From 38271e33351ffab38d7ffb91d8c19638e88759fb Mon Sep 17 00:00:00 2001 From: Clement Michaud Date: Fri, 1 Mar 2019 22:52:01 +0100 Subject: [PATCH] Better integrate Docker related commands in authelia-scripts. --- .travis.yml | 2 +- scripts/authelia-scripts | 3 +- scripts/authelia-scripts-build-docker | 3 - scripts/authelia-scripts-docker | 8 ++ scripts/authelia-scripts-docker-build | 10 ++ ...docker => authelia-scripts-docker-publish} | 1 - scripts/authelia-scripts-test | 3 +- scripts/authelia-scripts-travis | 3 + scripts/example-commit/dc-example.sh | 14 --- scripts/example-commit/deploy-example.sh | 6 - scripts/example-commit/undeploy-example.sh | 5 - scripts/utils/docker.js | 5 + scripts/utils/exec.js | 21 ++++ test/suites/complete/index.ts | 4 + test/suites/docker/config.yml | 110 ++++++++++++++++++ test/suites/docker/index.ts | 27 +++++ 16 files changed, 191 insertions(+), 34 deletions(-) delete mode 100755 scripts/authelia-scripts-build-docker create mode 100755 scripts/authelia-scripts-docker create mode 100755 scripts/authelia-scripts-docker-build rename scripts/{authelia-scripts-publish-docker => authelia-scripts-docker-publish} (97%) delete mode 100755 scripts/example-commit/dc-example.sh delete mode 100755 scripts/example-commit/deploy-example.sh delete mode 100755 scripts/example-commit/undeploy-example.sh create mode 100644 scripts/utils/docker.js create mode 100644 scripts/utils/exec.js create mode 100644 test/suites/docker/config.yml create mode 100644 test/suites/docker/index.ts diff --git a/.travis.yml b/.travis.yml index e5380870..f71f06bc 100644 --- a/.travis.yml +++ b/.travis.yml @@ -35,7 +35,7 @@ before_script: script: - "./scripts/authelia-scripts travis" after_success: -- "./scripts/authelia-scripts publish-docker" +- "./scripts/authelia-scripts docker publish" deploy: provider: npm diff --git a/scripts/authelia-scripts b/scripts/authelia-scripts index b6d8ad0f..a5222c7c 100755 --- a/scripts/authelia-scripts +++ b/scripts/authelia-scripts @@ -14,8 +14,7 @@ program .command('travis', 'Build and test Authelia on Travis.') .command('hash-password ', 'Hash a password with SSHA512.') - .command('build-docker', 'Build Docker image containing production version of Authelia.') - .command('publish-docker', 'Publish Docker image containing production version of Authelia to Dockerhub.') + .command('docker', 'Docker related commands.') .parse(process.argv); diff --git a/scripts/authelia-scripts-build-docker b/scripts/authelia-scripts-build-docker deleted file mode 100755 index ee177144..00000000 --- a/scripts/authelia-scripts-build-docker +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash - -docker build -t clems4ever/authelia . diff --git a/scripts/authelia-scripts-docker b/scripts/authelia-scripts-docker new file mode 100755 index 00000000..e7d71573 --- /dev/null +++ b/scripts/authelia-scripts-docker @@ -0,0 +1,8 @@ +#!/usr/bin/env node + +var program = require('commander'); + +program + .command('build', 'Build docker image clems4ever/authelia.') + .command('publish', 'Publish image clems4ever/authelia to Dockerhub.') + .parse(process.argv); diff --git a/scripts/authelia-scripts-docker-build b/scripts/authelia-scripts-docker-build new file mode 100755 index 00000000..0845eb85 --- /dev/null +++ b/scripts/authelia-scripts-docker-build @@ -0,0 +1,10 @@ +#!/usr/bin/env node + +var { exec } = require('./utils/exec'); +var { IMAGE_NAME } = require('./utils/docker'); + +async function main() { + await exec(`docker build -t ${IMAGE_NAME} .`); +} + +main(); \ No newline at end of file diff --git a/scripts/authelia-scripts-publish-docker b/scripts/authelia-scripts-docker-publish similarity index 97% rename from scripts/authelia-scripts-publish-docker rename to scripts/authelia-scripts-docker-publish index 0e6bb76b..81c14419 100755 --- a/scripts/authelia-scripts-publish-docker +++ b/scripts/authelia-scripts-docker-publish @@ -21,7 +21,6 @@ function deploy_on_dockerhub { echo "===========================================================" echo "Docker image $IMAGE_WITH_TAG will be deployed on Dockerhub." echo "===========================================================" - docker build -t $IMAGE_NAME . docker tag $IMAGE_NAME $IMAGE_WITH_TAG; docker push $IMAGE_WITH_TAG; echo "Docker image deployed successfully." diff --git a/scripts/authelia-scripts-test b/scripts/authelia-scripts-test index 1df64e9a..e7d19b3d 100755 --- a/scripts/authelia-scripts-test +++ b/scripts/authelia-scripts-test @@ -9,10 +9,9 @@ program .option('--headless', 'Run in headless mode.') .parse(process.argv); -let suite; let withServer = false; let args = []; -const ENVIRONMENT_FILENAME = '.suite'; +const ENVIRONMENT_FILENAME = '.suite'; // This file is created by the start command. if (fs.existsSync(ENVIRONMENT_FILENAME)) { const suite = fs.readFileSync(ENVIRONMENT_FILENAME); diff --git a/scripts/authelia-scripts-travis b/scripts/authelia-scripts-travis index b4747a68..8b7ce276 100755 --- a/scripts/authelia-scripts-travis +++ b/scripts/authelia-scripts-travis @@ -15,6 +15,9 @@ authelia-scripts build # Run unit tests authelia-scripts unittest +# Build the docker image +authelia-scripts docker build + # Run integration tests authelia-scripts test --headless test/suites/**/*.ts diff --git a/scripts/example-commit/dc-example.sh b/scripts/example-commit/dc-example.sh deleted file mode 100755 index 0f9e3840..00000000 --- a/scripts/example-commit/dc-example.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/bash - -set -e - -docker-compose \ - -f docker-compose.yml \ - -f example/compose/docker-compose.base.yml \ - -f example/compose/mongo/docker-compose.yml \ - -f example/compose/redis/docker-compose.yml \ - -f example/compose/nginx/backend/docker-compose.yml \ - -f example/compose/nginx/portal/docker-compose.yml \ - -f example/compose/smtp/docker-compose.yml \ - -f example/compose/httpbin/docker-compose.yml \ - -f example/compose/ldap/docker-compose.yml $* diff --git a/scripts/example-commit/deploy-example.sh b/scripts/example-commit/deploy-example.sh deleted file mode 100755 index 4bd228ff..00000000 --- a/scripts/example-commit/deploy-example.sh +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/bash - -DC_SCRIPT=./scripts/example-commit/dc-example.sh - -$DC_SCRIPT build -$DC_SCRIPT up -d httpbin mongo redis openldap authelia smtp nginx-portal nginx-backend diff --git a/scripts/example-commit/undeploy-example.sh b/scripts/example-commit/undeploy-example.sh deleted file mode 100755 index 3ef607fe..00000000 --- a/scripts/example-commit/undeploy-example.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash - -DC_SCRIPT=./scripts/example-commit/dc-example.sh - -$DC_SCRIPT down diff --git a/scripts/utils/docker.js b/scripts/utils/docker.js new file mode 100644 index 00000000..5d78bbe3 --- /dev/null +++ b/scripts/utils/docker.js @@ -0,0 +1,5 @@ + + +module.exports = { + IMAGE_NAME: 'clems4ever/authelia' +} \ No newline at end of file diff --git a/scripts/utils/exec.js b/scripts/utils/exec.js new file mode 100644 index 00000000..82cdec72 --- /dev/null +++ b/scripts/utils/exec.js @@ -0,0 +1,21 @@ +var spawn = require('child_process').spawn; + +function exec(cmd) { + return new Promise((resolve, reject) => { + const command = spawn(cmd, { + shell: true + }); + command.stdout.pipe(process.stdout); + command.stderr.pipe(process.stderr); + + command.on('exit', function(statusCode) { + if (statusCode != 0) { + reject(new Error('Exited with status ' + statusCode)); + return; + } + resolve(); + }) + }) +} + +module.exports = { exec } \ No newline at end of file diff --git a/test/suites/complete/index.ts b/test/suites/complete/index.ts index ca73046d..f11886b3 100644 --- a/test/suites/complete/index.ts +++ b/test/suites/complete/index.ts @@ -8,6 +8,10 @@ import BasicAuthentication from "./scenarii/BasicAuthentication"; import AutheliaRestart from "./scenarii/AutheliaRestart"; import AuthenticationRegulation from "./scenarii/AuthenticationRegulation"; +before(function() { + +}); + AutheliaSuite('Complete configuration', __dirname + '/config.yml', function() { this.timeout(10000); diff --git a/test/suites/docker/config.yml b/test/suites/docker/config.yml new file mode 100644 index 00000000..7920a409 --- /dev/null +++ b/test/suites/docker/config.yml @@ -0,0 +1,110 @@ +############################################################### +# Authelia minimal configuration # +############################################################### + +port: 9091 + +logs_level: debug + +default_redirection_url: https://home.example.com:8080/ + +authentication_backend: + file: + path: ./users_database.yml + +session: + secret: unsecure_session_secret + domain: example.com + inactivity: 5000 + expiration: 8000 + +# Configuration of the storage backend used to store data and secrets. i.e. totp data +storage: + local: + path: /tmp/authelia/db + +# TOTP Issuer Name +# +# This will be the issuer name displayed in Google Authenticator +# See: https://github.com/google/google-authenticator/wiki/Key-Uri-Format for more info on issuer names +totp: + issuer: example.com + +# Access Control +# +# Access control is a set of rules you can use to restrict user access to certain +# resources. +access_control: + # Default policy can either be `bypass`, `one_factor`, `two_factor` or `deny`. + default_policy: deny + + rules: + - domain: single_factor.example.com + policy: one_factor + + - domain: '*.example.com' + subject: "group:admins" + policy: two_factor + + - domain: dev.example.com + resources: + - '^/users/john/.*$' + subject: "user:john" + policy: two_factor + + - domain: dev.example.com + resources: + - '^/users/harry/.*$' + subject: "user:harry" + policy: two_factor + + - domain: '*.mail.example.com' + subject: "user:bob" + policy: two_factor + + - domain: dev.example.com + resources: + - '^/users/bob/.*$' + subject: "user:bob" + policy: two_factor + + +# Configuration of the authentication regulation mechanism. +regulation: + # Set it to 0 to disable max_retries. + max_retries: 3 + + # The user is banned if the authenticaction failed `max_retries` times in a `find_time` seconds window. + find_time: 10 + + # The length of time before a banned user can login again. + ban_time: 5 + +# Default redirection URL +# +# Note: this parameter is optional. If not provided, user won't +# be redirected upon successful authentication. +#default_redirection_url: https://authelia.example.domain + +notifier: + # For testing purpose, notifications can be sent in a file + # filesystem: + # filename: /tmp/authelia/notification.txt + + # Use your email account to send the notifications. You can use an app password. + # List of valid services can be found here: https://nodemailer.com/smtp/well-known/ + ## email: + ## username: user@example.com + ## password: yourpassword + ## sender: admin@example.com + ## service: gmail + + # Use a SMTP server for sending notifications + smtp: + username: test + password: password + secure: false + host: 127.0.0.1 + port: 1025 + sender: admin@example.com + diff --git a/test/suites/docker/index.ts b/test/suites/docker/index.ts new file mode 100644 index 00000000..4e48c931 --- /dev/null +++ b/test/suites/docker/index.ts @@ -0,0 +1,27 @@ +import ChildProcess from 'child_process'; +import Bluebird from 'bluebird'; +import Assert from 'assert'; + +const execAsync = Bluebird.promisify(ChildProcess.exec); + +function sleep(ms: number) { + return new Promise(resolve => setTimeout(resolve, ms)); +} + +describe('Test docker container can run', function() { + this.timeout(15000); + + before(async function() { + await execAsync('docker run -d -v $(pwd)/config.yml:/etc/authelia/config.yml --name authelia-test clems4ever/authelia'); + }); + + after(async function() { + await execAsync('docker rm -f authelia-test'); + }); + + it('should be running', async function() { + await sleep(5000); + const output: string = await execAsync('docker ps -a | grep "authelia-test"'); + Assert(output.match(new RegExp('Up [0-9] seconds'))); + }); +}); \ No newline at end of file