Setup Authentication for your allure dashboard

We can not keep our reporting dashboard open for anyone. There are two options to restrict the behavior: 
1. Whitelist your IP address (or whoever wants to access your dashboard) into firewall or AWS/GCP respective console 
2. Set up authentication mechanism (same username/password for everyone) 

#1 is not convenient when we are using a dynamic ip address (which is bound to change whenever we re-start the wifi/mobile network). So let’s try and set up an authentication mechanism through which we can access the dashboard. 

Prerequisite: 

You’ve gone through setting up allure reporting with a basic test automation framework and have access to the instance where it is installed. 

PART 1 - System Setup on Ubuntu 18.4 : 

Installing Apache Web Server: 

● sudo apt update 

● sudo apt install apache2 

Creating the Password File: 

Next step is to create a password file which Apache will use to check the username and password. This file will be named .htpasswd and put in a secure location: /etc/apache2 on Ubuntu 16.04, and /etc/httpd on CentOS 7. 

The htpasswd command can be used to either create a password file or add an entry to it. For this first time, we will use the -c flag to create the file and add the username jdoe: 

● CentOS 7:sudo htpasswd -c /etc/httpd/.htpasswd jdoe 

● Ubuntu :sudo htpasswd -c /etc/apache2/.htpasswd jdoe 

You will be prompted to enter and confirm the new password for the user. 

Add a New User to an Existing File 

To add a new user to an existing password file, use the same command without the -c flag. For example, to add a user janedoe the command is: 

● CentOS 7:sudo htpasswd /etc/httpd/.htpasswd janedoe 

● Ubuntu :sudo htpasswd /etc/apache2/.htpasswd janedoe 

You will be prompted to enter and confirm the new password for the user.

Configure Apache to allow .htaccess files 

Open the main Apache configuration file for editing with the command: ● sudo nano /etc/apache2/apache2.conf

Scroll down to the <Directory> section for "/var/www" and change AllowOverride to All. 

<Directory /var/www/> 

Options Indexes FollowSymLinks 

AllowOverride All 

Require all granted 

</Directory> 

Save and exit the file. Then restart Apache for the changes to take effect: 

> sudo systemctl restart apache2 

Adding .htaccess file to reporting dashboard: 

cd /var/www/html 

sudo nano .htaccess 

Add following into the .htaccess file 

AuthType Basic 

AuthName "Password Required" 

Require valid-user 

AuthUserFile /etc/apache2/.htpasswd

PART II. Adding test report files to the Apache Web Server 

The following image shows how to host Allure Report on the web server. 

Allure Test Execution Report File: 

On test execution of Each and every pipeline/project in Jenkins, a separate folder is created names as ‘allure-results’ 

This folder contains the raw Test Report file. 

Common Directory for storing the contents from ‘allure-results’ folder The contents from the individual ‘allure-results’ from each Jenkins pipeline / project needs to be copied here.

Jenkins Command for copying: 

sudo cp allure-results/* /home/ubuntu/rawReport 

Run Allure tool to process raw files from common directory to path of Reporting dashboard: 

Jenkins Command for copying: 

sudo 

/var/lib/jenkins/tools/ru.yandex.qatools.allure.jenkins.tools.AllureCommandlineInstallation/Allure_Auto/bin/allure generate /home/ubuntu/rawReport -c -o /var/www/html/ 

Copying .htaccess folder to /var/www/html/ for Password Protection 

The .htaccess file needs to be copied every time as it’s deleted in the earlier access. For convenience the .htaccess file can be stored and recopied every time. 

sudo cp /var/lib/jenkins/properties/.htaccess /var/www/html/

Conclusion: 

By incorporating the above in Test infrastructure will help with below: 

1. A common Dashboard with application health and test status from all projects are available to the stakeholders. 

2. User friendly, easy to use and highly customizable Reporting dashboard as per user needs, thanks to use of Allure tool. 

3. Efforts saving in debugging/reproducing issues due to detailed logs and error screenshots.
4. A secure and convenient way to share the reporting status with other stakeholders.