Integration Testing
Integration Testing For UDS Identity Config + UDS Core
Cypress Web Flow/Integration Testing Docs
Implemented Tests
Test Name (link) | Test Description |
---|---|
Login Existing User | Login in existing user that is created in the testing realm.json |
Login Nonexistant User / Incorrect creds | User cannot login / authenticate with incorrect creds or without account |
Successfuly CAC Registration | New user can successfully register with CAC |
CAC User Login | New user can successfully login with CAC |
Duplicate User Registration | User cannot register more than once |
Password check for special characters | User registration requires password special characters |
Password check for length | User registration requires password length check |
Group Authorization | Grafana is deployed to required admin group to authorize |
Cypress Testing
Using uds-cli task uds-core-integration-tests
.
Task explanation:
- Cleanup an existing uds-core directory ( mainly for local testing )
- Create docker image that uses the new certs as well as a testing realm.json ( has a defined user, no MFA, and no email verification )
- Clone
uds-core
necessary for setting up k3d cluster to test against - Use that cacert in deploying
uds-core
istio gateways - Create zarf package that combines uds-core and identity-config
- Setup k3d cluster by utilizing
uds-core
(istio, keycloak, pepr, zarf) - Deploy zarf package that was created earlier
- Run cypress tests against deployed cluster
Updating Cypress Certs
Cypress testing requires that a ca.cer be created and put into an authorized_certs.zip, done by using the regenerate-test-pki
uds task, which is then utilized by the Dockerfile. Once a docker image has been created another command is used for pulling that cacert, uds task cacert
, from the image using it’s value to configure uds-core’s gateways, uds-core-gateway-cacert
uds task . Eventually cypress will require a pfx cert for its CAC testing.
Our cypress testing utilizes static certs that are created and saved to limit the need for constantly rebuilding and importing those certs.
Follow these steps to update the certs for cypress:
- Run
uds run regenerate-test-pki
to regenerate the necessary certs and authorized_certs.zip - Run
docker build --build-arg CA_ZIP_URL="authorized_certs.zip" -t uds-core-config:keycloak --no-cache src
to create docker image - Run
uds run cacert
to extract cacert from docker image for the tls_cacert.yaml file - Copy the authorized_certs.zip, test.pfx, and tls_cacert.yaml into the certs directory
mv test.pfx tls_cacert.yaml src/authorized_certs.zip src/cypress/certs/