diff --git a/tests/integration/test_outpost_docker.py b/tests/integration/test_outpost_docker.py index 9b491c5af..8a1c4dc69 100644 --- a/tests/integration/test_outpost_docker.py +++ b/tests/integration/test_outpost_docker.py @@ -3,11 +3,13 @@ from shutil import rmtree from tempfile import mkdtemp from time import sleep +import yaml from django.test import TestCase from docker import DockerClient, from_env from docker.models.containers import Container from docker.types.healthcheck import Healthcheck +from authentik import __version__ from authentik.crypto.models import CertificateKeyPair from authentik.flows.models import Flow from authentik.outposts.apps import AuthentikOutpostConfig @@ -93,3 +95,14 @@ class OutpostDockerTests(TestCase): controller = DockerController(self.outpost, self.service_connection) controller.up() controller.down() + + def test_docker_static(self): + """test that deployment requires update""" + controller = DockerController(self.outpost, self.service_connection) + manifest = controller.get_static_deployment() + compose = yaml.load(manifest, Loader=yaml.SafeLoader) + self.assertEqual(compose["version"], "3.5") + self.assertEqual( + compose["services"]["authentik_proxy"]["image"], + f"beryju/authentik-proxy:{__version__}", + ) diff --git a/tests/integration/test_outposts_kubernetes.py b/tests/integration/test_outpost_kubernetes.py similarity index 100% rename from tests/integration/test_outposts_kubernetes.py rename to tests/integration/test_outpost_kubernetes.py diff --git a/tests/integration/test_proxy_docker.py b/tests/integration/test_proxy_docker.py new file mode 100644 index 000000000..532810230 --- /dev/null +++ b/tests/integration/test_proxy_docker.py @@ -0,0 +1,108 @@ +"""outpost tests""" +from shutil import rmtree +from tempfile import mkdtemp +from time import sleep + +import yaml +from django.test import TestCase +from docker import DockerClient, from_env +from docker.models.containers import Container +from docker.types.healthcheck import Healthcheck + +from authentik import __version__ +from authentik.crypto.models import CertificateKeyPair +from authentik.flows.models import Flow +from authentik.outposts.apps import AuthentikOutpostConfig +from authentik.outposts.models import DockerServiceConnection, Outpost, OutpostType +from authentik.providers.proxy.controllers.docker import DockerController +from authentik.providers.proxy.models import ProxyProvider + + +class TestProxyDocker(TestCase): + """Test Docker Controllers""" + + def _start_container(self, ssl_folder: str) -> Container: + client: DockerClient = from_env() + container = client.containers.run( + image="library/docker:dind", + detach=True, + network_mode="host", + remove=True, + privileged=True, + healthcheck=Healthcheck( + test=["CMD", "docker", "info"], + interval=5 * 100 * 1000000, + start_period=5 * 100 * 1000000, + ), + environment={"DOCKER_TLS_CERTDIR": "/ssl"}, + volumes={ + f"{ssl_folder}/": { + "bind": "/ssl", + } + }, + ) + while True: + container.reload() + status = container.attrs.get("State", {}).get("Health", {}).get("Status") + if status == "healthy": + return container + sleep(1) + + def setUp(self): + super().setUp() + self.ssl_folder = mkdtemp() + self.container = self._start_container(self.ssl_folder) + # Ensure that local connection have been created + AuthentikOutpostConfig.init_local_connection() + self.provider: ProxyProvider = ProxyProvider.objects.create( + name="test", + internal_host="http://localhost", + external_host="http://localhost", + authorization_flow=Flow.objects.first(), + ) + authentication_kp = CertificateKeyPair.objects.create( + name="docker-authentication", + certificate_data=open(f"{self.ssl_folder}/client/cert.pem").read(), + key_data=open(f"{self.ssl_folder}/client/key.pem").read(), + ) + verification_kp = CertificateKeyPair.objects.create( + name="docker-verification", + certificate_data=open(f"{self.ssl_folder}/client/ca.pem").read(), + ) + self.service_connection = DockerServiceConnection.objects.create( + url="https://localhost:2376", + tls_verification=verification_kp, + tls_authentication=authentication_kp, + ) + self.outpost: Outpost = Outpost.objects.create( + name="test", + type=OutpostType.PROXY, + service_connection=self.service_connection, + ) + self.outpost.providers.add(self.provider) + self.outpost.save() + + def tearDown(self) -> None: + super().tearDown() + self.container.kill() + try: + rmtree(self.ssl_folder) + except PermissionError: + pass + + def test_docker_controller(self): + """test that deployment requires update""" + controller = DockerController(self.outpost, self.service_connection) + controller.up() + controller.down() + + def test_docker_static(self): + """test that deployment requires update""" + controller = DockerController(self.outpost, self.service_connection) + manifest = controller.get_static_deployment() + compose = yaml.load(manifest, Loader=yaml.SafeLoader) + self.assertEqual(compose["version"], "3.5") + self.assertEqual( + compose["services"]["authentik_proxy"]["image"], + f"beryju/authentik-proxy:{__version__}", + ) diff --git a/tests/integration/test_proxy_kubernetes.py b/tests/integration/test_proxy_kubernetes.py index 89f83f5d7..61b9a92aa 100644 --- a/tests/integration/test_proxy_kubernetes.py +++ b/tests/integration/test_proxy_kubernetes.py @@ -9,7 +9,7 @@ from authentik.providers.proxy.controllers.kubernetes import ProxyKubernetesCont from authentik.providers.proxy.models import ProxyProvider -class TestControllers(TestCase): +class TestProxyKubernetes(TestCase): """Test Controllers""" def setUp(self):