mirror of
https://github.com/netbirdio/netbird.git
synced 2025-02-13 08:50:32 +01:00
ed075bc9b9
* Refactor: Configurable supported scopes Previously, supported scopes were hardcoded and limited to Auth0 and Keycloak. This update removes the default set of values, providing flexibility. The value to be set for each Identity Provider (IDP) is specified in their respective documentation. * correct var * correct var * skip fetching scopes from openid-configuration
117 lines
5.4 KiB
YAML
117 lines
5.4 KiB
YAML
name: Test Docker Compose Linux
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- main
|
|
pull_request:
|
|
|
|
|
|
concurrency:
|
|
group: ${{ github.workflow }}-${{ github.ref }}-${{ github.head_ref || github.actor_id }}
|
|
cancel-in-progress: true
|
|
|
|
jobs:
|
|
test:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Install jq
|
|
run: sudo apt-get install -y jq
|
|
|
|
- name: Install curl
|
|
run: sudo apt-get install -y curl
|
|
|
|
- name: Install Go
|
|
uses: actions/setup-go@v2
|
|
with:
|
|
go-version: "1.20.x"
|
|
|
|
- name: Cache Go modules
|
|
uses: actions/cache@v2
|
|
with:
|
|
path: ~/go/pkg/mod
|
|
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
|
|
restore-keys: |
|
|
${{ runner.os }}-go-
|
|
|
|
- name: Checkout code
|
|
uses: actions/checkout@v2
|
|
|
|
- name: cp setup.env
|
|
run: cp infrastructure_files/tests/setup.env infrastructure_files/
|
|
|
|
- name: run configure
|
|
working-directory: infrastructure_files
|
|
run: bash -x configure.sh
|
|
env:
|
|
CI_NETBIRD_DOMAIN: localhost
|
|
CI_NETBIRD_AUTH_CLIENT_ID: testing.client.id
|
|
CI_NETBIRD_AUTH_CLIENT_SECRET: testing.client.secret
|
|
CI_NETBIRD_AUTH_AUDIENCE: testing.ci
|
|
CI_NETBIRD_AUTH_OIDC_CONFIGURATION_ENDPOINT: https://example.eu.auth0.com/.well-known/openid-configuration
|
|
CI_NETBIRD_USE_AUTH0: true
|
|
CI_NETBIRD_MGMT_IDP: "none"
|
|
CI_NETBIRD_IDP_MGMT_CLIENT_ID: testing.client.id
|
|
CI_NETBIRD_IDP_MGMT_CLIENT_SECRET: testing.client.secret
|
|
CI_NETBIRD_AUTH_SUPPORTED_SCOPES: "openid profile email offline_access api email_verified"
|
|
|
|
- name: check values
|
|
working-directory: infrastructure_files
|
|
env:
|
|
CI_NETBIRD_DOMAIN: localhost
|
|
CI_NETBIRD_AUTH_CLIENT_ID: testing.client.id
|
|
CI_NETBIRD_AUTH_CLIENT_SECRET: testing.client.secret
|
|
CI_NETBIRD_AUTH_AUDIENCE: testing.ci
|
|
CI_NETBIRD_AUTH_OIDC_CONFIGURATION_ENDPOINT: https://example.eu.auth0.com/.well-known/openid-configuration
|
|
CI_NETBIRD_USE_AUTH0: true
|
|
CI_NETBIRD_AUTH_SUPPORTED_SCOPES: "openid profile email offline_access api email_verified"
|
|
CI_NETBIRD_AUTH_AUTHORITY: https://example.eu.auth0.com/
|
|
CI_NETBIRD_AUTH_JWT_CERTS: https://example.eu.auth0.com/.well-known/jwks.json
|
|
CI_NETBIRD_AUTH_TOKEN_ENDPOINT: https://example.eu.auth0.com/oauth/token
|
|
CI_NETBIRD_AUTH_DEVICE_AUTH_ENDPOINT: https://example.eu.auth0.com/oauth/device/code
|
|
CI_NETBIRD_AUTH_REDIRECT_URI: "/peers"
|
|
CI_NETBIRD_TOKEN_SOURCE: "idToken"
|
|
CI_NETBIRD_AUTH_USER_ID_CLAIM: "email"
|
|
CI_NETBIRD_AUTH_DEVICE_AUTH_AUDIENCE: "super"
|
|
CI_NETBIRD_AUTH_DEVICE_AUTH_SCOPE: "openid email"
|
|
CI_NETBIRD_MGMT_IDP: "none"
|
|
CI_NETBIRD_IDP_MGMT_CLIENT_ID: testing.client.id
|
|
CI_NETBIRD_IDP_MGMT_CLIENT_SECRET: testing.client.secret
|
|
|
|
run: |
|
|
grep AUTH_CLIENT_ID docker-compose.yml | grep $CI_NETBIRD_AUTH_CLIENT_ID
|
|
grep AUTH_CLIENT_SECRET docker-compose.yml | grep $CI_NETBIRD_AUTH_CLIENT_SECRET
|
|
grep AUTH_AUTHORITY docker-compose.yml | grep $CI_NETBIRD_AUTH_AUTHORITY
|
|
grep AUTH_AUDIENCE docker-compose.yml | grep $CI_NETBIRD_AUTH_AUDIENCE
|
|
grep AUTH_SUPPORTED_SCOPES docker-compose.yml | grep "$CI_NETBIRD_AUTH_SUPPORTED_SCOPES"
|
|
grep USE_AUTH0 docker-compose.yml | grep $CI_NETBIRD_USE_AUTH0
|
|
grep NETBIRD_MGMT_API_ENDPOINT docker-compose.yml | grep "$CI_NETBIRD_DOMAIN:33073"
|
|
grep AUTH_REDIRECT_URI docker-compose.yml | grep $CI_NETBIRD_AUTH_REDIRECT_URI
|
|
grep AUTH_SILENT_REDIRECT_URI docker-compose.yml | egrep 'AUTH_SILENT_REDIRECT_URI=$'
|
|
grep LETSENCRYPT_DOMAIN docker-compose.yml | egrep 'LETSENCRYPT_DOMAIN=$'
|
|
grep NETBIRD_TOKEN_SOURCE docker-compose.yml | grep $CI_NETBIRD_TOKEN_SOURCE
|
|
grep AuthUserIDClaim management.json | grep $CI_NETBIRD_AUTH_USER_ID_CLAIM
|
|
grep -A 1 ProviderConfig management.json | grep Audience | grep $CI_NETBIRD_AUTH_DEVICE_AUTH_AUDIENCE
|
|
grep Scope management.json | grep "$CI_NETBIRD_AUTH_DEVICE_AUTH_SCOPE"
|
|
grep UseIDToken management.json | grep false
|
|
grep -A 1 IdpManagerConfig management.json | grep ManagerType | grep $CI_NETBIRD_MGMT_IDP
|
|
grep -A 3 IdpManagerConfig management.json | grep -A 1 ClientConfig | grep Issuer | grep $CI_NETBIRD_AUTH_AUTHORITY
|
|
grep -A 4 IdpManagerConfig management.json | grep -A 2 ClientConfig | grep TokenEndpoint | grep $CI_NETBIRD_AUTH_TOKEN_ENDPOINT
|
|
grep -A 5 IdpManagerConfig management.json | grep -A 3 ClientConfig | grep ClientID | grep $CI_NETBIRD_IDP_MGMT_CLIENT_ID
|
|
grep -A 6 IdpManagerConfig management.json | grep -A 4 ClientConfig | grep ClientSecret | grep $CI_NETBIRD_IDP_MGMT_CLIENT_SECRET
|
|
grep -A 7 IdpManagerConfig management.json | grep -A 5 ClientConfig | grep GrantType | grep client_credentials
|
|
|
|
- name: run docker compose up
|
|
working-directory: infrastructure_files
|
|
run: |
|
|
docker-compose up -d
|
|
sleep 5
|
|
docker-compose ps
|
|
docker-compose logs --tail=20
|
|
|
|
- name: test running containers
|
|
run: |
|
|
count=$(docker compose ps --format json | jq '.[] | select(.Project | contains("infrastructure_files")) | .State' | grep -c running)
|
|
test $count -eq 4
|
|
working-directory: infrastructure_files
|