Commit graph

302 commits

Author SHA1 Message Date
dependabot[bot]
6f802b5c1f Bump github/codeql-action from 2.1.34 to 2.1.36
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.34 to 2.1.36.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v2.1.34...v2.1.36)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-12-14 07:51:25 -03:00
Stian Thorgersen
21cce0a1d3
Update bug issue form to add checkboxes for search/latest release (#15891) 2022-12-07 15:12:49 +01:00
mposolda
264c5a6cdb Support for KcReg and KcAdm CLI to use BCFIPS instead of BC on FIPS platforms
Closes #14968
2022-12-06 13:02:46 +01:00
Pedro Igor
1673906a54 Improving quarkus testsuite execution time
Closes #13544
2022-12-05 15:06:36 +01:00
Stian Thorgersen
24ace9a0f7
Disable cancelling concurrent jobs in Keycloak CI (#15784)
Co-authored-by: Jon Koops <jonkoops@gmail.com>
2022-12-01 14:46:30 +01:00
dependabot[bot]
0ade39c129 Bump keycloak/keycloak-gh-actionbot from 0.3.0 to 0.3.1
Bumps [keycloak/keycloak-gh-actionbot](https://github.com/keycloak/keycloak-gh-actionbot) from 0.3.0 to 0.3.1.
- [Release notes](https://github.com/keycloak/keycloak-gh-actionbot/releases)
- [Commits](33d8759517...a3d3f240f2)

---
updated-dependencies:
- dependency-name: keycloak/keycloak-gh-actionbot
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-28 16:54:27 -03:00
dependabot[bot]
a383865150 Bump github/codeql-action from 2.1.33 to 2.1.34
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.33 to 2.1.34.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v2.1.33...v2.1.34)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-28 16:17:53 -03:00
mposolda
3e9c729f9e X.509 authentication fixes for FIPS
Closes #14967
2022-11-25 11:50:30 +01:00
Stian Thorgersen
044ce8d773
Tweak Maven wagon settings to try to prevent connection timeouts downloading dependencies on GA (#15504)
Closes #15503
2022-11-18 12:07:20 +01:00
Stian Thorgersen
ed4e91b380
Increase timeout for base testsuite (#15545)
Base testsuite (quarkus-map-jpa, group2) has been cancelled twice in the last 7 days.
2022-11-17 11:38:21 +01:00
dependabot[bot]
51f2fa78ee Bump github/codeql-action from 2.1.29 to 2.1.33
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.29 to 2.1.33.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v2.1.29...v2.1.33)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-16 22:59:16 -03:00
dependabot[bot]
e68e901494 Bump manusa/actions-setup-minikube from 2.7.0 to 2.7.1
Bumps [manusa/actions-setup-minikube](https://github.com/manusa/actions-setup-minikube) from 2.7.0 to 2.7.1.
- [Release notes](https://github.com/manusa/actions-setup-minikube/releases)
- [Commits](https://github.com/manusa/actions-setup-minikube/compare/v2.7.0...v2.7.1)

---
updated-dependencies:
- dependency-name: manusa/actions-setup-minikube
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-16 22:57:29 -03:00
dependabot[bot]
7ce4a270c7 Bump aquasecurity/trivy-action from 0.7.1 to 0.8.0
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.7.1 to 0.8.0.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](d63413b0a4...9ab158e859)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-16 22:56:30 -03:00
Stian Thorgersen
b104dc770d
Increase timeout for FIPS job (#15505)
Timed out in https://github.com/keycloak/keycloak/actions/runs/3465895045/jobs/5789314099
2022-11-15 12:33:43 +01:00
Stian Thorgersen
ebc91f6369
Update ci.yml (#15456) 2022-11-10 22:18:30 +01:00
vramik
021189f190 Make GHA Map-JPA base testsuite running with Quarkus
Co-authored-by: Martin Batros <mabartos@redhat.com>

Closes #13725
2022-11-10 10:08:14 +01:00
Stian Thorgersen
e4a76bacb1 Update timeouts for tests in Keycloak CI 2022-11-04 10:11:24 +01:00
Marek Posolda
f616495b05
Fixing UserFederationLdapConnectionTest,LDAPUserLoginTest to work with FIPS (#15299)
closes #14965
2022-11-03 16:35:57 +01:00
dependabot[bot]
f047524e14
Bump runforesight/foresight-test-kit-action from 1.2.1 to 1.3.0 (#15099)
Bumps [runforesight/foresight-test-kit-action](https://github.com/runforesight/foresight-test-kit-action) from 1.2.1 to 1.3.0.
- [Release notes](https://github.com/runforesight/foresight-test-kit-action/releases)
- [Commits](https://github.com/runforesight/foresight-test-kit-action/compare/v1.2.1...v1.3.0)

---
updated-dependencies:
- dependency-name: runforesight/foresight-test-kit-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Stian Thorgersen <stianst@gmail.com>
2022-11-03 07:08:57 +01:00
dependabot[bot]
d42ace3da5
Bump github/codeql-action from 2.1.28 to 2.1.29 (#15217)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.28 to 2.1.29.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v2.1.28...v2.1.29)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Stian Thorgersen <stianst@gmail.com>
2022-11-03 06:08:32 +01:00
Stian Thorgersen
db636e21ff
Temporarily add more scheduled runs (#15273)
In order to make the testsuite more stable we should at least temporarily add more scheduled runs so we can get more data
2022-11-02 12:36:43 +01:00
Hynek Mlnařík
d88d6eb503 Limit CI timeout for base and model testsuites
Fixes: #15118
2022-11-02 12:01:24 +01:00
Martin Bartoš
d9c96b9432
Replace ::set-output with environment variables in GHA CI (#15078)
Closes #15077
2022-10-25 08:58:34 +02:00
Stian Thorgersen
89da96cc63
Update bug issue form adding affected area, and making more field required (#15105) 2022-10-24 10:49:12 +02:00
mposolda
55c514ad56 More flexibility in keystore related tests, Make keycloak to notify which keystore types it supports, Support for BCFKS
Closes #14964
2022-10-24 08:36:37 +02:00
Bruno Oliveira da Silva
e712cd6a0e Suppress Snyk alerts related with Netty
Resolves #15066
2022-10-20 12:44:37 -03:00
Stian Thorgersen
4a266d0708
Update Foresight test-kit action (#14958) 2022-10-20 11:28:53 +02:00
dependabot[bot]
fc7c57ee12 Bump github/codeql-action from 2.1.26 to 2.1.28
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.26 to 2.1.28.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v2.1.26...v2.1.28)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-10-19 15:54:06 -03:00
Bruno Oliveira da Silva
6055e561a1 Prevent false alerts related to CVE-2021-3914
Resolves #14993
2022-10-18 18:53:27 -03:00
Marek Posolda
0756ef9a75
Initial integration tests with BCFIPS distribution (#14895)
Closes #14886
2022-10-17 23:33:22 +02:00
Bruno Oliveira da Silva
9c007e3779 Update Snyk ignore file to ignore jackson-databind 2.14.0 is out
Resolves #14831
2022-10-10 18:33:37 -03:00
Stian Thorgersen
7ae1fa4833
Enable Foresight test-kit-action on PRs (#14695) 2022-10-05 07:47:53 +02:00
dependabot[bot]
9561d287d9
Bump github/codeql-action from 2.1.25 to 2.1.26 (#14690)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.25 to 2.1.26.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v2.1.25...v2.1.26)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-10-04 06:58:49 +02:00
dependabot[bot]
52f58b5f28 Bump github/codeql-action from 2.1.21 to 2.1.25
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.21 to 2.1.25.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v2.1.21...v2.1.25)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-09-29 10:19:30 -03:00
dependabot[bot]
bedfb81c3c Bump aquasecurity/trivy-action from 0.6.2 to 0.7.1
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.6.2 to 0.7.1.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](cb606dfdb0...d63413b0a4)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-09-29 06:01:03 -03:00
Bruno Oliveira da Silva
db34e9e2ce False alert - Arbitrary Code Execution vulnerability in org.keycloak:keycloak-saml-core
Resolves #14639
2022-09-29 05:53:29 -03:00
Stian Thorgersen
603a55796d
Remove unused workflows (#14388) 2022-09-17 08:23:49 +02:00
Alexander Schwartz
f86b293cbd
Update GitHub actionbot to latest version (#14439)
Closes #14436
2022-09-16 09:55:03 +02:00
Jon Koops
3d910bc7b0
Update Github Actionbot to latest version (#14426) 2022-09-15 12:40:57 +02:00
mposolda
47340e9318 Initial GH actions unit tests for crypto modules
Closes #14241
2022-09-14 15:51:59 +02:00
Stian Thorgersen
68140dfb1f
Update ci.yml (#14352) 2022-09-12 13:32:09 +02:00
Stian Thorgersen
8d5c11a4a5
Enable test reporting for Foresight (#14333)
* Enable test reporting for Foresight

* Temporarily allow running CI on main

This is to allow generating more data for Foresight
2022-09-12 11:19:23 +02:00
Stian Thorgersen
f789b7997e
Remove CrossDC tests from GA (#14196) 2022-09-05 16:03:27 +02:00
Stian Thorgersen
94c74fca98
Removing QuickStarts testing running from main repo (#14090) 2022-08-30 16:58:37 +02:00
dependabot[bot]
bf13827282
Bump github/codeql-action from 2.1.20 to 2.1.21 (#14052)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.20 to 2.1.21.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v2.1.20...v2.1.21)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-29 10:59:33 +02:00
dependabot[bot]
03e9512a89
Bump github/codeql-action from 2.1.18 to 2.1.20 (#13997)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.18 to 2.1.20.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v2.1.18...v2.1.20)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-26 10:05:05 +02:00
Alexander Schwartz
757d407f77
Add GitHub action bot to re-run failed jobs (#14004)
Closes #14002
2022-08-26 09:59:41 +02:00
Martin Kanis
7daeca86f5
Make GHA HotRod base testsuite running with Quarkus (#14007) 2022-08-26 09:57:54 +02:00
Jon Koops
ca58a69dca
Remove Dependabot configuration for Keycloak JS (#13996) 2022-08-25 13:22:52 +02:00
Martin Bartoš
f3a36eaad5
Disable WebAuthn tests in GH Actions (#13880) 2022-08-19 15:59:17 +02:00
dependabot[bot]
78620c6a14 Bump github/codeql-action from 2.1.17 to 2.1.18
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.17 to 2.1.18.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v2.1.17...v2.1.18)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-08-15 15:37:06 -03:00
dependabot[bot]
e6ba617f44 Bump aquasecurity/trivy-action from 0.6.1 to 0.6.2
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.6.1 to 0.6.2.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](81b9a6f5ab...cb606dfdb0)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-08-15 15:36:46 -03:00
Tero Saarni
f7383d4308 Do not run snyk github workflow on forks of the repo 2022-08-15 15:28:45 -03:00
Jon Koops
cd9dd83e9c Disable Dependabot for Account Console 2022-08-15 10:42:22 -03:00
dependabot[bot]
05161b3002 Bump manusa/actions-setup-minikube from 2.6.1 to 2.7.0
Bumps [manusa/actions-setup-minikube](https://github.com/manusa/actions-setup-minikube) from 2.6.1 to 2.7.0.
- [Release notes](https://github.com/manusa/actions-setup-minikube/releases)
- [Commits](https://github.com/manusa/actions-setup-minikube/compare/v2.6.1...v2.7.0)

---
updated-dependencies:
- dependency-name: manusa/actions-setup-minikube
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-08-15 10:39:17 -03:00
Michal Hajas
d55d110ff9 Run Infinispan using Testcontainers in base testsuite
Closes #13620
2022-08-10 16:36:44 +02:00
dependabot[bot]
275e91e196 Bump aquasecurity/trivy-action from 0.6.0 to 0.6.1
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.6.0 to 0.6.1.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](503d3abc15...81b9a6f5ab)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-08-04 11:35:04 -03:00
dependabot[bot]
3749407772 Bump github/codeql-action from 2.1.16 to 2.1.17
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.16 to 2.1.17.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v2.1.16...v2.1.17)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-08-04 11:34:55 -03:00
Pedro Igor
333a4c900f Revert changes that block themes being loaded from custom providers
Closes #13401
2022-08-04 13:34:12 +02:00
Stian Thorgersen
6f7d20f752
Remove WF distribution from GitHub Actions (#13367) 2022-07-29 15:23:06 +02:00
Dominik Guhr
059a132476 Fixes the regression in 19 for MariaDB, MySQL and other DBs
databases that are not using an official liquibase type in Database.java could not be seeded anymore because

the liquibase types we use in model-jpa were not indexed and loaded during the build anymore.

Introduces highly needed tests for other databases than postgres, because postgres has an official liquibase databasetype in its list

in database.java and as such differs from nearly all other vendors.

Closes #13389
2022-07-28 20:40:51 +02:00
Alexander Schwartz
2a926f3e61
Abort CodeQL runs on new pushes to a pull-request's branch (#13241) 2022-07-28 15:30:05 -03:00
Hynek Mlnarik
143e6bc932 Replace undertow-map with quarkus-map
Fixes: #12652
2022-07-27 14:08:38 +02:00
Stian Thorgersen
340fafa722
Update release-operator-container.yml 2022-07-27 10:49:31 +02:00
Stian Thorgersen
bcd01a63f8
Update release-container.yml 2022-07-27 10:49:20 +02:00
Alexander Schwartz
67e2f342a9 Allow Quarkus configuration to mix different storage providers
Closes #13312
2022-07-26 21:56:16 +02:00
dependabot[bot]
d2738dabe9 Bump manusa/actions-setup-minikube from 2.6.0 to 2.6.1
Bumps [manusa/actions-setup-minikube](https://github.com/manusa/actions-setup-minikube) from 2.6.0 to 2.6.1.
- [Release notes](https://github.com/manusa/actions-setup-minikube/releases)
- [Commits](https://github.com/manusa/actions-setup-minikube/compare/v2.6.0...v2.6.1)

---
updated-dependencies:
- dependency-name: manusa/actions-setup-minikube
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-07-26 10:45:20 -03:00
dependabot[bot]
33b50bcb39 Bump aquasecurity/trivy-action from 0.5.1 to 0.6.0
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.5.1 to 0.6.0.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](0105373003...503d3abc15)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-07-26 10:45:11 -03:00
Michal Hajas
3589778a10 Add possibility to configure HotRod storage in Quarkus distribution
Closes #12617
2022-07-26 14:13:39 +02:00
dependabot[bot]
146e9e669d Bump github/codeql-action from 2.1.15 to 2.1.16
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.15 to 2.1.16.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v2.1.15...v2.1.16)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-07-18 10:05:28 -03:00
Jon Koops
1203ce8946
Ensure Dependabot PRs are created on Saturdays (#13156) 2022-07-18 09:35:40 -03:00
Pedro Igor
f6a2b334d1
Integrate the JPA map store (#13097)
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
2022-07-14 17:47:51 -03:00
Jon Koops
b4645e8988
Prevent Dependabot from upgrading major versions of Bootstrap (#13054)
Resolves #13056
2022-07-12 11:15:16 -03:00
Andre F de Miranda
240de2aeb0
Enable dependabot on NPM dependencies (#12925)
Co-authored-by: Andre Fucs de Miranda <afucsdemiranda@salesforce.com>
2022-07-11 17:08:58 -03:00
Alexander Schwartz
a1c0e5b113 Minimize workflow runs on Dependabot updates
Workflows will only run when their own workflow file changes, not on other workflow files. Dependabot branches are ignored for "push" builds, will only run on "pull" builds as code scanning on dependabot is not available for "push" builds.

Closes #12911
2022-07-06 12:46:46 -03:00
dependabot[bot]
2309b6d571 Bump aquasecurity/trivy-action from 0.4.1 to 0.5.1
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.4.1 to 0.5.1.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](49e970d7ac...0105373003)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-07-05 11:25:43 -03:00
dependabot[bot]
cb76210cbc Bump github/codeql-action from 2.1.12 to 2.1.15
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.12 to 2.1.15.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v2.1.12...v2.1.15)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-07-05 11:23:23 -03:00
Alexander Schwartz
b5ca03222f
Building the test-jar as it is one of the dependencies of the keycloak-crypto-fips1402 module (#12921) 2022-07-05 11:17:34 -03:00
Alexander Schwartz
c02059e0e5 Building the test-jar as it is one of the dependencies of the keycloak-crypto-fips1402 module
Also, ensure to run the workflow on changes to the workflow file.

Closes #12866
2022-07-01 10:29:43 -03:00
andreaTP
006aea300d A better structure for config-api 2022-06-28 11:33:44 -03:00
Hynek Mlnarik
ffc1265e9a Fix typo in ci.yml
Fixes: #12690
2022-06-28 09:06:35 -03:00
dependabot[bot]
12093753e9 Bump aquasecurity/trivy-action from 0.3.0 to 0.4.1
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.3.0 to 0.4.1.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](4b9b6fb4ef...49e970d7ac)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-06-22 10:07:16 -03:00
Václav Muzikář
2c1fc739f0 Explicitly set failIfNoSpecifiedTests to false 2022-06-21 12:26:17 -03:00
Václav Muzikář
2ba38d9fdc Fix clustering tests 2022-06-20 21:42:46 +02:00
andreaTP
36d258537a Fix operator CI installing modules locally 2022-06-20 09:22:10 -03:00
dependabot[bot]
fcf14c8574 Bump github/codeql-action from 2.1.11 to 2.1.12
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.11 to 2.1.12.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v2.1.11...v2.1.12)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-06-14 11:53:39 -03:00
Stian Thorgersen
fb18b693c4
Add Maven settings for release jobs (#12479)
Closes #12474
2022-06-13 15:53:44 +02:00
Václav Muzikář
105d3b955b Refactor Operator test packages 2022-06-13 10:01:43 -03:00
Bruno Oliveira da Silva
cd1ea3054e
Snyk workflow failing while building Quarkus (#12389)
Resolves #12380
2022-06-10 10:18:07 -03:00
Dominik Guhr
c4001ba198 Fix running operator image tests with prebuilt image
Closes #9898

Co-authored-by: Andrea Peruffo <andrea.peruffo1982@gmail.com>
2022-06-09 09:55:26 -03:00
Pedro Igor
c18b87af5f Keycloak server fails to start when using different named schema
Closes #12219
2022-06-08 09:10:25 -03:00
andreaTP
8f54f03f17 Fix CodeQl actions syntax 2022-05-31 08:53:42 -03:00
andreaTP
d66710205c Refactor dist config to a common module 2022-05-26 12:07:03 -03:00
Alexander Schwartz
8fe263e7b3 Build operator dependencies first before testing it
Closes #11641
2022-05-25 16:40:13 -03:00
Pedro Igor
6156272f39
Persisted config source not loading properties at runtime (#12157)
Co-authored-by: Dominik Guhr <dguhr@redhat.com>
2022-05-25 16:29:37 -03:00
dependabot[bot]
6dda69a634
Update github/codeql-action from 2.1.10 to 2.1.11 (#12150)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-25 10:51:51 -03:00
andreaTP
756b6c2f87 Filter CodeQL actions to only run on main repo 2022-05-24 17:51:16 -03:00
vramik
7fdd3cf965 Add conditional step to GHA for testing jpa-map storage with postgres
Closes #12046
2022-05-20 09:22:10 +02:00
andreaTP
45193dba0e Use wait-for-processing in CodeQl actions 2022-05-19 11:47:33 -03:00
Bruno Oliveira da Silva
58956aa0b4 Publish container images on Docker Hub
Resolves #11986

Co-authored-by: andreaTP <andrea.peruffo1982@gmail.com>
2022-05-18 08:01:28 -03:00
dependabot[bot]
3ff3aeba29
Update aquasecurity/trivy-action from 0.2.5 to 0.3.0 (#12016)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-16 19:27:23 -03:00
dependabot[bot]
1611629c5c
Update github/codeql-action from 2.1.9 to 2.1.10 (#12017)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-16 19:27:02 -03:00
Martin Bartoš
06b6e7ed7b Include WebAuthn tests to GH Actions
Closes #9502
2022-05-16 08:35:40 +02:00
Bruno Oliveira da Silva
83ef30c106
Update GitHub actions dependencies (#11952)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: andreaTP <andrea.peruffo1982@gmail.com>
2022-05-12 09:53:59 -03:00
Michal Hajas
fc974fc019 Update composite roles on child role removal
Closes #11769
2022-05-05 15:18:18 +02:00
Bruno Oliveira da Silva
81078274fa Ignore vulnerabilities fixed on Keycloak 18.0.0
Resolves #11672
2022-04-28 15:24:55 -03:00
vramik
5248815091 Disable infinispan realm and user cache for map storage tests
Closes #11213
2022-04-25 09:38:49 +02:00
Stian Thorgersen
aaaec9f6f5
Add Maven Wrapper (#11031) 2022-04-22 15:24:39 +02:00
Andrea Peruffo
7986872ae0
Inject the operand version as env var (#11511) 2022-04-20 11:09:08 +02:00
andreaTP
8b1869482d fix Operator CI 2022-04-19 14:27:55 -03:00
andreaTP
fe9347c9ec Use the setup-java action cache option 2022-04-19 11:20:35 -03:00
andreaTP
a558d2f546 OLM tests using ttl.sh 2022-04-19 09:44:25 -03:00
dependabot[bot]
cb4cd279ab
Bump aquasecurity/trivy-action to 0.2.3 (#11274)
Resolves #11308

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-14 05:55:56 -03:00
dependabot[bot]
df1c3b1a8d
Bump actions/setup-java from 2 to 3 (#11275)
Resolves #11307

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-14 05:52:59 -03:00
dependabot[bot]
db229ee55e
Bump github/codeql-action from 2.1.7 to 2.1.8 (#11273)
Resolves #11306

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-14 05:49:32 -03:00
Bruno Oliveira da Silva
1661a4ecc7 Suppress Snyk warnings about WildFly Elytron
Resolves #11277
2022-04-13 11:18:03 -03:00
Jon Koops
034748ed0a Add Dependabot config to keep Github Actions up-to-date 2022-04-13 08:07:49 -03:00
Bruno Oliveira da Silva
bde2744650 Ignore license compliance warnings
Resolves #11225
2022-04-11 19:12:17 -03:00
Václav Muzikář
20d037a4ad Revert Operator CI 2022-04-11 12:33:22 -03:00
Bruno Oliveira da Silva
0ff92df01f Suppress Snyk false positives
Resolves #11203
2022-04-09 09:17:30 -03:00
Andrea Peruffo
7816e69e38
Build the Olm bundle and test it in CI (#10949)
* Building the OLM bundle

* kustomize the main CRD for the OLM bundle

* minor fixes
2022-04-08 10:22:01 +02:00
Bruno Oliveira da Silva
eade942482 CodeQL analysis always fails
Resolves #11123
2022-04-07 07:36:42 -03:00
andreaTP
53aab7fc28 Use temurin instead of zulu in CI 2022-03-31 10:23:42 -03:00
andreaTP
f93a7d63f7 Switch to auto-build off in case of custom images 2022-03-30 12:46:32 -03:00
Bruno Oliveira da Silva
034775f311 Trigger Trivy workflow after the build of our nightly images
Resolves #11011
2022-03-30 12:41:37 -03:00
Bruno Oliveira da Silva
8cd2c97982 Fix the breaking changes introduced by setup-java 2022-03-30 11:53:00 -03:00
Bruno Oliveira da Silva
b09728762e Update to the latest version of the official actions used by Keycloak
Resolves #10971
2022-03-30 11:53:00 -03:00
Bruno Oliveira da Silva
7b10d02cbd Introduce an additional dependency scanner for Keycloak
Resolves #10807

Co-authored-by: Jon Koops <jonkoops@gmail.com>
2022-03-30 10:09:14 -03:00
Bruno Oliveira da Silva
19e55650a2
Automatic scan Keycloak docker image for vulnerabilities (#10777)
* Automatic scan Keycloak docker image for vulnerabilities

The changes proposed here will run Trivy scanner twice a day to search
vulnerabilities into our main images.

Resolves #10764

Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>

* Update .github/workflows/trivy-analysis.yml

Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Co-authored-by: Stian Thorgersen <stian@redhat.com>
2022-03-29 16:17:20 +02:00
Stian Thorgersen
e58e8ef252
Add issue template for tasks (#10912) 2022-03-29 15:47:35 +02:00
Andrea Peruffo
e3935f669d
Run CI on main only on schedule (#10942) 2022-03-29 15:10:20 +02:00
andreaTP
6621fb3988 Publish operator image to Quay 2022-03-16 10:17:45 -03:00
andreaTP
c3348c8931 Deploy a default ingress along with the Deployment 2022-03-16 09:54:48 -03:00
Bruno Oliveira da Silva
6ebad26904
Failure to upload the SARIF file on pull requests (#10725)
The changes proposed here will resolve the issues we have with
pull-request after the merge of #10606. It creates 3 different
workflows to conditionally execute the job based on changes submitted.

A detailed explanation about the issue can be found on #10717.

Resolves #10717
2022-03-15 08:59:59 +01:00
Stian Thorgersen
4eb1720259
GitHub Action to release Keycloak container (#10683)
Closes #10682
2022-03-15 08:58:44 +01:00
Bruno Oliveira da Silva
f06ba05405
The CodeQL analysis is broken due to the large content of the SARIF file (#10606)
The issue was originally caused by high number of flows paths per alert
generated by the LDAP federation module. That was identified taking the
SARIF file generated and running:

```
jq '.runs[0].results | map({query_id: .rule.id, numPaths: .codeFlows |
length})' java.sarif

```

Together we reduced the number of flows paths, adding optimizations to
skip some paths and avoid false alerts.

Co-authored-by: Bruno Oliveira da Silva <bruno@abstractj.com>

Closes #10203

Co-authored-by: Joshua Mulliken <joshua@mulliken.net>
2022-03-11 13:55:17 +01:00
Jonathan Vila
c4b978b6c8 Operator Clustering support
Co-authored-by: Jonathan Vila <jvilalop@redhat.com>
Co-authored-by: Andrea Peruffo <andrea.peruffo1982@gmail.com>
2022-03-03 16:22:01 -03:00
andreaTP
8e6489459d Fix operator CI 2022-02-28 13:06:41 +01:00
andreaTP
6bce8b80b9 Add extensions as init container 2022-02-24 15:17:38 -03:00
Stian Thorgersen
1df842eb4b Update codeql-analysis.yml 2022-02-21 13:33:35 -03:00
Andrea Peruffo
c826bab01d
Run the operator locally to verify dev env in GH actions (#10150) 2022-02-16 12:26:04 +01:00
Stian Thorgersen
fa87d46210
Remove additional repositories where they are not needed. Set updatePolicy for GA. (#10047)
Closes: #10133
2022-02-16 08:59:05 +01:00
andreaTP
541043c862 Run the operator tests using a fresh build of Keycloak 2022-02-15 10:01:53 -03:00
Bruno Oliveira da Silva
38d817b7b9 Configure CodeQL to perform the analysis of the main branch
The CodeQL configuration file still has some references to the old
branch `master`, that means that most of the information provided by the
tool must be outdated.  Change it is necessary to perform the correct
analysis of the codebase.

Closes #10103
2022-02-10 09:57:53 -03:00
Jonathan Vila
3fd725a3f5
Test Baseline (#9625)
Closes #9174

Signed-off-by: jonathan <jvilalop@redhat.com>
2022-02-03 09:38:45 +01:00
Dominik Guhr
829e2a9a3e
Change test order (#9911)
Closes #9910
2022-02-01 14:08:44 +01:00
Bruno Oliveira da Silva
f2430c0994 Exclude some folders from our SAST analysis
Currently, the CodeQL scanner has been analyzing the whole
codebase,including folders like testsuite, or examples. Those folders
are not relevant from the security standpoint, considering that they do
not expose our users and customers to any risks. They are only relevant
in the context of our pipelines, but never used in production.

Closes #9631
2022-01-20 18:42:39 -03:00
Andrea Peruffo
8c5e158db4
Baseline for the new Keycloak operator (#9381)
* Baseline for the new Keycloak operator

* v2alpha1 and better kustomization setup
2022-01-12 09:06:10 +01:00
Pedro Igor
981cda5bfd Database configuration tests
Closes #9293
2022-01-05 09:26:46 -08:00
Stian Thorgersen
208e45cfb2
Add issue templates directly to repo to fix issue with labels not being added (#9380) 2022-01-03 12:56:40 +01:00