OpenUpSA · jbothma · Oct 24, 2025 · Oct 24, 2025 · Oct 24, 2025 · Oct 24, 2025
diff --git a/.github/workflows/integration.yaml b/.github/workflows/integration.yaml
@@ -0,0 +1,107 @@
+name: Integration Tests
+
+on:
+  push:
+  pull_request:
+  workflow_dispatch:
+
+jobs:
+  integration:
+    runs-on: ubuntu-latest
+    timeout-minutes: 15
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Checkout agari-helm
+        uses: actions/checkout@v4
+        with:
+          repository: jbothma/agari-helm
+          ref: integration-tested
+          path: agari-helm
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Start services
+        env:
+          AGARI_HELM_PATH: ${{ github.workspace }}/agari-helm
+        run: docker compose up -d
+
+      - name: Wait for services to be healthy
+        timeout-minutes: 5
+        run: |
+          echo "Waiting for all services to become healthy (excluding zookeeper)..."
+          END=$((SECONDS+120))
+
+          while [ $SECONDS -lt $END ]; do
+            # Get list of unhealthy services (excluding NAME header, already healthy services, and zookeeper)
+            UNHEALTHY=$(docker compose ps --status running | egrep -v '(NAME|healthy|zookeeper)' || true)
+
+            if [ -z "$UNHEALTHY" ]; then
+              echo "All services are healthy!"
+              docker compose ps
+              exit 0
+            fi
+
+            echo "Still waiting for services to become healthy..."
+            echo "$UNHEALTHY"
+            sleep 5
+          done
+
+          echo "Timeout: Services did not become healthy within 2 minutes"
+          docker compose ps
+          exit 1
+
+      - name: Show service status
+        if: success()
+        run: docker compose ps
+
+      - name: Test authentication
+        run: |
+          echo "Testing Keycloak authentication as system-admin..."
+          RESPONSE=$(curl --silent --request POST \
+            --url http://localhost:8080/realms/agari/protocol/openid-connect/token \
+            --header 'content-type: application/x-www-form-urlencoded' \
+            --data username=system.admin@agari.tech \
+            --data password=pass123 \
+            --data grant_type=password \
+            --data client_id=dms \
+            --data client_secret=VDyLEjGR3xDQvoQlrHq5AB6OwbW0Refc)
+
+          SYSADMIN_ACCESS_TOKEN=$(echo "$RESPONSE" | jq -r '.access_token')
+
+          if [ "$SYSADMIN_ACCESS_TOKEN" = "null" ] || [ -z "$SYSADMIN_ACCESS_TOKEN" ]; then
+            echo "Failed to get access token"
+            echo "Response: $RESPONSE"
+            exit 1
+          fi
+
+          echo "Successfully obtained access token for system-admin"
+          echo "SYSADMIN_ACCESS_TOKEN=${SYSADMIN_ACCESS_TOKEN}" >> $GITHUB_ENV
+
+      - name: Test Folio whoami endpoint
+        run: |
+          echo "Testing Folio /info/whoami endpoint..."
+          RESPONSE=$(curl --silent --request GET \
+            --url http://localhost:8000/info/whoami \
+            --header "authorization: Bearer ${SYSADMIN_ACCESS_TOKEN}")
+
+          echo "Response: $RESPONSE"
+
+          if echo "$RESPONSE" | grep -q "system.admin@agari.tech"; then
+            echo "✓ Successfully verified user identity: system.admin@agari.tech"
+            exit 0
+          else
+            echo "✗ Failed to find system.admin@agari.tech in response"
+            exit 1
+          fi
+
+      - name: Print docker compose logs
+        if: always()
+        run: docker compose logs
+
+      - name: Clean up
+        if: always()
+        run: docker compose down -v
diff --git a/Dockerfile b/Dockerfile
@@ -5,6 +5,7 @@ WORKDIR /app
 # Install system dependencies
 RUN apt-get update && apt-get install -y \
     gcc \
+    curl \
     && rm -rf /var/lib/apt/lists/*
 
 # Copy requirements and install Python dependencies