2021-11-11 14:23:30 -05:00
|
|
|
name: IAM integration
|
2021-11-09 12:25:13 -05:00
|
|
|
|
|
|
|
on:
|
|
|
|
pull_request:
|
|
|
|
branches:
|
2021-11-30 12:22:17 -05:00
|
|
|
- master
|
2021-11-09 12:25:13 -05:00
|
|
|
|
|
|
|
# This ensures that previous jobs for the PR are canceled when the PR is
|
|
|
|
# updated.
|
2021-11-10 21:18:09 -05:00
|
|
|
concurrency:
|
2021-11-09 12:25:13 -05:00
|
|
|
group: ${{ github.workflow }}-${{ github.head_ref }}
|
|
|
|
cancel-in-progress: true
|
|
|
|
|
|
|
|
jobs:
|
2021-11-11 14:23:30 -05:00
|
|
|
iam-matrix-test:
|
|
|
|
name: "[Go=${{ matrix.go-version }}|ldap=${{ matrix.ldap }}|etcd=${{ matrix.etcd }}|openid=${{ matrix.openid }}]"
|
2021-11-09 12:25:13 -05:00
|
|
|
runs-on: ubuntu-latest
|
|
|
|
|
|
|
|
services:
|
|
|
|
openldap:
|
|
|
|
image: quay.io/minio/openldap
|
|
|
|
ports:
|
|
|
|
- "389:389"
|
|
|
|
- "636:636"
|
|
|
|
env:
|
|
|
|
LDAP_ORGANIZATION: "MinIO Inc"
|
|
|
|
LDAP_DOMAIN: "min.io"
|
|
|
|
LDAP_ADMIN_PASSWORD: "admin"
|
|
|
|
etcd:
|
|
|
|
image: "quay.io/coreos/etcd:v3.5.1"
|
|
|
|
env:
|
|
|
|
ETCD_LISTEN_CLIENT_URLS: "http://0.0.0.0:2379"
|
|
|
|
ETCD_ADVERTISE_CLIENT_URLS: "http://0.0.0.0:2379"
|
|
|
|
ports:
|
|
|
|
- "2379:2379"
|
|
|
|
options: >-
|
|
|
|
--health-cmd "etcdctl endpoint health"
|
|
|
|
--health-interval 10s
|
|
|
|
--health-timeout 5s
|
|
|
|
--health-retries 5
|
2021-11-11 14:23:30 -05:00
|
|
|
openid:
|
|
|
|
image: quay.io/minio/dex
|
2021-11-09 12:25:13 -05:00
|
|
|
ports:
|
2021-11-11 14:23:30 -05:00
|
|
|
- "5556:5556"
|
2021-11-09 12:25:13 -05:00
|
|
|
env:
|
2021-11-11 14:23:30 -05:00
|
|
|
DEX_LDAP_SERVER: "openldap:389"
|
2021-11-09 12:25:13 -05:00
|
|
|
|
|
|
|
strategy:
|
2021-11-11 14:23:30 -05:00
|
|
|
# When ldap, etcd or openid vars are empty below, those external servers
|
|
|
|
# are turned off - i.e. if ldap="", then ldap server is not enabled for
|
|
|
|
# the tests.
|
2021-11-09 12:25:13 -05:00
|
|
|
matrix:
|
2021-11-19 19:18:23 -05:00
|
|
|
go-version: [1.17.x]
|
2021-11-11 14:23:30 -05:00
|
|
|
ldap: ["", "localhost:389"]
|
|
|
|
etcd: ["", "http://localhost:2379"]
|
|
|
|
openid: ["", "http://127.0.0.1:5556/dex"]
|
|
|
|
exclude:
|
|
|
|
# exclude combos where all are empty.
|
|
|
|
- ldap: ""
|
|
|
|
etcd: ""
|
|
|
|
openid: ""
|
|
|
|
# exclude combos where both ldap and openid IDPs are specified.
|
|
|
|
- ldap: "localhost:389"
|
|
|
|
openid: "http://127.0.0.1:5556/dex"
|
2021-11-09 12:25:13 -05:00
|
|
|
|
|
|
|
steps:
|
|
|
|
- uses: actions/checkout@v2
|
|
|
|
- uses: actions/setup-go@v2
|
|
|
|
with:
|
|
|
|
go-version: ${{ matrix.go-version }}
|
2021-11-19 19:18:23 -05:00
|
|
|
- uses: actions/cache@v2
|
|
|
|
with:
|
|
|
|
path: |
|
|
|
|
~/.cache/go-build
|
|
|
|
~/go/pkg/mod
|
|
|
|
key: ${{ runner.os }}-${{ matrix.go-version }}-go-${{ hashFiles('**/go.sum') }}
|
|
|
|
restore-keys: |
|
|
|
|
${{ runner.os }}-${{ matrix.go-version }}-go-
|
|
|
|
- name: Test LDAP/OpenID/Etcd combo
|
2021-11-09 12:25:13 -05:00
|
|
|
env:
|
2021-11-11 14:23:30 -05:00
|
|
|
LDAP_TEST_SERVER: ${{ matrix.ldap }}
|
|
|
|
ETCD_SERVER: ${{ matrix.etcd }}
|
|
|
|
OPENID_TEST_SERVER: ${{ matrix.openid }}
|
2021-11-09 12:25:13 -05:00
|
|
|
run: |
|
|
|
|
sudo sysctl net.ipv6.conf.all.disable_ipv6=0
|
|
|
|
sudo sysctl net.ipv6.conf.default.disable_ipv6=0
|
|
|
|
make test-iam
|
2021-12-08 14:50:15 -05:00
|
|
|
- name: Test LDAP for automatic site replication
|
|
|
|
if: matrix.ldap == 'localhost:389'
|
|
|
|
run: |
|
|
|
|
make test-site-replication
|