Welcome to mirror list, hosted at ThFree Co, Russian Federation.

smb-kerberos.yml « workflows « .github - github.com/nextcloud/server.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/.github/workflows/smb-kerberos.yml
blob: 2875a7f4fbd20182b5bdafe305e4394601be8b35 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78

name: Samba Kerberos SSO
on:
  push:
    branches:
      - master
      - stable*
    paths:
      - 'apps/files_external/**'
  pull_request:
    paths:
      - 'apps/files_external/**'

jobs:
  smb-kerberos-tests:
    runs-on: ubuntu-latest

    strategy:
      fail-fast: false
      matrix:
        php-versions: ['7.4', '8.0']

    name: php${{ matrix.php-versions }}-${{ matrix.ftpd }}

    steps:
      - name: Checkout server
        uses: actions/checkout@v2
        with:
          submodules: true
      - name: Pull images
        run: |
          docker pull icewind1991/samba-krb-test-dc
          docker pull icewind1991/samba-krb-test-apache
          docker pull icewind1991/samba-krb-test-client
      - name: Setup AD-DC
        run: |
          mkdir data
          sudo chown -R 33 data apps config
          apps/files_external/tests/setup-krb.sh
      - name: Set up Nextcloud
        run: |
          docker exec --user 33 apache ./occ maintenance:install --verbose --database=sqlite --database-name=nextcloud --database-host=127.0.0.1 --database-user=root --database-pass=rootpassword --admin-user admin --admin-pass password
          docker exec --user 33 apache ./occ config:system:set trusted_domains 1 --value 'httpd.domain.test'

          # setup user_saml
          docker exec --user 33 apache ./occ app:enable user_saml --force
          docker exec --user 33 apache ./occ config:app:set user_saml type --value 'environment-variable'
          docker exec --user 33 apache ./occ config:app:set user_saml general-uid_mapping --value REMOTE_USER

          # setup external storage
          docker exec --user 33 apache ./occ app:enable files_external --force
          docker exec --user 33 apache ./occ files_external:create smb smb smb::kerberosapache
          docker exec --user 33 apache ./occ files_external:config 1 host krb.domain.test
          docker exec --user 33 apache ./occ files_external:config 1 share netlogon
          docker exec --user 33 apache ./occ files_external:list
      - name: Test SSO
        run: |
          mkdir cookies
          chmod 0777 cookies

          DC_IP=$(docker inspect dc --format '{{.NetworkSettings.IPAddress}}')
          docker run --rm --name client -v $PWD/cookies:/cookies -v /tmp/shared:/shared --dns $DC_IP --hostname client.domain.test icewind1991/samba-krb-test-client \
            curl -c /cookies/jar -s --negotiate -u testuser@DOMAIN.TEST: --delegation always http://httpd.domain.test/index.php/apps/user_saml/saml/login
          CONTENT=$(docker run --rm --name client -v $PWD/cookies:/cookies -v /tmp/shared:/shared --dns $DC_IP --hostname client.domain.test icewind1991/samba-krb-test-client \
            curl -b /cookies/jar -s --negotiate -u testuser@DOMAIN.TEST: --delegation always http://httpd.domain.test/remote.php/webdav/smb/test.txt)
          echo $CONTENT
          CONTENT=$(echo $CONTENT | tr -d '[:space:]')
          [[ $CONTENT == "testfile" ]]


  smb-kerberos-summary:
    runs-on: ubuntu-latest
    needs: smb-kerberos-tests

    if: always()

    steps:
      - name: Summary status
        run: if ${{ needs.smb-kerberos-tests.result != 'success' }}; then exit 1; fi
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-12 07:12:47 +0300