Protei/PromucFlow_constructor
2
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
d96fcae0d8
PromucFlow_constructor/deploy/docker/tests/test-pg-auth.sh
Abhijeet 6eb44a11c7
chore: Add appsmith user existence check for auth tests (#38069) 
## Description
PR to add the check for `appsmith` user existence before any assertions
in pg-auth-test to remove the flakiness.

### 🔍 Cypress test results
<!-- This is an auto-generated comment: Cypress test results  -->
> [!WARNING]
> Tests have not run on the HEAD
0ac8736872f1d8b51b384b644dd0f3b21f725cb0 yet
> <hr>Fri, 13 Dec 2024 05:18:03 UTC
<!-- end of auto-generated comment: Cypress test results  -->


## Communication
Should the DevRel and Marketing teams inform users about this change?
- [ ] Yes
- [x] No


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

- **Bug Fixes**
- Enhanced testing for PostgreSQL authentication to ensure the Appsmith
user exists before access checks.

- **Tests**
- Updated existing test functions to include user existence
verification, improving the robustness of the testing process.
- Introduced new functions to verify user existence and check the
readiness of the Appsmith instance and PostgreSQL.
- Streamlined logic for readiness checks, enhancing overall testing
efficiency.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2024-12-13 10:51:55 +05:30

227 lines
9.7 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
set -o errexit
source ./composes.sh
source ./pg-test-utils.sh
# Function to update the APPSMITH_DB_URL in docker.env
# Once postgres is the default db, the APPSMITH_POSTGRES_DB_URL will be removed and this step won't be required anymore
# Check run-java.sh for more details why we need to update the APPSMITH_DB_URL to point to postgres
update_db_url() {
docker exec "${container_name}" bash -c "sed -i 's|^APPSMITH_DB_URL=mongodb|# &|' /appsmith-stacks/configuration/docker.env"
docker exec "${container_name}" bash -c "sed -i 's|^APPSMITH_POSTGRES_DB_URL=|APPSMITH_DB_URL=|' /appsmith-stacks/configuration/docker.env"
}
# Function to read the password from the PostgreSQL URL in docker.env.sh
get_appsmith_password() {
local password
password=$(docker exec "${container_name}" bash -c "grep -i 'APPSMITH_DB_URL' /appsmith-stacks/configuration/docker.env | sed -n 's/^.*\/\/appsmith:\([^@]*\)@.*$/\1/p'")
printf "%s" "$password"
}
# Function to check the read access to databases
check_user_datasource_access_with_auth() {
local password
local appsmith_user_local_access
local appsmith_user_remote_access
password=$(get_appsmith_password)
docker exec -i "${container_name}" bash -c "psql -h 127.0.0.1 -p 5432 -U appsmith -c '\l'" <<EOF
$password
EOF
appsmith_user_remote_access=$?
docker exec -i "${container_name}" bash -c "psql -p 5432 -U appsmith -c '\l'"
appsmith_user_local_access=$?
# Check if the Appsmith user does not have read access with local unix socket but has read access with local tcp socket
if [[ $appsmith_user_local_access -ne 0 && $appsmith_user_remote_access -eq 0 ]]; then
echo "appsmith user does not have read access to databases with local unix socket: ✅"
echo "appsmith user has read access to databases with local tcp socket: ✅"
local pg_user_local_access
local pg_user_remote_access
# Check if the postgres user has read access to databases with local unix socket
docker exec -i "${container_name}" bash -c "psql -p 5432 -U postgres -d appsmith -c '\l'"
pg_user_local_access=$?
# Check if the postgres user does not have read access to databases with local tcp socket
docker exec -i "${container_name}" bash -c "psql -h 127.0.0.1 -p 5432 -U postgres -d appsmith -c '\l'"
pg_user_remote_access=$?
if [[ $pg_user_local_access -eq 0 && $pg_user_remote_access -ne 0 ]]; then
echo "postgres user has read access to databases with local unix socket: ✅"
echo "postgres user does not have read access to databases with local tcp socket: ✅"
return 0
elif [[ $pg_user_local_access -ne 0 ]]; then
echo "postgres user does not have read access to databases with local unix socket: ❌"
elif [[ $pg_user_remote_access -eq 0 ]]; then
echo "postgres user has read access to databases with local tcp socket: ❌"
fi
elif [[ $appsmith_user_local_access -eq 0 ]]; then
echo "appsmith user has read access to databases with local unix socket: ❌"
elif [[ $appsmith_user_remote_access -ne 0 ]]; then
echo "appsmith user does not have read access to databases with local tcp socket: ❌"
fi
return 1
}
# Test to check if the postgres auth is enabled after upgrading from 1.50 to local image
# Expectation:
# 1. Appsmith instance should be able to upgrade from v1.50 to local image
# 2. Postgres user should have read access to databases with local unix socket
# 3. Postgres user should not have read access to databases with tcp socket
# 4. Appsmith user should not have read access to databases with local unix socket
# 5. Appsmith user should have read access to databases with tcp socket
test_postgres_auth_enabled_upgrade_from_150tolocal() {
# Steps:
# 1. Start the Appsmith 1.50 instance
# 2. Check if the Appsmith instance is up
# 3. Check if the postgres user has read access to databases
# 4. Update the APPSMITH_DB_URL in docker.env to point to postgres
# 5. Start the Appsmith local image
# 6. Check if the Appsmith instance is up
# 7. Check if the Appsmith user has read access to databases
# 8. Check if the postgres user has read access to databases
echo "############################################################"
echo "Starting ${FUNCNAME[0]}"
cleanup
# appsmith v1.50 does not have postgres auth enabled
echo "Starting Appsmith 150"
compose_appsmith_version v1.50
# Wait until postgres to come up
wait_for_postgres
# Check if the Appsmith instance is up
if is_appsmith_instance_ready; then
# Check if the postgres user has read access to databases
if check_user_datasource_access_with_host_port_wo_auth; then
echo "postgres user has read access to databases: ✅"
else
# We don't expect the postgres user to not have read access as the auth level is set to trust hence failing the test after this step immediately
echo "postgres user does not have read access to databases: ❌"
exit 1
fi
else
echo "Appsmith instance failed to start."
exit 1
fi
# Update the APPSMITH_DB_URL in docker.env to point to postgres to initialise appsmith user and schema when the container with local image is started
update_db_url
echo "Remove container to reuse the same volume for local image"
docker compose down --timeout 30 # wait upto timeout for graceful shutdown.
# ensure the container exists before trying to remove it
docker compose ps -q "${container_name}" && \
docker compose rm -fsv "${container_name}" || \
echo "Container "${container_name}" does not exist."
echo "Starting Appsmith local to check the auth"
compose_appsmith_local
MAX_RETRIES=10
RETRYSECONDS=5
retry_count=0
# Wait until postgres to come up
wait_for_postgres
# Check if the Appsmith instance is up
if is_appsmith_instance_ready; then
if ! check_user_exists appsmith; then
echo "Appsmith user does not exist"
echo "Test ${FUNCNAME[0]} Failed ❌"
exit 1
fi
# Check if the Appsmith user has read access to databases
if check_user_datasource_access_with_auth; then
echo "Test ${FUNCNAME[0]} Passed ✅"
else
echo "Test ${FUNCNAME[0]} Failed ❌"
exit 1
fi
else
echo "Appsmith instance failed to start."
echo "Test ${FUNCNAME[0]} Failed ❌"
exit 1
fi
}
# Test to check if the postgres auth is enabled after restarting local image
# Expectation:
# 1. Appsmith instance should be able to start to local image with mongodb default uri
# 2. Appsmith instance should be able to restart to local image with postgres uri
# 3. Postgres user should have read access to databases with local unix socket
# 4. Postgres user should not have read access to databases with tcp socket
# 5. Appsmith user should not have read access to databases with local unix socket
# 6. Appsmith user should have read access to databases with tcp socket
test_postgres_auth_enabled_restart_localtolocal() {
# Steps:
# 1. Start the Appsmith local instance with mongodb default uri
# 2. Check if the Appsmith instance is up
# 3. Check if the postgres user has read access to databases
# 4. Update the APPSMITH_DB_URL in docker.env to point to postgres
# 5. Start the Appsmith local image
# 6. Check if the Appsmith instance is up
# 7. Check if the Appsmith user has read access to databases
# 8. Check if the postgres user has read access to databases
echo "############################################################"
echo "Starting ${FUNCNAME[0]}"
cleanup
echo "Starting Appsmith local with mongodb default uri"
compose_appsmith_local
# Wait until postgres to come up
wait_for_postgres
# Check if the Appsmith instance is up
if is_appsmith_instance_ready; then
# Check if the postgres user has read access to databases
if check_user_datasource_access_with_local_port_wo_auth; then
echo "postgres user has read access to databases: ✅"
else
# We don't expect the postgres user to not have read access as the auth level is set to trust hence failing the test after this step immediately
echo "postgres user does not have read access to databases: ❌"
exit 1
fi
else
echo "Appsmith instance failed to start."
exit 1
fi
# Update the APPSMITH_DB_URL in docker.env to point to postgres to initialise appsmith user and schema when the container with local image is started
update_db_url
echo "Remove container to reuse the same volume for local image"
docker compose down --timeout 30 # wait upto timeout for graceful shutdown.
# ensure the container exists before trying to remove it
docker compose ps -q "${container_name}" && \
docker compose rm -fsv "${container_name}" || \
echo "Container "${container_name}" does not exist."
echo "Starting Appsmith local to check the auth"
compose_appsmith_local
wait_for_postgres
# Check if the Appsmith instance is up
if is_appsmith_instance_ready; then
if ! check_user_exists appsmith; then
echo "Appsmith user does not exist"
echo "Test ${FUNCNAME[0]} Failed ❌"
exit 1
fi
# Check if the Appsmith user has read access to databases
if check_user_datasource_access_with_auth; then
echo "Test ${FUNCNAME[0]} Passed ✅"
else
echo "Test ${FUNCNAME[0]} Failed ❌"
exit 1
fi
else
echo "Appsmith instance failed to start."
echo "Test ${FUNCNAME[0]} Failed ❌"
exit 1
fi
}
container_name="appsmith-docker-test"
test_postgres_auth_enabled_upgrade_from_150tolocal
test_postgres_auth_enabled_restart_localtolocal
Reference in New Issue View Git Blame Copy Permalink