import ./make-test-python.nix ( { lib, pkgs, ... }: let # this is a demo user created by IDM_CREATE_DEMO_USERS=true demoUser = "einstein"; demoPassword = "relativity"; adminUser = "admin"; adminPassword = "hunter2"; testRunner = pkgs.writers.writePython3Bin "test-runner" { libraries = [ pkgs.python3Packages.selenium ]; flakeIgnore = [ "E501" ]; } '' import sys from selenium.webdriver.common.by import By from selenium.webdriver import Firefox from selenium.webdriver.firefox.options import Options from selenium.webdriver.support.ui import WebDriverWait from selenium.webdriver.support import expected_conditions as EC options = Options() options.add_argument('--headless') driver = Firefox(options=options) user = sys.argv[1] password = sys.argv[2] driver.implicitly_wait(20) driver.get('https://localhost:9200/login') wait = WebDriverWait(driver, 10) wait.until(EC.title_contains("Sign in")) driver.find_element(By.XPATH, '//*[@id="oc-login-username"]').send_keys(user) driver.find_element(By.XPATH, '//*[@id="oc-login-password"]').send_keys(password) driver.find_element(By.XPATH, '//*[@id="root"]//button').click() wait.until(EC.title_contains("Personal")) ''; # This was generated with `ocis init --config-path testconfig/ --admin-password "hunter2" --insecure true`. testConfig = '' token_manager: jwt_secret: kaKYgfso*d9GA-yTM.&BTOUEuMz%Ai0H machine_auth_api_key: sGWRG1JZ&qe&pe@N1HKK4#qH*B&@xLnO system_user_api_key: h+m4aHPUtOtUJFKrc5B2=04C=7fDZaT- transfer_secret: 4-R6AfUjQn0P&+h2+$skf0lJqmre$j=x system_user_id: db180e0a-b38a-4edf-a4cd-a3d358248537 admin_user_id: ea623f50-742d-4fd0-95bb-c61767b070d4 graph: application: id: 11971eab-d560-4b95-a2d4-50726676bbd0 events: tls_insecure: true spaces: insecure: true identity: ldap: bind_password: ^F&Vn7@mYGYGuxr$#qm^gGy@FVq=.w=y service_account: service_account_id: df39a290-3f3e-4e39-b67b-8b810ca2abac service_account_secret: .demKypQ$=pGl+yRar!#YaFjLYCr4YwE idp: ldap: bind_password: bv53IjS28x.nxth*%aRbE70%4TGNXbLU idm: service_user_passwords: admin_password: hunter2 idm_password: ^F&Vn7@mYGYGuxr$#qm^gGy@FVq=.w=y reva_password: z-%@fWipLliR8lD#fl.0teC#9QbhJ^eb idp_password: bv53IjS28x.nxth*%aRbE70%4TGNXbLU proxy: oidc: insecure: true insecure_backends: true service_account: service_account_id: df39a290-3f3e-4e39-b67b-8b810ca2abac service_account_secret: .demKypQ$=pGl+yRar!#YaFjLYCr4YwE frontend: app_handler: insecure: true archiver: insecure: true service_account: service_account_id: df39a290-3f3e-4e39-b67b-8b810ca2abac service_account_secret: .demKypQ$=pGl+yRar!#YaFjLYCr4YwE auth_basic: auth_providers: ldap: bind_password: z-%@fWipLliR8lD#fl.0teC#9QbhJ^eb auth_bearer: auth_providers: oidc: insecure: true users: drivers: ldap: bind_password: z-%@fWipLliR8lD#fl.0teC#9QbhJ^eb groups: drivers: ldap: bind_password: z-%@fWipLliR8lD#fl.0teC#9QbhJ^eb ocdav: insecure: true ocm: service_account: service_account_id: df39a290-3f3e-4e39-b67b-8b810ca2abac service_account_secret: .demKypQ$=pGl+yRar!#YaFjLYCr4YwE thumbnails: thumbnail: transfer_secret: 2%11!zAu*AYE&=d*8dfoZs8jK&5ZMm*% webdav_allow_insecure: true cs3_allow_insecure: true search: events: tls_insecure: true service_account: service_account_id: df39a290-3f3e-4e39-b67b-8b810ca2abac service_account_secret: .demKypQ$=pGl+yRar!#YaFjLYCr4YwE audit: events: tls_insecure: true settings: service_account_ids: - df39a290-3f3e-4e39-b67b-8b810ca2abac sharing: events: tls_insecure: true storage_users: events: tls_insecure: true mount_id: ef72cb8b-809c-4592-bfd2-1df603295205 service_account: service_account_id: df39a290-3f3e-4e39-b67b-8b810ca2abac service_account_secret: .demKypQ$=pGl+yRar!#YaFjLYCr4YwE notifications: notifications: events: tls_insecure: true service_account: service_account_id: df39a290-3f3e-4e39-b67b-8b810ca2abac service_account_secret: .demKypQ$=pGl+yRar!#YaFjLYCr4YwE nats: nats: tls_skip_verify_client_cert: true gateway: storage_registry: storage_users_mount_id: ef72cb8b-809c-4592-bfd2-1df603295205 userlog: service_account: service_account_id: df39a290-3f3e-4e39-b67b-8b810ca2abac service_account_secret: .demKypQ$=pGl+yRar!#YaFjLYCr4YwE auth_service: service_account: service_account_id: df39a290-3f3e-4e39-b67b-8b810ca2abac service_account_secret: .demKypQ$=pGl+yRar!#YaFjLYCr4YwE clientlog: service_account: service_account_id: df39a290-3f3e-4e39-b67b-8b810ca2abac service_account_secret: .demKypQ$=pGl+yRar!#YaFjLYCr4YwE''; in { name = "ocis"; meta.maintainers = with lib.maintainers; [ bhankas ramblurr ]; nodes.machine = { config, ... }: { virtualisation.memorySize = 2048; environment.systemPackages = [ pkgs.firefox-unwrapped pkgs.geckodriver testRunner ]; # if you do this in production, dont put secrets in this file because it will be written to the world readable nix store environment.etc."ocis/ocis.env".text = '' ADMIN_PASSWORD=${adminPassword} IDM_CREATE_DEMO_USERS=true ''; # if you do this in production, dont put secrets in this file because it will be written to the world readable nix store environment.etc."ocis/config/ocis.yaml".text = testConfig; services.ocis = { enable = true; configDir = "/etc/ocis/config"; environment = { OCIS_INSECURE = "true"; }; environmentFile = "/etc/ocis/ocis.env"; }; }; testScript = '' start_all() machine.wait_for_unit("ocis.service") machine.wait_for_open_port(9200) # wait for ocis to fully come up machine.sleep(5) with subtest("ocis bin works"): machine.succeed("${lib.getExe pkgs.ocis-bin} version") with subtest("use the web interface to log in with a demo user"): machine.succeed("PYTHONUNBUFFERED=1 systemd-cat -t test-runner test-runner ${demoUser} ${demoPassword}") with subtest("use the web interface to log in with the provisioned admin user"): machine.succeed("PYTHONUNBUFFERED=1 systemd-cat -t test-runner test-runner ${adminUser} ${adminPassword}") ''; } )