chore: update load tests, add checks

bcgov · Jun 28, 2024 · ca98bbf · ca98bbf
1 parent f5af39d
commit ca98bbf
Show file tree

Hide file tree

Showing 4 changed files with 44 additions and 2 deletions.
diff --git a/k6/README.md b/k6/README.md
@@ -28,6 +28,10 @@ This test requires a client with a service account to run. E.g if using the defa
 - In the client settings, set the **Access Type** to confidential, and then toggle on **Service accounts enabled**.
 - Make sure that the clientID and clientSecret in [env.js](./env.js) match that client's credentials.
 
+**Do not do this in a production environment**. In the master realm, go to `Authentication->Direct grant` and disable "Condition- user configured" and "OTP".
+
+
+
 If testing a live application, pick an appropriate client to use with a confidential service account.
 
 - Copy `env.example.js` to `env.js`. Provide credentials for an account with permissions to create realms and users. If you are setting up locally, use the baseURL `http://localhost:8080/auth`, and you can use the admin-cli client ID with the admin admin credentials for username and password.

diff --git a/k6/constantRateAllFlows.js b/k6/constantRateAllFlows.js
@@ -21,6 +21,28 @@ export const options = {
           rate: 34,
           preAllocatedVUs: 5,
         },
+        // stress: {
+        //     executor: 'ramping-arrival-rate', //Assure load increase if the system slows
+        //     startRate: 0,
+        //     timeUnit: '1m',
+        //     preAllocatedVUs: 10000,
+        //     stages: [
+        //         // Ramp in 100 req/sec intervals, and hold 5 mins.
+        //         // Each loop runs 3 req/sec, so (target * 3) / 60 = req/sec.
+        //         { duration: '5m', target: 2000 },
+        //         { duration: '5m', target: 2000 },
+        //         { duration: '5m', target: 4000 },
+        //         { duration: '5m', target: 4000 },
+        //         { duration: '5m', target: 6000 },
+        //         { duration: '5m', target: 6000 },
+        //         { duration: '5m', target: 8000 },
+        //         { duration: '5m', target: 8000 },
+        //         { duration: '5m', target: 10000 },
+        //         { duration: '5m', target: 10000 },
+        //     ],
+        // }
+
+
         // stress: {
         //     executor: 'ramping-arrival-rate', //Assure load increase if the system slows
         //     startRate: BASELINE_RATE,

diff --git a/k6/env.example.js b/k6/env.example.js
@@ -2,3 +2,5 @@ export const username = '';
 export const password = '';
 export const clientId = 'admin-cli';
 export const baseUrl  = '<baseurl>/auth';
+// get the client secret from the Credentials tab of client `clientId`
+export const clientSecret = ''
diff --git a/k6/helpers.js b/k6/helpers.js
@@ -44,8 +44,11 @@ function getAccessToken({username, password, clientId, confidential, realm = 'ma
     body['client_secret'] = secret
   }
   if (offline) {
-    body['scope'] = 'email profile offline_access'
+    body['scope'] = 'email profile offline_access openid'
+  } else {
+    body['scope'] = 'email profile openid'
   }
+
   const res = http.post(`${baseUrl}/realms/${realm}/protocol/openid-connect/token`, body);
   try {
     return JSON.parse(res.body).access_token;
@@ -57,6 +60,9 @@ function getAccessToken({username, password, clientId, confidential, realm = 'ma
 function createUser(user, realm, accessToken) {
   const headers = getHeaders(accessToken);
   const res = http.post(`${baseUrl}/admin/realms/${realm}/users`, JSON.stringify(user), { headers });
+  if ( res.status > 299 ){
+    console.log("Create user failed, often cause by 'newrealm-#' being left in the keycloak deployment.")
+  }
   const userId = res.headers.Location.split('/').slice(-1)[0];
   return userId;
 }
@@ -90,13 +96,21 @@ function hitUserInfoRoute(accessToken, realmName) {
   const headers = getHeaders(accessToken)
   const url = `${baseUrl}/realms/${realmName}/protocol/openid-connect/userinfo`
   const result = http.get(url, { headers });
+
+  if ( result.status > 299 ){
+    console.log("The get user info request failed")
+  }
 }
 
 function hitIntrospectionRoute(accessToken, realmName, clientId, clientSecret) {
   const base64Credentials = encoding.b64encode(`${clientId}:${clientSecret}`)
   const url = `${baseUrl}/realms/${realmName}/protocol/openid-connect/token/introspect`;
   const headers = { Authorization: `Basic ${base64Credentials}` }
-  http.post(url, {token: accessToken}, { headers });
+
+  const result = http.post(url, {token: accessToken}, { headers });
+  if ( result.status > 299 ){
+    console.log("The introspection request failed")
+  }
 }
 
 module.exports = {