add integration tests

.github/workflows/auth-integration-test.yaml

@@ -30,7 +30,7 @@ jobs:
         run: |
           # Create test results directory
           mkdir -p docker/auth-test/test-results
-          chmod 777 docker/auth-test/test-results
+          chmod 755 docker/auth-test/test-results
 
       - name: Start infrastructure
         working-directory: docker/auth-test

.github/workflows/integration-test.yaml

@@ -0,0 +1,115 @@
+name: Integration Tests
+
+on:
+  push:
+    branches: [master, webapi-3.0]
+  pull_request:
+    branches: [master, webapi-3.0]
+  workflow_dispatch:
+
+env:
+  DOCKER_BUILDKIT: 1
+  COMPOSE_DOCKER_CLI_BUILD: 1
+
+jobs:
+  integration-test:
+    name: CDM Integration Tests
+    runs-on: ubuntu-latest
+    timeout-minutes: 45
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Build WebAPI Docker image
+        working-directory: docker/integration-test
+        run: |
+          docker compose build webapi
+
+      - name: Set up test environment
+        run: |
+          # Create test results directory
+          mkdir -p docker/integration-test/test-results
+          chmod 755 docker/integration-test/test-results
+
+      - name: Start infrastructure
+        working-directory: docker/integration-test
+        run: |
+          docker compose up -d postgres cdm-db mock-oauth2
+
+          echo "Waiting for PostgreSQL to be ready..."
+          timeout 60 bash -c 'until docker compose exec -T postgres pg_isready -U postgres > /dev/null 2>&1; do sleep 2; done'
+          echo "PostgreSQL is ready!"
+
+          echo "Waiting for CDM database to be ready..."
+          timeout 60 bash -c 'until docker compose exec -T cdm-db pg_isready -U postgres > /dev/null 2>&1; do sleep 2; done'
+          echo "CDM database is ready!"
+
+      - name: Start WebAPI
+        working-directory: docker/integration-test
+        run: |
+          docker compose up -d webapi
+
+          echo "Waiting for WebAPI to be healthy..."
+          timeout 300 bash -c 'until curl -sf http://localhost:18080/WebAPI/info > /dev/null 2>&1; do sleep 10; echo "Waiting for WebAPI..."; done'
+          echo "WebAPI is ready!"
+
+      - name: Setup test data
+        working-directory: docker/integration-test
+        run: |
+          docker compose up db-setup
+          echo "Test data created!"
+
+      - name: Run Newman tests
+        working-directory: docker/integration-test
+        run: |
+          # Run tests using Newman docker container
+          docker compose up newman
+
+          # Check test results
+          if [ -f test-results/integration-test-results.xml ]; then
+            echo "Test results generated successfully"
+          else
+            echo "Warning: Test results file not found"
+          fi
+
+      - name: Upload test results
+        uses: actions/upload-artifact@v4
+        if: always()
+        with:
+          name: integration-test-results
+          path: docker/integration-test/test-results/
+          retention-days: 30
+
+      - name: Publish test results
+        uses: mikepenz/action-junit-report@v4
+        if: always()
+        with:
+          report_paths: 'docker/integration-test/test-results/*.xml'
+          check_name: 'Integration Test Results'
+          fail_on_failure: true
+
+      - name: Show logs on failure
+        if: failure()
+        working-directory: docker/integration-test
+        run: |
+          echo "=== WebAPI Logs ==="
+          docker compose logs webapi --tail=200
+          echo ""
+          echo "=== CDM Database Logs ==="
+          docker compose logs cdm-db --tail=50
+          echo ""
+          echo "=== mock-oauth2 Logs ==="
+          docker compose logs mock-oauth2 --tail=100
+          echo ""
+          echo "=== Newman Logs ==="
+          docker compose logs newman --tail=100
+          echo ""
+          echo "=== DB Setup Logs ==="
+          docker compose logs db-setup --tail=50
+
+      - name: Cleanup
+        if: always()
+        working-directory: docker/integration-test
+        run: |
+          docker compose down -v --remove-orphans

docker/integration-test/.env.example

@@ -0,0 +1,12 @@
+# Integration Test Environment Configuration
+# Copy to .env and modify as needed
+
+# Database credentials
+POSTGRES_PASSWORD=postgres
+CDM_PASSWORD=mypass
+
+# OAuth2 configuration
+OIDC_CLIENT_SECRET=webapi-secret
+
+# Test user credentials (must match bcrypt hashes in setup-test-data.sql)
+TEST_USER_PASSWORD=testpass123

docker/integration-test/.gitignore

@@ -0,0 +1,3 @@
+# Test results (generated during test runs)
+test-results/*.xml
+test-results/*.json

docker/integration-test/docker-compose.yml

@@ -0,0 +1,159 @@
+services:
+  postgres:
+    image: postgres:15-alpine
+    container_name: webapi-postgres
+    environment:
+      POSTGRES_USER: postgres
+      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-postgres}
+      POSTGRES_DB: ohdsi
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U postgres"]
+      interval: 5s
+      timeout: 5s
+      retries: 10
+    networks:
+      - webapi-network
+
+  cdm-db:
+    image: ohdsi/broadsea-atlasdb:2.3.0
+    container_name: cdm-db
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U postgres"]
+      interval: 5s
+      timeout: 5s
+      retries: 10
+    networks:
+      - webapi-network
+
+  cdm-db-debug:
+    image: ohdsi/broadsea-atlasdb:2.3.0
+    container_name: cdm-db-debug
+    profiles: ["debug"]
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U postgres"]
+      interval: 5s
+      timeout: 5s
+      retries: 10
+    ports:
+      - "5433:5432"
+    networks:
+      - webapi-network
+
+  mock-oauth2:
+    image: ghcr.io/navikt/mock-oauth2-server:2.1.10
+    container_name: mock-oauth2
+    environment:
+      - SERVER_PORT=9090
+      - JSON_CONFIG={"interactiveLogin":true,"httpServer":"NettyWrapper","tokenCallbacks":[{"issuerId":"default","tokenExpiry":3600,"requestMappings":[{"requestParam":"grant_type","match":"*","claims":{"sub":"testuser","email":"testuser@example.com","name":"Test User"}}]}]}
+    ports:
+      - "9090:9090"
+    networks:
+      - webapi-network
+
+  webapi:
+    build:
+      context: ../..
+      dockerfile: Dockerfile
+    container_name: webapi
+    restart: on-failure:3
+    depends_on:
+      postgres:
+        condition: service_healthy
+      cdm-db:
+        condition: service_healthy
+      mock-oauth2:
+        condition: service_started
+    environment:
+      - SPRING_DATASOURCE_HIKARI_CONNECTIONTIMEOUT=60000
+      - SPRING_DATASOURCE_HIKARI_INITIALIZATIONFAILTIMEOUT=60000
+      - DATASOURCE_URL=jdbc:postgresql://postgres:5432/ohdsi
+      - DATASOURCE_USERNAME=postgres
+      - DATASOURCE_PASSWORD=${POSTGRES_PASSWORD:-postgres}
+      - DATASOURCE_OHDSI_SCHEMA=webapi
+      - SPRING_JPA_PROPERTIES_HIBERNATE_DEFAULT_SCHEMA=webapi
+      - SPRING_BATCH_REPOSITORY_TABLEPREFIX=webapi.BATCH_
+      - SPRING_FLYWAY_URL=jdbc:postgresql://postgres:5432/ohdsi
+      - SPRING_FLYWAY_USER=postgres
+      - SPRING_FLYWAY_PASSWORD=${POSTGRES_PASSWORD:-postgres}
+      - SPRING_FLYWAY_SCHEMAS=webapi
+      - SPRING_FLYWAY_PLACEHOLDERS_OHDSISCHEMA=webapi
+      - SECURITY_PROVIDER=AtlasRegularSecurity
+      - SECURITY_AUTH_OPENID_ENABLED=true
+      - SECURITY_AUTH_JDBC_ENABLED=true
+      - SECURITY_AUTH_LDAP_ENABLED=false
+      - SECURITY_AUTH_AD_ENABLED=false
+      - SECURITY_AUTH_CAS_ENABLED=false
+      - SECURITY_AUTH_WINDOWS_ENABLED=false
+      - SECURITY_AUTH_KERBEROS_ENABLED=false
+      - SECURITY_AUTH_GOOGLE_ENABLED=false
+      - SECURITY_AUTH_FACEBOOK_ENABLED=false
+      - SECURITY_AUTH_GITHUB_ENABLED=false
+      - SECURITY_OID_CLIENTID=webapi-client
+      - SECURITY_OID_APISECRET=${OIDC_CLIENT_SECRET:-webapi-secret}
+      - SECURITY_OID_URL=http://mock-oauth2:9090/default/.well-known/openid-configuration
+      - SECURITY_OID_EXTERNALURL=http://localhost:9090/default
+      - SECURITY_OID_LOGOUTURL=http://localhost:9090/default/endsession
+      - SECURITY_OID_EXTRASCOPES=profile email
+      - SECURITY_OAUTH_CALLBACK_UI=http://localhost:18080/WebAPI/#/welcome
+      - SECURITY_OAUTH_CALLBACK_API=http://localhost:18080/WebAPI/user/oauth/callback
+      - SECURITY_OAUTH_CALLBACK_URLRESOLVER=query
+      - SECURITY_DB_DATASOURCE_URL=jdbc:postgresql://postgres:5432/ohdsi
+      - SECURITY_DB_DATASOURCE_DRIVERCLASSNAME=org.postgresql.Driver
+      - SECURITY_DB_DATASOURCE_USERNAME=postgres
+      - SECURITY_DB_DATASOURCE_PASSWORD=${POSTGRES_PASSWORD:-postgres}
+      - SECURITY_DB_DATASOURCE_SCHEMA=webapi
+      - SECURITY_DB_DATASOURCE_AUTHENTICATIONQUERY=select password from webapi.users where lower(login) = lower(?)
+    ports:
+      - "18080:8080"
+    healthcheck:
+      test: ["CMD", "curl", "-f", "http://localhost:8080/WebAPI/info"]
+      interval: 10s
+      timeout: 5s
+      retries: 30
+      start_period: 120s
+    networks:
+      - webapi-network
+
+  db-setup:
+    image: postgres:15-alpine
+    container_name: db-setup
+    depends_on:
+      webapi:
+        condition: service_healthy
+    volumes:
+      - ./setup-test-data.sql:/setup-test-data.sql:ro
+    environment:
+      PGPASSWORD: ${POSTGRES_PASSWORD:-postgres}
+    command: >
+      psql -h postgres -U postgres -d ohdsi -f /setup-test-data.sql
+    networks:
+      - webapi-network
+
+  newman:
+    image: postman/newman:6-alpine
+    container_name: newman
+    depends_on:
+      webapi:
+        condition: service_healthy
+      db-setup:
+        condition: service_completed_successfully
+    volumes:
+      - ./postman:/etc/newman
+      - ./test-results:/results
+    command:
+      - run
+      - /etc/newman/integration-tests.postman_collection.json
+      - --environment
+      - /etc/newman/integration-test-env.postman_environment.json
+      - --reporters
+      - cli,junit
+      - --reporter-junit-export
+      - /results/integration-test-results.xml
+      - --timeout-request
+      - "60000"
+    networks:
+      - webapi-network
+
+networks:
+  webapi-network:
+    driver: bridge

docker/integration-test/postman/integration-test-env.postman_environment.json

@@ -0,0 +1,67 @@
+{
+  "id": "webapi-integration-test-env",
+  "name": "WebAPI Integration Test Environment",
+  "values": [
+    {
+      "key": "base_url",
+      "value": "http://webapi:8080/WebAPI",
+      "type": "default",
+      "enabled": true
+    },
+    {
+      "key": "oidc_url",
+      "value": "http://mock-oauth2:9090/default",
+      "type": "default",
+      "enabled": true
+    },
+    {
+      "key": "oidc_client_id",
+      "value": "webapi-client",
+      "type": "default",
+      "enabled": true
+    },
+    {
+      "key": "oidc_client_secret",
+      "value": "webapi-secret",
+      "type": "secret",
+      "enabled": true
+    },
+    {
+      "key": "jdbc_user_email",
+      "value": "testuser@example.com",
+      "type": "default",
+      "enabled": true
+    },
+    {
+      "key": "jdbc_user_password",
+      "value": "testpass123",
+      "type": "secret",
+      "enabled": true
+    },
+    {
+      "key": "cdm_db_host",
+      "value": "cdm-db",
+      "type": "default",
+      "enabled": true
+    },
+    {
+      "key": "cdm_db_port",
+      "value": "5432",
+      "type": "default",
+      "enabled": true
+    },
+    {
+      "key": "cdm_schema",
+      "value": "demo_cdm",
+      "type": "default",
+      "enabled": true
+    },
+    {
+      "key": "results_schema",
+      "value": "demo_cdm_results",
+      "type": "default",
+      "enabled": true
+    }
+  ],
+  "_postman_variable_scope": "environment"
+}