[POC] Tests for parallel deployment

add owncloud-selector cookie working tests remove unused files build ocis from source branch check users in ldap, oc10 and ocis update proxy config use ocis selector initially build ocis from source use ocis latest image buil ocis from source refactor fix test run script user 33 and alpine image for ocis server delete local compose files run tests with ocis latest refactor drone config [volumes] Run each suite in a pipeline refactor namings use run.sh to run tests move TestHelpers folder reuse behat context params refactor to use contexts and helpers from core repo remove contexts and helpers added bootstrap file to bootstrap core's test files add api tag remove unnecessary code implement expected-failures file remove unnecessary confgs fix starlark style rename context file add nightly trigger refactor drone config generate trigger as per the event remove keycloak services
2026-05-02 00:44:53 -05:00 · 2021-11-19 12:59:30 +05:45
parent 0288ac8f11
commit 84db46e835
15 changed files with 1050 additions and 3 deletions
@@ -0,0 +1,2 @@
+!config
+output
@@ -0,0 +1,40 @@
+default:
+  autoload:
+    "": "%paths.base%/../features/bootstrap"
+
+  suites:
+    apiShareManagement:
+      paths:
+        - "%paths.base%/../features/apiShareManagement"
+      context: &common_ldap_suite_context
+        parameters:
+          ldapAdminPassword: admin
+          ldapUsersOU: TestUsers
+          ldapGroupsOU: TestGroups
+          ldapInitialUserFilePath: /ldap_users_groups.ldif
+      contexts:
+        - ParallelContext:
+        - FeatureContext: &common_feature_context_params
+            baseUrl: https://ocis:9200
+            adminUsername: admin
+            adminPassword: admin
+            regularUserPassword: 1234
+            ocPath: apps/testing/api/v1/occ
+        - OccContext:
+
+    apiWebdavOperations:
+      paths:
+        - "%paths.base%/../features/apiWebdavOperations"
+      context: *common_ldap_suite_context
+      contexts:
+        - ParallelContext:
+        - FeatureContext: *common_feature_context_params
+
+  extensions:
+    jarnaiz\JUnitFormatter\JUnitFormatterExtension:
+      filename: report.xml
+      outputDir: "%paths.base%/../output/"
+
+    rdx\behatvars\BehatVariablesExtension: ~
+
+    Cjm\Behat\StepThroughExtension: ~
@@ -0,0 +1,7 @@
+dn: ou=TestUsers,dc=owncloud,dc=com
+objectClass: organizationalUnit
+ou: TestUsers
+
+dn: ou=TestGroups,dc=owncloud,dc=com
+objectClass: organizationalUnit
+ou: TestGroups
@@ -0,0 +1,10 @@
+# This LDIF files describes the ownCloud schema and can be used to
+# add two optional attributes: ownCloudQuota and ownCloudUUID
+# The ownCloudUUID is used to store a unique, non-reassignable, persistent identifier for users and groups
+dn: cn=owncloud,cn=schema,cn=config
+objectClass: olcSchemaConfig
+cn: owncloud
+olcAttributeTypes: ( 1.3.6.1.4.1.39430.1.1.1 NAME 'ownCloudQuota' DESC 'User Quota (e.g. 2 GB)' EQUALITY caseExactMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
+olcAttributeTypes: ( 1.3.6.1.4.1.39430.1.1.2 NAME 'ownCloudUUID' DESC 'A non-reassignable and persistent account ID)' EQUALITY uuidMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.1.16.1 SINGLE-VALUE )
+olcAttributeTypes: ( 1.3.6.1.4.1.39430.1.1.3 NAME 'ownCloudSelector' DESC 'A selector attribute for a route in the ownCloud Infinte Scale proxy)' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
+olcObjectClasses: ( 1.3.6.1.4.1.39430.1.2.1 NAME 'ownCloud' DESC 'ownCloud LDAP Schema' AUXILIARY MAY ( ownCloudQuota $ ownCloudUUID $ ownCloudSelector ) )
@@ -0,0 +1,33 @@
+#!/usr/bin/env bash
+echo "Writing custom config files..."
+
+# openidconnect
+gomplate \
+  -f /etc/templates/oidc.config.php \
+  -o ${OWNCLOUD_VOLUME_CONFIG}/oidc.config.php
+
+# we need at least version 2.1.0 of the oenidconnect app
+occ market:upgrade --major openidconnect
+occ app:enable openidconnect
+
+# user LDAP
+gomplate \
+  -f /etc/templates/ldap-config.tmpl.json \
+  -o ${OWNCLOUD_VOLUME_CONFIG}/ldap-config.json
+
+CONFIG=$(cat ${OWNCLOUD_VOLUME_CONFIG}/ldap-config.json)
+occ config:import <<< $CONFIG
+
+occ ldap:test-config "s01"
+occ app:enable user_ldap
+/bin/bash -c 'occ user:sync "OCA\User_LDAP\User_Proxy" -r -m remove'
+
+occ market:upgrade --major web
+occ app:enable web
+
+# enable testing app
+echo "Cloning and enabling testing app..."
+git clone --depth 1 https://github.com/owncloud/testing.git /var/www/owncloud/apps/testing
+occ app:enable testing
+
+true
@@ -0,0 +1,53 @@
+{
+  "apps": {
+    "user_ldap": {
+      "s01has_memberof_filter_support": "0",
+      "s01home_folder_naming_rule": "",
+      "s01last_jpegPhoto_lookup": "0",
+      "s01ldap_agent_password": "{{ .Env.STORAGE_LDAP_BIND_PASSWORD | base64.Encode }}",
+      "s01ldap_attributes_for_group_search": "",
+      "s01ldap_attributes_for_user_search": "{{ .Env.LDAP_USERATTRIBUTEFILTERS }}",
+      "s01ldap_backup_host": "",
+      "s01ldap_backup_port": "",
+      "s01ldap_base_groups": "{{ .Env.LDAP_BASE_DN }}",
+      "s01ldap_base_users": "{{ .Env.LDAP_BASE_DN }}",
+      "s01ldap_base": "{{ .Env.LDAP_BASE_DN }}",
+      "s01ldap_cache_ttl": "60",
+      "s01ldap_configuration_active": "1",
+      "s01ldap_display_name": "{{ .Env.LDAP_USER_SCHEMA_DISPLAYNAME }}",
+      "s01ldap_dn": "{{ .Env.STORAGE_LDAP_BIND_DN }}",
+      "s01ldap_dynamic_group_member_url": "",
+      "s01ldap_email_attr": "{{ .Env.LDAP_USER_SCHEMA_MAIL }}",
+      "s01ldap_experienced_admin": "1",
+      "s01ldap_expert_username_attr": "{{ .Env.LDAP_USER_SCHEMA_NAME_ATTR }}",
+      "s01ldap_expert_uuid_group_attr": "",
+      "s01ldap_expert_uuid_user_attr": "{{ .Env.LDAP_USER_SCHEMA_UID }}",
+      "s01ldap_group_display_name": "{{ .Env.LDAP_GROUP_SCHEMA_DISPLAYNAME }}",
+      "s01ldap_group_filter_mode": "0",
+      "s01ldap_group_filter": "{{ .Env.LDAP_GROUPFILTER }}",
+      "s01ldap_group_member_assoc_attribute": "{{ .Env.LDAP_GROUP_MEMBER_ASSOC_ATTR }}",
+      "s01ldap_groupfilter_groups": "",
+      "s01ldap_groupfilter_objectclass": "",
+      "s01ldap_host": "{{ .Env.LDAP_HOST }}",
+      "s01ldap_login_filter_mode": "0",
+      "s01ldap_login_filter": "{{ .Env.LDAP_LOGINFILTER }}",
+      "s01ldap_loginfilter_attributes": "",
+      "s01ldap_loginfilter_email": "1",
+      "s01ldap_loginfilter_username": "1",
+      "s01ldap_nested_groups": "0",
+      "s01ldap_override_main_server": "",
+      "s01ldap_paging_size": "100",
+      "s01ldap_port": "{{ .Env.LDAP_PORT }}",
+      "s01ldap_quota_attr": "",
+      "s01ldap_quota_def": "",
+      "s01ldap_tls": "0",
+      "s01ldap_turn_off_cert_check": "0",
+      "s01ldap_user_display_name_2": "",
+      "s01ldap_user_filter_mode": "0",
+      "s01ldap_userfilter_groups": "",
+      "s01ldap_userfilter_objectclass": "",
+      "s01ldap_userlist_filter": "{{ .Env.LDAP_USERFILTER }}",
+      "s01use_memberof_to_detect_membership": "1"
+    }
+  }
+}
@@ -0,0 +1,22 @@
+<?php
+
+# reference: https://doc.owncloud.com/server/admin_manual/configuration/user/oidc/
+
+function getOIDCConfigFromEnv() {
+	$config = [
+		'openid-connect' => [
+			'provider-url' => getenv('IDP_OIDC_ISSUER'),
+			'client-id' => 'oc10',
+			'client-secret' => getenv('IDP_OIDC_CLIENT_SECRET'),
+			'loginButtonName' => 'OpenId Connect',
+			'search-attribute' => 'preferred_username',
+			'mode' => 'userid',
+			'autoRedirectOnLoginPage' => true,
+			'insecure' => true,
+			'post_logout_redirect_uri' => 'https://' . getenv('CLOUD_DOMAIN'),
+		],
+	];
+	return $config;
+}
+
+$CONFIG = getOIDCConfigFromEnv();
@@ -0,0 +1,109 @@
+{
+  "log": {
+    "level": "PROXY_LOG_LEVEL"
+  },
+  "policy_selector": {
+    "claims": {
+      "default_policy": "oc10",
+      "unauthenticated_policy": "oc10"
+    }
+  },
+  "policies": [
+    {
+      "name": "ocis",
+      "routes": [
+        {
+          "endpoint": "/",
+          "backend": "http://localhost:9100"
+        },
+        {
+          "endpoint": "/.well-known/",
+          "backend": "http://localhost:9130"
+        },
+        {
+          "type": "regex",
+          "endpoint": "/ocs/v[12].php/cloud/user/signing-key",
+          "backend": "http://localhost:9110"
+        },
+        {
+          "endpoint": "/ocs/",
+          "backend": "http://localhost:9140"
+        },
+        {
+          "type": "query",
+          "endpoint": "/remote.php/?preview=1",
+          "backend": "http://localhost:9115"
+        },
+        {
+          "endpoint": "/remote.php/",
+          "backend": "http://localhost:9140"
+        },
+        {
+          "endpoint": "/dav/",
+          "backend": "http://localhost:9140"
+        },
+        {
+          "endpoint": "/webdav/",
+          "backend": "http://localhost:9140"
+        },
+        {
+          "endpoint": "/status.php",
+          "backend": "http://localhost:9140"
+        },
+        {
+          "endpoint": "/index.php/",
+          "backend": "http://localhost:9140"
+        },
+        {
+          "endpoint": "/index.php/login",
+          "backend": "http://localhost:9100"
+        },
+        {
+          "endpoint": "/login",
+          "backend": "http://localhost:9100"
+        },
+        {
+          "endpoint": "/data",
+          "backend": "http://localhost:9140"
+        },
+        {
+          "endpoint": "/graph/",
+          "backend": "http://localhost:9120"
+        },
+        {
+          "endpoint": "/app/",
+          "backend": "http://localhost:9140"
+        },
+        {
+          "endpoint": "/archiver",
+          "backend": "http://localhost:9140"
+        },
+        {
+          "endpoint": "/graph-explorer/",
+          "backend": "http://localhost:9135"
+        },
+        {
+          "endpoint": "/api/v0/settings",
+          "backend": "http://localhost:9190"
+        },
+        {
+          "endpoint": "/settings.js",
+          "backend": "http://localhost:9190"
+        }
+      ]
+    },
+    {
+      "name": "oc10",
+      "routes": [
+        {
+          "endpoint": "/",
+          "backend": "http://oc10:8080"
+        },
+        {
+          "endpoint": "/data",
+          "backend": "http://localhost:9140"
+        }
+      ]
+    }
+  ]
+}
@@ -0,0 +1,5 @@
+## Scenarios that are expected to fail in parallel deployment
+
+#### [[WIP] Add a SharesStorageProvider and an oc10 sql share manager](https://github.com/owncloud/ocis/pull/2232)
+
+- [apiShareManagement/acceptShares.feature:22](https://github.com/owncloud/ocis/blob/master/tests/parallelDeployAcceptance/features/apiShareManagement/acceptShares.feature#L22)
@@ -0,0 +1,30 @@
+# Sharing tests currently doesn't work
+# Accessing oc10 shares from ocis still WIP in PR #2232
+# https://github.com/owncloud/ocis/pull/2232
+@api
+Feature: sharing files and folders
+  As a user
+  I want to share files/folders with other users
+  So that I can give access to my files/folders to others
+
+
+  Background:
+    Given using "oc10" as owncloud selector
+    And the administrator has set the default folder for received shares to "Shares"
+    And auto-accept shares has been disabled
+    And using OCS API version "1"
+    And using new DAV path
+    And user "Alice" has been created with default attributes and without skeleton files
+    And user "Brian" has been created with default attributes and without skeleton files
+    And user "Alice" has uploaded file with content "ownCloud test text file" to "textfile.txt"
+
+
+  Scenario: accept a pending share
+    Given user "Alice" has shared folder "/textfile.txt" with user "Brian"
+    And using "ocis" as owncloud selector
+    When user "Brian" accepts share "/textfile.txt" offered by user "Alice" using the sharing API
+    Then the OCS status code should be "100"
+    And the HTTP status code should be "200"
+    And the sharing API should report to user "Brian" that these shares are in the accepted state
+      | path                 |
+      | /Shares/textfile.txt |
@@ -0,0 +1,146 @@
+@api
+Feature: download file
+  As a user
+  I want to be able to download files
+  So that I can work wih local copies of files on my client system
+
+  Background:
+    Given using "oc10" as owncloud selector
+    And user "Alice" has been created with default attributes and without skeleton files
+    And user "Alice" has uploaded file with content "ownCloud test text file" to "textfile.txt"
+
+
+  Scenario Outline: download a file
+    Given using "ocis" as owncloud selector
+    And using <dav_version> DAV path
+    When user "Alice" downloads file "textfile.txt" using the WebDAV API
+    Then the downloaded content should be "ownCloud test text file"
+    Examples:
+      | dav_version |
+      | old         |
+      | new         |
+
+
+  Scenario Outline: download a file with range
+    Given using "ocis" as owncloud selector
+    And using <dav_version> DAV path
+    When user "Alice" downloads file "textfile.txt" with range "bytes=0-7" using the WebDAV API
+    Then the downloaded content should be "ownCloud"
+    Examples:
+      | dav_version |
+      | old         |
+      | new         |
+
+
+  Scenario: Get the size of a file
+    Given using "ocis" as owncloud selector
+    When user "Alice" gets the size of file "textfile.txt" using the WebDAV API
+    Then the HTTP status code should be "207"
+    And the size of the file should be "23"
+
+
+  Scenario Outline: Download a file with comma in the filename
+    Given using <dav_version> DAV path
+    And user "Alice" has uploaded file with content "file with comma in filename" to <filename>
+    And using "ocis" as owncloud selector
+    When user "Alice" downloads file <filename> using the WebDAV API
+    Then the downloaded content should be "file with comma in filename"
+    Examples:
+      | dav_version | filename       |
+      | old         | "sample,1.txt" |
+      | old         | ",,,.txt"      |
+      | old         | ",,,.,"        |
+      | new         | "sample,1.txt" |
+      | new         | ",,,.txt"      |
+      | new         | ",,,.,"        |
+
+
+  Scenario Outline: download a file with single part ranges
+    Given using "ocis" as owncloud selector
+    And using <dav_version> DAV path
+    When user "Alice" downloads file "textfile.txt" with range "bytes=0-7" using the WebDAV API
+    Then the HTTP status code should be "206"
+    And the following headers should be set
+      | header         | value         |
+      | Content-Length | 8             |
+      | Content-Range  | bytes 0-7/23  |
+    And the downloaded content should be "ownCloud"
+    Examples:
+      | dav_version |
+      | old         |
+      | new         |
+
+
+  Scenario Outline: download a file with last byte range out of bounds
+    Given using "ocis" as owncloud selector
+    And using <dav_version> DAV path
+    When user "Alice" downloads file "textfile.txt" with range "bytes=0-24" using the WebDAV API
+    Then the HTTP status code should be "206"
+    And the downloaded content should be "ownCloud test text file"
+    Examples:
+      | dav_version |
+      | old         |
+      | new         |
+
+
+  Scenario Outline: download a range at the end of a file
+    Given using "ocis" as owncloud selector
+    And using <dav_version> DAV path
+    When user "Alice" downloads file "textfile.txt" with range "bytes=-4" using the WebDAV API
+    Then the HTTP status code should be "206"
+    And the downloaded content should be "file"
+    Examples:
+      | dav_version |
+      | old         |
+      | new         |
+
+
+  Scenario Outline: download a file with range out of bounds
+    Given using "ocis" as owncloud selector
+    And using <dav_version> DAV path
+    When user "Alice" downloads file "textfile.txt" with range "bytes=24-30" using the WebDAV API
+    Then the HTTP status code should be "416"
+    Examples:
+      | dav_version |
+      | old         |
+      | new         |
+
+
+  Scenario Outline: download a hidden file
+    Given using <dav_version> DAV path
+    And user "Alice" has created folder "FOLDER"
+    And user "Alice" has uploaded the following files with content "hidden file"
+      | path                |
+      | .hidden_file        |
+      | FOLDER/.hidden_file |
+    And using "ocis" as owncloud selector
+    When user "Alice" downloads file ".hidden_file" using the WebDAV API
+    Then the HTTP status code should be "200"
+    And the downloaded content should be "hidden file"
+    When user "Alice" downloads file "FOLDER/.hidden_file" using the WebDAV API
+    Then the HTTP status code should be "200"
+    And the downloaded content should be "hidden file"
+    Examples:
+      | dav_version |
+      | old         |
+      | new         |
+
+
+  Scenario Outline: Downloading a file should serve security headers
+    Given using "ocis" as owncloud selector
+    And using <dav_version> DAV path
+    When user "Alice" downloads file "textfile.txt" using the WebDAV API
+    Then the following headers should be set
+      | header                            | value                                                              | 
+      | Content-Disposition               | attachment; filename*=UTF-8''textfile.txt; filename="textfile.txt" |
+      | Content-Security-Policy           | default-src 'none';                                                |
+      | X-Content-Type-Options            | nosniff                                                            |
+      | X-Download-Options                | noopen                                                             |
+      | X-Frame-Options                   | SAMEORIGIN                                                         |
+      | X-Permitted-Cross-Domain-Policies | none                                                               |
+      | X-Robots-Tag                      | none                                                               |
+      | X-XSS-Protection                  | 1; mode=block                                                      |
+    Examples:
+      | dav_version |
+      | old         |
+      | new         |
@@ -0,0 +1,71 @@
+<?php declare(strict_types=1);
+/**
+ * ownCloud
+ *
+ * @author Sajan Gurung <sajan@jankaritech.com>
+ * @copyright Copyright (c) 2021 Sajan Gurung sajan@jankaritech.com
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License,
+ * as published by the Free Software Foundation;
+ * either version 3 of the License, or any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+use Behat\Behat\Context\Context;
+use Behat\Behat\Hook\Scope\BeforeScenarioScope;
+use TestHelpers\SetupHelper;
+use TestHelpers\HttpRequestHelper;
+
+require_once 'bootstrap.php';
+
+/**
+ * Steps related to parallel deploy setup
+ */
+class ParallelContext implements Context {
+
+	/**
+	 * @var FeatureContext
+	 */
+	private FeatureContext $featureContext;
+
+	/**
+	 * @BeforeScenario
+	 *
+	 * @param BeforeScenarioScope $scope
+	 *
+	 * @return void
+	 *
+	 * @throws Exception
+	 */
+	public function setUpScenario(BeforeScenarioScope $scope): void {
+		$environment = $scope->getEnvironment();
+		$this->featureContext = $environment->getContext('FeatureContext');
+		SetupHelper::init(
+			$this->featureContext->getAdminUsername(),
+			$this->featureContext->getAdminPassword(),
+			$this->featureContext->getBaseUrl(),
+			$this->featureContext->getOcPath()
+		);
+	}
+
+	/**
+	 * @Given using :selector as owncloud selector
+	 *
+	 * @param string $selector	'ocis' or 'oc10'
+	 *
+	 * @return void
+	 */
+	public function usingOwncloudSelector(string $selector): void {
+		$this->featureContext->setOCSelector($selector);
+		HttpRequestHelper::setOCSelectorCookie("owncloud-selector=$selector;path=/;");
+	}
+}
@@ -0,0 +1,37 @@
+<?php declare(strict_types=1);
+/**
+ * ownCloud
+ *
+ * @author Phil Davis <phil@jankaritech.com>
+ * @copyright Copyright (c) 2020 Phil Davis phil@jankaritech.com
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License,
+ * as published by the Free Software Foundation;
+ * either version 3 of the License, or any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+$pathToCore = \getenv('PATH_TO_CORE');
+if ($pathToCore === false) {
+	$pathToCore = "../core";
+}
+
+require_once $pathToCore . '/tests/acceptance/features/bootstrap/bootstrap.php';
+
+$classLoader = new \Composer\Autoload\ClassLoader();
+$classLoader->addPsr4(
+	"",
+	$pathToCore . "/tests/acceptance/features/bootstrap",
+	true
+);
+
+$classLoader->register();