TDvorak/Containr
1
0
Fork 0
mirror of https://github.com/Dvorinka/Containr.git synced 2026-06-04 04:22:57 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
Files
94f7302972ce560662c88c2710521856d6be99b8
Containr/scripts/test-start-unified-preflight.sh
T
Tomas Dvorak 08cb5754f3 small fix, don't worry about it
2026-04-10 12:02:36 +02:00

112 lines
3.3 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
set -euo pipefail
ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
SCRIPT="$ROOT_DIR/start-unified.sh"
ENV_FILE="$ROOT_DIR/.env.prod"
if ! command -v docker >/dev/null 2>&1; then
echo "SKIP: docker command not found, skipping preflight tests"
exit 0
fi
backup_file=""
if [ -f "$ENV_FILE" ]; then
backup_file="$(mktemp)"
cp "$ENV_FILE" "$backup_file"
fi
cleanup() {
if [ -n "$backup_file" ] && [ -f "$backup_file" ]; then
mv "$backup_file" "$ENV_FILE"
else
rm -f "$ENV_FILE"
fi
}
trap cleanup EXIT
write_env() {
cat > "$ENV_FILE" <<EOT
$1
EOT
}
expect_fail() {
local name="$1"
local expected="$2"
shift 2
set +e
local output
output="$($SCRIPT "$@" 2>&1)"
local code=$?
set -e
if [ "$code" -eq 0 ]; then
echo "FAIL [$name]: command unexpectedly succeeded"
echo "$output"
exit 1
fi
if ! grep -Fq "$expected" <<<"$output"; then
echo "FAIL [$name]: expected error message not found"
echo "Expected: $expected"
echo "Output:"
echo "$output"
exit 1
fi
echo "PASS [$name]"
}
write_env "DOMAIN=localhost
JWT_SECRET=this-is-a-very-strong-production-secret-123
BETTER_AUTH_SECRET=this-is-a-very-strong-better-auth-secret-123
BETTER_AUTH_INTERNAL_TOKEN=internal-auth-token
COOKIE_SECURE=true
TRAEFIK_AUTH=admin:\$\$apr1\$\$hash\$\$hashvalue"
expect_fail "prod-domain" "DOMAIN must be set to a real domain for production." prod
write_env "DOMAIN=example.com
JWT_SECRET=dev_jwt_secret_key_change_in_production
BETTER_AUTH_SECRET=this-is-a-very-strong-better-auth-secret-123
BETTER_AUTH_INTERNAL_TOKEN=internal-auth-token
COOKIE_SECURE=true
TRAEFIK_AUTH=admin:\$\$apr1\$\$hash\$\$hashvalue"
expect_fail "prod-jwt" "JWT_SECRET must be set to a strong non-default value in production." prod
write_env "DOMAIN=example.com
JWT_SECRET=strong-secret
BETTER_AUTH_SECRET=this-is-a-very-strong-better-auth-secret-123
BETTER_AUTH_INTERNAL_TOKEN=internal-auth-token
COOKIE_SECURE=true
TRAEFIK_AUTH=admin:\$\$apr1\$\$hash\$\$hashvalue"
expect_fail "prod-jwt-length" "JWT_SECRET must be at least 32 characters in production." prod
write_env "DOMAIN=example.com
JWT_SECRET=this-is-a-very-strong-production-secret-123
BETTER_AUTH_SECRET=this-is-a-very-strong-better-auth-secret-123
BETTER_AUTH_INTERNAL_TOKEN=internal-auth-token
COOKIE_SECURE=true"
expect_fail "prod-traefik-auth" "TRAEFIK_AUTH must be set (basic auth hash) for dashboard protection in production." prod
write_env "DOMAIN=example.com
JWT_SECRET=this-is-a-very-strong-production-secret-123
BETTER_AUTH_SECRET=this-is-a-very-strong-better-auth-secret-123
BETTER_AUTH_INTERNAL_TOKEN=internal-auth-token
COOKIE_SECURE=true
TRAEFIK_AUTH=admin:\$\$apr1\$\$hash\$\$hashvalue"
expect_fail "prod-agent-auth" "CONTAINR_AGENT_AUTH_TOKEN or CONTAINR_AGENT_AUTH_TOKENS must be set in production." prod
write_env "DOMAIN=example.com
JWT_SECRET=this-is-a-very-strong-production-secret-123
BETTER_AUTH_SECRET=this-is-a-very-strong-better-auth-secret-123
BETTER_AUTH_INTERNAL_TOKEN=internal-auth-token
COOKIE_SECURE=true
TRAEFIK_AUTH=admin:\$\$apr1\$\$hash\$\$hashvalue
CONTAINR_AGENT_AUTH_TOKEN=agent-secret"
expect_fail "cloudflare-token" "CLOUDFLARED_TOKEN must be set." cloudflare
echo "All start-unified preflight tests passed"
Reference in New Issue View Git Blame Copy Permalink