mirror of
https://github.com/netbirdio/netbird.git
synced 2026-07-19 04:59:56 +00:00
Introduce a self-contained, OIDC-free e2e harness that stands up NetBird in containers, so suites no longer depend on the hand-maintained Tilt stack or a real IdP. - harness brings up the combined server (management + signal + relay + STUN + embedded IdP) in a single container built from combined/Dockerfile.multistage, and mints an admin PAT through the unauthenticated /api/setup bootstrap (NB_SETUP_PAT_ENABLED). API access goes through the existing shared/management/client/rest typed client. - the image is built via the docker CLI (BuildKit) so the Dockerfile's cache mounts are honored; testcontainers then runs the tagged image. - everything is behind the `e2e` build tag so normal builds and unit tests never pull in testcontainers. Adds BuildKit cache mounts to combined/Dockerfile.multistage so source changes recompile incrementally rather than from scratch. Pillar 1 proven by TestCombinedBootstrap: server builds, boots, mints a PAT, and the PAT authenticates a real management API call.
44 lines
1.3 KiB
Go
44 lines
1.3 KiB
Go
//go:build e2e
|
|
|
|
package agentnetwork
|
|
|
|
import (
|
|
"context"
|
|
"testing"
|
|
"time"
|
|
|
|
"github.com/stretchr/testify/assert"
|
|
"github.com/stretchr/testify/require"
|
|
|
|
"github.com/netbirdio/netbird/e2e/harness"
|
|
)
|
|
|
|
// TestCombinedBootstrap proves Pillar 1: a combined NetBird server comes up in a
|
|
// container, the /api/setup bootstrap mints an admin PAT with no OIDC, and that
|
|
// PAT authenticates real management API calls through the typed REST client.
|
|
func TestCombinedBootstrap(t *testing.T) {
|
|
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Minute)
|
|
defer cancel()
|
|
|
|
srv, err := harness.StartCombined(ctx)
|
|
require.NoError(t, err, "combined server must build and start")
|
|
t.Cleanup(func() {
|
|
_ = srv.Terminate(context.Background())
|
|
})
|
|
|
|
pat, err := srv.Bootstrap(ctx)
|
|
require.NoError(t, err, "/api/setup must mint an admin PAT")
|
|
require.NotEmpty(t, pat, "PAT must be non-empty")
|
|
|
|
// The PAT must authenticate a real management API call through the client.
|
|
users, err := srv.API().Users.List(ctx)
|
|
require.NoError(t, err, "authenticated Users.List must round-trip")
|
|
require.NotEmpty(t, users, "the bootstrapped account must have at least one user")
|
|
|
|
var emails []string
|
|
for _, u := range users {
|
|
emails = append(emails, u.Email)
|
|
}
|
|
assert.Contains(t, emails, "admin@netbird.test", "the bootstrapped owner should appear in the users list")
|
|
}
|