autonomic-bot
f283a371bb
Sanitized single-commit public mirror of recipe-maintainer. - Removed test-ssh/.testenv (live creds); added test-ssh/.testenv.example placeholders. - Removed plans/ and planned-updates/ (deployment-planning docs) so no client/ deployment domains appear in the public repo. - All other secret stores were already gitignored. - docs.coopcloud.tech retained as a submodule (public upstream).
25 lines
1.0 KiB
Markdown
25 lines
1.0 KiB
Markdown
# Keycloak Tests
|
|
|
|
## Requires
|
|
|
|
- lasuite-docs
|
|
|
|
## Target
|
|
|
|
- **URL:** `https://keycloak.<DOMAIN_SUFFIX>`
|
|
|
|
## Automated Checks
|
|
|
|
Run the scripts in `tests/` to perform automated testing:
|
|
|
|
- `health_check.py` — Confirms the instance is reachable and returns HTTP 200.
|
|
- `oidc_integration.py` — Full OIDC integration test using La Suite Docs as the relying party. Verifies token issuance, OIDC discovery, and JWT validation by authenticating a test user through Keycloak and calling the Docs API with the resulting token. Requires lasuite-docs to be deployed. Set `SKIP_INTEGRATION=1` to skip.
|
|
|
|
## Manual Verification
|
|
|
|
1. Open `https://keycloak.<DOMAIN_SUFFIX>` in a browser.
|
|
2. Confirm the Keycloak login/welcome page loads without errors.
|
|
3. Log in with the temporary admin credentials (username: `admin`, password in `recipe-info/keycloak/secrets.json` under `admin_password`).
|
|
4. Verify the Keycloak admin console loads and is functional.
|
|
5. Create a real admin user with 2FA and delete the temporary admin (see recipe README for full steps).
|