diff --git a/nix/checks/default.nix b/nix/checks/default.nix index dd9c5f9..f03c008 100644 --- a/nix/checks/default.nix +++ b/nix/checks/default.nix @@ -27,4 +27,9 @@ inherit craneLib src; lib = pkgs.lib; }; + + # End-to-end tests + e2e-tests = import ./e2e-test.nix { + inherit pkgs vault-hier src; + }; } diff --git a/nix/checks/e2e-test.nix b/nix/checks/e2e-test.nix new file mode 100644 index 0000000..a6ebc1e --- /dev/null +++ b/nix/checks/e2e-test.nix @@ -0,0 +1,188 @@ +{ pkgs, vault-hier, src }: + +let + # Create a test script to run the end-to-end tests + e2eTestScript = pkgs.writeShellScriptBin "run-e2e-tests" '' + #!/usr/bin/env bash + set -euo pipefail + + # Create temporary directories for test data, vault, and pid files + TEST_DIR=$(mktemp -d) + VAULT_TEST_DIR=$(mktemp -d) + VAULT_PID_FILE="$TEST_DIR/vault.pid" + + # Set Vault address + export VAULT_ADDR="http://127.0.0.1:8200" + + # Use a fixed port for the API to make debugging easier + API_PORT=3456 + API_URL="http://localhost:$API_PORT" + + echo "Using test directory: $TEST_DIR" + echo "Using vault test directory: $VAULT_TEST_DIR" + echo "Using vault PID file: $VAULT_PID_FILE" + + # Function to cleanup on exit + cleanup() { + echo "Cleaning up resources..." + if [ -n "$SERVER_PID" ]; then + echo "Stopping server process ($SERVER_PID)..." + kill -9 $SERVER_PID 2>/dev/null || true + fi + if [ -f "$VAULT_PID_FILE" ]; then + VAULT_PID=$(cat "$VAULT_PID_FILE") + echo "Stopping vault process ($VAULT_PID)..." + kill -9 $VAULT_PID 2>/dev/null || true + fi + # Clean up all temporary files and directories + rm -rf "$TEST_DIR" + rm -rf "$VAULT_TEST_DIR" + echo "Cleanup complete." + } + + # Error handling function + handle_error() { + echo "Error encountered, exiting..." + cleanup + exit 1 + } + + # Set trap for errors and interrupts + trap handle_error ERR + trap cleanup EXIT + + # Check if Vault is installed + if ! command -v vault &> /dev/null; then + echo "Vault is not installed in the test environment." + exit 1 + fi + + # Check if there's already a Vault process running with our PID file + if [ -f "$VAULT_PID_FILE" ]; then + VAULT_PID=$(cat "$VAULT_PID_FILE") + if ps -p $VAULT_PID > /dev/null; then + echo "Vault is already running with PID $VAULT_PID" + echo "Stopping the existing Vault server..." + kill -9 $VAULT_PID + rm "$VAULT_PID_FILE" + # Wait for the port to be released + sleep 2 + else + echo "Vault PID file exists but the process is not running. Removing stale PID file." + rm "$VAULT_PID_FILE" + fi + fi + + echo "Starting Vault server in non-dev mode..." + + # Create temporary config file + mkdir -p "$VAULT_TEST_DIR/data" "$VAULT_TEST_DIR/config" + + cat > "$VAULT_TEST_DIR/config/vault.hcl" << EOF + storage "file" { + path = "$VAULT_TEST_DIR/data" + } + + listener "tcp" { + address = "127.0.0.1:8200" + tls_disable = "true" + } + + disable_mlock = true + ui = false + EOF + + vault server -config="$VAULT_TEST_DIR/config/vault.hcl" > "$TEST_DIR/vault_server.log" 2>&1 & + VAULT_PID=$! + echo $VAULT_PID > "$VAULT_PID_FILE" + + echo "Vault server started with PID $VAULT_PID" + echo "Vault server is running at $VAULT_ADDR" + + # Wait for Vault to start + echo "Waiting for Vault to start..." + sleep 5 + + # Check if Vault is up and running + for i in {1..10}; do + if wget -q -O- --no-check-certificate http://127.0.0.1:8200/v1/sys/health?standbyok=true\\&sealedok=true\\&uninitok=true > /dev/null 2>&1; then + echo "Vault is up and running!" + break + fi + + if [ $i -eq 10 ]; then + echo "Timed out waiting for Vault to become available" + exit 1 + fi + + echo "Vault is unavailable - sleeping (attempt $i/10)" + sleep 2 + done + + # Start the vault-hier server + echo "Starting the vault-hier server..." + echo "Using API port: $API_PORT" + ${vault-hier}/bin/vault-hier server --vault-addr "$VAULT_ADDR" --api-port $API_PORT > "$TEST_DIR/api_server.log" 2>&1 & + SERVER_PID=$! + echo "Server started with PID $SERVER_PID" + + # Wait for the server to start + echo "Waiting for the server to start..." + sleep 10 # Increased wait time to ensure server is ready + + # Test the server with some client operations + echo "Testing the client operations..." + + # Create a sample file for testing + echo "Creating a sample file for testing..." + echo "This is a test document" > "$TEST_DIR/test_document.txt" + + # Test login with legal1 user + echo "Testing login with legal1 user..." + LOGIN_OUTPUT=$(${vault-hier}/bin/vault-hier login --username legal1 --password legal1pass --api-url "$API_URL") + echo "$LOGIN_OUTPUT" + + # Just check that login command executes successfully + echo "Login command executed successfully" + + # Test basic commands (these should at least parse correctly) + echo "Testing help command..." + ${vault-hier}/bin/vault-hier --help + if [ $? -ne 0 ]; then + echo "ERROR: Failed to run help command" + exit 1 + fi + + # Test version command + echo "Testing version command..." + ${vault-hier}/bin/vault-hier --version + if [ $? -ne 0 ]; then + echo "ERROR: Failed to run version command" + exit 1 + fi + + echo "End-to-end tests passed successfully!" + exit 0 + ''; + + # Create the derivation that will run the tests + e2eTests = pkgs.runCommand "vault-hier-e2e-tests" { + buildInputs = [ + vault-hier + pkgs.vault + pkgs.wget + ]; + nativeBuildInputs = [ + pkgs.jq + pkgs.wget + ]; + } '' + # Run the test script + ${e2eTestScript}/bin/run-e2e-tests + + # Create a success marker file to indicate the tests passed + mkdir -p $out + touch $out/success + ''; +in +e2eTests