secure-proxy-manager/docker-compose.test.yml at main · fabgpt-coder/secure-proxy-manager · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
# docker-compose.test.yml
#
# Integration + E2E test stack.
# Runs: backend (Go) · web (nginx SPA) · mock-lists · Playwright test-runner
# Proxy and WAF are intentionally excluded: tests cover API and UI layers only,
# not Squid proxy behaviour. This avoids the NET_ADMIN/SSL-certgen requirements
# that crash Squid in restricted Docker environments.
#
# Usage:
#   docker compose -f docker-compose.test.yml up --build --abort-on-container-exit --exit-code-from test-runner
#   docker compose -f docker-compose.test.yml down -v   # cleanup

services:

  # ── Backend API ────────────────────────────────────────────────────────────

  backend:
    build: ./backend-go
    ports:
      - "5001:5000"
    volumes:
      - ./config:/config
      - test-data:/data
      - test-logs:/logs
    environment:
      - PROXY_HOST=proxy
      - PROXY_PORT=3128
      - PROXY_CONTAINER_NAME=secure-proxy-manager-test-proxy
      - BASIC_AUTH_USERNAME=${TEST_USERNAME:-testadmin}
      - BASIC_AUTH_PASSWORD=${TEST_PASSWORD:-TestP@ss123!}
      - SECRET_KEY=e2e-test-secret-key-not-for-production
      - CORS_ALLOWED_ORIGINS=http://web:8011,http://localhost:8011
      - DATABASE_PATH=/data/secure_proxy_test.db
    healthcheck:
      test: ["CMD", "curl", "-sf", "http://127.0.0.1:5000/health"]
      interval: 5s
      timeout: 3s
      retries: 15
      start_period: 15s
    networks:
      - test-net
    restart: "no"

  # ── Frontend (nginx SPA + reverse proxy) ───────────────────────────────────

  web:
    build:
      context: .
      dockerfile: ./ui/Dockerfile
    ports:
      - "8011:8011"
    environment:
      - BACKEND_URL=http://backend:5000
      - REQUEST_TIMEOUT=120
    healthcheck:
      test: ["CMD", "curl", "-sf", "http://127.0.0.1:8011/health"]
      interval: 5s
      timeout: 3s
      retries: 15
      start_period: 25s
    depends_on:
      backend:
        condition: service_healthy
    networks:
      - test-net
    restart: "no"

  # ── Mock blocklist server ──────────────────────────────────────────────────
  # Serves static .txt files so the "Import URL" feature can be tested
  # without hitting the internet.

  mock-lists:
    image: nginx:1.27-alpine
    volumes:
      - ./tests/mock-lists/nginx.conf:/etc/nginx/conf.d/default.conf:ro
      - ./tests/mock-lists:/usr/share/nginx/html:ro
    healthcheck:
      test: ["CMD", "curl", "-sf", "http://127.0.0.1:8080/health"]
      interval: 3s
      timeout: 2s
      retries: 10
    networks:
      - test-net
    restart: "no"

  # ── Playwright test runner ─────────────────────────────────────────────────
  # Waits for the full stack to be healthy, then runs the E2E suite.
  # Exit code is propagated via --exit-code-from test-runner.

  test-runner:
    build:
      context: ./tests/e2e
      dockerfile: Dockerfile
    depends_on:
      web:
        condition: service_healthy
      backend:
        condition: service_healthy
      mock-lists:
        condition: service_healthy
    environment:
      - BASE_URL=http://web:8011
      - API_URL=http://backend:5000
      - TEST_USERNAME=${TEST_USERNAME:-testadmin}
      - TEST_PASSWORD=${TEST_PASSWORD:-TestP@ss123!}
      - MOCK_LISTS_URL=http://mock-lists:8080
      - CI=true
    volumes:
      - test-results:/test-results
    networks:
      - test-net
    restart: "no"

networks:
  test-net:
    driver: bridge

volumes:
  test-data:
  test-logs:
  test-results: