d-bis/proxmox
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(e2e): add SSO, docs.d-bis, blockscout.defi-oracle to routing verifier

Browse Source 
- DOMAIN_TYPES_ALL: keycloak/admin/portal/dash, docs.d-bis.org,
  blockscout.defi-oracle.io (web)
- E2E_OPTIONAL_WHEN_FAIL: same set for soft failures off-LAN
- Optional Blockscout /api/v2/stats for blockscout.defi-oracle.io
- print-gitea-actions-urls.sh: browser URLs (Actions API not relied on)
- E2E_ENDPOINTS_LIST + FQDN inventory alignment updated

Made-with: Cursor
This commit is contained in:
defiQUG
2026-03-28 17:29:50 -07:00
parent 7245e3e9d4
commit 7e546ec9e3
4 changed files with 47 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
scripts/verify/print-gitea-actions-urls.sh Executable file
View File

@@ -0,0 +1,16 @@
#!/usr/bin/env bash
# Print Gitea Actions UI URLs (no token). Use after pushing complete-credential / cc-* repos.
# Gitea REST "actions runs" APIs vary by version; the web UI is the reliable check.
set -euo pipefail
GITEA_URL="${GITEA_URL:-https://gitea.d-bis.org}"
ORG="${GITEA_ORG:-DBIS}"
REPOS=(
complete-credential
cc-shared-authz
cc-audit-ledger
cc-eidas-connector
)
echo "Open in browser (Actions tab):"
for r in "${REPOS[@]}"; do
echo " ${GITEA_URL}/${ORG}/${r}/actions"
done

19
scripts/verify/verify-end-to-end-routing.sh
View File

@@ -83,6 +83,14 @@ declare -A DOMAIN_TYPES_ALL=(
["the-order.sankofa.nexus"]="web" # OSJ portal (secure auth); app: ~/projects/the_order
["www.the-order.sankofa.nexus"]="web" # 301 → https://the-order.sankofa.nexus
["studio.sankofa.nexus"]="web"
# Client SSO / IdP / operator dash (FQDN_EXPECTED_CONTENT + EXPECTED_WEB_CONTENT Deployment Status)
["keycloak.sankofa.nexus"]="web"
["admin.sankofa.nexus"]="web"
["portal.sankofa.nexus"]="web"
["dash.sankofa.nexus"]="web"
# d-bis.org docs on explorer nginx where configured; generic Blockscout hostname (VMID 5000 when proxied)
["docs.d-bis.org"]="web"
["blockscout.defi-oracle.io"]="web"
["rpc.public-0138.defi-oracle.io"]="rpc-http"
["rpc.defi-oracle.io"]="rpc-http"
["wss.defi-oracle.io"]="rpc-ws"
@@ -166,7 +174,7 @@ else
fi
# Domains that are optional when any test fails (off-LAN, 502, unreachable); fail → skip so run passes.
_PUB_OPTIONAL_WHEN_FAIL="dapp.d-bis.org mifos.d-bis.org explorer.d-bis.org dbis-admin.d-bis.org dbis-api.d-bis.org dbis-api-2.d-bis.org secure.d-bis.org sankofa.nexus www.sankofa.nexus phoenix.sankofa.nexus www.phoenix.sankofa.nexus the-order.sankofa.nexus www.the-order.sankofa.nexus studio.sankofa.nexus mim4u.org www.mim4u.org secure.mim4u.org training.mim4u.org rpc-http-pub.d-bis.org rpc.d-bis.org rpc2.d-bis.org rpc.public-0138.defi-oracle.io rpc.defi-oracle.io ws.rpc.d-bis.org ws.rpc2.d-bis.org"
_PUB_OPTIONAL_WHEN_FAIL="dapp.d-bis.org mifos.d-bis.org explorer.d-bis.org dbis-admin.d-bis.org dbis-api.d-bis.org dbis-api-2.d-bis.org secure.d-bis.org sankofa.nexus www.sankofa.nexus phoenix.sankofa.nexus www.phoenix.sankofa.nexus the-order.sankofa.nexus www.the-order.sankofa.nexus studio.sankofa.nexus keycloak.sankofa.nexus admin.sankofa.nexus portal.sankofa.nexus dash.sankofa.nexus docs.d-bis.org blockscout.defi-oracle.io mim4u.org www.mim4u.org secure.mim4u.org training.mim4u.org rpc-http-pub.d-bis.org rpc.d-bis.org rpc2.d-bis.org rpc.public-0138.defi-oracle.io rpc.defi-oracle.io ws.rpc.d-bis.org ws.rpc2.d-bis.org"
_PRIV_OPTIONAL_WHEN_FAIL="rpc-http-prv.d-bis.org rpc-ws-prv.d-bis.org rpc-fireblocks.d-bis.org ws.rpc-fireblocks.d-bis.org"
if [[ -z "${E2E_OPTIONAL_WHEN_FAIL:-}" ]]; then
if [[ "$PROFILE" == "private" ]]; then
@@ -410,15 +418,16 @@ test_domain() {
result=$(echo "$result" | jq --arg time "$time_total" '.tests.https = {"status": "fail", "response_time_seconds": ($time | tonumber)}')
fi
# Optional: Blockscout API check for explorer.d-bis.org (does not affect E2E pass/fail)
if [ "$domain" = "explorer.d-bis.org" ] && [ "${SKIP_BLOCKSCOUT_API:-0}" != "1" ]; then
if { [ "$domain" = "explorer.d-bis.org" ] || [ "$domain" = "blockscout.defi-oracle.io" ]; } && [ "${SKIP_BLOCKSCOUT_API:-0}" != "1" ]; then
log_info "Test 3b: Blockscout API (optional)"
api_body_file="$OUTPUT_DIR/explorer_d-bis_org_blockscout_api.txt"
api_safe="${domain//./_}"
api_body_file="$OUTPUT_DIR/${api_safe}_blockscout_api.txt"
api_code=$(curl -s -o "$api_body_file" -w "%{http_code}" -k --connect-timeout 10 "https://$domain/api/v2/stats" 2>/dev/null || echo "000")
if [ "$api_code" = "200" ] && [ -s "$api_body_file" ] && (grep -qE '"total_blocks"|"total_transactions"' "$api_body_file" 2>/dev/null); then
log_success "Blockscout API: /api/v2/stats returned 200 with stats"
log_success "Blockscout API: $domain /api/v2/stats returned 200 with stats"
result=$(echo "$result" | jq '.tests.blockscout_api = {"status": "pass", "http_code": 200}')
else
log_warn "Blockscout API: HTTP $api_code or invalid response (optional; run from LAN if backend unreachable)"
log_warn "Blockscout API: $domain HTTP $api_code or invalid response (optional; run from LAN if backend unreachable)"
result=$(echo "$result" | jq --arg code "$api_code" '.tests.blockscout_api = {"status": "skip", "http_code": $code}')
fi
fi