about summary refs log tree commit diff
path: root/nixpkgs/nixos/tests/ocis.nix
diff options
context:
space:
mode:
Diffstat (limited to 'nixpkgs/nixos/tests/ocis.nix')
-rw-r--r--nixpkgs/nixos/tests/ocis.nix217
1 files changed, 217 insertions, 0 deletions
diff --git a/nixpkgs/nixos/tests/ocis.nix b/nixpkgs/nixos/tests/ocis.nix
new file mode 100644
index 000000000000..35461e246749
--- /dev/null
+++ b/nixpkgs/nixos/tests/ocis.nix
@@ -0,0 +1,217 @@
+import ./make-test-python.nix (
+  { lib, pkgs, ... }:
+
+  let
+    # this is a demo user created by IDM_CREATE_DEMO_USERS=true
+    demoUser = "einstein";
+    demoPassword = "relativity";
+
+    adminUser = "admin";
+    adminPassword = "hunter2";
+    testRunner =
+      pkgs.writers.writePython3Bin "test-runner"
+        {
+          libraries = [ pkgs.python3Packages.selenium ];
+          flakeIgnore = [ "E501" ];
+        }
+        ''
+          import sys
+          from selenium.webdriver.common.by import By
+          from selenium.webdriver import Firefox
+          from selenium.webdriver.firefox.options import Options
+          from selenium.webdriver.support.ui import WebDriverWait
+          from selenium.webdriver.support import expected_conditions as EC
+
+          options = Options()
+          options.add_argument('--headless')
+          driver = Firefox(options=options)
+
+          user = sys.argv[1]
+          password = sys.argv[2]
+          driver.implicitly_wait(20)
+          driver.get('https://localhost:9200/login')
+          wait = WebDriverWait(driver, 10)
+          wait.until(EC.title_contains("Sign in"))
+          driver.find_element(By.XPATH, '//*[@id="oc-login-username"]').send_keys(user)
+          driver.find_element(By.XPATH, '//*[@id="oc-login-password"]').send_keys(password)
+          driver.find_element(By.XPATH, '//*[@id="root"]//button').click()
+          wait.until(EC.title_contains("Personal"))
+        '';
+
+    # This was generated with `ocis init --config-path testconfig/ --admin-password "hunter2" --insecure true`.
+    testConfig = ''
+      token_manager:
+        jwt_secret: kaKYgfso*d9GA-yTM.&BTOUEuMz%Ai0H
+      machine_auth_api_key: sGWRG1JZ&qe&pe@N1HKK4#qH*B&@xLnO
+      system_user_api_key: h+m4aHPUtOtUJFKrc5B2=04C=7fDZaT-
+      transfer_secret: 4-R6AfUjQn0P&+h2+$skf0lJqmre$j=x
+      system_user_id: db180e0a-b38a-4edf-a4cd-a3d358248537
+      admin_user_id: ea623f50-742d-4fd0-95bb-c61767b070d4
+      graph:
+        application:
+          id: 11971eab-d560-4b95-a2d4-50726676bbd0
+        events:
+          tls_insecure: true
+        spaces:
+          insecure: true
+        identity:
+          ldap:
+            bind_password: ^F&Vn7@mYGYGuxr$#qm^gGy@FVq=.w=y
+        service_account:
+          service_account_id: df39a290-3f3e-4e39-b67b-8b810ca2abac
+          service_account_secret: .demKypQ$=pGl+yRar!#YaFjLYCr4YwE
+      idp:
+        ldap:
+          bind_password: bv53IjS28x.nxth*%aRbE70%4TGNXbLU
+      idm:
+        service_user_passwords:
+          admin_password: hunter2
+          idm_password: ^F&Vn7@mYGYGuxr$#qm^gGy@FVq=.w=y
+          reva_password: z-%@fWipLliR8lD#fl.0teC#9QbhJ^eb
+          idp_password: bv53IjS28x.nxth*%aRbE70%4TGNXbLU
+      proxy:
+        oidc:
+          insecure: true
+        insecure_backends: true
+        service_account:
+          service_account_id: df39a290-3f3e-4e39-b67b-8b810ca2abac
+          service_account_secret: .demKypQ$=pGl+yRar!#YaFjLYCr4YwE
+      frontend:
+        app_handler:
+          insecure: true
+        archiver:
+          insecure: true
+        service_account:
+          service_account_id: df39a290-3f3e-4e39-b67b-8b810ca2abac
+          service_account_secret: .demKypQ$=pGl+yRar!#YaFjLYCr4YwE
+      auth_basic:
+        auth_providers:
+          ldap:
+            bind_password: z-%@fWipLliR8lD#fl.0teC#9QbhJ^eb
+      auth_bearer:
+        auth_providers:
+          oidc:
+            insecure: true
+      users:
+        drivers:
+          ldap:
+            bind_password: z-%@fWipLliR8lD#fl.0teC#9QbhJ^eb
+      groups:
+        drivers:
+          ldap:
+            bind_password: z-%@fWipLliR8lD#fl.0teC#9QbhJ^eb
+      ocdav:
+        insecure: true
+      ocm:
+        service_account:
+          service_account_id: df39a290-3f3e-4e39-b67b-8b810ca2abac
+          service_account_secret: .demKypQ$=pGl+yRar!#YaFjLYCr4YwE
+      thumbnails:
+        thumbnail:
+          transfer_secret: 2%11!zAu*AYE&=d*8dfoZs8jK&5ZMm*%
+          webdav_allow_insecure: true
+          cs3_allow_insecure: true
+      search:
+        events:
+          tls_insecure: true
+        service_account:
+          service_account_id: df39a290-3f3e-4e39-b67b-8b810ca2abac
+          service_account_secret: .demKypQ$=pGl+yRar!#YaFjLYCr4YwE
+      audit:
+        events:
+          tls_insecure: true
+      settings:
+        service_account_ids:
+        - df39a290-3f3e-4e39-b67b-8b810ca2abac
+      sharing:
+        events:
+          tls_insecure: true
+      storage_users:
+        events:
+          tls_insecure: true
+        mount_id: ef72cb8b-809c-4592-bfd2-1df603295205
+        service_account:
+          service_account_id: df39a290-3f3e-4e39-b67b-8b810ca2abac
+          service_account_secret: .demKypQ$=pGl+yRar!#YaFjLYCr4YwE
+      notifications:
+        notifications:
+          events:
+            tls_insecure: true
+        service_account:
+          service_account_id: df39a290-3f3e-4e39-b67b-8b810ca2abac
+          service_account_secret: .demKypQ$=pGl+yRar!#YaFjLYCr4YwE
+      nats:
+        nats:
+          tls_skip_verify_client_cert: true
+      gateway:
+        storage_registry:
+          storage_users_mount_id: ef72cb8b-809c-4592-bfd2-1df603295205
+      userlog:
+        service_account:
+          service_account_id: df39a290-3f3e-4e39-b67b-8b810ca2abac
+          service_account_secret: .demKypQ$=pGl+yRar!#YaFjLYCr4YwE
+      auth_service:
+        service_account:
+          service_account_id: df39a290-3f3e-4e39-b67b-8b810ca2abac
+          service_account_secret: .demKypQ$=pGl+yRar!#YaFjLYCr4YwE
+      clientlog:
+        service_account:
+          service_account_id: df39a290-3f3e-4e39-b67b-8b810ca2abac
+          service_account_secret: .demKypQ$=pGl+yRar!#YaFjLYCr4YwE'';
+  in
+
+  {
+    name = "ocis";
+
+    meta.maintainers = with lib.maintainers; [
+      bhankas
+      ramblurr
+    ];
+
+    nodes.machine =
+      { config, ... }:
+      {
+        virtualisation.memorySize = 2048;
+        environment.systemPackages = [
+          pkgs.firefox-unwrapped
+          pkgs.geckodriver
+          testRunner
+        ];
+
+        # if you do this in production, dont put secrets in this file because it will be written to the world readable nix store
+        environment.etc."ocis/ocis.env".text = ''
+          ADMIN_PASSWORD=${adminPassword}
+          IDM_CREATE_DEMO_USERS=true
+        '';
+
+        # if you do this in production, dont put secrets in this file because it will be written to the world readable nix store
+        environment.etc."ocis/config/ocis.yaml".text = testConfig;
+
+        services.ocis = {
+          enable = true;
+          configDir = "/etc/ocis/config";
+          environment = {
+            OCIS_INSECURE = "true";
+          };
+          environmentFile = "/etc/ocis/ocis.env";
+        };
+      };
+
+    testScript = ''
+      start_all()
+      machine.wait_for_unit("ocis.service")
+      machine.wait_for_open_port(9200)
+      # wait for ocis to fully come up
+      machine.sleep(5)
+
+      with subtest("ocis bin works"):
+          machine.succeed("${lib.getExe pkgs.ocis-bin} version")
+
+      with subtest("use the web interface to log in with a demo user"):
+          machine.succeed("PYTHONUNBUFFERED=1 systemd-cat -t test-runner test-runner ${demoUser} ${demoPassword}")
+
+      with subtest("use the web interface to log in with the provisioned admin user"):
+          machine.succeed("PYTHONUNBUFFERED=1 systemd-cat -t test-runner test-runner ${adminUser} ${adminPassword}")
+    '';
+  }
+)
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-02 17:43:41 +0000