refactor: update Dockerfile to use nginx-tsuru

.gitignore

@@ -37,4 +37,7 @@ luac.out
 *.app
 *.i*86
 *.x86_64
-*.hex
+*.hex
+
+#e2e temp files
+e2e/nginx/*.json

Dockerfile.e2e

@@ -0,0 +1,12 @@
+FROM tsuru/nginx-tsuru:1.26.3-main
+
+COPY ./e2e/container/nginx.conf /etc/nginx/nginx.conf
+COPY ./lib/resty/libjwt /usr/local/lib/lua/5.1/resty/libjwt
+RUN mkdir -p /etc/nginx/html
+RUN echo -n '{"message": "content by nginx"}' > /etc/nginx/html/index.html
+
+COPY e2e/nginx/jwks_1.json /usr/share/tokens/jwks1.json
+COPY e2e/nginx/jwks_2.json /usr/share/tokens/jwks2.json
+
+EXPOSE 8888
+CMD ["nginx", "-g", "daemon off;"]

Dockerfile.nginx

@@ -1,21 +1,7 @@
-FROM alpine:3.21.2 as libjwt-builder
+FROM tsuru/nginx-tsuru:1.26.3-main
 
-WORKDIR /home/app
-RUN apk add --no-cache git cmake make gcc g++ jansson-dev openssl-dev 
-RUN git clone https://github.com/benmcollins/libjwt.git && \
-    cd libjwt && \
-    git checkout 8ac4200
+COPY ./nginx.conf /etc/nginx/nginx.conf
+COPY ./lib/resty/libjwt /usr/local/lib/lua/5.1/resty/libjwt
 
-RUN mkdir -p /home/app/libjwt/build && \
-    cd /home/app/libjwt/build && \
-    cmake .. && make && make install
-
-FROM openresty/openresty:1.27.1.1-1-alpine
-
-COPY ./nginx.conf /usr/local/openresty/nginx/conf/nginx.conf
-COPY ./lib/resty/libjwt /usr/local/openresty/lualib/resty/libjwt
-
-RUN apk add --no-cache jansson
-COPY --from=libjwt-builder /usr/local/lib/libjwt.so /usr/local/lib/libjwt.so
 EXPOSE 8888
-CMD ["openresty", "-g", "daemon off;"]
+CMD ["nginx", "-g", "daemon off;"]

e2e/container/container.go

@@ -1,9 +1,6 @@
 package container_test
 
 import (
-	"fmt"
-	"io"
-	"os"
 	"time"
 
 	"github.com/docker/go-connections/nat"
@@ -30,13 +27,7 @@ type File struct {
 }
 
 type ContainerInterface interface {
-	AddFiles(file []File) error
 	GetProps() Props
-	Clear() error
-	Terminate() error
-	NginxToConfigDefault() error
-	ChangeNginxConfigReadFile(nginxPath string) error
-	ChangeNginxConfig(nginxConfig []byte) error
 }
 
 var _ ContainerInterface = (*ContainerTest)(nil)
@@ -71,71 +62,9 @@ func New(ctx context.Context, context string, dockerfile string) (*ContainerTest
 	}
 	container.Props.Port = port.Port()
 	container.Container = nginxContainer
-	if err := container.NginxToConfigDefault(); err != nil {
-		return nil, err
-	}
 	return &container, nil
 }
 
-func (c *ContainerTest) AddFiles(files []File) error {
-	for _, file := range files {
-		c.FilesPath = append(c.FilesPath, file.Path)
-		err := c.Container.CopyToContainer(context.Background(), []byte(file.File), file.Path, 0644)
-		if err != nil {
-			return err
-		}
-	}
-	return nil
-}
-
-func (c *ContainerTest) Clear() error {
-	for _, file := range c.FilesPath {
-		_, _, err := c.Container.Exec(context.Background(), []string{"rm", file})
-		if err != nil {
-			return err
-		}
-	}
-	return c.NginxToConfigDefault()
-}
-
-func (c *ContainerTest) NginxToConfigDefault() error {
-	srcFile, err := os.Open("./container/nginx.conf")
-	if err != nil {
-		return fmt.Errorf("error opening nginx.conf: %w", err)
-	}
-	defer srcFile.Close()
-	fileContent, err := io.ReadAll(srcFile)
-	if err != nil {
-		return fmt.Errorf("error reading nginx.conf: %w", err)
-	}
-	return c.ChangeNginxConfig(fileContent)
-}
-
-func (c *ContainerTest) ChangeNginxConfigReadFile(nginxPath string) error {
-	nginxConf, err := os.ReadFile(nginxPath)
-	if err != nil {
-		return err
-	}
-	return c.ChangeNginxConfig(nginxConf)
-}
-
-func (c *ContainerTest) ChangeNginxConfig(nginxConfig []byte) error {
-	_, _, err := c.Container.Exec(context.Background(), []string{"sh", "-c", "rm ", "/usr/local/openresty/nginx/conf/nginx.conf"})
-	if err != nil {
-		return err
-	}
-	err = c.Container.CopyToContainer(context.Background(), nginxConfig, "/usr/local/openresty/nginx/conf/nginx.conf", 0644)
-	if err != nil {
-		return err
-	}
-	_, _, err = c.Container.Exec(context.Background(), []string{"sh", "-c", "pkill -HUP openresty || openresty"})
-	return err
-}
-
-func (c *ContainerTest) Terminate() error {
-	return c.Container.Terminate(context.Background())
-}
-
 func (c *ContainerTest) GetProps() Props {
 	return c.Props
 }

e2e/container/nginx.conf

@@ -1,5 +1,7 @@
 worker_processes 1;
 
+include modules/*.conf;
+
 events {
     worker_connections 1024;
 }
@@ -13,5 +15,39 @@ http {
             default_type application/json;
             return 200 '{"message": "content by nginx"}';
         }
+
+        location /public {
+            default_type application/json;
+            return 200 '{"message": "Hello, World!"}';
+        }
+
+        location /private {
+            content_by_lua_block {
+                local libjwt = require("resty.libjwt")
+                local cjson = require("cjson.safe")
+                local token, err = libjwt.validate({
+                    jwks_files = {"/usr/share/tokens/jwks1.json", "/usr/share/tokens/jwks2.json"},
+                })
+                ngx.header.content_type = "application/json"
+                if err and err ~= "" then
+                    ngx.status = ngx.HTTP_UNAUTHORIZED
+                    local response = {
+                        message = err
+                    }
+                    return ngx.say(cjson.encode(response))
+                end
+                if token then
+                    local claim_str = cjson.encode(token.claim) or "Invalid token"
+                    ngx.log(ngx.ERR, "Token Claims: " .. claim_str)
+                    ngx.status = ngx.HTTP_OK
+                    return ngx.say(claim_str)
+                end
+                ngx.status = ngx.HTTP_UNAUTHORIZED
+                local response = {
+                    message = "Unauthorized"
+                }
+                return ngx.say(cjson.encode(response))
+            }
+        }
     }
 }