chore: Add e2e test for CS user auth flow
What does this merge request do and why?
Add a CI job to test the User JWT + Code Completions flow in a functional/integration fashion.
How to set up and validate locally
It adds a CI job, so it should be self-tested by having a green pipeline.
However, we should also test the changes to auth logic (our new bypass header).
For a simple local test, I did:
- [Stage 1][With ENV var NOT set] Make sure
AIGW_AUTH__ALLOW_BYPASS_EXTERNAL_HEADER=false
in.env
- Restart the server
- Run
curl --url 'http://localhost:5052/docs'
- You should get
{"error":"No authorization header presented"}%
- Run
curl --url 'http://localhost:5052/docs' --header 'Bypass-Auth: true'
- You should still get
{"error":"No authorization header presented"}%
because we didn't set the ENV var - [Stage 2][With ENV var set] Make sure
AIGW_AUTH__ALLOW_BYPASS_EXTERNAL_HEADER=true
in.env
- Restart the server
- Run
curl --url 'http://localhost:5052/docs'
- You should get
{"error":"No authorization header presented"}%
because even though env var is set, the header is not supplied - Run
curl --url 'http://localhost:5052/docs' --header 'Bypass-Auth: true'
- Only in that case, env var + header, you should get 200 response
Merge request checklist
-
Tests added for new functionality. If not, please raise an issue to follow up. -
Documentation added/updated, if needed.
Closes #503 (closed)
Edited by Aleksei Lipniagov