name: Test Infrastructure files on: push: branches: - main pull_request: paths: - 'infrastructure_files/**' - '.github/workflows/test-infrastructure-files.yml' - 'management/cmd/**' - 'signal/cmd/**' concurrency: group: ${{ github.workflow }}-${{ github.ref }}-${{ github.head_ref || github.actor_id }} cancel-in-progress: true jobs: test-docker-compose: runs-on: ubuntu-latest steps: - name: Install jq run: sudo apt-get install -y jq - name: Install curl run: sudo apt-get install -y curl - name: Install Go uses: actions/setup-go@v4 with: go-version: "1.21.x" - name: Cache Go modules uses: actions/cache@v3 with: path: ~/go/pkg/mod key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} restore-keys: | ${{ runner.os }}-go- - name: Checkout code uses: actions/checkout@v3 - name: cp setup.env run: cp infrastructure_files/tests/setup.env infrastructure_files/ - name: run configure working-directory: infrastructure_files run: bash -x configure.sh env: CI_NETBIRD_DOMAIN: localhost CI_NETBIRD_AUTH_CLIENT_ID: testing.client.id CI_NETBIRD_AUTH_CLIENT_SECRET: testing.client.secret CI_NETBIRD_AUTH_AUDIENCE: testing.ci CI_NETBIRD_AUTH_OIDC_CONFIGURATION_ENDPOINT: https://example.eu.auth0.com/.well-known/openid-configuration CI_NETBIRD_USE_AUTH0: true CI_NETBIRD_MGMT_IDP: "none" CI_NETBIRD_IDP_MGMT_CLIENT_ID: testing.client.id CI_NETBIRD_IDP_MGMT_CLIENT_SECRET: testing.client.secret CI_NETBIRD_AUTH_SUPPORTED_SCOPES: "openid profile email offline_access api email_verified" CI_NETBIRD_STORE_CONFIG_ENGINE: "sqlite" CI_NETBIRD_MGMT_IDP_SIGNKEY_REFRESH: false - name: check values working-directory: infrastructure_files/artifacts env: CI_NETBIRD_DOMAIN: localhost CI_NETBIRD_AUTH_CLIENT_ID: testing.client.id CI_NETBIRD_AUTH_CLIENT_SECRET: testing.client.secret CI_NETBIRD_AUTH_AUDIENCE: testing.ci CI_NETBIRD_AUTH_OIDC_CONFIGURATION_ENDPOINT: https://example.eu.auth0.com/.well-known/openid-configuration CI_NETBIRD_USE_AUTH0: true CI_NETBIRD_AUTH_SUPPORTED_SCOPES: "openid profile email offline_access api email_verified" CI_NETBIRD_AUTH_AUTHORITY: https://example.eu.auth0.com/ CI_NETBIRD_AUTH_JWT_CERTS: https://example.eu.auth0.com/.well-known/jwks.json CI_NETBIRD_AUTH_TOKEN_ENDPOINT: https://example.eu.auth0.com/oauth/token CI_NETBIRD_AUTH_DEVICE_AUTH_ENDPOINT: https://example.eu.auth0.com/oauth/device/code CI_NETBIRD_AUTH_PKCE_AUTHORIZATION_ENDPOINT: https://example.eu.auth0.com/authorize CI_NETBIRD_AUTH_REDIRECT_URI: "/peers" CI_NETBIRD_TOKEN_SOURCE: "idToken" CI_NETBIRD_AUTH_USER_ID_CLAIM: "email" CI_NETBIRD_AUTH_DEVICE_AUTH_AUDIENCE: "super" CI_NETBIRD_AUTH_DEVICE_AUTH_SCOPE: "openid email" CI_NETBIRD_MGMT_IDP: "none" CI_NETBIRD_IDP_MGMT_CLIENT_ID: testing.client.id CI_NETBIRD_IDP_MGMT_CLIENT_SECRET: testing.client.secret CI_NETBIRD_SIGNAL_PORT: 12345 CI_NETBIRD_STORE_CONFIG_ENGINE: "sqlite" CI_NETBIRD_MGMT_IDP_SIGNKEY_REFRESH: false CI_NETBIRD_TURN_EXTERNAL_IP: "1.2.3.4" run: | set -x grep AUTH_CLIENT_ID docker-compose.yml | grep $CI_NETBIRD_AUTH_CLIENT_ID grep AUTH_CLIENT_SECRET docker-compose.yml | grep $CI_NETBIRD_AUTH_CLIENT_SECRET grep AUTH_AUTHORITY docker-compose.yml | grep $CI_NETBIRD_AUTH_AUTHORITY grep AUTH_AUDIENCE docker-compose.yml | grep $CI_NETBIRD_AUTH_AUDIENCE grep AUTH_SUPPORTED_SCOPES docker-compose.yml | grep "$CI_NETBIRD_AUTH_SUPPORTED_SCOPES" grep USE_AUTH0 docker-compose.yml | grep $CI_NETBIRD_USE_AUTH0 grep NETBIRD_MGMT_API_ENDPOINT docker-compose.yml | grep "$CI_NETBIRD_DOMAIN:33073" grep AUTH_REDIRECT_URI docker-compose.yml | grep $CI_NETBIRD_AUTH_REDIRECT_URI grep AUTH_SILENT_REDIRECT_URI docker-compose.yml | egrep 'AUTH_SILENT_REDIRECT_URI=$' grep $CI_NETBIRD_SIGNAL_PORT docker-compose.yml | grep ':80' grep LETSENCRYPT_DOMAIN docker-compose.yml | egrep 'LETSENCRYPT_DOMAIN=$' grep NETBIRD_TOKEN_SOURCE docker-compose.yml | grep $CI_NETBIRD_TOKEN_SOURCE grep AuthUserIDClaim management.json | grep $CI_NETBIRD_AUTH_USER_ID_CLAIM grep -A 3 DeviceAuthorizationFlow management.json | grep -A 1 ProviderConfig | grep Audience | grep $CI_NETBIRD_AUTH_DEVICE_AUTH_AUDIENCE grep -A 3 DeviceAuthorizationFlow management.json | grep -A 1 ProviderConfig | grep Audience | grep $CI_NETBIRD_AUTH_DEVICE_AUTH_AUDIENCE grep Engine management.json | grep "$CI_NETBIRD_STORE_CONFIG_ENGINE" grep IdpSignKeyRefreshEnabled management.json | grep "$CI_NETBIRD_MGMT_IDP_SIGNKEY_REFRESH" grep UseIDToken management.json | grep false grep -A 1 IdpManagerConfig management.json | grep ManagerType | grep $CI_NETBIRD_MGMT_IDP grep -A 3 IdpManagerConfig management.json | grep -A 1 ClientConfig | grep Issuer | grep $CI_NETBIRD_AUTH_AUTHORITY grep -A 4 IdpManagerConfig management.json | grep -A 2 ClientConfig | grep TokenEndpoint | grep $CI_NETBIRD_AUTH_TOKEN_ENDPOINT grep -A 5 IdpManagerConfig management.json | grep -A 3 ClientConfig | grep ClientID | grep $CI_NETBIRD_IDP_MGMT_CLIENT_ID grep -A 6 IdpManagerConfig management.json | grep -A 4 ClientConfig | grep ClientSecret | grep $CI_NETBIRD_IDP_MGMT_CLIENT_SECRET grep -A 7 IdpManagerConfig management.json | grep -A 5 ClientConfig | grep GrantType | grep client_credentials grep -A 10 PKCEAuthorizationFlow management.json | grep -A 10 ProviderConfig | grep Audience | grep $CI_NETBIRD_AUTH_AUDIENCE grep -A 10 PKCEAuthorizationFlow management.json | grep -A 10 ProviderConfig | grep ClientID | grep $CI_NETBIRD_AUTH_CLIENT_ID grep -A 10 PKCEAuthorizationFlow management.json | grep -A 10 ProviderConfig | grep ClientSecret | grep $CI_NETBIRD_AUTH_CLIENT_SECRET grep -A 10 PKCEAuthorizationFlow management.json | grep -A 10 ProviderConfig | grep AuthorizationEndpoint | grep $CI_NETBIRD_AUTH_PKCE_AUTHORIZATION_ENDPOINT grep -A 10 PKCEAuthorizationFlow management.json | grep -A 10 ProviderConfig | grep TokenEndpoint | grep $CI_NETBIRD_AUTH_TOKEN_ENDPOINT grep -A 10 PKCEAuthorizationFlow management.json | grep -A 10 ProviderConfig | grep Scope | grep "$CI_NETBIRD_AUTH_SUPPORTED_SCOPES" grep -A 10 PKCEAuthorizationFlow management.json | grep -A 10 ProviderConfig | grep -A 3 RedirectURLs | grep "http://localhost:53000" grep "external-ip" turnserver.conf | grep $CI_NETBIRD_TURN_EXTERNAL_IP - name: Install modules run: go mod tidy - name: check git status run: git --no-pager diff --exit-code - name: Build management binary working-directory: management run: CGO_ENABLED=1 go build -o netbird-mgmt main.go - name: Build management docker image working-directory: management run: | docker build -t netbirdio/management:latest . - name: Build signal binary working-directory: signal run: CGO_ENABLED=0 go build -o netbird-signal main.go - name: Build signal docker image working-directory: signal run: | docker build -t netbirdio/signal:latest . - name: run docker compose up working-directory: infrastructure_files/artifacts run: | docker-compose up -d sleep 5 docker-compose ps docker-compose logs --tail=20 - name: test running containers run: | count=$(docker compose ps --format json | jq '. | select(.Name | contains("artifacts")) | .State' | grep -c running) test $count -eq 4 working-directory: infrastructure_files/artifacts - name: test geolocation databases working-directory: infrastructure_files/artifacts run: | sleep 30 docker compose exec management ls -l /var/lib/netbird/ | grep -i GeoLite2-City.mmdb docker compose exec management ls -l /var/lib/netbird/ | grep -i geonames.db test-getting-started-script: runs-on: ubuntu-latest steps: - name: Install jq run: sudo apt-get install -y jq - name: Checkout code uses: actions/checkout@v3 - name: run script run: NETBIRD_DOMAIN=use-ip bash -x infrastructure_files/getting-started-with-zitadel.sh - name: test Caddy file gen run: test -f Caddyfile - name: test docker-compose file gen run: test -f docker-compose.yml - name: test management.json file gen run: test -f management.json - name: test turnserver.conf file gen run: | set -x test -f turnserver.conf grep external-ip turnserver.conf - name: test zitadel.env file gen run: test -f zitadel.env - name: test dashboard.env file gen run: test -f dashboard.env test-download-geolite2-script: runs-on: ubuntu-latest steps: - name: Install jq run: sudo apt-get update && sudo apt-get install -y unzip sqlite3 - name: Checkout code uses: actions/checkout@v3 - name: test script run: bash -x infrastructure_files/download-geolite2.sh - name: test mmdb file exists run: test -f GeoLite2-City.mmdb - name: test geonames file exists run: test -f geonames.db