Merge pull request #17 from EOEPCA/feature/EOEPCA-114

Feature/eoepca 114
EOEPCA · Jul 3, 2020 · 9e98ffc · 9e98ffc
2 parents 7682783 + 05abd92
commit 9e98ffc
Show file tree

Hide file tree

Showing 8 changed files with 121 additions and 15 deletions.
diff --git a/terraform/global/um-login-service/ldap/persistence.tf b/terraform/global/um-login-service/ldap/persistence.tf
@@ -19,7 +19,7 @@ resource "kubernetes_job" "um_login_persistence" {
 
         container {
           name  = "um-login-persistence"
-          image = "eoepca/um-login-persistence:v0.1"
+          image = "eoepca/um-login-persistence:v0.1.1"
 
           env {
             name  = "GLUU_CONFIG_ADAPTER"

diff --git a/terraform/global/um-pep-engine/config/pep-engine-volumes.tf b/terraform/global/um-pep-engine/config/pep-engine-volumes.tf
@@ -22,6 +22,50 @@ resource "kubernetes_persistent_volume_claim" "pep_engine_logs_volume_claim" {
   }
 }
 
+resource "kubernetes_persistent_volume" "mongo_persistent_storage" {
+  metadata {
+    name = "mongo-persistent-storage"
+
+    labels = {
+      pep-engine = "mongo-persistent-storage"
+    }
+  }
+
+  spec {
+    capacity = {
+      storage = "10M"
+    }
+
+    access_modes = ["ReadWriteMany"]
+
+    persistent_volume_source {
+      host_path {
+        path = "/data/db"
+      }
+    }
+    storage_class_name = "standard"
+  }
+}
+
+
+resource "kubernetes_persistent_volume_claim" "mongo_persistent_storage_volume_claim" {
+  metadata {
+    name = "mongo-persistent-storage-volume-claim"
+  }
+
+  spec {
+    access_modes = ["ReadWriteMany"]
+
+    resources {
+      requests = {
+        storage = "10M"
+      }
+    }
+
+    volume_name = "mongo-persistent-storage"
+  }
+}
+
 resource "kubernetes_persistent_volume_claim" "pep_engine_lib_ext_volume_claim" {
   metadata {
     name = "pep-engine-lib-ext-volume-claim"

diff --git a/terraform/global/um-pep-engine/config/pep-engine.tf b/terraform/global/um-pep-engine/config/pep-engine.tf
@@ -2,7 +2,7 @@ resource "kubernetes_config_map" "pep_engine_cm" {
   metadata {
     name = "um-pep-engine-config"
   }
-  
+
   depends_on = [ null_resource.waitfor-login-service ]
 
   data = {
@@ -19,9 +19,6 @@ resource "kubernetes_config_map" "pep_engine_cm" {
   }
 }
 
-
-
-
 resource "kubernetes_ingress" "gluu_ingress_pep_engine" {
   metadata {
     name = "gluu-ingress-pep-engine"
@@ -74,6 +71,7 @@ resource "kubernetes_service" "pep-engine" {
   }
 }
 
+
 resource "kubernetes_deployment" "pep-engine" {
   metadata {
     name   = "pep-engine"
@@ -117,9 +115,16 @@ resource "kubernetes_deployment" "pep-engine" {
             claim_name = "pep-engine-custom-pages-volume-claim"
           }
         }
+        volume {
+          name = "mongo-persistent-storage"
+          persistent_volume_claim {
+            claim_name = "mongo-persistent-storage-volume-claim"
+          }
+        }
         container {
           name  = "pep-engine"
-          image = "eoepca/um-pep-engine:v0.1"
+          image = "eoepca/um-pep-engine:v0.1.1"
+
           port {
             container_port = 5566
             name = "http-pep"
@@ -149,8 +154,32 @@ resource "kubernetes_deployment" "pep-engine" {
             name       = "pep-engine-custom-pages"
             mount_path = "/opt/gluu/jetty/pep-engine/custom/pages"
           }
+          volume_mount {
+            name       = "mongo-persistent-storage"
+            mount_path = "/data/db"
+          }
+          image_pull_policy = "Always"
+        }
+        container {
+          name  = "mongo"
+          image = "mongo"
+          port {
+            container_port = 27017
+            name = "http-rp"
+          }
+
+          env_from {
+            config_map_ref {
+              name = "um-pep-engine-config"
+            }
+          }
+          volume_mount {
+            name       = "mongo-persistent-storage"
+            mount_path = "/data/db"
+          }
           image_pull_policy = "Always"
         }
+
         host_aliases {
           ip        = var.nginx_ip
           hostnames = [ var.hostname ]

diff --git a/terraform/global/um-pep-engine/main.tf b/terraform/global/um-pep-engine/main.tf
@@ -1,4 +1,6 @@
 # Apply Pep Engine
+
+
 module "config" {
   source   = "./config"
   nginx_ip = var.nginx_ip

diff --git a/terraform/test/main.tf b/terraform/test/main.tf
@@ -5,6 +5,7 @@ provider "kubernetes" {
 provider "kubectl" {
 }
 
+
 resource "kubernetes_role_binding" "default_admin" {
   metadata {
     name = "default-admin"
@@ -22,6 +23,24 @@ resource "kubernetes_role_binding" "default_admin" {
     name      = "admin"
   }
 }
+resource "kubernetes_cluster_role_binding" "default_view" {
+
+  metadata {
+    name = "default-view"
+  }
+
+  role_ref {
+    api_group = "rbac.authorization.k8s.io"
+    kind      = "ClusterRole"
+    name      = "view"
+  }
+
+  subject {
+      kind      = "ServiceAccount"
+      name      = "default"
+      namespace = "default"
+  }
+}
 
 module "um-login-service" {
   source = "../global/um-login-service"
@@ -41,6 +60,8 @@ module "um-user-profile" {
   hostname = var.hostname
 }  
 
+
+
 module "proc-ades" {
   source = "../global/proc-ades"
   dh_user_email = var.dh_user_email

diff --git a/test/acceptance/UserManagement/LoginService/UMA_Flow.robot b/test/acceptance/UserManagement/LoginService/UMA_Flow.robot
@@ -50,16 +50,14 @@ UMA Get Ticket
   Create Session  ades  ${base_url}  verify=True
   ${headers}=  Create Dictionary  authorization=Bearer ${token}
   ${resp}=  Get Request  ades  /${resource}  headers=${headers}
-  ${location_header}=  Get From Dictionary  ${resp.headers}  WWW-Authenticate
-  ${ticket}=  Fetch From Right  ${location_header}  ticket=
   [Return]  ${resp}  
 
 UMA Get Ticket Valid
   [Arguments]  ${base_url}  ${token}  ${resource}
   ${resp}=  UMA Get Ticket  ${base_url}  ${token}  ${resource}
-  Status Should Be  401  ${resp}
   [Return]  ${resp}
 
+
 UMA Get ID Token
   [Arguments]  ${base_url}  ${user}  ${pwd}  ${client_id}  ${client_secret}  ${token_endpoint}
   Create Session  loginService  ${token_endpoint}  verify=False
@@ -148,16 +146,19 @@ UMA Write in Resource
   ${i}=  Convert To String  ${\n}\${RPT_TOKEN}= ${space}${variable}
   Append To File  ../../Processing/ADES/ADES.resource  ${i}
 
+UMA Get Resource 
+
+
 UMA Handler of Codes
   [Arguments]  ${base_url}  ${token}  ${resource}  ${well_known}  ${user}  ${pwd}  ${client_id}  ${client_secret}  
   ${resp_ticket}=  UMA Get Ticket Valid  ${base_url}  ${token}  ${resource}
-  ${ticket}=  UMA Get Ticket From Response  ${resp_ticket}
+  ${ticket}=  builtIn.Run Keyword If  "${resp_ticket.status_code}"=="401"  UMA Get Ticket From Response  ${resp_ticket}
   #Log to console  The ticket is: 
   #Log to console  ${ticket}
   ${id_token}=  UMA Get ID Token Valid  ${base_url}  ${well_known}  ${user}  ${pwd}  ${client_id}  ${client_secret}
   #Log to console  The id_token is:
   #Log to console  ${id_token}
-  ${access_token}=  UMA Get Access Token Valid  ${well_known}  ${ticket}  ${id_token}  ${client_id}  ${client_secret}
+  ${access_token}=  builtIn.Run Keyword If  "${resp_ticket.status_code}"=="401"  UMA Get Access Token Valid  ${well_known}  ${ticket}  ${id_token}  ${client_id}  ${client_secret}
   #Log to console  The access_token is:
   #Log to console  ${access_token}
   [Return]  ${access_token}
diff --git a/test/acceptance/UserManagement/UserProfile/LoginServiceInteraction.robot b/test/acceptance/UserManagement/UserProfile/LoginServiceInteraction.robot
@@ -21,8 +21,11 @@ Log in to the User Profile through the Login Service
   ${options}=  Call Method  ${chrome_options}  to_capabilities      
   Open Browser  ${URL}  browser=chrome  desired_capabilities=${options}
   Set Browser Implicit Wait  5
-  LoginService Call Log in Button
+  ${title}=  Get Title
+  BuiltIn.Run Keyword If  "${title}"=="EOEPCA User Profile"  LoginService Call Log in Button
   LoginService Fill Credentials
+  ${title}=  Get Title
+  BuiltIn.Run Keyword If  "${title}"=="oxAuth"  LoginService Allow User
   LoginService Call Log out Button
   Title Should Be  EOEPCA User Profile
 
@@ -38,18 +41,24 @@ UMA Get Data from Config File
   Set Global Variable  ${USER} 
   Set Global Variable  ${PWD}
 
+LoginService Allow User
+  Title Should Be  oxAuth
+  Click Button  id=authorizeForm:allowButton
+  Set Browser Implicit Wait  5
+  #Capture Page Screenshot  
+
 LoginService Call Log in Button
   Title Should Be  EOEPCA User Profile
   Click Link    xpath=//a[@href="/web_ui/login"]
   Set Browser Implicit Wait  5
   #Capture Page Screenshot
 
 LoginService Fill Credentials
-  TItle Should Be  oxAuth - Passport Login
+  Title Should Be  oxAuth - Passport Login
   Input Text  id=loginForm:username  admin
   Input Password  id=loginForm:password  admin_Abcd1234#
   Click Button  id=loginForm:loginButton
-  Set Browser Implicit Wait  5
+  Set Browser Implicit Wait  10
 
 LoginService Call Log out Button
   Title Should Be  EOEPCA User Profile

diff --git a/test/acceptance/requirements.txt b/test/acceptance/requirements.txt
@@ -5,5 +5,5 @@ requests==2.23.0
 Flask==1.1.2
 pyjwkest==1.4.2
 pycrypto==2.6.1
-eoepca-scim==2.5.3
+eoepca-scim==2.7.3
 pycryptodome==3.4.3