github-mirrors
/
mirror-seaweedfs


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283
							name: "S3 IAM Integration Tests"

on:
  pull_request:
    paths:
      - 'weed/iam/**'
      - 'weed/s3api/**'
      - 'test/s3/iam/**'
      - '.github/workflows/s3-iam-tests.yml'
  push:
    branches: [ master ]
    paths:
      - 'weed/iam/**'
      - 'weed/s3api/**'
      - 'test/s3/iam/**'
      - '.github/workflows/s3-iam-tests.yml'
  
concurrency:
  group: ${{ github.head_ref }}/s3-iam-tests
  cancel-in-progress: true

permissions:
  contents: read

defaults:
  run:
    working-directory: weed

jobs:
  # Unit tests for IAM components
  iam-unit-tests:
    name: IAM Unit Tests
    runs-on: ubuntu-22.04
    timeout-minutes: 15
    
    steps:
      - name: Check out code
        uses: actions/checkout@v5

      - name: Set up Go
        uses: actions/setup-go@v6
        with:
          go-version-file: 'go.mod'
        id: go

      - name: Get dependencies
        run: |
          go mod download

      - name: Run IAM Unit Tests
        timeout-minutes: 10
        run: |
          set -x
          echo "=== Running IAM STS Tests ==="
          go test -v -timeout 5m ./iam/sts/...
          
          echo "=== Running IAM Policy Tests ==="
          go test -v -timeout 5m ./iam/policy/...
          
          echo "=== Running IAM Integration Tests ==="
          go test -v -timeout 5m ./iam/integration/...
          
          echo "=== Running S3 API IAM Tests ==="
          go test -v -timeout 5m ./s3api/... -run ".*IAM.*|.*JWT.*|.*Auth.*"

      - name: Upload test results on failure
        if: failure()
        uses: actions/upload-artifact@v4
        with:
          name: iam-unit-test-results
          path: |
            weed/testdata/
            weed/**/testdata/
          retention-days: 3

  # S3 IAM integration tests with SeaweedFS services
  s3-iam-integration-tests:
    name: S3 IAM Integration Tests
    runs-on: ubuntu-22.04
    timeout-minutes: 25
    strategy:
      matrix:
        test-type: ["basic", "advanced", "policy-enforcement"]
        
    steps:
      - name: Check out code
        uses: actions/checkout@v5

      - name: Set up Go
        uses: actions/setup-go@v6
        with:
          go-version-file: 'go.mod'
        id: go

      - name: Install SeaweedFS
        working-directory: weed
        run: |
          go install -buildvcs=false

      - name: Run S3 IAM Integration Tests - ${{ matrix.test-type }}
        timeout-minutes: 20
        working-directory: test/s3/iam
        run: |
          set -x
          echo "=== System Information ==="
          uname -a
          free -h
          df -h
          echo "=== Starting S3 IAM Integration Tests (${{ matrix.test-type }}) ==="
          
          # Set WEED_BINARY to use the installed version
          export WEED_BINARY=$(which weed)
          export TEST_TIMEOUT=15m
          
          # Run tests based on type
          case "${{ matrix.test-type }}" in
            "basic")
              echo "Running basic IAM functionality tests..."
              make clean setup start-services wait-for-services
              go test -v -timeout 15m -run "TestS3IAMAuthentication|TestS3IAMBasicWorkflow|TestS3IAMTokenValidation" ./...
              ;;
            "advanced")
              echo "Running advanced IAM feature tests..."
              make clean setup start-services wait-for-services
              go test -v -timeout 15m -run "TestS3IAMSessionExpiration|TestS3IAMMultipart|TestS3IAMPresigned" ./...
              ;;
            "policy-enforcement")
              echo "Running policy enforcement tests..."
              make clean setup start-services wait-for-services
              go test -v -timeout 15m -run "TestS3IAMPolicyEnforcement|TestS3IAMBucketPolicy|TestS3IAMContextual" ./...
              ;;
            *)
              echo "Unknown test type: ${{ matrix.test-type }}"
              exit 1
              ;;
          esac
          
          # Always cleanup
          make stop-services

      - name: Show service logs on failure
        if: failure()
        working-directory: test/s3/iam
        run: |
          echo "=== Service Logs ==="
          echo "--- Master Log ---"
          tail -50 weed-master.log 2>/dev/null || echo "No master log found"
          echo ""
          echo "--- Filer Log ---"
          tail -50 weed-filer.log 2>/dev/null || echo "No filer log found"
          echo ""
          echo "--- Volume Log ---"
          tail -50 weed-volume.log 2>/dev/null || echo "No volume log found"
          echo ""
          echo "--- S3 API Log ---"
          tail -50 weed-s3.log 2>/dev/null || echo "No S3 log found"
          echo ""
          
          echo "=== Process Information ==="
          ps aux | grep -E "(weed|test)" || true
          netstat -tlnp | grep -E "(8333|8888|9333|8080)" || true

      - name: Upload test logs on failure
        if: failure()
        uses: actions/upload-artifact@v4
        with:
          name: s3-iam-integration-logs-${{ matrix.test-type }}
          path: test/s3/iam/weed-*.log
          retention-days: 5

  # Distributed IAM tests
  s3-iam-distributed-tests:
    name: S3 IAM Distributed Tests
    runs-on: ubuntu-22.04
    timeout-minutes: 25
    
    steps:
      - name: Check out code
        uses: actions/checkout@v5

      - name: Set up Go
        uses: actions/setup-go@v6
        with:
          go-version-file: 'go.mod'
        id: go

      - name: Install SeaweedFS
        working-directory: weed
        run: |
          go install -buildvcs=false

      - name: Run Distributed IAM Tests
        timeout-minutes: 20
        working-directory: test/s3/iam
        run: |
          set -x
          echo "=== System Information ==="
          uname -a
          free -h
          
          export WEED_BINARY=$(which weed)
          export TEST_TIMEOUT=15m
          
          # Test distributed configuration
          echo "Testing distributed IAM configuration..."
          make clean setup
          
          # Start services with distributed IAM config
          echo "Starting services with distributed configuration..."
          make start-services
          make wait-for-services
          
          # Run distributed-specific tests
          export ENABLE_DISTRIBUTED_TESTS=true
          go test -v -timeout 15m -run "TestS3IAMDistributedTests" ./... || {
            echo "❌ Distributed tests failed, checking logs..."
            make logs
            exit 1
          }
          
          make stop-services

      - name: Upload distributed test logs
        if: always()
        uses: actions/upload-artifact@v4
        with:
          name: s3-iam-distributed-logs
          path: test/s3/iam/weed-*.log
          retention-days: 7

  # Performance and stress tests
  s3-iam-performance-tests:
    name: S3 IAM Performance Tests
    runs-on: ubuntu-22.04
    timeout-minutes: 30
    
    steps:
      - name: Check out code
        uses: actions/checkout@v5

      - name: Set up Go
        uses: actions/setup-go@v6
        with:
          go-version-file: 'go.mod'
        id: go

      - name: Install SeaweedFS
        working-directory: weed
        run: |
          go install -buildvcs=false

      - name: Run IAM Performance Benchmarks
        timeout-minutes: 25
        working-directory: test/s3/iam
        run: |
          set -x
          echo "=== Running IAM Performance Tests ==="
          
          export WEED_BINARY=$(which weed)
          export TEST_TIMEOUT=20m
          
          make clean setup start-services wait-for-services
          
          # Run performance tests (benchmarks disabled for CI)
          echo "Running performance tests..."
          export ENABLE_PERFORMANCE_TESTS=true
          go test -v -timeout 15m -run "TestS3IAMPerformanceTests" ./... || {
            echo "❌ Performance tests failed"
            make logs
            exit 1
          }
          
          make stop-services

      - name: Upload performance test results
        if: always()
        uses: actions/upload-artifact@v4
        with:
          name: s3-iam-performance-results
          path: |
            test/s3/iam/weed-*.log
            test/s3/iam/*.test
          retention-days: 7