From e045465839b8daa4b61e9f41eb538585fb63173f Mon Sep 17 00:00:00 2001 From: Elizabeth Healy Date: Wed, 17 Jul 2024 11:46:03 -0400 Subject: [PATCH 1/8] add e2e workflow to ci --- .github/workflows/ci.yaml | 61 +++++++++++++++++++++++++++++++++++---- 1 file changed, 56 insertions(+), 5 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index ad965f22..575657ab 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -37,9 +37,60 @@ jobs: runs-on: ubuntu-22.04 steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 + # - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 + # with: + # go-version-file: 'go.mod' + # cache: false + - name: Check out platform + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 with: - go-version-file: 'go.mod' - cache: false - - name: e2e Tests - run: echo "No e2e tests yet." && exit 0 + repository: opentdf/platform + path: platform + - name: Set up go + uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 + with: + go-version: "1.22.3" + check-latest: false + cache-dependency-path: | + platform/service/go.sum + platform/examples/go.sum + platform/protocol/go/go.sum + platform/sdk/go.sum + - run: | + .github/scripts/init-temp-keys.sh + cp opentdf-dev.yaml opentdf.yaml + working-directory: platform + - name: Added Trusted Certs + run: | + sudo chmod -R 777 ./keys + sudo apt-get install -y ca-certificates + sudo cp ./keys/localhost.crt /usr/local/share/ca-certificates + sudo update-ca-certificates + working-directory: platform + - run: docker compose up -d --wait --wait-timeout 240 + working-directory: platform + - run: go run ./service provision keycloak + working-directory: platform + - run: go run ./service provision fixtures + working-directory: platform + - uses: JarvusInnovations/background-action@2428e7b970a846423095c79d43f759abf979a635 + name: start server in background + with: + run: > + go build -o opentdf -v service/main.go + && .github/scripts/watch.sh opentdf.yaml ./opentdf start + wait-on: | + tcp:localhost:8080 + log-output-if: true + wait-for: 90s + working-directory: platform + + - name: build the CLI + run: go build . + - name: set up the config + run: cp otdfctl-example.yaml otdfctl.yaml + - name: run encrypt -> decrypt + run: |- + ./otdfctl encrypt -o sensitive.txt.tdf --host http://localhost:8080/kas --tls-no-verify --log-level debug --with-client-creds '{"clientId":"opentdf","clientSecret":"secret"}' --tdf-type tdf3 otdfctl.yaml + ./otdfctl decrypt -o result.yaml --host http://localhost:8080/kas --tls-no-verify --log-level debug --with-client-creds '{"clientId":"opentdf","clientSecret":"secret"}' --tdf-type tdf3 sensitive.txt.tdf + diff otdfctl.yaml result.yaml From 7ce8016b554c924ceb83e5d1c8ea5c411ea080da Mon Sep 17 00:00:00 2001 From: Elizabeth Healy Date: Thu, 18 Jul 2024 10:36:39 -0400 Subject: [PATCH 2/8] setup bats structure --- .github/workflows/ci.yaml | 9 ++++----- tests/attributes.bats | 19 ++++++++++++++++++ tests/encrypt-decrypt.bats | 33 +++++++++++++++++++++++++++++++ tests/kas-registry.bats | 15 ++++++++++++++ tests/namespace.bats | 19 ++++++++++++++++++ tests/resource-mapping.bats | 15 ++++++++++++++ tests/subject-condition-sets.bats | 15 ++++++++++++++ tests/subject-mapping.bats | 15 ++++++++++++++ 8 files changed, 135 insertions(+), 5 deletions(-) create mode 100644 tests/attributes.bats create mode 100644 tests/encrypt-decrypt.bats create mode 100644 tests/kas-registry.bats create mode 100644 tests/namespace.bats create mode 100644 tests/resource-mapping.bats create mode 100644 tests/subject-condition-sets.bats create mode 100644 tests/subject-mapping.bats diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 575657ab..57348f66 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -89,8 +89,7 @@ jobs: run: go build . - name: set up the config run: cp otdfctl-example.yaml otdfctl.yaml - - name: run encrypt -> decrypt - run: |- - ./otdfctl encrypt -o sensitive.txt.tdf --host http://localhost:8080/kas --tls-no-verify --log-level debug --with-client-creds '{"clientId":"opentdf","clientSecret":"secret"}' --tdf-type tdf3 otdfctl.yaml - ./otdfctl decrypt -o result.yaml --host http://localhost:8080/kas --tls-no-verify --log-level debug --with-client-creds '{"clientId":"opentdf","clientSecret":"secret"}' --tdf-type tdf3 sensitive.txt.tdf - diff otdfctl.yaml result.yaml + - name: Setup Bats and bats libs + uses: bats-core/bats-action@2.0.0 + - run: tests/encrypt-decrypt.bats + diff --git a/tests/attributes.bats b/tests/attributes.bats new file mode 100644 index 00000000..b9d5e172 --- /dev/null +++ b/tests/attributes.bats @@ -0,0 +1,19 @@ +#!/usr/bin/env bats + +# Tests for attributes + +# Create attribute + +# Get Attribute + +# Update attribute + +# List attributes + +# Deactivate Attribute + +# Unsafe Reactivate + +# Unsafe Delete + +# Cleanup -- delete everything created here \ No newline at end of file diff --git a/tests/encrypt-decrypt.bats b/tests/encrypt-decrypt.bats new file mode 100644 index 00000000..d0b055b9 --- /dev/null +++ b/tests/encrypt-decrypt.bats @@ -0,0 +1,33 @@ +#!/usr/bin/env bats + +# Tests for encrypt decrypt + +setup_creds_json() { + echo -n '{"clientId":"opentdf","clientSecret":"secret"}' > creds.json + export WITH_CREDS='--with-client-creds-file ./creds.json' +} + +@test "roundtrip TDF3" { + setup_creds_json + ./otdfctl encrypt -o sensitive.yaml.tdf --host http://localhost:8080/kas --tls-no-verify --log-level debug $WITH_CREDS --tdf-type tdf3 otdfctl.yaml + [ "$status" -eq 0 ] + ./otdfctl decrypt -o result.yaml --host http://localhost:8080/kas --tls-no-verify --log-level debug $WITH_CREDS --tdf-type tdf3 sensitive.yaml.tdf + [ "$status" -eq 0 ] + diff otdfctl.yaml result.yaml + [ "$status" -eq 0 ] +} + +@test "roundtrip NANO" { + setup_creds_json + ./otdfctl encrypt -o sensitive.yaml.tdf --host http://localhost:8080/kas --tls-no-verify --log-level debug $WITH_CREDS --tdf-type nano otdfctl.yaml + [ "$status" -eq 0 ] + ./otdfctl decrypt -o result.yaml --host http://localhost:8080/kas --tls-no-verify --log-level debug $WITH_CREDS --tdf-type nano sensitive.yaml.tdf + [ "$status" -eq 0 ] + diff otdfctl.yaml result.yaml + [ "$status" -eq 0 ] +} + +# Future Tests + +# Encrypt and decrypt with attributes: +# Create an attribute and a subject mapping for the specific clientId then roundtrip trip w it \ No newline at end of file diff --git a/tests/kas-registry.bats b/tests/kas-registry.bats new file mode 100644 index 00000000..cdd67cee --- /dev/null +++ b/tests/kas-registry.bats @@ -0,0 +1,15 @@ +#!/usr/bin/env bats + +# Tests for kas registry + +# Create kas registration + +# Get kas registration + +# Update kas registration + +# List kas registrations + +# Delete kas registration + +# Cleanup - delete everything \ No newline at end of file diff --git a/tests/namespace.bats b/tests/namespace.bats new file mode 100644 index 00000000..45f0de71 --- /dev/null +++ b/tests/namespace.bats @@ -0,0 +1,19 @@ +#!/usr/bin/env bats + +# Tests for namespaces + +# Create namespace + +# Get namesapce + +# Update namespace + +# List namespaces + +# Deactivate namespace + +# Unsafe namespace + +# Unsafe namespace + +# Cleanup - delete everything \ No newline at end of file diff --git a/tests/resource-mapping.bats b/tests/resource-mapping.bats new file mode 100644 index 00000000..dc6accca --- /dev/null +++ b/tests/resource-mapping.bats @@ -0,0 +1,15 @@ +#!/usr/bin/env bats + +# Tests for resource mappings + +# Create resource mapping + +# Get resource mapping + +# Update resource mapping + +# List resource mappings + +# Delete resource mapping + +# Cleanup - delete everything \ No newline at end of file diff --git a/tests/subject-condition-sets.bats b/tests/subject-condition-sets.bats new file mode 100644 index 00000000..4377b2f2 --- /dev/null +++ b/tests/subject-condition-sets.bats @@ -0,0 +1,15 @@ +#!/usr/bin/env bats + +# Tests for subject condition sets + +# Create scs + +# Get scs + +# Update scs + +# List scs + +# Delete scs + +# Cleanup - delete everything \ No newline at end of file diff --git a/tests/subject-mapping.bats b/tests/subject-mapping.bats new file mode 100644 index 00000000..6120da6d --- /dev/null +++ b/tests/subject-mapping.bats @@ -0,0 +1,15 @@ +#!/usr/bin/env bats + +# Tests for subject mappings + +# Create sm + +# Get sm + +# Update sm + +# List sm + +# Delete sm + +# Cleanup - delete everything From 9de37bd836c979e22c4b64d599add6ee8c631e1b Mon Sep 17 00:00:00 2001 From: Elizabeth Healy Date: Thu, 18 Jul 2024 10:42:50 -0400 Subject: [PATCH 3/8] chmod --- tests/attributes.bats | 0 tests/encrypt-decrypt.bats | 0 tests/kas-registry.bats | 0 tests/namespace.bats | 0 tests/resource-mapping.bats | 0 tests/subject-condition-sets.bats | 0 tests/subject-mapping.bats | 0 7 files changed, 0 insertions(+), 0 deletions(-) mode change 100644 => 100755 tests/attributes.bats mode change 100644 => 100755 tests/encrypt-decrypt.bats mode change 100644 => 100755 tests/kas-registry.bats mode change 100644 => 100755 tests/namespace.bats mode change 100644 => 100755 tests/resource-mapping.bats mode change 100644 => 100755 tests/subject-condition-sets.bats mode change 100644 => 100755 tests/subject-mapping.bats diff --git a/tests/attributes.bats b/tests/attributes.bats old mode 100644 new mode 100755 diff --git a/tests/encrypt-decrypt.bats b/tests/encrypt-decrypt.bats old mode 100644 new mode 100755 diff --git a/tests/kas-registry.bats b/tests/kas-registry.bats old mode 100644 new mode 100755 diff --git a/tests/namespace.bats b/tests/namespace.bats old mode 100644 new mode 100755 diff --git a/tests/resource-mapping.bats b/tests/resource-mapping.bats old mode 100644 new mode 100755 diff --git a/tests/subject-condition-sets.bats b/tests/subject-condition-sets.bats old mode 100644 new mode 100755 diff --git a/tests/subject-mapping.bats b/tests/subject-mapping.bats old mode 100644 new mode 100755 From 197cfe4dde9344a7a477e05d7693016b186bd31d Mon Sep 17 00:00:00 2001 From: Elizabeth Healy Date: Thu, 18 Jul 2024 10:48:40 -0400 Subject: [PATCH 4/8] dont have to check status --- tests/encrypt-decrypt.bats | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-) diff --git a/tests/encrypt-decrypt.bats b/tests/encrypt-decrypt.bats index d0b055b9..a4d37ba2 100755 --- a/tests/encrypt-decrypt.bats +++ b/tests/encrypt-decrypt.bats @@ -2,29 +2,21 @@ # Tests for encrypt decrypt -setup_creds_json() { +setup() { echo -n '{"clientId":"opentdf","clientSecret":"secret"}' > creds.json export WITH_CREDS='--with-client-creds-file ./creds.json' } @test "roundtrip TDF3" { - setup_creds_json ./otdfctl encrypt -o sensitive.yaml.tdf --host http://localhost:8080/kas --tls-no-verify --log-level debug $WITH_CREDS --tdf-type tdf3 otdfctl.yaml - [ "$status" -eq 0 ] ./otdfctl decrypt -o result.yaml --host http://localhost:8080/kas --tls-no-verify --log-level debug $WITH_CREDS --tdf-type tdf3 sensitive.yaml.tdf - [ "$status" -eq 0 ] diff otdfctl.yaml result.yaml - [ "$status" -eq 0 ] } @test "roundtrip NANO" { - setup_creds_json ./otdfctl encrypt -o sensitive.yaml.tdf --host http://localhost:8080/kas --tls-no-verify --log-level debug $WITH_CREDS --tdf-type nano otdfctl.yaml - [ "$status" -eq 0 ] ./otdfctl decrypt -o result.yaml --host http://localhost:8080/kas --tls-no-verify --log-level debug $WITH_CREDS --tdf-type nano sensitive.yaml.tdf - [ "$status" -eq 0 ] diff otdfctl.yaml result.yaml - [ "$status" -eq 0 ] } # Future Tests From 47e6043d73d093fb5bcff27f74e25a0728ad215f Mon Sep 17 00:00:00 2001 From: Elizabeth Healy Date: Thu, 18 Jul 2024 10:50:52 -0400 Subject: [PATCH 5/8] move host to variable --- tests/encrypt-decrypt.bats | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/tests/encrypt-decrypt.bats b/tests/encrypt-decrypt.bats index a4d37ba2..a9a37f3e 100755 --- a/tests/encrypt-decrypt.bats +++ b/tests/encrypt-decrypt.bats @@ -5,17 +5,18 @@ setup() { echo -n '{"clientId":"opentdf","clientSecret":"secret"}' > creds.json export WITH_CREDS='--with-client-creds-file ./creds.json' + export HOST=http://localhost:8080/kas } @test "roundtrip TDF3" { - ./otdfctl encrypt -o sensitive.yaml.tdf --host http://localhost:8080/kas --tls-no-verify --log-level debug $WITH_CREDS --tdf-type tdf3 otdfctl.yaml - ./otdfctl decrypt -o result.yaml --host http://localhost:8080/kas --tls-no-verify --log-level debug $WITH_CREDS --tdf-type tdf3 sensitive.yaml.tdf + ./otdfctl encrypt -o sensitive.yaml.tdf --host $HOST --tls-no-verify --log-level debug $WITH_CREDS --tdf-type tdf3 otdfctl.yaml + ./otdfctl decrypt -o result.yaml --host $HOST --tls-no-verify --log-level debug $WITH_CREDS --tdf-type tdf3 sensitive.yaml.tdf diff otdfctl.yaml result.yaml } @test "roundtrip NANO" { - ./otdfctl encrypt -o sensitive.yaml.tdf --host http://localhost:8080/kas --tls-no-verify --log-level debug $WITH_CREDS --tdf-type nano otdfctl.yaml - ./otdfctl decrypt -o result.yaml --host http://localhost:8080/kas --tls-no-verify --log-level debug $WITH_CREDS --tdf-type nano sensitive.yaml.tdf + ./otdfctl encrypt -o sensitive.yaml.tdf --host $HOST --tls-no-verify --log-level debug $WITH_CREDS --tdf-type nano otdfctl.yaml + ./otdfctl decrypt -o result.yaml --host $HOST --tls-no-verify --log-level debug $WITH_CREDS --tdf-type nano sensitive.yaml.tdf diff otdfctl.yaml result.yaml } From ac8edc63827847b1c4e817fd4e4122c45c832240 Mon Sep 17 00:00:00 2001 From: Elizabeth Healy Date: Thu, 18 Jul 2024 10:59:05 -0400 Subject: [PATCH 6/8] workflow yaml cleanup --- .github/workflows/ci.yaml | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 57348f66..55855100 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -37,10 +37,6 @@ jobs: runs-on: ubuntu-22.04 steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - # - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 - # with: - # go-version-file: 'go.mod' - # cache: false - name: Check out platform uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 with: @@ -49,7 +45,7 @@ jobs: - name: Set up go uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 with: - go-version: "1.22.3" + go-version-file: 'platform/service/go.mod' check-latest: false cache-dependency-path: | platform/service/go.sum From cc1f5ee4e2c85e40788d80ec97e4dcde8c9a28b4 Mon Sep 17 00:00:00 2001 From: Elizabeth Healy Date: Thu, 18 Jul 2024 11:01:59 -0400 Subject: [PATCH 7/8] add teardown with file cleanup --- tests/encrypt-decrypt.bats | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/tests/encrypt-decrypt.bats b/tests/encrypt-decrypt.bats index a9a37f3e..61483524 100755 --- a/tests/encrypt-decrypt.bats +++ b/tests/encrypt-decrypt.bats @@ -8,6 +8,10 @@ setup() { export HOST=http://localhost:8080/kas } +teardown() { + rm -f result.yaml sensitive.yaml.tdf +} + @test "roundtrip TDF3" { ./otdfctl encrypt -o sensitive.yaml.tdf --host $HOST --tls-no-verify --log-level debug $WITH_CREDS --tdf-type tdf3 otdfctl.yaml ./otdfctl decrypt -o result.yaml --host $HOST --tls-no-verify --log-level debug $WITH_CREDS --tdf-type tdf3 sensitive.yaml.tdf @@ -23,4 +27,4 @@ setup() { # Future Tests # Encrypt and decrypt with attributes: -# Create an attribute and a subject mapping for the specific clientId then roundtrip trip w it \ No newline at end of file +# Create an attribute and a subject mapping for the specific clientId then roundtrip trip w it From e195aa3c77cf234921dba1f68a8d9f5c0cf26b3b Mon Sep 17 00:00:00 2001 From: Elizabeth Healy Date: Fri, 19 Jul 2024 12:17:01 -0400 Subject: [PATCH 8/8] add to readme --- .github/workflows/ci.yaml | 3 --- README.md | 30 ++++++++++++++++++++++++++++++ 2 files changed, 30 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 55855100..be124387 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -49,7 +49,6 @@ jobs: check-latest: false cache-dependency-path: | platform/service/go.sum - platform/examples/go.sum platform/protocol/go/go.sum platform/sdk/go.sum - run: | @@ -67,8 +66,6 @@ jobs: working-directory: platform - run: go run ./service provision keycloak working-directory: platform - - run: go run ./service provision fixtures - working-directory: platform - uses: JarvusInnovations/background-action@2428e7b970a846423095c79d43f759abf979a635 name: start server in background with: diff --git a/README.md b/README.md index a4b419df..dfd4e6f7 100644 --- a/README.md +++ b/README.md @@ -51,3 +51,33 @@ The TUI will be used to create an interactive experience for the user. Documentation drives the CLI in this project. This can be found in `/docs/man` and is used in the CLI via the `man.Docs.GetDoc()` function. + +## Testing + +The [tests](./tests) directory contains e2e Bash Automated Test System (bats) tests for all of the cli functionality. + +To install bats on MacOS: +``` +$ brew install bats-core +``` +Or with NPM on any OS: +``` +# To install globally: +$ npm install -g bats + +# To install into your project and save it as one of the "devDependencies" in +# your package.json: +$ npm install --save-dev bats +``` + +These tests require the platform to be running and provisioned with basic keycloak clients/users. Before running, clone https://github.com/opentdf/platform and follow [the quickstart](https://github.com/opentdf/platform?tab=readme-ov-file#quick-start) to spin it up. + +Build the cli: +``` +$ go build . +``` + +Run the bats with: +``` +$ bats tests/*.bats +```