Formulas testing revision 2019/10
Related: PROD-32744
Related: PROD-33634
Related: PROD-33698
Change-Id: I00e4f38071d4ec962e7a318774bd0dec9eab1fd6
diff --git a/.kitchen.docker.yml b/.kitchen.docker.yml
deleted file mode 100644
index e092b55..0000000
--- a/.kitchen.docker.yml
+++ /dev/null
@@ -1,50 +0,0 @@
----
-driver:
- name: docker
- hostname: keycloak.ci.local
- #socket: tcp://127.0.0.1:2376
- use_sudo: false
-
-
-
-provisioner:
- name: salt_solo
- salt_install: bootstrap
- salt_bootstrap_url: https://bootstrap.saltstack.com
- salt_version: latest
- require_chef: false
- formula: keycloak
- log_level: info
- state_top:
- base:
- "*":
- - keycloak
- pillars:
- top.sls:
- base:
- "*":
- - keycloak
- grains:
- noservices: True
-
-
-platforms:
- - name: <%=ENV['PLATFORM'] || 'saltstack-ubuntu-xenial-salt-stable' %>
- driver_config:
- image: <%=ENV['PLATFORM'] || 'epcim/salt-formulas:saltstack-ubuntu-xenial-salt-stable'%>
- platform: ubuntu
-
-
-verifier:
- name: inspec
- sudo: true
-
-
-suites:
-
- - name: server
- provisioner:
- pillars-from-files:
- keycloak.sls: tests/pillar/server.sls
-
-# vim: ft=yaml sw=2 ts=2 sts=2 tw=125
diff --git a/.kitchen.openstack.yml b/.kitchen.openstack.yml
deleted file mode 100644
index 6dbf7b2..0000000
--- a/.kitchen.openstack.yml
+++ /dev/null
@@ -1,41 +0,0 @@
-
-# usage: `KITCHEN_LOCAL_YAML=.kitchen.openstack.yml kitchen test`
-
-# https://docs.chef.io/config_yml_kitchen.html
-# https://github.com/test-kitchen/kitchen-openstack
-
----
-driver:
- name: openstack
- openstack_auth_url: <%= ENV['OS_AUTH_URL'] %>/tokens
- openstack_username: <%= ENV['OS_USERNAME'] || 'ci' %>
- openstack_api_key: <%= ENV['OS_PASSWORD'] || 'ci' %>
- openstack_tenant: <%= ENV['OS_TENANT_NAME'] || 'ci_jenkins' %>
-
- #floating_ip_pool: <%= ENV['OS_FLOATING_IP_POOL'] || 'nova' %>
- key_name: <%= ENV['BOOTSTRAP_SSH_KEY_NAME'] || 'bootstrap_insecure' %>
- private_key_path: <%= ENV['BOOTSTRAP_SSH_KEY_PATH'] || "#{ENV['HOME']}/.ssh/id_rsa_bootstrap_insecure" %>
-
-
-platforms:
- - name: ubuntu-14.04
- driver:
- username: <%= ENV['OS_UBUNTU_IMAGE_USER'] || 'root' %>
- image_ref: <%= ENV['OS_UBUNTU_IMAGE_REF'] || 'ubuntu-14-04-x64-1455869035' %>
- flavor_ref: m1.medium
- network_ref:
- <% if ENV['OS_NETWORK_REF'] -%>
- - <% ENV['OS_NETWORK_REF'] %>
- <% else -%>
- - ci-net
- <% end -%>
- # force update apt cache on the image
- run_list:
- - recipe[apt]
- attributes:
- apt:
- compile_time_update: true
-transport:
- username: <%= ENV['OS_UBUNTU_IMAGE_USER'] || 'root' %>
-
-# vim: ft=yaml sw=2 ts=2 sts=2 tw=125
diff --git a/.kitchen.vagrant.yml b/.kitchen.vagrant.yml
deleted file mode 100644
index 16365a3..0000000
--- a/.kitchen.vagrant.yml
+++ /dev/null
@@ -1,30 +0,0 @@
----
-driver:
- name: vagrant
- vm_hostname: keycloak.ci.local
- use_sudo: false
- customize:
- memory: 512
-
-
-provisioner:
- name: salt_solo
- salt_install: bootstrap
- salt_bootstrap_url: https://bootstrap.saltstack.com
- salt_version: latest
- require_chef: false
- formula: keycloak
- log_level: info
- state_top:
- base:
- "*":
- - keycloak
- pillars:
- top.sls:
- base:
- "*":
- - keycloak
- grains:
- noservices: True
-
-# vim: ft=yaml sw=2 ts=2 sts=2 tw=125
diff --git a/.kitchen.yml b/.kitchen.yml
new file mode 100644
index 0000000..949bc7b
--- /dev/null
+++ b/.kitchen.yml
@@ -0,0 +1,57 @@
+---
+driver:
+ name: docker
+ hostname: keycloak.ci.local
+ #socket: tcp://127.0.0.1:2376
+ use_sudo: false
+
+provisioner:
+ name: salt_solo
+ salt_install: bootstrap
+ salt_bootstrap_url: https://bootstrap.saltstack.com
+ salt_version: latest
+ require_chef: false
+ formula: keycloak
+ log_level: info
+ state_top:
+ base:
+ "*":
+ - keycloak
+ pillars:
+ top.sls:
+ base:
+ "*":
+ - keycloak
+ grains:
+ noservices: True
+
+docker_images:
+ - &xenial-20177 <%=ENV['IMAGE_XENIAL_20177'] || 'docker-dev-local.docker.mirantis.net/mirantis/drivetrain/salt-formulas-ci/salt-formulas-ci-xenial-2017.7:latest'%>
+
+platforms:
+ - name: xenial-2017.7
+ driver_config:
+ image: *xenial-20177
+ platform: ubuntu
+
+verifier:
+ name: inspec
+ sudo: true
+
+suites:
+ - name: server-ldap
+ provisioner:
+ pillars-from-files:
+ keycloak.sls: tests/pillar/server_ldap.sls
+
+ - name: server-single
+ provisioner:
+ pillars-from-files:
+ keycloak.sls: tests/pillar/server_single.sls
+
+ - name: proxy-single
+ provisioner:
+ pillars-from-files:
+ keycloak.sls: tests/pillar/server_single.sls
+
+# vim: ft=yaml sw=2 ts=2 sts=2 tw=125
diff --git a/.travis.yml b/.travis.yml
deleted file mode 100644
index 82a1477..0000000
--- a/.travis.yml
+++ /dev/null
@@ -1,47 +0,0 @@
-sudo: required
-services:
- - docker
-
-addons:
- apt:
- packages:
- - apt-transport-https
-
-install:
- - pip install PyYAML
- - pip install virtualenv
- - |
- test -e Gemfile || cat <<EOF > Gemfile
- source 'https://rubygems.org'
- gem 'rake'
- gem 'test-kitchen'
- gem 'kitchen-docker'
- gem 'kitchen-inspec'
- gem 'inspec', '<3.0.0'
- #Version was frozen, because of issues in the version of inspec >3.0.0 -- see https://mirantis.jira.com/browse/PROD-24324 for more info
- gem 'kitchen-salt' #, :git => 'https://github.com/salt-formulas/kitchen-salt.git'
- - bundle install
-
-env:
- - PLATFORM=epcim/salt-formulas:saltstack-ubuntu-xenial-salt-2017.7
- - PLATFORM=epcim/salt-formulas:saltstack-ubuntu-xenial-salt-2016.3
-# - PLATFORM=epcim/salt-formulas:saltstack-ubuntu-bionic-salt-2017.7
-
-before_script:
- - set -o pipefail
- - make test | tail
-
-script:
- - test ! -e .kitchen.yml || bundle exec kitchen converge ${SUITE} || true
- - test ! -e .kitchen.yml || bundle exec kitchen verify ${SUITE} -t tests/integration
-
-notifications:
- webhooks:
- urls:
- - https://webhooks.gitter.im/e/6123573504759330786b
- on_success: change # options: [always|never|change] default: always
- on_failure: never # options: [always|never|change] default: always
- on_start: never # options: [always|never|change] default: always
- on_cancel: never # options: [always|never|change] default: always
- on_error: never # options: [always|never|change] default: always
- email: false
diff --git a/keycloak/schemas/server.yaml b/keycloak/schemas/server.yaml
index 67b8d31..29b76bf 100644
--- a/keycloak/schemas/server.yaml
+++ b/keycloak/schemas/server.yaml
@@ -15,3 +15,7 @@
description: |
Enables keycloak daemon service
type: boolean
+ realm:
+ description: Defines realm
+ type: object
+ additionalProperties: true
diff --git a/tests/pillar/server_ldap.sls b/tests/pillar/server_ldap.sls
new file mode 100644
index 0000000..2601089
--- /dev/null
+++ b/tests/pillar/server_ldap.sls
@@ -0,0 +1,102 @@
+keycloak:
+ server:
+ enabled: true
+ realm:
+ ldap-realm:
+ enabled: true
+ id: ldap-realm
+ additional_params:
+ registrationAllowed: false
+ registrationEmailAsUsername: false
+ resetPasswordAllowed: false
+ accessTokenLifespan: 60
+ ssoSessionIdleTimeout: 600
+ client:
+ ldap-app:
+ enabled: true
+ base_url: /ldap-portal
+ redirect_uris:
+ - /ldap-portal/*
+ web_origins:
+ - "*"
+ public_client: false
+ admin_url: /ldap-portal
+ secret: password
+ protocol_mapper:
+ oidc-usermodel-property-mapper:
+ username:
+ name: username
+ user_attribute: username
+ claim_name: preferred_username
+ given_name:
+ name: given name
+ user_attribute: firstName
+ claim_name: given_name
+ family_name:
+ name: family name
+ user_attribute: lastName
+ claim_name: family_name
+ email:
+ name: email
+ user_attribute: email
+ claim_name: email
+ oidc-full-name-mapper:
+ full_name:
+ name: full_name
+ federation_provider:
+ ldap:
+ display_name: ldap-server
+ users_dn: ou=people,dc=keycloak,dc=org
+ user_object_classes: inetOrgPerson, organizationalPerson
+ username_ldap_attribute: uid
+ bind_dn: cn=admin,dc=keycloak,dc=org
+ bind_credential: password
+ rdn_ldap_attribute: uid
+ edit_mode: READ_ONLY
+ uuid_ldap_attribute: entryUUID
+ connection_url: ldap://localhost:10389
+ sync_registrations: false
+ federation_mapper:
+ user-attribute-ldap-mapper:
+ username:
+ name: username
+ provider_display_name: ldap-server
+ ldap_attribute: uid
+ model_attribute: username
+ mandatory: true
+ read_only: false
+ always_read: false
+ first_name:
+ name: first name
+ provider_display_name: ldap-server
+ ldap_attribute: cn
+ model_attribute: firstName
+ mandatory: true
+ read_only: false
+ always_read: false
+ last_name:
+ name: last name
+ provider_display_name: ldap-server
+ ldap_attribute: sn
+ model_attribute: lastName
+ mandatory: true
+ read_only: false
+ always_read: false
+ email:
+ name: email
+ provider_display_name: ldap-server
+ ldap_attribute: mail
+ model_attribute: email
+ mandatory: false
+ read_only: false
+ always_read: false
+ role-ldap-mapper:
+ realm_roles:
+ name: realm roles
+ provider_display_name: ldap-server
+ roles_dn: ou=groups,dc=cicd,dc=local
+ membership_ldap_attribute: member
+ role_name_ldap_attribute: cn
+ role_object_classes: groupOfNames
+ mode: LDAP_ONLY
+ realm_roles_mapping: true
diff --git a/tests/pillar/server_single.sls b/tests/pillar/server_single.sls
index 8fba554..1cf9015 100644
--- a/tests/pillar/server_single.sls
+++ b/tests/pillar/server_single.sls
@@ -1,3 +1,3 @@
keycloak:
server:
- enabled: true
+ enabled: true
\ No newline at end of file