass: domain
dc: idptestbed
description: dc=idptestbed

dn: cn=admin,dc=idptestbed
objectClass: simpleSecurityObject
objectClass: organizationalRole
cn: admin
userPassword: password
description: LDAP administrator

dn: ou=Groups,dc=idptestbed
objectClass: top
objectClass: organizationalunit
ou: Groups

dn: ou=People,dc=idptestbed
objectClass: top
objectClass: organizationalunit
ou: People

dn: uid=student1,ou=People,dc=idptestbed
objectClass: organizationalPerson
objectClass: person
objectClass: top
objectClass: inetOrgPerson
objectClass: nextcloudUser
givenName: Stud
uid: student1
sn: Ent
cn: Stud Ent
mail: [email protected]
userPassword: password
nextcloudQuota: 200 MB

dn: uid=student2,ou=People,dc=idptestbed
objectClass: organizationalPerson
objectClass: person
objectClass: top
objectClass: inetOrgPerson
objectClass: nextcloudUser
givenName: Stud
uid: student2
sn: Ent2
cn: Stud Ent2
mail: [email protected]
userPassword: password
nextcloudQuota: 1 GB

dn: uid=staff1,ou=People,dc=idptestbed
objectClass: organizationalPerson
objectClass: person
objectClass: top
objectClass: inetOrgPerson
objectClass: nextcloudUser
givenName: St
uid: staff1
sn: aff
cn: St aff
mail: [email protected]
userPassword: password
12 changes: 6 additions & 6 deletions tests/integration/features/EnvironmentVariable.feature
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,8 @@ Feature: EnvironmentVariable
And The setting "type" is set to "environment-variable"
And The setting "general-uid_mapping" is set to "REMOTE_USER"
And The environment variable "REMOTE_USER" is set to "not-provisioned-user"
When I send a GET request to "http://localhost/index.php/login"
Then I should be redirected to "http://localhost/index.php/apps/dashboard/"
When I send a GET request to "http://localhost:8080/index.php/login"
Then I should be redirected to "http://localhost:8080/index.php/apps/dashboard/"
Then The user value "id" should be "not-provisioned-user"
And The last login timestamp of "not-provisioned-user" should not be empty

Expand All @@ -15,8 +15,8 @@ Feature: EnvironmentVariable
And The setting "general-require_provisioned_account" is set to "1"
And The setting "general-uid_mapping" is set to "REMOTE_USER"
And The environment variable "REMOTE_USER" is set to "provisioned-user"
When I send a GET request to "http://localhost/index.php/login"
Then I should be redirected to "http://localhost/index.php/apps/dashboard/"
When I send a GET request to "http://localhost:8080/index.php/login"
Then I should be redirected to "http://localhost:8080/index.php/apps/dashboard/"
Then The user value "id" should be "provisioned-user"
And The last login timestamp of "provisioned-user" should not be empty

Expand All @@ -25,5 +25,5 @@ Feature: EnvironmentVariable
And The setting "general-require_provisioned_account" is set to "1"
And The setting "general-uid_mapping" is set to "REMOTE_USER"
And The environment variable "REMOTE_USER" is set to "certainly-not-provisioned-user"
When I send a GET request to "http://localhost/index.php/login"
Then I should be redirected to "http://localhost/index.php/apps/user_saml/saml/notProvisioned"
When I send a GET request to "http://localhost:8080/index.php/login"
Then I should be redirected to "http://localhost:8080/index.php/apps/user_saml/saml/notProvisioned"
Loading

0 comments on commit f1ecb28

Please sign in to comment.