Commit graph

270 commits

Author SHA1 Message Date
dependabot[bot]
146e9e669d Bump github/codeql-action from 2.1.15 to 2.1.16
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.15 to 2.1.16.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v2.1.15...v2.1.16)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-07-18 10:05:28 -03:00
Pedro Igor
f6a2b334d1
Integrate the JPA map store (#13097)
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
2022-07-14 17:47:51 -03:00
Alexander Schwartz
a1c0e5b113 Minimize workflow runs on Dependabot updates
Workflows will only run when their own workflow file changes, not on other workflow files. Dependabot branches are ignored for "push" builds, will only run on "pull" builds as code scanning on dependabot is not available for "push" builds.

Closes #12911
2022-07-06 12:46:46 -03:00
dependabot[bot]
2309b6d571 Bump aquasecurity/trivy-action from 0.4.1 to 0.5.1
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.4.1 to 0.5.1.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](49e970d7ac...0105373003)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-07-05 11:25:43 -03:00
dependabot[bot]
cb76210cbc Bump github/codeql-action from 2.1.12 to 2.1.15
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.12 to 2.1.15.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v2.1.12...v2.1.15)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-07-05 11:23:23 -03:00
Alexander Schwartz
b5ca03222f
Building the test-jar as it is one of the dependencies of the keycloak-crypto-fips1402 module (#12921) 2022-07-05 11:17:34 -03:00
Alexander Schwartz
c02059e0e5 Building the test-jar as it is one of the dependencies of the keycloak-crypto-fips1402 module
Also, ensure to run the workflow on changes to the workflow file.

Closes #12866
2022-07-01 10:29:43 -03:00
andreaTP
006aea300d A better structure for config-api 2022-06-28 11:33:44 -03:00
Hynek Mlnarik
ffc1265e9a Fix typo in ci.yml
Fixes: #12690
2022-06-28 09:06:35 -03:00
dependabot[bot]
12093753e9 Bump aquasecurity/trivy-action from 0.3.0 to 0.4.1
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.3.0 to 0.4.1.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](4b9b6fb4ef...49e970d7ac)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-06-22 10:07:16 -03:00
Václav Muzikář
2c1fc739f0 Explicitly set failIfNoSpecifiedTests to false 2022-06-21 12:26:17 -03:00
Václav Muzikář
2ba38d9fdc Fix clustering tests 2022-06-20 21:42:46 +02:00
andreaTP
36d258537a Fix operator CI installing modules locally 2022-06-20 09:22:10 -03:00
dependabot[bot]
fcf14c8574 Bump github/codeql-action from 2.1.11 to 2.1.12
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.11 to 2.1.12.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v2.1.11...v2.1.12)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-06-14 11:53:39 -03:00
Václav Muzikář
105d3b955b Refactor Operator test packages 2022-06-13 10:01:43 -03:00
Bruno Oliveira da Silva
cd1ea3054e
Snyk workflow failing while building Quarkus (#12389)
Resolves #12380
2022-06-10 10:18:07 -03:00
Dominik Guhr
c4001ba198 Fix running operator image tests with prebuilt image
Closes #9898

Co-authored-by: Andrea Peruffo <andrea.peruffo1982@gmail.com>
2022-06-09 09:55:26 -03:00
Pedro Igor
c18b87af5f Keycloak server fails to start when using different named schema
Closes #12219
2022-06-08 09:10:25 -03:00
andreaTP
8f54f03f17 Fix CodeQl actions syntax 2022-05-31 08:53:42 -03:00
andreaTP
d66710205c Refactor dist config to a common module 2022-05-26 12:07:03 -03:00
Alexander Schwartz
8fe263e7b3 Build operator dependencies first before testing it
Closes #11641
2022-05-25 16:40:13 -03:00
Pedro Igor
6156272f39
Persisted config source not loading properties at runtime (#12157)
Co-authored-by: Dominik Guhr <dguhr@redhat.com>
2022-05-25 16:29:37 -03:00
dependabot[bot]
6dda69a634
Update github/codeql-action from 2.1.10 to 2.1.11 (#12150)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-25 10:51:51 -03:00
andreaTP
756b6c2f87 Filter CodeQL actions to only run on main repo 2022-05-24 17:51:16 -03:00
vramik
7fdd3cf965 Add conditional step to GHA for testing jpa-map storage with postgres
Closes #12046
2022-05-20 09:22:10 +02:00
andreaTP
45193dba0e Use wait-for-processing in CodeQl actions 2022-05-19 11:47:33 -03:00
Bruno Oliveira da Silva
58956aa0b4 Publish container images on Docker Hub
Resolves #11986

Co-authored-by: andreaTP <andrea.peruffo1982@gmail.com>
2022-05-18 08:01:28 -03:00
dependabot[bot]
3ff3aeba29
Update aquasecurity/trivy-action from 0.2.5 to 0.3.0 (#12016)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-16 19:27:23 -03:00
dependabot[bot]
1611629c5c
Update github/codeql-action from 2.1.9 to 2.1.10 (#12017)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-16 19:27:02 -03:00
Martin Bartoš
06b6e7ed7b Include WebAuthn tests to GH Actions
Closes #9502
2022-05-16 08:35:40 +02:00
Bruno Oliveira da Silva
83ef30c106
Update GitHub actions dependencies (#11952)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: andreaTP <andrea.peruffo1982@gmail.com>
2022-05-12 09:53:59 -03:00
Michal Hajas
fc974fc019 Update composite roles on child role removal
Closes #11769
2022-05-05 15:18:18 +02:00
vramik
5248815091 Disable infinispan realm and user cache for map storage tests
Closes #11213
2022-04-25 09:38:49 +02:00
Stian Thorgersen
aaaec9f6f5
Add Maven Wrapper (#11031) 2022-04-22 15:24:39 +02:00
Andrea Peruffo
7986872ae0
Inject the operand version as env var (#11511) 2022-04-20 11:09:08 +02:00
andreaTP
8b1869482d fix Operator CI 2022-04-19 14:27:55 -03:00
andreaTP
fe9347c9ec Use the setup-java action cache option 2022-04-19 11:20:35 -03:00
andreaTP
a558d2f546 OLM tests using ttl.sh 2022-04-19 09:44:25 -03:00
dependabot[bot]
cb4cd279ab
Bump aquasecurity/trivy-action to 0.2.3 (#11274)
Resolves #11308

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-14 05:55:56 -03:00
dependabot[bot]
df1c3b1a8d
Bump actions/setup-java from 2 to 3 (#11275)
Resolves #11307

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-14 05:52:59 -03:00
dependabot[bot]
db229ee55e
Bump github/codeql-action from 2.1.7 to 2.1.8 (#11273)
Resolves #11306

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-14 05:49:32 -03:00
Václav Muzikář
20d037a4ad Revert Operator CI 2022-04-11 12:33:22 -03:00
Bruno Oliveira da Silva
0ff92df01f Suppress Snyk false positives
Resolves #11203
2022-04-09 09:17:30 -03:00
Andrea Peruffo
7816e69e38
Build the Olm bundle and test it in CI (#10949)
* Building the OLM bundle

* kustomize the main CRD for the OLM bundle

* minor fixes
2022-04-08 10:22:01 +02:00
Bruno Oliveira da Silva
eade942482 CodeQL analysis always fails
Resolves #11123
2022-04-07 07:36:42 -03:00
andreaTP
53aab7fc28 Use temurin instead of zulu in CI 2022-03-31 10:23:42 -03:00
andreaTP
f93a7d63f7 Switch to auto-build off in case of custom images 2022-03-30 12:46:32 -03:00
Bruno Oliveira da Silva
034775f311 Trigger Trivy workflow after the build of our nightly images
Resolves #11011
2022-03-30 12:41:37 -03:00
Bruno Oliveira da Silva
8cd2c97982 Fix the breaking changes introduced by setup-java 2022-03-30 11:53:00 -03:00
Bruno Oliveira da Silva
b09728762e Update to the latest version of the official actions used by Keycloak
Resolves #10971
2022-03-30 11:53:00 -03:00
Bruno Oliveira da Silva
7b10d02cbd Introduce an additional dependency scanner for Keycloak
Resolves #10807

Co-authored-by: Jon Koops <jonkoops@gmail.com>
2022-03-30 10:09:14 -03:00
Bruno Oliveira da Silva
19e55650a2
Automatic scan Keycloak docker image for vulnerabilities (#10777)
* Automatic scan Keycloak docker image for vulnerabilities

The changes proposed here will run Trivy scanner twice a day to search
vulnerabilities into our main images.

Resolves #10764

Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>

* Update .github/workflows/trivy-analysis.yml

Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Co-authored-by: Stian Thorgersen <stian@redhat.com>
2022-03-29 16:17:20 +02:00
Andrea Peruffo
e3935f669d
Run CI on main only on schedule (#10942) 2022-03-29 15:10:20 +02:00
andreaTP
6621fb3988 Publish operator image to Quay 2022-03-16 10:17:45 -03:00
andreaTP
c3348c8931 Deploy a default ingress along with the Deployment 2022-03-16 09:54:48 -03:00
Bruno Oliveira da Silva
6ebad26904
Failure to upload the SARIF file on pull requests (#10725)
The changes proposed here will resolve the issues we have with
pull-request after the merge of #10606. It creates 3 different
workflows to conditionally execute the job based on changes submitted.

A detailed explanation about the issue can be found on #10717.

Resolves #10717
2022-03-15 08:59:59 +01:00
Stian Thorgersen
4eb1720259
GitHub Action to release Keycloak container (#10683)
Closes #10682
2022-03-15 08:58:44 +01:00
Bruno Oliveira da Silva
f06ba05405
The CodeQL analysis is broken due to the large content of the SARIF file (#10606)
The issue was originally caused by high number of flows paths per alert
generated by the LDAP federation module. That was identified taking the
SARIF file generated and running:

```
jq '.runs[0].results | map({query_id: .rule.id, numPaths: .codeFlows |
length})' java.sarif

```

Together we reduced the number of flows paths, adding optimizations to
skip some paths and avoid false alerts.

Co-authored-by: Bruno Oliveira da Silva <bruno@abstractj.com>

Closes #10203

Co-authored-by: Joshua Mulliken <joshua@mulliken.net>
2022-03-11 13:55:17 +01:00
Jonathan Vila
c4b978b6c8 Operator Clustering support
Co-authored-by: Jonathan Vila <jvilalop@redhat.com>
Co-authored-by: Andrea Peruffo <andrea.peruffo1982@gmail.com>
2022-03-03 16:22:01 -03:00
andreaTP
8e6489459d Fix operator CI 2022-02-28 13:06:41 +01:00
andreaTP
6bce8b80b9 Add extensions as init container 2022-02-24 15:17:38 -03:00
Stian Thorgersen
1df842eb4b Update codeql-analysis.yml 2022-02-21 13:33:35 -03:00
Andrea Peruffo
c826bab01d
Run the operator locally to verify dev env in GH actions (#10150) 2022-02-16 12:26:04 +01:00
Stian Thorgersen
fa87d46210
Remove additional repositories where they are not needed. Set updatePolicy for GA. (#10047)
Closes: #10133
2022-02-16 08:59:05 +01:00
andreaTP
541043c862 Run the operator tests using a fresh build of Keycloak 2022-02-15 10:01:53 -03:00
Bruno Oliveira da Silva
38d817b7b9 Configure CodeQL to perform the analysis of the main branch
The CodeQL configuration file still has some references to the old
branch `master`, that means that most of the information provided by the
tool must be outdated.  Change it is necessary to perform the correct
analysis of the codebase.

Closes #10103
2022-02-10 09:57:53 -03:00
Jonathan Vila
3fd725a3f5
Test Baseline (#9625)
Closes #9174

Signed-off-by: jonathan <jvilalop@redhat.com>
2022-02-03 09:38:45 +01:00
Dominik Guhr
829e2a9a3e
Change test order (#9911)
Closes #9910
2022-02-01 14:08:44 +01:00
Bruno Oliveira da Silva
f2430c0994 Exclude some folders from our SAST analysis
Currently, the CodeQL scanner has been analyzing the whole
codebase,including folders like testsuite, or examples. Those folders
are not relevant from the security standpoint, considering that they do
not expose our users and customers to any risks. They are only relevant
in the context of our pipelines, but never used in production.

Closes #9631
2022-01-20 18:42:39 -03:00
Andrea Peruffo
8c5e158db4
Baseline for the new Keycloak operator (#9381)
* Baseline for the new Keycloak operator

* v2alpha1 and better kustomization setup
2022-01-12 09:06:10 +01:00
Pedro Igor
981cda5bfd Database configuration tests
Closes #9293
2022-01-05 09:26:46 -08:00
andreaTP
8750d94140 [KEYCLOAK-19847] - Restore Docker Dist tests coverage 2021-12-07 04:56:52 -08:00
Pedro Igor
9a4ab82d08 [KEYCLOAK-19847] - Optimizations and refactoring for better/stable startup time 2021-12-02 08:57:23 -08:00
Andrea Peruffo
cd5ccdbf3e
[KEYCLOAK-19311] Add testcontainers to Dist.X Integration Tests (#8946)
* Supporting running tests against the server image using test containers
2021-11-29 11:20:50 -03:00
Andrea Peruffo
79931fd607
[KEYCLOAK-19311] Distx IT tests improvements (#8930)
* Testcontainers support to Dist.X testsuite
2021-11-29 09:28:04 -03:00
andreaTP
0ada9bf280 Retention of Keycloak artifacts to 1 2021-11-29 09:13:05 +01:00
Pedro Igor
e1916fbdb1 [KEYCLOAK-19311] - Baseline for Dist.X tests 2021-11-24 05:06:53 -08:00
Michal Hajas
2f9a5aae0f KEYCLOAK-19028 Add HotRod Map storage implementation 2021-11-11 14:10:00 +01:00
Václav Muzikář
adda65deb6 KEYCLOAK-19756 Update the quickstarts to remove problematic language in the repository 2021-11-03 16:29:42 -03:00
Pedro Igor
aa018295c4 [KEYCLOAK-17866] - Upgrade to Quarkus v2 2021-09-10 11:21:09 -03:00
Bruno Oliveira da Silva
c8bee9fac4 [KEYCLOAK-19130] Remove snyk workflow from the Keycloak repository 2021-08-30 09:31:09 +02:00
Bruno Oliveira da Silva
9e9e716369
Create snyk.yml 2021-08-17 20:10:37 -03:00
Lukas Hanusovsky
1ea0232aca KEYCLOAK-16534 -> New quickstarts scripts folder. 2021-07-22 08:43:59 -03:00
Hynek Mlnarik
11b72d20e7 KEYCLOAK-18147 Fix CodeQL failures 2021-07-01 08:42:21 +02:00
Václav Muzikář
f9d4f3c7c2 KEYCLOAK-18023 GH Actions unable to build KC 2021-05-06 10:39:26 -03:00
Václav Muzikář
f2c08e9b8f KEYCLOAK-17743 Run QS tests with each PR in the Keycloak repo 2021-05-04 13:12:18 -03:00
vramik
b4c85c83e6 KEYCLOAK-17944 AccountBrokerTest fails with SocketTimeoutException in GHA / map 2021-05-04 11:05:11 +02:00
vramik
de79493294 KEYCLOAK-17896 Add maven profile for map storage 2021-04-28 21:05:42 +02:00
vramik
162043beec KEYCLOAK-17615 Move database initialization from KeycloakApplication to JpaConnectionProviderFactory 2021-04-28 13:43:48 +02:00
Martin Kanis
515bfb5064 KEYCLOAK-16378 User / client session map store
Co-authored-by: Martin Kanis <mkanis@redhat.com>
Co-authored-by: Hynek Mlnarik <hmlnarik@redhat.com>
2021-04-28 09:09:15 +02:00
Pedro Igor
6d17117f42 Upgrading to Quarkus 1.13.2.Final 2021-04-26 07:58:39 -03:00
Michal Hajas
1e2db74d86 KEYCLOAK-16932 Authorization map storage 2021-04-16 17:26:16 +02:00
Jan Lieskovsky
07ea524433 [KEYCLOAK-17326] Fix:
$ git diff --name-only HEAD^
fatal: ambiguous argument 'HEAD^': unknown revision or path not in the working tree.
Use '--' to separate paths from revisions, like this:
'git <command> [<revision>...] -- [<file>...]'

GHA failure on 'Test Clustering on Wildfly' phase. See e.g. recent:
  https://github.com/keycloak/keycloak/pull/7705/checks?check_run_id=2023996258

Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
2021-03-31 17:40:50 +02:00
Jan Lieskovsky
55cd56b636 [KEYCLOAK-17315] Enable run of clustering and Cross-DC tests on Wildfly
within GitHub actions also for changes upgrading Keycloak to next
Wildfly version

Also, update GIT_DIFF evaluation per Hynek's suggestion. Thanks, Hynek!

Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
Co-authored-by: Hynek Mlnařík <hmlnarik@users.noreply.github.com>
2021-03-31 17:40:50 +02:00
vramik
185075d373 KEYCLOAK-14552 Realm Map Store 2021-03-31 15:49:03 +02:00
vramik
6e501946b1 KEYCLOAK-17021 Client Scope map store 2021-03-08 21:59:28 +01:00
Michal Hajas
8e376aef51
KEYCLOAK-15847 Add MapUserProvider 2020-12-10 08:57:53 +01:00
Hynek Mlnarik
8c0c542f09 KEYCLOAK-16489 Add ability to run model tests with LDAP 2020-12-07 20:54:06 +01:00
Martin Kanis
f6be378eca KEYCLOAK-14556 Authentication session map store 2020-12-07 20:48:59 +01:00
Hynek Mlnarik
c8d2d1bb1f KEYCLOAK-16323 Speedup GHA 2020-11-20 09:47:01 +01:00
Hynek Mlnarik
6206c98a8f KEYCLOAK-16158 Fix error reporting 2020-11-13 14:20:41 +01:00
Pedro Igor
7ad1c350a3 [KEYCLOAK-16245] - Update Quarkus 1.10.0.CR1 2020-11-12 13:21:08 -03:00
Hynek Mlnarik
2fd6deaf63 KEYCLOAK-16217 Fix compilation errors 2020-11-10 14:26:49 +01:00
Hynek Mlnarik
f2856385bd KEYCLOAK-16189 Publish surefire reports 2020-11-06 13:52:29 +01:00
Martin Kanis
db026e5566 KEYCLOAK-16155 Add cluster tests to GitHub Actions 2020-11-05 17:32:24 +01:00
Hynek Mlnarik
f93924e782 KEYCLOAK-16156 Optimize maven repo handling 2020-11-05 17:24:05 +01:00
Martin Kanis
7b5fdc9c0d KEYCLOAK-16147 KEYCLOAK-16148 Add crossdc tests to GitHub Actions 2020-11-05 09:06:27 +01:00
Martin Kanis
6c1f92bee3 KEYCLOAK-16166 Remove adapter-tests from GitHub Actions 2020-11-04 09:13:56 +01:00
stianst
a43d0a9dbd KEYCLOAK-16144 Added unit tests to GA 2020-11-04 08:45:11 +01:00
Martin Kanis
6f6c21333b KEYCLOAK-16145 Add adapter-tests to GitHub Actions 2020-11-03 13:20:03 +01:00
vramik
785f2e78bc KEYCLOAK-14977 create MapRoleProvider 2020-10-30 08:15:22 +01:00
Stian Thorgersen
dc4959a8f9
Create codeql-analysis.yml 2020-10-23 08:40:43 +02:00
mposolda
4fd1950f5c KEYCLOAK-15910 Rename "cluster.enabled" to "clustered". Fix test and minor cleanup. Adding GH action for quarkus unit test 2020-10-09 15:27:47 -03:00
mhajas
12bc84322a KEYCLOAK-14974 Map group storage provider 2020-09-21 15:56:32 +02:00
Hynek Mlnarik
c566b46e8f KEYCLOAK-14549 Make ClientProvider independent of RealmProvider
Co-Authored-By: vramik <vramik@redhat.com>
2020-07-22 00:08:15 +02:00
Pedro Igor
582046bbfe [KEYCLOAK-13141] - Fixing filter 2020-07-15 11:00:55 -03:00
Pedro Igor
1db1deb066 [KEYCLOAK-13141] - Supporting re-augmentation 2020-07-10 11:04:46 -03:00
Pedro Igor
337a751aaa [KEYCLOAK-11330] - Clustering tests for GA 2020-06-24 17:23:45 +02:00
Pedro Igor
2e533c4cdb [KEYCLOAK-11330] - Quarkus Git Hub Actions 2020-06-18 09:18:44 -03:00
stianst
0e952a5a9f KEYCLOAK-14229 Add GitHub Actions 2020-06-09 08:25:47 +02:00