OpenFGA¶
Since v0.30.0
Introduction¶
The Testcontainers module for OpenFGA.
Adding this module to your project dependencies¶
Please run the following command to add the OpenFGA module to your Go dependencies:
go get github.com/testcontainers/testcontainers-go/modules/openfga
Usage example¶
ctx := context.Background()
openfgaContainer, err := openfga.Run(ctx, "openfga/openfga:v1.5.0")
defer func() {
if err := testcontainers.TerminateContainer(openfgaContainer); err != nil {
log.Printf("failed to terminate container: %s", err)
}
}()
if err != nil {
log.Printf("failed to start container: %s", err)
return
}
Module Reference¶
Run function¶
- Since v0.32.0
Info
The RunContainer(ctx, opts...)
function is deprecated and will be removed in the next major release of Testcontainers for Go.
The OpenFGA module exposes one entrypoint function to create the OpenFGA container, and this function receives three parameters:
func Run(ctx context.Context, img string, opts ...testcontainers.ContainerCustomizer) (*OpenFGAContainer, error)
context.Context
, the Go context.string
, the Docker image to use.testcontainers.ContainerCustomizer
, a variadic argument for passing options.
Image¶
Use the second argument in the Run
function to set a valid Docker image.
In example: Run(context.Background(), "openfga/openfga:v1.5.0")
.
Container Options¶
When starting the OpenFGA container, you can pass options in a variadic way to configure it.
The following options are exposed by the testcontainers
package.
Basic Options¶
WithExposedPorts
Since v0.37.0WithEnv
Since v0.29.0WithWaitStrategy
Since v0.20.0WithAdditionalWaitStrategy
Not available until the next release mainWithWaitStrategyAndDeadline
Since v0.20.0WithAdditionalWaitStrategyAndDeadline
Not available until the next release mainWithEntrypoint
Since v0.37.0WithEntrypointArgs
Since v0.37.0WithCmd
Since v0.37.0WithCmdArgs
Since v0.37.0WithLabels
Since v0.37.0
Lifecycle Options¶
WithLifecycleHooks
Not available until the next release mainWithAdditionalLifecycleHooks
Not available until the next release mainWithStartupCommand
Since v0.25.0WithAfterReadyCommand
Since v0.28.0
Files & Mounts Options¶
WithFiles
Since v0.37.0WithMounts
Since v0.37.0WithTmpfs
Since v0.37.0WithImageMount
Since v0.37.0
Build Options¶
WithDockerfile
Since v0.37.0
Logging Options¶
WithLogConsumers
Since v0.28.0WithLogConsumerConfig
Not available until the next release mainWithLogger
Since v0.29.0
Image Options¶
WithAlwaysPull
Not available until the next release mainWithImageSubstitutors
Since v0.26.0WithImagePlatform
Not available until the next release main
Networking Options¶
WithNetwork
Since v0.27.0WithNetworkByName
Not available until the next release mainWithBridgeNetwork
Not available until the next release mainWithNewNetwork
Since v0.27.0
Advanced Options¶
WithHostPortAccess
Since v0.31.0WithConfigModifier
Since v0.20.0WithHostConfigModifier
Since v0.20.0WithEndpointSettingsModifier
Since v0.20.0CustomizeRequest
Since v0.20.0WithName
Not available until the next release mainWithNoStart
Not available until the next release main
Experimental Options¶
WithReuseByName
Since v0.37.0
Container Methods¶
The OpenFGA container exposes the following methods:
HttpEndpoint¶
- Since v0.30.0
This method returns the HTTP endpoint to connect to the OpenFGA container, using the 8080
port.
httpEndpoint, err := openfgaContainer.HttpEndpoint(context.Background())
if err != nil {
log.Printf("failed to get HTTP endpoint: %s", err)
return
}
GrpcEndpoint¶
- Since v0.30.0
This method returns the gRPC endpoint to connect to the OpenFGA container, using the 8081
port.
Playground URL¶
- Since v0.30.0
In case you want to interact with the openfga playground, please use the PlaygroundEndpoint
method, using the 3000
port.
playgroundEndpoint, err := openfgaContainer.PlaygroundEndpoint(context.Background())
if err != nil {
log.Printf("failed to get playground endpoint: %s", err)
return
}
Examples¶
Writing an OpenFGA model¶
The following example shows how to write an OpenFGA model using the OpenFGA container.
secret := "openfga-secret"
openfgaContainer, err := openfga.Run(
context.Background(),
"openfga/openfga:v1.5.0",
testcontainers.WithEnv(map[string]string{
"OPENFGA_LOG_LEVEL": "warn",
"OPENFGA_AUTHN_METHOD": "preshared",
"OPENFGA_AUTHN_PRESHARED_KEYS": secret,
}),
)
defer func() {
if err := testcontainers.TerminateContainer(openfgaContainer); err != nil {
log.Printf("failed to terminate container: %s", err)
}
}()
if err != nil {
log.Printf("failed to start container: %s", err)
return
}
httpEndpoint, err := openfgaContainer.HttpEndpoint(context.Background())
if err != nil {
log.Printf("failed to get HTTP endpoint: %s", err)
return
}
fgaClient, err := client.NewSdkClient(&client.ClientConfiguration{
ApiUrl: httpEndpoint,
Credentials: &credentials.Credentials{
Method: credentials.CredentialsMethodApiToken,
Config: &credentials.Config{
ApiToken: secret,
},
},
// because we are going to write an authorization model,
// we need to specify a store id. Else, it will fail with
// "Configuration.StoreId is required and must be specified to call this method"
// In this example, it's an arbitrary store id, that will be created
// on the fly.
StoreId: "11111111111111111111111111",
})
if err != nil {
log.Printf("failed to create openfga client: %v", err)
return
}
f, err := os.Open(filepath.Join("testdata", "authorization_model.json"))
if err != nil {
log.Printf("failed to open file: %v", err)
return
}
defer f.Close()
bs, err := io.ReadAll(f)
if err != nil {
log.Printf("failed to read file: %v", err)
return
}
var body client.ClientWriteAuthorizationModelRequest
if err := json.Unmarshal(bs, &body); err != nil {
log.Printf("failed to unmarshal json: %v", err)
return
}
resp, err := fgaClient.WriteAuthorizationModel(context.Background()).Body(body).Execute()
if err != nil {
log.Printf("failed to write authorization model: %v", err)
return
}