-
Notifications
You must be signed in to change notification settings - Fork 133
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
execute automated external browser tests
- Loading branch information
1 parent
bada542
commit c35b58e
Showing
9 changed files
with
210 additions
and
83 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,7 +1,7 @@ | ||
*.swp | ||
.idea | ||
.git | ||
parameters.json | ||
parameters*.json | ||
snowflake-sdk-*.tgz | ||
dist | ||
junit*.xml | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
#!/bin/bash -e | ||
|
||
set -o pipefail | ||
|
||
AUTH_PARAMETER_FILE=./.github/workflows/parameters_aws_auth_tests.json | ||
eval $(jq -r '.authtestparams | to_entries | map("export \(.key)=\(.value|tostring)")|.[]' $AUTH_PARAMETER_FILE) | ||
|
||
npm run test:authentication |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
#!/bin/bash -e | ||
|
||
set -o pipefail | ||
THIS_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" | ||
export WORKSPACE=${WORKSPACE:-/tmp} | ||
|
||
gpg --quiet --batch --yes --decrypt --passphrase="$PARAMETERS_SECRET" --output $THIS_DIR/../.github/workflows/parameters_aws_auth_tests.json "$THIS_DIR/../.github/workflows/parameters_aws_auth_tests.json.gpg" | ||
|
||
docker rmi -f nexus.int.snowflakecomputing.com:8086/docker/snowdrivers-test-external-browser:1 | ||
docker run \ | ||
-v $(cd $THIS_DIR/.. && pwd):/mnt/host \ | ||
-v $WORKSPACE:/mnt/workspace \ | ||
--rm \ | ||
nexus.int.snowflakecomputing.com:8086/docker/snowdrivers-test-external-browser:1 \ | ||
"/mnt/host/ci/container/test_authentication.sh" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
const snowflakeAuthTestProtocol = process.env.SNOWFLAKE_AUTH_TEST_PROTOCOL; | ||
const snowflakeAuthTestHost = process.env.SNOWFLAKE_AUTH_TEST_HOST; | ||
const snowflakeAuthTestPort = process.env.SNOWFLAKE_AUTH_TEST_PORT; | ||
const snowflakeAuthTestAccount = process.env.SNOWFLAKE_AUTH_TEST_ACCOUNT; | ||
const snowflakeAuthTestRole = process.env.SNOWFLAKE_AUTH_TEST_ROLE; | ||
const snowflakeTestBrowserUser = process.env.SNOWFLAKE_AUTH_TEST_BROWSER_USER; | ||
const snowflakeAuthTestOktaPass = process.env.SNOWFLAKE_AUTH_TEST_OKTA_PASS; | ||
const snowflakeAuthTestDatabase = process.env.SNOWFLAKE_AUTH_TEST_DATABASE; | ||
const snowflakeAuthTestWarehouse = process.env.SNOWFLAKE_AUTH_TEST_WAREHOUSE; | ||
const snowflakeAuthTestSchema = process.env.SNOWFLAKE_AUTH_TEST_SCHEMA; | ||
|
||
const accessUrlAuthTests = snowflakeAuthTestProtocol + '://' + snowflakeAuthTestHost + ':' + | ||
snowflakeAuthTestPort; | ||
|
||
const externalBrowser = | ||
{ | ||
accessUrl: accessUrlAuthTests, | ||
username: snowflakeTestBrowserUser, | ||
account: snowflakeAuthTestAccount, | ||
role: snowflakeAuthTestRole, | ||
host: snowflakeAuthTestHost, | ||
warehouse: snowflakeAuthTestWarehouse, | ||
database: snowflakeAuthTestDatabase, | ||
schema: snowflakeAuthTestSchema, | ||
authenticator: 'EXTERNALBROWSER' | ||
}; | ||
|
||
exports.externalBrowser = externalBrowser; | ||
exports.snowflakeTestBrowserUser = snowflakeTestBrowserUser; | ||
exports.snowflakeAuthTestOktaPass = snowflakeAuthTestOktaPass; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,116 @@ | ||
const snowflake = require('../../lib/snowflake'); | ||
const assert = require('assert'); | ||
const testUtil = require('../integration/testUtil'); | ||
const connParameters = require('./connectionParameters'); | ||
const { exec, spawn } = require('child_process'); | ||
|
||
describe('External browser authentication tests', function () { | ||
const provideBrowserCredentialsPath = '/externalbrowser/provideBrowserCredentials.js'; | ||
const login = connParameters.snowflakeTestBrowserUser; | ||
const password = connParameters.snowflakeAuthTestOktaPass; | ||
|
||
|
||
describe('External browser tests', async () => { | ||
before(async () => { | ||
await cleanBrowserProcesses(); | ||
}); | ||
|
||
afterEach(async () => { | ||
await cleanBrowserProcesses(); | ||
}); | ||
|
||
it('Successful connection', async () => { | ||
const connectionOption = { ...connParameters.externalBrowser, clientStoreTemporaryCredential: false }; | ||
const connection = await snowflake.createConnection(connectionOption); | ||
const connectAsyncPromise = connection.connectAsync(function (err, connection) { | ||
connectionHandler(err, connection); | ||
}); | ||
const provideCredentialsPromise = execWithTimeout('node', [provideBrowserCredentialsPath, 'success', login, password], 15000); | ||
await Promise.all([connectAsyncPromise, provideCredentialsPromise]); | ||
}); | ||
|
||
it('Wrong credentials', async () => { | ||
const login = 'itsnotanaccount.com'; | ||
const password = 'fakepassword'; | ||
const connectionOption = { ...connParameters.externalBrowser, clientStoreTemporaryCredential: false }; | ||
const connection = await snowflake.createConnection(connectionOption); | ||
|
||
connection.connectAsync(function (err, connection) { | ||
connectionHandler(err, connection); | ||
}); | ||
const provideCredentialsPromise = execWithTimeout('node', [provideBrowserCredentialsPath, 'fail', login, password]); | ||
await Promise.all([provideCredentialsPromise]); | ||
|
||
}); | ||
|
||
it('External browser timeout', async () => { | ||
const connectionOption = { ...connParameters.externalBrowser, browserActionTimeout: 100, clientStoreTemporaryCredential: false }; | ||
const connection = await snowflake.createConnection(connectionOption); | ||
|
||
const connectAsyncPromise = connection.connectAsync(function (err, connection) { | ||
timeoutConnectionHandler(err, connection); | ||
}); | ||
|
||
const connectToBrowserPromise = execWithTimeout('node', [provideBrowserCredentialsPath, 'timeout']); | ||
await Promise.all([connectAsyncPromise, connectToBrowserPromise]); | ||
}); | ||
}); | ||
}); | ||
|
||
async function timeoutConnectionHandler(err, timeout) { | ||
try { | ||
assert.ok(err, `Browser action timed out after ${timeout} ms.`); | ||
} catch (err){ | ||
await assert.fail(err); | ||
} | ||
} | ||
|
||
async function cleanBrowserProcesses() { | ||
exec('pkill -f chromium'); | ||
exec('pkill -f xdg-open'); | ||
} | ||
|
||
function connectionHandler(err, connection) { | ||
assert.ok(connection.isUp(), 'Connection is not active'); | ||
testUtil.destroyConnection(connection, function () { | ||
try { | ||
assert.ok(!connection.isUp(), 'Connection is not closed'); | ||
} catch (err) { | ||
assert.fail(err); | ||
} | ||
}); | ||
} | ||
|
||
function execWithTimeout(command, args, timeout = 5000) { | ||
return new Promise((resolve, reject) => { | ||
const child = spawn(command, args, { shell: true }); | ||
|
||
let stdout = ''; | ||
let stderr = ''; | ||
|
||
child.stdout.on('data', (data) => { | ||
stdout += data; | ||
}); | ||
|
||
child.stderr.on('data', (data) => { | ||
stderr += data; | ||
}); | ||
|
||
child.on('error', (err) => { | ||
reject(err); | ||
}); | ||
|
||
child.on('close', (code) => { | ||
if (code !== 0) { | ||
reject(new Error(`Provide browser credentials process exited with code: ${code}, error: ${stderr}`)); | ||
} else { | ||
resolve({ stdout, stderr }); | ||
} | ||
}); | ||
|
||
setTimeout(() => { | ||
child.kill(); | ||
reject(new Error('Provide browser credentials process timed out')); | ||
}, timeout); | ||
}); | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters