Newer
Older
image:
name: gcr.io/kaniko-project/executor:debug
entrypoint: [""]
- echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"$CI_REGISTRY_USER\",\"password\":\"$CI_REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json
- /kaniko/executor --context ${CI_PROJECT_DIR}/consent_provider --dockerfile ${CI_PROJECT_DIR}/consent_provider/Dockerfile --destination $CI_REGISTRY_IMAGE/consent_provider:${CI_COMMIT_REF_NAME}
image:
name: gcr.io/kaniko-project/executor:debug
entrypoint: [""]
- echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"$CI_REGISTRY_USER\",\"password\":\"$CI_REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json
- /kaniko/executor --context ${CI_PROJECT_DIR}/login_provider --dockerfile ${CI_PROJECT_DIR}/login_provider/Dockerfile --destination $CI_REGISTRY_IMAGE/login_provider:${CI_COMMIT_REF_NAME}
image:
name: gcr.io/kaniko-project/executor:debug
entrypoint: [""]
script:
- echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"$CI_REGISTRY_USER\",\"password\":\"$CI_REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json
- /kaniko/executor --context ${CI_PROJECT_DIR}/login_provider/test/behave --dockerfile ${CI_PROJECT_DIR}/login_provider/test/behave/Dockerfile --destination $CI_REGISTRY_IMAGE/login_provider_mock:${CI_COMMIT_REF_NAME} --build-arg baseimage=$CI_REGISTRY_IMAGE/login_provider:${CI_COMMIT_REF_NAME}
only:
changes:
- login_provider/**/*
- .gitlab-ci.yml
image:
name: gcr.io/kaniko-project/executor:debug
entrypoint: [""]
- echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"$CI_REGISTRY_USER\",\"password\":\"$CI_REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json
- /kaniko/executor --context ${CI_PROJECT_DIR}/login_provider/test --dockerfile ${CI_PROJECT_DIR}/login_provider/test/Dockerfile --destination $CI_REGISTRY_IMAGE/login_provider_ci_test:${CI_COMMIT_REF_NAME}
integration-oauth:
stage: build-testimages
image:
name: gcr.io/kaniko-project/executor:debug
entrypoint: [""]
script:
- echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"$CI_REGISTRY_USER\",\"password\":\"$CI_REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json
- /kaniko/executor --context ${CI_PROJECT_DIR}/test/login_logout --dockerfile ${CI_PROJECT_DIR}/test/login_logout/Dockerfile --destination $CI_REGISTRY_IMAGE/login_logout:${CI_COMMIT_REF_NAME}
only:
changes:
- ./**/*
- .gitlab-ci.yml
integration-test:
stage: build-testimages
image:
name: gcr.io/kaniko-project/executor:debug
entrypoint: [""]
script:
- echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"$CI_REGISTRY_USER\",\"password\":\"$CI_REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json
- /kaniko/executor --context ${CI_PROJECT_DIR}/test/login_logout/test/ --dockerfile ${CI_PROJECT_DIR}/test/login_logout/test/Dockerfile --destination $CI_REGISTRY_IMAGE/integration_ci_test:${CI_COMMIT_REF_NAME}
only:
changes:
- ./**/*
- .gitlab-ci.yml
variables:
TESTUSER_USERNAME: "admin"
TESTUSER_EMAIL: "admin@example.net"
TESTUSER_PASSWORD: "password"
- name: ${CI_REGISTRY_IMAGE}/login_provider_mock:${CI_COMMIT_REF_NAME}
alias: login_provider
image: ${CI_REGISTRY_IMAGE}/login_provider_ci_test:${CI_COMMIT_REF_NAME}
script:
- cd login_provider/test/behave/
- python3 -m behave -D headless=True -D url=http://login_provider:5000 -D username=$TESTUSER_USERNAME -D password=$TESTUSER_PASSWORD
artifacts:
paths:
- login_provider/test/behave/screenshots/
expire_in: 1 month
when: on_failure
only:
changes:
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
behave-integration:
stage: integration-test
services:
- name: postgres:latest
alias: postgres
- name: ${CI_REGISTRY_IMAGE}/login_provider:${CI_COMMIT_REF_NAME}
alias: login
- name: ${CI_REGISTRY_IMAGE}/consent_provider:${CI_COMMIT_REF_NAME}
alias: consent
- name: oryd/hydra:latest
alias: hydra
command:
- serve
- all
- --dangerous-force-http
- --dangerous-allow-insecure-redirect-urls
- http://oauth:5000/callback
- name: open.greenhost.net:4567/openappstack/user-panel:integration
alias: backend
- name: ${CI_REGISTRY_IMAGE}/login_logout:${CI_COMMIT_REF_NAME}
alias: oauth
variables:
# Gitlab CI does not propagate service names to service containers
# it assigns addresses incrementally starting from 172.17.0.2
# in the order that the services are started which is the order of
# the services listed in the job configuration
DATABASE_HOST: "172.17.0.2" # 172.17.0.2 -> postgres
URLS_LOGIN: "http://172.17.0.3:5000/" # 172.17.0.3 -> login
URLS_LOGOUT: "http://172.17.0.3:5000/logout"
LOGOUT_URL: "http://172.17.0.3:5000/logout"
URLS_POST_LOGOUT_REDIRECT: "http://172.17.0.3:5000/"
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
URLS_CONSENT: "http://172.17.0.4:5001/" # 172.17.0.4 -> consent
URLS_SELF_ISSUER: "http://172.17.0.5:4444/" # 172.17.0.5 -> hydra
HYDRA_ADMIN_URL: "http://172.17.0.5:4445"
BASE_URL: "http://172.17.0.5:4444"
ACCESS_TOKEN_URL: "http://172.17.0.5:4444/oauth2/token"
AUTHORIZE_URL: "http://172.17.0.5:4444/oauth2/auth"
GRAPHQL_URL: "http://172.17.0.6:5000/graphql" # 172.17.0.6 -> backend
GIT_SUBMODULE_STRATEGY: "recursive"
TESTUSER_USERNAME: "testuser"
TESTUSER_PASSWORD: "password"
TESTUSER_EMAIL: "testuser@example.net"
DSN: "memory"
SECRETS_SYSTEM: "youReallyNeedToChangeThis"
OIDC_SUBJECT_TYPES_SUPPORTED: "public,pairwise"
OIDC_SUBJECT_TYPE_PAIRWISE_SALT: "youReallyNeedToChangeThis"
DATABASE_USER: postgres
DATABASE_PASSWORD: secret
DATABASE_NAME: postgres
POSTGRES_PASSWORD: secret
POSTGRES_USER: postgres
POSTGRES_DB: postgres
OAUTHLIB_INSECURE_TRANSPORT: "true"
KEY: "testapp"
SECRET: "secret"
DEBUG: "true"
FLASK_ENV: "development"
image: ${CI_REGISTRY_IMAGE}/integration_ci_test:${CI_COMMIT_REF_NAME}
script:
- echo "WAIT FOR SERVICES TO INITIALIZE" && sleep 20
- /bin/sh user-panel/utils/create-user.sh ${TESTUSER_USERNAME} ${TESTUSER_PASSWORD} ${TESTUSER_EMAIL} backend 5000
- /bin/sh user-panel/utils/create-application.sh ${KEY} backend 5000
- /bin/sh user-panel/utils/grant-access.sh ${TESTUSER_USERNAME} ${KEY} backend 5000
- /bin/sh test/create-hydra-client.sh ${KEY} ${SECRET} hydra 4445 http://oauth:5000/callback
- cd test/login_logout/test/behave/
- python3 -m behave -D headless=True -D url=http://oauth:5000 -D logout_url=http://oauth:5000/logout -D username=${TESTUSER_USERNAME} -D password=${TESTUSER_PASSWORD}