diff --git a/.github/workflows/test-integration.yml b/.github/workflows/test-integration.yml index 16c36de771..9221beb44c 100644 --- a/.github/workflows/test-integration.yml +++ b/.github/workflows/test-integration.yml @@ -1,8 +1,6 @@ name: test-integration on: push: - branches: - - main pull_request: # run at 6 hour UTC schedule: @@ -16,89 +14,24 @@ jobs: # php82 is ready to run alongside the 72, but is not enabled now as the code is not 82 compatible yet php: [ php72 ] env: - PROD_PHP: php72 - DOCKER_COMPOSE: docker compose -f docker-compose.yml -f docker-compose-${{matrix.php}}.yml + PROD_PHP: "${{matrix.php}}" steps: - name: Checkout uses: actions/checkout@master - - name: chown some dirs - run: | - mkdir tmp vendor && sudo chown -R 33 app/ theme/ web/ tmp/ vendor/ + - name: Build Docker environmnent - if: always() - run: | - cd docker && - ${DOCKER_COMPOSE} up -d --build && - docker compose exec -T --user www-data engine.dev.openconext.local bash -c ' - SYMFONY_ENV=ci composer install --prefer-dist -n -o --ignore-platform-reqs && \ - ./app/console cache:clear --env=ci && \ - cd theme && CYPRESS_INSTALL_BINARY=0 yarn install --frozen-lockfile && EB_THEME=skeune yarn build - ' - - name: Run code quality tests - if: always() - run: | - cd docker && docker compose exec -T --user www-data engine.dev.openconext.local bash -c ' - echo -e "\nPHP Mess Detector\n" && \ - ./vendor/bin/phpmd src text ci/qa-config/phpmd.xml --exclude */Tests/* && \ - echo -e "\nPHP CodeSniffer\n" && \ - ./vendor/bin/phpcs --report=full --standard=ci/qa-config/phpcs.xml --warning-severity=0 --extensions=php src && \ - echo -e "\nPHP CodeSniffer (legacy code)\n" && \ - ./vendor/bin/phpcs --standard=ci/qa-config/phpcs-legacy.xml --warning-severity=0 --extensions=php -s library && \ - echo -e "\nDoc header check\n" && \ - ./vendor/bin/docheader check src/ tests/ library/ --exclude-dir resources --exclude-dir languages - ' - env: - SYMFONY_ENV: ci - - name: Run unit tests - if: always() run: | - cd docker && APP_ENV=ci SYMFONY_ENV=ci docker compose exec -T --user www-data engine.dev.openconext.local bash -c ' - echo -e "\nInstalling database fixtures...\n" && \ - ./app/console doctrine:schema:drop --force --env=ci && \ - ./app/console doctrine:schema:create --env=ci && \ - echo -e "\nPHPUnit legacy tests\n" && \ - ./vendor/bin/phpunit --configuration=./tests/phpunit.xml --testsuite=eb4 --coverage-text && \ - echo -e "\nPHPUnit unit tests\n" && \ - ./vendor/bin/phpunit --configuration=./tests/phpunit.xml --testsuite=unit --coverage-text && \ - echo -e "\nPHPUnit API acceptance tests\n" && \ - APP_ENV=ci ./vendor/bin/phpunit --configuration=./tests/phpunit.xml --testsuite=functional --coverage-text && \ - echo -e "\nPHPUnit integration tests\n" && \ - ./vendor/bin/phpunit --configuration=./tests/phpunit.xml --testsuite=integration --coverage-text - ' - env: - SYMFONY_ENV: ci - - name: Run acceptance tests - if: always() - run: | - cd docker && docker compose exec -T --user www-data engine.dev.openconext.local bash -c ' - echo -e "\nInstalling database fixtures...\n" && \ - ./app/console doctrine:schema:drop --force --env=ci && \ - ./app/console doctrine:schema:create --env=ci && \ - echo -e "\nPreparing frontend assets\n" && \ - EB_THEME=skeune ./theme/scripts/prepare-test.js > /dev/null && \ - echo -e "\nRun the Behat tests\n" && \ - ./vendor/bin/behat -c ./tests/behat-ci.yml --suite default -vv --format progress --strict && \ - echo -e "\nBehat tests (with selenium and headless Chrome)\n" && \ - ./vendor/bin/behat -c ./tests/behat-ci.yml --suite selenium -vv --format progress --strict - ' - env: - SYMFONY_ENV: ci - - name: Run linting tests - if: always() + cd docker && ./docker-setup.sh + + - name: Run tests run: | - cd docker && docker compose exec -T --user www-data engine.dev.openconext.local bash -c ' - echo -e "\nTwig lint\n" && \ - app/console lint:twig theme/ && \ - cd theme && \ - echo -e "\nLint frontend assets\n" && \ - yarn lint - ' - env: - SYMFONY_ENV: ci + cd docker && ./docker-runtests.sh + - name: Show log on failure if: failure() run: | - cd docker && docker compose exec -T engine.dev.openconext.local cat /var/www/html/app/logs/ci/ci.log + cd docker && docker compose exec -T engine cat /var/www/html/app/logs/ci/ci.log + - name: Send notification on production build nightly build failure uses: sonots/slack-notice-action@v3 with: diff --git a/.gitignore b/.gitignore index 3a30032dc1..d1a2357250 100644 --- a/.gitignore +++ b/.gitignore @@ -27,3 +27,4 @@ local-php-security-checker /theme/**/visual-regression/screenshots/* !/theme/**/visual-regression/screenshots/.gitkeep /theme/**/__image_snapshots__ +.env diff --git a/app/config/parameters.yml.dist b/app/config/parameters.yml.dist index 5604e6fd1a..a152b599e2 100644 --- a/app/config/parameters.yml.dist +++ b/app/config/parameters.yml.dist @@ -36,7 +36,7 @@ parameters: ## * How attributes are displayed in Profile and Consent ## * How attributes are Normalized and Denormalized ## * How attributes are validated - attribute_definition_file_path: %kernel.project_dir%/application/configs/attributes.json + attribute_definition_file_path: "%kernel.project_dir%/application/configs/attributes.json" ## The Signing / Encryption keys used for the SAML2 authentication and metadata ## When EngineBlock signs responses (when it acts as an Idp) diff --git a/ci/README b/ci/README index 36eec5757f..ad48ced20a 100644 --- a/ci/README +++ b/ci/README @@ -1,3 +1,6 @@ Directory with helper files for our ci builds. -cpd.xsl -> makes nice html output of cpd +cpd.xsl -> makes nice html output of cpd dependencies.html -> html wrapper for pdepend output svgs + +To run all tests on local code, run ./qa/all.sh +To run all tests in a container, run ../docker/docker-runtests.sh diff --git a/ci/qa/behat.sh b/ci/qa/behat.sh index d542fa36ba..adcf735311 100755 --- a/ci/qa/behat.sh +++ b/ci/qa/behat.sh @@ -12,18 +12,25 @@ then exit 1 fi -echo -e "\nInstalling database fixtures...\n" +echo "=====================================================" +echo "Installing database fixtures..." +echo "=====================================================" ./app/console doctrine:schema:drop --force --env=ci ./app/console doctrine:schema:create --env=ci -echo -e "\nPreparing frontend assets\n" +echo "=====================================================" +echo "Preparing frontend assets" +echo "=====================================================" EB_THEME=skeune ./theme/scripts/prepare-test.js > /dev/null chown -R www-data app/cache/ chmod -R 0777 /tmp/eb-fixtures -echo -e "\nRun the Behat tests\n" +echo "=====================================================" +echo "Run the Behat tests" +echo "=====================================================" ./vendor/bin/behat -c ./tests/behat-ci.yml --suite default -vv --format progress --strict $@ +# TODO! #echo -e "\nBehat tests (with selenium and headless Chrome)\n" #./vendor/bin/behat -c ./tests/behat-ci.yml --suite selenium -vv --format progress --strict diff --git a/ci/qa/docheader.sh b/ci/qa/docheader.sh index 2c19587592..2a7ce6d002 100755 --- a/ci/qa/docheader.sh +++ b/ci/qa/docheader.sh @@ -3,5 +3,8 @@ set -e cd $(dirname $0)/../../ -echo -e "\nDoc header check\n" +echo "=====================================================" +echo "Doc header check" +echo "=====================================================" ./vendor/bin/docheader check src/ tests/ library/ --exclude-dir resources --exclude-dir languages +echo diff --git a/ci/qa/phpcbf.sh b/ci/qa/phpcbf.sh deleted file mode 100755 index dbd0c88c03..0000000000 --- a/ci/qa/phpcbf.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/usr/bin/env bash -set -e - -cd $(dirname $0)/../../ - -echo -e "\nPHP CodeSniffer\n" -./vendor/bin/phpcbf --standard=ci/qa-config/phpcs.xml src - -echo -e "\nPHP CodeSniffer (legacy code)\n" -./vendor/bin/phpcs --standard=ci/qa-config/phpcs-legacy.xml library diff --git a/ci/qa/phpcs.sh b/ci/qa/phpcs.sh index e3888468df..498b80a1d2 100755 --- a/ci/qa/phpcs.sh +++ b/ci/qa/phpcs.sh @@ -3,8 +3,20 @@ set -e cd $(dirname $0)/../../ -echo -e "\nPHP CodeSniffer\n" -./vendor/bin/phpcs --report=full --standard=ci/qa-config/phpcs.xml --warning-severity=0 --extensions=php src +echo "=====================================================" +echo "PHP CodeSniffer" +echo "=====================================================" -echo -e "\nPHP CodeSniffer (legacy code)\n" -./vendor/bin/phpcs --standard=ci/qa-config/phpcs-legacy.xml --warning-severity=0 --extensions=php -s library +./vendor/bin/phpcs -p --report=full --standard=ci/qa-config/phpcs.xml --warning-severity=0 --extensions=php src + +echo +echo "=====================================================" +echo "PHP CodeSniffer (legacy code)" +echo "=====================================================" +./vendor/bin/phpcs -p --standard=ci/qa-config/phpcs-legacy.xml --warning-severity=0 --extensions=php -s library + +echo +echo "=====================================================" +echo "PHP CodeBeautifier" +echo "=====================================================" +./vendor/bin/phpcbf -p --standard=ci/qa-config/phpcs.xml src diff --git a/ci/qa/phpmd.sh b/ci/qa/phpmd.sh index 0e78c37c2d..4c68492ab3 100755 --- a/ci/qa/phpmd.sh +++ b/ci/qa/phpmd.sh @@ -3,5 +3,16 @@ set -e cd $(dirname $0)/../../ -echo -e "\nPHP Mess Detector\n" -./vendor/bin/phpmd src text ci/qa-config/phpmd.xml --exclude */Tests/* +echo "=====================================================" +echo "PHP Mess Detector" +echo "=====================================================" +cmd=(./vendor/bin/phpmd src text ci/qa-config/phpmd.xml --exclude '*/Tests/*') +if "${cmd[@]}" +then + echo "No issues found" + echo + exit 0 +else + echo + exit 2 +fi diff --git a/ci/qa/phpunit.sh b/ci/qa/phpunit.sh index 9865233c2a..61d0c4cf4f 100755 --- a/ci/qa/phpunit.sh +++ b/ci/qa/phpunit.sh @@ -4,20 +4,38 @@ set -e cd $(dirname $0)/../../ chown -R www-data app/cache/ +mkdir -p /tmp/eb-fixtures chmod -R 0777 /tmp/eb-fixtures -echo -e "\nInstalling database fixtures...\n" +echo "=====================================================" +echo "Installing database fixtures..." +echo "=====================================================" ./app/console doctrine:schema:drop --force --env=ci ./app/console doctrine:schema:create --env=ci -echo -e "\nPHPUnit legacy tests\n" +echo +echo "=====================================================" +echo "PHPUnit legacy tests" +echo "=====================================================" ./vendor/bin/phpunit --configuration=./tests/phpunit.xml --testsuite=eb4 --coverage-text -echo -e "\nPHPUnit unit tests\n" +echo +echo "=====================================================" +echo "PHPUnit unit tests" +echo "=====================================================" ./vendor/bin/phpunit --configuration=./tests/phpunit.xml --testsuite=unit --coverage-text -echo -e "\nPHPUnit API acceptance tests\n" +echo +echo "=====================================================" +echo "PHPUnit API acceptance tests" +echo "=====================================================" APP_ENV=ci ./vendor/bin/phpunit --configuration=./tests/phpunit.xml --testsuite=functional --coverage-text -echo -e "\nPHPUnit integration tests\n" +echo +echo "=====================================================" +echo -e "PHPUnit integration tests" +echo "=====================================================" ./vendor/bin/phpunit --configuration=./tests/phpunit.xml --testsuite=integration --coverage-text +echo + + diff --git a/docker/.env b/docker/.env deleted file mode 100644 index c51a1b6d6b..0000000000 --- a/docker/.env +++ /dev/null @@ -1,3 +0,0 @@ -UID=1000 -GID=1000 -COMPOSE_PROJECT_NAME=eb diff --git a/docker/README b/docker/README new file mode 100644 index 0000000000..5dd022da3a --- /dev/null +++ b/docker/README @@ -0,0 +1,3 @@ +To start Enginblock in docker, run ./docker-setup.sh + +To run the integration tests in the container, run ./docker-runtests.sh diff --git a/docker/docker-compose-php72.yml b/docker/docker-compose-php72.yml index 9257fdf3d1..eed27fce73 100644 --- a/docker/docker-compose-php72.yml +++ b/docker/docker-compose-php72.yml @@ -1,6 +1,5 @@ -version: '2.4' - +--- services: - engine.dev.openconext.local: + engine: build: dockerfile: docker/ci/Dockerfile-php72 diff --git a/docker/docker-compose-php82.yml b/docker/docker-compose-php82.yml index e5457a8d54..1317ec659a 100644 --- a/docker/docker-compose-php82.yml +++ b/docker/docker-compose-php82.yml @@ -1,6 +1,5 @@ -version: '2.4' - +--- services: - engine.dev.openconext.local: + engine: build: dockerfile: docker/ci/Dockerfile-php82 diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml index 93270ca474..654583c8c7 100644 --- a/docker/docker-compose.yml +++ b/docker/docker-compose.yml @@ -1,9 +1,8 @@ -version: '2.4' - +--- services: mariadb: - image: mariadb:10.2 + image: mariadb:10.7 restart: always container_name: eb-db-test environment: @@ -15,36 +14,43 @@ services: volumes: - eb-mysql-test-data:/var/lib/mysql healthcheck: - test: ["CMD", "mysqladmin" ,"ping", "-h", "localhost"] + test: ["CMD-SHELL", "mysqladmin --user=root --password=$${MYSQL_ROOT_PASSWORD} ping"] timeout: 2s retries: 20 interval: 2s - engine.dev.openconext.local: + engine: build: context: ../ # override this in a dedicated dockerfile per php version # dockerfile: docker/ci/Dockerfile - container_name: eb-phpfpm - volumes: - - ../:/var/www/html - - ../ci/qa-config/files/engine.dev.openconext.local.crt:/config/engine/engineblock.crt - - ../ci/qa-config/files/engine.dev.openconext.local.key:/config/engine/engineblock.pem + hostname: engine.dev.openconext.local depends_on: mariadb: condition: service_healthy environment: - APP_ENV: ci - SYMFONY_ENV: ci + APP_ENV: ci + SYMFONY_ENV: ci + APACHE_UID: "#${APACHE_UID}" + APACHE_GUID: "#${APACHE_GID}" + volumes: + - ../:/var/www/html + - ../ci/qa-config/files/engine.dev.openconext.local.crt:/config/engine/engineblock.crt + - ../ci/qa-config/files/engine.dev.openconext.local.key:/config/engine/engineblock.pem + healthcheck: + test: ["CMD-SHELL", "curl -sI http://localhost/| grep '^Server: Apache'"] + timeout: 2s + retries: 20 + interval: 5s - selenium.dev.openconext.local: + selenium: image: selenium/standalone-chrome:2.53.1 - container_name: eb-selenium - user: "${UID}:${GID}" - environment: - START_XVFB: "false" - volumes: - - /dev/shm:/dev/shm + hostname: selenium.dev.openconext.local + # NB: Selenium2 is OLD and doesn't have arm64 images; to run this on arm64, you need Rosetta enabled + platform: amd64 + shm_size: 2gb +# environment: +# START_XVFB: "false" healthcheck: test: ["CMD", "/opt/bin/check-grid.sh:", "--host", "0.0.0.0", "--port", "4444"] timeout: 30s @@ -64,3 +70,4 @@ services: volumes: eb-mysql-data: eb-mysql-test-data: + eb-engine-vendor: diff --git a/docker/docker-runtests.sh b/docker/docker-runtests.sh new file mode 100755 index 0000000000..7b16931ee7 --- /dev/null +++ b/docker/docker-runtests.sh @@ -0,0 +1,23 @@ +#!/usr/bin/env bash +set -e + +dir=$(dirname "$0") +cd "$dir" + +PHPVERSION=${PRODPHP:-72} + +docker compose \ + -f docker-compose.yml \ + -f docker-compose-php${PHPVERSION}.yml \ + up -d +echo + +if [[ $( docker compose exec -T engine \ + bash -c 'test -e /setup.txt && cat /setup.txt || echo ""' + ) != 'done' ]] +then + echo "setup.txt not found or not done. Please run $dir/docker-setup.sh" + exit 1 +fi + +docker compose exec -T engine ./ci/qa/all.sh diff --git a/docker/docker-setup.sh b/docker/docker-setup.sh new file mode 100755 index 0000000000..fe8d2a7c01 --- /dev/null +++ b/docker/docker-setup.sh @@ -0,0 +1,62 @@ +#!/usr/bin/env bash +set -e + +PHPVERSION=${PRODPHP:-72} +#export COMPOSE_BAKE=true + +cd "$(dirname "$0")" + +rm -f .env +{ + echo "export APACHE_UID=$(id -u)"; + echo "export APACHE_GID=$(id -g)"; + echo "export COMPOSE_PROJECT_NAME=eb"; +} >> .env + +docker compose \ + -f docker-compose.yml \ + -f docker-compose-php${PHPVERSION}.yml \ + build --pull + +docker compose \ + -f docker-compose.yml \ + -f docker-compose-php${PHPVERSION}.yml \ + up -d + +docker compose exec -T engine bash -c ' + mkdir -p tmp vendor + git config --global --add safe.directory /var/www/html +' + +if [[ $( docker compose exec -T engine bash -c ' + test -e /setup.txt && cat /setup.txt || echo "" + ') == 'done' ]] +then + echo "setup has already run; nothing to do here" + exit 0 +fi + + +docker compose exec -T engine bash -c ' + export SYMFONY_ENV=ci + test -e ./app/config/parameters.yml && rm -v ./app/config/parameters.yml + composer install --prefer-dist -n -o --ignore-platform-reqs +' + +docker compose exec -T engine bash -c ' + ./app/console cache:clear --env=ci +' + +docker compose exec -T engine bash -c ' + cd theme + export CYPRESS_INSTALL_BINARY=0 + export EB_THEME=skeune + yarn install --frozen-lockfile + yarn build +' + +docker compose exec -T engine bash -c ' + echo done > /setup.txt +' + +exit 0 diff --git a/docker/init.sh b/docker/init.sh deleted file mode 100755 index f22bc5589f..0000000000 --- a/docker/init.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/usr/bin/env bash -uid=33 -gid=33 - -printf "UID=${uid}\nGID=${gid}\nCOMPOSE_PROJECT_NAME=eb" >.env diff --git a/src/OpenConext/EngineBlock/Stepup/StepupEndpoint.php b/src/OpenConext/EngineBlock/Stepup/StepupEndpoint.php index 3a3154f224..74bacb88bf 100644 --- a/src/OpenConext/EngineBlock/Stepup/StepupEndpoint.php +++ b/src/OpenConext/EngineBlock/Stepup/StepupEndpoint.php @@ -91,7 +91,7 @@ private function validate() : void Assertion::string($this->entityId, 'stepup.gateway.sfo.entity_id should be a string'); Assertion::string($this->ssoLocation, 'stepup.gateway.sfo.sso_location should be a string'); Assertion::string($this->keyFile, 'stepup.gateway.sfo.key_file should be a string'); - Assertion::file($this->keyFile, 'stepup.gateway.sfo.key_file should be a valid file'); + Assertion::file($this->keyFile, "stepup.gateway.sfo.key_file should be a valid file, not '$this->keyFile'"); } catch (AssertionFailedException $e) { throw new InvalidStepupConfigurationException(sprintf('Invalid stepup endpoint configuration: %s', $e->getMessage())); } diff --git a/tests/behat-ci.yml b/tests/behat-ci.yml index 551a4c081b..daf274dcd5 100644 --- a/tests/behat-ci.yml +++ b/tests/behat-ci.yml @@ -58,9 +58,9 @@ default: paths: - '%paths.base%/../src/OpenConext/EngineBlockFunctionalTestingBundle/Features' formatter: - name: pretty - parameters: - verbose: true + name: pretty + parameters: + verbose: true filters: tags: "@WIP&&~@SKIP&&~@selenium" contexts: *defaultContexts diff --git a/tests/behat.yml b/tests/behat.yml index cfa9d6fc89..f4006a77e8 100644 --- a/tests/behat.yml +++ b/tests/behat.yml @@ -58,9 +58,9 @@ default: paths: - '%paths.base%/../src/OpenConext/EngineBlockFunctionalTestingBundle/Features' formatter: - name: pretty - parameters: - verbose: true + name: pretty + parameters: + verbose: true filters: tags: "@WIP&&~@SKIP&&~@selenium" contexts: *defaultContexts @@ -90,4 +90,3 @@ default: kernel: env: ci debug: true -