First integration test

Sets up a whole slew of docker instances, all started from clean
slate for test.

5 files changed, 134 insertions, 0 deletions

diff --git a/docker/integration_test/docker-compose.yaml b/docker/integration_test/docker-compose.yaml
new file mode 100644
index 0000000..628973f
--- /dev/null
+++ b/docker/integration_test/docker-compose.yaml
@@ -0,0 +1,77 @@
+services:
+  openldap:
+    image: bitnami/openldap:latest
+    ports:
+      - '1389'
+      - '1636'
+    environment:
+      - LDAP_ADMIN_USERNAME=admin
+      - LDAP_ADMIN_PASSWORD=adminpassword
+      - LDAP_USERS=user01,user02,user03
+      - LDAP_PASSWORDS=password1,password2,password3
+    volumes:
+      - 'it_openldap_data:/bitnami/openldap'
+  mariadb:
+    image: mariadb:latest
+    ports:
+      - '3306'
+    environment:
+      - MARIADB_USER=eyeballs
+      - MARIADB_PASSWORD=secret
+      - MARIADB_DATABASE=eyeballs
+      - MARIADB_RANDOM_ROOT_PASSWORD=1
+    healthcheck:
+      test: ["CMD", "healthcheck.sh", "--connect", "--innodb_initialized"]
+      start_period: 10s
+      interval: 10s
+      timeout: 5s
+      retries: 3
+    volumes:
+      - 'it_mariadb_data:/var/lib/mysql'
+  remote_git:
+    image: rockstorm/git-server:latest
+    ports:
+      - '12222:22'
+    volumes:
+      - './web/gitkey.pub:/home/git/.ssh/authorized_keys'
+      - 'it_remote_git:/srv/git'
+  local_git:
+    image: rockstorm/git-server:latest
+    environment:
+      - SSH_AUTH_METHODS=publickey
+    depends_on:
+      - web
+    ports:
+      - '10022:22'
+    volumes:
+      - 'it_git_auth:/home/git/.ssh'
+      - 'it_git_repos:/srv/git'
+  web:
+    build:
+      context: ../../
+      dockerfile: ./docker/integration_test/web/Dockerfile
+    depends_on:
+      openldap:
+        condition: service_started
+      mariadb:
+        condition: service_healthy
+    environment:
+      - LDAP_URL=ldap://openldap:1389
+      - DB_URL=mysql://eyeballs:secret@mariadb:3306/eyeballs
+    ports:
+      - '18000:8000'
+    volumes:
+      - 'it_git_auth:/git/auth'
+      - 'it_git_repos:/git/repos'
+
+volumes:
+  it_openldap_data:
+    driver: local
+  it_mariadb_data:
+    driver: local
+  it_remote_git:
+    driver: local
+  it_git_auth:
+    driver: local
+  it_git_repos:
+    driver: local
diff --git a/docker/integration_test/web/Dockerfile b/docker/integration_test/web/Dockerfile
new file mode 100644
index 0000000..2ba7a5d
--- /dev/null
+++ b/docker/integration_test/web/Dockerfile
@@ -0,0 +1,15 @@
+FROM archlinux:base
+
+RUN pacman -Suy --noconfirm && pacman -S openssl git --noconfirm
+
+# Docker still have this really stupied idea that all files must be relative "context",
+# so context is set to ../.. relative the docker-compose.yaml
+COPY server/target/x86_64-unknown-linux-musl/debug/eyeballs-githook /app/eyeballs-githook
+COPY server/target/debug/eyeballs /app/eyeballs
+COPY docker/integration_test/web/setup.sh /app/setup.sh
+
+RUN mkdir -p -m 0700 /app/.ssh
+COPY docker/integration_test/web/gitkey /app/.ssh/id_rsa
+
+WORKDIR /app
+ENTRYPOINT /app/setup.sh
diff --git a/docker/integration_test/web/gitkey b/docker/integration_test/web/gitkey
new file mode 100644
index 0000000..a884da2
--- /dev/null
+++ b/docker/integration_test/web/gitkey
@@ -0,0 +1,16 @@
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAlwAAAAdzc2gtcn
+NhAAAAAwEAAQAAAIEA29qzykqWxz65PFU5LuUIOplhgCnuDEA0LD7lff6qhwIaa2WyXOC0
+q9yOpY9tB1T+rArpmRgo1iH2jNRw4Y4E7DERQNhEEhfIvse93HspeTIHuQmqWID7IxUDZJ
+JK55XA1DGJIZWTreNc/XeEOBdXgBPRxMQg92jRmxfwi+xzQ20AAAIIvPzf27z839sAAAAH
+c3NoLXJzYQAAAIEA29qzykqWxz65PFU5LuUIOplhgCnuDEA0LD7lff6qhwIaa2WyXOC0q9
+yOpY9tB1T+rArpmRgo1iH2jNRw4Y4E7DERQNhEEhfIvse93HspeTIHuQmqWID7IxUDZJJK
+55XA1DGJIZWTreNc/XeEOBdXgBPRxMQg92jRmxfwi+xzQ20AAAADAQABAAAAgQDT6DjjAo
+HSCeMBBCPZz2ffE3em0MNhi4C+JOGOT6iN+Lj+S0dfvjZmcHANo/Cy4HmX2ezOYzr5KkM5
++onS3dBfDj1ndLNZt4NCd9jeRAONetweXdA9AlJiSMJ5A33hMsACaMxrwzwKicexKz9pIw
+9hcxiIo28Xbak6MrTOBQWFAQAAAEEA1TCRvnzZTDIyzrQyyx85HiQRVU8ySm1fSSXh9Xvv
+m2RtSSRXlZuoVB6tUyMczGjHV76LzMmmJafa1CzyrJqLFwAAAEEA9q162hU6gPxvVIdKt3
+/W26oWaaSlDKZ21XxSRGQNYnfMpQqCzAIvAdRiaF+hE/H4Sl8GW7U4yDtsD3pUsS/OKwAA
+AEEA5Cm3Q9hps3iOwbEpo59yno/Z5VhU98UXhKGFLo3/nLcMDVehk7eRRdYtqDwcMNEmxZ
+T/hs0Hp1Ph4uv3td4AxwAAAA10aGVfamtAd2lsbG93AQIDBA==
+-----END OPENSSH PRIVATE KEY-----
diff --git a/docker/integration_test/web/gitkey.pub b/docker/integration_test/web/gitkey.pub
new file mode 100644
index 0000000..1474e72
--- /dev/null
+++ b/docker/integration_test/web/gitkey.pub
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQDb2rPKSpbHPrk8VTku5Qg6mWGAKe4MQDQsPuV9/qqHAhprZbJc4LSr3I6lj20HVP6sCumZGCjWIfaM1HDhjgTsMRFA2EQSF8i+x73ceyl5Mge5CapYgPsjFQNkkkrnlcDUMYkhlZOt41z9d4Q4F1eAE9HExCD3aNGbF/CL7HNDbQ== the_jk@willow
diff --git a/docker/integration_test/web/setup.sh b/docker/integration_test/web/setup.sh
new file mode 100755
index 0000000..bd6c805
--- /dev/null
+++ b/docker/integration_test/web/setup.sh
@@ -0,0 +1,25 @@
+#!/bin/bash
+
+echo "[default]" > Rocket.toml
+echo "address = \"0.0.0.0\"" >> Rocket.toml
+echo "secret_key = \"itlYmFR2vYKrOmFhupMIn/hyB6lYCCTXz4yaQX89XVg=\"" >> Rocket.toml
+echo "session_max_age_days = 7" >> Rocket.toml
+echo "ldap_url = \"$LDAP_URL\"" >> Rocket.toml
+echo "ldap_users = \"ou=users,dc=example,dc=org\"" >> Rocket.toml
+echo "ldap_filter = \"(objectClass=posixAccount)\"" >> Rocket.toml
+echo "git_server_root = \"/git/repos\"" >> Rocket.toml
+echo "authorized_keys = \"/git/auth/authorized_keys\"" >> Rocket.toml
+echo "git_hook = \"/git/repos/eyeballs-githook\"" >> Rocket.toml
+echo "[default.databases.eyeballs]" >> Rocket.toml
+echo "url = \"$DB_URL\"" >> Rocket.toml
+
+export RUST_BACKTRACE=1
+export HOME=/app
+
+echo "Host remote_git" > /app/.ssh/config
+echo "  StrictHostKeyChecking no" >> /app/.ssh/config
+
+# Hardlinks cannot cross devices, so copy to the /git/repos mount.
+cp /app/eyeballs-githook /git/repos/eyeballs-githook
+
+exec ./eyeballs