[stable23] fix(CI): Copy smb-kerberos workflow from 24 #1739

Workflow file for this run

.github/workflows/smb-kerberos.yml at 07d0117

	name: Samba Kerberos SSO
	on:
	push:
	branches:
	- master
	- stable*
	paths:
	- 'apps/files_external/**'
	- '.github/workflows/smb-kerberos.yml'
	pull_request:
	paths:
	- 'apps/files_external/**'
	- '.github/workflows/smb-kerberos.yml'

	jobs:
	smb-kerberos-tests:
	runs-on: ubuntu-22.04

	if: ${{ github.repository_owner != 'nextcloud-gmbh' }}

	strategy:
	fail-fast: false
	matrix:
	php-versions: ['7.4', '8.0']

	name: php${{ matrix.php-versions }}-smb-kerberos

	steps:
	- name: Checkout server
	uses: actions/checkout@v2
	with:
	submodules: true
	- name: Pull images
	run: \|
	docker pull icewind1991/samba-krb-test-dc
	docker pull icewind1991/samba-krb-test-apache:${{ matrix.php-versions }}
	docker pull icewind1991/samba-krb-test-client
	- name: Setup AD-DC
	run: \|
	cp apps/files_external/tests/*.sh .
	mkdir data
	sudo chown -R 33 data apps config
	DC_IP=$(./start-dc.sh)
	./start-apache.sh $DC_IP $PWD ${{ matrix.php-versions }}
	echo "DC_IP=$DC_IP" >> $GITHUB_ENV

	- name: Set up Nextcloud
	run: \|
	docker exec --user 33 apache ./occ maintenance:install --verbose --database=sqlite --database-name=nextcloud --database-host=127.0.0.1 --database-user=root --database-pass=rootpassword --admin-user admin --admin-pass password
	docker exec --user 33 apache ./occ config:system:set trusted_domains 1 --value 'httpd.domain.test'

	- name: Set up user_saml
	run: \|
	# Avoid DNS issue inside the image
	docker exec --user 33 apache ./occ config:system:set allow_local_remote_servers --value true --type bool
	docker exec --user 33 apache ./occ app:enable user_saml --force
	docker exec --user 33 apache ./occ config:system:delete allow_local_remote_servers
	docker exec --user 33 apache ./occ config:app:set user_saml type --value 'environment-variable'
	docker exec --user 33 apache ./occ saml:config:create
	docker exec --user 33 apache ./occ saml:config:set 1 --general-uid_mapping=REMOTE_USER

	- name: Set up files_external
	run: \|
	docker exec --user 33 apache ./occ app:enable files_external --force
	docker exec --user 33 apache ./occ files_external:create smb smb smb::kerberosapache
	docker exec --user 33 apache ./occ files_external:config 1 host krb.domain.test
	docker exec --user 33 apache ./occ files_external:config 1 share netlogon
	docker exec --user 33 apache ./occ files_external:list

	- name: Test SSO
	run: \|
	mkdir /tmp/shared/cookies
	chmod 0777 /tmp/shared/cookies

	echo 'SAML login'
	./client-cmd.sh ${{ env.DC_IP }} curl -c /shared/cookies/jar -s --negotiate -u testuser@DOMAIN.TEST: --delegation always http://httpd.domain.test/index.php/apps/user_saml/saml/login
	echo 'Check we are logged in'
	CONTENT=$(./client-cmd.sh ${{ env.DC_IP }} curl -b /shared/cookies/jar -s --negotiate -u testuser@DOMAIN.TEST: --delegation always http://httpd.domain.test/remote.php/webdav/smb/test.txt)
	CONTENT=$(echo $CONTENT \| head -n 1 \| tr -d '[:space:]')
	[[ $CONTENT == "testfile" ]]

	smb-kerberos-summary:
	runs-on: ubuntu-latest
	needs: smb-kerberos-tests

	if: always()

	steps:
	- name: Summary status
	run: if ${{ needs.smb-kerberos-tests.result != 'success' }}; then exit 1; fi

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[stable23] fix(CI): Copy smb-kerberos workflow from 24 #1739

Workflow file

[stable23] fix(CI): Copy smb-kerberos workflow from 24 #1739

Jobs

Run details

Workflow file for this run