Keycloak CI workflow refactoring (#15968)

* Keycloak CI workflow refactoring

Closes #15861

* Update testsuite/integration-arquillian/tests/base/testsuites/base-suite.sh

Co-authored-by: Hynek Mlnařík <hmlnarik@users.noreply.github.com>

* Update testsuite/integration-arquillian/tests/base/testsuites/suite.sh

Co-authored-by: Hynek Mlnařík <hmlnarik@users.noreply.github.com>

* Update testsuite/integration-arquillian/tests/base/testsuites/suite.sh

Co-authored-by: Hynek Mlnařík <hmlnarik@users.noreply.github.com>

* Update CodeQL actions

Co-authored-by: Hynek Mlnařík <hmlnarik@users.noreply.github.com>
This commit is contained in:
Stian Thorgersen 2022-12-14 16:12:23 +01:00 committed by GitHub
parent 6f802b5c1f
commit a5670af745
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
35 changed files with 1027 additions and 925 deletions

View file

@ -0,0 +1,82 @@
name: Build Keycloak
description: Builds Keycloak providing Maven repository with all artifacts
inputs:
upload-m2-repo:
description: Upload Maven repository for org.keycloak artifacts
required: false
default: true
upload-dist:
description: Upload distribution
required: false
default: false
jdk-dist:
description: JDK distribution
required: false
default: temurin
jdk-version:
description: JDK version
required: false
default: 11
runs:
using: composite
steps:
- id: setup-java
name: Setup Java
uses: actions/setup-java@v3
with:
distribution: ${{ inputs.jdk-dist }}
java-version: ${{ inputs.jdk-version }}
- id: maven-cache
name: Maven cache
uses: ./.github/actions/maven-cache
- id: phantomjs-cache
name: PhantomJS cache
uses: ./.github/actions/phantomjs-cache
- id: npm-cache
name: NPM cache
uses: ./.github/actions/npm-cache
- id: build-keycloak
name: Build Keycloak
shell: bash
run: |
MVN_HTTP_CONFIG="-Dhttp.keepAlive=false -Dmaven.wagon.http.pool=false -Dmaven.wagon.http.retryHandler.class=standard -Dmaven.wagon.http.retryHandler.count=3 -Dmaven.wagon.httpconnectionManager.ttlSeconds=120"
./mvnw install -nsu -B -e -DskipTests -DskipExamples $MVN_HTTP_CONFIG
- id: compress-keycloak-maven-repository
name: Compress Keycloak Maven artifacts
if: inputs.upload-m2-repo == 'true'
shell: bash
run: |
tar -C ~/ --use-compress-program zstd -cf m2-keycloak.tzts \
--exclude '*.tar.gz' \
.m2/repository/org/keycloak
- id: upload-keycloak-maven-repository
name: Upload Keycloak Maven artifacts
if: inputs.upload-m2-repo == 'true'
uses: actions/upload-artifact@v3
with:
name: m2-keycloak.tzts
path: m2-keycloak.tzts
retention-days: 1
- id: upload-keycloak-dist
name: Upload Keycloak dist
if: inputs.upload-dist == 'true'
uses: actions/upload-artifact@v3
with:
name: keycloak-dist
path: quarkus/dist/target/keycloak*.tar.gz
retention-days: 1
- id: maven-cache-cleanup
name: Maven cache cleanup
if: steps.maven-cache.outputs.cache-hit != 'true'
shell: bash
run: rm -rf ~/.m2/repository/org/keycloak

View file

@ -0,0 +1,49 @@
name: Changed Files
description: Checks changes against target branch
outputs:
java:
description: Changes to Java files
value: ${{ steps.changes.outputs.java }}
themes:
description: Changes to themes
value: ${{ steps.changes.outputs.themes }}
js-adapter:
description: Changes to JavaScript adapter
value: ${{ steps.changes.outputs.js-adapter }}
runs:
using: composite
steps:
- id: changes
name: Find changes
shell: bash
run: |
BASE_REF=${{ github.base_ref }}
changed () {
git diff --name-only origin/${{ github.base_ref }} | grep -E "$1" &>/dev/null && echo true || echo false
}
if [ "$BASE_REF" != "" ]; then
echo "Checking changes against orgin/$BASE_REF"
git fetch origin
JAVA=`changed '^.*/.*.java$'`
THEMES=`changed '^themes/src/main/.*$'`
JS_ADAPTER=`changed '^adapters/oidc/js/.*$'`
else
echo "Not a pull request, marking everything as changed"
JAVA=true
THEMES=true
JS_ADAPTER=true
fi
echo "Java changed: $JAVA"
echo "Themes changed: $THEMES"
echo "JS adapter changed: $JS_ADAPTER"
echo "java=$JAVA" >> $GITHUB_OUTPUT
echo "themes=$THEMES" >> $GITHUB_OUTPUT
echo "js-adapter=$JS_ADAPTER" >> $GITHUB_OUTPUT

View file

@ -0,0 +1,34 @@
name: Check if a job passed
description: Fails if the job is required and was not successful
inputs:
required:
description: Is the job required
required: true
default: true
conclusion:
description: Job conclusion (success if passed, most likely empty otherwise)
required: true
outputs:
status:
description: "Check status"
value: ${{ steps.changes.outputs.java }}
runs:
using: "composite"
steps:
- id: check-job
name: Check job
shell: bash
run: |
if [ "${{ inputs.required }}" == "false" ]; then
echo "Not required to run, skipping"
else
if [ "${{ inputs.conclusion }}" == "success" ]; then
echo "Success"
else
echo "Required to run, but didn't succeed"
exit 1
fi
fi

View file

@ -0,0 +1,16 @@
name: Mark job as successful
description: Workaround for GitHub Actions not setting conclusion on jobs passed through needs
outputs:
conclusion:
description: Conclusion
value: ${{ steps.check.outputs.conclusion }}
runs:
using: composite
steps:
- id: check
name: Set success
shell: bash
run: |
echo "conclusion=success" >> $GITHUB_OUTPUT

View file

@ -0,0 +1,41 @@
name: Setup integration test
description: Download Maven caches needed for integration tests
inputs:
jdk-dist:
description: JDK distribution
required: false
default: temurin
jdk-version:
description: JDK version
required: false
default: 11
runs:
using: composite
steps:
- id: setup-java
name: Setup Java
uses: actions/setup-java@v3
with:
distribution: ${{ inputs.jdk-dist }}
java-version: ${{ inputs.jdk-version }}
- id: maven-cache
name: Maven cache
uses: ./.github/actions/maven-cache
- id: phantomjs-cache
name: PhantomJS cache
uses: ./.github/actions/phantomjs-cache
- id: download-keycloak
name: Download Keycloak Maven artifacts
uses: actions/download-artifact@v3
with:
name: m2-keycloak.tzts
- id: extract-maven-artifacts
name: Extract Keycloak Maven artifacts
shell: bash
run: tar -C ~/ --use-compress-program unzstd -xf m2-keycloak.tzts

28
.github/actions/maven-cache/action.yml vendored Normal file
View file

@ -0,0 +1,28 @@
name: Maven Cache
description: Caches Maven artifacts
runs:
using: composite
steps:
- id: weekly-cache-key
name: Key for weekly rotation of cache
shell: bash
run: echo "key=mvn-`date -u "+%Y-%U"`" >> $GITHUB_OUTPUT
- id: cache-maven-repository
name: Maven cache
uses: actions/cache@v3
with:
path: ~/.m2/repository
key: ${{ steps.weekly-cache-key.outputs.key }}
- id: check-maven-cache
name: Check cache has no Keycloak artifacts
if: steps.cache-maven-repository.outputs.cache-hit == 'true'
shell: bash
run: |
if ( stat ~/.m2/repository/org/keycloak &>/dev/null ); then
echo "Found org/keycloak artifacts in Maven repository cache"
ls ~/.m2/repository/org/keycloak
exit 1
fi

17
.github/actions/npm-cache/action.yml vendored Normal file
View file

@ -0,0 +1,17 @@
name: NPM Cache
description: Caches NPM artifacts
runs:
using: composite
steps:
- id: weekly-cache-key
name: Key for weekly rotation of cache
shell: bash
run: echo "key=npm-`date -u "+%Y-%U"`" >> $GITHUB_OUTPUT
- id: cache-npm-repository
name: NPM cache
uses: actions/cache@v3
with:
path: ~/.npm
key: ${{ steps.weekly-cache-key.outputs.key }}

View file

@ -0,0 +1,26 @@
name: PhantomJS Cache
description: Caches PhantomJS driver
inputs:
version:
description: PhantomJS Driver version
required: false
default: 2.1.1
runs:
using: composite
steps:
- id: cache-phantomjs-driver
name: PhantomJS Driver cache
uses: actions/cache@v3
with:
path: ~/.arquillian/drone
key: phantomjs-${{ inputs.version }}
- id: download-phantomjs-driver
name: Download PhantomJS Driver
if: steps.cache-phantomjs-driver.outputs.cache-hit != 'true'
shell: bash
run: |
mkdir -p ~/.arquillian/drone/phantomjs/${{ inputs.version }}/
curl -L https://bitbucket.org/ariya/phantomjs/downloads/phantomjs-${{ inputs.version }}-linux-x86_64.tar.bz2 --output ~/.arquillian/drone/phantomjs/${{ inputs.version }}/phantomjs-${{ inputs.version }}-linux-x86_64.tar.bz2

View file

@ -0,0 +1,26 @@
name: Setup unit test
description: Download Maven caches needed for unit tests
inputs:
jdk-dist:
description: JDK distribution
required: false
default: temurin
jdk-version:
description: JDK version
required: false
default: 11
runs:
using: composite
steps:
- id: setup-java
name: Setup Java
uses: actions/setup-java@v3
with:
distribution: ${{ inputs.jdk-dist }}
java-version: ${{ inputs.jdk-version }}
- id: maven-cache
name: Maven cache
uses: ./.github/actions/maven-cache

View file

@ -1,11 +0,0 @@
#!/bin/bash -e
VERSION=$(mvn -q -Dexec.executable=echo -Dexec.args='${project.version}' --non-recursive exec:exec -f keycloak)
unzip ~/.m2/repository/org/keycloak/keycloak-server-dist/${VERSION}/keycloak-server-dist-${VERSION}.zip
mv keycloak-${VERSION} keycloak-dist
keycloak-dist/bin/add-user-keycloak.sh -u admin -p admin
# update QS version to match KC version
mvn versions:set -DnewVersion=$VERSION -DgenerateBackupPoms=false -DgroupId=org.keycloak* -DartifactId=* -Pbump-version -B

48
.github/settings.xml vendored
View file

@ -1,48 +0,0 @@
<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0
https://maven.apache.org/xsd/settings-1.0.0.xsd">
<profiles>
<profile>
<id>update-policy</id>
<activation>
<activeByDefault>true</activeByDefault>
</activation>
<repositories>
<repository>
<id>central</id>
<name>Maven Central</name>
<url>https://repo.maven.apache.org/maven2</url>
<snapshots>
<enabled>false</enabled>
</snapshots>
<releases>
<updatePolicy>interval:43200</updatePolicy>
</releases>
</repository>
<repository>
<id>jboss-public-repository</id>
<name>Jboss Public</name>
<url>https://repository.jboss.org/nexus/content/groups/public/</url>
<snapshots>
<enabled>false</enabled>
</snapshots>
<releases>
<updatePolicy>interval:43200</updatePolicy>
</releases>
</repository>
<repository>
<id>redhat-enterprise-maven-repository</id>
<name>Red Hat Enterprise Maven Repository</name>
<url>https://maven.repository.redhat.com/ga/</url>
<snapshots>
<enabled>false</enabled>
</snapshots>
<releases>
<updatePolicy>interval:43200</updatePolicy>
</releases>
</repository>
</repositories>
</profile>
</profiles>
</settings>

View file

@ -2,374 +2,198 @@ name: Keycloak CI
on:
push:
branches-ignore: [main]
# as the ci.yml contains actions that are required for PRs to be merged, it will always need to run on all PRs
pull_request: {}
branches-ignore:
- main
- dependabot/**
pull_request:
schedule:
- cron: '0 20,23,2,5 * * *'
- cron: 0 20,23,2,5 * * *
workflow_dispatch:
env:
DEFAULT_JDK_VERSION: 11
MAVEN_OPTS: -Dhttp.keepAlive=false -Dmaven.wagon.http.pool=false -Dmaven.wagon.http.retryHandler.class=standard -Dmaven.wagon.http.retryHandler.count=3 -Dmaven.wagon.httpconnectionManager.ttlSeconds=120
DEFAULT_JDK_DIST: temurin
concurrency:
# Only cancel jobs for new commits on PRs, and always do a complete run on other branches (e.g. `main`).
# See: https://docs.github.com/en/actions/using-jobs/using-concurrency#example-using-a-fallback-value
group: keycloak-ci-${{ github.head_ref || github.run_id }}
# Only cancel jobs for PR updates
group: ci-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
defaults:
run:
shell: bash
jobs:
build:
name: Build
if: ${{ ( github.event_name != 'schedule' ) || ( github.event_name == 'schedule' && github.repository == 'keycloak/keycloak' ) }}
if: github.event_name != 'schedule' || github.repository == 'keycloak/keycloak'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-java@v3
with:
distribution: 'temurin'
java-version: ${{ env.DEFAULT_JDK_VERSION }}
cache: 'maven'
- name: Update maven settings
run: mkdir -p ~/.m2 ; cp .github/settings.xml ~/.m2/
- name: Build Keycloak
run: |
./mvnw clean install -nsu -B -e -DskipTests -Pdistribution
./mvnw clean install -nsu -B -e -f testsuite/integration-arquillian/servers/auth-server -Pauth-server-quarkus
./mvnw clean install -nsu -B -e -f testsuite/integration-arquillian/servers/auth-server -Pauth-server-undertow
- name: Store Keycloak artifacts
id: store-keycloak
uses: actions/upload-artifact@v3
with:
name: keycloak-artifacts.zip
retention-days: 1
path: |
~/.m2/repository/org/keycloak
!~/.m2/repository/org/keycloak/**/*.tar.gz
- name: Remove keycloak artifacts before caching
if: steps.cache.outputs.cache-hit != 'true'
run: rm -rf ~/.m2/repository/org/keycloak
# Tests: Regular distribution
uses: ./.github/actions/build-keycloak
unit-tests:
name: Unit Tests
name: Base UT
runs-on: ubuntu-latest
needs: build
timeout-minutes: 30
steps:
- uses: actions/checkout@v3
- uses: actions/setup-java@v3
with:
distribution: 'temurin'
java-version: ${{ env.DEFAULT_JDK_VERSION }}
cache: 'maven'
- name: Update maven settings
run: mkdir -p ~/.m2 ; cp .github/settings.xml ~/.m2/
- name: Cleanup org.keycloak artifacts
run: rm -rf ~/.m2/repository/org/keycloak >/dev/null || true
- name: Download built keycloak
id: download-keycloak
uses: actions/download-artifact@v3
with:
path: ~/.m2/repository/org/keycloak/
name: keycloak-artifacts.zip
- id: unit-test-setup
name: Unit test setup
uses: ./.github/actions/unit-test-setup
- name: Run unit tests
run: |
if ! ./mvnw install -nsu -B -DskipTestsuite -DskipQuarkus -DskipExamples -f pom.xml; then
find . -path '*/target/surefire-reports/*.xml' | zip -q reports-unit-tests.zip -@
exit 1
fi
run: ./mvnw install -nsu -B -DskipTestsuite -DskipQuarkus -DskipExamples
- name: Analyze Test and/or Coverage Results
uses: runforesight/foresight-test-kit-action@v1.3.0
if: always() && github.repository == 'keycloak/keycloak'
with:
api_key: ${{ secrets.FORESIGHT_API_KEY }}
test_format: JUNIT
test_framework: JUNIT
test_path: '**/target/surefire-reports/*.xml'
- name: Unit test reports
uses: actions/upload-artifact@v3
if: failure()
with:
name: reports-unit-tests
retention-days: 14
path: reports-unit-tests.zip
if-no-files-found: ignore
crypto-tests:
name: Crypto Tests
runs-on: ubuntu-latest
needs: build
timeout-minutes: 20
steps:
- uses: actions/checkout@v3
- uses: actions/setup-java@v3
with:
distribution: 'temurin'
java-version: ${{ env.DEFAULT_JDK_VERSION }}
cache: 'maven'
- name: Update maven settings
run: mkdir -p ~/.m2 ; cp .github/settings.xml ~/.m2/
- name: Cleanup org.keycloak artifacts
run: rm -rf ~/.m2/repository/org/keycloak >/dev/null || true
- name: Download built keycloak
id: download-keycloak
uses: actions/download-artifact@v3
with:
path: ~/.m2/repository/org/keycloak/
name: keycloak-artifacts.zip
- name: Run crypto tests (BCFIPS non-approved mode)
run: |
if ! ./mvnw install -nsu -B -f crypto/pom.xml -Dcom.redhat.fips=true; then
find . -path 'crypto/target/surefire-reports/*.xml' | zip -q reports-crypto-tests.zip -@
exit 1
fi
- name: Run crypto tests (BCFIPS approved mode)
run: |
if ! ./mvnw install -nsu -B -f crypto/pom.xml -Dcom.redhat.fips=true -Dorg.bouncycastle.fips.approved_only=true; then
find . -path 'crypto/target/surefire-reports/*.xml' | zip -q reports-crypto-tests.zip -@
exit 1
fi
- name: Crypto test reports
uses: actions/upload-artifact@v3
if: failure()
with:
name: reports-crypto-tests
retention-days: 14
path: reports-crypto-tests.zip
if-no-files-found: ignore
model-tests:
name: Model Tests
runs-on: ubuntu-latest
needs: build
timeout-minutes: 60
steps:
- uses: actions/checkout@v3
- uses: actions/setup-java@v3
with:
distribution: 'temurin'
java-version: ${{ env.DEFAULT_JDK_VERSION }}
cache: 'maven'
- name: Update maven settings
run: mkdir -p ~/.m2 ; cp .github/settings.xml ~/.m2/
- name: Cleanup org.keycloak artifacts
run: rm -rf ~/.m2/repository/org/keycloak >/dev/null || true
- name: Download built keycloak
id: download-keycloak
uses: actions/download-artifact@v3
with:
path: ~/.m2/repository/org/keycloak/
name: keycloak-artifacts.zip
- name: Run model tests
run: |
if ! testsuite/model/test-all-profiles.sh; then
find . -path '*/target/surefire-reports*/*.xml' | zip -q reports-model-tests.zip -@
exit 1
fi
- name: Analyze Test and/or Coverage Results
uses: runforesight/foresight-test-kit-action@v1.3.0
if: always() && github.repository == 'keycloak/keycloak'
with:
api_key: ${{ secrets.FORESIGHT_API_KEY }}
test_format: JUNIT
test_framework: JUNIT
test_path: 'testsuite/model/target/surefire-reports/*.xml'
- name: Model test reports
uses: actions/upload-artifact@v3
if: failure()
with:
name: reports-model-tests
retention-days: 14
path: reports-model-tests.zip
if-no-files-found: ignore
test:
name: Base testsuite
base-integration-tests:
name: Base IT
needs: build
runs-on: ubuntu-latest
timeout-minutes: 100
strategy:
matrix:
server: ['quarkus', 'quarkus-map', 'quarkus-map-hot-rod', 'quarkus-map-jpa']
tests: ['group1','group2','group3']
group: [1, 2, 3, 4, 5, 6]
fail-fast: false
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 2
- name: Check whether HEAD^ contains HotRod storage relevant changes
run: echo "GIT_HOTROD_RELEVANT_DIFF=$( git diff --name-only HEAD^ | egrep -ic -e '^model/map-hot-rod|^model/map/|^model/build-processor' )" >> $GITHUB_ENV
- id: integration-test-setup
name: Integration test setup
uses: ./.github/actions/integration-test-setup
- name: Check whether HotRod storage matrix should be executed
if: ${{ endsWith(matrix.server, '-map-hot-rod') && env.GIT_HOTROD_RELEVANT_DIFF == 0 }}
run: echo "SHOULD_BE_EXECUTED=false" >> $GITHUB_ENV
- name: Check whether HEAD^ contains JPA map storage relevant changes
run: echo "GIT_MAP_JPA_RELEVANT_DIFF=$( git diff --name-only HEAD^ | egrep -ic -e '^model/map-jpa/|^model/map/|^model/build-processor' )" >> $GITHUB_ENV
- name: Check whether Map-JPA storage matrix should be executed
if: ${{ endsWith(matrix.server, '-map-jpa') && env.GIT_MAP_JPA_RELEVANT_DIFF == 0 }}
run: echo "SHOULD_BE_EXECUTED=false" >> $GITHUB_ENV
- name: Cache Maven packages
if: ${{ github.event_name != 'pull_request' || env.SHOULD_BE_EXECUTED != 'false' }}
uses: actions/cache@v3
with:
path: ~/.m2/repository
key: cache-2-${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
restore-keys: cache-1-${{ runner.os }}-m2
- name: Download built keycloak
if: ${{ github.event_name != 'pull_request' || env.SHOULD_BE_EXECUTED != 'false' }}
id: download-keycloak
uses: actions/download-artifact@v3
with:
path: ~/.m2/repository/org/keycloak/
name: keycloak-artifacts.zip
# - name: List M2 repo
# run: |
# find ~ -name *dist*.zip
# ls -lR ~/.m2/repository
- uses: actions/setup-java@v3
if: ${{ github.event_name != 'pull_request' || env.SHOULD_BE_EXECUTED != 'false' }}
with:
distribution: 'temurin'
java-version: ${{ env.DEFAULT_JDK_VERSION }}
- name: Update maven settings
if: ${{ github.event_name != 'pull_request' || env.SHOULD_BE_EXECUTED != 'false' }}
run: mkdir -p ~/.m2 ; cp .github/settings.xml ~/.m2/
- name: Prepare test providers
if: ${{ matrix.server == 'quarkus' || matrix.server == 'quarkus-map' }}
run: ./mvnw clean install -nsu -B -e -f testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers -Pauth-server-quarkus
- name: Run base tests
if: ${{ github.event_name != 'pull_request' || env.SHOULD_BE_EXECUTED != 'false' }}
run: |
declare -A PARAMS TESTGROUP
PARAMS["quarkus"]="-Pauth-server-quarkus"
PARAMS["quarkus-map"]="-Pauth-server-quarkus -Pmap-storage -Dpageload.timeout=90000"
PARAMS["quarkus-map-hot-rod"]="-Pauth-server-quarkus -Pmap-storage,map-storage-hot-rod -Dpageload.timeout=90000"
PARAMS["quarkus-map-jpa"]="-Pauth-server-quarkus -Pmap-storage,map-storage-jpa -Dpageload.timeout=90000"
TESTGROUP["group1"]="-Dtest=!**.crossdc.**,!**.cluster.**,%regex[org.keycloak.testsuite.(a[abc]|ad[a-l]|[^a-q]).*]" # Tests alphabetically before admin tests and those after "r"
TESTGROUP["group2"]="-Dtest=!**.crossdc.**,!**.cluster.**,%regex[org.keycloak.testsuite.(ad[^a-l]|a[^a-d]|b).*]" # Admin tests and those starting with "b"
TESTGROUP["group3"]="-Dtest=!**.crossdc.**,!**.cluster.**,%regex[org.keycloak.testsuite.([c-q]).*]" # All the rest
TESTS=`testsuite/integration-arquillian/tests/base/testsuites/base-suite.sh ${{ matrix.group }}`
echo "Tests: $TESTS"
./mvnw install -nsu -B -Pauth-server-quarkus -Dtest=$TESTS -pl testsuite/integration-arquillian/tests/base | misc/log/trimmer.sh
./mvnw clean install -nsu -B ${PARAMS["${{ matrix.server }}"]} ${TESTGROUP["${{ matrix.tests }}"]} -f testsuite/integration-arquillian/tests/base/pom.xml | misc/log/trimmer.sh
quarkus-integration-tests:
name: Quarkus IT
needs: build
runs-on: ubuntu-latest
timeout-minutes: 115
strategy:
matrix:
server: [zip, container, storage]
fail-fast: false
env:
MAVEN_OPTS: -Xmx1024m
steps:
- uses: actions/checkout@v3
TEST_RESULT=${PIPESTATUS[0]}
find . -path '*/target/surefire-reports/*.xml' | zip -q reports-${{ matrix.server }}-base-tests-${{ matrix.tests }}.zip -@
exit $TEST_RESULT
- id: unit-test-setup
name: Unit test setup
uses: ./.github/actions/unit-test-setup
- name: Analyze Test and/or Coverage Results
uses: runforesight/foresight-test-kit-action@v1.3.0
if: always() && github.repository == 'keycloak/keycloak'
- name: Run Quarkus integration Tests
run: |
declare -A PARAMS
PARAMS["zip"]=""
PARAMS["container"]="-Dkc.quarkus.tests.dist=docker"
PARAMS["storage"]="-Ptest-database -Dtest=PostgreSQLDistTest,MariaDBDistTest#testSuccessful,MySQLDistTest#testSuccessful,DatabaseOptionsDistTest,JPAStoreDistTest,HotRodStoreDistTest,MixedStoreDistTest"
./mvnw install -nsu -B -pl quarkus/tests/integration -am -DskipTests
./mvnw test -nsu -B -pl quarkus/tests/integration ${PARAMS["${{ matrix.server }}"]} | misc/log/trimmer.sh
jdk-integration-tests:
name: Java Distribution IT
needs: build
runs-on: ubuntu-latest
timeout-minutes: 100
strategy:
matrix:
dist: [temurin]
version: [17, 19]
fail-fast: false
steps:
- uses: actions/checkout@v3
- id: integration-test-setup
name: Integration test setup
uses: ./.github/actions/integration-test-setup
with:
api_key: ${{ secrets.FORESIGHT_API_KEY }}
test_format: JUNIT
test_framework: JUNIT
test_path: 'testsuite/integration-arquillian/tests/base/target/surefire-reports/*.xml'
jdk-dist: ${{ matrix.dist }}
jdk-version: ${{ matrix.version }}
- name: Base test reports
uses: actions/upload-artifact@v3
if: failure()
with:
name: reports-${{ matrix.server }}-base-tests-${{ matrix.tests }}
retention-days: 14
path: reports-${{ matrix.server }}-base-tests-${{ matrix.tests }}.zip
if-no-files-found: ignore
- name: Prepare Quarkus distribution with current JDK
run: ./mvnw install -nsu -B -e -pl testsuite/integration-arquillian/servers/auth-server/quarkus
test-fips:
name: Base testsuite (fips)
- name: Run base tests
run: |
TESTS=`testsuite/integration-arquillian/tests/base/testsuites/suite.sh jdk`
echo "Tests: $TESTS"
./mvnw install -nsu -B -Pauth-server-quarkus -Pdb-${{ matrix.db }} -Dtest=$TESTS -pl testsuite/integration-arquillian/tests/base | misc/log/trimmer.sh
new-store-integration-tests:
name: New Store IT
needs: build
runs-on: ubuntu-latest
timeout-minutes: 45
strategy:
matrix:
server: ['bcfips-nonapproved-pkcs12']
tests: ['group1', 'group2']
db: [chm, hot-rod, jpa]
fail-fast: false
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 2
- name: Cache Maven packages
uses: actions/cache@v3
with:
path: ~/.m2/repository
key: cache-2-${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
restore-keys: cache-1-${{ runner.os }}-m2
- id: integration-test-setup
name: Integration test setup
uses: ./.github/actions/integration-test-setup
- name: Download built keycloak
id: download-keycloak
uses: actions/download-artifact@v3
with:
path: ~/.m2/repository/org/keycloak/
name: keycloak-artifacts.zip
# - name: List M2 repo
# run: |
# find ~ -name *dist*.zip
# ls -lR ~/.m2/repository
- uses: actions/setup-java@v3
with:
distribution: 'temurin'
java-version: ${{ env.DEFAULT_JDK_VERSION }}
- name: Update maven settings
run: mkdir -p ~/.m2 ; cp .github/settings.xml ~/.m2/
- name: Prepare quarkus distribution with BCFIPS
run: ./mvnw clean install -nsu -B -e -f testsuite/integration-arquillian/servers/auth-server/quarkus -Pauth-server-quarkus,auth-server-fips140-2
- name: Run base tests
run: |
declare -A PARAMS TESTGROUP
PARAMS["bcfips-nonapproved-pkcs12"]="-Pauth-server-quarkus,auth-server-fips140-2"
# Tests in the package "forms" and some keystore related tests
TESTGROUP["group1"]="-Dtest=org.keycloak.testsuite.forms.**,ClientAuthSignedJWTTest,CredentialsTest,JavaKeystoreKeyProviderTest,ServerInfoTest,UserFederationLdapConnectionTest,LDAPUserLoginTest"
TESTGROUP["group2"]="-Dtest=org.keycloak.testsuite.x509.**,MutualTLSClientTest,FAPI1Test,FAPICIBATest,KcRegTest,KcRegCreateTest,KcAdmTest,KcAdmCreateTest" # Tests for X.509 authentication with users and clients and CLI tests
declare -A PARAMS
PARAMS["chm"]="-Pmap-storage -Dpageload.timeout=90000"
PARAMS["hot-rod"]="-Pmap-storage,map-storage-hot-rod -Dpageload.timeout=90000"
PARAMS["jpa"]="-Pmap-storage,map-storage-jpa -Dpageload.timeout=90000"
./mvnw clean install -nsu -B ${PARAMS["${{ matrix.server }}"]} ${TESTGROUP["${{ matrix.tests }}"]} -f testsuite/integration-arquillian/tests/base/pom.xml | misc/log/trimmer.sh
TESTS=`testsuite/integration-arquillian/tests/base/testsuites/suite.sh database`
echo "Tests: $TESTS"
./mvnw install -nsu -B -Pauth-server-quarkus ${PARAMS["${{ matrix.db }}"]} -Dtest=$TESTS -pl testsuite/integration-arquillian/tests/base | misc/log/trimmer.sh
TEST_RESULT=${PIPESTATUS[0]}
find . -path '*/target/surefire-reports/*.xml' | zip -q reports-${{ matrix.server }}-base-tests-${{ matrix.tests }}.zip -@
exit $TEST_RESULT
legacy-store-integration-tests:
name: Legacy Store IT
needs: build
runs-on: ubuntu-latest
timeout-minutes: 45
strategy:
matrix:
db: [postgres, mysql] # 'mariadb' is not always shutting down, 'mssql', 'oracle11g' containers not available
fail-fast: false
steps:
- uses: actions/checkout@v3
- name: Analyze Test and/or Coverage Results
uses: runforesight/foresight-test-kit-action@v1.3.0
if: always() && github.repository == 'keycloak/keycloak'
with:
api_key: ${{ secrets.FORESIGHT_API_KEY }}
test_format: JUNIT
test_framework: JUNIT
test_path: 'testsuite/integration-arquillian/tests/base/target/surefire-reports/*.xml'
- id: integration-test-setup
name: Integration test setup
uses: ./.github/actions/integration-test-setup
- name: Base test reports
uses: actions/upload-artifact@v3
if: failure()
with:
name: reports-${{ matrix.server }}-base-tests-${{ matrix.tests }}
retention-days: 14
path: reports-${{ matrix.server }}-base-tests-${{ matrix.tests }}.zip
if-no-files-found: ignore
- name: Run base tests
run: |
TESTS=`testsuite/integration-arquillian/tests/base/testsuites/suite.sh database`
echo "Tests: $TESTS"
./mvnw install -nsu -B -Pauth-server-quarkus -Pdb-${{ matrix.db }} -Dtest=$TESTS -pl testsuite/integration-arquillian/tests/base | misc/log/trimmer.sh
### Tests: Quarkus distribution
store-model-tests:
name: Store Model Tests
runs-on: ubuntu-latest
needs: build
timeout-minutes: 60
steps:
- uses: actions/checkout@v3
quarkus-test-cluster:
name: Quarkus Test Clustering
- id: integration-test-setup
name: Integration test setup
uses: ./.github/actions/integration-test-setup
- name: Run model tests
run: testsuite/model/test-all-profiles.sh
clustering-integration-tests:
name: Legacy Clustering IT
needs: build
runs-on: ubuntu-latest
timeout-minutes: 35
@ -378,181 +202,86 @@ jobs:
steps:
- uses: actions/checkout@v3
- uses: actions/setup-java@v3
with:
distribution: 'temurin'
java-version: ${{ env.DEFAULT_JDK_VERSION }}
cache: 'maven'
- id: integration-test-setup
name: Integration test setup
uses: ./.github/actions/integration-test-setup
- name: Cleanup org.keycloak artifacts
run: rm -rf ~/.m2/repository/org/keycloak >/dev/null || true
- name: Download built keycloak
id: download-keycloak
uses: actions/download-artifact@v3
with:
path: ~/.m2/repository/org/keycloak/
name: keycloak-artifacts.zip
- uses: actions/setup-java@v3
with:
distribution: 'temurin'
java-version: ${{ env.DEFAULT_JDK_VERSION }}
- name: Update maven settings
run: mkdir -p ~/.m2 ; cp .github/settings.xml ~/.m2/
- name: Run Quarkus cluster tests
- name: Run cluster tests
run: |
echo '::group::Compiling testsuite'
./mvnw clean install -nsu -B -Pauth-server-quarkus -DskipTests -f testsuite/pom.xml
echo '::endgroup::'
./mvnw clean install -nsu -B -Pauth-server-cluster-quarkus -Dsession.cache.owners=2 -Dtest=**.cluster.** -f testsuite/integration-arquillian/pom.xml | misc/log/trimmer.sh
TEST_RESULT=${PIPESTATUS[0]}
find . -path '*/target/surefire-reports/*.xml' | zip -q reports-quarkus-cluster-tests.zip -@
exit $TEST_RESULT
./mvnw install -nsu -B -Pauth-server-cluster-quarkus -Dsession.cache.owners=2 -Dtest=**.cluster.** -pl testsuite/integration-arquillian/tests/base | misc/log/trimmer.sh
- name: Analyze Test and/or Coverage Results
uses: runforesight/foresight-test-kit-action@v1.3.0
if: always() && github.repository == 'keycloak/keycloak'
with:
api_key: ${{ secrets.FORESIGHT_API_KEY }}
test_format: JUNIT
test_framework: JUNIT
test_path: 'testsuite/integration-arquillian/tests/base/target/surefire-reports/*.xml'
- name: Quarkus cluster test reports
uses: actions/upload-artifact@v3
if: failure()
with:
name: reports-quarkus-cluster-tests
retention-days: 14
path: reports-quarkus-cluster-tests.zip
if-no-files-found: ignore
### Tests: Quarkus distribution
quarkus-tests:
name: Quarkus Tests
needs: build
fips-unit-tests:
name: FIPS UT
runs-on: ubuntu-latest
timeout-minutes: 115
env:
MAVEN_OPTS: -Xmx1024m
needs: build
timeout-minutes: 20
steps:
- uses: actions/checkout@v3
- uses: actions/setup-java@v3
with:
distribution: 'temurin'
java-version: ${{ env.DEFAULT_JDK_VERSION }}
cache: 'maven'
- name: Cleanup org.keycloak artifacts
run: rm -rf ~/.m2/repository/org/keycloak >/dev/null || true
- name: Download built keycloak
id: download-keycloak
uses: actions/download-artifact@v3
with:
path: ~/.m2/repository/org/keycloak/
name: keycloak-artifacts.zip
- name: Update maven settings
run: mkdir -p ~/.m2 ; cp .github/settings.xml ~/.m2/
- id: unit-test-setup
name: Unit test setup
uses: ./.github/actions/unit-test-setup
- name: Prepare the local distribution archives
run: ./mvnw clean install -DskipTests -Pdistribution
- name: Run crypto tests (BCFIPS non-approved mode)
run: ./mvnw install -nsu -B -am -pl crypto/default,crypto/fips1402,crypto/elytron -Dcom.redhat.fips=true
- name: Run Quarkus Integration Tests
- name: Run crypto tests (BCFIPS approved mode)
run: ./mvnw install -nsu -B -am -pl crypto/default,crypto/fips1402,crypto/elytron -Dcom.redhat.fips=true -Dorg.bouncycastle.fips.approved_only=true
fips-integration-tests:
name: FIPS IT
needs: build
runs-on: ubuntu-latest
timeout-minutes: 45
steps:
- uses: actions/checkout@v3
- id: integration-test-setup
name: Integration test setup
uses: ./.github/actions/integration-test-setup
- name: Prepare Quarkus distribution with BCFIPS
run: ./mvnw install -nsu -B -e -pl testsuite/integration-arquillian/servers/auth-server/quarkus -Pauth-server-quarkus,auth-server-fips140-2
- name: Run base tests
run: |
./mvnw clean install -nsu -B -f quarkus/tests/pom.xml | misc/log/trimmer.sh
TEST_RESULT=${PIPESTATUS[0]}
find . -path '*/target/surefire-reports/*.xml' | zip -q reports-quarkus-tests.zip -@
exit $TEST_RESULT
TESTS=`testsuite/integration-arquillian/tests/base/testsuites/suite.sh fips`
echo "Tests: $TESTS"
./mvnw install -nsu -B -Pauth-server-quarkus,auth-server-fips140-2 -Dtest=$TESTS -pl testsuite/integration-arquillian/tests/base | misc/log/trimmer.sh
- name: Run Quarkus Storage Tests
run: |
./mvnw clean install -nsu -B -f quarkus/tests/pom.xml -Ptest-database -Dtest=PostgreSQLDistTest,MariaDBDistTest#testSuccessful,MySQLDistTest#testSuccessful,DatabaseOptionsDistTest,JPAStoreDistTest,HotRodStoreDistTest,MixedStoreDistTest | misc/log/trimmer.sh
TEST_RESULT=${PIPESTATUS[0]}
find . -path '*/target/surefire-reports/*.xml' | zip -q reports-quarkus-tests.zip -@
exit $TEST_RESULT
check-set-status:
name: Set check conclusion
needs:
- unit-tests
- base-integration-tests
- quarkus-integration-tests
- jdk-integration-tests
- new-store-integration-tests
- legacy-store-integration-tests
- store-model-tests
- clustering-integration-tests
- fips-unit-tests
- fips-integration-tests
runs-on: ubuntu-latest
outputs:
conclusion: ${{ steps.check.outputs.conclusion }}
- name: Run Quarkus Tests in Docker
run: |
./mvnw clean install -nsu -B -f quarkus/tests/pom.xml -Dkc.quarkus.tests.dist=docker -Dtest=StartCommandDistTest | misc/log/trimmer.sh
TEST_RESULT=${PIPESTATUS[0]}
exit $TEST_RESULT
steps:
- uses: actions/checkout@v3
- name: Analyze Test and/or Coverage Results
uses: runforesight/foresight-test-kit-action@v1.3.0
if: always() && github.repository == 'keycloak/keycloak'
- id: check
uses: ./.github/actions/checks-success
check:
name: Check
if: always() && ( github.event_name != 'schedule' || github.repository == 'keycloak/keycloak' )
needs: [check-set-status]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Check status
uses: ./.github/actions/checks-job-pass
with:
api_key: ${{ secrets.FORESIGHT_API_KEY }}
test_format: JUNIT
test_framework: JUNIT
test_path: 'quarkus/tests/integration/target/surefire-reports/*.xml'
- name: Quarkus test reports
uses: actions/upload-artifact@v3
if: failure()
with:
name: reports-quarkus-tests
retention-days: 14
path: reports-quarkus-tests.zip
if-no-files-found: ignore
# NOTE: WebAuthn tests can be enabled once the issue #12621 is resolved
#
# webauthn-test:
# name: WebAuthn Tests
# needs: build
# runs-on: ubuntu-latest
# steps:
# - uses: actions/checkout@v2
# with:
# fetch-depth: 2
#
# - name: Check whether this phase should run
# run: echo "GIT_DIFF=$[ $( git diff --name-only HEAD^ | egrep -ic 'webauthn|passwordless' ) ]" >> $GITHUB_ENV
#
# - uses: actions/setup-java@v1
# if: ${{ github.event_name != 'pull_request' || env.GIT_DIFF != 0 }}
# with:
# java-version: ${{ env.DEFAULT_JDK_VERSION }}
#
# - name: Update maven settings
# if: ${{ github.event_name != 'pull_request' || env.GIT_DIFF != 0 }}
# run: mkdir -p ~/.m2 ; cp .github/settings.xml ~/.m2/
#
# - name: Cache Maven packages
# if: ${{ github.event_name != 'pull_request' || env.GIT_DIFF != 0 }}
# uses: actions/cache@v2
# with:
# path: ~/.m2/repository
# key: cache-1-${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
# restore-keys: cache-1-${{ runner.os }}-m2
#
# - name: Cleanup org.keycloak artifacts
# if: ${{ github.event_name != 'pull_request' || env.GIT_DIFF != 0 }}
# run: rm -rf ~/.m2/repository/org/keycloak >/dev/null || true
#
# - name: Download built keycloak
# if: ${{ github.event_name != 'pull_request' || env.GIT_DIFF != 0 }}
# id: download-keycloak
# uses: actions/download-artifact@v2
# with:
# path: ~/.m2/repository/org/keycloak/
# name: keycloak-artifacts.zip
#
# - name: Run WebAuthn tests
# if: ${{ github.event_name != 'pull_request' || env.GIT_DIFF != 0 }}
# run: |
# mvn clean install -nsu -B -Dbrowser=chrome -Pwebauthn -f testsuite/integration-arquillian/tests/other/pom.xml -Dtest=org.keycloak.testsuite.webauthn.**.*Test | misc/log/trimmer.sh
#
# TEST_RESULT=${PIPESTATUS[0]}
# find . -path '*/target/surefire-reports/*.xml' | zip -q reports-webauthn-tests.zip -@
# exit $TEST_RESULT
#
# - name: WebAuthn test reports
# uses: actions/upload-artifact@v2
# if: failure()
# with:
# name: reports-webauthn-tests
# retention-days: 14
# path: reports-webauthn-tests.zip
# if-no-files-found: ignore
conclusion: ${{ needs.check-set-status.outputs.conclusion }}

150
.github/workflows/codeql-analysis.yml vendored Normal file
View file

@ -0,0 +1,150 @@
name: CodeQL
on:
push:
branches-ignore:
- main
- dependabot/**
pull_request:
branches: [main]
schedule:
- cron: 0 9 * * 2
concurrency:
# Only cancel jobs for PR updates
group: codeql-analysis-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
defaults:
run:
shell: bash
jobs:
changes:
name: Check changes
if: github.event_name != 'schedule' || github.repository == 'keycloak/keycloak'
runs-on: ubuntu-latest
outputs:
java: ${{ steps.changes.outputs.java }}
themes: ${{ steps.changes.outputs.themes }}
js-adapter: ${{ steps.changes.outputs.js-adapter }}
steps:
- uses: actions/checkout@v3
- id: changes
uses: ./.github/actions/changed-files
java:
name: CodeQL Java
needs: changes
runs-on: ubuntu-latest
if: needs.changes.outputs.java == 'true'
outputs:
conclusion: ${{ steps.check.outputs.conclusion }}
steps:
- uses: actions/checkout@v3
- name: Initialize CodeQL
uses: github/codeql-action/init@v2.1.36
with:
languages: java
- name: Build Keycloak
uses: ./.github/actions/build-keycloak
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2.1.36
with:
wait-for-processing: true
env:
CODEQL_ACTION_EXTRA_OPTIONS: '{"database":{"interpret-results":["--max-paths",0]}}'
- id: check
uses: ./.github/actions/checks-success
js-adapter:
name: CodeQL JavaScript Adapter
needs: changes
runs-on: ubuntu-latest
if: needs.changes.outputs.js-adapter == 'true'
outputs:
conclusion: ${{ steps.check.outputs.conclusion }}
steps:
- uses: actions/checkout@v3
- name: Initialize CodeQL
uses: github/codeql-action/init@v2.1.36
env:
CODEQL_ACTION_EXTRA_OPTIONS: '{"database":{"finalize":["--no-run-unnecessary-builds"]}}'
with:
languages: javascript
source-root: adapters/oidc/js/src/
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2.1.36
with:
wait-for-processing: true
env:
CODEQL_ACTION_EXTRA_OPTIONS: '{"database":{"interpret-results":["--max-paths",0]}}'
- id: check
uses: ./.github/actions/checks-success
themes:
name: CodeQL Themes
needs: changes
runs-on: ubuntu-latest
if: needs.changes.outputs.themes == 'true'
outputs:
conclusion: ${{ steps.check.outputs.conclusion }}
steps:
- uses: actions/checkout@v3
- name: Initialize CodeQL
uses: github/codeql-action/init@v2.1.36
env:
CODEQL_ACTION_EXTRA_OPTIONS: '{"database":{"finalize":["--no-run-unnecessary-builds"]}}'
with:
languages: javascript
source-root: themes/src/main/
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2.1.36
with:
wait-for-processing: true
env:
CODEQL_ACTION_EXTRA_OPTIONS: '{"database":{"interpret-results":["--max-paths",0]}}'
- id: check
uses: ./.github/actions/checks-success
check:
name: Check
if: always() && ( github.event_name != 'schedule' || github.repository == 'keycloak/keycloak' )
needs: [changes, java, js-adapter, themes]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: CodeQL Java
uses: ./.github/actions/checks-job-pass
with:
required: ${{ needs.changes.outputs.java }}
conclusion: ${{ needs.java.outputs.conclusion }}
- name: CodeQL JavaScript Adapter
uses: ./.github/actions/checks-job-pass
with:
required: ${{ needs.changes.outputs.js-adapter }}
conclusion: ${{ needs.js-adapter.outputs.conclusion }}
- name: CodeQL Themes
uses: ./.github/actions/checks-job-pass
with:
required: ${{ needs.changes.outputs.themes }}
conclusion: ${{ needs.themes.outputs.conclusion }}

View file

@ -1,59 +0,0 @@
# For most projects, this workflow file will not need changing; you simply need
# to commit it to your repository.
#
# You may wish to alter this file to override the set of languages analyzed,
# or to provide custom queries or build logic.
name: "CodeQL Java"
on:
push:
branches-ignore:
- 'main'
- 'dependabot/**'
pull_request:
branches: [main]
paths:
- '**.java'
- '.github/workflows/codeql-java-analysis.yml'
schedule:
- cron: '0 9 * * 2'
concurrency:
# Only run once for latest commit per ref and cancel other (previous) runs.
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
env:
MAVEN_OPTS: -Dhttp.keepAlive=false -Dmaven.wagon.http.pool=false -Dmaven.wagon.http.retryHandler.class=standard -Dmaven.wagon.http.retryHandler.count=3 -Dmaven.wagon.httpconnectionManager.ttlSeconds=120
jobs:
analyze:
name: CodeQL analyze
runs-on: ubuntu-latest
if: github.repository == 'keycloak/keycloak'
steps:
- uses: actions/checkout@v3
- uses: actions/setup-java@v3
with:
distribution: 'temurin'
java-version: '11'
cache: 'maven'
- name: Update maven settings
run: mkdir -p ~/.m2 ; cp .github/settings.xml ~/.m2/
- name: Initialize CodeQL
uses: github/codeql-action/init@v2.1.36
with:
languages: java
- name: Build Keycloak
run: mvn -B install -DskipTests -DskipQuarkus -DskipTestsuite -DskipExamples -DskipTests
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2.1.36
with:
wait-for-processing: true
env:
CODEQL_ACTION_EXTRA_OPTIONS: '{"database":{"interpret-results":["--max-paths",0]}}'

View file

@ -1,62 +0,0 @@
# For most projects, this workflow file will not need changing; you simply need
# to commit it to your repository.
#
# You may wish to alter this file to override the set of languages analyzed,
# or to provide custom queries or build logic.
name: "CodeQL JS Adapter"
on:
push:
branches-ignore:
- 'main'
- 'dependabot/**'
pull_request:
branches: [main]
paths:
- 'adapters/oidc/js/**'
- '.github/workflows/codeql-js-adapter-analysis.yml'
schedule:
- cron: '0 9 * * 2'
concurrency:
# Only run once for latest commit per ref and cancel other (previous) runs.
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
env:
MAVEN_OPTS: -Dhttp.keepAlive=false -Dmaven.wagon.http.pool=false -Dmaven.wagon.http.retryHandler.class=standard -Dmaven.wagon.http.retryHandler.count=3 -Dmaven.wagon.httpconnectionManager.ttlSeconds=120
jobs:
analyze:
name: CodeQL analyze
runs-on: ubuntu-latest
if: github.repository == 'keycloak/keycloak'
steps:
- uses: actions/checkout@v3
- uses: actions/setup-java@v3
with:
distribution: 'temurin'
java-version: '11'
cache: 'maven'
- name: Update maven settings
run: mkdir -p ~/.m2 ; cp .github/settings.xml ~/.m2/
- name: Initialize CodeQL
uses: github/codeql-action/init@v2.1.36
env:
CODEQL_ACTION_EXTRA_OPTIONS: '{"database":{"finalize":["--no-run-unnecessary-builds"]}}'
with:
languages: javascript
source-root: adapters/oidc/js/
- name: Build Keycloak
run: mvn -B install -DskipTests -DskipQuarkus -DskipTestsuite -DskipExamples -DskipTests
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2.1.36
with:
wait-for-processing: true
env:
CODEQL_ACTION_EXTRA_OPTIONS: '{"database":{"interpret-results":["--max-paths",0]}}'

View file

@ -1,62 +0,0 @@
# For most projects, this workflow file will not need changing; you simply need
# to commit it to your repository.
#
# You may wish to alter this file to override the set of languages analyzed,
# or to provide custom queries or build logic.
name: "CodeQL Themes"
on:
push:
branches-ignore:
- 'main'
- 'dependabot/**'
pull_request:
branches: [main]
paths:
- 'themes/src/**'
- '.github/workflows/codeql-theme-analysis.yml'
schedule:
- cron: '0 9 * * 2'
concurrency:
# Only run once for latest commit per ref and cancel other (previous) runs.
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
env:
MAVEN_OPTS: -Dhttp.keepAlive=false -Dmaven.wagon.http.pool=false -Dmaven.wagon.http.retryHandler.class=standard -Dmaven.wagon.http.retryHandler.count=3 -Dmaven.wagon.httpconnectionManager.ttlSeconds=120
jobs:
analyze:
name: CodeQL analyze
runs-on: ubuntu-latest
if: github.repository == 'keycloak/keycloak'
steps:
- uses: actions/checkout@v3
- uses: actions/setup-java@v3
with:
distribution: 'temurin'
java-version: '11'
cache: 'maven'
- name: Update maven settings
run: mkdir -p ~/.m2 ; cp .github/settings.xml ~/.m2/
- name: Initialize CodeQL
uses: github/codeql-action/init@v2.1.36
env:
CODEQL_ACTION_EXTRA_OPTIONS: '{"database":{"finalize":["--no-run-unnecessary-builds"]}}'
with:
languages: javascript
source-root: themes/
- name: Build Keycloak
run: mvn -B install -DskipTests -DskipQuarkus -DskipTestsuite -DskipExamples -DskipTests
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2.1.36
with:
wait-for-processing: true
env:
CODEQL_ACTION_EXTRA_OPTIONS: '{"database":{"interpret-results":["--max-paths",0]}}'

View file

@ -2,49 +2,42 @@ name: Keycloak Operator CI
on:
push:
branches-ignore: [main]
branches-ignore:
- main
- dependabot/**
pull_request:
paths-ignore:
- '.github/workflows/**'
- '!.github/workflows/operator-ci.yml'
schedule:
- cron: '0 20,22,0,2,4 * * *'
- cron: 0 20,23,2,5 * * *
workflow_dispatch:
env:
JDK_VERSION: 11
MINIKUBE_VERSION: "v1.24.0"
KUBERNETES_VERSION: "v1.22.3"
MAVEN_OPTS: -Dhttp.keepAlive=false -Dmaven.wagon.http.pool=false -Dmaven.wagon.http.retryHandler.class=standard -Dmaven.wagon.http.retryHandler.count=3 -Dmaven.wagon.httpconnectionManager.ttlSeconds=120
DEFAULT_JDK_VERSION: 11
DEFAULT_JDK_DIST: temurin
MINIKUBE_VERSION: v1.24.0
KUBERNETES_VERSION: v1.22.3
defaults:
run:
shell: bash
concurrency:
# Only run once for latest commit per ref and cancel other (previous) runs.
group: ${{ github.workflow }}-${{ github.ref }}
# Only cancel jobs for PR updates
group: operator-ci-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
build:
name: Build distribution
if: ${{ ( github.event_name != 'schedule' ) || ( github.event_name == 'schedule' && github.repository == 'keycloak/keycloak' ) }}
if: github.event_name != 'schedule' || github.repository == 'keycloak/keycloak'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Update maven settings
run: mkdir -p ~/.m2 ; cp .github/settings.xml ~/.m2/
- uses: actions/setup-java@v3
- name: Build Keycloak
uses: ./.github/actions/build-keycloak
with:
distribution: 'temurin'
java-version: ${{ env.JDK_VERSION }}
cache: 'maven'
- name: Create the Keycloak distribution
run: |
mvn clean install -Pdistribution -DskipTests -DskipExamples -DskipTestsuite
- name: Store Keycloak distribution
id: store-keycloak
uses: actions/upload-artifact@v3
with:
name: keycloak-distribution
retention-days: 1
path: quarkus/dist/target/keycloak*.tar.gz
upload-m2-repo: false
upload-dist: true
test-local:
name: Test local
@ -52,16 +45,16 @@ jobs:
needs: [build]
steps:
- uses: actions/checkout@v3
- name: Set outputs
- name: Set version
id: vars
run: echo "version_local=0.0.1-${GITHUB_SHA::6}" >> $GITHUB_ENV
- name: Update maven settings
run: mkdir -p ~/.m2 ; cp .github/settings.xml ~/.m2/
- uses: actions/setup-java@v2
with:
distribution: 'temurin'
java-version: ${{ env.JDK_VERSION }}
cache: 'maven'
distribution: ${{ env.DEFAULT_JDK_DIST }}
java-version: ${{ env.DEFAULT_JDK_VERSION }}
- name: Setup Minikube-Kubernetes
uses: manusa/actions-setup-minikube@v2.7.1
with:
@ -69,13 +62,15 @@ jobs:
kubernetes version: ${{ env.KUBERNETES_VERSION }}
github token: ${{ secrets.GITHUB_TOKEN }}
driver: docker
start args: '--addons=ingress'
start args: --addons=ingress
- name: Download keycloak distribution
id: download-keycloak-dist
uses: actions/download-artifact@v3
with:
name: keycloak-distribution
name: keycloak-dist
path: quarkus/container
- name: Build Keycloak Docker images
run: |
eval $(minikube -p minikube docker-env)
@ -84,7 +79,7 @@ jobs:
- name: Test operator running locally
run: |
mvn clean install -Poperator -pl :keycloak-operator -am \
mvn install -Poperator -pl :keycloak-operator -am \
-Dquarkus.kubernetes.image-pull-policy=IfNotPresent \
-Doperator.keycloak.image=keycloak:${{ env.version_local }} \
-Dtest.operator.custom.image=custom-keycloak:${{ env.version_local }} \
@ -97,16 +92,16 @@ jobs:
needs: [build]
steps:
- uses: actions/checkout@v3
- name: Set outputs
- name: Set version
id: vars
run: echo "version_remote=0.0.1-${GITHUB_SHA::6}" >> $GITHUB_ENV
- name: Update maven settings
run: mkdir -p ~/.m2 ; cp .github/settings.xml ~/.m2/
- uses: actions/setup-java@v2
with:
distribution: 'temurin'
java-version: ${{ env.JDK_VERSION }}
cache: 'maven'
distribution: ${{ env.DEFAULT_JDK_DIST }}
java-version: ${{ env.DEFAULT_JDK_VERSION }}
- name: Setup Minikube-Kubernetes
uses: manusa/actions-setup-minikube@v2.7.1
with:
@ -114,13 +109,15 @@ jobs:
kubernetes version: ${{ env.KUBERNETES_VERSION }}
github token: ${{ secrets.GITHUB_TOKEN }}
driver: docker
start args: '--addons=ingress'
start args: --addons=ingress
- name: Download keycloak distribution
id: download-keycloak-dist
uses: actions/download-artifact@v3
with:
name: keycloak-distribution
name: keycloak-dist
path: quarkus/container
- name: Build Keycloak Docker images
run: |
eval $(minikube -p minikube docker-env)
@ -130,7 +127,7 @@ jobs:
- name: Test operator running in cluster
run: |
eval $(minikube -p minikube docker-env)
mvn clean install -Poperator -pl :keycloak-operator -am \
mvn install -Poperator -pl :keycloak-operator -am \
-Dquarkus.container-image.build=true \
-Dquarkus.kubernetes.image-pull-policy=IfNotPresent \
-Doperator.keycloak.image=keycloak:${{ env.version_remote }} \
@ -145,13 +142,12 @@ jobs:
needs: [build]
steps:
- uses: actions/checkout@v3
- name: Update maven settings
run: mkdir -p ~/.m2 ; cp .github/settings.xml ~/.m2/
- uses: actions/setup-java@v2
with:
distribution: 'temurin'
java-version: ${{ env.JDK_VERSION }}
cache: 'maven'
distribution: ${{ env.DEFAULT_JDK_DIST }}
java-version: ${{ env.DEFAULT_JDK_VERSION }}
- name: Setup Minikube-Kubernetes
uses: manusa/actions-setup-minikube@v2.7.1
with:
@ -159,22 +155,27 @@ jobs:
kubernetes version: ${{ env.KUBERNETES_VERSION }}
github token: ${{ secrets.GITHUB_TOKEN }}
driver: docker
- name: Install OPM
uses: redhat-actions/openshift-tools-installer@v1
with:
source: "github"
opm: "1.21.0"
source: github
opm: 1.21.0
- name: Install Yq
run: sudo snap install yq
- name: Install OLM
working-directory: operator
run: ./scripts/install-olm.sh
- name: Download keycloak distribution
id: download-keycloak-dist
uses: actions/download-artifact@v3
with:
name: keycloak-distribution
name: keycloak-dist
path: quarkus/container
- name: Arrange OLM test installation
working-directory: operator
run: |
@ -192,3 +193,33 @@ jobs:
kubectl apply -f src/main/resources/example-realm.yaml
# Wait for the CRs to be ready
./scripts/check-examples-installed.sh
check-set-status:
name: Set check conclusion
needs:
- test-local
- test-remote
- test-olm
runs-on: ubuntu-latest
outputs:
conclusion: ${{ steps.check.outputs.conclusion }}
steps:
- uses: actions/checkout@v3
- id: check
uses: ./.github/actions/checks-success
check:
name: Check
if: always() && ( github.event_name != 'schedule' || github.repository == 'keycloak/keycloak' )
needs: [check-set-status]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Check status
uses: ./.github/actions/checks-job-pass
with:
conclusion: ${{ needs.check-set-status.outputs.conclusion }}

45
.github/workflows/snyk-analysis.yml vendored Normal file
View file

@ -0,0 +1,45 @@
name: Snyk
on:
schedule:
- cron: 0 0 * * *
workflow_dispatch:
defaults:
run:
shell: bash
jobs:
analysis:
name: Analysis of Quarkus and Operator
runs-on: ubuntu-latest
if: github.repository == 'keycloak/keycloak'
steps:
- uses: actions/checkout@v3
- name: Build Keycloak
uses: ./.github/actions/build-keycloak
- uses: snyk/actions/setup@master
- name: Check for vulnerabilities in Quarkus
run: snyk test --policy-path=${GITHUB_WORKSPACE}/.github/snyk/.snyk --all-projects --prune-repeated-subdependencies --exclude=tests --sarif-file-output=quarkus-report.sarif quarkus
continue-on-error: true
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
- name: Upload Quarkus scanner results to GitHub
uses: github/codeql-action/upload-sarif@v2.1.36
with:
sarif_file: quarkus-report.sarif
- name: Check for vulnerabilities in Operator
run: snyk test --policy-path=${GITHUB_WORKSPACE}/.github/snyk/.snyk --all-projects --prune-repeated-subdependencies --exclude=tests --sarif-file-output=operator-report.sarif operator
continue-on-error: true
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
- name: Upload Operator scanner results to GitHub
uses: github/codeql-action/upload-sarif@v2.1.36
with:
sarif_file: operator-report.sarif

View file

@ -1,68 +0,0 @@
name: "Snyk"
on:
schedule:
- cron: "0 0 * * *"
env:
DEFAULT_JDK_VERSION: 11
MAVEN_OPTS: -Dhttp.keepAlive=false -Dmaven.wagon.http.pool=false -Dmaven.wagon.http.retryHandler.class=standard -Dmaven.wagon.http.retryHandler.count=3 -Dmaven.wagon.httpconnectionManager.ttlSeconds=120
jobs:
quarkus:
name: Quarkus
runs-on: ubuntu-latest
if: ${{ github.repository == 'keycloak/keycloak' }}
steps:
- name: Checkout repository
uses: actions/checkout@v3
- uses: actions/setup-java@v3
with:
java-version: ${{ env.DEFAULT_JDK_VERSION }}
distribution: temurin
cache: maven
- name: Build Quarkus
run: mvn -Psnyk-quarkus -pl quarkus/dist -am -DskipTests clean install
- uses: snyk/actions/setup@master
- name: Check for vulnerabilities
run: snyk test --policy-path=${GITHUB_WORKSPACE}/.github/snyk/.snyk --all-projects --prune-repeated-subdependencies --exclude=tests --sarif-file-output=quarkus-report.sarif quarkus
continue-on-error: true
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
- name: Upload scanner results to GitHub
uses: github/codeql-action/upload-sarif@v2.1.36
with:
sarif_file: quarkus-report.sarif
operator:
name: Operator
runs-on: ubuntu-latest
if: ${{ github.repository == 'keycloak/keycloak' }}
steps:
- name: Checkout repository
uses: actions/checkout@v3
- uses: actions/setup-java@v3
with:
java-version: ${{ env.DEFAULT_JDK_VERSION }}
distribution: temurin
cache: maven
- name: Build Keycloak
run: mvn -Poperator -pl operator -am -DskipTests clean install
- uses: snyk/actions/setup@master
- name: Check for vulnerabilities for the Operator
run: snyk test --policy-path=${GITHUB_WORKSPACE}/.github/snyk/.snyk --all-projects --prune-repeated-subdependencies --exclude=tests --sarif-file-output=operator-report.sarif operator
continue-on-error: true
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
- name: Upload scanner results for the Operator to GitHub
uses: github/codeql-action/upload-sarif@v2.1.36
with:
sarif_file: operator-report.sarif

View file

@ -1,63 +1,36 @@
name: Trivy
on:
workflow_dispatch:
schedule:
- cron: "0 6 * * *"
- cron: 0 6 * * *
workflow_dispatch:
defaults:
run:
shell: bash
jobs:
quarkus-dist:
name: Vulnerability scanner for Quarkus distribution images
runs-on: "ubuntu-18.04"
analysis:
name: Vulnerability scanner for nightly containers
runs-on: ubuntu-latest
if: github.repository == 'keycloak/keycloak'
strategy:
matrix:
container: [keycloak, keycloak-operator]
fail-fast: false
steps:
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@9ab158e8597f3b310480b9a69402b419bc03dbd5
with:
image-ref: 'quay.io/keycloak/keycloak:nightly'
format: 'template'
image-ref: quay.io/keycloak/${{ matrix.container}}:nightly
format: template
template: '@/contrib/sarif.tpl'
output: 'trivy-results.sarif'
severity: 'MEDIUM,CRITICAL,HIGH'
output: trivy-results.sarif
severity: MEDIUM,CRITICAL,HIGH
ignore-unfixed: true
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2.1.36
with:
sarif_file: 'trivy-results.sarif'
legacy-dist:
name: Vulnerability scanner for WildFly distribution images
runs-on: "ubuntu-18.04"
steps:
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@9ab158e8597f3b310480b9a69402b419bc03dbd5
with:
image-ref: 'quay.io/keycloak/keycloak:legacy'
format: 'template'
template: '@/contrib/sarif.tpl'
output: 'legacy-results.sarif'
severity: 'MEDIUM,CRITICAL,HIGH'
ignore-unfixed: true
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2.1.36
with:
sarif_file: 'legacy-results.sarif'
keycloak-operator:
name: Vulnerability scanner for Keycloak Operator distribution images
runs-on: "ubuntu-18.04"
steps:
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@9ab158e8597f3b310480b9a69402b419bc03dbd5
with:
image-ref: 'quay.io/keycloak/keycloak-operator:nightly'
format: 'template'
template: '@/contrib/sarif.tpl'
output: 'operator-results.sarif'
severity: 'MEDIUM,CRITICAL,HIGH'
ignore-unfixed: true
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2.1.36
with:
sarif_file: 'operator-results.sarif'
sarif_file: trivy-results.sarif

3
.gitignore vendored
View file

@ -83,3 +83,6 @@ quarkus/data/*.db
# Git ephemeral files
*.versionsBackup
# Node.js for frontend-maven-plugin #
node

View file

@ -77,6 +77,7 @@
</executions>
<configuration>
<nodeVersion>${node.version}</nodeVersion>
<installDirectory>../../../</installDirectory>
</configuration>
</plugin>
</plugins>

View file

@ -44,6 +44,11 @@ public class QuarkusPlatform implements PlatformProvider {
private static final Logger log = Logger.getLogger(QuarkusPlatform.class);
@Override
public String name() {
return "Quarkus";
}
public static void addInitializationException(Throwable throwable) {
QuarkusPlatform platform = (QuarkusPlatform) Platform.getPlatform();
platform.addDeferredException(throwable);

View file

@ -23,6 +23,8 @@ import org.keycloak.Config;
public interface PlatformProvider {
String name();
void onStartup(Runnable runnable);
void onShutdown(Runnable runnable);

View file

@ -37,21 +37,6 @@
<modules>
<module>services</module>
<module>undertow</module>
<module>quarkus</module>
</modules>
<profiles>
<profile>
<id>auth-server-quarkus</id>
<modules>
<module>quarkus</module>
</modules>
</profile>
<profile>
<id>auth-server-cluster-quarkus</id>
<modules>
<module>quarkus</module>
</modules>
</profile>
</profiles>
</project>

View file

@ -115,26 +115,4 @@
</plugin>
</plugins>
</build>
<profiles>
<profile>
<id>auth-server-quarkus</id>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-jar-plugin</artifactId>
<configuration>
<excludes>
<!-- For quarkus we don't want the test provider installed to avoid false positives -->
<!-- Themes from providers are automatically registered -->
<excludes>**/TestThemeResourceProvider**</excludes>
<excludes>**/org.keycloak.theme.ThemeResourceProviderFactory</excludes>
</excludes>
</configuration>
</plugin>
</plugins>
</build>
</profile>
</profiles>
</project>

View file

@ -1,11 +1,22 @@
package org.keycloak.testsuite.theme;
import org.keycloak.platform.Platform;
import org.keycloak.provider.EnvironmentDependentProviderFactory;
import org.keycloak.theme.ClasspathThemeResourceProviderFactory;
public class TestThemeResourceProvider extends ClasspathThemeResourceProviderFactory {
public class TestThemeResourceProvider extends ClasspathThemeResourceProviderFactory implements EnvironmentDependentProviderFactory {
public TestThemeResourceProvider() {
super("test-resources", TestThemeResourceProvider.class.getClassLoader());
}
/**
* Quarkus detects theme resources automatically, so this provider should only be enabled on Undertow
*
* @return true if platform is Undertow
*/
@Override
public boolean isSupported() {
return Platform.getPlatform().name().equals("Undertow");
}
}

View file

@ -0,0 +1,47 @@
account,4
actions,1
adapter,2
admin,1
authz,3
broker,3
cli,4
client,4
cluster,IGNORED
composites,4
cookies,4
crossdc,IGNORED
docker,4
domainextension,4
error,4
events,4
exportimport,4
feature,4
federation,5
forms,5
i18n,5
jaas,5
javascript,5
keys,4
login,4
metrics,4
migration,4
model,6
oauth,6
oidc,6
openshift,6
policy,6
runonserver,6
saml,6
script,6
session,6
sessionlimits,6
ssl,6
theme,6
transactions,6
url,6
user,4
util,4
validation,6
vault,4
welcomepage,6
x509,4

View file

@ -0,0 +1,43 @@
#!/bin/bash -e
GROUP="$1"
if [ "$GROUP" == "" ]; then
echo 'Usage: base-suite.sh <group>'
exit
fi
cd "`readlink -f "$0" | xargs dirname`"
TESTSUITE_FILE='base-suite'
TEST_DIR='../src/test/java/org/keycloak/testsuite'
BASE_PACKAGE='org.keycloak.testsuite'
PACKAGES=`cat $TESTSUITE_FILE | grep -v '^[[:space:]]*$' | grep -v '^[[:space:]]*#'`
# Check all packages in testsuite are included
for i in `ls -d $TEST_DIR/*/ | sed "s|$TEST_DIR||g" | sed "s|/||g"`; do
if ( ! cat $TESTSUITE_FILE | grep "^$i," >/dev/null ); then
echo "Package 'org.keycloak.testsuite.$i' not defined in base-suite"
exit 1
fi
done
SEP=""
TESTS=""
for i in `echo $PACKAGES`; do
PACKAGE=`echo $i | cut -d ',' -f 1`
PACKAGE_GROUP=`echo $i | cut -d ',' -f 2`
# Check package exists
if [ ! -d "$TEST_DIR/$PACKAGE" ]; then
echo "Package 'org.keycloak.testsuite.$PACKAGE' not found"
exit 1
fi
if [ "$GROUP" == "$PACKAGE_GROUP" ]; then
TESTS="$TESTS$SEP$BASE_PACKAGE.$PACKAGE.**"
SEP=','
fi
done
echo "$TESTS"

View file

@ -0,0 +1,18 @@
AccountRestServiceTest
AuthorizationCodeTest
AuthorizationTest
ClientRegistrationTest
EventStoreProviderTest
ExportImportTest
GeneratedRsaKeyProviderTest
KcOidcBrokerTest
LDAPUserLoginTest
LoginTest
PasswordPolicyTest
RequiredActionUpdateProfileTest
SSOTest
SamlClientTest
TransactionsTest
UserProfileTest
org.keycloak.testsuite.admin.**
org.keycloak.testsuite.authz.**ManagementTest

View file

@ -0,0 +1,15 @@
org.keycloak.testsuite.forms.**
ClientAuthSignedJWTTest
CredentialsTest
JavaKeystoreKeyProviderTest
ServerInfoTest
UserFederationLdapConnectionTest
LDAPUserLoginTest
org.keycloak.testsuite.x509.**
MutualTLSClientTest
FAPI1Test
FAPICIBATest
KcRegTest
KcRegCreateTest
KcAdmTest
KcAdmCreateTest

View file

@ -0,0 +1,17 @@
AccountRestServiceTest
AuthorizationCodeTest
CredentialsTest
DeployedScriptAuthenticatorTest
ExportImportTest
GeneratedRsaKeyProviderTest
JavaKeystoreKeyProviderTest
KcOidcBrokerTest
KerberosLdapTest
LDAPUserLoginTest
LoginTest
MutualTLSClientTest
PasswordPolicyTest
SSOTest
SamlClientTest
TransactionsTest
X509BrowserLoginTest

View file

@ -0,0 +1,35 @@
#!/bin/bash -e
GROUP="$1"
if [ "$GROUP" == "" ]; then
echo 'Usage: suite.sh <group>'
exit
fi
cd "`readlink -f "$0" | xargs dirname`"
TEST_DIR="../src/test/java/"
SUITE_FILE="$GROUP-suite"
if [ ! -f "$SUITE_FILE" ]; then
echo "$SUITE_FILE not found"
exit 1
fi
SEP=""
TESTS=""
for i in `cat "$SUITE_FILE" | grep -v '^[[:space:]]*$' | grep -v '^[[:space:]]*#'`; do
# Check test exists, ignoring checking packages for now
if [[ "$i" != *'.'* ]]; then
SEARCH=`find "$TEST_DIR" -name "$i.java"`
if [ "$SEARCH" == "" ]; then
echo "$i not found in testsuite"
exit 1
fi
fi
TESTS="$TESTS$SEP$i"
SEP=","
done
echo "$TESTS"

View file

@ -41,6 +41,11 @@ public class TestPlatform implements PlatformProvider {
);
}
@Override
public String name() {
return "Undertow";
}
@Override
public void onStartup(Runnable startupHook) {
startupHook.run();

View file

@ -134,7 +134,7 @@
</executions>
<configuration>
<nodeVersion>${node.version}</nodeVersion>
<installDirectory>${project.basedir}</installDirectory>
<installDirectory>../</installDirectory>
</configuration>
</plugin>
</plugins>
@ -187,7 +187,7 @@
</executions>
<configuration>
<nodeVersion>${node.version}</nodeVersion>
<installDirectory>${project.basedir}</installDirectory>
<installDirectory>../</installDirectory>
</configuration>
</plugin>
</plugins>