Separate DB models for credentials (#1143)

warp-tech · Nov 24, 2024 · b359838 · b359838
1 parent d4f012e
commit b359838
Show file tree

Hide file tree

Showing 102 changed files with 4,893 additions and 2,949 deletions.
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -22,10 +22,11 @@ jobs:
           cargo clean
           rustup component add llvm-tools-preview
 
-      - name: Build admin UI
+      - name: Build UI
         run: |
           just yarn --network-timeout 1000000000
           just openapi
+          just yarn openapi:tests-sdk
           just yarn build
 
       - name: Build images
@@ -37,14 +38,14 @@ jobs:
         working-directory: tests
         run: |
           sudo apt install -y gnome-keyring
-          pip3 install keyring==23.8.2 poetry==1.1.14
+          pip3 install keyring==24 poetry==1.8.3
           poetry install
 
       - name: Run
         working-directory: tests
         run: |
           TIMEOUT=120 poetry run ./run.sh
-          cargo llvm-cov --no-run --hide-instantiations --lcov > coverage.lcov
+          cargo llvm-cov report --lcov > coverage.lcov
 
       - name: SonarCloud Scan
         uses: SonarSource/sonarcloud-github-action@master

diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -19,6 +19,14 @@ members = [
 default-members = ["warpgate"]
 resolver = "2"
 
+[workspace.dependencies]
+bytes = "1.4"
+data-encoding = "2.3"
+serde = "1.0"
+serde_json = "1.0"
+russh = { version = "0.46.0", features = ["legacy-ed25519-pkcs8-parser"] }
+russh-keys = { version = "0.46.0", features = ["legacy-ed25519-pkcs8-parser"] }
+
 [profile.release]
 lto = true
 panic = "abort"

diff --git a/tests/.gitignore b/tests/.gitignore
@@ -0,0 +1 @@
+api_sdk
diff --git a/tests/api_client.py b/tests/api_client.py
@@ -1,92 +1,21 @@
-import requests
 from contextlib import contextmanager
 
+try:
+    # in-IDE
+    import api_sdk.openapi_client as sdk
+except ImportError:
+    import openapi_client as sdk
 
-@contextmanager
-def api_admin_session(url):
-    session = requests.Session()
-    session.verify = False
-    response = session.post(
-        f"{url}/@warpgate/api/auth/login",
-        json={
-            "username": "admin",
-            "password": "123",
-        },
-    )
-    assert response.status_code // 100 == 2
-    yield session
-
-
-def assert_response(response, code):
-    if response.status_code != code:
-        print(response.text)
-    assert response.status_code == code
-
-
-def api_list_users(url, session):
-    response = session.get(
-        f"{url}/@warpgate/admin/api/users",
-    )
-    assert_response(response, 200)
-    return response.json()
-
-
-def api_create_target(url, session, config):
-    response = session.post(
-        f"{url}/@warpgate/admin/api/targets",
-        json=config,
-    )
-    assert_response(response, 201)
-    return response.json()
-
-
-def api_create_role(url, session, config):
-    response = session.post(
-        f"{url}/@warpgate/admin/api/roles",
-        json=config,
-    )
-    assert_response(response, 201)
-    return response.json()
-
-
-def api_create_user(url, session, config):
-    response = session.post(
-        f"{url}/@warpgate/admin/api/users",
-        json=config,
-    )
-    assert_response(response, 201)
-    return response.json()
-
-
-def api_add_role_to_target(url, session, target_id, role_id):
-    response = session.post(
-        f"{url}/@warpgate/admin/api/targets/{target_id}/roles/{role_id}",
-    )
-    assert_response(response, 201)
 
 
-def api_add_role_to_user(url, session, user_id, role_id):
-    response = session.post(
-        f"{url}/@warpgate/admin/api/users/{user_id}/roles/{role_id}",
-    )
-    assert_response(response, 201)
-
-
-def api_create_ticket(url, session, username, target_name):
-    response = session.post(
-        f"{url}/@warpgate/api/auth/login",
-        json={
-            "username": "admin",
-            "password": "123",
-        },
-    )
-    assert response.status_code // 100 == 2
-    response = session.post(
-        f"{url}/@warpgate/admin/api/tickets",
-        json={
-            "username": username,
-            "target_name": target_name,
+@contextmanager
+def admin_client(host):
+    config = sdk.Configuration(
+        host=f"{host}/@warpgate/admin/api",
+        api_key={
+            "TokenSecurityScheme": "token-value",
         },
     )
-    assert response.status_code == 201
-    return response.json()["secret"]
+    config.verify_ssl = False
+    with sdk.ApiClient(config) as api_client:
+        yield sdk.DefaultApi(api_client)
diff --git a/tests/api_sdk/.gitkeep b/tests/api_sdk/.gitkeep
diff --git a/tests/api_sdk/__init__.py b/tests/api_sdk/__init__.py
diff --git a/tests/conftest.py b/tests/conftest.py
@@ -20,6 +20,12 @@
 
 
 cargo_root = Path(os.getcwd()).parent
+enable_coverage = os.getenv("ENABLE_COVERAGE", "0") == "1"
+binary_path = (
+    "target/llvm-cov-target/debug/warpgate"
+    if enable_coverage
+    else "target/debug/warpgate"
+)
 
 
 @dataclass
@@ -135,7 +141,16 @@ def start_postgres_server(self):
         port = alloc_port()
         container_name = f"warpgate-e2e-postgres-server-{uuid.uuid4()}"
         self.start(
-            ["docker", "run", "--rm", '--name', container_name, "-p", f"{port}:5432", "warpgate-e2e-postgres-server"]
+            [
+                "docker",
+                "run",
+                "--rm",
+                "--name",
+                container_name,
+                "-p",
+                f"{port}:5432",
+                "warpgate-e2e-postgres-server",
+            ]
         )
 
         def wait_postgres():
@@ -169,7 +184,7 @@ def start_wg(
         stderr=None,
         stdout=None,
     ) -> WarpgateProcess:
-        args = args or ["run"]
+        args = args or ["run", "--admin-token", "token-value"]
 
         if share_with:
             config_path = share_with.config_path
@@ -206,7 +221,7 @@ def start_wg(
         def run(args, env={}):
             return self.start(
                 [
-                    f"{cargo_root}/target/llvm-cov-target/debug/warpgate",
+                    os.path.join(cargo_root, binary_path),
                     "--config",
                     str(config_path),
                     *args,
@@ -315,9 +330,22 @@ def processes(ctx, timeout, report_generation):
 
 @pytest.fixture(scope="session", autouse=True)
 def report_generation():
+    if not enable_coverage:
+        yield None
+        return
     # subprocess.call(['cargo', 'llvm-cov', 'clean', '--workspace'])
     subprocess.check_call(
-        ["cargo", "llvm-cov", "run", "--no-cfg-coverage-nightly", "--all-features", "--no-report", "--", "--version"], cwd=cargo_root
+        [
+            "cargo",
+            "llvm-cov",
+            "run",
+            "--no-cfg-coverage-nightly",
+            "--all-features",
+            "--no-report",
+            "--",
+            "--version",
+        ],
+        cwd=cargo_root,
     )
     yield
     # subprocess.check_call(['cargo', 'llvm-cov', '--no-run', '--hide-instantiations', '--html'], cwd=cargo_root)