diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 8dfe3b7c..d8fd3c64 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -106,7 +106,14 @@ jobs: gotestsum --format short-verbose -- -count=1 -timeout 120s -parallel=1 -v -coverprofile=cover.out -coverpkg=github.com/aserto-dev/topaz/pkg/app/tests/manifest/... github.com/aserto-dev/topaz/pkg/app/tests/manifest/... gotestsum --format short-verbose -- -count=1 -timeout 120s -parallel=1 -v -coverprofile=cover.out -coverpkg=github.com/aserto-dev/topaz/pkg/app/tests/policy/... github.com/aserto-dev/topaz/pkg/app/tests/policy/... gotestsum --format short-verbose -- -count=1 -timeout 120s -parallel=1 -v -coverprofile=cover.out -coverpkg=github.com/aserto-dev/topaz/pkg/app/tests/query/... github.com/aserto-dev/topaz/pkg/app/tests/query/... - gotestsum --format short-verbose -- -count=1 -timeout 120s -parallel=1 -v -coverprofile=cover.out -coverpkg=github.com/aserto-dev/topaz/pkg/app/tests/template/... github.com/aserto-dev/topaz/pkg/app/tests/template/... + - + name: Templates Test + run: | + gotestsum --format short-verbose -- -count=1 -timeout 240s -parallel=1 -v -coverprofile=cover.out -coverpkg=github.com/aserto-dev/topaz/pkg/app/tests/template/... github.com/aserto-dev/topaz/pkg/app/tests/template/... + - + name: Templates Test (NoTLS) + run: | + gotestsum --format short-verbose -- -count=1 -timeout 120s -parallel=1 -v -coverprofile=cover.out -coverpkg=github.com/aserto-dev/topaz/pkg/app/tests/template-no-tls/... github.com/aserto-dev/topaz/pkg/app/tests/template-no-tls/... - name: Upload code coverage uses: shogo82148/actions-goveralls@v1 diff --git a/.gitignore b/.gitignore index 757c60e1..63f2bed6 100644 --- a/.gitignore +++ b/.gitignore @@ -14,20 +14,20 @@ # Dependency directories (remove the comment below to include it) # vendor/ /.dev/ -/.ext +/.ext/ /bin/ -/release/ -/test/ -.opa/ -/bundle/ /dist/ -/test/ +/dist-test/ # runtime directories /cfg/ /eds/ +# OPA related +.opa/ +/bundle/ + # misc .DS_Store diff --git a/.goreleaser-test.yml b/.goreleaser-test.yml index 05fc7331..c8a0e4b7 100644 --- a/.goreleaser-test.yml +++ b/.goreleaser-test.yml @@ -15,7 +15,7 @@ before: hooks: # https://goreleaser.com/customization/dist/ -dist: test +dist: dist-test builds: # https://goreleaser.com/customization/build/ diff --git a/go.mod b/go.mod index f5b9be03..41c7ec53 100644 --- a/go.mod +++ b/go.mod @@ -20,7 +20,7 @@ require ( github.com/aserto-dev/go-aserto v0.33.4 github.com/aserto-dev/go-authorizer v0.20.11 github.com/aserto-dev/go-directory v0.33.2 - github.com/aserto-dev/go-edge-ds v0.33.2 + github.com/aserto-dev/go-edge-ds v0.33.3 github.com/aserto-dev/go-grpc v0.9.2 github.com/aserto-dev/go-topaz-ui v0.1.15 github.com/aserto-dev/header v0.0.8 diff --git a/go.sum b/go.sum index aac8a9ed..ae7403dd 100644 --- a/go.sum +++ b/go.sum @@ -429,8 +429,8 @@ github.com/aserto-dev/go-decision-logs v0.1.2 h1:f26bgKDIroNeN71+Ot2AXfCAtausNcB github.com/aserto-dev/go-decision-logs v0.1.2/go.mod h1:T7Pws/IBopk3he4kgAlmZH9/JcwX2s8T2pwc715Mobo= github.com/aserto-dev/go-directory v0.33.2 h1:QJwzSmfxJ7EG0RzWsgu7In5cAeGtZURZklSsHhMOFh8= github.com/aserto-dev/go-directory v0.33.2/go.mod h1:gK239V0htJtp0/BwvbTrYv/XIphoK/AugP8sw3m8B0s= -github.com/aserto-dev/go-edge-ds v0.33.2 h1:2ZeqFq6wgL2R0b7Zyx8pQLIVdv6WH6Okg7gjiaahztw= -github.com/aserto-dev/go-edge-ds v0.33.2/go.mod h1:Vg9ZIbUXAc33BAyj0qBTatS/wxQGY1pV59vGa5pZCiU= +github.com/aserto-dev/go-edge-ds v0.33.3 h1:wEFDcTF2WEF9QIEInreNcUWIrIM2OvoniVQKrCIv8IE= +github.com/aserto-dev/go-edge-ds v0.33.3/go.mod h1:Vg9ZIbUXAc33BAyj0qBTatS/wxQGY1pV59vGa5pZCiU= github.com/aserto-dev/go-grpc v0.9.2 h1:NYhl1yRnLWlTMe/L051lRZwuvv/lUuP9vJ4gFPwzpSw= github.com/aserto-dev/go-grpc v0.9.2/go.mod h1:pKZdJ9+ITXPBvFQeU+CJmRtQE7rX/+cX9JFRzo8z0TQ= github.com/aserto-dev/go-topaz-ui v0.1.15 h1:ykez4Em2gEORDi96lDEzS2yWb510dzSKZzAoyP4tQ8Q= diff --git a/makefile b/makefile index 5bedad5d..b83e8bf8 100644 --- a/makefile +++ b/makefile @@ -52,11 +52,6 @@ go-mod-tidy: @echo -e "$(ATTN_COLOR)==> $@ $(NO_COLOR)" @go work edit -json | jq -r '.Use[].DiskPath' | xargs -I{} bash -c 'cd {} && echo "${PWD}/go.mod" && go mod tidy -v && cd -' -.PHONY: dev-release -dev-release: - @echo -e "$(ATTN_COLOR)==> $@ $(NO_COLOR)" - @${EXT_BIN_DIR}/goreleaser release --clean --snapshot - .PHONY: release release: @echo -e "$(ATTN_COLOR)==> $@ $(NO_COLOR)" @@ -80,7 +75,7 @@ lint: .PHONY: test-snapshot test-snapshot: @echo -e "$(ATTN_COLOR)==> $@ $(NO_COLOR)" - @${EXT_BIN_DIR}/goreleaser release --config .goreleaser-test.yml --clean --snapshot + @${EXT_BIN_DIR}/goreleaser release --config .goreleaser-test.yml --clean --snapshot --skip archive .PHONE: container-tag container-tag: @@ -91,7 +86,7 @@ container-tag: run-test-snapshot: @echo -e "$(ATTN_COLOR)==> $@ $(NO_COLOR)" @echo "topaz run $$(${PWD}/dist/topaz_${GOOS}_${GOARCH}/topaz config info | jq '.runtime.active_configuration_file')" - @${PWD}/dist/topazd_${GOOS}_${GOARCH}/topazd run -c $$(${PWD}/dist/topaz_${GOOS}_${GOARCH}/topaz config info | jq -r '.runtime.active_configuration_file') + @${PWD}/dist/topaz_${GOOS}_${GOARCH}/topaz run --container-tag=0.0.0-test-$$(git rev-parse --short HEAD)-$$(uname -m) .PHONY: start-test-snapshot start-test-snapshot: diff --git a/assets/assets.go b/pkg/app/tests/assets/assets.go similarity index 100% rename from assets/assets.go rename to pkg/app/tests/assets/assets.go diff --git a/assets/config/config-no-tls.yaml b/pkg/app/tests/assets/config/config-no-tls.yaml similarity index 100% rename from assets/config/config-no-tls.yaml rename to pkg/app/tests/assets/config/config-no-tls.yaml diff --git a/assets/config/config.yaml b/pkg/app/tests/assets/config/config.yaml similarity index 100% rename from assets/config/config.yaml rename to pkg/app/tests/assets/config/config.yaml diff --git a/assets/config/peoplefinder.yaml b/pkg/app/tests/assets/config/peoplefinder.yaml similarity index 100% rename from assets/config/peoplefinder.yaml rename to pkg/app/tests/assets/config/peoplefinder.yaml diff --git a/assets/db/acmecorp.db b/pkg/app/tests/assets/db/acmecorp.db similarity index 100% rename from assets/db/acmecorp.db rename to pkg/app/tests/assets/db/acmecorp.db diff --git a/pkg/app/tests/assets/gdrive/manifest.yaml b/pkg/app/tests/assets/gdrive/manifest.yaml new file mode 100644 index 00000000..b9401c55 --- /dev/null +++ b/pkg/app/tests/assets/gdrive/manifest.yaml @@ -0,0 +1,67 @@ +# yaml-language-server: $schema=https://www.topaz.sh/schema/manifest.json +--- + +### filename: manifest.yaml ### +### datetime: 2023-12-19T00:00:00-00:00 ### +### description: gdrive manifest ### +# +# model +model: + version: 3 + +# object type definitions +types: + ### display_name: User ### + user: + relations: + ### display_name: user#manager ### + manager: user + + permissions: + ### display_name: user#in_management_chain ### + in_management_chain: manager | manager->in_management_chain + + + ### display_name: Identity ### + identity: + relations: + ### display_name: identity#identifier ### + identifier: user + + + ### display_name: Group ### + group: + relations: + ### display_name: group#member ### + member: user | group#member + + + # folder represents a collection of documents and/or other folders + folder: + relations: + parent: folder + + owner: user + editor: user | group#member + viewer: user | group#member + + permissions: + can_share: owner | parent->can_share + can_write: editor | can_share | parent->can_write + can_read: viewer | can_write | parent->can_read + + + # doc represents a document within a folder + doc: + relations: + parent: folder + + owner: user + editor: user | group#member + viewer: user | user:* | group#member + + permissions: + can_share: owner | parent->can_share + can_delete: can_share | parent->can_write + can_write: editor | can_delete | parent->can_write + can_read: viewer | can_write | parent->can_read diff --git a/pkg/app/tests/authz/authz_test.go b/pkg/app/tests/authz/authz_test.go index 9b300f73..a4ea8a14 100644 --- a/pkg/app/tests/authz/authz_test.go +++ b/pkg/app/tests/authz/authz_test.go @@ -2,7 +2,6 @@ package authz_test import ( "context" - "os" "testing" "time" @@ -10,7 +9,7 @@ import ( azc "github.com/aserto-dev/go-aserto/az" "github.com/aserto-dev/go-authorizer/aserto/authorizer/v2" api "github.com/aserto-dev/go-authorizer/aserto/authorizer/v2/api" - assets_test "github.com/aserto-dev/topaz/assets" + assets_test "github.com/aserto-dev/topaz/pkg/app/tests/assets" tc "github.com/aserto-dev/topaz/pkg/app/tests/common" "github.com/stretchr/testify/assert" @@ -22,19 +21,14 @@ import ( "google.golang.org/protobuf/types/known/structpb" ) -var addr string - -func TestMain(m *testing.M) { - rc := 0 - defer func() { - os.Exit(rc) - }() +func TestAuthZ(t *testing.T) { + ctx, cancel := context.WithCancel(context.Background()) - ctx := context.Background() + t.Logf("\nTEST CONTAINER IMAGE: %q\n", tc.TestImage()) - h, err := tc.NewHarness(ctx, &testcontainers.ContainerRequest{ + req := testcontainers.ContainerRequest{ Image: tc.TestImage(), - ExposedPorts: []string{"9292/tcp", "9393/tcp"}, + ExposedPorts: []string{"9292/tcp"}, Env: map[string]string{ "TOPAZ_CERTS_DIR": "/certs", "TOPAZ_DB_DIR": "/data", @@ -54,50 +48,58 @@ func TestMain(m *testing.M) { }, WaitingFor: wait.ForAll( wait.ForExposedPort(), - wait.ForLog("Starting 0.0.0.0:9393 gateway server"), - ).WithStartupTimeoutDefault(240 * time.Second).WithDeadline(360 * time.Second), + wait.ForLog("Starting 0.0.0.0:9292 gRPC server"), + ).WithStartupTimeoutDefault(300 * time.Second), + } + + topaz, err := testcontainers.GenericContainer(ctx, testcontainers.GenericContainerRequest{ + ContainerRequest: req, + Started: false, }) - if err != nil { - rc = 99 - return + require.NoError(t, err) + + if err := topaz.Start(ctx); err != nil { + require.NoError(t, err) } - defer func() { - if err := h.Close(ctx); err != nil { - rc = 100 - } - }() + t.Cleanup(func() { + testcontainers.CleanupContainer(t, topaz) + cancel() + }) - addr = h.AddrGRPC(ctx) + grpcAddr, err := tc.MappedAddr(ctx, topaz, "9292") + require.NoError(t, err) - rc = m.Run() + t.Run("testAuthZ", testAuthZ(grpcAddr)) } -func TestWithMissingIdentity(t *testing.T) { - opts := []client.ConnectionOption{ - client.WithAddr(addr), - client.WithInsecure(true), - } - - azClient, err := azc.New(opts...) - require.NoError(t, err) - t.Cleanup(func() { _ = azClient.Close() }) +func testAuthZ(addr string) func(*testing.T) { + return func(t *testing.T) { + opts := []client.ConnectionOption{ + client.WithAddr(addr), + client.WithInsecure(true), + } - ctx, cancel := context.WithCancel(context.Background()) - t.Cleanup(cancel) - - tests := []struct { - name string - test func(*testing.T) - }{ - {"TestDecisionTreeWithMissingIdentity", DecisionTreeWithMissingIdentity(ctx, azClient)}, - {"TestDecisionTreeWithUserID", DecisionTreeWithUserID(ctx, azClient)}, - {"TestIsWithMissingIdentity", IsWithMissingIdentity(ctx, azClient)}, - {"TestQueryWithMissingIdentity", QueryWithMissingIdentity(ctx, azClient)}, - } + azClient, err := azc.New(opts...) + require.NoError(t, err) + t.Cleanup(func() { _ = azClient.Close() }) + + ctx, cancel := context.WithCancel(context.Background()) + t.Cleanup(cancel) + + tests := []struct { + name string + test func(*testing.T) + }{ + {"TestDecisionTreeWithMissingIdentity", DecisionTreeWithMissingIdentity(ctx, azClient)}, + {"TestDecisionTreeWithUserID", DecisionTreeWithUserID(ctx, azClient)}, + {"TestIsWithMissingIdentity", IsWithMissingIdentity(ctx, azClient)}, + {"TestQueryWithMissingIdentity", QueryWithMissingIdentity(ctx, azClient)}, + } - for _, testCase := range tests { - t.Run(testCase.name, testCase.test) + for _, testCase := range tests { + t.Run(testCase.name, testCase.test) + } } } diff --git a/pkg/app/tests/builtin/builtin_test.go b/pkg/app/tests/builtin/builtin_test.go index 730cd720..6a95a47b 100644 --- a/pkg/app/tests/builtin/builtin_test.go +++ b/pkg/app/tests/builtin/builtin_test.go @@ -2,14 +2,13 @@ package builtin_test import ( "context" - "os" "testing" "time" client "github.com/aserto-dev/go-aserto" azc "github.com/aserto-dev/go-aserto/az" "github.com/aserto-dev/go-authorizer/aserto/authorizer/v2" - assets_test "github.com/aserto-dev/topaz/assets" + assets_test "github.com/aserto-dev/topaz/pkg/app/tests/assets" tc "github.com/aserto-dev/topaz/pkg/app/tests/common" "github.com/stretchr/testify/assert" @@ -18,18 +17,14 @@ import ( "github.com/testcontainers/testcontainers-go/wait" ) -var addr string +func TestBuiltins(t *testing.T) { + ctx, cancel := context.WithCancel(context.Background()) -func TestMain(m *testing.M) { - rc := 0 - defer func() { - os.Exit(rc) - }() + t.Logf("\nTEST CONTAINER IMAGE: %q\n", tc.TestImage()) - ctx := context.Background() - h, err := tc.NewHarness(ctx, &testcontainers.ContainerRequest{ + req := testcontainers.ContainerRequest{ Image: tc.TestImage(), - ExposedPorts: []string{"9292/tcp", "9393/tcp", "9494/tcp", "9595/tcp"}, + ExposedPorts: []string{"9292/tcp"}, Env: map[string]string{ "TOPAZ_CERTS_DIR": "/certs", "TOPAZ_DB_DIR": "/data", @@ -37,7 +32,7 @@ func TestMain(m *testing.M) { }, Files: []testcontainers.ContainerFile{ { - Reader: assets_test.ConfigReader(), + Reader: assets_test.PeoplefinderConfigReader(), ContainerFilePath: "/config/config.yaml", FileMode: 0x700, }, @@ -49,76 +44,84 @@ func TestMain(m *testing.M) { }, WaitingFor: wait.ForAll( wait.ForExposedPort(), - wait.ForLog("Starting 0.0.0.0:9393 gateway server"), - ).WithStartupTimeoutDefault(240 * time.Second).WithDeadline(360 * time.Second), + wait.ForLog("Starting 0.0.0.0:9292 gRPC server"), + ).WithStartupTimeoutDefault(300 * time.Second), + } + + topaz, err := testcontainers.GenericContainer(ctx, testcontainers.GenericContainerRequest{ + ContainerRequest: req, + Started: false, }) - if err != nil { - rc = 99 - return + require.NoError(t, err) + + if err := topaz.Start(ctx); err != nil { + require.NoError(t, err) } - defer func() { - if err := h.Close(ctx); err != nil { - rc = 100 - } - }() + t.Cleanup(func() { + testcontainers.CleanupContainer(t, topaz) + cancel() + }) - addr = h.AddrGRPC(ctx) + grpcAddr, err := tc.MappedAddr(ctx, topaz, "9292") + require.NoError(t, err) - rc = m.Run() + t.Run("testBuiltins", testBuiltins(grpcAddr)) } -func TestBuiltins(t *testing.T) { - opts := []client.ConnectionOption{ - client.WithAddr(addr), - client.WithInsecure(true), - } +func testBuiltins(addr string) func(*testing.T) { + return func(t *testing.T) { + opts := []client.ConnectionOption{ + client.WithAddr(addr), + client.WithInsecure(true), + } - azClient, err := azc.New(opts...) - require.NoError(t, err) - t.Cleanup(func() { _ = azClient.Close() }) + azClient, err := azc.New(opts...) + require.NoError(t, err) + t.Cleanup(func() { _ = azClient.Close() }) - ctx, cancel := context.WithCancel(context.Background()) - t.Cleanup(cancel) + ctx, cancel := context.WithCancel(context.Background()) + t.Cleanup(cancel) + + // BuiltinHelptests(ctx, client) + for _, tc := range BuiltinHelpTests { + f := func(t *testing.T) { + resp, err := azClient.Query(ctx, &authorizer.QueryRequest{ + Query: tc.query, + }) + require.NoError(t, err) + require.NotNil(t, resp) + require.NotNil(t, resp.Response) - // BuiltinHelptests(ctx, client) - for _, tc := range BuiltinHelpTests { - f := func(t *testing.T) { - resp, err := azClient.Query(ctx, &authorizer.QueryRequest{ - Query: tc.query, - }) - require.NoError(t, err) - require.NotNil(t, resp) - require.NotNil(t, resp.Response) + r := resp.Response.AsMap() - r := resp.Response.AsMap() + v1 := r["result"].([]interface{}) + v2 := v1[0].(map[string]interface{}) + v3 := v2["bindings"].(map[string]interface{}) + v := v3["x"] - v1 := r["result"].([]interface{}) - v2 := v1[0].(map[string]interface{}) - v3 := v2["bindings"].(map[string]interface{}) - v := v3["x"] + assert.Equal(t, v, tc.expected) + } - assert.Equal(t, v, tc.expected) + t.Run(tc.name, f) } - t.Run(tc.name, f) - } + // BuiltinNotFoundErrTests + for _, tc := range BuiltinNotFoundErrTests { + f := func(t *testing.T) { + resp, err := azClient.Query(ctx, &authorizer.QueryRequest{ + Query: tc.query, + }) + require.NoError(t, err) + require.NotNil(t, resp) + require.NotNil(t, resp.Response) - // BuiltinNotFoundErrTests - for _, tc := range BuiltinNotFoundErrTests { - f := func(t *testing.T) { - resp, err := azClient.Query(ctx, &authorizer.QueryRequest{ - Query: tc.query, - }) - require.NoError(t, err) - require.NotNil(t, resp) - require.NotNil(t, resp.Response) + r := resp.Response.AsMap() + require.NotNil(t, r) + } - r := resp.Response.AsMap() - require.NotNil(t, r) + t.Run(tc.name, f) } - - t.Run(tc.name, f) } } diff --git a/pkg/app/tests/common/common.go b/pkg/app/tests/common/common.go index 4c77ec17..a2c240c9 100644 --- a/pkg/app/tests/common/common.go +++ b/pkg/app/tests/common/common.go @@ -3,73 +3,13 @@ package common_test import ( "context" "fmt" - "log" "runtime" - "time" + "github.com/docker/go-connections/nat" "github.com/magefile/mage/sh" "github.com/testcontainers/testcontainers-go" ) -type Harness struct { - container testcontainers.Container -} - -func NewHarness(ctx context.Context, req *testcontainers.ContainerRequest) (*Harness, error) { - container, err := testcontainers.GenericContainer(ctx, testcontainers.GenericContainerRequest{ - ContainerRequest: *req, - Started: false, - }) - if err != nil { - return nil, err - } - - if err := container.Start(ctx); err != nil { - return nil, err - } - - return &Harness{ - container: container, - }, nil -} - -func (h *Harness) Close(ctx context.Context) error { - timeout := 20 * time.Second - if err := h.container.Stop(ctx, &timeout); err != nil { - return h.container.Terminate(ctx) - } - return nil -} - -func (h *Harness) AddrGRPC(ctx context.Context) string { - host, err := h.container.Host(ctx) - if err != nil { - log.Fatal(err) - } - - mappedPort, err := h.container.MappedPort(ctx, "9292") - if err != nil { - log.Fatal(err) - } - - return fmt.Sprintf("%s:%s", host, mappedPort.Port()) -} - -func (h *Harness) AddrREST(ctx context.Context) string { - host, err := h.container.Host(ctx) - if err != nil { - log.Fatal(err) - // return "" - } - - mappedPort, err := h.container.MappedPort(ctx, "9393") - if err != nil { - log.Fatal(err) - } - - return fmt.Sprintf("%s:%s", host, mappedPort.Port()) -} - func GoARCH() *string { var goarch string if runtime.GOARCH == "amd64" { @@ -90,3 +30,17 @@ func CommitSHA() string { func TestImage() string { return "ghcr.io/aserto-dev/topaz:0.0.0-test-" + CommitSHA() + "-" + runtime.GOARCH } + +func MappedAddr(ctx context.Context, container testcontainers.Container, port string) (string, error) { + host, err := container.Host(ctx) + if err != nil { + return "", err + } + + mappedPort, err := container.MappedPort(ctx, nat.Port(port)) + if err != nil { + return "", err + } + + return fmt.Sprintf("%s:%s", host, mappedPort.Port()), nil +} diff --git a/pkg/app/tests/manifest/manifest_test.go b/pkg/app/tests/manifest/manifest_test.go index 2c4cf3b5..357600bf 100644 --- a/pkg/app/tests/manifest/manifest_test.go +++ b/pkg/app/tests/manifest/manifest_test.go @@ -13,7 +13,7 @@ import ( client "github.com/aserto-dev/go-aserto" dsc "github.com/aserto-dev/go-aserto/ds/v3" dsm3 "github.com/aserto-dev/go-directory/aserto/directory/model/v3" - assets_test "github.com/aserto-dev/topaz/assets" + assets_test "github.com/aserto-dev/topaz/pkg/app/tests/assets" tc "github.com/aserto-dev/topaz/pkg/app/tests/common" "github.com/stretchr/testify/assert" @@ -23,18 +23,14 @@ import ( "google.golang.org/protobuf/types/known/emptypb" ) -var addr string +func TestManifest(t *testing.T) { + ctx, cancel := context.WithCancel(context.Background()) -func TestMain(m *testing.M) { - rc := 0 - defer func() { - os.Exit(rc) - }() + t.Logf("\nTEST CONTAINER IMAGE: %q\n", tc.TestImage()) - ctx := context.Background() - h, err := tc.NewHarness(ctx, &testcontainers.ContainerRequest{ + req := testcontainers.ContainerRequest{ Image: tc.TestImage(), - ExposedPorts: []string{"9292/tcp", "9393/tcp"}, + ExposedPorts: []string{"9292/tcp"}, Env: map[string]string{ "TOPAZ_CERTS_DIR": "/certs", "TOPAZ_DB_DIR": "/data", @@ -49,81 +45,89 @@ func TestMain(m *testing.M) { }, WaitingFor: wait.ForAll( wait.ForExposedPort(), - wait.ForLog("Starting 0.0.0.0:9393 gateway server"), - ).WithStartupTimeoutDefault(240 * time.Second).WithDeadline(360 * time.Second), + wait.ForLog("Starting 0.0.0.0:9292 gRPC server"), + ).WithStartupTimeoutDefault(300 * time.Second), + } + + topaz, err := testcontainers.GenericContainer(ctx, testcontainers.GenericContainerRequest{ + ContainerRequest: req, + Started: false, }) - if err != nil { - rc = 99 - return + require.NoError(t, err) + + if err := topaz.Start(ctx); err != nil { + require.NoError(t, err) } - defer func() { - if err := h.Close(ctx); err != nil { - rc = 100 - } - }() + t.Cleanup(func() { + testcontainers.CleanupContainer(t, topaz) + cancel() + }) - addr = h.AddrGRPC(ctx) + grpcAddr, err := tc.MappedAddr(ctx, topaz, "9292") + require.NoError(t, err) - rc = m.Run() + t.Run("testManifest", testManifest(grpcAddr)) } -func TestManifest(t *testing.T) { - opts := []client.ConnectionOption{ - client.WithAddr(addr), - client.WithInsecure(true), - } +func testManifest(addr string) func(*testing.T) { + return func(t *testing.T) { + opts := []client.ConnectionOption{ + client.WithAddr(addr), + client.WithInsecure(true), + } - dsClient, err := dsc.New(opts...) - require.NoError(t, err) - t.Cleanup(func() { _ = dsClient.Close() }) + dsClient, err := dsc.New(opts...) + require.NoError(t, err) + t.Cleanup(func() { _ = dsClient.Close() }) - ctx, cancel := context.WithCancel(context.Background()) - t.Cleanup(cancel) + ctx, cancel := context.WithCancel(context.Background()) + t.Cleanup(cancel) - // write manifest to store - bytesSend, err := setManifest(ctx, dsClient.Model, assets_test.ManifestReader()) - require.NoError(t, err) + // write manifest to store + bytesSend, err := setManifest(ctx, dsClient.Model, assets_test.ManifestReader()) + require.NoError(t, err) - tmpDir := t.TempDir() - w, err := os.Create(path.Join(tmpDir, "manifest.new.yaml")) - require.NoError(t, err) - t.Cleanup(func() { _ = w.Close() }) + tmpDir := t.TempDir() + w, err := os.Create(path.Join(tmpDir, "manifest.new.yaml")) + require.NoError(t, err) + t.Cleanup(func() { _ = w.Close() }) - // get manifest from store - metadata, body, err := getManifest(ctx, dsClient.Model) - require.NoError(t, err) - assert.NotNil(t, metadata) + // get manifest from store + metadata, body, err := getManifest(ctx, dsClient.Model) + require.NoError(t, err) + assert.NotNil(t, metadata) - // write manifest to temp manifest file - bytesRecv, err := io.Copy(w, body) - require.NoError(t, err) + // write manifest to temp manifest file + bytesRecv, err := io.Copy(w, body) + require.NoError(t, err) - assert.Equal(t, bytesSend, bytesRecv) + assert.Equal(t, bytesSend, bytesRecv) - // delete manifest - if err := deleteManifest(ctx, dsClient.Model); err != nil { - assert.NoError(t, err) - } + // delete manifest + if err := deleteManifest(ctx, dsClient.Model); err != nil { + assert.NoError(t, err) + } - // delete deleted manifest should not result in an error - if err := deleteManifest(ctx, dsClient.Model); err != nil { - assert.NoError(t, err) - } + // delete deleted manifest should not result in an error + if err := deleteManifest(ctx, dsClient.Model); err != nil { + assert.NoError(t, err) + } - // getManifest should not fail, but return an empty manifest. - if metadata, body, err := getManifest(ctx, dsClient.Model); err == nil { - assert.NoError(t, err) - assert.NotNil(t, metadata) + // getManifest should not fail, but return an empty manifest. + if metadata, body, err := getManifest(ctx, dsClient.Model); err == nil { + assert.NoError(t, err) + assert.NotNil(t, metadata) - buf := make([]byte, 1024) + buf := make([]byte, 1024) - n, err := body.Read(buf) - assert.Error(t, err, "EOF") - assert.Equal(t, 0, n) - assert.Len(t, buf, 1024) - } else { - assert.NoError(t, err) + n, err := body.Read(buf) + assert.Error(t, err, "EOF") + assert.Equal(t, 0, n) + assert.Len(t, buf, 1024) + } else { + assert.NoError(t, err) + } } } diff --git a/pkg/app/tests/policy/policy_test.go b/pkg/app/tests/policy/policy_test.go index 57ef97b9..6d6239d8 100644 --- a/pkg/app/tests/policy/policy_test.go +++ b/pkg/app/tests/policy/policy_test.go @@ -2,7 +2,6 @@ package policy_test import ( "context" - "os" "testing" "time" @@ -10,7 +9,7 @@ import ( azc "github.com/aserto-dev/go-aserto/az" "github.com/aserto-dev/go-authorizer/aserto/authorizer/v2" api "github.com/aserto-dev/go-authorizer/aserto/authorizer/v2/api" - assets_test "github.com/aserto-dev/topaz/assets" + assets_test "github.com/aserto-dev/topaz/pkg/app/tests/assets" tc "github.com/aserto-dev/topaz/pkg/app/tests/common" "github.com/stretchr/testify/require" @@ -19,18 +18,14 @@ import ( "google.golang.org/protobuf/types/known/fieldmaskpb" ) -var addr string +func TestPolicy(t *testing.T) { + ctx, cancel := context.WithCancel(context.Background()) -func TestMain(m *testing.M) { - rc := 0 - defer func() { - os.Exit(rc) - }() + t.Logf("\nTEST CONTAINER IMAGE: %q\n", tc.TestImage()) - ctx := context.Background() - h, err := tc.NewHarness(ctx, &testcontainers.ContainerRequest{ + req := testcontainers.ContainerRequest{ Image: tc.TestImage(), - ExposedPorts: []string{"9292/tcp", "9393/tcp"}, + ExposedPorts: []string{"9292/tcp"}, Env: map[string]string{ "TOPAZ_CERTS_DIR": "/certs", "TOPAZ_DB_DIR": "/data", @@ -50,57 +45,65 @@ func TestMain(m *testing.M) { }, WaitingFor: wait.ForAll( wait.ForExposedPort(), - wait.ForLog("Starting 0.0.0.0:9393 gateway server"), - ).WithStartupTimeoutDefault(240 * time.Second).WithDeadline(360 * time.Second), + wait.ForLog("Starting 0.0.0.0:9292 gRPC server"), + ).WithStartupTimeoutDefault(300 * time.Second), + } + + topaz, err := testcontainers.GenericContainer(ctx, testcontainers.GenericContainerRequest{ + ContainerRequest: req, + Started: false, }) - if err != nil { - rc = 99 - return + require.NoError(t, err) + + if err := topaz.Start(ctx); err != nil { + require.NoError(t, err) } - defer func() { - if err := h.Close(ctx); err != nil { - rc = 100 - } - }() + t.Cleanup(func() { + testcontainers.CleanupContainer(t, topaz) + cancel() + }) - addr = h.AddrGRPC(ctx) + grpcAddr, err := tc.MappedAddr(ctx, topaz, "9292") + require.NoError(t, err) - rc = m.Run() + t.Run("testPolicy", testPolicy(grpcAddr)) } -func TestPolicy(t *testing.T) { - opts := []client.ConnectionOption{ - client.WithAddr(addr), - client.WithInsecure(true), - } - - azClient, err := azc.New(opts...) - require.NoError(t, err) - t.Cleanup(func() { _ = azClient.Close() }) +func testPolicy(addr string) func(*testing.T) { + return func(t *testing.T) { + opts := []client.ConnectionOption{ + client.WithAddr(addr), + client.WithInsecure(true), + } - ctx, cancel := context.WithCancel(context.Background()) - t.Cleanup(cancel) - - tests := []struct { - name string - test func(*testing.T) - }{ - {"TestListPolicies", ListPolicies(ctx, azClient)}, - {"TestListPoliciesMasked", ListPoliciesMasked(ctx, azClient)}, - {"TestListPoliciesMaskedComposed", ListPoliciesMaskedComposed(ctx, azClient)}, - {"TestListPoliciesInvalidMask", ListPoliciesInvalidMask(ctx, azClient)}, - {"TestListPoliciesEmptyMask", ListPoliciesEmptyMask(ctx, azClient)}, - {"TestGetPolicies", GetPolicies(ctx, azClient)}, - {"TestGetPoliciesMasked", GetPoliciesMasked(ctx, azClient)}, - {"TestGetPoliciesMaskedComposed", GetPoliciesMaskedComposed(ctx, azClient)}, - {"TestGetPoliciesInvalidMask", GetPoliciesInvalidMask(ctx, azClient)}, - {"TestGetPoliciesEmptyMask", GetPoliciesEmptyMask(ctx, azClient)}, - {"TestGetPoliciesInvalidID", GetPoliciesInvalidID(ctx, azClient)}, - } + azClient, err := azc.New(opts...) + require.NoError(t, err) + t.Cleanup(func() { _ = azClient.Close() }) + + ctx, cancel := context.WithCancel(context.Background()) + t.Cleanup(cancel) + + tests := []struct { + name string + test func(*testing.T) + }{ + {"TestListPolicies", ListPolicies(ctx, azClient)}, + {"TestListPoliciesMasked", ListPoliciesMasked(ctx, azClient)}, + {"TestListPoliciesMaskedComposed", ListPoliciesMaskedComposed(ctx, azClient)}, + {"TestListPoliciesInvalidMask", ListPoliciesInvalidMask(ctx, azClient)}, + {"TestListPoliciesEmptyMask", ListPoliciesEmptyMask(ctx, azClient)}, + {"TestGetPolicies", GetPolicies(ctx, azClient)}, + {"TestGetPoliciesMasked", GetPoliciesMasked(ctx, azClient)}, + {"TestGetPoliciesMaskedComposed", GetPoliciesMaskedComposed(ctx, azClient)}, + {"TestGetPoliciesInvalidMask", GetPoliciesInvalidMask(ctx, azClient)}, + {"TestGetPoliciesEmptyMask", GetPoliciesEmptyMask(ctx, azClient)}, + {"TestGetPoliciesInvalidID", GetPoliciesInvalidID(ctx, azClient)}, + } - for _, testCase := range tests { - t.Run(testCase.name, testCase.test) + for _, testCase := range tests { + t.Run(testCase.name, testCase.test) + } } } diff --git a/pkg/app/tests/query/query_test.go b/pkg/app/tests/query/query_test.go index e0c157f9..c8a4011d 100644 --- a/pkg/app/tests/query/query_test.go +++ b/pkg/app/tests/query/query_test.go @@ -3,7 +3,6 @@ package query_test import ( "context" "encoding/json" - "os" "testing" "time" @@ -12,7 +11,7 @@ import ( "github.com/aserto-dev/go-authorizer/aserto/authorizer/v2" api "github.com/aserto-dev/go-authorizer/aserto/authorizer/v2/api" rt "github.com/aserto-dev/runtime" - assets_test "github.com/aserto-dev/topaz/assets" + assets_test "github.com/aserto-dev/topaz/pkg/app/tests/assets" tc "github.com/aserto-dev/topaz/pkg/app/tests/common" "github.com/stretchr/testify/require" @@ -20,18 +19,14 @@ import ( "github.com/testcontainers/testcontainers-go/wait" ) -var addr string +func TestQuery(t *testing.T) { + ctx, cancel := context.WithCancel(context.Background()) -func TestMain(m *testing.M) { - rc := 0 - defer func() { - os.Exit(rc) - }() + t.Logf("\nTEST CONTAINER IMAGE: %q\n", tc.TestImage()) - ctx := context.Background() - h, err := tc.NewHarness(ctx, &testcontainers.ContainerRequest{ + req := testcontainers.ContainerRequest{ Image: tc.TestImage(), - ExposedPorts: []string{"9292/tcp", "9393/tcp"}, + ExposedPorts: []string{"9292/tcp"}, Env: map[string]string{ "TOPAZ_CERTS_DIR": "/certs", "TOPAZ_DB_DIR": "/data", @@ -51,45 +46,53 @@ func TestMain(m *testing.M) { }, WaitingFor: wait.ForAll( wait.ForExposedPort(), - wait.ForLog("Starting 0.0.0.0:9393 gateway server"), - ).WithStartupTimeoutDefault(240 * time.Second).WithDeadline(360 * time.Second), + wait.ForLog("Starting 0.0.0.0:9292 gRPC server"), + ).WithStartupTimeoutDefault(300 * time.Second), + } + + topaz, err := testcontainers.GenericContainer(ctx, testcontainers.GenericContainerRequest{ + ContainerRequest: req, + Started: false, }) - if err != nil { - rc = 99 - return + require.NoError(t, err) + + if err := topaz.Start(ctx); err != nil { + require.NoError(t, err) } - defer func() { - if err := h.Close(ctx); err != nil { - rc = 100 - } - }() + t.Cleanup(func() { + testcontainers.CleanupContainer(t, topaz) + cancel() + }) - addr = h.AddrGRPC(ctx) + grpcAddr, err := tc.MappedAddr(ctx, topaz, "9292") + require.NoError(t, err) - rc = m.Run() + t.Run("testQuery", testQuery(grpcAddr)) } -func TestQuery(t *testing.T) { - opts := []client.ConnectionOption{ - client.WithAddr(addr), - client.WithInsecure(true), - } +func testQuery(addr string) func(*testing.T) { + return func(t *testing.T) { + opts := []client.ConnectionOption{ + client.WithAddr(addr), + client.WithInsecure(true), + } - azClient, err := azc.New(opts...) - require.NoError(t, err) - t.Cleanup(func() { _ = azClient.Close() }) + azClient, err := azc.New(opts...) + require.NoError(t, err) + t.Cleanup(func() { _ = azClient.Close() }) - ctx, cancel := context.WithCancel(context.Background()) - t.Cleanup(cancel) + ctx, cancel := context.WithCancel(context.Background()) + t.Cleanup(cancel) - for _, tc := range queryTests { - f := func(t *testing.T) { - resp, err := azClient.Query(ctx, tc.query) - tc.validate(t, resp, err) - } + for _, tc := range queryTests { + f := func(t *testing.T) { + resp, err := azClient.Query(ctx, tc.query) + tc.validate(t, resp, err) + } - t.Run(tc.name, f) + t.Run(tc.name, f) + } } } diff --git a/pkg/app/tests/template-no-tls/template-no-tls_test.go b/pkg/app/tests/template-no-tls/template-no-tls_test.go index b90d6e5e..9069d011 100644 --- a/pkg/app/tests/template-no-tls/template-no-tls_test.go +++ b/pkg/app/tests/template-no-tls/template-no-tls_test.go @@ -2,12 +2,11 @@ package template_no_tls_test import ( "context" - "os" "path/filepath" "testing" "time" - assets_test "github.com/aserto-dev/topaz/assets" + assets_test "github.com/aserto-dev/topaz/pkg/app/tests/assets" tc "github.com/aserto-dev/topaz/pkg/app/tests/common" "github.com/aserto-dev/topaz/pkg/cli/cc" azc "github.com/aserto-dev/topaz/pkg/cli/clients/authorizer" @@ -23,18 +22,14 @@ import ( "github.com/testcontainers/testcontainers-go/wait" ) -var addr string +func TestTemplatesNoTLS(t *testing.T) { + ctx, cancel := context.WithCancel(context.Background()) -func TestMain(m *testing.M) { - rc := 0 - defer func() { - os.Exit(rc) - }() + t.Logf("\nTEST CONTAINER IMAGE: %q\n", tc.TestImage()) - ctx := context.Background() - h, err := tc.NewHarness(ctx, &testcontainers.ContainerRequest{ + req := testcontainers.ContainerRequest{ Image: tc.TestImage(), - ExposedPorts: []string{"9292/tcp", "9393/tcp", "9494/tcp", "9696/tcp"}, + ExposedPorts: []string{"9292/tcp"}, Env: map[string]string{ "TOPAZ_CERTS_DIR": "/certs", "TOPAZ_DB_DIR": "/data", @@ -49,23 +44,29 @@ func TestMain(m *testing.M) { }, WaitingFor: wait.ForAll( wait.ForExposedPort(), - wait.ForLog("Starting 0.0.0.0:9393 gateway server"), - ).WithStartupTimeoutDefault(300 * time.Second).WithDeadline(360 * time.Second), + wait.ForLog("Starting 0.0.0.0:9292 gRPC server"), + ).WithStartupTimeoutDefault(300 * time.Second), + } + + topaz, err := testcontainers.GenericContainer(ctx, testcontainers.GenericContainerRequest{ + ContainerRequest: req, + Started: false, }) - if err != nil { - rc = 99 - return + require.NoError(t, err) + + if err := topaz.Start(ctx); err != nil { + require.NoError(t, err) } - defer func() { - if err := h.Close(ctx); err != nil { - rc = 100 - } - }() + t.Cleanup(func() { + testcontainers.CleanupContainer(t, topaz) + cancel() + }) - addr = h.AddrGRPC(ctx) + grpcAddr, err := tc.MappedAddr(ctx, topaz, "9292") + require.NoError(t, err) - rc = m.Run() + t.Run("testTemplatesWithNoTLS", testTemplateNoTLS(grpcAddr)) } var tcs = []string{ @@ -81,67 +82,69 @@ var tcs = []string{ "../../../../assets/todo.json", } -func TestTemplateNoTLS(t *testing.T) { - t.Logf("addr: %s", addr) - - t.Setenv("TOPAZ_NO_COLOR", "true") - c, err := cc.NewCommonContext(context.Background(), true, filepath.Join(cc.GetTopazDir(), common.CLIConfigurationFile)) - require.NoError(t, err) - - dsConfig := &dsc.Config{ - Host: addr, - Insecure: false, - Plaintext: true, - Timeout: 10 * time.Second, - } - - azConfig := &azc.Config{ - Host: addr, - Insecure: false, - Plaintext: true, - Timeout: 10 * time.Second, - } - - for _, tmpl := range tcs { - absPath, err := filepath.Abs(tmpl) - require.NoError(t, err) +func testTemplateNoTLS(addr string) func(*testing.T) { + return func(t *testing.T) { + t.Logf("addr: %s", addr) - tmpl, err := templates.GetTemplateFromFile(absPath) + t.Setenv("TOPAZ_NO_COLOR", "true") + c, err := cc.NewCommonContext(context.Background(), true, filepath.Join(cc.GetTopazDir(), common.CLIConfigurationFile)) require.NoError(t, err) - t.Logf("name %s", tmpl.Name) - t.Logf("template: %s", absPath) - - dirPath := filepath.Dir(absPath) - t.Logf("dir %s", dirPath) - - manifestFile := filepath.Join(dirPath, tmpl.Assets.Manifest) - t.Logf("manifestFile: %s", manifestFile) - t.Run(tmpl.Name+"-DeleteManifest", DeleteManifest(c, dsConfig)) - t.Run(tmpl.Name+"-SetManifest", SetManifest(c, dsConfig, manifestFile)) - - if len(tmpl.Assets.IdentityData) > 0 { - idpDataDir := filepath.Dir(filepath.Join(dirPath, tmpl.Assets.IdentityData[0])) - t.Logf("idp_data: %s", idpDataDir) - t.Run(tmpl.Name+"-ImportIdentityData", ImportData(c, dsConfig, idpDataDir)) - } - - if len(tmpl.Assets.DomainData) > 0 { - domainDataDir := filepath.Dir(filepath.Join(dirPath, tmpl.Assets.DomainData[0])) - t.Logf("domain_data: %s", domainDataDir) - t.Run(tmpl.Name+"-ImportDomainData", ImportData(c, dsConfig, domainDataDir)) + dsConfig := &dsc.Config{ + Host: addr, + Insecure: false, + Plaintext: true, + Timeout: 10 * time.Second, } - if len(tmpl.Assets.Assertions) > 0 { - assertionsFile := filepath.Join(dirPath, tmpl.Assets.Assertions[0]) - t.Logf("assertionsFile: %s", assertionsFile) - t.Run(tmpl.Name+"-ExecDirectoryTest", ExecDirectoryTests(c, dsConfig, []string{assertionsFile})) + azConfig := &azc.Config{ + Host: addr, + Insecure: false, + Plaintext: true, + Timeout: 10 * time.Second, } - if len(tmpl.Assets.Assertions) > 1 { - decisionsFile := filepath.Join(dirPath, tmpl.Assets.Assertions[1]) - t.Logf("decisionsFile: %s", decisionsFile) - t.Run(tmpl.Name+"-ExecAuthorizerTest", ExecAuthorizerTests(c, azConfig, []string{decisionsFile})) + for _, tmpl := range tcs { + absPath, err := filepath.Abs(tmpl) + require.NoError(t, err) + + tmpl, err := templates.GetTemplateFromFile(absPath) + require.NoError(t, err) + + t.Logf("name %s", tmpl.Name) + t.Logf("template: %s", absPath) + + dirPath := filepath.Dir(absPath) + t.Logf("dir %s", dirPath) + + manifestFile := filepath.Join(dirPath, tmpl.Assets.Manifest) + t.Logf("manifestFile: %s", manifestFile) + t.Run(tmpl.Name+"-DeleteManifest", DeleteManifest(c, dsConfig)) + t.Run(tmpl.Name+"-SetManifest", SetManifest(c, dsConfig, manifestFile)) + + if len(tmpl.Assets.IdentityData) > 0 { + idpDataDir := filepath.Dir(filepath.Join(dirPath, tmpl.Assets.IdentityData[0])) + t.Logf("idp_data: %s", idpDataDir) + t.Run(tmpl.Name+"-ImportIdentityData", ImportData(c, dsConfig, idpDataDir)) + } + + if len(tmpl.Assets.DomainData) > 0 { + domainDataDir := filepath.Dir(filepath.Join(dirPath, tmpl.Assets.DomainData[0])) + t.Logf("domain_data: %s", domainDataDir) + t.Run(tmpl.Name+"-ImportDomainData", ImportData(c, dsConfig, domainDataDir)) + } + + if len(tmpl.Assets.Assertions) > 0 { + assertionsFile := filepath.Join(dirPath, tmpl.Assets.Assertions[0]) + t.Logf("assertionsFile: %s", assertionsFile) + t.Run(tmpl.Name+"-ExecDirectoryTest", ExecDirectoryTests(c, dsConfig, []string{assertionsFile})) + } + + if len(tmpl.Assets.Assertions) > 1 { + decisionsFile := filepath.Join(dirPath, tmpl.Assets.Assertions[1]) + t.Logf("decisionsFile: %s", decisionsFile) + t.Run(tmpl.Name+"-ExecAuthorizerTest", ExecAuthorizerTests(c, azConfig, []string{decisionsFile})) + } } } } diff --git a/pkg/app/tests/template/template_test.go b/pkg/app/tests/template/template_test.go index bf271f4c..138e6581 100644 --- a/pkg/app/tests/template/template_test.go +++ b/pkg/app/tests/template/template_test.go @@ -2,12 +2,11 @@ package template_test import ( "context" - "os" "path/filepath" "testing" "time" - assets_test "github.com/aserto-dev/topaz/assets" + assets_test "github.com/aserto-dev/topaz/pkg/app/tests/assets" tc "github.com/aserto-dev/topaz/pkg/app/tests/common" "github.com/aserto-dev/topaz/pkg/cli/cc" azc "github.com/aserto-dev/topaz/pkg/cli/clients/authorizer" @@ -23,18 +22,14 @@ import ( "github.com/testcontainers/testcontainers-go/wait" ) -var addr string +func TestTemplates(t *testing.T) { + ctx, cancel := context.WithCancel(context.Background()) -func TestMain(m *testing.M) { - rc := 0 - defer func() { - os.Exit(rc) - }() + t.Logf("\nTEST CONTAINER IMAGE: %q\n", tc.TestImage()) - ctx := context.Background() - h, err := tc.NewHarness(ctx, &testcontainers.ContainerRequest{ + req := testcontainers.ContainerRequest{ Image: tc.TestImage(), - ExposedPorts: []string{"9292/tcp", "9393/tcp", "9494/tcp", "9696/tcp"}, + ExposedPorts: []string{"9292/tcp"}, Env: map[string]string{ "TOPAZ_CERTS_DIR": "/certs", "TOPAZ_DB_DIR": "/data", @@ -49,23 +44,29 @@ func TestMain(m *testing.M) { }, WaitingFor: wait.ForAll( wait.ForExposedPort(), - wait.ForLog("Starting 0.0.0.0:9393 gateway server"), - ).WithStartupTimeoutDefault(300 * time.Second).WithDeadline(360 * time.Second), + wait.ForLog("Starting 0.0.0.0:9292 gRPC server"), + ).WithStartupTimeoutDefault(300 * time.Second), + } + + topaz, err := testcontainers.GenericContainer(ctx, testcontainers.GenericContainerRequest{ + ContainerRequest: req, + Started: false, }) - if err != nil { - rc = 99 - return + require.NoError(t, err) + + if err := topaz.Start(ctx); err != nil { + require.NoError(t, err) } - defer func() { - if err := h.Close(ctx); err != nil { - rc = 100 - } - }() + t.Cleanup(func() { + testcontainers.CleanupContainer(t, topaz) + cancel() + }) - addr = h.AddrGRPC(ctx) + grpcAddr, err := tc.MappedAddr(ctx, topaz, "9292") + require.NoError(t, err) - rc = m.Run() + t.Run("testTemplate", testTemplate(grpcAddr)) } var tcs = []string{ @@ -81,67 +82,71 @@ var tcs = []string{ "../../../../assets/todo.json", } -func TestTemplate(t *testing.T) { - t.Logf("addr: %s", addr) - - t.Setenv("TOPAZ_NO_COLOR", "true") - c, err := cc.NewCommonContext(context.Background(), true, filepath.Join(cc.GetTopazDir(), common.CLIConfigurationFile)) - require.NoError(t, err) - - dsConfig := &dsc.Config{ - Host: addr, - Insecure: true, - Plaintext: false, - Timeout: 10 * time.Second, - } - - azConfig := &azc.Config{ - Host: addr, - Insecure: true, - Plaintext: false, - Timeout: 10 * time.Second, - } +func testTemplate(addr string) func(*testing.T) { + return func(t *testing.T) { + t.Logf("addr: %s", addr) - for _, tmpl := range tcs { - absPath, err := filepath.Abs(tmpl) - require.NoError(t, err) + t.Logf("addr: %s", addr) - tmpl, err := templates.GetTemplateFromFile(absPath) + t.Setenv("TOPAZ_NO_COLOR", "true") + c, err := cc.NewCommonContext(context.Background(), true, filepath.Join(cc.GetTopazDir(), common.CLIConfigurationFile)) require.NoError(t, err) - t.Logf("name %s", tmpl.Name) - t.Logf("template: %s", absPath) - - dirPath := filepath.Dir(absPath) - t.Logf("dir %s", dirPath) - - manifestFile := filepath.Join(dirPath, tmpl.Assets.Manifest) - t.Logf("manifestFile: %s", manifestFile) - t.Run(tmpl.Name+"-DeleteManifest", DeleteManifest(c, dsConfig)) - t.Run(tmpl.Name+"-SetManifest", SetManifest(c, dsConfig, manifestFile)) - - if len(tmpl.Assets.IdentityData) > 0 { - idpDataDir := filepath.Dir(filepath.Join(dirPath, tmpl.Assets.IdentityData[0])) - t.Logf("idp_data: %s", idpDataDir) - t.Run(tmpl.Name+"-ImportIdentityData", ImportData(c, dsConfig, idpDataDir)) - } - - if len(tmpl.Assets.DomainData) > 0 { - domainDataDir := filepath.Dir(filepath.Join(dirPath, tmpl.Assets.DomainData[0])) - t.Logf("domain_data: %s", domainDataDir) - t.Run(tmpl.Name+"-ImportDomainData", ImportData(c, dsConfig, domainDataDir)) + dsConfig := &dsc.Config{ + Host: addr, + Insecure: true, + Plaintext: false, + Timeout: 10 * time.Second, } - if len(tmpl.Assets.Assertions) > 0 { - assertionsFile := filepath.Join(dirPath, tmpl.Assets.Assertions[0]) - t.Logf("assertionsFile: %s", assertionsFile) - t.Run(tmpl.Name+"-ExecDirectoryTest", ExecDirectoryTests(c, dsConfig, []string{assertionsFile})) + azConfig := &azc.Config{ + Host: addr, + Insecure: true, + Plaintext: false, + Timeout: 10 * time.Second, } - if len(tmpl.Assets.Assertions) > 1 { - decisionsFile := filepath.Join(dirPath, tmpl.Assets.Assertions[1]) - t.Logf("decisionsFile: %s", decisionsFile) - t.Run(tmpl.Name+"-ExecAuthorizerTest", ExecAuthorizerTests(c, azConfig, []string{decisionsFile})) + for _, tmpl := range tcs { + absPath, err := filepath.Abs(tmpl) + require.NoError(t, err) + + tmpl, err := templates.GetTemplateFromFile(absPath) + require.NoError(t, err) + + t.Logf("name %s", tmpl.Name) + t.Logf("template: %s", absPath) + + dirPath := filepath.Dir(absPath) + t.Logf("dir %s", dirPath) + + manifestFile := filepath.Join(dirPath, tmpl.Assets.Manifest) + t.Logf("manifestFile: %s", manifestFile) + t.Run(tmpl.Name+"-DeleteManifest", DeleteManifest(c, dsConfig)) + t.Run(tmpl.Name+"-SetManifest", SetManifest(c, dsConfig, manifestFile)) + + if len(tmpl.Assets.IdentityData) > 0 { + idpDataDir := filepath.Dir(filepath.Join(dirPath, tmpl.Assets.IdentityData[0])) + t.Logf("idp_data: %s", idpDataDir) + t.Run(tmpl.Name+"-ImportIdentityData", ImportData(c, dsConfig, idpDataDir)) + } + + if len(tmpl.Assets.DomainData) > 0 { + domainDataDir := filepath.Dir(filepath.Join(dirPath, tmpl.Assets.DomainData[0])) + t.Logf("domain_data: %s", domainDataDir) + t.Run(tmpl.Name+"-ImportDomainData", ImportData(c, dsConfig, domainDataDir)) + } + + if len(tmpl.Assets.Assertions) > 0 { + assertionsFile := filepath.Join(dirPath, tmpl.Assets.Assertions[0]) + t.Logf("assertionsFile: %s", assertionsFile) + t.Run(tmpl.Name+"-ExecDirectoryTest", ExecDirectoryTests(c, dsConfig, []string{assertionsFile})) + } + + if len(tmpl.Assets.Assertions) > 1 { + decisionsFile := filepath.Join(dirPath, tmpl.Assets.Assertions[1]) + t.Logf("decisionsFile: %s", decisionsFile) + t.Run(tmpl.Name+"-ExecAuthorizerTest", ExecAuthorizerTests(c, azConfig, []string{decisionsFile})) + } } } }