[PM-13008] Add ldap integration tests (#637)

bitwarden · Oct 13, 2024 · d65f426 · d65f426
1 parent 743b4b4
commit d65f426
Show file tree

Hide file tree

Showing 10 changed files with 1,277 additions and 3 deletions.
diff --git a/.github/workflows/integration-test.yml b/.github/workflows/integration-test.yml
@@ -0,0 +1,96 @@
+name: Integration Testing
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - "main"
+    paths:
+      - ".github/workflows/integration-test.yml" # this file
+      - "src/services/ldap-directory.service*" # we only have integration for LDAP testing at the moment
+  pull_request:
+    paths:
+      - ".github/workflows/integration-test.yml" # this file
+      - "src/services/ldap-directory.service*" # we only have integration for LDAP testing at the moment
+
+jobs:
+  check-test-secrets:
+    name: Check for test secrets
+    runs-on: ubuntu-22.04
+    outputs:
+      available: ${{ steps.check-test-secrets.outputs.available }}
+    permissions:
+      contents: read
+
+    steps:
+      - name: Check
+        id: check-test-secrets
+        run: |
+          if [ "${{ secrets.CODECOV_TOKEN }}" != '' ]; then
+            echo "available=true" >> $GITHUB_OUTPUT;
+          else
+            echo "available=false" >> $GITHUB_OUTPUT;
+          fi
+
+  testing:
+    name: Run tests
+    if: ${{ startsWith(github.head_ref, 'version_bump_') == false }}
+    runs-on: ubuntu-22.04
+    needs: check-test-secrets
+    permissions:
+      checks: write
+      contents: read
+      pull-requests: write
+
+    steps:
+      - name: Check out repo
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+
+      - name: Get Node version
+        id: retrieve-node-version
+        run: |
+          NODE_NVMRC=$(cat .nvmrc)
+          NODE_VERSION=${NODE_NVMRC/v/''}
+          echo "node_version=$NODE_VERSION" >> $GITHUB_OUTPUT
+
+      - name: Set up Node
+        uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
+        with:
+          cache: 'npm'
+          cache-dependency-path: '**/package-lock.json'
+          node-version: ${{ steps.retrieve-node-version.outputs.node_version }}
+
+      - name: Install Node dependencies
+        run: npm ci
+
+      - name: Install mkcert
+        run: |
+          sudo apt-get update
+          sudo apt-get -y install mkcert
+
+      - name: Setup integration tests
+        run: npm run test:integration:setup
+
+      - name: Run integration tests
+        run: npm run test:integration --coverage
+
+      - name: Report test results
+        uses: dorny/test-reporter@31a54ee7ebcacc03a09ea97a7e5465a47b84aea5 # v1.9.1
+        if: ${{ needs.check-test-secrets.outputs.available == 'true' && !cancelled() }}
+        with:
+          name: Test Results
+          path: "junit.xml"
+          reporter: jest-junit
+          fail-on-error: true
+
+      - name: Upload coverage to codecov.io
+        uses: codecov/codecov-action@e28ff129e5465c2c0dcc6f003fc735cb6ae0c673 # v4.5.0
+        if: ${{ needs.check-test-secrets.outputs.available == 'true' }}
+        env:
+          CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
+
+      - name: Upload results to codecov.io
+        uses: codecov/test-results-action@1b5b448b98e58ba90d1a1a1d9fcb72ca2263be46 # v1.0.0
+        if: ${{ needs.check-test-secrets.outputs.available == 'true' }}
+        env:
+          CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -0,0 +1,18 @@
+services:
+  open-ldap:
+    image: bitnami/openldap:latest
+    hostname: openldap
+    environment:
+      - LDAP_ADMIN_USERNAME=admin
+      - LDAP_ADMIN_PASSWORD=admin
+      - LDAP_ROOT=dc=bitwarden,dc=com
+      - LDAP_ENABLE_TLS=yes
+      - LDAP_TLS_CERT_FILE=/certs/openldap.pem
+      - LDAP_TLS_KEY_FILE=/certs/openldap-key.pem
+      - LDAP_TLS_CA_FILE=/certs/rootCA.pem
+    volumes:
+      - "./openldap/ldifs:/ldifs"
+      - "./openldap/certs:/certs"
+    ports:
+      - "1389:1389"
+      - "1636:1636"
diff --git a/openldap/group-fixtures.ts b/openldap/group-fixtures.ts
@@ -0,0 +1,40 @@
+import { Jsonify } from "type-fest";
+
+import { GroupEntry } from "../src/models/groupEntry";
+
+// These must match the ldap server seed data in directory.ldif
+const data: Jsonify<GroupEntry>[] = [
+  {
+    userMemberExternalIds: [
+      "cn=Loella Mak,ou=Payroll,dc=bitwarden,dc=com",
+      "cn=Painterson Miki,ou=Product Development,dc=bitwarden,dc=com",
+      "cn=Roland Dyke,ou=Human Resources,dc=bitwarden,dc=com",
+    ],
+    groupMemberReferenceIds: [],
+    users: [],
+    referenceId: "cn=Blue Team,dc=bitwarden,dc=com",
+    externalId: "cn=Blue Team,dc=bitwarden,dc=com",
+    name: "Blue Team",
+  },
+  {
+    userMemberExternalIds: [
+      "cn=Shiela Harada,ou=Peons,dc=bitwarden,dc=com",
+      "cn=Micaela Doud,ou=Janitorial,dc=bitwarden,dc=com",
+    ],
+    groupMemberReferenceIds: [],
+    users: [],
+    referenceId: "cn=Red Team,dc=bitwarden,dc=com",
+    externalId: "cn=Red Team,dc=bitwarden,dc=com",
+    name: "Red Team",
+  },
+  {
+    userMemberExternalIds: [],
+    groupMemberReferenceIds: [],
+    users: [],
+    referenceId: "cn=Cleaners,ou=Janitorial,dc=bitwarden,dc=com",
+    externalId: "cn=Cleaners,ou=Janitorial,dc=bitwarden,dc=com",
+    name: "Cleaners",
+  },
+];
+
+export const groupFixtures = data.map((g) => GroupEntry.fromJSON(g));