E2E Tests with PyTest Infrastructure and Framework

.devcontainer/devcontainer.json

@@ -0,0 +1,25 @@
+// For format details, see https://aka.ms/devcontainer.json. For config options, see the
+// README at: https://github.com/devcontainers/templates/tree/main/src/python
+{
+	"name": "Python 3",
+	// Or use a Dockerfile or Docker Compose file. More info: https://containers.dev/guide/dockerfile
+	"image": "mcr.microsoft.com/devcontainers/python:1-3.12-bullseye",
+	"features": {
+		"ghcr.io/devcontainers/features/docker-outside-of-docker:1": {}
+	}
+
+	// Features to add to the dev container. More info: https://containers.dev/features.
+	// "features": {},
+
+	// Use 'forwardPorts' to make a list of ports inside the container available locally.
+	// "forwardPorts": [],
+
+	// Use 'postCreateCommand' to run commands after the container is created.
+	// "postCreateCommand": "pip3 install --user -r requirements.txt",
+
+	// Configure tool-specific properties.
+	// "customizations": {},
+
+	// Uncomment to connect as root instead. More info: https://aka.ms/dev-containers-non-root.
+	// "remoteUser": "root"
+}

.gitignore

@@ -1,15 +1,31 @@
-# Byte-compiled / optimized / DLL files
+# OPAL specific
+opal_test_keys/*
+.env
+opal-example-policy-repo/*
+data/
+OPAL_DATASOURCE_TOKEN.tkn
+OPAL_CLIENT_TOKEN.tkn
+
+# Temporary and Python cache files
+**/*.pyc
 __pycache__/
 *.py[cod]
 *$py.class
 
 # C extensions
 *.so
 
+# Virtual environments
+.venv/
+venv/
+env/
+ENV/
+env.bak/
+venv.bak/
+
 # Distribution / packaging
 .Python
 build/
-develop-eggs/
 dist/
 downloads/
 eggs/
@@ -18,7 +34,6 @@ lib/
 lib64/
 parts/
 sdist/
-var/
 wheels/
 pip-wheel-metadata/
 share/python-wheels/
@@ -27,16 +42,14 @@ share/python-wheels/
 *.egg
 MANIFEST
 
-# PyInstaller
-#  Usually these files are written by a python script from a template
-#  before PyInstaller builds the exe, so as to inject date/other infos into it.
-*.manifest
-*.spec
-
 # Installer logs
 pip-log.txt
 pip-delete-this-directory.txt
 
+# PyInstaller
+*.manifest
+*.spec
+
 # Unit test / coverage reports
 htmlcov/
 .tox/
@@ -50,22 +63,23 @@ coverage.xml
 *.py,cover
 .hypothesis/
 .pytest_cache/
+new_pytest_env/temp
 
 # Translations
 *.mo
 *.pot
 
-# Django stuff:
+# Django
 *.log
 local_settings.py
 db.sqlite3
 db.sqlite3-journal
 
-# Flask stuff:
+# Flask
 instance/
 .webassets-cache
 
-# Scrapy stuff:
+# Scrapy
 .scrapy
 
 # Sphinx documentation
@@ -84,53 +98,43 @@ ipython_config.py
 # pyenv
 .python-version
 
-# pipenv
-#   According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control.
-#   However, in case of collaboration, if having platform-specific dependencies or dependencies
-#   having no cross-platform support, pipenv may install dependencies that don't work, or not
-#   install all needed dependencies.
+# Pipenv
 #Pipfile.lock
 
-# PEP 582; used by e.g. github.com/David-OConnor/pyflow
+# PEP 582
 __pypackages__/
 
-# Celery stuff
+# Celery
 celerybeat-schedule
 celerybeat.pid
 
-# SageMath parsed files
+# SageMath
 *.sage.py
 
-# Environments
-.env
-.venv
-env/
-venv/
-ENV/
-env.bak/
-venv.bak/
+# Editors
+.vscode/
+.idea
+*.iml
 
-# Spyder project settings
+# Spyder
 .spyderproject
 .spyproject
 
-# Rope project settings
+# Rope
 .ropeproject
 
-# mkdocs documentation
-/site
+# mkdocs
+docs/_build/
 
 # mypy
 .mypy_cache/
 .dmypy.json
 dmypy.json
 
-# Pyre type checker
+# Pyre
 .pyre/
 
-# editors
-.vscode/
-.idea
-*.iml
-
+# System files
 .DS_Store
+pytest_6dbc.env
+tests/pytest_1a09.env

.vscode/launch.json

@@ -0,0 +1,40 @@
+{
+  "version": "0.2.0",
+  "configurations": [
+    {
+      "name": "Remote to local",
+      "type": "debugpy",
+      "request": "attach",
+      "justMyCode": false,
+      "subProcess": true,
+      "connect": {
+        "host": "localhost",
+        "port": 5678
+      },
+      "pathMappings": [
+        {
+          "localRoot": "${workspaceFolder}",
+          "remoteRoot": "${cwd}"
+        }
+      ]
+    },
+    {
+      "name": "Python Debugger: Current File",
+      "type": "debugpy",
+      "request": "launch",
+      "program": "${file}",
+      "console": "integratedTerminal"
+    },
+    {
+      "name": "Python: Debug with Args",
+      "type": "debugpy",
+      "request": "launch",
+      "program": "${file}",
+      "args": [
+        "--deploy",
+        "--with_broadcast",
+      ],
+      "console": "integratedTerminal"
+    }
+  ]
+}

.vscode/settings.json

@@ -0,0 +1,7 @@
+{
+    "cmake.ignoreCMakeListsMissing": true,
+    "makefile.configureOnOpen": false,
+    "python.analysis.extraPaths": [
+        "./packages/opal-common"
+    ]
+}

app-tests/docker-compose-app-tests.yml

@@ -1,3 +1,7 @@
+env_file:
+  - path: ./.env
+    required: false
+
 services:
   broadcast_channel:
     image: postgres:alpine
@@ -7,15 +11,19 @@ services:
       - POSTGRES_PASSWORD=postgres
 
   opal_server:
-    image: permitio/opal-server:${OPAL_IMAGE_TAG:-latest}
+    #image: permitio/opal-server:${OPAL_IMAGE_TAG:-latest}
+    build:
+      context: ../  # Point to the directory containing your Dockerfile
+      dockerfile: ./docker/Dockerfile.server  # Specify your Dockerfile if it's not named 'Dockerfile'
     deploy:
       mode: replicated
-      replicas: 2
+      replicas: 1
       endpoint_mode: vip
     environment:
       - OPAL_BROADCAST_URI=postgres://postgres:postgres@broadcast_channel:5432/postgres
-      - UVICORN_NUM_WORKERS=4
-      - OPAL_POLICY_REPO_URL=${OPAL_POLICY_REPO_URL:[email protected]:permitio/opal-tests-policy-repo.git}
+      - UVICORN_NUM_WORKERS=0
+      #- OPAL_POLICY_REPO_URL=${OPAL_POLICY_REPO_URL:[email protected]:permitio/opal-tests-policy-repo.git}
+      - OPAL_POLICY_REPO_URL=${OPAL_POLICY_REPO_URL:[email protected]:permitio/opal-example-policy-repo.git}
       - OPAL_POLICY_REPO_MAIN_BRANCH=${POLICY_REPO_BRANCH}
       - OPAL_POLICY_REPO_SSH_KEY=${OPAL_POLICY_REPO_SSH_KEY}
       - OPAL_DATA_CONFIG_SOURCES={"config":{"entries":[{"url":"http://opal_server:7002/policy-data","config":{"headers":{"Authorization":"Bearer ${OPAL_CLIENT_TOKEN}"}},"topics":["policy_data"],"dst_path":"/static"}]}}
@@ -35,9 +43,10 @@ services:
 
   opal_client:
     image: permitio/opal-client:${OPAL_IMAGE_TAG:-latest}
+    scale: 0
     deploy:
       mode: replicated
-      replicas: 2
+      replicas: 0
       endpoint_mode: vip
     environment:
       - OPAL_SERVER_URL=http://opal_server:7002
@@ -50,9 +59,9 @@ services:
       - OPAL_AUTH_JWT_AUDIENCE=https://api.opal.ac/v1/
       - OPAL_AUTH_JWT_ISSUER=https://opal.ac/
       - OPAL_STATISTICS_ENABLED=true
-    ports:
-      - "7766-7767:7000"
-      - "8181-8182:8181"
+    #ports:
+    #  - "7766-7767:7000"
+    #  - "8181-8182:8181"
     depends_on:
       - opal_server
     command: sh -c "exec ./wait-for.sh opal_server:7002 --timeout=20 -- ./start.sh"

app-tests/jwks_dir/jwks.json

@@ -0,0 +1 @@
+{"keys": [{"kty": "RSA", "key_ops": ["verify"], "n": "0F2lT_erlBtvBBC6vIndXjlf15fuew9vKc5ftZ3kWs_s00FCTGQ0QU0tsuqpvBBxDLUJLT7LSXhiNUiAx4JOJ25W11lO5XGsiXxHZVkqEv6CxmFBA1PYjUSzi3Lj2q6eODr-d4wmzBDamuQ3rWYaNA7tPofp-ZapqBb2snW0tkBH5qYrtfklRbsPgx_EsCKhiYXtMjfqcMTulZo6eljb0KBxCXLzxLNoRQ6JmkqJZULZiMuw7JgTyFyrQpID4Mqtcv4d5cZFUwawwRdZwZlroQd4ewezbZpJwZGD3u_-nv0LUXuMnvBiVd9-uOFOtn1ok2VX4PC7y1pE9TEVseTMnF9cF3cLPqtVtzKk6lHvHh9NPZiFt5aJrMT-K5L8-d7sxEN1hF5Yb0Y4R5ydu2dtsxCrodkfI1RGiGrwhDi7GsBep_BrEeFCjtH-S9MIhYCCu0VRQKc5xpjrlHH6v2EbL2keJrUt6764yLAvUywVt_DKeDBEBtY6uBRCnUwPMFH6x2Xm1sgOOUWALoK1LDG-XW6cZWXigzLeU2u2a-xgJXbAX9TbPyVwxA-7OlM32flNH3ZJdl-Xp0BpuNxP_idHHXdvzYU9-tFf4NrNL_QBfmV2T5wzVBL4dsmlk3B1qbTwq1HVUUZB8R5WpsZehCQkhBsR95nPJq0msMro99sflJk", "e": "AQAB"}]}