Newer
Older
include:
- remote: https://open.greenhost.net/openappstack/openappstack/raw/master/.gitlab/ci_templates/kaniko.yml
variables:
KANIKO_CONTEXT: "consent_provider"
KANIKO_BUILD_IMAGENAME: $CI_JOB_NAME
extends: .kaniko_build
variables:
KANIKO_CONTEXT: "login_provider"
KANIKO_BUILD_IMAGENAME: $CI_JOB_NAME
extends: .kaniko_build
variables:
KANIKO_CONTEXT: "test/login_logout"
KANIKO_BUILD_IMAGENAME: $CI_JOB_NAME
extends: .kaniko_build
variables:
KANIKO_CONTEXT: "test/login_logout/test"
KANIKO_BUILD_IMAGENAME: $CI_JOB_NAME
extends: .kaniko_build
behave-integration:
stage: integration-test
services:
- name: postgres:latest
alias: postgres
- name: ${CI_REGISTRY_IMAGE}/login_provider:${CI_COMMIT_REF_NAME}
alias: login
- name: ${CI_REGISTRY_IMAGE}/consent_provider:${CI_COMMIT_REF_NAME}
alias: consent
- name: oryd/hydra:latest
alias: hydra
command:
- serve
- all
- --dangerous-force-http
- --dangerous-allow-insecure-redirect-urls
- http://oauth:5000/callback
- name: open.greenhost.net:4567/openappstack/user-panel/backend:master
alias: backend
- name: ${CI_REGISTRY_IMAGE}/login_logout:${CI_COMMIT_REF_NAME}
alias: oauth
variables:
# Gitlab CI does not propagate service names to service containers
# it assigns addresses incrementally starting from 172.17.0.2
# in the order that the services are started which is the order of
# the services listed in the job configuration
DATABASE_HOST: "172.17.0.2" # 172.17.0.2 -> postgres
URLS_LOGIN: "http://172.17.0.3:5000/login" # 172.17.0.3 -> login
LOGOUT_URL: "http://172.17.0.3:5000/logout"
URLS_POST_LOGOUT_REDIRECT: "http://172.17.0.3:5000/"
URLS_CONSENT: "http://172.17.0.4:5001/consent" # 172.17.0.4 -> consent
URLS_SELF_ISSUER: "http://172.17.0.5:4444/" # 172.17.0.5 -> hydra
HYDRA_ADMIN_URL: "http://172.17.0.5:4445"
ACCESS_TOKEN_URL: "http://172.17.0.5:4444/oauth2/token"
AUTHORIZE_URL: "http://172.17.0.5:4444/oauth2/auth"
GRAPHQL_URL: "http://172.17.0.6:5000/graphql" # 172.17.0.6 -> backend
GIT_SUBMODULE_STRATEGY: "recursive"
TESTUSER_USERNAME: "testuser"
TESTUSER_PASSWORD: "password"
TESTUSER_EMAIL: "testuser@example.net"
DSN: "memory"
SECRETS_SYSTEM: "youReallyNeedToChangeThis"
OIDC_SUBJECT_TYPES_SUPPORTED: "public,pairwise"
OIDC_SUBJECT_TYPE_PAIRWISE_SALT: "youReallyNeedToChangeThis"
DATABASE_USER: postgres
DATABASE_PASSWORD: secret
DATABASE_NAME: postgres
POSTGRES_PASSWORD: secret
POSTGRES_USER: postgres
POSTGRES_DB: postgres
OAUTHLIB_INSECURE_TRANSPORT: "true"
KEY: "testapp"
SECRET: "secret"
DEBUG: "true"
FLASK_ENV: "development"
image: ${CI_REGISTRY_IMAGE}/integration_test:${CI_COMMIT_REF_NAME}
script:
- echo "WAIT FOR SERVICES TO INITIALIZE" && sleep 20
- /bin/bash user-panel/backend/utils/create-user.bash ${TESTUSER_USERNAME} ${TESTUSER_PASSWORD} ${TESTUSER_EMAIL} backend:5000
- /bin/bash user-panel/backend/utils/create-user.bash ${TESTUSER_USERNAME2} ${TESTUSER_PASSWORD} ${TESTUSER_EMAIL2} backend:5000
- /bin/bash user-panel/backend/utils/create-application.bash ${KEY} backend:5000
- /bin/bash user-panel/backend/utils/create-role.bash ${ROLE} backend:5000
- /bin/bash user-panel/backend/utils/grant-access.bash ${TESTUSER_USERNAME} ${KEY} backend:5000
- /bin/bash user-panel/backend/utils/assign-role.bash ${TESTUSER_USERNAME} ${ROLE} backend:5000
- /bin/bash test/create-hydra-client.bash ${KEY} ${SECRET} http://hydra:4445 http://oauth:5000/callback
- >
python3 -m behave
-D headless=True
-D url=http://oauth:5000
-D username=${TESTUSER_USERNAME}
-D username2=${TESTUSER_USERNAME2}
-D password=${TESTUSER_PASSWORD}
-D email=${TESTUSER_EMAIL}
-D role=${ROLE}