Refactor app instance to Keycloak SSO

app-instance/tests/test_standalone_deploy.py

@@ -0,0 +1,40 @@
+from __future__ import annotations
+
+from pathlib import Path
+
+
+APP_INSTANCE = Path(__file__).resolve().parents[1]
+
+
+def test_standalone_runner_uses_plain_ip_keycloak_redirects() -> None:
+    script = (APP_INSTANCE / "run-standalone.sh").read_text(encoding="utf-8")
+
+    assert 'PUBLIC_URL="${PUBLIC_URL:-http://${HOST_IP}:${HOST_PORT}}"' in script
+    assert "/auth/callback" in script
+    assert "/logout/callback" in script
+    assert "nip.io" not in script
+    assert "instance-registry" not in script
+    assert "router-proxy" not in script
+
+
+def test_env_example_contains_dockerfile_and_keycloak_settings() -> None:
+    env = (APP_INSTANCE / ".env.example").read_text(encoding="utf-8")
+
+    assert "HOST_IP=172.19.0.245" in env
+    assert "KEYCLOAK_ISSUER=https://keycloak.bwgdi.com/realms/beaver" in env
+    assert "KEYCLOAK_CLIENT_ID=beaver-agnet" in env
+    assert "KEYCLOAK_POST_LOGOUT_REDIRECT_URI=" in env
+    assert "NPM_REGISTRY=" in env
+    assert "APT_MIRROR=" in env
+    assert "PYPI_INDEX_URL=" in env
+
+
+def test_app_instance_readme_describes_single_container_contract() -> None:
+    readme = (APP_INSTANCE / "README.md").read_text(encoding="utf-8")
+
+    assert "单体 app instance" in readme
+    assert "redirect_uri" in readme
+    assert "web_origin" in readme
+    assert "post_logout_redirect_uri" in readme
+    assert "nip.io" not in readme
+    assert "每个用户一个实例" not in readme