mirror of
https://github.com/hasura/graphql-engine.git
synced 2024-12-15 09:22:43 +03:00
26e03a07bb
This rewrites the JWT tests to generate and specify the secrets per test class, and to provide the server configuration to the HGE fixture. It covers the tests in: - *test_jwt.py* - *test_jwt_claims_map.py* - *test_config_api.py* - *test_graphql_queries.py* (just a couple here) This does reduce the number of code paths exercised with JWT, as we were previously running *all* tests with JWT tokens. However, this seems excessive; we don't need to tread every code path, just enough to ensure we handle the tokens appropriately. I believe that the test coverage in *test_jwt.py* does this well enough (though I'd prefer if we moved the coverage lower down in the stack as unit tests). These tests were configured in multiple different ways by *test-server.sh*; this configuration is now moved to test subclasses within the various files. This results in a bit of duplication. Unfortunately, the tests would ideally use parameterization rather than subclassing, but that doesn't work because of `hge_fixture_env`, which creates a "soft" dependency between the environment variables and `hge_server`. Parameterizing the former *should* force the latter to be recreated for each new set of environment variables, but `hge_server` isn't actually aware there's a dependency. It currently looks like this adds lines of code; we'll more than make up for it when we delete the relevant lines from *test-server.sh*. I am not doing that here because I plan on deleting the whole file in a subsequent changeset. [NDAT-538]: https://hasurahq.atlassian.net/browse/NDAT-538?atlOrigin=eyJpIjoiNWRkNTljNzYxNjVmNDY3MDlhMDU5Y2ZhYzA5YTRkZjUiLCJwIjoiZ2l0aHViLWNvbS1KU1cifQ PR-URL: https://github.com/hasura/graphql-engine-mono/pull/8803 GitOrigin-RevId: f7f2caa62de0b0a45e42964b69a8ae73d1575fe8
59 lines
1.7 KiB
Plaintext
59 lines
1.7 KiB
Plaintext
# This file lists the various test suites that can be run in order to fully
|
|
# exercise HGE server with the Python tests. They are split into suites based
|
|
# on how HGE needs to be started.
|
|
#
|
|
# To run them, the relevant name is passed to test-server.sh, which then starts
|
|
# HGE in the correct fashion and runs the appropriate tests.
|
|
#
|
|
# We *also* have a new way of running the Python tests, in which each test
|
|
# starts HGE with the appropriate configuration. This file is not used there, as
|
|
# we run all the tests at once.
|
|
#
|
|
# Some of the below test suites are commented out. These are the tests that
|
|
# are fully covered by the new style, and are therefore duplicated here.
|
|
#
|
|
# ================================================================
|
|
#
|
|
# no-auth
|
|
# admin-secret
|
|
# admin-secret-unauthorized-role
|
|
# read-only-db
|
|
# jwt-rs512
|
|
# jwt-ed25519
|
|
# jwt-stringified
|
|
# jwt-audience-check-single-string
|
|
# jwt-audience-check-list-string
|
|
# jwt-issuer-check
|
|
# jwt-with-claims-namespace-path
|
|
# jwt-claims-map-with-json-path-values
|
|
# jwt-claims-map-with-literal-values
|
|
# jwt-with-expiry-time-leeway
|
|
# jwt-cookie
|
|
# jwt-cookie-unauthorized-role
|
|
# cors-domains
|
|
# auth-webhook-cookie
|
|
# ws-init-cookie-read-cors-enabled
|
|
# ws-init-cookie-noread
|
|
# ws-init-cookie-read-cors-disabled
|
|
# ws-graphql-api-disabled
|
|
# ws-metadata-api-disabled
|
|
# remote-schema-permissions
|
|
# function-permissions
|
|
# roles-inheritance
|
|
# naming-conventions
|
|
# streaming-subscriptions
|
|
# remote-schema-https
|
|
# query-caching
|
|
# query-logs
|
|
startup-db-calls
|
|
# webhook-request-context
|
|
# post-webhook
|
|
# get-webhook
|
|
# insecure-webhook
|
|
# insecure-webhook-with-admin-secret
|
|
# apollo-federation
|
|
# allowlist-queries
|
|
# jwk-url
|
|
horizontal-scaling
|
|
# developer-api-tests
|