vuls: init at 0.27.0
[NixPkgs.git] / nixos / tests / ocis.nix
blob35461e2467490498d4a001121531df0b211310fd
1 import ./make-test-python.nix (
2   { lib, pkgs, ... }:
4   let
5     # this is a demo user created by IDM_CREATE_DEMO_USERS=true
6     demoUser = "einstein";
7     demoPassword = "relativity";
9     adminUser = "admin";
10     adminPassword = "hunter2";
11     testRunner =
12       pkgs.writers.writePython3Bin "test-runner"
13         {
14           libraries = [ pkgs.python3Packages.selenium ];
15           flakeIgnore = [ "E501" ];
16         }
17         ''
18           import sys
19           from selenium.webdriver.common.by import By
20           from selenium.webdriver import Firefox
21           from selenium.webdriver.firefox.options import Options
22           from selenium.webdriver.support.ui import WebDriverWait
23           from selenium.webdriver.support import expected_conditions as EC
25           options = Options()
26           options.add_argument('--headless')
27           driver = Firefox(options=options)
29           user = sys.argv[1]
30           password = sys.argv[2]
31           driver.implicitly_wait(20)
32           driver.get('https://localhost:9200/login')
33           wait = WebDriverWait(driver, 10)
34           wait.until(EC.title_contains("Sign in"))
35           driver.find_element(By.XPATH, '//*[@id="oc-login-username"]').send_keys(user)
36           driver.find_element(By.XPATH, '//*[@id="oc-login-password"]').send_keys(password)
37           driver.find_element(By.XPATH, '//*[@id="root"]//button').click()
38           wait.until(EC.title_contains("Personal"))
39         '';
41     # This was generated with `ocis init --config-path testconfig/ --admin-password "hunter2" --insecure true`.
42     testConfig = ''
43       token_manager:
44         jwt_secret: kaKYgfso*d9GA-yTM.&BTOUEuMz%Ai0H
45       machine_auth_api_key: sGWRG1JZ&qe&pe@N1HKK4#qH*B&@xLnO
46       system_user_api_key: h+m4aHPUtOtUJFKrc5B2=04C=7fDZaT-
47       transfer_secret: 4-R6AfUjQn0P&+h2+$skf0lJqmre$j=x
48       system_user_id: db180e0a-b38a-4edf-a4cd-a3d358248537
49       admin_user_id: ea623f50-742d-4fd0-95bb-c61767b070d4
50       graph:
51         application:
52           id: 11971eab-d560-4b95-a2d4-50726676bbd0
53         events:
54           tls_insecure: true
55         spaces:
56           insecure: true
57         identity:
58           ldap:
59             bind_password: ^F&Vn7@mYGYGuxr$#qm^gGy@FVq=.w=y
60         service_account:
61           service_account_id: df39a290-3f3e-4e39-b67b-8b810ca2abac
62           service_account_secret: .demKypQ$=pGl+yRar!#YaFjLYCr4YwE
63       idp:
64         ldap:
65           bind_password: bv53IjS28x.nxth*%aRbE70%4TGNXbLU
66       idm:
67         service_user_passwords:
68           admin_password: hunter2
69           idm_password: ^F&Vn7@mYGYGuxr$#qm^gGy@FVq=.w=y
70           reva_password: z-%@fWipLliR8lD#fl.0teC#9QbhJ^eb
71           idp_password: bv53IjS28x.nxth*%aRbE70%4TGNXbLU
72       proxy:
73         oidc:
74           insecure: true
75         insecure_backends: true
76         service_account:
77           service_account_id: df39a290-3f3e-4e39-b67b-8b810ca2abac
78           service_account_secret: .demKypQ$=pGl+yRar!#YaFjLYCr4YwE
79       frontend:
80         app_handler:
81           insecure: true
82         archiver:
83           insecure: true
84         service_account:
85           service_account_id: df39a290-3f3e-4e39-b67b-8b810ca2abac
86           service_account_secret: .demKypQ$=pGl+yRar!#YaFjLYCr4YwE
87       auth_basic:
88         auth_providers:
89           ldap:
90             bind_password: z-%@fWipLliR8lD#fl.0teC#9QbhJ^eb
91       auth_bearer:
92         auth_providers:
93           oidc:
94             insecure: true
95       users:
96         drivers:
97           ldap:
98             bind_password: z-%@fWipLliR8lD#fl.0teC#9QbhJ^eb
99       groups:
100         drivers:
101           ldap:
102             bind_password: z-%@fWipLliR8lD#fl.0teC#9QbhJ^eb
103       ocdav:
104         insecure: true
105       ocm:
106         service_account:
107           service_account_id: df39a290-3f3e-4e39-b67b-8b810ca2abac
108           service_account_secret: .demKypQ$=pGl+yRar!#YaFjLYCr4YwE
109       thumbnails:
110         thumbnail:
111           transfer_secret: 2%11!zAu*AYE&=d*8dfoZs8jK&5ZMm*%
112           webdav_allow_insecure: true
113           cs3_allow_insecure: true
114       search:
115         events:
116           tls_insecure: true
117         service_account:
118           service_account_id: df39a290-3f3e-4e39-b67b-8b810ca2abac
119           service_account_secret: .demKypQ$=pGl+yRar!#YaFjLYCr4YwE
120       audit:
121         events:
122           tls_insecure: true
123       settings:
124         service_account_ids:
125         - df39a290-3f3e-4e39-b67b-8b810ca2abac
126       sharing:
127         events:
128           tls_insecure: true
129       storage_users:
130         events:
131           tls_insecure: true
132         mount_id: ef72cb8b-809c-4592-bfd2-1df603295205
133         service_account:
134           service_account_id: df39a290-3f3e-4e39-b67b-8b810ca2abac
135           service_account_secret: .demKypQ$=pGl+yRar!#YaFjLYCr4YwE
136       notifications:
137         notifications:
138           events:
139             tls_insecure: true
140         service_account:
141           service_account_id: df39a290-3f3e-4e39-b67b-8b810ca2abac
142           service_account_secret: .demKypQ$=pGl+yRar!#YaFjLYCr4YwE
143       nats:
144         nats:
145           tls_skip_verify_client_cert: true
146       gateway:
147         storage_registry:
148           storage_users_mount_id: ef72cb8b-809c-4592-bfd2-1df603295205
149       userlog:
150         service_account:
151           service_account_id: df39a290-3f3e-4e39-b67b-8b810ca2abac
152           service_account_secret: .demKypQ$=pGl+yRar!#YaFjLYCr4YwE
153       auth_service:
154         service_account:
155           service_account_id: df39a290-3f3e-4e39-b67b-8b810ca2abac
156           service_account_secret: .demKypQ$=pGl+yRar!#YaFjLYCr4YwE
157       clientlog:
158         service_account:
159           service_account_id: df39a290-3f3e-4e39-b67b-8b810ca2abac
160           service_account_secret: .demKypQ$=pGl+yRar!#YaFjLYCr4YwE'';
161   in
163   {
164     name = "ocis";
166     meta.maintainers = with lib.maintainers; [
167       bhankas
168       ramblurr
169     ];
171     nodes.machine =
172       { config, ... }:
173       {
174         virtualisation.memorySize = 2048;
175         environment.systemPackages = [
176           pkgs.firefox-unwrapped
177           pkgs.geckodriver
178           testRunner
179         ];
181         # if you do this in production, dont put secrets in this file because it will be written to the world readable nix store
182         environment.etc."ocis/ocis.env".text = ''
183           ADMIN_PASSWORD=${adminPassword}
184           IDM_CREATE_DEMO_USERS=true
185         '';
187         # if you do this in production, dont put secrets in this file because it will be written to the world readable nix store
188         environment.etc."ocis/config/ocis.yaml".text = testConfig;
190         services.ocis = {
191           enable = true;
192           configDir = "/etc/ocis/config";
193           environment = {
194             OCIS_INSECURE = "true";
195           };
196           environmentFile = "/etc/ocis/ocis.env";
197         };
198       };
200     testScript = ''
201       start_all()
202       machine.wait_for_unit("ocis.service")
203       machine.wait_for_open_port(9200)
204       # wait for ocis to fully come up
205       machine.sleep(5)
207       with subtest("ocis bin works"):
208           machine.succeed("${lib.getExe pkgs.ocis-bin} version")
210       with subtest("use the web interface to log in with a demo user"):
211           machine.succeed("PYTHONUNBUFFERED=1 systemd-cat -t test-runner test-runner ${demoUser} ${demoPassword}")
213       with subtest("use the web interface to log in with the provisioned admin user"):
214           machine.succeed("PYTHONUNBUFFERED=1 systemd-cat -t test-runner test-runner ${adminUser} ${adminPassword}")
215     '';
216   }