OpenFGA¶
Since v0.30.0
Introduction¶
The Testcontainers module for OpenFGA.
Adding this module to your project dependencies¶
Please run the following command to add the OpenFGA module to your Go dependencies:
go get github.com/testcontainers/testcontainers-go/modules/openfga
Usage example¶
ctx := context.Background()
openfgaContainer, err := openfga.Run(ctx, "openfga/openfga:v1.5.0")
defer func() {
if err := testcontainers.TerminateContainer(openfgaContainer); err != nil {
log.Printf("failed to terminate container: %s", err)
}
}()
if err != nil {
log.Printf("failed to start container: %s", err)
return
}
Module Reference¶
Run function¶
- Since v0.32.0
Info
The RunContainer(ctx, opts...) function is deprecated and will be removed in the next major release of Testcontainers for Go.
The OpenFGA module exposes one entrypoint function to create the OpenFGA container, and this function receives three parameters:
func Run(ctx context.Context, img string, opts ...testcontainers.ContainerCustomizer) (*OpenFGAContainer, error)
context.Context, the Go context.string, the Docker image to use.testcontainers.ContainerCustomizer, a variadic argument for passing options.
Image¶
Use the second argument in the Run function to set a valid Docker image.
In example: Run(context.Background(), "openfga/openfga:v1.5.0").
Container Options¶
When starting the OpenFGA container, you can pass options in a variadic way to configure it.
The following options are exposed by the testcontainers package.
Basic Options¶
WithExposedPortsSince v0.37.0WithEnvSince v0.29.0WithWaitStrategySince v0.20.0WithAdditionalWaitStrategyNot available until the next release mainWithWaitStrategyAndDeadlineSince v0.20.0WithAdditionalWaitStrategyAndDeadlineNot available until the next release mainWithEntrypointSince v0.37.0WithEntrypointArgsSince v0.37.0WithCmdSince v0.37.0WithCmdArgsSince v0.37.0WithLabelsSince v0.37.0
Lifecycle Options¶
WithLifecycleHooksNot available until the next release mainWithAdditionalLifecycleHooksNot available until the next release mainWithStartupCommandSince v0.25.0WithAfterReadyCommandSince v0.28.0
Files & Mounts Options¶
WithFilesSince v0.37.0WithMountsSince v0.37.0WithTmpfsSince v0.37.0WithImageMountSince v0.37.0
Build Options¶
WithDockerfileSince v0.37.0
Logging Options¶
WithLogConsumersSince v0.28.0WithLogConsumerConfigNot available until the next release mainWithLoggerSince v0.29.0
Image Options¶
WithAlwaysPullNot available until the next release mainWithImageSubstitutorsSince v0.26.0WithImagePlatformNot available until the next release main
Networking Options¶
WithNetworkSince v0.27.0WithNetworkByNameNot available until the next release mainWithBridgeNetworkNot available until the next release mainWithNewNetworkSince v0.27.0
Advanced Options¶
WithHostPortAccessSince v0.31.0WithConfigModifierSince v0.20.0WithHostConfigModifierSince v0.20.0WithEndpointSettingsModifierSince v0.20.0CustomizeRequestSince v0.20.0WithNameNot available until the next release mainWithNoStartNot available until the next release main
Experimental Options¶
WithReuseByNameSince v0.37.0
Container Methods¶
The OpenFGA container exposes the following methods:
HttpEndpoint¶
- Since v0.30.0
This method returns the HTTP endpoint to connect to the OpenFGA container, using the 8080 port.
httpEndpoint, err := openfgaContainer.HttpEndpoint(context.Background())
if err != nil {
log.Printf("failed to get HTTP endpoint: %s", err)
return
}
GrpcEndpoint¶
- Since v0.30.0
This method returns the gRPC endpoint to connect to the OpenFGA container, using the 8081 port.
Playground URL¶
- Since v0.30.0
In case you want to interact with the openfga playground, please use the PlaygroundEndpoint method, using the 3000 port.
playgroundEndpoint, err := openfgaContainer.PlaygroundEndpoint(context.Background())
if err != nil {
log.Printf("failed to get playground endpoint: %s", err)
return
}
Examples¶
Writing an OpenFGA model¶
The following example shows how to write an OpenFGA model using the OpenFGA container.
secret := "openfga-secret"
openfgaContainer, err := openfga.Run(
context.Background(),
"openfga/openfga:v1.5.0",
testcontainers.WithEnv(map[string]string{
"OPENFGA_LOG_LEVEL": "warn",
"OPENFGA_AUTHN_METHOD": "preshared",
"OPENFGA_AUTHN_PRESHARED_KEYS": secret,
}),
)
defer func() {
if err := testcontainers.TerminateContainer(openfgaContainer); err != nil {
log.Printf("failed to terminate container: %s", err)
}
}()
if err != nil {
log.Printf("failed to start container: %s", err)
return
}
httpEndpoint, err := openfgaContainer.HttpEndpoint(context.Background())
if err != nil {
log.Printf("failed to get HTTP endpoint: %s", err)
return
}
fgaClient, err := client.NewSdkClient(&client.ClientConfiguration{
ApiUrl: httpEndpoint,
Credentials: &credentials.Credentials{
Method: credentials.CredentialsMethodApiToken,
Config: &credentials.Config{
ApiToken: secret,
},
},
// because we are going to write an authorization model,
// we need to specify a store id. Else, it will fail with
// "Configuration.StoreId is required and must be specified to call this method"
// In this example, it's an arbitrary store id, that will be created
// on the fly.
StoreId: "11111111111111111111111111",
})
if err != nil {
log.Printf("failed to create openfga client: %v", err)
return
}
f, err := os.Open(filepath.Join("testdata", "authorization_model.json"))
if err != nil {
log.Printf("failed to open file: %v", err)
return
}
defer f.Close()
bs, err := io.ReadAll(f)
if err != nil {
log.Printf("failed to read file: %v", err)
return
}
var body client.ClientWriteAuthorizationModelRequest
if err := json.Unmarshal(bs, &body); err != nil {
log.Printf("failed to unmarshal json: %v", err)
return
}
resp, err := fgaClient.WriteAuthorizationModel(context.Background()).Body(body).Execute()
if err != nil {
log.Printf("failed to write authorization model: %v", err)
return
}