mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
Better integrate Docker related commands in authelia-scripts.
This commit is contained in:
parent
a56e5adc42
commit
38271e3335
|
@ -35,7 +35,7 @@ before_script:
|
|||
script:
|
||||
- "./scripts/authelia-scripts travis"
|
||||
after_success:
|
||||
- "./scripts/authelia-scripts publish-docker"
|
||||
- "./scripts/authelia-scripts docker publish"
|
||||
|
||||
deploy:
|
||||
provider: npm
|
||||
|
|
|
@ -14,8 +14,7 @@ program
|
|||
|
||||
.command('travis', 'Build and test Authelia on Travis.')
|
||||
.command('hash-password <password>', 'Hash a password with SSHA512.')
|
||||
.command('build-docker', 'Build Docker image containing production version of Authelia.')
|
||||
.command('publish-docker', 'Publish Docker image containing production version of Authelia to Dockerhub.')
|
||||
.command('docker', 'Docker related commands.')
|
||||
.parse(process.argv);
|
||||
|
||||
|
||||
|
|
|
@ -1,3 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
docker build -t clems4ever/authelia .
|
8
scripts/authelia-scripts-docker
Executable file
8
scripts/authelia-scripts-docker
Executable file
|
@ -0,0 +1,8 @@
|
|||
#!/usr/bin/env node
|
||||
|
||||
var program = require('commander');
|
||||
|
||||
program
|
||||
.command('build', 'Build docker image clems4ever/authelia.')
|
||||
.command('publish', 'Publish image clems4ever/authelia to Dockerhub.')
|
||||
.parse(process.argv);
|
10
scripts/authelia-scripts-docker-build
Executable file
10
scripts/authelia-scripts-docker-build
Executable file
|
@ -0,0 +1,10 @@
|
|||
#!/usr/bin/env node
|
||||
|
||||
var { exec } = require('./utils/exec');
|
||||
var { IMAGE_NAME } = require('./utils/docker');
|
||||
|
||||
async function main() {
|
||||
await exec(`docker build -t ${IMAGE_NAME} .`);
|
||||
}
|
||||
|
||||
main();
|
|
@ -21,7 +21,6 @@ function deploy_on_dockerhub {
|
|||
echo "==========================================================="
|
||||
echo "Docker image $IMAGE_WITH_TAG will be deployed on Dockerhub."
|
||||
echo "==========================================================="
|
||||
docker build -t $IMAGE_NAME .
|
||||
docker tag $IMAGE_NAME $IMAGE_WITH_TAG;
|
||||
docker push $IMAGE_WITH_TAG;
|
||||
echo "Docker image deployed successfully."
|
|
@ -9,10 +9,9 @@ program
|
|||
.option('--headless', 'Run in headless mode.')
|
||||
.parse(process.argv);
|
||||
|
||||
let suite;
|
||||
let withServer = false;
|
||||
let args = [];
|
||||
const ENVIRONMENT_FILENAME = '.suite';
|
||||
const ENVIRONMENT_FILENAME = '.suite'; // This file is created by the start command.
|
||||
|
||||
if (fs.existsSync(ENVIRONMENT_FILENAME)) {
|
||||
const suite = fs.readFileSync(ENVIRONMENT_FILENAME);
|
||||
|
|
|
@ -15,6 +15,9 @@ authelia-scripts build
|
|||
# Run unit tests
|
||||
authelia-scripts unittest
|
||||
|
||||
# Build the docker image
|
||||
authelia-scripts docker build
|
||||
|
||||
# Run integration tests
|
||||
authelia-scripts test --headless test/suites/**/*.ts
|
||||
|
||||
|
|
|
@ -1,14 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
set -e
|
||||
|
||||
docker-compose \
|
||||
-f docker-compose.yml \
|
||||
-f example/compose/docker-compose.base.yml \
|
||||
-f example/compose/mongo/docker-compose.yml \
|
||||
-f example/compose/redis/docker-compose.yml \
|
||||
-f example/compose/nginx/backend/docker-compose.yml \
|
||||
-f example/compose/nginx/portal/docker-compose.yml \
|
||||
-f example/compose/smtp/docker-compose.yml \
|
||||
-f example/compose/httpbin/docker-compose.yml \
|
||||
-f example/compose/ldap/docker-compose.yml $*
|
|
@ -1,6 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
DC_SCRIPT=./scripts/example-commit/dc-example.sh
|
||||
|
||||
$DC_SCRIPT build
|
||||
$DC_SCRIPT up -d httpbin mongo redis openldap authelia smtp nginx-portal nginx-backend
|
|
@ -1,5 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
DC_SCRIPT=./scripts/example-commit/dc-example.sh
|
||||
|
||||
$DC_SCRIPT down
|
5
scripts/utils/docker.js
Normal file
5
scripts/utils/docker.js
Normal file
|
@ -0,0 +1,5 @@
|
|||
|
||||
|
||||
module.exports = {
|
||||
IMAGE_NAME: 'clems4ever/authelia'
|
||||
}
|
21
scripts/utils/exec.js
Normal file
21
scripts/utils/exec.js
Normal file
|
@ -0,0 +1,21 @@
|
|||
var spawn = require('child_process').spawn;
|
||||
|
||||
function exec(cmd) {
|
||||
return new Promise((resolve, reject) => {
|
||||
const command = spawn(cmd, {
|
||||
shell: true
|
||||
});
|
||||
command.stdout.pipe(process.stdout);
|
||||
command.stderr.pipe(process.stderr);
|
||||
|
||||
command.on('exit', function(statusCode) {
|
||||
if (statusCode != 0) {
|
||||
reject(new Error('Exited with status ' + statusCode));
|
||||
return;
|
||||
}
|
||||
resolve();
|
||||
})
|
||||
})
|
||||
}
|
||||
|
||||
module.exports = { exec }
|
|
@ -8,6 +8,10 @@ import BasicAuthentication from "./scenarii/BasicAuthentication";
|
|||
import AutheliaRestart from "./scenarii/AutheliaRestart";
|
||||
import AuthenticationRegulation from "./scenarii/AuthenticationRegulation";
|
||||
|
||||
before(function() {
|
||||
|
||||
});
|
||||
|
||||
AutheliaSuite('Complete configuration', __dirname + '/config.yml', function() {
|
||||
this.timeout(10000);
|
||||
|
||||
|
|
110
test/suites/docker/config.yml
Normal file
110
test/suites/docker/config.yml
Normal file
|
@ -0,0 +1,110 @@
|
|||
###############################################################
|
||||
# Authelia minimal configuration #
|
||||
###############################################################
|
||||
|
||||
port: 9091
|
||||
|
||||
logs_level: debug
|
||||
|
||||
default_redirection_url: https://home.example.com:8080/
|
||||
|
||||
authentication_backend:
|
||||
file:
|
||||
path: ./users_database.yml
|
||||
|
||||
session:
|
||||
secret: unsecure_session_secret
|
||||
domain: example.com
|
||||
inactivity: 5000
|
||||
expiration: 8000
|
||||
|
||||
# Configuration of the storage backend used to store data and secrets. i.e. totp data
|
||||
storage:
|
||||
local:
|
||||
path: /tmp/authelia/db
|
||||
|
||||
# TOTP Issuer Name
|
||||
#
|
||||
# This will be the issuer name displayed in Google Authenticator
|
||||
# See: https://github.com/google/google-authenticator/wiki/Key-Uri-Format for more info on issuer names
|
||||
totp:
|
||||
issuer: example.com
|
||||
|
||||
# Access Control
|
||||
#
|
||||
# Access control is a set of rules you can use to restrict user access to certain
|
||||
# resources.
|
||||
access_control:
|
||||
# Default policy can either be `bypass`, `one_factor`, `two_factor` or `deny`.
|
||||
default_policy: deny
|
||||
|
||||
rules:
|
||||
- domain: single_factor.example.com
|
||||
policy: one_factor
|
||||
|
||||
- domain: '*.example.com'
|
||||
subject: "group:admins"
|
||||
policy: two_factor
|
||||
|
||||
- domain: dev.example.com
|
||||
resources:
|
||||
- '^/users/john/.*$'
|
||||
subject: "user:john"
|
||||
policy: two_factor
|
||||
|
||||
- domain: dev.example.com
|
||||
resources:
|
||||
- '^/users/harry/.*$'
|
||||
subject: "user:harry"
|
||||
policy: two_factor
|
||||
|
||||
- domain: '*.mail.example.com'
|
||||
subject: "user:bob"
|
||||
policy: two_factor
|
||||
|
||||
- domain: dev.example.com
|
||||
resources:
|
||||
- '^/users/bob/.*$'
|
||||
subject: "user:bob"
|
||||
policy: two_factor
|
||||
|
||||
|
||||
# Configuration of the authentication regulation mechanism.
|
||||
regulation:
|
||||
# Set it to 0 to disable max_retries.
|
||||
max_retries: 3
|
||||
|
||||
# The user is banned if the authenticaction failed `max_retries` times in a `find_time` seconds window.
|
||||
find_time: 10
|
||||
|
||||
# The length of time before a banned user can login again.
|
||||
ban_time: 5
|
||||
|
||||
# Default redirection URL
|
||||
#
|
||||
# Note: this parameter is optional. If not provided, user won't
|
||||
# be redirected upon successful authentication.
|
||||
#default_redirection_url: https://authelia.example.domain
|
||||
|
||||
notifier:
|
||||
# For testing purpose, notifications can be sent in a file
|
||||
# filesystem:
|
||||
# filename: /tmp/authelia/notification.txt
|
||||
|
||||
# Use your email account to send the notifications. You can use an app password.
|
||||
# List of valid services can be found here: https://nodemailer.com/smtp/well-known/
|
||||
## email:
|
||||
## username: user@example.com
|
||||
## password: yourpassword
|
||||
## sender: admin@example.com
|
||||
## service: gmail
|
||||
|
||||
# Use a SMTP server for sending notifications
|
||||
smtp:
|
||||
username: test
|
||||
password: password
|
||||
secure: false
|
||||
host: 127.0.0.1
|
||||
port: 1025
|
||||
sender: admin@example.com
|
||||
|
27
test/suites/docker/index.ts
Normal file
27
test/suites/docker/index.ts
Normal file
|
@ -0,0 +1,27 @@
|
|||
import ChildProcess from 'child_process';
|
||||
import Bluebird from 'bluebird';
|
||||
import Assert from 'assert';
|
||||
|
||||
const execAsync = Bluebird.promisify<string, string>(ChildProcess.exec);
|
||||
|
||||
function sleep(ms: number) {
|
||||
return new Promise(resolve => setTimeout(resolve, ms));
|
||||
}
|
||||
|
||||
describe('Test docker container can run', function() {
|
||||
this.timeout(15000);
|
||||
|
||||
before(async function() {
|
||||
await execAsync('docker run -d -v $(pwd)/config.yml:/etc/authelia/config.yml --name authelia-test clems4ever/authelia');
|
||||
});
|
||||
|
||||
after(async function() {
|
||||
await execAsync('docker rm -f authelia-test');
|
||||
});
|
||||
|
||||
it('should be running', async function() {
|
||||
await sleep(5000);
|
||||
const output: string = await execAsync('docker ps -a | grep "authelia-test"');
|
||||
Assert(output.match(new RegExp('Up [0-9] seconds')));
|
||||
});
|
||||
});
|
Loading…
Reference in New Issue
Block a user