ory selfservice 샘플 구성

2026-01-28 12:19:56 +09:00
parent 93cab064fc
commit b55cb2c4bf
6 changed files with 166 additions and 14 deletions
--- a/test/ory-network-check.sh
+++ b/test/ory-network-check.sh
@@ -0,0 +1,28 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+# Kratos/Hydra admin endpoints should be reachable only on ory-net.
+# Frontend network (baron_net) must NOT reach admin endpoints.
+
+IMAGE="curlimages/curl:8.10.1"
+
+# ory-net should succeed
+# 한국어: ory-net에서는 admin 포트 접근이 가능해야 함
+
+docker run --rm --network ory-net "$IMAGE" -fsS http://hydra:4445/health/ready > /dev/null
+
+docker run --rm --network ory-net "$IMAGE" -fsS http://kratos:4434/health/ready > /dev/null
+
+# baron_net should fail
+# 한국어: baron_net에서는 admin 포트 접근이 불가능해야 함
+if docker run --rm --network baron_net "$IMAGE" -fsS http://hydra:4445/health/ready > /dev/null 2>&1; then
+  echo "ERROR: hydra admin is reachable from baron_net"
+  exit 1
+fi
+
+if docker run --rm --network baron_net "$IMAGE" -fsS http://kratos:4434/health/ready > /dev/null 2>&1; then
+  echo "ERROR: kratos admin is reachable from baron_net"
+  exit 1
+fi
+
+echo "OK: admin endpoints are reachable on ory-net only"