Merge branch 'main' into jtc/add-importas-linter

2026-01-08 15:21:55 +00:00 · 2024-06-11 09:39:48 -05:00
parent 2f9df8c8e2 8ac2dc2e9e
commit bafd578866
357 changed files with 23832 additions and 1310 deletions
--- a/test/testlib/env.go
+++ b/test/testlib/env.go
@@ -62,10 +62,11 @@ type TestEnv struct {
 		ExpectedGroups   []string `json:"expectedGroups"`
 	} `json:"testUser"`

-	CLIUpstreamOIDC                   TestOIDCUpstream `json:"cliOIDCUpstream"`
-	SupervisorUpstreamOIDC            TestOIDCUpstream `json:"supervisorOIDCUpstream"`
-	SupervisorUpstreamLDAP            TestLDAPUpstream `json:"supervisorLDAPUpstream"`
-	SupervisorUpstreamActiveDirectory TestLDAPUpstream `json:"supervisorActiveDirectoryUpstream"`
+	CLIUpstreamOIDC                   TestOIDCUpstream   `json:"cliOIDCUpstream"`
+	SupervisorUpstreamOIDC            TestOIDCUpstream   `json:"supervisorOIDCUpstream"`
+	SupervisorUpstreamLDAP            TestLDAPUpstream   `json:"supervisorLDAPUpstream"`
+	SupervisorUpstreamActiveDirectory TestLDAPUpstream   `json:"supervisorActiveDirectoryUpstream"`
+	SupervisorUpstreamGithub          TestGithubUpstream `json:"supervisorGithubUpstream"`
 }

 type TestOIDCUpstream struct {
@@ -110,6 +111,21 @@ type TestLDAPUpstream struct {
 	TestDeactivatedUserPassword                     string   `json:"TestDeactivatedUserPassword"`
 }

+type TestGithubUpstream struct {
+	GithubAppClientID                string   `json:"githubAppClientId"` // GitHub's new-style GitHub App
+	GithubAppClientSecret            string   `json:"githubAppClientSecret"`
+	GithubOAuthAppClientID           string   `json:"githubOAuthAppClientId"` // GitHub's old-style OAuth App
+	GithubOAuthAppClientSecret       string   `json:"githubOAuthAppClientSecret"`
+	GithubOAuthAppAllowedCallbackURL string   `json:"githubOAuthAppAllowedCallbackURL"` // the callback URL that was configured in GitHub for this App
+	TestUserUsername                 string   `json:"testUserUsername"`                 // the "login" attribute value for the user
+	TestUserPassword                 string   `json:"testUserPassword"`
+	TestUserOTPSecret                string   `json:"testUserOTPSecret"`
+	TestUserID                       string   `json:"testUserID"`           // the "id" attribute value for the user
+	TestUserOrganization             string   `json:"testUserOrganization"` // an org to which the user belongs
+	TestUserExpectedTeamNames        []string `json:"testUserExpectedTeamNames"`
+	TestUserExpectedTeamSlugs        []string `json:"testUserExpectedTeamSlugs"`
+}
+
 // ProxyEnv returns a set of environment variable strings (e.g., to combine with os.Environ()) which set up the configured test HTTP proxy.
 func (e *TestEnv) ProxyEnv() []string {
 	if e.Proxy == "" {
@@ -319,11 +335,28 @@ func loadEnvVars(t *testing.T, result *TestEnv) {
 		GroupSearchBase:                                 wantEnv("PINNIPED_TEST_AD_USERS_DN", ""),
 	}

+	result.SupervisorUpstreamGithub = TestGithubUpstream{
+		GithubAppClientID:                wantEnv("PINNIPED_TEST_GITHUB_APP_CLIENT_ID", ""),
+		GithubAppClientSecret:            wantEnv("PINNIPED_TEST_GITHUB_APP_CLIENT_SECRET", ""),
+		GithubOAuthAppClientID:           wantEnv("PINNIPED_TEST_GITHUB_OAUTH_APP_CLIENT_ID", ""),
+		GithubOAuthAppClientSecret:       wantEnv("PINNIPED_TEST_GITHUB_OAUTH_APP_CLIENT_SECRET", ""),
+		GithubOAuthAppAllowedCallbackURL: wantEnv("PINNIPED_TEST_GITHUB_OAUTH_APP_ALLOWED_CALLBACK_URL", ""),
+		TestUserUsername:                 wantEnv("PINNIPED_TEST_GITHUB_USER_USERNAME", ""),
+		TestUserPassword:                 wantEnv("PINNIPED_TEST_GITHUB_USER_PASSWORD", ""),
+		TestUserOTPSecret:                wantEnv("PINNIPED_TEST_GITHUB_USER_OTP_SECRET", ""),
+		TestUserID:                       wantEnv("PINNIPED_TEST_GITHUB_USERID", ""),
+		TestUserOrganization:             wantEnv("PINNIPED_TEST_GITHUB_ORG", ""),
+		TestUserExpectedTeamNames:        filterEmpty(strings.Split(wantEnv("PINNIPED_TEST_GITHUB_EXPECTED_TEAM_NAMES", ""), ",")),
+		TestUserExpectedTeamSlugs:        filterEmpty(strings.Split(wantEnv("PINNIPED_TEST_GITHUB_EXPECTED_TEAM_SLUGS", ""), ",")),
+	}
+
 	sort.Strings(result.SupervisorUpstreamLDAP.TestUserDirectGroupsCNs)
 	sort.Strings(result.SupervisorUpstreamLDAP.TestUserDirectGroupsDNs)
 	sort.Strings(result.SupervisorUpstreamActiveDirectory.TestUserDirectGroupsCNs)
 	sort.Strings(result.SupervisorUpstreamActiveDirectory.TestUserDirectGroupsDNs)
 	sort.Strings(result.SupervisorUpstreamActiveDirectory.TestUserIndirectGroupsSAMAccountNames)
+	sort.Strings(result.SupervisorUpstreamGithub.TestUserExpectedTeamNames)
+	sort.Strings(result.SupervisorUpstreamGithub.TestUserExpectedTeamSlugs)
 }

 func (e *TestEnv) HasCapability(cap Capability) bool {