forked from baron/baron-sso
fix: align local Ory cookie domain rendering
This commit is contained in:
22
test/orgfront_org_context_chart_package_test.sh
Normal file
22
test/orgfront_org_context_chart_package_test.sh
Normal file
@@ -0,0 +1,22 @@
|
||||
#!/usr/bin/env bash
|
||||
set -euo pipefail
|
||||
|
||||
ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
|
||||
cd "$ROOT_DIR"
|
||||
|
||||
fail() {
|
||||
echo "[org-context-chart-package] $*" >&2
|
||||
exit 1
|
||||
}
|
||||
|
||||
assert_contains() {
|
||||
local file="$1"
|
||||
local needle="$2"
|
||||
grep -Fq "$needle" "$file" || fail "$file must contain: $needle"
|
||||
}
|
||||
|
||||
assert_contains orgfront/package.json "build:org-context-chart:min"
|
||||
assert_contains orgfront/vite.org-context-chart.config.ts "ORG_CONTEXT_CHART_MINIFY"
|
||||
assert_contains orgfront/vite.org-context-chart.config.ts ".min"
|
||||
|
||||
echo "OK: OrgContext chart package emits explicit minified bundles"
|
||||
@@ -268,6 +268,18 @@ if ! grep -q '^render-ory-config:' "$repo_root/Makefile"; then
|
||||
echo "ERROR: Makefile must render Ory config before starting Ory services." >&2
|
||||
exit 1
|
||||
fi
|
||||
if ! awk '/^ensure-ory:/ { in_target=1 } in_target && /^[^[:space:]].*:/ && $0 !~ /^ensure-ory:/ { exit } in_target { print }' "$repo_root/Makefile" | grep -q 'restart kratos'; then
|
||||
echo "ERROR: make up-dev must restart Kratos when Ory is already running so rendered dev config is applied." >&2
|
||||
exit 1
|
||||
fi
|
||||
if ! awk '/^up-all:/ { in_target=1 } in_target && /^[^[:space:]].*:/ && $0 !~ /^up-all:/ { exit } in_target { print }' "$repo_root/Makefile" | grep -q 'restart kratos'; then
|
||||
echo "ERROR: make up must restart Kratos after rendering Ory config." >&2
|
||||
exit 1
|
||||
fi
|
||||
if ! awk '/^up-ory:/ { in_target=1 } in_target && /^[^[:space:]].*:/ && $0 !~ /^up-ory:/ { exit } in_target { print }' "$repo_root/Makefile" | grep -q 'restart kratos'; then
|
||||
echo "ERROR: make up-ory must restart Kratos after rendering Ory config." >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if ! grep -q 'scripts/render_ory_config.sh' "$repo_root/.gitea/workflows/staging_code_pull.yml"; then
|
||||
echo "ERROR: staging code pull must render Ory config before docker compose up." >&2
|
||||
@@ -285,6 +297,11 @@ if grep -Eq '^[[:space:]]*rm -rf "?\$OUTPUT_DIR"?[[:space:]]*$' "$repo_root/scri
|
||||
fi
|
||||
|
||||
"$repo_root/scripts/render_ory_config.sh" >/dev/null
|
||||
local_rendered_kratos="$repo_root/config/.generated/ory/kratos/kratos.yml"
|
||||
if ! awk '/session:/ { in_session=1 } in_session && /domain:/ { print; exit }' "$local_rendered_kratos" | grep -q 'domain: localhost'; then
|
||||
echo "ERROR: rendered local Kratos config must use localhost as session.cookie.domain for dev runs." >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
stage_render_dir="$(mktemp -d)"
|
||||
stage_render_env="$(mktemp)"
|
||||
@@ -310,6 +327,10 @@ if awk '/allowed_return_urls:/ { in_block=1; next } in_block && /^[[:space:]]+me
|
||||
echo "ERROR: rendered stage Kratos allowed_return_urls must not fall back to localhost." >&2
|
||||
exit 1
|
||||
fi
|
||||
if ! awk '/session:/ { in_session=1 } in_session && /domain:/ { print; exit }' "$stage_rendered_kratos" | grep -q 'domain: hmac.kr'; then
|
||||
echo "ERROR: rendered stage Kratos config must derive hmac.kr as session.cookie.domain." >&2
|
||||
exit 1
|
||||
fi
|
||||
rm -rf "$stage_render_dir" "$stage_render_env"
|
||||
|
||||
for generated_config in \
|
||||
|
||||
Reference in New Issue
Block a user