diff --git a/test/Makefile b/test/Makefile new file mode 100644 index 00000000..415e23e5 --- /dev/null +++ b/test/Makefile @@ -0,0 +1,34 @@ +SHELL := /bin/bash + +KCADM = /opt/jboss/keycloak/bin/kcadm.sh +KCADM_CONFIG = /tmp/.keycloak/kcadm.config +KCADM_STRING = --server http://$$(hostname -i):8080/auth --user $$KEYCLOAK_ADMIN_USER --password $$KEYCLOAK_ADMIN_PASSWORD --realm master +KCADM_LOGIN = $(KCADM) config credentials --config $(KCADM_CONFIG) $(KCADM_STRING) + +.PHONY: build-lagoon +build-lagoon: + docker compose up -d --quiet-pull + $(MAKE) wait-for-keycloak + @echo "\nYour Lagoon stack is now running locally - use 'GRAPHQL_API=http://0.0.0.0:33000/graphql KEYCLOAK_API=http://0.0.0.0:38088/auth' as the variables to access it\n" + +.PHONY: wait-for-keycloak +wait-for-keycloak: + $(info Waiting for Keycloak to be ready....) + grep -m 1 "Config of Keycloak done." <(docker compose --compatibility logs -f keycloak 2>&1) + +.PHONY: keycloak-setup +keycloak-setup: + docker compose exec keycloak bash -c "/upload/configure-keycloak.sh" + +.PHONY: reload-data +reload-data: + docker compose up -d local-api-data-watcher-pusher + +.PHONY: down +down: + docker compose down --remove-orphans --volumes + +.PHONY: up +up: + $(MAKE) build-lagoon + $(MAKE) keycloak-setup diff --git a/test/README.md b/test/README.md new file mode 100644 index 00000000..1295088f --- /dev/null +++ b/test/README.md @@ -0,0 +1,16 @@ +## Lagoon minimal setup + +Use this docker-compose.yml to start a minimal Lagoon Core for testing purposes. + +### Running it + +Simple! Just run `make up` - this will pull the images, start Lagoon, and auto-configure the passwords. + +Lagoon comes built-in with organizations, groups, projects and users. + +All usernames have matching passwords (eg user:owner@example.com pass:owner@example.com) + +The file is configured to start the API and keycloak on non-usual ports to avoid any collisions + +Use `GRAPHQL_API=http://0.0.0.0:33000/graphql KEYCLOAK_API=http://0.0.0.0:38088/auth` with any tools. + diff --git a/test/docker-compose.yaml b/test/docker-compose.yaml new file mode 100644 index 00000000..07a16cd4 --- /dev/null +++ b/test/docker-compose.yaml @@ -0,0 +1,70 @@ +version: '3.2' + +name: lagoon-minimal + +services: + api-db: + image: testlagoon/api-db:main + networks: + - default + broker: + image: testlagoon/broker-single:main + restart: on-failure + networks: + - default + api-init: + image: testlagoon/api:main + command: ./node_modules/.bin/knex migrate:latest --cwd /app/services/api/database + depends_on: + - api-db + - keycloak + api: + image: testlagoon/api:main + ports: + - '33000:3000' + networks: + - default + environment: + - KEYCLOAK_URL=http://172.17.0.1:38088 + - NODE_ENV=development + - OPENSEARCH_INTEGRATION_ENABLED=false + - DISABLE_CORE_HARBOR=true + - CI=${CI:-true} + - S3_FILES_HOST=http://0.0.0.0:39000 + - S3_BAAS_ACCESS_KEY_ID=minio + - S3_BAAS_SECRET_ACCESS_KEY=minio123 + - CONSOLE_LOGGING_LEVEL=trace + depends_on: + - api-init + api-redis: + image: testlagoon/api-redis:main + keycloak: + image: testlagoon/keycloak:main + depends_on: + - keycloak-db + ports: + - '38088:8080' + volumes: + - ./keycloak:/upload + environment: + - KEYCLOAK_FRONTEND_URL=http://0.0.0.0:38088/auth + keycloak-db: + image: testlagoon/keycloak-db:main + local-minio: + image: minio/minio + entrypoint: sh + command: -c 'mkdir -p /export/restores && mkdir -p /export/lagoon-files && mkdir -p /export/harbor-images && minio server /export --console-address ":9001" ' + ports: + - '39000:9000' + - '39001:9001' + environment: + - MINIO_ROOT_USER=minio + - MINIO_ROOT_PASSWORD=minio123 + local-api-data-watcher-pusher: + image: testlagoon/local-api-data-watcher-pusher:main + depends_on: + - api + command: ["bash", "-c", " + wait-for api:3000 -t 600; + /home/data-init-push.sh; + "] \ No newline at end of file diff --git a/test/keycloak/configure-keycloak.sh b/test/keycloak/configure-keycloak.sh new file mode 100755 index 00000000..0aa788c0 --- /dev/null +++ b/test/keycloak/configure-keycloak.sh @@ -0,0 +1,52 @@ +function is_keycloak_running { + local http_code=$(curl -s -o /dev/null -w "%{http_code}" http://localhost:8080/auth/admin/realms) + if [[ $http_code -eq 401 ]]; then + return 0 + else + return 1 + fi +} + +function configure_user_passwords { + + LAGOON_DEMO_USERS=("guest@example.com" "reporter@example.com" "developer@example.com" "maintainer@example.com" "owner@example.com") + LAGOON_DEMO_ORG_USERS=("orguser@example.com" "orgviewer@example.com" "orgowner@example.com" "platformowner@example.com") + + for i in ${LAGOON_DEMO_USERS[@]} + do + echo Configuring password for $i + /opt/keycloak/bin/kcadm.sh set-password --config $CONFIG_PATH --username $i -p $i --target-realm Lagoon + done + + for i in ${LAGOON_DEMO_ORG_USERS[@]} + do + echo Configuring password for $i + /opt/keycloak/bin/kcadm.sh set-password --config $CONFIG_PATH --username $i -p $i --target-realm Lagoon + done +} + +function configure_platformowner { + echo Configuring platform owner role + /opt/keycloak/bin/kcadm.sh add-roles --uusername platformowner@example.com --rolename platform-owner --config $CONFIG_PATH --target-realm Lagoon +} + +function configure_keycloak { + until is_keycloak_running; do + echo Keycloak still not running, waiting 5 seconds + sleep 5 + done + + # Set the config file path because $HOME/.keycloak/kcadm.config resolves to /opt/jboss/?/.keycloak/kcadm.config for some reason, causing it to fail + CONFIG_PATH=/tmp/kcadm.config + + echo Keycloak is running, proceeding with configuration + + /opt/keycloak/bin/kcadm.sh config credentials --config $CONFIG_PATH --server http://localhost:8080/auth --user $KEYCLOAK_USER --password $KEYCLOAK_PASSWORD --realm master + + configure_user_passwords + configure_platformowner + + echo "Config of Keycloak users done" +} + +configure_keycloak \ No newline at end of file