Better integrate Docker related commands in authelia-scripts.

2019-03-01 22:52:01 +01:00 · 2019-03-01 22:52:01 +01:00 · 38271e3335
parent a56e5adc42
commit 38271e3335
16 changed files with 191 additions and 34 deletions
--- a/.travis.yml
+++ b/.travis.yml
@ -35,7 +35,7 @@ before_script:
 script:
 - "./scripts/authelia-scripts travis"
 after_success:
- "./scripts/authelia-scripts publish-docker"
+- "./scripts/authelia-scripts docker publish"

 deploy:
  provider: npm
--- a/scripts/authelia-scripts
+++ b/scripts/authelia-scripts
@ -14,8 +14,7 @@ program

  .command('travis', 'Build and test Authelia on Travis.')
  .command('hash-password <password>', 'Hash a password with SSHA512.')
-  .command('build-docker', 'Build Docker image containing production version of Authelia.')
-  .command('publish-docker', 'Publish Docker image containing production version of Authelia to Dockerhub.')
+  .command('docker', 'Docker related commands.')
  .parse(process.argv);


--- a/scripts/authelia-scripts-build-docker
+++ b/scripts/authelia-scripts-build-docker
@ -1,3 +0,0 @@
-#!/bin/bash
-
-docker build -t clems4ever/authelia .
--- a/scripts/authelia-scripts-docker
+++ b/scripts/authelia-scripts-docker
@ -0,0 +1,8 @@
+#!/usr/bin/env node
+
+var program = require('commander');
+
+program
+  .command('build', 'Build docker image clems4ever/authelia.')
+  .command('publish', 'Publish image clems4ever/authelia to Dockerhub.')
+  .parse(process.argv);
--- a/scripts/authelia-scripts-docker-build
+++ b/scripts/authelia-scripts-docker-build
@ -0,0 +1,10 @@
+#!/usr/bin/env node
+
+var { exec } = require('./utils/exec');
+var { IMAGE_NAME } = require('./utils/docker');
+
+async function main() {
+  await exec(`docker build -t ${IMAGE_NAME} .`);
+}
+
+main();
--- a/scripts/authelia-scripts-docker-publish
+++ b/scripts/authelia-scripts-docker-publish
@ -21,7 +21,6 @@ function deploy_on_dockerhub {
  echo "==========================================================="
  echo "Docker image $IMAGE_WITH_TAG will be deployed on Dockerhub."
  echo "==========================================================="
-  docker build -t $IMAGE_NAME .
  docker tag $IMAGE_NAME $IMAGE_WITH_TAG;
  docker push $IMAGE_WITH_TAG;
  echo "Docker image deployed successfully."
--- a/scripts/authelia-scripts-test
+++ b/scripts/authelia-scripts-test
@ -9,10 +9,9 @@ program
  .option('--headless', 'Run in headless mode.')
  .parse(process.argv);

-let suite;
 let withServer = false;
 let args = [];
-const ENVIRONMENT_FILENAME = '.suite';
+const ENVIRONMENT_FILENAME = '.suite'; // This file is created by the start command.

 if (fs.existsSync(ENVIRONMENT_FILENAME)) {
  const suite = fs.readFileSync(ENVIRONMENT_FILENAME);
--- a/scripts/authelia-scripts-travis
+++ b/scripts/authelia-scripts-travis
@ -15,6 +15,9 @@ authelia-scripts build
 # Run unit tests
 authelia-scripts unittest

+# Build the docker image
+authelia-scripts docker build
+
 # Run integration tests
 authelia-scripts test --headless test/suites/**/*.ts

--- a/scripts/example-commit/dc-example.sh
+++ b/scripts/example-commit/dc-example.sh
@ -1,14 +0,0 @@
-#!/bin/bash
-
-set -e
-
-docker-compose \
-  -f docker-compose.yml \
-  -f example/compose/docker-compose.base.yml \
-  -f example/compose/mongo/docker-compose.yml \
-  -f example/compose/redis/docker-compose.yml \
-  -f example/compose/nginx/backend/docker-compose.yml \
-  -f example/compose/nginx/portal/docker-compose.yml \
-  -f example/compose/smtp/docker-compose.yml \
-  -f example/compose/httpbin/docker-compose.yml \
-  -f example/compose/ldap/docker-compose.yml $*
--- a/scripts/example-commit/deploy-example.sh
+++ b/scripts/example-commit/deploy-example.sh
@ -1,6 +0,0 @@
-#!/bin/bash
-
-DC_SCRIPT=./scripts/example-commit/dc-example.sh
-
-$DC_SCRIPT build
-$DC_SCRIPT up -d httpbin mongo redis openldap authelia smtp nginx-portal nginx-backend
--- a/scripts/example-commit/undeploy-example.sh
+++ b/scripts/example-commit/undeploy-example.sh
@ -1,5 +0,0 @@
-#!/bin/bash
-
-DC_SCRIPT=./scripts/example-commit/dc-example.sh
-
-$DC_SCRIPT down
--- a/scripts/utils/docker.js
+++ b/scripts/utils/docker.js
@ -0,0 +1,5 @@
+
+
+module.exports = {
+  IMAGE_NAME: 'clems4ever/authelia'
+}
--- a/scripts/utils/exec.js
+++ b/scripts/utils/exec.js
@ -0,0 +1,21 @@
+var spawn = require('child_process').spawn;
+
+function exec(cmd) {
+  return new Promise((resolve, reject) => {
+    const command = spawn(cmd, {
+      shell: true
+    });
+    command.stdout.pipe(process.stdout);
+    command.stderr.pipe(process.stderr);
+
+    command.on('exit', function(statusCode) {
+      if (statusCode != 0) {
+        reject(new Error('Exited with status ' + statusCode));
+        return;
+      }
+      resolve();
+    })
+  })
+}
+
+module.exports = { exec }
--- a/test/suites/complete/index.ts
+++ b/test/suites/complete/index.ts
@ -8,6 +8,10 @@ import BasicAuthentication from "./scenarii/BasicAuthentication";
 import AutheliaRestart from "./scenarii/AutheliaRestart";
 import AuthenticationRegulation from "./scenarii/AuthenticationRegulation";

+before(function() {
+
+});
+
 AutheliaSuite('Complete configuration', __dirname + '/config.yml', function() {
  this.timeout(10000);

--- a/test/suites/docker/config.yml
+++ b/test/suites/docker/config.yml
@ -0,0 +1,110 @@
+###############################################################
+#                Authelia minimal configuration               #
+###############################################################
+
+port: 9091
+
+logs_level: debug
+
+default_redirection_url: https://home.example.com:8080/
+
+authentication_backend:
+  file:
+    path: ./users_database.yml
+
+session:
+  secret: unsecure_session_secret
+  domain: example.com
+  inactivity: 5000
+  expiration: 8000
+
+# Configuration of the storage backend used to store data and secrets. i.e. totp data
+storage:
+  local:
+    path: /tmp/authelia/db
+
+# TOTP Issuer Name
+#
+# This will be the issuer name displayed in Google Authenticator
+# See: https://github.com/google/google-authenticator/wiki/Key-Uri-Format for more info on issuer names
+totp:
+  issuer: example.com
+
+# Access Control
+#
+# Access control is a set of rules you can use to restrict user access to certain 
+# resources.
+access_control:
+  # Default policy can either be `bypass`, `one_factor`, `two_factor` or `deny`.
+  default_policy: deny
+
+  rules:
+    - domain: single_factor.example.com
+      policy: one_factor
+
+    - domain: '*.example.com'
+      subject: "group:admins"
+      policy: two_factor
+
+    - domain: dev.example.com
+      resources:
+        - '^/users/john/.*$' 
+      subject: "user:john"
+      policy: two_factor
+
+    - domain: dev.example.com
+      resources:
+        - '^/users/harry/.*$'
+      subject: "user:harry"
+      policy: two_factor
+
+    - domain: '*.mail.example.com'
+      subject: "user:bob"
+      policy: two_factor
+
+    - domain: dev.example.com
+      resources:
+        - '^/users/bob/.*$'
+      subject: "user:bob"
+      policy: two_factor
+
+
+# Configuration of the authentication regulation mechanism.
+regulation: 
+  # Set it to 0 to disable max_retries.
+  max_retries: 3
+
+  # The user is banned if the authenticaction failed `max_retries` times in a `find_time` seconds window. 
+  find_time: 10
+
+  # The length of time before a banned user can login again.
+  ban_time: 5
+
+# Default redirection URL
+#
+# Note: this parameter is optional. If not provided, user won't
+# be redirected upon successful authentication.
+#default_redirection_url: https://authelia.example.domain
+
+notifier:
+  # For testing purpose, notifications can be sent in a file
+  # filesystem:
+  #   filename: /tmp/authelia/notification.txt
+
+  # Use your email account to send the notifications. You can use an app password.
+  # List of valid services can be found here: https://nodemailer.com/smtp/well-known/  
+  ## email:
+  ##   username: user@example.com
+  ##   password: yourpassword
+  ##   sender: admin@example.com
+  ##   service: gmail
+  
+  # Use a SMTP server for sending notifications
+  smtp:
+    username: test
+    password: password
+    secure: false
+    host: 127.0.0.1
+    port: 1025
+    sender: admin@example.com
+
--- a/test/suites/docker/index.ts
+++ b/test/suites/docker/index.ts
@ -0,0 +1,27 @@
+import ChildProcess from 'child_process';
+import Bluebird from 'bluebird';
+import Assert from 'assert';
+
+const execAsync = Bluebird.promisify<string, string>(ChildProcess.exec);
+
+function sleep(ms: number) {
+  return new Promise(resolve => setTimeout(resolve, ms));
+}
+
+describe('Test docker container can run', function() {
+  this.timeout(15000);
+
+  before(async function() {
+    await execAsync('docker run -d -v $(pwd)/config.yml:/etc/authelia/config.yml --name authelia-test clems4ever/authelia');
+  });
+  
+  after(async function() {
+    await execAsync('docker rm -f authelia-test');
+  });
+  
+  it('should be running', async function() {
+    await sleep(5000);
+    const output: string = await execAsync('docker ps -a | grep "authelia-test"');
+    Assert(output.match(new RegExp('Up [0-9] seconds')));
+  });
+});