Skip to content

Integration Testing

Integration Testing For UDS Identity Config + UDS Core

Cypress Web Flow/Integration Testing Docs

Implemented Tests

Test Name (link)Test Description
Login Existing UserLogin in existing user that is created in the testing realm.json
Login Nonexistant User / Incorrect credsUser cannot login / authenticate with incorrect creds or without account
Successfuly CAC RegistrationNew user can successfully register with CAC
CAC User LoginNew user can successfully login with CAC
Duplicate User RegistrationUser cannot register more than once
Password check for special charactersUser registration requires password special characters
Password check for lengthUser registration requires password length check
Group AuthorizationGrafana is deployed to required admin group to authorize

Cypress Testing

Using uds-cli task uds-core-integration-tests.

Task explanation:

  • Cleanup an existing uds-core directory ( mainly for local testing )
  • Create docker image that uses the new certs as well as a testing realm.json ( has a defined user, no MFA, and no email verification )
  • Clone uds-core necessary for setting up k3d cluster to test against
  • Use that cacert in deploying uds-core istio gateways
  • Create zarf package that combines uds-core and identity-config
  • Setup k3d cluster by utilizing uds-core (istio, keycloak, pepr, zarf)
  • Deploy zarf package that was created earlier
  • Run cypress tests against deployed cluster

Updating Cypress Certs

Cypress testing requires that a ca.cer be created and put into an authorized_certs.zip, done by using the regenerate-test-pki uds task, which is then utilized by the Dockerfile. Once a docker image has been created another command is used for pulling that cacert, uds task cacert, from the image using it’s value to configure uds-core’s gateways, uds-core-gateway-cacert uds task . Eventually cypress will require a pfx cert for its CAC testing.

Our cypress testing utilizes static certs that are created and saved to limit the need for constantly rebuilding and importing those certs.

Follow these steps to update the certs for cypress:

  1. Run uds run regenerate-test-pki to regenerate the necessary certs and authorized_certs.zip
  2. Run docker build --build-arg CA_ZIP_URL="authorized_certs.zip" -t uds-core-config:keycloak --no-cache src to create docker image
  3. Run uds run cacert to extract cacert from docker image for the tls_cacert.yaml file
  4. Copy the authorized_certs.zip, test.pfx, and tls_cacert.yaml into the certs directory
    • mv test.pfx tls_cacert.yaml src/authorized_certs.zip src/cypress/certs/