Files
wehub-resource-sync bf2343b7e4
Integration Tests - MySQL + Elasticsearch / Detect Changes (push) Has been cancelled
Integration Tests - MySQL + Elasticsearch / integration-tests-mysql-elasticsearch (push) Has been cancelled
Integration Tests - PostgreSQL + Elasticsearch + Redis / Detect Changes (push) Has been cancelled
Integration Tests - PostgreSQL + Elasticsearch + Redis / integration-tests-postgres-elasticsearch-redis (push) Has been cancelled
Integration Tests - PostgreSQL + OpenSearch / Detect Changes (push) Has been cancelled
Integration Tests - PostgreSQL + OpenSearch / integration-tests-postgres-opensearch (push) Has been cancelled
Java Checkstyle / java-checkstyle (push) Has been cancelled
Maven Collate Tests / maven-collate-ci (push) Has been cancelled
OpenMetadata Service Unit Tests / openmetadata-service-unit-tests-status (push) Has been cancelled
Publish Package to Maven Central Repository / publish-maven-packages (push) Has been cancelled
OpenMetadata Service Unit Tests / Detect Changes (push) Has been cancelled
OpenMetadata Service Unit Tests / openmetadata-service-unit-tests (push) Has been cancelled
OpenMetadata Service Unit Tests / k8s_operator-unit-tests (push) Has been cancelled
chore: import upstream snapshot with attribution
2026-07-13 13:35:45 +08:00

51 lines
2.0 KiB
Bash

# SSO Test Environment Configuration
# Configures OM server to use mock OIDC provider for E2E testing.
#
# Usage:
# 1. Start mock OIDC provider first:
# docker compose --profile sso-test up -d mock-oidc-provider
#
# 2. Start (or restart) OM server with this env file:
# docker compose --env-file .env.sso-test up -d
#
# 3. Run SSO Playwright tests:
# cd openmetadata-ui/src/main/resources/ui
# npx playwright test --config=playwright.sso.config.ts
#
# NOTE: Server-side URLs use Docker hostname (mock-oidc-provider:9090).
# Client-side URLs (authority, callback) use localhost:9090.
# Authentication provider — custom-oidc uses OidcAuthenticator
AUTHENTICATION_PROVIDER=custom-oidc
CUSTOM_OIDC_AUTHENTICATION_PROVIDER_NAME=mock-oidc
AUTHENTICATION_CLIENT_TYPE=confidential
AUTHENTICATION_RESPONSE_TYPE=code
# Public keys — fetched server-side, must use Docker network hostname
AUTHENTICATION_PUBLIC_KEYS=[http://mock-oidc-provider:9090/jwks,http://localhost:8585/api/v1/system/config/jwks]
# Authority — sent to browser for redirect, must use localhost
AUTHENTICATION_AUTHORITY=http://localhost:9090
AUTHENTICATION_CLIENT_ID=openmetadata-test
AUTHENTICATION_CALLBACK_URL=http://localhost:8585/callback
AUTHENTICATION_ENABLE_SELF_SIGNUP=true
# Map principal claims: username from `sub`, email from the `email` claim.
# Exercises the OIDC self-signup mapped-email path (issue #29189).
AUTHENTICATION_JWT_PRINCIPAL_CLAIMS_MAPPING=[username:sub,email:email]
# OIDC Configuration — discovery URI is fetched server-side
OIDC_CLIENT_ID=openmetadata-test
OIDC_TYPE=custom-oidc
OIDC_CLIENT_SECRET=openmetadata-test-secret
OIDC_SCOPE=openid email profile
OIDC_DISCOVERY_URI=http://mock-oidc-provider:9090/.well-known/openid-configuration
OIDC_USE_NONCE=true
OIDC_PREFERRED_JWS=RS256
OIDC_RESPONSE_TYPE=code
OIDC_DISABLE_PKCE=true
OIDC_CALLBACK=http://localhost:8585/callback
OIDC_SERVER_URL=http://localhost:8585
OIDC_CLIENT_AUTH_METHOD=client_secret_post
OIDC_SESSION_EXPIRY=604800
AUTHENTICATION_SESSION_EXPIRY=604800
AUTHENTICATION_MAX_ACTIVE_SESSIONS_PER_USER=5