key-cape/scripts/test-scenario-b.sh

45 lines
1.7 KiB
Bash
Raw Normal View History

#!/usr/bin/env bash
# test-scenario-b.sh — Scenario B: IAM swap (KeyCape → Keycloak, same LLDAP directory)
#
# This script verifies that after migrating to Keycloak (with the same LLDAP directory),
# all profile tests pass without modification.
#
# Prerequisites: docker, docker compose
set -euo pipefail
REPO_ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
cd "$REPO_ROOT"
echo "=== Scenario B: IAM Replacement Test ==="
# Step 1: Export canonical data from LLDAP
echo "--- Step 1: Export canonical data ---"
./src/bin/lldap-export \
--url "${LLDAP_URL:-ldap://localhost:3890}" \
--bind-dn "${LLDAP_BIND_DN:-cn=admin,ou=people,dc=netkingdom,dc=local}" \
--bind-pw "${LLDAP_BIND_PW:-adminpassword}" \
--base-dn "dc=netkingdom,dc=local" \
--output /tmp/canonical-export.yaml
# Step 2: Transform to Keycloak realm
echo "--- Step 2: Transform to Keycloak realm ---"
./src/bin/keycape-to-keycloak \
--input /tmp/canonical-export.yaml \
--realm netkingdom \
--issuer "${ISSUER:-https://auth.netkingdom.local}" \
--output /tmp/keycloak-realm-import.json
# Step 3: Start Keycloak with the imported realm
echo "--- Step 3: Start Keycloak with imported realm ---"
docker compose -f docker-compose.scenario-b.yml up -d keycloak
echo "Waiting for Keycloak to be ready..."
timeout 120 bash -c 'until curl -sf http://localhost:8080/realms/netkingdom/.well-known/openid-configuration > /dev/null; do sleep 3; done'
# Step 4: Run profile tests against Keycloak
echo "--- Step 4: Run profile tests against Keycloak ---"
KEYCAPE_TEST_ISSUER="http://localhost:8080/realms/netkingdom" \
/home/worsch/go/bin/go test ./src/tests/profile/... -v -count=1
echo "=== Scenario B PASSED ==="