Better integrate Docker related commands in authelia-scripts.

.travis.yml

@@ -35,7 +35,7 @@ before_script:
 script:
 - "./scripts/authelia-scripts travis"
 after_success:
-- "./scripts/authelia-scripts publish-docker"
+- "./scripts/authelia-scripts docker publish"
 
 deploy:
   provider: npm

scripts/authelia-scripts

@@ -14,8 +14,7 @@ program
 
   .command('travis', 'Build and test Authelia on Travis.')
   .command('hash-password <password>', 'Hash a password with SSHA512.')
-  .command('build-docker', 'Build Docker image containing production version of Authelia.')
+  .command('docker', 'Docker related commands.')
-  .command('publish-docker', 'Publish Docker image containing production version of Authelia to Dockerhub.')
   .parse(process.argv);
 
 

scripts/authelia-scripts-build-docker

@@ -1,3 +0,0 @@
-#!/bin/bash
-
-docker build -t clems4ever/authelia .

scripts/authelia-scripts-docker

@@ -0,0 +1,8 @@
+#!/usr/bin/env node
+
+var program = require('commander');
+
+program
+  .command('build', 'Build docker image clems4ever/authelia.')
+  .command('publish', 'Publish image clems4ever/authelia to Dockerhub.')
+  .parse(process.argv);

scripts/authelia-scripts-docker-build

@@ -0,0 +1,10 @@
+#!/usr/bin/env node
+
+var { exec } = require('./utils/exec');
+var { IMAGE_NAME } = require('./utils/docker');
+
+async function main() {
+  await exec(`docker build -t ${IMAGE_NAME} .`);
+}
+
+main();

scripts/authelia-scripts-docker-publish

@@ -21,7 +21,6 @@ function deploy_on_dockerhub {
   echo "==========================================================="
   echo "Docker image $IMAGE_WITH_TAG will be deployed on Dockerhub."
   echo "==========================================================="
-  docker build -t $IMAGE_NAME .
   docker tag $IMAGE_NAME $IMAGE_WITH_TAG;
   docker push $IMAGE_WITH_TAG;
   echo "Docker image deployed successfully."

scripts/authelia-scripts-test

@@ -9,10 +9,9 @@ program
   .option('--headless', 'Run in headless mode.')
   .parse(process.argv);
 
-let suite;
 let withServer = false;
 let args = [];
-const ENVIRONMENT_FILENAME = '.suite';
+const ENVIRONMENT_FILENAME = '.suite'; // This file is created by the start command.
 
 if (fs.existsSync(ENVIRONMENT_FILENAME)) {
   const suite = fs.readFileSync(ENVIRONMENT_FILENAME);

scripts/authelia-scripts-travis

@@ -15,6 +15,9 @@ authelia-scripts build
 # Run unit tests
 authelia-scripts unittest
 
+# Build the docker image
+authelia-scripts docker build
+
 # Run integration tests
 authelia-scripts test --headless test/suites/**/*.ts
 

scripts/example-commit/dc-example.sh

@@ -1,14 +0,0 @@
-#!/bin/bash
-
-set -e
-
-docker-compose \
-  -f docker-compose.yml \
-  -f example/compose/docker-compose.base.yml \
-  -f example/compose/mongo/docker-compose.yml \
-  -f example/compose/redis/docker-compose.yml \
-  -f example/compose/nginx/backend/docker-compose.yml \
-  -f example/compose/nginx/portal/docker-compose.yml \
-  -f example/compose/smtp/docker-compose.yml \
-  -f example/compose/httpbin/docker-compose.yml \
-  -f example/compose/ldap/docker-compose.yml $*

scripts/example-commit/deploy-example.sh

@@ -1,6 +0,0 @@
-#!/bin/bash
-
-DC_SCRIPT=./scripts/example-commit/dc-example.sh
-
-$DC_SCRIPT build
-$DC_SCRIPT up -d httpbin mongo redis openldap authelia smtp nginx-portal nginx-backend

scripts/example-commit/undeploy-example.sh

@@ -1,5 +0,0 @@
-#!/bin/bash
-
-DC_SCRIPT=./scripts/example-commit/dc-example.sh
-
-$DC_SCRIPT down

scripts/utils/docker.js

@@ -0,0 +1,5 @@
+
+
+module.exports = {
+  IMAGE_NAME: 'clems4ever/authelia'
+}

scripts/utils/exec.js

@@ -0,0 +1,21 @@
+var spawn = require('child_process').spawn;
+
+function exec(cmd) {
+  return new Promise((resolve, reject) => {
+    const command = spawn(cmd, {
+      shell: true
+    });
+    command.stdout.pipe(process.stdout);
+    command.stderr.pipe(process.stderr);
+
+    command.on('exit', function(statusCode) {
+      if (statusCode != 0) {
+        reject(new Error('Exited with status ' + statusCode));
+        return;
+      }
+      resolve();
+    })
+  })
+}
+
+module.exports = { exec }

test/suites/complete/index.ts

@@ -8,6 +8,10 @@ import BasicAuthentication from "./scenarii/BasicAuthentication";
 import AutheliaRestart from "./scenarii/AutheliaRestart";
 import AuthenticationRegulation from "./scenarii/AuthenticationRegulation";
 
+before(function() {
+
+});
+
 AutheliaSuite('Complete configuration', __dirname + '/config.yml', function() {
   this.timeout(10000);
 

test/suites/docker/config.yml

@@ -0,0 +1,110 @@
+###############################################################
+#                Authelia minimal configuration               #
+###############################################################
+
+port: 9091
+
+logs_level: debug
+
+default_redirection_url: https://home.example.com:8080/
+
+authentication_backend:
+  file:
+    path: ./users_database.yml
+
+session:
+  secret: unsecure_session_secret
+  domain: example.com
+  inactivity: 5000
+  expiration: 8000
+
+# Configuration of the storage backend used to store data and secrets. i.e. totp data
+storage:
+  local:
+    path: /tmp/authelia/db
+
+# TOTP Issuer Name
+#
+# This will be the issuer name displayed in Google Authenticator
+# See: https://github.com/google/google-authenticator/wiki/Key-Uri-Format for more info on issuer names
+totp:
+  issuer: example.com
+
+# Access Control
+#
+# Access control is a set of rules you can use to restrict user access to certain 
+# resources.
+access_control:
+  # Default policy can either be `bypass`, `one_factor`, `two_factor` or `deny`.
+  default_policy: deny
+
+  rules:
+    - domain: single_factor.example.com
+      policy: one_factor
+
+    - domain: '*.example.com'
+      subject: "group:admins"
+      policy: two_factor
+
+    - domain: dev.example.com
+      resources:
+        - '^/users/john/.*$' 
+      subject: "user:john"
+      policy: two_factor
+
+    - domain: dev.example.com
+      resources:
+        - '^/users/harry/.*$'
+      subject: "user:harry"
+      policy: two_factor
+
+    - domain: '*.mail.example.com'
+      subject: "user:bob"
+      policy: two_factor
+
+    - domain: dev.example.com
+      resources:
+        - '^/users/bob/.*$'
+      subject: "user:bob"
+      policy: two_factor
+
+
+# Configuration of the authentication regulation mechanism.
+regulation: 
+  # Set it to 0 to disable max_retries.
+  max_retries: 3
+
+  # The user is banned if the authenticaction failed `max_retries` times in a `find_time` seconds window. 
+  find_time: 10
+
+  # The length of time before a banned user can login again.
+  ban_time: 5
+
+# Default redirection URL
+#
+# Note: this parameter is optional. If not provided, user won't
+# be redirected upon successful authentication.
+#default_redirection_url: https://authelia.example.domain
+
+notifier:
+  # For testing purpose, notifications can be sent in a file
+  # filesystem:
+  #   filename: /tmp/authelia/notification.txt
+
+  # Use your email account to send the notifications. You can use an app password.
+  # List of valid services can be found here: https://nodemailer.com/smtp/well-known/  
+  ## email:
+  ##   username: user@example.com
+  ##   password: yourpassword
+  ##   sender: admin@example.com
+  ##   service: gmail
+  
+  # Use a SMTP server for sending notifications
+  smtp:
+    username: test
+    password: password
+    secure: false
+    host: 127.0.0.1
+    port: 1025
+    sender: admin@example.com
+

test/suites/docker/index.ts

@@ -0,0 +1,27 @@
+import ChildProcess from 'child_process';
+import Bluebird from 'bluebird';
+import Assert from 'assert';
+
+const execAsync = Bluebird.promisify<string, string>(ChildProcess.exec);
+
+function sleep(ms: number) {
+  return new Promise(resolve => setTimeout(resolve, ms));
+}
+
+describe('Test docker container can run', function() {
+  this.timeout(15000);
+
+  before(async function() {
+    await execAsync('docker run -d -v $(pwd)/config.yml:/etc/authelia/config.yml --name authelia-test clems4ever/authelia');
+  });
+  
+  after(async function() {
+    await execAsync('docker rm -f authelia-test');
+  });
+  
+  it('should be running', async function() {
+    await sleep(5000);
+    const output: string = await execAsync('docker ps -a | grep "authelia-test"');
+    Assert(output.match(new RegExp('Up [0-9] seconds')));
+  });
+});