go-edge-ds bufpool & test updates (#515)

* go-edge-ds bufpool & test updates * upd ci re-enable NoTLS templates test * rm testcontainer WithDeadline * refactor NoTLS test * refactor testcontainer usage
aserto-dev · Dec 12, 2024 · 7985281 · 7985281
1 parent bdf24e7
commit 7985281
Show file tree

Hide file tree

Showing 20 changed files with 547 additions and 501 deletions.
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -106,7 +106,14 @@ jobs:
           gotestsum --format short-verbose -- -count=1 -timeout 120s -parallel=1 -v -coverprofile=cover.out -coverpkg=github.com/aserto-dev/topaz/pkg/app/tests/manifest/... github.com/aserto-dev/topaz/pkg/app/tests/manifest/...
           gotestsum --format short-verbose -- -count=1 -timeout 120s -parallel=1 -v -coverprofile=cover.out -coverpkg=github.com/aserto-dev/topaz/pkg/app/tests/policy/... github.com/aserto-dev/topaz/pkg/app/tests/policy/...
           gotestsum --format short-verbose -- -count=1 -timeout 120s -parallel=1 -v -coverprofile=cover.out -coverpkg=github.com/aserto-dev/topaz/pkg/app/tests/query/... github.com/aserto-dev/topaz/pkg/app/tests/query/...
-          gotestsum --format short-verbose -- -count=1 -timeout 120s -parallel=1 -v -coverprofile=cover.out -coverpkg=github.com/aserto-dev/topaz/pkg/app/tests/template/... github.com/aserto-dev/topaz/pkg/app/tests/template/...
+      -
+        name: Templates Test
+        run: |
+          gotestsum --format short-verbose -- -count=1 -timeout 240s -parallel=1 -v -coverprofile=cover.out -coverpkg=github.com/aserto-dev/topaz/pkg/app/tests/template/... github.com/aserto-dev/topaz/pkg/app/tests/template/...
+      -
+        name: Templates Test (NoTLS)
+        run: |
+          gotestsum --format short-verbose -- -count=1 -timeout 120s -parallel=1 -v -coverprofile=cover.out -coverpkg=github.com/aserto-dev/topaz/pkg/app/tests/template-no-tls/... github.com/aserto-dev/topaz/pkg/app/tests/template-no-tls/...
       -
         name: Upload code coverage
         uses: shogo82148/actions-goveralls@v1

diff --git a/.gitignore b/.gitignore
@@ -14,20 +14,20 @@
 # Dependency directories (remove the comment below to include it)
 # vendor/
 /.dev/
-/.ext
+/.ext/
 
 /bin/
-/release/
-/test/
-.opa/
-/bundle/
 /dist/
-/test/
+/dist-test/
 
 # runtime directories
 /cfg/
 /eds/
 
+# OPA related
+.opa/
+/bundle/
+
 # misc
 .DS_Store
 

diff --git a/.goreleaser-test.yml b/.goreleaser-test.yml
@@ -15,7 +15,7 @@ before:
   hooks:
 
 # https://goreleaser.com/customization/dist/
-dist: test
+dist: dist-test
 
 builds:
   # https://goreleaser.com/customization/build/

diff --git a/go.mod b/go.mod
@@ -20,7 +20,7 @@ require (
 	github.com/aserto-dev/go-aserto v0.33.4
 	github.com/aserto-dev/go-authorizer v0.20.11
 	github.com/aserto-dev/go-directory v0.33.2
-	github.com/aserto-dev/go-edge-ds v0.33.2
+	github.com/aserto-dev/go-edge-ds v0.33.3
 	github.com/aserto-dev/go-grpc v0.9.2
 	github.com/aserto-dev/go-topaz-ui v0.1.15
 	github.com/aserto-dev/header v0.0.8

diff --git a/go.sum b/go.sum
@@ -429,8 +429,8 @@ github.com/aserto-dev/go-decision-logs v0.1.2 h1:f26bgKDIroNeN71+Ot2AXfCAtausNcB
 github.com/aserto-dev/go-decision-logs v0.1.2/go.mod h1:T7Pws/IBopk3he4kgAlmZH9/JcwX2s8T2pwc715Mobo=
 github.com/aserto-dev/go-directory v0.33.2 h1:QJwzSmfxJ7EG0RzWsgu7In5cAeGtZURZklSsHhMOFh8=
 github.com/aserto-dev/go-directory v0.33.2/go.mod h1:gK239V0htJtp0/BwvbTrYv/XIphoK/AugP8sw3m8B0s=
-github.com/aserto-dev/go-edge-ds v0.33.2 h1:2ZeqFq6wgL2R0b7Zyx8pQLIVdv6WH6Okg7gjiaahztw=
-github.com/aserto-dev/go-edge-ds v0.33.2/go.mod h1:Vg9ZIbUXAc33BAyj0qBTatS/wxQGY1pV59vGa5pZCiU=
+github.com/aserto-dev/go-edge-ds v0.33.3 h1:wEFDcTF2WEF9QIEInreNcUWIrIM2OvoniVQKrCIv8IE=
+github.com/aserto-dev/go-edge-ds v0.33.3/go.mod h1:Vg9ZIbUXAc33BAyj0qBTatS/wxQGY1pV59vGa5pZCiU=
 github.com/aserto-dev/go-grpc v0.9.2 h1:NYhl1yRnLWlTMe/L051lRZwuvv/lUuP9vJ4gFPwzpSw=
 github.com/aserto-dev/go-grpc v0.9.2/go.mod h1:pKZdJ9+ITXPBvFQeU+CJmRtQE7rX/+cX9JFRzo8z0TQ=
 github.com/aserto-dev/go-topaz-ui v0.1.15 h1:ykez4Em2gEORDi96lDEzS2yWb510dzSKZzAoyP4tQ8Q=

diff --git a/makefile b/makefile
@@ -52,11 +52,6 @@ go-mod-tidy:
 	@echo -e "$(ATTN_COLOR)==> $@ $(NO_COLOR)"
 	@go work edit -json | jq -r '.Use[].DiskPath' | xargs -I{} bash -c 'cd {} && echo "${PWD}/go.mod" && go mod tidy -v && cd -'
 
-.PHONY: dev-release
-dev-release: 
-	@echo -e "$(ATTN_COLOR)==> $@ $(NO_COLOR)"
-	@${EXT_BIN_DIR}/goreleaser release --clean --snapshot
-
 .PHONY: release
 release:
 	@echo -e "$(ATTN_COLOR)==> $@ $(NO_COLOR)"
@@ -80,7 +75,7 @@ lint:
 .PHONY: test-snapshot
 test-snapshot:
 	@echo -e "$(ATTN_COLOR)==> $@ $(NO_COLOR)"
-	@${EXT_BIN_DIR}/goreleaser release --config .goreleaser-test.yml --clean --snapshot
+	@${EXT_BIN_DIR}/goreleaser release --config .goreleaser-test.yml --clean --snapshot --skip archive
 
 .PHONE: container-tag
 container-tag:
@@ -91,7 +86,7 @@ container-tag:
 run-test-snapshot:
 	@echo -e "$(ATTN_COLOR)==> $@ $(NO_COLOR)"
 	@echo "topaz run $$(${PWD}/dist/topaz_${GOOS}_${GOARCH}/topaz config info | jq '.runtime.active_configuration_file')"
-	@${PWD}/dist/topazd_${GOOS}_${GOARCH}/topazd run -c $$(${PWD}/dist/topaz_${GOOS}_${GOARCH}/topaz config info | jq -r '.runtime.active_configuration_file')
+	@${PWD}/dist/topaz_${GOOS}_${GOARCH}/topaz run --container-tag=0.0.0-test-$$(git rev-parse --short HEAD)-$$(uname -m)
 
 .PHONY: start-test-snapshot
 start-test-snapshot:

diff --git a/assets/assets.go → pkg/app/tests/assets/assets.go b/assets/assets.go → pkg/app/tests/assets/assets.go
diff --git a/assets/config/config-no-tls.yaml → ...pp/tests/assets/config/config-no-tls.yaml b/assets/config/config-no-tls.yaml → ...pp/tests/assets/config/config-no-tls.yaml
diff --git a/assets/config/config.yaml → pkg/app/tests/assets/config/config.yaml b/assets/config/config.yaml → pkg/app/tests/assets/config/config.yaml
diff --git a/assets/config/peoplefinder.yaml → ...app/tests/assets/config/peoplefinder.yaml b/assets/config/peoplefinder.yaml → ...app/tests/assets/config/peoplefinder.yaml
diff --git a/assets/db/acmecorp.db → pkg/app/tests/assets/db/acmecorp.db b/assets/db/acmecorp.db → pkg/app/tests/assets/db/acmecorp.db
diff --git a/pkg/app/tests/assets/gdrive/manifest.yaml b/pkg/app/tests/assets/gdrive/manifest.yaml
@@ -0,0 +1,67 @@
+# yaml-language-server: $schema=https://www.topaz.sh/schema/manifest.json
+---
+
+### filename: manifest.yaml ###
+### datetime: 2023-12-19T00:00:00-00:00 ###
+### description: gdrive manifest ###
+#
+# model
+model:
+  version: 3
+
+# object type definitions
+types:
+  ### display_name: User ###
+  user:
+    relations:
+      ### display_name: user#manager ###
+      manager: user
+
+    permissions:
+      ### display_name: user#in_management_chain ###
+      in_management_chain: manager | manager->in_management_chain
+
+
+  ### display_name: Identity ###
+  identity:
+    relations:
+      ### display_name: identity#identifier ###
+      identifier: user
+
+
+  ### display_name: Group ###
+  group:
+    relations:
+      ### display_name: group#member ###
+      member: user | group#member
+
+
+  # folder represents a collection of documents and/or other folders
+  folder:
+    relations:
+      parent: folder
+
+      owner:  user
+      editor: user | group#member
+      viewer: user | group#member
+
+    permissions:
+      can_share: owner  | parent->can_share
+      can_write: editor | can_share | parent->can_write
+      can_read:  viewer | can_write | parent->can_read
+
+
+  # doc represents a document within a folder
+  doc:
+    relations:
+      parent: folder
+
+      owner:  user
+      editor: user | group#member
+      viewer: user | user:* | group#member
+
+    permissions:
+      can_share:  owner     | parent->can_share
+      can_delete: can_share | parent->can_write
+      can_write:  editor | can_delete | parent->can_write
+      can_read:   viewer | can_write  | parent->can_read
diff --git a/pkg/app/tests/authz/authz_test.go b/pkg/app/tests/authz/authz_test.go
@@ -2,15 +2,14 @@ package authz_test
 
 import (
 	"context"
-	"os"
 	"testing"
 	"time"
 
 	client "github.com/aserto-dev/go-aserto"
 	azc "github.com/aserto-dev/go-aserto/az"
 	"github.com/aserto-dev/go-authorizer/aserto/authorizer/v2"
 	api "github.com/aserto-dev/go-authorizer/aserto/authorizer/v2/api"
-	assets_test "github.com/aserto-dev/topaz/assets"
+	assets_test "github.com/aserto-dev/topaz/pkg/app/tests/assets"
 	tc "github.com/aserto-dev/topaz/pkg/app/tests/common"
 
 	"github.com/stretchr/testify/assert"
@@ -22,19 +21,14 @@ import (
 	"google.golang.org/protobuf/types/known/structpb"
 )
 
-var addr string
-
-func TestMain(m *testing.M) {
-	rc := 0
-	defer func() {
-		os.Exit(rc)
-	}()
+func TestAuthZ(t *testing.T) {
+	ctx, cancel := context.WithCancel(context.Background())
 
-	ctx := context.Background()
+	t.Logf("\nTEST CONTAINER IMAGE: %q\n", tc.TestImage())
 
-	h, err := tc.NewHarness(ctx, &testcontainers.ContainerRequest{
+	req := testcontainers.ContainerRequest{
 		Image:        tc.TestImage(),
-		ExposedPorts: []string{"9292/tcp", "9393/tcp"},
+		ExposedPorts: []string{"9292/tcp"},
 		Env: map[string]string{
 			"TOPAZ_CERTS_DIR":     "/certs",
 			"TOPAZ_DB_DIR":        "/data",
@@ -54,50 +48,58 @@ func TestMain(m *testing.M) {
 		},
 		WaitingFor: wait.ForAll(
 			wait.ForExposedPort(),
-			wait.ForLog("Starting 0.0.0.0:9393 gateway server"),
-		).WithStartupTimeoutDefault(240 * time.Second).WithDeadline(360 * time.Second),
+			wait.ForLog("Starting 0.0.0.0:9292 gRPC server"),
+		).WithStartupTimeoutDefault(300 * time.Second),
+	}
+
+	topaz, err := testcontainers.GenericContainer(ctx, testcontainers.GenericContainerRequest{
+		ContainerRequest: req,
+		Started:          false,
 	})
-	if err != nil {
-		rc = 99
-		return
+	require.NoError(t, err)
+
+	if err := topaz.Start(ctx); err != nil {
+		require.NoError(t, err)
 	}
 
-	defer func() {
-		if err := h.Close(ctx); err != nil {
-			rc = 100
-		}
-	}()
+	t.Cleanup(func() {
+		testcontainers.CleanupContainer(t, topaz)
+		cancel()
+	})
 
-	addr = h.AddrGRPC(ctx)
+	grpcAddr, err := tc.MappedAddr(ctx, topaz, "9292")
+	require.NoError(t, err)
 
-	rc = m.Run()
+	t.Run("testAuthZ", testAuthZ(grpcAddr))
 }
 
-func TestWithMissingIdentity(t *testing.T) {
-	opts := []client.ConnectionOption{
-		client.WithAddr(addr),
-		client.WithInsecure(true),
-	}
-
-	azClient, err := azc.New(opts...)
-	require.NoError(t, err)
-	t.Cleanup(func() { _ = azClient.Close() })
+func testAuthZ(addr string) func(*testing.T) {
+	return func(t *testing.T) {
+		opts := []client.ConnectionOption{
+			client.WithAddr(addr),
+			client.WithInsecure(true),
+		}
 
-	ctx, cancel := context.WithCancel(context.Background())
-	t.Cleanup(cancel)
-
-	tests := []struct {
-		name string
-		test func(*testing.T)
-	}{
-		{"TestDecisionTreeWithMissingIdentity", DecisionTreeWithMissingIdentity(ctx, azClient)},
-		{"TestDecisionTreeWithUserID", DecisionTreeWithUserID(ctx, azClient)},
-		{"TestIsWithMissingIdentity", IsWithMissingIdentity(ctx, azClient)},
-		{"TestQueryWithMissingIdentity", QueryWithMissingIdentity(ctx, azClient)},
-	}
+		azClient, err := azc.New(opts...)
+		require.NoError(t, err)
+		t.Cleanup(func() { _ = azClient.Close() })
+
+		ctx, cancel := context.WithCancel(context.Background())
+		t.Cleanup(cancel)
+
+		tests := []struct {
+			name string
+			test func(*testing.T)
+		}{
+			{"TestDecisionTreeWithMissingIdentity", DecisionTreeWithMissingIdentity(ctx, azClient)},
+			{"TestDecisionTreeWithUserID", DecisionTreeWithUserID(ctx, azClient)},
+			{"TestIsWithMissingIdentity", IsWithMissingIdentity(ctx, azClient)},
+			{"TestQueryWithMissingIdentity", QueryWithMissingIdentity(ctx, azClient)},
+		}
 
-	for _, testCase := range tests {
-		t.Run(testCase.name, testCase.test)
+		for _, testCase := range tests {
+			t.Run(testCase.name, testCase.test)
+		}
 	}
 }