nixos/tests/ocis.nix at master · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / tests / ocis.nix
at master 7.0 kB view raw
  1{ lib, pkgs, ... }:
  2
  3let
  4  # this is a demo user created by IDM_CREATE_DEMO_USERS=true
  5  demoUser = "einstein";
  6  demoPassword = "relativity";
  7
  8  adminUser = "admin";
  9  adminPassword = "hunter2";
 10  testRunner =
 11    pkgs.writers.writePython3Bin "test-runner"
 12      {
 13        libraries = [ pkgs.python3Packages.selenium ];
 14        flakeIgnore = [ "E501" ];
 15      }
 16      ''
 17        import sys
 18        from selenium.webdriver.common.by import By
 19        from selenium.webdriver import Firefox
 20        from selenium.webdriver.firefox.options import Options
 21        from selenium.webdriver.support.ui import WebDriverWait
 22        from selenium.webdriver.support import expected_conditions as EC
 23
 24        options = Options()
 25        options.add_argument('--headless')
 26        driver = Firefox(options=options)
 27
 28        user = sys.argv[1]
 29        password = sys.argv[2]
 30        driver.implicitly_wait(20)
 31        driver.get('https://localhost:9200/login')
 32        wait = WebDriverWait(driver, 10)
 33        wait.until(EC.title_contains("Sign in"))
 34        driver.find_element(By.XPATH, '//*[@id="oc-login-username"]').send_keys(user)
 35        driver.find_element(By.XPATH, '//*[@id="oc-login-password"]').send_keys(password)
 36        driver.find_element(By.XPATH, '//*[@id="root"]//button').click()
 37        wait.until(EC.title_contains("Personal"))
 38      '';
 39
 40  # This was generated with `ocis init --config-path testconfig/ --admin-password "hunter2" --insecure true`.
 41  testConfig = ''
 42    token_manager:
 43      jwt_secret: kaKYgfso*d9GA-yTM.&BTOUEuMz%Ai0H
 44    machine_auth_api_key: sGWRG1JZ&qe&pe@N1HKK4#qH*B&@xLnO
 45    system_user_api_key: h+m4aHPUtOtUJFKrc5B2=04C=7fDZaT-
 46    transfer_secret: 4-R6AfUjQn0P&+h2+$skf0lJqmre$j=x
 47    system_user_id: db180e0a-b38a-4edf-a4cd-a3d358248537
 48    admin_user_id: ea623f50-742d-4fd0-95bb-c61767b070d4
 49    graph:
 50      application:
 51        id: 11971eab-d560-4b95-a2d4-50726676bbd0
 52      events:
 53        tls_insecure: true
 54      spaces:
 55        insecure: true
 56      identity:
 57        ldap:
 58          bind_password: ^F&Vn7@mYGYGuxr$#qm^gGy@FVq=.w=y
 59      service_account:
 60        service_account_id: df39a290-3f3e-4e39-b67b-8b810ca2abac
 61        service_account_secret: .demKypQ$=pGl+yRar!#YaFjLYCr4YwE
 62    idp:
 63      ldap:
 64        bind_password: bv53IjS28x.nxth*%aRbE70%4TGNXbLU
 65    idm:
 66      service_user_passwords:
 67        admin_password: hunter2
 68        idm_password: ^F&Vn7@mYGYGuxr$#qm^gGy@FVq=.w=y
 69        reva_password: z-%@fWipLliR8lD#fl.0teC#9QbhJ^eb
 70        idp_password: bv53IjS28x.nxth*%aRbE70%4TGNXbLU
 71    proxy:
 72      oidc:
 73        insecure: true
 74      insecure_backends: true
 75      service_account:
 76        service_account_id: df39a290-3f3e-4e39-b67b-8b810ca2abac
 77        service_account_secret: .demKypQ$=pGl+yRar!#YaFjLYCr4YwE
 78    frontend:
 79      app_handler:
 80        insecure: true
 81      archiver:
 82        insecure: true
 83      service_account:
 84        service_account_id: df39a290-3f3e-4e39-b67b-8b810ca2abac
 85        service_account_secret: .demKypQ$=pGl+yRar!#YaFjLYCr4YwE
 86    auth_basic:
 87      auth_providers:
 88        ldap:
 89          bind_password: z-%@fWipLliR8lD#fl.0teC#9QbhJ^eb
 90    auth_bearer:
 91      auth_providers:
 92        oidc:
 93          insecure: true
 94    users:
 95      drivers:
 96        ldap:
 97          bind_password: z-%@fWipLliR8lD#fl.0teC#9QbhJ^eb
 98    groups:
 99      drivers:
100        ldap:
101          bind_password: z-%@fWipLliR8lD#fl.0teC#9QbhJ^eb
102    ocdav:
103      insecure: true
104    ocm:
105      service_account:
106        service_account_id: df39a290-3f3e-4e39-b67b-8b810ca2abac
107        service_account_secret: .demKypQ$=pGl+yRar!#YaFjLYCr4YwE
108    thumbnails:
109      thumbnail:
110        transfer_secret: 2%11!zAu*AYE&=d*8dfoZs8jK&5ZMm*%
111        webdav_allow_insecure: true
112        cs3_allow_insecure: true
113    search:
114      events:
115        tls_insecure: true
116      service_account:
117        service_account_id: df39a290-3f3e-4e39-b67b-8b810ca2abac
118        service_account_secret: .demKypQ$=pGl+yRar!#YaFjLYCr4YwE
119    audit:
120      events:
121        tls_insecure: true
122    settings:
123      service_account_ids:
124      - df39a290-3f3e-4e39-b67b-8b810ca2abac
125    sharing:
126      events:
127        tls_insecure: true
128    storage_users:
129      events:
130        tls_insecure: true
131      mount_id: ef72cb8b-809c-4592-bfd2-1df603295205
132      service_account:
133        service_account_id: df39a290-3f3e-4e39-b67b-8b810ca2abac
134        service_account_secret: .demKypQ$=pGl+yRar!#YaFjLYCr4YwE
135    notifications:
136      notifications:
137        events:
138          tls_insecure: true
139      service_account:
140        service_account_id: df39a290-3f3e-4e39-b67b-8b810ca2abac
141        service_account_secret: .demKypQ$=pGl+yRar!#YaFjLYCr4YwE
142    nats:
143      nats:
144        tls_skip_verify_client_cert: true
145    gateway:
146      storage_registry:
147        storage_users_mount_id: ef72cb8b-809c-4592-bfd2-1df603295205
148    userlog:
149      service_account:
150        service_account_id: df39a290-3f3e-4e39-b67b-8b810ca2abac
151        service_account_secret: .demKypQ$=pGl+yRar!#YaFjLYCr4YwE
152    auth_service:
153      service_account:
154        service_account_id: df39a290-3f3e-4e39-b67b-8b810ca2abac
155        service_account_secret: .demKypQ$=pGl+yRar!#YaFjLYCr4YwE
156    clientlog:
157      service_account:
158        service_account_id: df39a290-3f3e-4e39-b67b-8b810ca2abac
159        service_account_secret: .demKypQ$=pGl+yRar!#YaFjLYCr4YwE'';
160in
161
162{
163  name = "ocis";
164
165  meta.maintainers = with lib.maintainers; [
166    bhankas
167    ramblurr
168  ];
169
170  nodes.machine =
171    { config, ... }:
172    {
173      virtualisation.memorySize = 2048;
174      environment.systemPackages = [
175        pkgs.firefox-unwrapped
176        pkgs.geckodriver
177        testRunner
178      ];
179
180      # if you do this in production, dont put secrets in this file because it will be written to the world readable nix store
181      environment.etc."ocis/ocis.env".text = ''
182        ADMIN_PASSWORD=${adminPassword}
183        IDM_CREATE_DEMO_USERS=true
184      '';
185
186      # if you do this in production, dont put secrets in this file because it will be written to the world readable nix store
187      environment.etc."ocis/config/ocis.yaml".text = testConfig;
188
189      services.ocis = {
190        enable = true;
191        configDir = "/etc/ocis/config";
192        environment = {
193          OCIS_INSECURE = "true";
194        };
195        environmentFile = "/etc/ocis/ocis.env";
196      };
197    };
198
199  testScript = ''
200    start_all()
201    machine.wait_for_unit("ocis.service")
202    machine.wait_for_open_port(9200)
203    # wait for ocis to fully come up
204    machine.sleep(5)
205
206    with subtest("ocis bin works"):
207        machine.succeed("${lib.getExe pkgs.ocis_5-bin} version")
208
209    with subtest("use the web interface to log in with a demo user"):
210        machine.succeed("PYTHONUNBUFFERED=1 systemd-cat -t test-runner test-runner ${demoUser} ${demoPassword}")
211
212    with subtest("use the web interface to log in with the provisioned admin user"):
213        machine.succeed("PYTHONUNBUFFERED=1 systemd-cat -t test-runner test-runner ${adminUser} ${adminPassword}")
214  '';
215}