Keycloak CI workflow refactoring (#15968)
* Keycloak CI workflow refactoring Closes #15861 * Update testsuite/integration-arquillian/tests/base/testsuites/base-suite.sh Co-authored-by: Hynek Mlnařík <hmlnarik@users.noreply.github.com> * Update testsuite/integration-arquillian/tests/base/testsuites/suite.sh Co-authored-by: Hynek Mlnařík <hmlnarik@users.noreply.github.com> * Update testsuite/integration-arquillian/tests/base/testsuites/suite.sh Co-authored-by: Hynek Mlnařík <hmlnarik@users.noreply.github.com> * Update CodeQL actions Co-authored-by: Hynek Mlnařík <hmlnarik@users.noreply.github.com>
This commit is contained in:
parent
6f802b5c1f
commit
a5670af745
35 changed files with 1027 additions and 925 deletions
82
.github/actions/build-keycloak/action.yml
vendored
Normal file
82
.github/actions/build-keycloak/action.yml
vendored
Normal file
|
@ -0,0 +1,82 @@
|
|||
name: Build Keycloak
|
||||
description: Builds Keycloak providing Maven repository with all artifacts
|
||||
|
||||
inputs:
|
||||
upload-m2-repo:
|
||||
description: Upload Maven repository for org.keycloak artifacts
|
||||
required: false
|
||||
default: true
|
||||
upload-dist:
|
||||
description: Upload distribution
|
||||
required: false
|
||||
default: false
|
||||
jdk-dist:
|
||||
description: JDK distribution
|
||||
required: false
|
||||
default: temurin
|
||||
jdk-version:
|
||||
description: JDK version
|
||||
required: false
|
||||
default: 11
|
||||
|
||||
runs:
|
||||
using: composite
|
||||
steps:
|
||||
- id: setup-java
|
||||
name: Setup Java
|
||||
uses: actions/setup-java@v3
|
||||
with:
|
||||
distribution: ${{ inputs.jdk-dist }}
|
||||
java-version: ${{ inputs.jdk-version }}
|
||||
|
||||
- id: maven-cache
|
||||
name: Maven cache
|
||||
uses: ./.github/actions/maven-cache
|
||||
|
||||
- id: phantomjs-cache
|
||||
name: PhantomJS cache
|
||||
uses: ./.github/actions/phantomjs-cache
|
||||
|
||||
- id: npm-cache
|
||||
name: NPM cache
|
||||
uses: ./.github/actions/npm-cache
|
||||
|
||||
- id: build-keycloak
|
||||
name: Build Keycloak
|
||||
shell: bash
|
||||
run: |
|
||||
MVN_HTTP_CONFIG="-Dhttp.keepAlive=false -Dmaven.wagon.http.pool=false -Dmaven.wagon.http.retryHandler.class=standard -Dmaven.wagon.http.retryHandler.count=3 -Dmaven.wagon.httpconnectionManager.ttlSeconds=120"
|
||||
./mvnw install -nsu -B -e -DskipTests -DskipExamples $MVN_HTTP_CONFIG
|
||||
|
||||
- id: compress-keycloak-maven-repository
|
||||
name: Compress Keycloak Maven artifacts
|
||||
if: inputs.upload-m2-repo == 'true'
|
||||
shell: bash
|
||||
run: |
|
||||
tar -C ~/ --use-compress-program zstd -cf m2-keycloak.tzts \
|
||||
--exclude '*.tar.gz' \
|
||||
.m2/repository/org/keycloak
|
||||
|
||||
- id: upload-keycloak-maven-repository
|
||||
name: Upload Keycloak Maven artifacts
|
||||
if: inputs.upload-m2-repo == 'true'
|
||||
uses: actions/upload-artifact@v3
|
||||
with:
|
||||
name: m2-keycloak.tzts
|
||||
path: m2-keycloak.tzts
|
||||
retention-days: 1
|
||||
|
||||
- id: upload-keycloak-dist
|
||||
name: Upload Keycloak dist
|
||||
if: inputs.upload-dist == 'true'
|
||||
uses: actions/upload-artifact@v3
|
||||
with:
|
||||
name: keycloak-dist
|
||||
path: quarkus/dist/target/keycloak*.tar.gz
|
||||
retention-days: 1
|
||||
|
||||
- id: maven-cache-cleanup
|
||||
name: Maven cache cleanup
|
||||
if: steps.maven-cache.outputs.cache-hit != 'true'
|
||||
shell: bash
|
||||
run: rm -rf ~/.m2/repository/org/keycloak
|
49
.github/actions/changed-files/action.yml
vendored
Normal file
49
.github/actions/changed-files/action.yml
vendored
Normal file
|
@ -0,0 +1,49 @@
|
|||
name: Changed Files
|
||||
description: Checks changes against target branch
|
||||
|
||||
outputs:
|
||||
java:
|
||||
description: Changes to Java files
|
||||
value: ${{ steps.changes.outputs.java }}
|
||||
themes:
|
||||
description: Changes to themes
|
||||
value: ${{ steps.changes.outputs.themes }}
|
||||
js-adapter:
|
||||
description: Changes to JavaScript adapter
|
||||
value: ${{ steps.changes.outputs.js-adapter }}
|
||||
|
||||
runs:
|
||||
using: composite
|
||||
steps:
|
||||
- id: changes
|
||||
name: Find changes
|
||||
shell: bash
|
||||
run: |
|
||||
BASE_REF=${{ github.base_ref }}
|
||||
|
||||
changed () {
|
||||
git diff --name-only origin/${{ github.base_ref }} | grep -E "$1" &>/dev/null && echo true || echo false
|
||||
}
|
||||
|
||||
if [ "$BASE_REF" != "" ]; then
|
||||
echo "Checking changes against orgin/$BASE_REF"
|
||||
git fetch origin
|
||||
|
||||
JAVA=`changed '^.*/.*.java$'`
|
||||
THEMES=`changed '^themes/src/main/.*$'`
|
||||
JS_ADAPTER=`changed '^adapters/oidc/js/.*$'`
|
||||
else
|
||||
echo "Not a pull request, marking everything as changed"
|
||||
|
||||
JAVA=true
|
||||
THEMES=true
|
||||
JS_ADAPTER=true
|
||||
fi
|
||||
|
||||
echo "Java changed: $JAVA"
|
||||
echo "Themes changed: $THEMES"
|
||||
echo "JS adapter changed: $JS_ADAPTER"
|
||||
|
||||
echo "java=$JAVA" >> $GITHUB_OUTPUT
|
||||
echo "themes=$THEMES" >> $GITHUB_OUTPUT
|
||||
echo "js-adapter=$JS_ADAPTER" >> $GITHUB_OUTPUT
|
34
.github/actions/checks-job-pass/action.yml
vendored
Normal file
34
.github/actions/checks-job-pass/action.yml
vendored
Normal file
|
@ -0,0 +1,34 @@
|
|||
name: Check if a job passed
|
||||
description: Fails if the job is required and was not successful
|
||||
|
||||
inputs:
|
||||
required:
|
||||
description: Is the job required
|
||||
required: true
|
||||
default: true
|
||||
conclusion:
|
||||
description: Job conclusion (success if passed, most likely empty otherwise)
|
||||
required: true
|
||||
|
||||
outputs:
|
||||
status:
|
||||
description: "Check status"
|
||||
value: ${{ steps.changes.outputs.java }}
|
||||
|
||||
runs:
|
||||
using: "composite"
|
||||
steps:
|
||||
- id: check-job
|
||||
name: Check job
|
||||
shell: bash
|
||||
run: |
|
||||
if [ "${{ inputs.required }}" == "false" ]; then
|
||||
echo "Not required to run, skipping"
|
||||
else
|
||||
if [ "${{ inputs.conclusion }}" == "success" ]; then
|
||||
echo "Success"
|
||||
else
|
||||
echo "Required to run, but didn't succeed"
|
||||
exit 1
|
||||
fi
|
||||
fi
|
16
.github/actions/checks-success/action.yml
vendored
Normal file
16
.github/actions/checks-success/action.yml
vendored
Normal file
|
@ -0,0 +1,16 @@
|
|||
name: Mark job as successful
|
||||
description: Workaround for GitHub Actions not setting conclusion on jobs passed through needs
|
||||
|
||||
outputs:
|
||||
conclusion:
|
||||
description: Conclusion
|
||||
value: ${{ steps.check.outputs.conclusion }}
|
||||
|
||||
runs:
|
||||
using: composite
|
||||
steps:
|
||||
- id: check
|
||||
name: Set success
|
||||
shell: bash
|
||||
run: |
|
||||
echo "conclusion=success" >> $GITHUB_OUTPUT
|
41
.github/actions/integration-test-setup/action.yml
vendored
Normal file
41
.github/actions/integration-test-setup/action.yml
vendored
Normal file
|
@ -0,0 +1,41 @@
|
|||
name: Setup integration test
|
||||
description: Download Maven caches needed for integration tests
|
||||
|
||||
inputs:
|
||||
jdk-dist:
|
||||
description: JDK distribution
|
||||
required: false
|
||||
default: temurin
|
||||
jdk-version:
|
||||
description: JDK version
|
||||
required: false
|
||||
default: 11
|
||||
|
||||
runs:
|
||||
using: composite
|
||||
steps:
|
||||
- id: setup-java
|
||||
name: Setup Java
|
||||
uses: actions/setup-java@v3
|
||||
with:
|
||||
distribution: ${{ inputs.jdk-dist }}
|
||||
java-version: ${{ inputs.jdk-version }}
|
||||
|
||||
- id: maven-cache
|
||||
name: Maven cache
|
||||
uses: ./.github/actions/maven-cache
|
||||
|
||||
- id: phantomjs-cache
|
||||
name: PhantomJS cache
|
||||
uses: ./.github/actions/phantomjs-cache
|
||||
|
||||
- id: download-keycloak
|
||||
name: Download Keycloak Maven artifacts
|
||||
uses: actions/download-artifact@v3
|
||||
with:
|
||||
name: m2-keycloak.tzts
|
||||
|
||||
- id: extract-maven-artifacts
|
||||
name: Extract Keycloak Maven artifacts
|
||||
shell: bash
|
||||
run: tar -C ~/ --use-compress-program unzstd -xf m2-keycloak.tzts
|
28
.github/actions/maven-cache/action.yml
vendored
Normal file
28
.github/actions/maven-cache/action.yml
vendored
Normal file
|
@ -0,0 +1,28 @@
|
|||
name: Maven Cache
|
||||
description: Caches Maven artifacts
|
||||
|
||||
runs:
|
||||
using: composite
|
||||
steps:
|
||||
- id: weekly-cache-key
|
||||
name: Key for weekly rotation of cache
|
||||
shell: bash
|
||||
run: echo "key=mvn-`date -u "+%Y-%U"`" >> $GITHUB_OUTPUT
|
||||
|
||||
- id: cache-maven-repository
|
||||
name: Maven cache
|
||||
uses: actions/cache@v3
|
||||
with:
|
||||
path: ~/.m2/repository
|
||||
key: ${{ steps.weekly-cache-key.outputs.key }}
|
||||
|
||||
- id: check-maven-cache
|
||||
name: Check cache has no Keycloak artifacts
|
||||
if: steps.cache-maven-repository.outputs.cache-hit == 'true'
|
||||
shell: bash
|
||||
run: |
|
||||
if ( stat ~/.m2/repository/org/keycloak &>/dev/null ); then
|
||||
echo "Found org/keycloak artifacts in Maven repository cache"
|
||||
ls ~/.m2/repository/org/keycloak
|
||||
exit 1
|
||||
fi
|
17
.github/actions/npm-cache/action.yml
vendored
Normal file
17
.github/actions/npm-cache/action.yml
vendored
Normal file
|
@ -0,0 +1,17 @@
|
|||
name: NPM Cache
|
||||
description: Caches NPM artifacts
|
||||
|
||||
runs:
|
||||
using: composite
|
||||
steps:
|
||||
- id: weekly-cache-key
|
||||
name: Key for weekly rotation of cache
|
||||
shell: bash
|
||||
run: echo "key=npm-`date -u "+%Y-%U"`" >> $GITHUB_OUTPUT
|
||||
|
||||
- id: cache-npm-repository
|
||||
name: NPM cache
|
||||
uses: actions/cache@v3
|
||||
with:
|
||||
path: ~/.npm
|
||||
key: ${{ steps.weekly-cache-key.outputs.key }}
|
26
.github/actions/phantomjs-cache/action.yml
vendored
Normal file
26
.github/actions/phantomjs-cache/action.yml
vendored
Normal file
|
@ -0,0 +1,26 @@
|
|||
name: PhantomJS Cache
|
||||
description: Caches PhantomJS driver
|
||||
|
||||
inputs:
|
||||
version:
|
||||
description: PhantomJS Driver version
|
||||
required: false
|
||||
default: 2.1.1
|
||||
|
||||
runs:
|
||||
using: composite
|
||||
steps:
|
||||
- id: cache-phantomjs-driver
|
||||
name: PhantomJS Driver cache
|
||||
uses: actions/cache@v3
|
||||
with:
|
||||
path: ~/.arquillian/drone
|
||||
key: phantomjs-${{ inputs.version }}
|
||||
|
||||
- id: download-phantomjs-driver
|
||||
name: Download PhantomJS Driver
|
||||
if: steps.cache-phantomjs-driver.outputs.cache-hit != 'true'
|
||||
shell: bash
|
||||
run: |
|
||||
mkdir -p ~/.arquillian/drone/phantomjs/${{ inputs.version }}/
|
||||
curl -L https://bitbucket.org/ariya/phantomjs/downloads/phantomjs-${{ inputs.version }}-linux-x86_64.tar.bz2 --output ~/.arquillian/drone/phantomjs/${{ inputs.version }}/phantomjs-${{ inputs.version }}-linux-x86_64.tar.bz2
|
26
.github/actions/unit-test-setup/action.yml
vendored
Normal file
26
.github/actions/unit-test-setup/action.yml
vendored
Normal file
|
@ -0,0 +1,26 @@
|
|||
name: Setup unit test
|
||||
description: Download Maven caches needed for unit tests
|
||||
|
||||
inputs:
|
||||
jdk-dist:
|
||||
description: JDK distribution
|
||||
required: false
|
||||
default: temurin
|
||||
jdk-version:
|
||||
description: JDK version
|
||||
required: false
|
||||
default: 11
|
||||
|
||||
runs:
|
||||
using: composite
|
||||
steps:
|
||||
- id: setup-java
|
||||
name: Setup Java
|
||||
uses: actions/setup-java@v3
|
||||
with:
|
||||
distribution: ${{ inputs.jdk-dist }}
|
||||
java-version: ${{ inputs.jdk-version }}
|
||||
|
||||
- id: maven-cache
|
||||
name: Maven cache
|
||||
uses: ./.github/actions/maven-cache
|
11
.github/scripts/quickstarts/prepare-server.sh
vendored
11
.github/scripts/quickstarts/prepare-server.sh
vendored
|
@ -1,11 +0,0 @@
|
|||
#!/bin/bash -e
|
||||
|
||||
VERSION=$(mvn -q -Dexec.executable=echo -Dexec.args='${project.version}' --non-recursive exec:exec -f keycloak)
|
||||
|
||||
unzip ~/.m2/repository/org/keycloak/keycloak-server-dist/${VERSION}/keycloak-server-dist-${VERSION}.zip
|
||||
mv keycloak-${VERSION} keycloak-dist
|
||||
|
||||
keycloak-dist/bin/add-user-keycloak.sh -u admin -p admin
|
||||
|
||||
# update QS version to match KC version
|
||||
mvn versions:set -DnewVersion=$VERSION -DgenerateBackupPoms=false -DgroupId=org.keycloak* -DartifactId=* -Pbump-version -B
|
48
.github/settings.xml
vendored
48
.github/settings.xml
vendored
|
@ -1,48 +0,0 @@
|
|||
<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0
|
||||
https://maven.apache.org/xsd/settings-1.0.0.xsd">
|
||||
<profiles>
|
||||
<profile>
|
||||
<id>update-policy</id>
|
||||
<activation>
|
||||
<activeByDefault>true</activeByDefault>
|
||||
</activation>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>central</id>
|
||||
<name>Maven Central</name>
|
||||
<url>https://repo.maven.apache.org/maven2</url>
|
||||
<snapshots>
|
||||
<enabled>false</enabled>
|
||||
</snapshots>
|
||||
<releases>
|
||||
<updatePolicy>interval:43200</updatePolicy>
|
||||
</releases>
|
||||
</repository>
|
||||
<repository>
|
||||
<id>jboss-public-repository</id>
|
||||
<name>Jboss Public</name>
|
||||
<url>https://repository.jboss.org/nexus/content/groups/public/</url>
|
||||
<snapshots>
|
||||
<enabled>false</enabled>
|
||||
</snapshots>
|
||||
<releases>
|
||||
<updatePolicy>interval:43200</updatePolicy>
|
||||
</releases>
|
||||
</repository>
|
||||
<repository>
|
||||
<id>redhat-enterprise-maven-repository</id>
|
||||
<name>Red Hat Enterprise Maven Repository</name>
|
||||
<url>https://maven.repository.redhat.com/ga/</url>
|
||||
<snapshots>
|
||||
<enabled>false</enabled>
|
||||
</snapshots>
|
||||
<releases>
|
||||
<updatePolicy>interval:43200</updatePolicy>
|
||||
</releases>
|
||||
</repository>
|
||||
</repositories>
|
||||
</profile>
|
||||
</profiles>
|
||||
</settings>
|
673
.github/workflows/ci.yml
vendored
673
.github/workflows/ci.yml
vendored
|
@ -2,374 +2,198 @@ name: Keycloak CI
|
|||
|
||||
on:
|
||||
push:
|
||||
branches-ignore: [main]
|
||||
# as the ci.yml contains actions that are required for PRs to be merged, it will always need to run on all PRs
|
||||
pull_request: {}
|
||||
branches-ignore:
|
||||
- main
|
||||
- dependabot/**
|
||||
pull_request:
|
||||
schedule:
|
||||
- cron: '0 20,23,2,5 * * *'
|
||||
- cron: 0 20,23,2,5 * * *
|
||||
workflow_dispatch:
|
||||
|
||||
env:
|
||||
DEFAULT_JDK_VERSION: 11
|
||||
MAVEN_OPTS: -Dhttp.keepAlive=false -Dmaven.wagon.http.pool=false -Dmaven.wagon.http.retryHandler.class=standard -Dmaven.wagon.http.retryHandler.count=3 -Dmaven.wagon.httpconnectionManager.ttlSeconds=120
|
||||
DEFAULT_JDK_DIST: temurin
|
||||
|
||||
concurrency:
|
||||
# Only cancel jobs for new commits on PRs, and always do a complete run on other branches (e.g. `main`).
|
||||
# See: https://docs.github.com/en/actions/using-jobs/using-concurrency#example-using-a-fallback-value
|
||||
group: keycloak-ci-${{ github.head_ref || github.run_id }}
|
||||
# Only cancel jobs for PR updates
|
||||
group: ci-${{ github.head_ref || github.run_id }}
|
||||
cancel-in-progress: true
|
||||
|
||||
defaults:
|
||||
run:
|
||||
shell: bash
|
||||
|
||||
jobs:
|
||||
build:
|
||||
name: Build
|
||||
if: ${{ ( github.event_name != 'schedule' ) || ( github.event_name == 'schedule' && github.repository == 'keycloak/keycloak' ) }}
|
||||
if: github.event_name != 'schedule' || github.repository == 'keycloak/keycloak'
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- uses: actions/setup-java@v3
|
||||
with:
|
||||
distribution: 'temurin'
|
||||
java-version: ${{ env.DEFAULT_JDK_VERSION }}
|
||||
cache: 'maven'
|
||||
- name: Update maven settings
|
||||
run: mkdir -p ~/.m2 ; cp .github/settings.xml ~/.m2/
|
||||
|
||||
- name: Build Keycloak
|
||||
run: |
|
||||
./mvnw clean install -nsu -B -e -DskipTests -Pdistribution
|
||||
./mvnw clean install -nsu -B -e -f testsuite/integration-arquillian/servers/auth-server -Pauth-server-quarkus
|
||||
./mvnw clean install -nsu -B -e -f testsuite/integration-arquillian/servers/auth-server -Pauth-server-undertow
|
||||
|
||||
- name: Store Keycloak artifacts
|
||||
id: store-keycloak
|
||||
uses: actions/upload-artifact@v3
|
||||
with:
|
||||
name: keycloak-artifacts.zip
|
||||
retention-days: 1
|
||||
path: |
|
||||
~/.m2/repository/org/keycloak
|
||||
!~/.m2/repository/org/keycloak/**/*.tar.gz
|
||||
|
||||
- name: Remove keycloak artifacts before caching
|
||||
if: steps.cache.outputs.cache-hit != 'true'
|
||||
run: rm -rf ~/.m2/repository/org/keycloak
|
||||
|
||||
# Tests: Regular distribution
|
||||
uses: ./.github/actions/build-keycloak
|
||||
|
||||
unit-tests:
|
||||
name: Unit Tests
|
||||
name: Base UT
|
||||
runs-on: ubuntu-latest
|
||||
needs: build
|
||||
timeout-minutes: 30
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- uses: actions/setup-java@v3
|
||||
with:
|
||||
distribution: 'temurin'
|
||||
java-version: ${{ env.DEFAULT_JDK_VERSION }}
|
||||
cache: 'maven'
|
||||
- name: Update maven settings
|
||||
run: mkdir -p ~/.m2 ; cp .github/settings.xml ~/.m2/
|
||||
- name: Cleanup org.keycloak artifacts
|
||||
run: rm -rf ~/.m2/repository/org/keycloak >/dev/null || true
|
||||
- name: Download built keycloak
|
||||
id: download-keycloak
|
||||
uses: actions/download-artifact@v3
|
||||
with:
|
||||
path: ~/.m2/repository/org/keycloak/
|
||||
name: keycloak-artifacts.zip
|
||||
|
||||
- id: unit-test-setup
|
||||
name: Unit test setup
|
||||
uses: ./.github/actions/unit-test-setup
|
||||
|
||||
- name: Run unit tests
|
||||
run: |
|
||||
if ! ./mvnw install -nsu -B -DskipTestsuite -DskipQuarkus -DskipExamples -f pom.xml; then
|
||||
find . -path '*/target/surefire-reports/*.xml' | zip -q reports-unit-tests.zip -@
|
||||
exit 1
|
||||
fi
|
||||
run: ./mvnw install -nsu -B -DskipTestsuite -DskipQuarkus -DskipExamples
|
||||
|
||||
- name: Analyze Test and/or Coverage Results
|
||||
uses: runforesight/foresight-test-kit-action@v1.3.0
|
||||
if: always() && github.repository == 'keycloak/keycloak'
|
||||
with:
|
||||
api_key: ${{ secrets.FORESIGHT_API_KEY }}
|
||||
test_format: JUNIT
|
||||
test_framework: JUNIT
|
||||
test_path: '**/target/surefire-reports/*.xml'
|
||||
|
||||
- name: Unit test reports
|
||||
uses: actions/upload-artifact@v3
|
||||
if: failure()
|
||||
with:
|
||||
name: reports-unit-tests
|
||||
retention-days: 14
|
||||
path: reports-unit-tests.zip
|
||||
if-no-files-found: ignore
|
||||
|
||||
crypto-tests:
|
||||
name: Crypto Tests
|
||||
runs-on: ubuntu-latest
|
||||
needs: build
|
||||
timeout-minutes: 20
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- uses: actions/setup-java@v3
|
||||
with:
|
||||
distribution: 'temurin'
|
||||
java-version: ${{ env.DEFAULT_JDK_VERSION }}
|
||||
cache: 'maven'
|
||||
- name: Update maven settings
|
||||
run: mkdir -p ~/.m2 ; cp .github/settings.xml ~/.m2/
|
||||
- name: Cleanup org.keycloak artifacts
|
||||
run: rm -rf ~/.m2/repository/org/keycloak >/dev/null || true
|
||||
- name: Download built keycloak
|
||||
id: download-keycloak
|
||||
uses: actions/download-artifact@v3
|
||||
with:
|
||||
path: ~/.m2/repository/org/keycloak/
|
||||
name: keycloak-artifacts.zip
|
||||
- name: Run crypto tests (BCFIPS non-approved mode)
|
||||
run: |
|
||||
if ! ./mvnw install -nsu -B -f crypto/pom.xml -Dcom.redhat.fips=true; then
|
||||
find . -path 'crypto/target/surefire-reports/*.xml' | zip -q reports-crypto-tests.zip -@
|
||||
exit 1
|
||||
fi
|
||||
|
||||
- name: Run crypto tests (BCFIPS approved mode)
|
||||
run: |
|
||||
if ! ./mvnw install -nsu -B -f crypto/pom.xml -Dcom.redhat.fips=true -Dorg.bouncycastle.fips.approved_only=true; then
|
||||
find . -path 'crypto/target/surefire-reports/*.xml' | zip -q reports-crypto-tests.zip -@
|
||||
exit 1
|
||||
fi
|
||||
|
||||
- name: Crypto test reports
|
||||
uses: actions/upload-artifact@v3
|
||||
if: failure()
|
||||
with:
|
||||
name: reports-crypto-tests
|
||||
retention-days: 14
|
||||
path: reports-crypto-tests.zip
|
||||
if-no-files-found: ignore
|
||||
|
||||
model-tests:
|
||||
name: Model Tests
|
||||
runs-on: ubuntu-latest
|
||||
needs: build
|
||||
timeout-minutes: 60
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- uses: actions/setup-java@v3
|
||||
with:
|
||||
distribution: 'temurin'
|
||||
java-version: ${{ env.DEFAULT_JDK_VERSION }}
|
||||
cache: 'maven'
|
||||
- name: Update maven settings
|
||||
run: mkdir -p ~/.m2 ; cp .github/settings.xml ~/.m2/
|
||||
- name: Cleanup org.keycloak artifacts
|
||||
run: rm -rf ~/.m2/repository/org/keycloak >/dev/null || true
|
||||
- name: Download built keycloak
|
||||
id: download-keycloak
|
||||
uses: actions/download-artifact@v3
|
||||
with:
|
||||
path: ~/.m2/repository/org/keycloak/
|
||||
name: keycloak-artifacts.zip
|
||||
- name: Run model tests
|
||||
run: |
|
||||
if ! testsuite/model/test-all-profiles.sh; then
|
||||
find . -path '*/target/surefire-reports*/*.xml' | zip -q reports-model-tests.zip -@
|
||||
exit 1
|
||||
fi
|
||||
|
||||
- name: Analyze Test and/or Coverage Results
|
||||
uses: runforesight/foresight-test-kit-action@v1.3.0
|
||||
if: always() && github.repository == 'keycloak/keycloak'
|
||||
with:
|
||||
api_key: ${{ secrets.FORESIGHT_API_KEY }}
|
||||
test_format: JUNIT
|
||||
test_framework: JUNIT
|
||||
test_path: 'testsuite/model/target/surefire-reports/*.xml'
|
||||
|
||||
- name: Model test reports
|
||||
uses: actions/upload-artifact@v3
|
||||
if: failure()
|
||||
with:
|
||||
name: reports-model-tests
|
||||
retention-days: 14
|
||||
path: reports-model-tests.zip
|
||||
if-no-files-found: ignore
|
||||
|
||||
test:
|
||||
name: Base testsuite
|
||||
base-integration-tests:
|
||||
name: Base IT
|
||||
needs: build
|
||||
runs-on: ubuntu-latest
|
||||
timeout-minutes: 100
|
||||
strategy:
|
||||
matrix:
|
||||
server: ['quarkus', 'quarkus-map', 'quarkus-map-hot-rod', 'quarkus-map-jpa']
|
||||
tests: ['group1','group2','group3']
|
||||
group: [1, 2, 3, 4, 5, 6]
|
||||
fail-fast: false
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
with:
|
||||
fetch-depth: 2
|
||||
|
||||
- name: Check whether HEAD^ contains HotRod storage relevant changes
|
||||
run: echo "GIT_HOTROD_RELEVANT_DIFF=$( git diff --name-only HEAD^ | egrep -ic -e '^model/map-hot-rod|^model/map/|^model/build-processor' )" >> $GITHUB_ENV
|
||||
- id: integration-test-setup
|
||||
name: Integration test setup
|
||||
uses: ./.github/actions/integration-test-setup
|
||||
|
||||
- name: Check whether HotRod storage matrix should be executed
|
||||
if: ${{ endsWith(matrix.server, '-map-hot-rod') && env.GIT_HOTROD_RELEVANT_DIFF == 0 }}
|
||||
run: echo "SHOULD_BE_EXECUTED=false" >> $GITHUB_ENV
|
||||
|
||||
- name: Check whether HEAD^ contains JPA map storage relevant changes
|
||||
run: echo "GIT_MAP_JPA_RELEVANT_DIFF=$( git diff --name-only HEAD^ | egrep -ic -e '^model/map-jpa/|^model/map/|^model/build-processor' )" >> $GITHUB_ENV
|
||||
|
||||
- name: Check whether Map-JPA storage matrix should be executed
|
||||
if: ${{ endsWith(matrix.server, '-map-jpa') && env.GIT_MAP_JPA_RELEVANT_DIFF == 0 }}
|
||||
run: echo "SHOULD_BE_EXECUTED=false" >> $GITHUB_ENV
|
||||
|
||||
- name: Cache Maven packages
|
||||
if: ${{ github.event_name != 'pull_request' || env.SHOULD_BE_EXECUTED != 'false' }}
|
||||
uses: actions/cache@v3
|
||||
with:
|
||||
path: ~/.m2/repository
|
||||
key: cache-2-${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
|
||||
restore-keys: cache-1-${{ runner.os }}-m2
|
||||
|
||||
- name: Download built keycloak
|
||||
if: ${{ github.event_name != 'pull_request' || env.SHOULD_BE_EXECUTED != 'false' }}
|
||||
id: download-keycloak
|
||||
uses: actions/download-artifact@v3
|
||||
with:
|
||||
path: ~/.m2/repository/org/keycloak/
|
||||
name: keycloak-artifacts.zip
|
||||
|
||||
# - name: List M2 repo
|
||||
# run: |
|
||||
# find ~ -name *dist*.zip
|
||||
# ls -lR ~/.m2/repository
|
||||
|
||||
- uses: actions/setup-java@v3
|
||||
if: ${{ github.event_name != 'pull_request' || env.SHOULD_BE_EXECUTED != 'false' }}
|
||||
with:
|
||||
distribution: 'temurin'
|
||||
java-version: ${{ env.DEFAULT_JDK_VERSION }}
|
||||
- name: Update maven settings
|
||||
if: ${{ github.event_name != 'pull_request' || env.SHOULD_BE_EXECUTED != 'false' }}
|
||||
run: mkdir -p ~/.m2 ; cp .github/settings.xml ~/.m2/
|
||||
- name: Prepare test providers
|
||||
if: ${{ matrix.server == 'quarkus' || matrix.server == 'quarkus-map' }}
|
||||
run: ./mvnw clean install -nsu -B -e -f testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers -Pauth-server-quarkus
|
||||
- name: Run base tests
|
||||
if: ${{ github.event_name != 'pull_request' || env.SHOULD_BE_EXECUTED != 'false' }}
|
||||
run: |
|
||||
declare -A PARAMS TESTGROUP
|
||||
PARAMS["quarkus"]="-Pauth-server-quarkus"
|
||||
PARAMS["quarkus-map"]="-Pauth-server-quarkus -Pmap-storage -Dpageload.timeout=90000"
|
||||
PARAMS["quarkus-map-hot-rod"]="-Pauth-server-quarkus -Pmap-storage,map-storage-hot-rod -Dpageload.timeout=90000"
|
||||
PARAMS["quarkus-map-jpa"]="-Pauth-server-quarkus -Pmap-storage,map-storage-jpa -Dpageload.timeout=90000"
|
||||
TESTGROUP["group1"]="-Dtest=!**.crossdc.**,!**.cluster.**,%regex[org.keycloak.testsuite.(a[abc]|ad[a-l]|[^a-q]).*]" # Tests alphabetically before admin tests and those after "r"
|
||||
TESTGROUP["group2"]="-Dtest=!**.crossdc.**,!**.cluster.**,%regex[org.keycloak.testsuite.(ad[^a-l]|a[^a-d]|b).*]" # Admin tests and those starting with "b"
|
||||
TESTGROUP["group3"]="-Dtest=!**.crossdc.**,!**.cluster.**,%regex[org.keycloak.testsuite.([c-q]).*]" # All the rest
|
||||
TESTS=`testsuite/integration-arquillian/tests/base/testsuites/base-suite.sh ${{ matrix.group }}`
|
||||
echo "Tests: $TESTS"
|
||||
./mvnw install -nsu -B -Pauth-server-quarkus -Dtest=$TESTS -pl testsuite/integration-arquillian/tests/base | misc/log/trimmer.sh
|
||||
|
||||
./mvnw clean install -nsu -B ${PARAMS["${{ matrix.server }}"]} ${TESTGROUP["${{ matrix.tests }}"]} -f testsuite/integration-arquillian/tests/base/pom.xml | misc/log/trimmer.sh
|
||||
quarkus-integration-tests:
|
||||
name: Quarkus IT
|
||||
needs: build
|
||||
runs-on: ubuntu-latest
|
||||
timeout-minutes: 115
|
||||
strategy:
|
||||
matrix:
|
||||
server: [zip, container, storage]
|
||||
fail-fast: false
|
||||
env:
|
||||
MAVEN_OPTS: -Xmx1024m
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
TEST_RESULT=${PIPESTATUS[0]}
|
||||
find . -path '*/target/surefire-reports/*.xml' | zip -q reports-${{ matrix.server }}-base-tests-${{ matrix.tests }}.zip -@
|
||||
exit $TEST_RESULT
|
||||
- id: unit-test-setup
|
||||
name: Unit test setup
|
||||
uses: ./.github/actions/unit-test-setup
|
||||
|
||||
- name: Analyze Test and/or Coverage Results
|
||||
uses: runforesight/foresight-test-kit-action@v1.3.0
|
||||
if: always() && github.repository == 'keycloak/keycloak'
|
||||
- name: Run Quarkus integration Tests
|
||||
run: |
|
||||
declare -A PARAMS
|
||||
PARAMS["zip"]=""
|
||||
PARAMS["container"]="-Dkc.quarkus.tests.dist=docker"
|
||||
PARAMS["storage"]="-Ptest-database -Dtest=PostgreSQLDistTest,MariaDBDistTest#testSuccessful,MySQLDistTest#testSuccessful,DatabaseOptionsDistTest,JPAStoreDistTest,HotRodStoreDistTest,MixedStoreDistTest"
|
||||
|
||||
./mvnw install -nsu -B -pl quarkus/tests/integration -am -DskipTests
|
||||
./mvnw test -nsu -B -pl quarkus/tests/integration ${PARAMS["${{ matrix.server }}"]} | misc/log/trimmer.sh
|
||||
|
||||
jdk-integration-tests:
|
||||
name: Java Distribution IT
|
||||
needs: build
|
||||
runs-on: ubuntu-latest
|
||||
timeout-minutes: 100
|
||||
strategy:
|
||||
matrix:
|
||||
dist: [temurin]
|
||||
version: [17, 19]
|
||||
fail-fast: false
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
- id: integration-test-setup
|
||||
name: Integration test setup
|
||||
uses: ./.github/actions/integration-test-setup
|
||||
with:
|
||||
api_key: ${{ secrets.FORESIGHT_API_KEY }}
|
||||
test_format: JUNIT
|
||||
test_framework: JUNIT
|
||||
test_path: 'testsuite/integration-arquillian/tests/base/target/surefire-reports/*.xml'
|
||||
jdk-dist: ${{ matrix.dist }}
|
||||
jdk-version: ${{ matrix.version }}
|
||||
|
||||
- name: Base test reports
|
||||
uses: actions/upload-artifact@v3
|
||||
if: failure()
|
||||
with:
|
||||
name: reports-${{ matrix.server }}-base-tests-${{ matrix.tests }}
|
||||
retention-days: 14
|
||||
path: reports-${{ matrix.server }}-base-tests-${{ matrix.tests }}.zip
|
||||
if-no-files-found: ignore
|
||||
- name: Prepare Quarkus distribution with current JDK
|
||||
run: ./mvnw install -nsu -B -e -pl testsuite/integration-arquillian/servers/auth-server/quarkus
|
||||
|
||||
test-fips:
|
||||
name: Base testsuite (fips)
|
||||
- name: Run base tests
|
||||
run: |
|
||||
TESTS=`testsuite/integration-arquillian/tests/base/testsuites/suite.sh jdk`
|
||||
echo "Tests: $TESTS"
|
||||
./mvnw install -nsu -B -Pauth-server-quarkus -Pdb-${{ matrix.db }} -Dtest=$TESTS -pl testsuite/integration-arquillian/tests/base | misc/log/trimmer.sh
|
||||
|
||||
new-store-integration-tests:
|
||||
name: New Store IT
|
||||
needs: build
|
||||
runs-on: ubuntu-latest
|
||||
timeout-minutes: 45
|
||||
strategy:
|
||||
matrix:
|
||||
server: ['bcfips-nonapproved-pkcs12']
|
||||
tests: ['group1', 'group2']
|
||||
db: [chm, hot-rod, jpa]
|
||||
fail-fast: false
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
with:
|
||||
fetch-depth: 2
|
||||
|
||||
- name: Cache Maven packages
|
||||
uses: actions/cache@v3
|
||||
with:
|
||||
path: ~/.m2/repository
|
||||
key: cache-2-${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
|
||||
restore-keys: cache-1-${{ runner.os }}-m2
|
||||
- id: integration-test-setup
|
||||
name: Integration test setup
|
||||
uses: ./.github/actions/integration-test-setup
|
||||
|
||||
- name: Download built keycloak
|
||||
id: download-keycloak
|
||||
uses: actions/download-artifact@v3
|
||||
with:
|
||||
path: ~/.m2/repository/org/keycloak/
|
||||
name: keycloak-artifacts.zip
|
||||
|
||||
# - name: List M2 repo
|
||||
# run: |
|
||||
# find ~ -name *dist*.zip
|
||||
# ls -lR ~/.m2/repository
|
||||
|
||||
- uses: actions/setup-java@v3
|
||||
with:
|
||||
distribution: 'temurin'
|
||||
java-version: ${{ env.DEFAULT_JDK_VERSION }}
|
||||
- name: Update maven settings
|
||||
run: mkdir -p ~/.m2 ; cp .github/settings.xml ~/.m2/
|
||||
- name: Prepare quarkus distribution with BCFIPS
|
||||
run: ./mvnw clean install -nsu -B -e -f testsuite/integration-arquillian/servers/auth-server/quarkus -Pauth-server-quarkus,auth-server-fips140-2
|
||||
- name: Run base tests
|
||||
run: |
|
||||
declare -A PARAMS TESTGROUP
|
||||
PARAMS["bcfips-nonapproved-pkcs12"]="-Pauth-server-quarkus,auth-server-fips140-2"
|
||||
# Tests in the package "forms" and some keystore related tests
|
||||
TESTGROUP["group1"]="-Dtest=org.keycloak.testsuite.forms.**,ClientAuthSignedJWTTest,CredentialsTest,JavaKeystoreKeyProviderTest,ServerInfoTest,UserFederationLdapConnectionTest,LDAPUserLoginTest"
|
||||
TESTGROUP["group2"]="-Dtest=org.keycloak.testsuite.x509.**,MutualTLSClientTest,FAPI1Test,FAPICIBATest,KcRegTest,KcRegCreateTest,KcAdmTest,KcAdmCreateTest" # Tests for X.509 authentication with users and clients and CLI tests
|
||||
|
||||
./mvnw clean install -nsu -B ${PARAMS["${{ matrix.server }}"]} ${TESTGROUP["${{ matrix.tests }}"]} -f testsuite/integration-arquillian/tests/base/pom.xml | misc/log/trimmer.sh
|
||||
|
||||
TEST_RESULT=${PIPESTATUS[0]}
|
||||
find . -path '*/target/surefire-reports/*.xml' | zip -q reports-${{ matrix.server }}-base-tests-${{ matrix.tests }}.zip -@
|
||||
exit $TEST_RESULT
|
||||
declare -A PARAMS
|
||||
PARAMS["chm"]="-Pmap-storage -Dpageload.timeout=90000"
|
||||
PARAMS["hot-rod"]="-Pmap-storage,map-storage-hot-rod -Dpageload.timeout=90000"
|
||||
PARAMS["jpa"]="-Pmap-storage,map-storage-jpa -Dpageload.timeout=90000"
|
||||
|
||||
- name: Analyze Test and/or Coverage Results
|
||||
uses: runforesight/foresight-test-kit-action@v1.3.0
|
||||
if: always() && github.repository == 'keycloak/keycloak'
|
||||
with:
|
||||
api_key: ${{ secrets.FORESIGHT_API_KEY }}
|
||||
test_format: JUNIT
|
||||
test_framework: JUNIT
|
||||
test_path: 'testsuite/integration-arquillian/tests/base/target/surefire-reports/*.xml'
|
||||
TESTS=`testsuite/integration-arquillian/tests/base/testsuites/suite.sh database`
|
||||
echo "Tests: $TESTS"
|
||||
./mvnw install -nsu -B -Pauth-server-quarkus ${PARAMS["${{ matrix.db }}"]} -Dtest=$TESTS -pl testsuite/integration-arquillian/tests/base | misc/log/trimmer.sh
|
||||
|
||||
- name: Base test reports
|
||||
uses: actions/upload-artifact@v3
|
||||
if: failure()
|
||||
with:
|
||||
name: reports-${{ matrix.server }}-base-tests-${{ matrix.tests }}
|
||||
retention-days: 14
|
||||
path: reports-${{ matrix.server }}-base-tests-${{ matrix.tests }}.zip
|
||||
if-no-files-found: ignore
|
||||
legacy-store-integration-tests:
|
||||
name: Legacy Store IT
|
||||
needs: build
|
||||
runs-on: ubuntu-latest
|
||||
timeout-minutes: 45
|
||||
strategy:
|
||||
matrix:
|
||||
db: [postgres, mysql] # 'mariadb' is not always shutting down, 'mssql', 'oracle11g' containers not available
|
||||
fail-fast: false
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
### Tests: Quarkus distribution
|
||||
- id: integration-test-setup
|
||||
name: Integration test setup
|
||||
uses: ./.github/actions/integration-test-setup
|
||||
|
||||
quarkus-test-cluster:
|
||||
name: Quarkus Test Clustering
|
||||
- name: Run base tests
|
||||
run: |
|
||||
TESTS=`testsuite/integration-arquillian/tests/base/testsuites/suite.sh database`
|
||||
echo "Tests: $TESTS"
|
||||
./mvnw install -nsu -B -Pauth-server-quarkus -Pdb-${{ matrix.db }} -Dtest=$TESTS -pl testsuite/integration-arquillian/tests/base | misc/log/trimmer.sh
|
||||
|
||||
store-model-tests:
|
||||
name: Store Model Tests
|
||||
runs-on: ubuntu-latest
|
||||
needs: build
|
||||
timeout-minutes: 60
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
- id: integration-test-setup
|
||||
name: Integration test setup
|
||||
uses: ./.github/actions/integration-test-setup
|
||||
|
||||
- name: Run model tests
|
||||
run: testsuite/model/test-all-profiles.sh
|
||||
|
||||
clustering-integration-tests:
|
||||
name: Legacy Clustering IT
|
||||
needs: build
|
||||
runs-on: ubuntu-latest
|
||||
timeout-minutes: 35
|
||||
|
@ -378,181 +202,86 @@ jobs:
|
|||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
- uses: actions/setup-java@v3
|
||||
with:
|
||||
distribution: 'temurin'
|
||||
java-version: ${{ env.DEFAULT_JDK_VERSION }}
|
||||
cache: 'maven'
|
||||
- id: integration-test-setup
|
||||
name: Integration test setup
|
||||
uses: ./.github/actions/integration-test-setup
|
||||
|
||||
- name: Cleanup org.keycloak artifacts
|
||||
run: rm -rf ~/.m2/repository/org/keycloak >/dev/null || true
|
||||
|
||||
- name: Download built keycloak
|
||||
id: download-keycloak
|
||||
uses: actions/download-artifact@v3
|
||||
with:
|
||||
path: ~/.m2/repository/org/keycloak/
|
||||
name: keycloak-artifacts.zip
|
||||
- uses: actions/setup-java@v3
|
||||
with:
|
||||
distribution: 'temurin'
|
||||
java-version: ${{ env.DEFAULT_JDK_VERSION }}
|
||||
- name: Update maven settings
|
||||
run: mkdir -p ~/.m2 ; cp .github/settings.xml ~/.m2/
|
||||
- name: Run Quarkus cluster tests
|
||||
- name: Run cluster tests
|
||||
run: |
|
||||
echo '::group::Compiling testsuite'
|
||||
./mvnw clean install -nsu -B -Pauth-server-quarkus -DskipTests -f testsuite/pom.xml
|
||||
echo '::endgroup::'
|
||||
./mvnw clean install -nsu -B -Pauth-server-cluster-quarkus -Dsession.cache.owners=2 -Dtest=**.cluster.** -f testsuite/integration-arquillian/pom.xml | misc/log/trimmer.sh
|
||||
TEST_RESULT=${PIPESTATUS[0]}
|
||||
find . -path '*/target/surefire-reports/*.xml' | zip -q reports-quarkus-cluster-tests.zip -@
|
||||
exit $TEST_RESULT
|
||||
./mvnw install -nsu -B -Pauth-server-cluster-quarkus -Dsession.cache.owners=2 -Dtest=**.cluster.** -pl testsuite/integration-arquillian/tests/base | misc/log/trimmer.sh
|
||||
|
||||
- name: Analyze Test and/or Coverage Results
|
||||
uses: runforesight/foresight-test-kit-action@v1.3.0
|
||||
if: always() && github.repository == 'keycloak/keycloak'
|
||||
with:
|
||||
api_key: ${{ secrets.FORESIGHT_API_KEY }}
|
||||
test_format: JUNIT
|
||||
test_framework: JUNIT
|
||||
test_path: 'testsuite/integration-arquillian/tests/base/target/surefire-reports/*.xml'
|
||||
|
||||
- name: Quarkus cluster test reports
|
||||
uses: actions/upload-artifact@v3
|
||||
if: failure()
|
||||
with:
|
||||
name: reports-quarkus-cluster-tests
|
||||
retention-days: 14
|
||||
path: reports-quarkus-cluster-tests.zip
|
||||
if-no-files-found: ignore
|
||||
|
||||
### Tests: Quarkus distribution
|
||||
|
||||
quarkus-tests:
|
||||
name: Quarkus Tests
|
||||
needs: build
|
||||
fips-unit-tests:
|
||||
name: FIPS UT
|
||||
runs-on: ubuntu-latest
|
||||
timeout-minutes: 115
|
||||
env:
|
||||
MAVEN_OPTS: -Xmx1024m
|
||||
needs: build
|
||||
timeout-minutes: 20
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- uses: actions/setup-java@v3
|
||||
with:
|
||||
distribution: 'temurin'
|
||||
java-version: ${{ env.DEFAULT_JDK_VERSION }}
|
||||
cache: 'maven'
|
||||
- name: Cleanup org.keycloak artifacts
|
||||
run: rm -rf ~/.m2/repository/org/keycloak >/dev/null || true
|
||||
|
||||
- name: Download built keycloak
|
||||
id: download-keycloak
|
||||
uses: actions/download-artifact@v3
|
||||
with:
|
||||
path: ~/.m2/repository/org/keycloak/
|
||||
name: keycloak-artifacts.zip
|
||||
- name: Update maven settings
|
||||
run: mkdir -p ~/.m2 ; cp .github/settings.xml ~/.m2/
|
||||
- id: unit-test-setup
|
||||
name: Unit test setup
|
||||
uses: ./.github/actions/unit-test-setup
|
||||
|
||||
- name: Prepare the local distribution archives
|
||||
run: ./mvnw clean install -DskipTests -Pdistribution
|
||||
- name: Run crypto tests (BCFIPS non-approved mode)
|
||||
run: ./mvnw install -nsu -B -am -pl crypto/default,crypto/fips1402,crypto/elytron -Dcom.redhat.fips=true
|
||||
|
||||
- name: Run Quarkus Integration Tests
|
||||
- name: Run crypto tests (BCFIPS approved mode)
|
||||
run: ./mvnw install -nsu -B -am -pl crypto/default,crypto/fips1402,crypto/elytron -Dcom.redhat.fips=true -Dorg.bouncycastle.fips.approved_only=true
|
||||
|
||||
fips-integration-tests:
|
||||
name: FIPS IT
|
||||
needs: build
|
||||
runs-on: ubuntu-latest
|
||||
timeout-minutes: 45
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
- id: integration-test-setup
|
||||
name: Integration test setup
|
||||
uses: ./.github/actions/integration-test-setup
|
||||
|
||||
- name: Prepare Quarkus distribution with BCFIPS
|
||||
run: ./mvnw install -nsu -B -e -pl testsuite/integration-arquillian/servers/auth-server/quarkus -Pauth-server-quarkus,auth-server-fips140-2
|
||||
|
||||
- name: Run base tests
|
||||
run: |
|
||||
./mvnw clean install -nsu -B -f quarkus/tests/pom.xml | misc/log/trimmer.sh
|
||||
TEST_RESULT=${PIPESTATUS[0]}
|
||||
find . -path '*/target/surefire-reports/*.xml' | zip -q reports-quarkus-tests.zip -@
|
||||
exit $TEST_RESULT
|
||||
TESTS=`testsuite/integration-arquillian/tests/base/testsuites/suite.sh fips`
|
||||
echo "Tests: $TESTS"
|
||||
./mvnw install -nsu -B -Pauth-server-quarkus,auth-server-fips140-2 -Dtest=$TESTS -pl testsuite/integration-arquillian/tests/base | misc/log/trimmer.sh
|
||||
|
||||
- name: Run Quarkus Storage Tests
|
||||
run: |
|
||||
./mvnw clean install -nsu -B -f quarkus/tests/pom.xml -Ptest-database -Dtest=PostgreSQLDistTest,MariaDBDistTest#testSuccessful,MySQLDistTest#testSuccessful,DatabaseOptionsDistTest,JPAStoreDistTest,HotRodStoreDistTest,MixedStoreDistTest | misc/log/trimmer.sh
|
||||
TEST_RESULT=${PIPESTATUS[0]}
|
||||
find . -path '*/target/surefire-reports/*.xml' | zip -q reports-quarkus-tests.zip -@
|
||||
exit $TEST_RESULT
|
||||
check-set-status:
|
||||
name: Set check conclusion
|
||||
needs:
|
||||
- unit-tests
|
||||
- base-integration-tests
|
||||
- quarkus-integration-tests
|
||||
- jdk-integration-tests
|
||||
- new-store-integration-tests
|
||||
- legacy-store-integration-tests
|
||||
- store-model-tests
|
||||
- clustering-integration-tests
|
||||
- fips-unit-tests
|
||||
- fips-integration-tests
|
||||
runs-on: ubuntu-latest
|
||||
outputs:
|
||||
conclusion: ${{ steps.check.outputs.conclusion }}
|
||||
|
||||
- name: Run Quarkus Tests in Docker
|
||||
run: |
|
||||
./mvnw clean install -nsu -B -f quarkus/tests/pom.xml -Dkc.quarkus.tests.dist=docker -Dtest=StartCommandDistTest | misc/log/trimmer.sh
|
||||
TEST_RESULT=${PIPESTATUS[0]}
|
||||
exit $TEST_RESULT
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
- name: Analyze Test and/or Coverage Results
|
||||
uses: runforesight/foresight-test-kit-action@v1.3.0
|
||||
if: always() && github.repository == 'keycloak/keycloak'
|
||||
- id: check
|
||||
uses: ./.github/actions/checks-success
|
||||
|
||||
check:
|
||||
name: Check
|
||||
if: always() && ( github.event_name != 'schedule' || github.repository == 'keycloak/keycloak' )
|
||||
needs: [check-set-status]
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
- name: Check status
|
||||
uses: ./.github/actions/checks-job-pass
|
||||
with:
|
||||
api_key: ${{ secrets.FORESIGHT_API_KEY }}
|
||||
test_format: JUNIT
|
||||
test_framework: JUNIT
|
||||
test_path: 'quarkus/tests/integration/target/surefire-reports/*.xml'
|
||||
|
||||
- name: Quarkus test reports
|
||||
uses: actions/upload-artifact@v3
|
||||
if: failure()
|
||||
with:
|
||||
name: reports-quarkus-tests
|
||||
retention-days: 14
|
||||
path: reports-quarkus-tests.zip
|
||||
if-no-files-found: ignore
|
||||
|
||||
# NOTE: WebAuthn tests can be enabled once the issue #12621 is resolved
|
||||
#
|
||||
# webauthn-test:
|
||||
# name: WebAuthn Tests
|
||||
# needs: build
|
||||
# runs-on: ubuntu-latest
|
||||
# steps:
|
||||
# - uses: actions/checkout@v2
|
||||
# with:
|
||||
# fetch-depth: 2
|
||||
#
|
||||
# - name: Check whether this phase should run
|
||||
# run: echo "GIT_DIFF=$[ $( git diff --name-only HEAD^ | egrep -ic 'webauthn|passwordless' ) ]" >> $GITHUB_ENV
|
||||
#
|
||||
# - uses: actions/setup-java@v1
|
||||
# if: ${{ github.event_name != 'pull_request' || env.GIT_DIFF != 0 }}
|
||||
# with:
|
||||
# java-version: ${{ env.DEFAULT_JDK_VERSION }}
|
||||
#
|
||||
# - name: Update maven settings
|
||||
# if: ${{ github.event_name != 'pull_request' || env.GIT_DIFF != 0 }}
|
||||
# run: mkdir -p ~/.m2 ; cp .github/settings.xml ~/.m2/
|
||||
#
|
||||
# - name: Cache Maven packages
|
||||
# if: ${{ github.event_name != 'pull_request' || env.GIT_DIFF != 0 }}
|
||||
# uses: actions/cache@v2
|
||||
# with:
|
||||
# path: ~/.m2/repository
|
||||
# key: cache-1-${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
|
||||
# restore-keys: cache-1-${{ runner.os }}-m2
|
||||
#
|
||||
# - name: Cleanup org.keycloak artifacts
|
||||
# if: ${{ github.event_name != 'pull_request' || env.GIT_DIFF != 0 }}
|
||||
# run: rm -rf ~/.m2/repository/org/keycloak >/dev/null || true
|
||||
#
|
||||
# - name: Download built keycloak
|
||||
# if: ${{ github.event_name != 'pull_request' || env.GIT_DIFF != 0 }}
|
||||
# id: download-keycloak
|
||||
# uses: actions/download-artifact@v2
|
||||
# with:
|
||||
# path: ~/.m2/repository/org/keycloak/
|
||||
# name: keycloak-artifacts.zip
|
||||
#
|
||||
# - name: Run WebAuthn tests
|
||||
# if: ${{ github.event_name != 'pull_request' || env.GIT_DIFF != 0 }}
|
||||
# run: |
|
||||
# mvn clean install -nsu -B -Dbrowser=chrome -Pwebauthn -f testsuite/integration-arquillian/tests/other/pom.xml -Dtest=org.keycloak.testsuite.webauthn.**.*Test | misc/log/trimmer.sh
|
||||
#
|
||||
# TEST_RESULT=${PIPESTATUS[0]}
|
||||
# find . -path '*/target/surefire-reports/*.xml' | zip -q reports-webauthn-tests.zip -@
|
||||
# exit $TEST_RESULT
|
||||
#
|
||||
# - name: WebAuthn test reports
|
||||
# uses: actions/upload-artifact@v2
|
||||
# if: failure()
|
||||
# with:
|
||||
# name: reports-webauthn-tests
|
||||
# retention-days: 14
|
||||
# path: reports-webauthn-tests.zip
|
||||
# if-no-files-found: ignore
|
||||
conclusion: ${{ needs.check-set-status.outputs.conclusion }}
|
||||
|
|
150
.github/workflows/codeql-analysis.yml
vendored
Normal file
150
.github/workflows/codeql-analysis.yml
vendored
Normal file
|
@ -0,0 +1,150 @@
|
|||
name: CodeQL
|
||||
|
||||
on:
|
||||
push:
|
||||
branches-ignore:
|
||||
- main
|
||||
- dependabot/**
|
||||
pull_request:
|
||||
branches: [main]
|
||||
schedule:
|
||||
- cron: 0 9 * * 2
|
||||
|
||||
concurrency:
|
||||
# Only cancel jobs for PR updates
|
||||
group: codeql-analysis-${{ github.head_ref || github.run_id }}
|
||||
cancel-in-progress: true
|
||||
|
||||
defaults:
|
||||
run:
|
||||
shell: bash
|
||||
|
||||
jobs:
|
||||
|
||||
changes:
|
||||
name: Check changes
|
||||
if: github.event_name != 'schedule' || github.repository == 'keycloak/keycloak'
|
||||
runs-on: ubuntu-latest
|
||||
outputs:
|
||||
java: ${{ steps.changes.outputs.java }}
|
||||
themes: ${{ steps.changes.outputs.themes }}
|
||||
js-adapter: ${{ steps.changes.outputs.js-adapter }}
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
- id: changes
|
||||
uses: ./.github/actions/changed-files
|
||||
|
||||
java:
|
||||
name: CodeQL Java
|
||||
needs: changes
|
||||
runs-on: ubuntu-latest
|
||||
if: needs.changes.outputs.java == 'true'
|
||||
outputs:
|
||||
conclusion: ${{ steps.check.outputs.conclusion }}
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
- name: Initialize CodeQL
|
||||
uses: github/codeql-action/init@v2.1.36
|
||||
with:
|
||||
languages: java
|
||||
|
||||
- name: Build Keycloak
|
||||
uses: ./.github/actions/build-keycloak
|
||||
|
||||
- name: Perform CodeQL Analysis
|
||||
uses: github/codeql-action/analyze@v2.1.36
|
||||
with:
|
||||
wait-for-processing: true
|
||||
env:
|
||||
CODEQL_ACTION_EXTRA_OPTIONS: '{"database":{"interpret-results":["--max-paths",0]}}'
|
||||
|
||||
- id: check
|
||||
uses: ./.github/actions/checks-success
|
||||
|
||||
js-adapter:
|
||||
name: CodeQL JavaScript Adapter
|
||||
needs: changes
|
||||
runs-on: ubuntu-latest
|
||||
if: needs.changes.outputs.js-adapter == 'true'
|
||||
outputs:
|
||||
conclusion: ${{ steps.check.outputs.conclusion }}
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
- name: Initialize CodeQL
|
||||
uses: github/codeql-action/init@v2.1.36
|
||||
env:
|
||||
CODEQL_ACTION_EXTRA_OPTIONS: '{"database":{"finalize":["--no-run-unnecessary-builds"]}}'
|
||||
with:
|
||||
languages: javascript
|
||||
source-root: adapters/oidc/js/src/
|
||||
|
||||
- name: Perform CodeQL Analysis
|
||||
uses: github/codeql-action/analyze@v2.1.36
|
||||
with:
|
||||
wait-for-processing: true
|
||||
env:
|
||||
CODEQL_ACTION_EXTRA_OPTIONS: '{"database":{"interpret-results":["--max-paths",0]}}'
|
||||
|
||||
- id: check
|
||||
uses: ./.github/actions/checks-success
|
||||
|
||||
themes:
|
||||
name: CodeQL Themes
|
||||
needs: changes
|
||||
runs-on: ubuntu-latest
|
||||
if: needs.changes.outputs.themes == 'true'
|
||||
outputs:
|
||||
conclusion: ${{ steps.check.outputs.conclusion }}
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
- name: Initialize CodeQL
|
||||
uses: github/codeql-action/init@v2.1.36
|
||||
env:
|
||||
CODEQL_ACTION_EXTRA_OPTIONS: '{"database":{"finalize":["--no-run-unnecessary-builds"]}}'
|
||||
with:
|
||||
languages: javascript
|
||||
source-root: themes/src/main/
|
||||
|
||||
- name: Perform CodeQL Analysis
|
||||
uses: github/codeql-action/analyze@v2.1.36
|
||||
with:
|
||||
wait-for-processing: true
|
||||
env:
|
||||
CODEQL_ACTION_EXTRA_OPTIONS: '{"database":{"interpret-results":["--max-paths",0]}}'
|
||||
|
||||
- id: check
|
||||
uses: ./.github/actions/checks-success
|
||||
|
||||
check:
|
||||
name: Check
|
||||
if: always() && ( github.event_name != 'schedule' || github.repository == 'keycloak/keycloak' )
|
||||
needs: [changes, java, js-adapter, themes]
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
- name: CodeQL Java
|
||||
uses: ./.github/actions/checks-job-pass
|
||||
with:
|
||||
required: ${{ needs.changes.outputs.java }}
|
||||
conclusion: ${{ needs.java.outputs.conclusion }}
|
||||
|
||||
- name: CodeQL JavaScript Adapter
|
||||
uses: ./.github/actions/checks-job-pass
|
||||
with:
|
||||
required: ${{ needs.changes.outputs.js-adapter }}
|
||||
conclusion: ${{ needs.js-adapter.outputs.conclusion }}
|
||||
|
||||
- name: CodeQL Themes
|
||||
uses: ./.github/actions/checks-job-pass
|
||||
with:
|
||||
required: ${{ needs.changes.outputs.themes }}
|
||||
conclusion: ${{ needs.themes.outputs.conclusion }}
|
59
.github/workflows/codeql-java-analysis.yml
vendored
59
.github/workflows/codeql-java-analysis.yml
vendored
|
@ -1,59 +0,0 @@
|
|||
# For most projects, this workflow file will not need changing; you simply need
|
||||
# to commit it to your repository.
|
||||
#
|
||||
# You may wish to alter this file to override the set of languages analyzed,
|
||||
# or to provide custom queries or build logic.
|
||||
name: "CodeQL Java"
|
||||
|
||||
on:
|
||||
push:
|
||||
branches-ignore:
|
||||
- 'main'
|
||||
- 'dependabot/**'
|
||||
pull_request:
|
||||
branches: [main]
|
||||
paths:
|
||||
- '**.java'
|
||||
- '.github/workflows/codeql-java-analysis.yml'
|
||||
schedule:
|
||||
- cron: '0 9 * * 2'
|
||||
|
||||
concurrency:
|
||||
# Only run once for latest commit per ref and cancel other (previous) runs.
|
||||
group: ${{ github.workflow }}-${{ github.ref }}
|
||||
cancel-in-progress: true
|
||||
|
||||
env:
|
||||
MAVEN_OPTS: -Dhttp.keepAlive=false -Dmaven.wagon.http.pool=false -Dmaven.wagon.http.retryHandler.class=standard -Dmaven.wagon.http.retryHandler.count=3 -Dmaven.wagon.httpconnectionManager.ttlSeconds=120
|
||||
|
||||
jobs:
|
||||
analyze:
|
||||
name: CodeQL analyze
|
||||
runs-on: ubuntu-latest
|
||||
if: github.repository == 'keycloak/keycloak'
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- uses: actions/setup-java@v3
|
||||
with:
|
||||
distribution: 'temurin'
|
||||
java-version: '11'
|
||||
cache: 'maven'
|
||||
|
||||
- name: Update maven settings
|
||||
run: mkdir -p ~/.m2 ; cp .github/settings.xml ~/.m2/
|
||||
|
||||
- name: Initialize CodeQL
|
||||
uses: github/codeql-action/init@v2.1.36
|
||||
with:
|
||||
languages: java
|
||||
|
||||
- name: Build Keycloak
|
||||
run: mvn -B install -DskipTests -DskipQuarkus -DskipTestsuite -DskipExamples -DskipTests
|
||||
|
||||
- name: Perform CodeQL Analysis
|
||||
uses: github/codeql-action/analyze@v2.1.36
|
||||
with:
|
||||
wait-for-processing: true
|
||||
env:
|
||||
CODEQL_ACTION_EXTRA_OPTIONS: '{"database":{"interpret-results":["--max-paths",0]}}'
|
62
.github/workflows/codeql-js-adapter-analysis.yml
vendored
62
.github/workflows/codeql-js-adapter-analysis.yml
vendored
|
@ -1,62 +0,0 @@
|
|||
# For most projects, this workflow file will not need changing; you simply need
|
||||
# to commit it to your repository.
|
||||
#
|
||||
# You may wish to alter this file to override the set of languages analyzed,
|
||||
# or to provide custom queries or build logic.
|
||||
name: "CodeQL JS Adapter"
|
||||
|
||||
on:
|
||||
push:
|
||||
branches-ignore:
|
||||
- 'main'
|
||||
- 'dependabot/**'
|
||||
pull_request:
|
||||
branches: [main]
|
||||
paths:
|
||||
- 'adapters/oidc/js/**'
|
||||
- '.github/workflows/codeql-js-adapter-analysis.yml'
|
||||
schedule:
|
||||
- cron: '0 9 * * 2'
|
||||
|
||||
concurrency:
|
||||
# Only run once for latest commit per ref and cancel other (previous) runs.
|
||||
group: ${{ github.workflow }}-${{ github.ref }}
|
||||
cancel-in-progress: true
|
||||
|
||||
env:
|
||||
MAVEN_OPTS: -Dhttp.keepAlive=false -Dmaven.wagon.http.pool=false -Dmaven.wagon.http.retryHandler.class=standard -Dmaven.wagon.http.retryHandler.count=3 -Dmaven.wagon.httpconnectionManager.ttlSeconds=120
|
||||
|
||||
jobs:
|
||||
analyze:
|
||||
name: CodeQL analyze
|
||||
runs-on: ubuntu-latest
|
||||
if: github.repository == 'keycloak/keycloak'
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- uses: actions/setup-java@v3
|
||||
with:
|
||||
distribution: 'temurin'
|
||||
java-version: '11'
|
||||
cache: 'maven'
|
||||
|
||||
- name: Update maven settings
|
||||
run: mkdir -p ~/.m2 ; cp .github/settings.xml ~/.m2/
|
||||
|
||||
- name: Initialize CodeQL
|
||||
uses: github/codeql-action/init@v2.1.36
|
||||
env:
|
||||
CODEQL_ACTION_EXTRA_OPTIONS: '{"database":{"finalize":["--no-run-unnecessary-builds"]}}'
|
||||
with:
|
||||
languages: javascript
|
||||
source-root: adapters/oidc/js/
|
||||
|
||||
- name: Build Keycloak
|
||||
run: mvn -B install -DskipTests -DskipQuarkus -DskipTestsuite -DskipExamples -DskipTests
|
||||
|
||||
- name: Perform CodeQL Analysis
|
||||
uses: github/codeql-action/analyze@v2.1.36
|
||||
with:
|
||||
wait-for-processing: true
|
||||
env:
|
||||
CODEQL_ACTION_EXTRA_OPTIONS: '{"database":{"interpret-results":["--max-paths",0]}}'
|
62
.github/workflows/codeql-theme-analysis.yml
vendored
62
.github/workflows/codeql-theme-analysis.yml
vendored
|
@ -1,62 +0,0 @@
|
|||
# For most projects, this workflow file will not need changing; you simply need
|
||||
# to commit it to your repository.
|
||||
#
|
||||
# You may wish to alter this file to override the set of languages analyzed,
|
||||
# or to provide custom queries or build logic.
|
||||
name: "CodeQL Themes"
|
||||
|
||||
on:
|
||||
push:
|
||||
branches-ignore:
|
||||
- 'main'
|
||||
- 'dependabot/**'
|
||||
pull_request:
|
||||
branches: [main]
|
||||
paths:
|
||||
- 'themes/src/**'
|
||||
- '.github/workflows/codeql-theme-analysis.yml'
|
||||
schedule:
|
||||
- cron: '0 9 * * 2'
|
||||
|
||||
concurrency:
|
||||
# Only run once for latest commit per ref and cancel other (previous) runs.
|
||||
group: ${{ github.workflow }}-${{ github.ref }}
|
||||
cancel-in-progress: true
|
||||
|
||||
env:
|
||||
MAVEN_OPTS: -Dhttp.keepAlive=false -Dmaven.wagon.http.pool=false -Dmaven.wagon.http.retryHandler.class=standard -Dmaven.wagon.http.retryHandler.count=3 -Dmaven.wagon.httpconnectionManager.ttlSeconds=120
|
||||
|
||||
jobs:
|
||||
analyze:
|
||||
name: CodeQL analyze
|
||||
runs-on: ubuntu-latest
|
||||
if: github.repository == 'keycloak/keycloak'
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- uses: actions/setup-java@v3
|
||||
with:
|
||||
distribution: 'temurin'
|
||||
java-version: '11'
|
||||
cache: 'maven'
|
||||
|
||||
- name: Update maven settings
|
||||
run: mkdir -p ~/.m2 ; cp .github/settings.xml ~/.m2/
|
||||
|
||||
- name: Initialize CodeQL
|
||||
uses: github/codeql-action/init@v2.1.36
|
||||
env:
|
||||
CODEQL_ACTION_EXTRA_OPTIONS: '{"database":{"finalize":["--no-run-unnecessary-builds"]}}'
|
||||
with:
|
||||
languages: javascript
|
||||
source-root: themes/
|
||||
|
||||
- name: Build Keycloak
|
||||
run: mvn -B install -DskipTests -DskipQuarkus -DskipTestsuite -DskipExamples -DskipTests
|
||||
|
||||
- name: Perform CodeQL Analysis
|
||||
uses: github/codeql-action/analyze@v2.1.36
|
||||
with:
|
||||
wait-for-processing: true
|
||||
env:
|
||||
CODEQL_ACTION_EXTRA_OPTIONS: '{"database":{"interpret-results":["--max-paths",0]}}'
|
139
.github/workflows/operator-ci.yml
vendored
139
.github/workflows/operator-ci.yml
vendored
|
@ -2,49 +2,42 @@ name: Keycloak Operator CI
|
|||
|
||||
on:
|
||||
push:
|
||||
branches-ignore: [main]
|
||||
branches-ignore:
|
||||
- main
|
||||
- dependabot/**
|
||||
pull_request:
|
||||
paths-ignore:
|
||||
- '.github/workflows/**'
|
||||
- '!.github/workflows/operator-ci.yml'
|
||||
schedule:
|
||||
- cron: '0 20,22,0,2,4 * * *'
|
||||
- cron: 0 20,23,2,5 * * *
|
||||
workflow_dispatch:
|
||||
|
||||
env:
|
||||
JDK_VERSION: 11
|
||||
MINIKUBE_VERSION: "v1.24.0"
|
||||
KUBERNETES_VERSION: "v1.22.3"
|
||||
MAVEN_OPTS: -Dhttp.keepAlive=false -Dmaven.wagon.http.pool=false -Dmaven.wagon.http.retryHandler.class=standard -Dmaven.wagon.http.retryHandler.count=3 -Dmaven.wagon.httpconnectionManager.ttlSeconds=120
|
||||
DEFAULT_JDK_VERSION: 11
|
||||
DEFAULT_JDK_DIST: temurin
|
||||
MINIKUBE_VERSION: v1.24.0
|
||||
KUBERNETES_VERSION: v1.22.3
|
||||
|
||||
defaults:
|
||||
run:
|
||||
shell: bash
|
||||
|
||||
concurrency:
|
||||
# Only run once for latest commit per ref and cancel other (previous) runs.
|
||||
group: ${{ github.workflow }}-${{ github.ref }}
|
||||
# Only cancel jobs for PR updates
|
||||
group: operator-ci-${{ github.head_ref || github.run_id }}
|
||||
cancel-in-progress: true
|
||||
|
||||
jobs:
|
||||
build:
|
||||
name: Build distribution
|
||||
if: ${{ ( github.event_name != 'schedule' ) || ( github.event_name == 'schedule' && github.repository == 'keycloak/keycloak' ) }}
|
||||
if: github.event_name != 'schedule' || github.repository == 'keycloak/keycloak'
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- name: Update maven settings
|
||||
run: mkdir -p ~/.m2 ; cp .github/settings.xml ~/.m2/
|
||||
- uses: actions/setup-java@v3
|
||||
|
||||
- name: Build Keycloak
|
||||
uses: ./.github/actions/build-keycloak
|
||||
with:
|
||||
distribution: 'temurin'
|
||||
java-version: ${{ env.JDK_VERSION }}
|
||||
cache: 'maven'
|
||||
- name: Create the Keycloak distribution
|
||||
run: |
|
||||
mvn clean install -Pdistribution -DskipTests -DskipExamples -DskipTestsuite
|
||||
- name: Store Keycloak distribution
|
||||
id: store-keycloak
|
||||
uses: actions/upload-artifact@v3
|
||||
with:
|
||||
name: keycloak-distribution
|
||||
retention-days: 1
|
||||
path: quarkus/dist/target/keycloak*.tar.gz
|
||||
upload-m2-repo: false
|
||||
upload-dist: true
|
||||
|
||||
test-local:
|
||||
name: Test local
|
||||
|
@ -52,16 +45,16 @@ jobs:
|
|||
needs: [build]
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- name: Set outputs
|
||||
|
||||
- name: Set version
|
||||
id: vars
|
||||
run: echo "version_local=0.0.1-${GITHUB_SHA::6}" >> $GITHUB_ENV
|
||||
- name: Update maven settings
|
||||
run: mkdir -p ~/.m2 ; cp .github/settings.xml ~/.m2/
|
||||
|
||||
- uses: actions/setup-java@v2
|
||||
with:
|
||||
distribution: 'temurin'
|
||||
java-version: ${{ env.JDK_VERSION }}
|
||||
cache: 'maven'
|
||||
distribution: ${{ env.DEFAULT_JDK_DIST }}
|
||||
java-version: ${{ env.DEFAULT_JDK_VERSION }}
|
||||
|
||||
- name: Setup Minikube-Kubernetes
|
||||
uses: manusa/actions-setup-minikube@v2.7.1
|
||||
with:
|
||||
|
@ -69,13 +62,15 @@ jobs:
|
|||
kubernetes version: ${{ env.KUBERNETES_VERSION }}
|
||||
github token: ${{ secrets.GITHUB_TOKEN }}
|
||||
driver: docker
|
||||
start args: '--addons=ingress'
|
||||
start args: --addons=ingress
|
||||
|
||||
- name: Download keycloak distribution
|
||||
id: download-keycloak-dist
|
||||
uses: actions/download-artifact@v3
|
||||
with:
|
||||
name: keycloak-distribution
|
||||
name: keycloak-dist
|
||||
path: quarkus/container
|
||||
|
||||
- name: Build Keycloak Docker images
|
||||
run: |
|
||||
eval $(minikube -p minikube docker-env)
|
||||
|
@ -84,7 +79,7 @@ jobs:
|
|||
|
||||
- name: Test operator running locally
|
||||
run: |
|
||||
mvn clean install -Poperator -pl :keycloak-operator -am \
|
||||
mvn install -Poperator -pl :keycloak-operator -am \
|
||||
-Dquarkus.kubernetes.image-pull-policy=IfNotPresent \
|
||||
-Doperator.keycloak.image=keycloak:${{ env.version_local }} \
|
||||
-Dtest.operator.custom.image=custom-keycloak:${{ env.version_local }} \
|
||||
|
@ -97,16 +92,16 @@ jobs:
|
|||
needs: [build]
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- name: Set outputs
|
||||
|
||||
- name: Set version
|
||||
id: vars
|
||||
run: echo "version_remote=0.0.1-${GITHUB_SHA::6}" >> $GITHUB_ENV
|
||||
- name: Update maven settings
|
||||
run: mkdir -p ~/.m2 ; cp .github/settings.xml ~/.m2/
|
||||
|
||||
- uses: actions/setup-java@v2
|
||||
with:
|
||||
distribution: 'temurin'
|
||||
java-version: ${{ env.JDK_VERSION }}
|
||||
cache: 'maven'
|
||||
distribution: ${{ env.DEFAULT_JDK_DIST }}
|
||||
java-version: ${{ env.DEFAULT_JDK_VERSION }}
|
||||
|
||||
- name: Setup Minikube-Kubernetes
|
||||
uses: manusa/actions-setup-minikube@v2.7.1
|
||||
with:
|
||||
|
@ -114,13 +109,15 @@ jobs:
|
|||
kubernetes version: ${{ env.KUBERNETES_VERSION }}
|
||||
github token: ${{ secrets.GITHUB_TOKEN }}
|
||||
driver: docker
|
||||
start args: '--addons=ingress'
|
||||
start args: --addons=ingress
|
||||
|
||||
- name: Download keycloak distribution
|
||||
id: download-keycloak-dist
|
||||
uses: actions/download-artifact@v3
|
||||
with:
|
||||
name: keycloak-distribution
|
||||
name: keycloak-dist
|
||||
path: quarkus/container
|
||||
|
||||
- name: Build Keycloak Docker images
|
||||
run: |
|
||||
eval $(minikube -p minikube docker-env)
|
||||
|
@ -130,7 +127,7 @@ jobs:
|
|||
- name: Test operator running in cluster
|
||||
run: |
|
||||
eval $(minikube -p minikube docker-env)
|
||||
mvn clean install -Poperator -pl :keycloak-operator -am \
|
||||
mvn install -Poperator -pl :keycloak-operator -am \
|
||||
-Dquarkus.container-image.build=true \
|
||||
-Dquarkus.kubernetes.image-pull-policy=IfNotPresent \
|
||||
-Doperator.keycloak.image=keycloak:${{ env.version_remote }} \
|
||||
|
@ -145,13 +142,12 @@ jobs:
|
|||
needs: [build]
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- name: Update maven settings
|
||||
run: mkdir -p ~/.m2 ; cp .github/settings.xml ~/.m2/
|
||||
|
||||
- uses: actions/setup-java@v2
|
||||
with:
|
||||
distribution: 'temurin'
|
||||
java-version: ${{ env.JDK_VERSION }}
|
||||
cache: 'maven'
|
||||
distribution: ${{ env.DEFAULT_JDK_DIST }}
|
||||
java-version: ${{ env.DEFAULT_JDK_VERSION }}
|
||||
|
||||
- name: Setup Minikube-Kubernetes
|
||||
uses: manusa/actions-setup-minikube@v2.7.1
|
||||
with:
|
||||
|
@ -159,22 +155,27 @@ jobs:
|
|||
kubernetes version: ${{ env.KUBERNETES_VERSION }}
|
||||
github token: ${{ secrets.GITHUB_TOKEN }}
|
||||
driver: docker
|
||||
|
||||
- name: Install OPM
|
||||
uses: redhat-actions/openshift-tools-installer@v1
|
||||
with:
|
||||
source: "github"
|
||||
opm: "1.21.0"
|
||||
source: github
|
||||
opm: 1.21.0
|
||||
|
||||
- name: Install Yq
|
||||
run: sudo snap install yq
|
||||
|
||||
- name: Install OLM
|
||||
working-directory: operator
|
||||
run: ./scripts/install-olm.sh
|
||||
|
||||
- name: Download keycloak distribution
|
||||
id: download-keycloak-dist
|
||||
uses: actions/download-artifact@v3
|
||||
with:
|
||||
name: keycloak-distribution
|
||||
name: keycloak-dist
|
||||
path: quarkus/container
|
||||
|
||||
- name: Arrange OLM test installation
|
||||
working-directory: operator
|
||||
run: |
|
||||
|
@ -192,3 +193,33 @@ jobs:
|
|||
kubectl apply -f src/main/resources/example-realm.yaml
|
||||
# Wait for the CRs to be ready
|
||||
./scripts/check-examples-installed.sh
|
||||
|
||||
check-set-status:
|
||||
name: Set check conclusion
|
||||
needs:
|
||||
- test-local
|
||||
- test-remote
|
||||
- test-olm
|
||||
runs-on: ubuntu-latest
|
||||
outputs:
|
||||
conclusion: ${{ steps.check.outputs.conclusion }}
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
- id: check
|
||||
uses: ./.github/actions/checks-success
|
||||
|
||||
check:
|
||||
name: Check
|
||||
if: always() && ( github.event_name != 'schedule' || github.repository == 'keycloak/keycloak' )
|
||||
needs: [check-set-status]
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
- name: Check status
|
||||
uses: ./.github/actions/checks-job-pass
|
||||
with:
|
||||
conclusion: ${{ needs.check-set-status.outputs.conclusion }}
|
||||
|
|
45
.github/workflows/snyk-analysis.yml
vendored
Normal file
45
.github/workflows/snyk-analysis.yml
vendored
Normal file
|
@ -0,0 +1,45 @@
|
|||
name: Snyk
|
||||
|
||||
on:
|
||||
schedule:
|
||||
- cron: 0 0 * * *
|
||||
workflow_dispatch:
|
||||
|
||||
defaults:
|
||||
run:
|
||||
shell: bash
|
||||
|
||||
jobs:
|
||||
analysis:
|
||||
name: Analysis of Quarkus and Operator
|
||||
runs-on: ubuntu-latest
|
||||
if: github.repository == 'keycloak/keycloak'
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
- name: Build Keycloak
|
||||
uses: ./.github/actions/build-keycloak
|
||||
|
||||
- uses: snyk/actions/setup@master
|
||||
|
||||
- name: Check for vulnerabilities in Quarkus
|
||||
run: snyk test --policy-path=${GITHUB_WORKSPACE}/.github/snyk/.snyk --all-projects --prune-repeated-subdependencies --exclude=tests --sarif-file-output=quarkus-report.sarif quarkus
|
||||
continue-on-error: true
|
||||
env:
|
||||
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
|
||||
|
||||
- name: Upload Quarkus scanner results to GitHub
|
||||
uses: github/codeql-action/upload-sarif@v2.1.36
|
||||
with:
|
||||
sarif_file: quarkus-report.sarif
|
||||
|
||||
- name: Check for vulnerabilities in Operator
|
||||
run: snyk test --policy-path=${GITHUB_WORKSPACE}/.github/snyk/.snyk --all-projects --prune-repeated-subdependencies --exclude=tests --sarif-file-output=operator-report.sarif operator
|
||||
continue-on-error: true
|
||||
env:
|
||||
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
|
||||
|
||||
- name: Upload Operator scanner results to GitHub
|
||||
uses: github/codeql-action/upload-sarif@v2.1.36
|
||||
with:
|
||||
sarif_file: operator-report.sarif
|
68
.github/workflows/snyk.yml
vendored
68
.github/workflows/snyk.yml
vendored
|
@ -1,68 +0,0 @@
|
|||
name: "Snyk"
|
||||
|
||||
on:
|
||||
schedule:
|
||||
- cron: "0 0 * * *"
|
||||
|
||||
env:
|
||||
DEFAULT_JDK_VERSION: 11
|
||||
MAVEN_OPTS: -Dhttp.keepAlive=false -Dmaven.wagon.http.pool=false -Dmaven.wagon.http.retryHandler.class=standard -Dmaven.wagon.http.retryHandler.count=3 -Dmaven.wagon.httpconnectionManager.ttlSeconds=120
|
||||
|
||||
jobs:
|
||||
quarkus:
|
||||
name: Quarkus
|
||||
runs-on: ubuntu-latest
|
||||
if: ${{ github.repository == 'keycloak/keycloak' }}
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- uses: actions/setup-java@v3
|
||||
with:
|
||||
java-version: ${{ env.DEFAULT_JDK_VERSION }}
|
||||
distribution: temurin
|
||||
cache: maven
|
||||
|
||||
- name: Build Quarkus
|
||||
run: mvn -Psnyk-quarkus -pl quarkus/dist -am -DskipTests clean install
|
||||
|
||||
- uses: snyk/actions/setup@master
|
||||
- name: Check for vulnerabilities
|
||||
run: snyk test --policy-path=${GITHUB_WORKSPACE}/.github/snyk/.snyk --all-projects --prune-repeated-subdependencies --exclude=tests --sarif-file-output=quarkus-report.sarif quarkus
|
||||
continue-on-error: true
|
||||
env:
|
||||
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
|
||||
|
||||
- name: Upload scanner results to GitHub
|
||||
uses: github/codeql-action/upload-sarif@v2.1.36
|
||||
with:
|
||||
sarif_file: quarkus-report.sarif
|
||||
|
||||
operator:
|
||||
name: Operator
|
||||
runs-on: ubuntu-latest
|
||||
if: ${{ github.repository == 'keycloak/keycloak' }}
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- uses: actions/setup-java@v3
|
||||
with:
|
||||
java-version: ${{ env.DEFAULT_JDK_VERSION }}
|
||||
distribution: temurin
|
||||
cache: maven
|
||||
|
||||
- name: Build Keycloak
|
||||
run: mvn -Poperator -pl operator -am -DskipTests clean install
|
||||
|
||||
- uses: snyk/actions/setup@master
|
||||
- name: Check for vulnerabilities for the Operator
|
||||
run: snyk test --policy-path=${GITHUB_WORKSPACE}/.github/snyk/.snyk --all-projects --prune-repeated-subdependencies --exclude=tests --sarif-file-output=operator-report.sarif operator
|
||||
continue-on-error: true
|
||||
env:
|
||||
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
|
||||
|
||||
- name: Upload scanner results for the Operator to GitHub
|
||||
uses: github/codeql-action/upload-sarif@v2.1.36
|
||||
with:
|
||||
sarif_file: operator-report.sarif
|
69
.github/workflows/trivy-analysis.yml
vendored
69
.github/workflows/trivy-analysis.yml
vendored
|
@ -1,63 +1,36 @@
|
|||
name: Trivy
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
schedule:
|
||||
- cron: "0 6 * * *"
|
||||
- cron: 0 6 * * *
|
||||
workflow_dispatch:
|
||||
|
||||
defaults:
|
||||
run:
|
||||
shell: bash
|
||||
|
||||
jobs:
|
||||
quarkus-dist:
|
||||
name: Vulnerability scanner for Quarkus distribution images
|
||||
runs-on: "ubuntu-18.04"
|
||||
|
||||
analysis:
|
||||
name: Vulnerability scanner for nightly containers
|
||||
runs-on: ubuntu-latest
|
||||
if: github.repository == 'keycloak/keycloak'
|
||||
strategy:
|
||||
matrix:
|
||||
container: [keycloak, keycloak-operator]
|
||||
fail-fast: false
|
||||
steps:
|
||||
- name: Run Trivy vulnerability scanner
|
||||
uses: aquasecurity/trivy-action@9ab158e8597f3b310480b9a69402b419bc03dbd5
|
||||
with:
|
||||
image-ref: 'quay.io/keycloak/keycloak:nightly'
|
||||
format: 'template'
|
||||
image-ref: quay.io/keycloak/${{ matrix.container}}:nightly
|
||||
format: template
|
||||
template: '@/contrib/sarif.tpl'
|
||||
output: 'trivy-results.sarif'
|
||||
severity: 'MEDIUM,CRITICAL,HIGH'
|
||||
output: trivy-results.sarif
|
||||
severity: MEDIUM,CRITICAL,HIGH
|
||||
ignore-unfixed: true
|
||||
|
||||
- name: Upload Trivy scan results to GitHub Security tab
|
||||
uses: github/codeql-action/upload-sarif@v2.1.36
|
||||
with:
|
||||
sarif_file: 'trivy-results.sarif'
|
||||
|
||||
legacy-dist:
|
||||
name: Vulnerability scanner for WildFly distribution images
|
||||
runs-on: "ubuntu-18.04"
|
||||
steps:
|
||||
- name: Run Trivy vulnerability scanner
|
||||
uses: aquasecurity/trivy-action@9ab158e8597f3b310480b9a69402b419bc03dbd5
|
||||
with:
|
||||
image-ref: 'quay.io/keycloak/keycloak:legacy'
|
||||
format: 'template'
|
||||
template: '@/contrib/sarif.tpl'
|
||||
output: 'legacy-results.sarif'
|
||||
severity: 'MEDIUM,CRITICAL,HIGH'
|
||||
ignore-unfixed: true
|
||||
|
||||
- name: Upload Trivy scan results to GitHub Security tab
|
||||
uses: github/codeql-action/upload-sarif@v2.1.36
|
||||
with:
|
||||
sarif_file: 'legacy-results.sarif'
|
||||
|
||||
keycloak-operator:
|
||||
name: Vulnerability scanner for Keycloak Operator distribution images
|
||||
runs-on: "ubuntu-18.04"
|
||||
steps:
|
||||
- name: Run Trivy vulnerability scanner
|
||||
uses: aquasecurity/trivy-action@9ab158e8597f3b310480b9a69402b419bc03dbd5
|
||||
with:
|
||||
image-ref: 'quay.io/keycloak/keycloak-operator:nightly'
|
||||
format: 'template'
|
||||
template: '@/contrib/sarif.tpl'
|
||||
output: 'operator-results.sarif'
|
||||
severity: 'MEDIUM,CRITICAL,HIGH'
|
||||
ignore-unfixed: true
|
||||
|
||||
- name: Upload Trivy scan results to GitHub Security tab
|
||||
uses: github/codeql-action/upload-sarif@v2.1.36
|
||||
with:
|
||||
sarif_file: 'operator-results.sarif'
|
||||
sarif_file: trivy-results.sarif
|
||||
|
|
3
.gitignore
vendored
3
.gitignore
vendored
|
@ -83,3 +83,6 @@ quarkus/data/*.db
|
|||
|
||||
# Git ephemeral files
|
||||
*.versionsBackup
|
||||
|
||||
# Node.js for frontend-maven-plugin #
|
||||
node
|
||||
|
|
|
@ -77,6 +77,7 @@
|
|||
</executions>
|
||||
<configuration>
|
||||
<nodeVersion>${node.version}</nodeVersion>
|
||||
<installDirectory>../../../</installDirectory>
|
||||
</configuration>
|
||||
</plugin>
|
||||
</plugins>
|
||||
|
|
|
@ -44,6 +44,11 @@ public class QuarkusPlatform implements PlatformProvider {
|
|||
|
||||
private static final Logger log = Logger.getLogger(QuarkusPlatform.class);
|
||||
|
||||
@Override
|
||||
public String name() {
|
||||
return "Quarkus";
|
||||
}
|
||||
|
||||
public static void addInitializationException(Throwable throwable) {
|
||||
QuarkusPlatform platform = (QuarkusPlatform) Platform.getPlatform();
|
||||
platform.addDeferredException(throwable);
|
||||
|
|
|
@ -22,6 +22,8 @@ import java.io.File;
|
|||
import org.keycloak.Config;
|
||||
|
||||
public interface PlatformProvider {
|
||||
|
||||
String name();
|
||||
|
||||
void onStartup(Runnable runnable);
|
||||
|
||||
|
|
|
@ -37,21 +37,6 @@
|
|||
<modules>
|
||||
<module>services</module>
|
||||
<module>undertow</module>
|
||||
<module>quarkus</module>
|
||||
</modules>
|
||||
|
||||
<profiles>
|
||||
<profile>
|
||||
<id>auth-server-quarkus</id>
|
||||
<modules>
|
||||
<module>quarkus</module>
|
||||
</modules>
|
||||
</profile>
|
||||
<profile>
|
||||
<id>auth-server-cluster-quarkus</id>
|
||||
<modules>
|
||||
<module>quarkus</module>
|
||||
</modules>
|
||||
</profile>
|
||||
</profiles>
|
||||
|
||||
</project>
|
||||
|
|
|
@ -115,26 +115,4 @@
|
|||
</plugin>
|
||||
</plugins>
|
||||
</build>
|
||||
|
||||
<profiles>
|
||||
<profile>
|
||||
<id>auth-server-quarkus</id>
|
||||
<build>
|
||||
<plugins>
|
||||
<plugin>
|
||||
<groupId>org.apache.maven.plugins</groupId>
|
||||
<artifactId>maven-jar-plugin</artifactId>
|
||||
<configuration>
|
||||
<excludes>
|
||||
<!-- For quarkus we don't want the test provider installed to avoid false positives -->
|
||||
<!-- Themes from providers are automatically registered -->
|
||||
<excludes>**/TestThemeResourceProvider**</excludes>
|
||||
<excludes>**/org.keycloak.theme.ThemeResourceProviderFactory</excludes>
|
||||
</excludes>
|
||||
</configuration>
|
||||
</plugin>
|
||||
</plugins>
|
||||
</build>
|
||||
</profile>
|
||||
</profiles>
|
||||
</project>
|
||||
|
|
|
@ -1,11 +1,22 @@
|
|||
package org.keycloak.testsuite.theme;
|
||||
|
||||
import org.keycloak.platform.Platform;
|
||||
import org.keycloak.provider.EnvironmentDependentProviderFactory;
|
||||
import org.keycloak.theme.ClasspathThemeResourceProviderFactory;
|
||||
|
||||
public class TestThemeResourceProvider extends ClasspathThemeResourceProviderFactory {
|
||||
public class TestThemeResourceProvider extends ClasspathThemeResourceProviderFactory implements EnvironmentDependentProviderFactory {
|
||||
|
||||
public TestThemeResourceProvider() {
|
||||
super("test-resources", TestThemeResourceProvider.class.getClassLoader());
|
||||
}
|
||||
|
||||
/**
|
||||
* Quarkus detects theme resources automatically, so this provider should only be enabled on Undertow
|
||||
*
|
||||
* @return true if platform is Undertow
|
||||
*/
|
||||
@Override
|
||||
public boolean isSupported() {
|
||||
return Platform.getPlatform().name().equals("Undertow");
|
||||
}
|
||||
}
|
||||
|
|
|
@ -0,0 +1,47 @@
|
|||
account,4
|
||||
actions,1
|
||||
adapter,2
|
||||
admin,1
|
||||
authz,3
|
||||
broker,3
|
||||
cli,4
|
||||
client,4
|
||||
cluster,IGNORED
|
||||
composites,4
|
||||
cookies,4
|
||||
crossdc,IGNORED
|
||||
docker,4
|
||||
domainextension,4
|
||||
error,4
|
||||
events,4
|
||||
exportimport,4
|
||||
feature,4
|
||||
federation,5
|
||||
forms,5
|
||||
i18n,5
|
||||
jaas,5
|
||||
javascript,5
|
||||
keys,4
|
||||
login,4
|
||||
metrics,4
|
||||
migration,4
|
||||
model,6
|
||||
oauth,6
|
||||
oidc,6
|
||||
openshift,6
|
||||
policy,6
|
||||
runonserver,6
|
||||
saml,6
|
||||
script,6
|
||||
session,6
|
||||
sessionlimits,6
|
||||
ssl,6
|
||||
theme,6
|
||||
transactions,6
|
||||
url,6
|
||||
user,4
|
||||
util,4
|
||||
validation,6
|
||||
vault,4
|
||||
welcomepage,6
|
||||
x509,4
|
43
testsuite/integration-arquillian/tests/base/testsuites/base-suite.sh
Executable file
43
testsuite/integration-arquillian/tests/base/testsuites/base-suite.sh
Executable file
|
@ -0,0 +1,43 @@
|
|||
#!/bin/bash -e
|
||||
|
||||
GROUP="$1"
|
||||
if [ "$GROUP" == "" ]; then
|
||||
echo 'Usage: base-suite.sh <group>'
|
||||
exit
|
||||
fi
|
||||
|
||||
cd "`readlink -f "$0" | xargs dirname`"
|
||||
|
||||
TESTSUITE_FILE='base-suite'
|
||||
TEST_DIR='../src/test/java/org/keycloak/testsuite'
|
||||
BASE_PACKAGE='org.keycloak.testsuite'
|
||||
|
||||
PACKAGES=`cat $TESTSUITE_FILE | grep -v '^[[:space:]]*$' | grep -v '^[[:space:]]*#'`
|
||||
|
||||
# Check all packages in testsuite are included
|
||||
for i in `ls -d $TEST_DIR/*/ | sed "s|$TEST_DIR||g" | sed "s|/||g"`; do
|
||||
if ( ! cat $TESTSUITE_FILE | grep "^$i," >/dev/null ); then
|
||||
echo "Package 'org.keycloak.testsuite.$i' not defined in base-suite"
|
||||
exit 1
|
||||
fi
|
||||
done
|
||||
|
||||
SEP=""
|
||||
TESTS=""
|
||||
for i in `echo $PACKAGES`; do
|
||||
PACKAGE=`echo $i | cut -d ',' -f 1`
|
||||
PACKAGE_GROUP=`echo $i | cut -d ',' -f 2`
|
||||
|
||||
# Check package exists
|
||||
if [ ! -d "$TEST_DIR/$PACKAGE" ]; then
|
||||
echo "Package 'org.keycloak.testsuite.$PACKAGE' not found"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [ "$GROUP" == "$PACKAGE_GROUP" ]; then
|
||||
TESTS="$TESTS$SEP$BASE_PACKAGE.$PACKAGE.**"
|
||||
SEP=','
|
||||
fi
|
||||
done
|
||||
|
||||
echo "$TESTS"
|
|
@ -0,0 +1,18 @@
|
|||
AccountRestServiceTest
|
||||
AuthorizationCodeTest
|
||||
AuthorizationTest
|
||||
ClientRegistrationTest
|
||||
EventStoreProviderTest
|
||||
ExportImportTest
|
||||
GeneratedRsaKeyProviderTest
|
||||
KcOidcBrokerTest
|
||||
LDAPUserLoginTest
|
||||
LoginTest
|
||||
PasswordPolicyTest
|
||||
RequiredActionUpdateProfileTest
|
||||
SSOTest
|
||||
SamlClientTest
|
||||
TransactionsTest
|
||||
UserProfileTest
|
||||
org.keycloak.testsuite.admin.**
|
||||
org.keycloak.testsuite.authz.**ManagementTest
|
|
@ -0,0 +1,15 @@
|
|||
org.keycloak.testsuite.forms.**
|
||||
ClientAuthSignedJWTTest
|
||||
CredentialsTest
|
||||
JavaKeystoreKeyProviderTest
|
||||
ServerInfoTest
|
||||
UserFederationLdapConnectionTest
|
||||
LDAPUserLoginTest
|
||||
org.keycloak.testsuite.x509.**
|
||||
MutualTLSClientTest
|
||||
FAPI1Test
|
||||
FAPICIBATest
|
||||
KcRegTest
|
||||
KcRegCreateTest
|
||||
KcAdmTest
|
||||
KcAdmCreateTest
|
|
@ -0,0 +1,17 @@
|
|||
AccountRestServiceTest
|
||||
AuthorizationCodeTest
|
||||
CredentialsTest
|
||||
DeployedScriptAuthenticatorTest
|
||||
ExportImportTest
|
||||
GeneratedRsaKeyProviderTest
|
||||
JavaKeystoreKeyProviderTest
|
||||
KcOidcBrokerTest
|
||||
KerberosLdapTest
|
||||
LDAPUserLoginTest
|
||||
LoginTest
|
||||
MutualTLSClientTest
|
||||
PasswordPolicyTest
|
||||
SSOTest
|
||||
SamlClientTest
|
||||
TransactionsTest
|
||||
X509BrowserLoginTest
|
35
testsuite/integration-arquillian/tests/base/testsuites/suite.sh
Executable file
35
testsuite/integration-arquillian/tests/base/testsuites/suite.sh
Executable file
|
@ -0,0 +1,35 @@
|
|||
#!/bin/bash -e
|
||||
|
||||
GROUP="$1"
|
||||
if [ "$GROUP" == "" ]; then
|
||||
echo 'Usage: suite.sh <group>'
|
||||
exit
|
||||
fi
|
||||
|
||||
cd "`readlink -f "$0" | xargs dirname`"
|
||||
|
||||
TEST_DIR="../src/test/java/"
|
||||
SUITE_FILE="$GROUP-suite"
|
||||
|
||||
if [ ! -f "$SUITE_FILE" ]; then
|
||||
echo "$SUITE_FILE not found"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
SEP=""
|
||||
TESTS=""
|
||||
for i in `cat "$SUITE_FILE" | grep -v '^[[:space:]]*$' | grep -v '^[[:space:]]*#'`; do
|
||||
# Check test exists, ignoring checking packages for now
|
||||
if [[ "$i" != *'.'* ]]; then
|
||||
SEARCH=`find "$TEST_DIR" -name "$i.java"`
|
||||
if [ "$SEARCH" == "" ]; then
|
||||
echo "$i not found in testsuite"
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
|
||||
TESTS="$TESTS$SEP$i"
|
||||
SEP=","
|
||||
done
|
||||
|
||||
echo "$TESTS"
|
|
@ -41,6 +41,11 @@ public class TestPlatform implements PlatformProvider {
|
|||
);
|
||||
}
|
||||
|
||||
@Override
|
||||
public String name() {
|
||||
return "Undertow";
|
||||
}
|
||||
|
||||
@Override
|
||||
public void onStartup(Runnable startupHook) {
|
||||
startupHook.run();
|
||||
|
|
|
@ -134,7 +134,7 @@
|
|||
</executions>
|
||||
<configuration>
|
||||
<nodeVersion>${node.version}</nodeVersion>
|
||||
<installDirectory>${project.basedir}</installDirectory>
|
||||
<installDirectory>../</installDirectory>
|
||||
</configuration>
|
||||
</plugin>
|
||||
</plugins>
|
||||
|
@ -187,7 +187,7 @@
|
|||
</executions>
|
||||
<configuration>
|
||||
<nodeVersion>${node.version}</nodeVersion>
|
||||
<installDirectory>${project.basedir}</installDirectory>
|
||||
<installDirectory>../</installDirectory>
|
||||
</configuration>
|
||||
</plugin>
|
||||
</plugins>
|
||||
|
|
Loading…
Reference in a new issue