name: Keycloak CI on: push: branches-ignore: - main - dependabot/** pull_request: workflow_dispatch: env: MAVEN_ARGS: "-B -nsu -Daether.connector.http.connectionMaxTtl=25" SUREFIRE_RERUN_FAILING_COUNT: 2 SUREFIRE_RETRY: "-Dsurefire.rerunFailingTestsCount=2" concurrency: # Only cancel jobs for PR updates group: ci-${{ github.ref }} cancel-in-progress: true defaults: run: shell: bash jobs: conditional: name: Check conditional workflows and jobs runs-on: ubuntu-latest outputs: ci: ${{ steps.conditional.outputs.ci }} ci-quarkus: ${{ steps.conditional.outputs.ci-quarkus }} ci-store: ${{ steps.conditional.outputs.ci-store }} ci-sssd: ${{ steps.conditional.outputs.ci-sssd }} ci-webauthn: ${{ steps.conditional.outputs.ci-webauthn }} ci-store-matrix: ${{ steps.conditional-stores.outputs.matrix }} ci-test-poc: ${{ steps.conditional.outputs.ci-test-poc }} steps: - uses: actions/checkout@v4 - id: conditional uses: ./.github/actions/conditional with: token: ${{ secrets.GITHUB_TOKEN }} - id: conditional-stores run: | STORES="postgres, mysql, oracle, mssql, mariadb" if [[ $GITHUB_EVENT_NAME != "pull_request" && -n "${{ secrets.AWS_SECRET_ACCESS_KEY }}" ]]; then STORES+=", aurora-postgres" fi echo "matrix=$(echo $STORES | jq -Rc 'split(", ")')" >> $GITHUB_OUTPUT build: name: Build if: needs.conditional.outputs.ci == 'true' runs-on: ubuntu-latest needs: conditional steps: - uses: actions/checkout@v4 - name: Build Keycloak uses: ./.github/actions/build-keycloak unit-tests: name: Base UT runs-on: ubuntu-latest needs: build timeout-minutes: 30 steps: - uses: actions/checkout@v4 - id: unit-test-setup name: Unit test setup uses: ./.github/actions/unit-test-setup - name: Run unit tests run: | SEP="" PROJECTS="" for i in `find -name '*Test.java' -type f | egrep -v './(testsuite|quarkus|docs|test-poc)/' | sed 's|/src/test/java/.*||' | sort | uniq | sed 's|./||'`; do PROJECTS="$PROJECTS$SEP$i" SEP="," done ./mvnw test -pl "$PROJECTS" -am - name: Upload JVM Heapdumps if: always() uses: ./.github/actions/upload-heapdumps - name: Surefire reports if: always() uses: ./.github/actions/archive-surefire-reports with: job-id: unit-tests base-integration-tests: name: Base IT needs: build runs-on: ubuntu-latest timeout-minutes: 100 strategy: matrix: group: [1, 2, 3, 4, 5, 6] fail-fast: false steps: - uses: actions/checkout@v4 - id: integration-test-setup name: Integration test setup uses: ./.github/actions/integration-test-setup - name: Run base tests run: | TESTS=`testsuite/integration-arquillian/tests/base/testsuites/base-suite.sh ${{ matrix.group }}` echo "Tests: $TESTS" ./mvnw test ${{ env.SUREFIRE_RETRY }} -Pauth-server-quarkus -Dtest=$TESTS -pl testsuite/integration-arquillian/tests/base 2>&1 | misc/log/trimmer.sh - name: Upload JVM Heapdumps if: always() uses: ./.github/actions/upload-heapdumps - uses: ./.github/actions/upload-flaky-tests name: Upload flaky tests env: GH_TOKEN: ${{ github.token }} with: job-name: Base IT - name: Surefire reports if: always() uses: ./.github/actions/archive-surefire-reports with: job-id: base-integration-tests-${{ matrix.group }} adapter-integration-tests: name: Adapter IT needs: build runs-on: ubuntu-latest timeout-minutes: 100 steps: - uses: actions/checkout@v4 - id: integration-test-setup name: Integration test setup uses: ./.github/actions/integration-test-setup - name: Build adapter distributions run: ./mvnw install -DskipTests -f distribution/pom.xml - name: Build app servers run: ./mvnw install -DskipTests -Pbuild-app-servers -f testsuite/integration-arquillian/servers/app-server/pom.xml - name: Run adapter tests run: | TESTS="org.keycloak.testsuite.adapter.**" echo "Tests: $TESTS" ./mvnw test ${{ env.SUREFIRE_RETRY }} -Pauth-server-quarkus -Papp-server-wildfly -Dtest=$TESTS -pl testsuite/integration-arquillian/tests/base 2>&1 | misc/log/trimmer.sh - name: Upload JVM Heapdumps if: always() uses: ./.github/actions/upload-heapdumps - uses: ./.github/actions/upload-flaky-tests name: Upload flaky tests env: GH_TOKEN: ${{ github.token }} with: job-name: Base IT - name: Surefire reports if: always() uses: ./.github/actions/archive-surefire-reports with: job-id: adapter-integration-tests quarkus-unit-tests: name: Quarkus UT needs: [build, conditional] if: needs.conditional.outputs.ci-quarkus == 'true' timeout-minutes: 15 strategy: matrix: os: [ ubuntu-latest, windows-latest ] runs-on: ${{ matrix.os }} steps: - uses: actions/checkout@v4 # We want to download Keycloak artifacts - id: integration-test-setup name: Integration test setup uses: ./.github/actions/integration-test-setup - name: Run unit tests run: | ./mvnw test -f quarkus/pom.xml -pl '!tests,!tests/junit5,!tests/integration,!dist' - name: Upload JVM Heapdumps if: always() uses: ./.github/actions/upload-heapdumps - name: Surefire reports if: always() uses: ./.github/actions/archive-surefire-reports with: job-id: quarkus-unit-tests quarkus-integration-tests: name: Quarkus IT needs: [build, conditional] timeout-minutes: 115 strategy: matrix: os: [ubuntu-latest] suite: [zip, container, storage, smoke] full-testsuite: - ${{ needs.conditional.outputs.ci-quarkus == 'true' }} # Win runs always as includes are evaluated after excludes include: - os: windows-latest suite: win # Either run smoke tests, or full testsuite exclude: - full-testsuite: false suite: zip - full-testsuite: false suite: container - full-testsuite: false suite: storage - full-testsuite: true suite: smoke fail-fast: false runs-on: ${{ matrix.os }} env: MAVEN_OPTS: -Xmx1024m steps: - uses: actions/checkout@v4 - id: unit-test-setup name: Unit test setup uses: ./.github/actions/unit-test-setup # Not sure why, but needs to re-build otherwise there's some failures starting up # Smoke tests should cover scenarios that could be broken by changes in other modules that quarkus - name: Run Quarkus integration Tests run: | declare -A PARAMS PARAMS["win"]="-Dtest=StartCommandDistTest,StartDevCommandDistTest,BuildAndStartDistTest,ImportAtStartupDistTest" PARAMS["zip"]="" PARAMS["container"]="-Dkc.quarkus.tests.dist=docker" PARAMS["storage"]="-Ptest-database -Dtest=PostgreSQLDistTest,MariaDBDistTest#testSuccessful,MySQLDistTest#testSuccessful,DatabaseOptionsDistTest,JPAStoreDistTest,HotRodStoreDistTest,MixedStoreDistTest,TransactionConfigurationDistTest,ExternalInfinispanTest" PARAMS["smoke"]="-Dtest=ClusterConfigDistTest,CustomJpaEntityProviderDistTest,ExportDistTest,FeaturesDistTest,ImportAtStartupDistTest,ImportDistTest,JaxRsDistTest,TruststoreDistTest" ./mvnw install -pl quarkus/tests/integration -am -DskipTests ./mvnw test -pl quarkus/tests/integration ${PARAMS["${{ matrix.suite }}"]} 2>&1 | misc/log/trimmer.sh - name: Upload JVM Heapdumps if: always() uses: ./.github/actions/upload-heapdumps - name: Surefire reports if: always() uses: ./.github/actions/archive-surefire-reports with: job-id: quarkus-integration-tests-${{ matrix.os }}-${{ matrix.server }} jdk-integration-tests: name: Java Distribution IT needs: build timeout-minutes: 100 strategy: matrix: os: [ubuntu-latest, windows-latest] dist: [temurin] version: [17] fail-fast: false runs-on: ${{ matrix.os }} steps: - uses: actions/checkout@v4 - id: integration-test-setup name: Integration test setup uses: ./.github/actions/integration-test-setup with: jdk-dist: ${{ matrix.dist }} jdk-version: ${{ matrix.version }} - name: Prepare Quarkus distribution with current JDK run: ./mvnw install -e -pl testsuite/integration-arquillian/servers/auth-server/quarkus - name: Run base tests run: | TESTS=`testsuite/integration-arquillian/tests/base/testsuites/suite.sh jdk` echo "Tests: $TESTS" if [ "$OSTYPE" == "msys" ]; then ./mvnw test ${{ env.SUREFIRE_RETRY }} -Pauth-server-quarkus -Dtest=$TESTS "-Dwebdriver.chrome.driver=$ChromeWebDriver/chromedriver.exe" -pl testsuite/integration-arquillian/tests/base 2>&1 | misc/log/trimmer.sh else ./mvnw test ${{ env.SUREFIRE_RETRY }} -Pauth-server-quarkus -Dtest=$TESTS "-Dwebdriver.chrome.driver=$CHROMEWEBDRIVER/chromedriver" -pl testsuite/integration-arquillian/tests/base 2>&1 | misc/log/trimmer.sh fi - name: Build with JDK run: ./mvnw install -e -DskipTests -DskipExamples - name: Upload JVM Heapdumps if: always() uses: ./.github/actions/upload-heapdumps - uses: ./.github/actions/upload-flaky-tests name: Upload flaky tests env: GH_TOKEN: ${{ github.token }} with: job-name: Java Distribution IT - name: Surefire reports if: always() uses: ./.github/actions/archive-surefire-reports with: job-id: jdk-integration-tests-${{ matrix.os }}-${{ matrix.dist }}-${{ matrix.version }} persistent-sessions-tests: name: Persistent Sessions IT needs: [build, conditional] if: needs.conditional.outputs.ci-store == 'true' runs-on: ubuntu-latest timeout-minutes: 150 strategy: matrix: variant: [ "pus-ec", "pus-rc" ] fail-fast: false steps: - uses: actions/checkout@v4 - id: integration-test-setup name: Integration test setup uses: ./.github/actions/integration-test-setup - name: Run base tests run: | TESTS=`testsuite/integration-arquillian/tests/base/testsuites/suite.sh persistent-sessions` echo "Tests: $TESTS" case "${{ matrix.variant }}" in pus-ec) VARIANT="-Dauth.server.feature=persistent-user-sessions" ;; pus-rc) VARIANT="-Pinfinispan-server -Dauth.server.feature=persistent-user-sessions,multi-site,remote-cache" ;; *) echo "Unknown Matrix element" exit 1 ;; esac echo "Variant: $VARIANT" ./mvnw test ${{ env.SUREFIRE_RETRY }} -Pauth-server-quarkus "-Dwebdriver.chrome.driver=$CHROMEWEBDRIVER/chromedriver" $VARIANT -Dtest=$TESTS -pl testsuite/integration-arquillian/tests/base 2>&1 | misc/log/trimmer.sh - name: Upload JVM Heapdumps if: always() uses: ./.github/actions/upload-heapdumps - uses: ./.github/actions/upload-flaky-tests name: Upload flaky tests env: GH_TOKEN: ${{ github.token }} with: job-name: Store IT - name: Surefire reports if: always() uses: ./.github/actions/archive-surefire-reports with: job-id: store-integration-tests-${{ matrix.variant }} - name: EC2 Maven Logs if: failure() uses: actions/upload-artifact@v4 with: name: store-it-mvn-logs path: .github/scripts/ansible/files external-infinispan-tests: name: External Infinispan IT needs: [ build, conditional ] if: needs.conditional.outputs.ci-store == 'true' runs-on: ubuntu-latest timeout-minutes: 150 strategy: matrix: variant: [ "remote-cache,multi-site" ] fail-fast: false steps: - uses: actions/checkout@v4 - id: integration-test-setup name: Integration test setup uses: ./.github/actions/integration-test-setup - name: Run base tests without cache run: | TESTS=`testsuite/integration-arquillian/tests/base/testsuites/suite.sh remote-cache` echo "Tests: $TESTS" ./mvnw test ${{ env.SUREFIRE_RETRY }} -Pauth-server-quarkus -Pinfinispan-server -Dauth.server.feature=${{ matrix.variant }} -Dtest=$TESTS -pl testsuite/integration-arquillian/tests/base 2>&1 | misc/log/trimmer.sh - name: Upload JVM Heapdumps if: always() uses: ./.github/actions/upload-heapdumps - uses: ./.github/actions/upload-flaky-tests name: Upload flaky tests env: GH_TOKEN: ${{ github.token }} with: job-name: Remote Infinispan IT - name: Surefire reports if: always() uses: ./.github/actions/archive-surefire-reports with: job-id: remote-infinispan-integration-tests store-integration-tests: name: Store IT needs: [build, conditional] if: needs.conditional.outputs.ci-store == 'true' runs-on: ubuntu-latest timeout-minutes: 150 strategy: matrix: db: ${{ fromJson(needs.conditional.outputs.ci-store-matrix) }} fail-fast: false steps: - uses: actions/checkout@v4 - id: aurora-init name: Initialize Aurora environment if: ${{ matrix.db == 'aurora-postgres' }} run: | AWS_REGION=us-east-1 echo "Region: ${AWS_REGION}" aws configure set aws_access_key_id ${{ secrets.AWS_ACCESS_KEY_ID }} aws configure set aws_secret_access_key ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws configure set region ${AWS_REGION} PASS=$(tr -dc A-Za-z0-9 > $GITHUB_OUTPUT echo "password=${PASS}" >> $GITHUB_OUTPUT echo "region=${AWS_REGION}" >> $GITHUB_OUTPUT - id: aurora-create name: Create Aurora DB if: ${{ matrix.db == 'aurora-postgres' }} uses: ./.github/actions/aurora-create-database with: name: ${{ steps.aurora-init.outputs.name }} password: ${{ steps.aurora-init.outputs.password }} region: ${{ steps.aurora-init.outputs.region }} - id: integration-test-setup name: Integration test setup if: ${{ matrix.db != 'aurora-postgres' }} uses: ./.github/actions/integration-test-setup - name: Run Aurora tests on EC2 id: aurora-tests if: ${{ matrix.db == 'aurora-postgres' }} run: | PROPS="-Dauth.server.db.host=${{ steps.aurora-create.outputs.endpoint }}" PROPS+=" -Dkeycloak.connectionsJpa.password=${{ steps.aurora-init.outputs.password }}" REGION=${{ steps.aurora-init.outputs.region }} curl --fail-with-body https://truststore.pki.rds.amazonaws.com/${REGION}/${REGION}-bundle.pem -o aws.pem PROPS+=" -Dkeycloak.connectionsJpa.jdbcParameters=\"?ssl=true&sslmode=verify-ca&sslrootcert=/opt/keycloak/aws.pem\"" TESTS=`testsuite/integration-arquillian/tests/base/testsuites/suite.sh database` echo "Tests: $TESTS" git archive --format=zip --output /tmp/keycloak.zip $GITHUB_REF zip -u /tmp/keycloak.zip aws.pem cd .github/scripts/ansible export CLUSTER_NAME=keycloak_$(git rev-parse --short HEAD) echo "ec2_cluster=${CLUSTER_NAME}" >> $GITHUB_OUTPUT ./aws_ec2.sh requirements ./aws_ec2.sh create ${REGION} ./keycloak_ec2_installer.sh ${REGION} /tmp/keycloak.zip ./mvn_ec2_runner.sh ${REGION} "clean install -B -DskipTests -Pdistribution" ./mvn_ec2_runner.sh ${REGION} "clean install -B -DskipTests -pl testsuite/integration-arquillian/servers/auth-server/quarkus -Pauth-server-quarkus -Pdb-aurora-postgres -Dmaven.build.cache.enabled=true" ./mvn_ec2_runner.sh ${REGION} "test -B ${{ env.SUREFIRE_RETRY }} -Pauth-server-quarkus -Pdb-${{ matrix.db }} $PROPS -Dtest=$TESTS -pl testsuite/integration-arquillian/tests/base 2>&1 | misc/log/trimmer.sh" # Copy returned surefire-report directories to workspace root to ensure they're discovered results=(files/keycloak/results/*) rsync -a $results/* ../../../ rm -rf $results - name: Run base tests if: ${{ matrix.db != 'aurora-postgres' }} run: | TESTS=`testsuite/integration-arquillian/tests/base/testsuites/suite.sh database` echo "Tests: $TESTS" ./mvnw test ${{ env.SUREFIRE_RETRY }} -Pauth-server-quarkus -Pdb-${{ matrix.db }} "-Dwebdriver.chrome.driver=$CHROMEWEBDRIVER/chromedriver" -Dtest=$TESTS -pl testsuite/integration-arquillian/tests/base 2>&1 | misc/log/trimmer.sh - name: Upload JVM Heapdumps if: always() uses: ./.github/actions/upload-heapdumps - uses: ./.github/actions/upload-flaky-tests name: Upload flaky tests env: GH_TOKEN: ${{ github.token }} with: job-name: Store IT - name: Surefire reports if: always() uses: ./.github/actions/archive-surefire-reports with: job-id: store-integration-tests-${{ matrix.db }} - name: EC2 Maven Logs if: failure() uses: actions/upload-artifact@v4 with: name: store-it-mvn-logs path: .github/scripts/ansible/files - name: Delete Aurora EC2 Instance if: ${{ always() && matrix.db == 'aurora-postgres' }} working-directory: .github/scripts/ansible run: | export CLUSTER_NAME=${{ steps.aurora-tests.outputs.ec2_cluster }} ./aws_ec2.sh delete ${{ steps.aurora-init.outputs.region }} - name: Delete Aurora DB if: ${{ always() && matrix.db == 'aurora-postgres' }} run: | gh workflow run aurora-delete.yml \ -f name=${{ steps.aurora-init.outputs.name }} \ -f region=${{ steps.aurora-init.outputs.region }} \ --repo ${{ github.repository }} \ --ref ${{ github.ref_name }} env: GH_TOKEN: ${{ github.token }} store-model-tests: name: Store Model Tests runs-on: ubuntu-latest needs: [build, conditional] if: needs.conditional.outputs.ci-store == 'true' timeout-minutes: 75 steps: - uses: actions/checkout@v4 - id: integration-test-setup name: Integration test setup uses: ./.github/actions/integration-test-setup - name: Run model tests run: testsuite/model/test-all-profiles.sh ${{ env.SUREFIRE_RETRY }} - name: Upload JVM Heapdumps if: always() uses: ./.github/actions/upload-heapdumps - uses: ./.github/actions/upload-flaky-tests name: Upload flaky tests env: GH_TOKEN: ${{ github.token }} with: job-name: Store Model Tests - name: Surefire reports if: always() uses: ./.github/actions/archive-surefire-reports with: job-id: store-model-tests clustering-integration-tests: name: Clustering IT needs: build runs-on: ubuntu-latest timeout-minutes: 35 env: MAVEN_OPTS: -Xmx1024m steps: - uses: actions/checkout@v4 - id: integration-test-setup name: Integration test setup uses: ./.github/actions/integration-test-setup - name: Run cluster tests run: | ./mvnw test ${{ env.SUREFIRE_RETRY }} -Pauth-server-cluster-quarkus,db-postgres "-Dwebdriver.chrome.driver=$CHROMEWEBDRIVER/chromedriver" -Dsession.cache.owners=2 -Dtest=**.cluster.** -pl testsuite/integration-arquillian/tests/base 2>&1 | misc/log/trimmer.sh - name: Upload JVM Heapdumps if: always() uses: ./.github/actions/upload-heapdumps - uses: ./.github/actions/upload-flaky-tests name: Upload flaky tests env: GH_TOKEN: ${{ github.token }} with: job-name: Clustering IT - name: Surefire reports if: always() uses: ./.github/actions/archive-surefire-reports with: job-id: clustering-integration-tests fips-unit-tests: name: FIPS UT runs-on: ubuntu-latest needs: build timeout-minutes: 20 steps: - uses: actions/checkout@v4 - name: Fake fips run: | cd .github/fake_fips make sudo insmod fake_fips.ko - id: unit-test-setup name: Unit test setup uses: ./.github/actions/unit-test-setup - name: Run crypto tests run: docker run --rm --workdir /github/workspace -v "${{ github.workspace }}":"/github/workspace" -v "$HOME/.m2":"/root/.m2" registry.access.redhat.com/ubi8/ubi:latest .github/scripts/run-fips-ut.sh - name: Upload JVM Heapdumps if: always() uses: ./.github/actions/upload-heapdumps - name: Surefire reports if: always() uses: ./.github/actions/archive-surefire-reports with: job-id: fips-unit-tests fips-integration-tests: name: FIPS IT needs: build runs-on: ubuntu-latest timeout-minutes: 45 strategy: matrix: mode: [non-strict, strict] fail-fast: false steps: - uses: actions/checkout@v4 - name: Fake fips run: | cd .github/fake_fips make sudo insmod fake_fips.ko - id: integration-test-setup name: Integration test setup uses: ./.github/actions/integration-test-setup with: jdk-version: 21 - name: Build adapter distributions run: ./mvnw install -DskipTests -f distribution/pom.xml - name: Build app servers run: ./mvnw install -DskipTests -Pbuild-app-servers -f testsuite/integration-arquillian/servers/app-server/pom.xml - name: Prepare Quarkus distribution with BCFIPS run: ./mvnw install -e -pl testsuite/integration-arquillian/servers/auth-server/quarkus -Pauth-server-quarkus,auth-server-fips140-2 - name: Run base tests run: docker run --rm --workdir /github/workspace -e "SUREFIRE_RERUN_FAILING_COUNT" -v "${{ github.workspace }}":"/github/workspace" -v "$HOME/.m2":"/root/.m2" registry.access.redhat.com/ubi8/ubi:latest .github/scripts/run-fips-it.sh ${{ matrix.mode }} - name: Upload JVM Heapdumps if: always() uses: ./.github/actions/upload-heapdumps - uses: ./.github/actions/upload-flaky-tests name: Upload flaky tests env: GH_TOKEN: ${{ github.token }} with: job-name: FIPS IT - name: Surefire reports if: always() uses: ./.github/actions/archive-surefire-reports with: job-id: fips-integration-tests-${{ matrix.mode }} forms-integration-tests: name: Forms IT runs-on: ubuntu-latest needs: build timeout-minutes: 75 strategy: matrix: browser: [chrome, firefox] fail-fast: false steps: - uses: actions/checkout@v4 - id: integration-test-setup name: Integration test setup uses: ./.github/actions/integration-test-setup - name: Run Forms IT run: | TESTS=`testsuite/integration-arquillian/tests/base/testsuites/suite.sh forms` echo "Tests: $TESTS" ./mvnw test ${{ env.SUREFIRE_RETRY }} -Pauth-server-quarkus -Dtest=$TESTS -Dbrowser=${{ matrix.browser }} -f testsuite/integration-arquillian/tests/base/pom.xml 2>&1 | misc/log/trimmer.sh - name: Upload JVM Heapdumps if: always() uses: ./.github/actions/upload-heapdumps - uses: ./.github/actions/upload-flaky-tests name: Upload flaky tests env: GH_TOKEN: ${{ github.token }} with: job-name: Forms IT - name: Surefire reports if: always() uses: ./.github/actions/archive-surefire-reports with: job-id: forms-integration-tests-${{ matrix.browser }} webauthn-integration-tests: name: WebAuthn IT if: needs.conditional.outputs.ci-webauthn == 'true' runs-on: ubuntu-latest needs: build timeout-minutes: 45 strategy: matrix: browser: - chrome - firefox fail-fast: false steps: - uses: actions/checkout@v4 - id: integration-test-setup name: Integration test setup uses: ./.github/actions/integration-test-setup - name: Run WebAuthn IT run: | TESTS=`testsuite/integration-arquillian/tests/base/testsuites/suite.sh webauthn` echo "Tests: $TESTS" ./mvnw test ${{ env.SUREFIRE_RETRY }} -Pauth-server-quarkus -Dtest=$TESTS -Dbrowser=${{ matrix.browser }} "-Dwebdriver.chrome.driver=$CHROMEWEBDRIVER/chromedriver" "-Dwebdriver.gecko.driver=$GECKOWEBDRIVER/geckodriver" -pl testsuite/integration-arquillian/tests/base 2>&1 | misc/log/trimmer.sh - name: Upload JVM Heapdumps if: always() uses: ./.github/actions/upload-heapdumps - uses: ./.github/actions/upload-flaky-tests name: Upload flaky tests env: GH_TOKEN: ${{ github.token }} with: job-name: WebAuthn IT - name: Surefire reports if: always() uses: ./.github/actions/archive-surefire-reports with: job-id: webauthn-integration-tests-${{ matrix.browser }} sssd-unit-tests: name: SSSD runs-on: ubuntu-latest if: needs.conditional.outputs.ci-sssd == 'true' needs: - conditional - build timeout-minutes: 30 steps: - name: checkout uses: actions/checkout@v4 - id: integration-test-setup name: Integration test setup uses: ./.github/actions/integration-test-setup - id: weekly-cache-key name: Key for weekly rotation of cache shell: bash run: echo "key=ipa-data-`date -u "+%Y-%U"`" >> $GITHUB_OUTPUT - id: cache-maven-repository name: ipa-data cache uses: actions/cache@v4 with: path: ~/ipa-data.tar key: ${{ steps.weekly-cache-key.outputs.key }} - name: Run tests run: .github/scripts/run-ipa.sh "${{ github.workspace }}" - name: Surefire reports if: always() uses: ./.github/actions/archive-surefire-reports with: job-id: sssd-unit-tests migration-tests: name: Migration Tests runs-on: ubuntu-latest needs: build timeout-minutes: 45 strategy: matrix: old-version: [24.0.4] database: [postgres, mysql, oracle, mssql, mariadb] fail-fast: false steps: - uses: actions/checkout@v4 - id: integration-test-setup name: Integration test setup uses: ./.github/actions/integration-test-setup - name: Run Migration Tests run: | ./mvnw clean install ${{ env.SUREFIRE_RETRY }} \ -Pauth-server-quarkus -Pdb-${{ matrix.database }} -Pauth-server-migration \ -Dtest=MigrationTest \ -Dmigration.mode=auto \ -Dmigrated.auth.server.version=${{ matrix.old-version }} \ -Dmigration.import.file.name=migration-realm-${{ matrix.old-version }}.json \ -Dauth.server.ssl.required=false \ -Dauth.server.db.host=localhost \ "-Dwebdriver.chrome.driver=$CHROMEWEBDRIVER/chromedriver" \ -f testsuite/integration-arquillian/pom.xml 2>&1 | misc/log/trimmer.sh - name: Upload JVM Heapdumps if: always() uses: ./.github/actions/upload-heapdumps - uses: ./.github/actions/upload-flaky-tests name: Upload flaky tests env: GH_TOKEN: ${{ github.token }} with: job-name: Migration Tests - name: Surefire reports if: always() uses: ./.github/actions/archive-surefire-reports with: job-id: migration-tests-${{ matrix.old-version }}-${{ matrix.database }} test-poc: name: Test PoC runs-on: ubuntu-latest if: needs.conditional.outputs.ci-test-poc == 'true' needs: - conditional - build timeout-minutes: 30 steps: - uses: actions/checkout@v4 - id: integration-test-setup name: Integration test setup uses: ./.github/actions/integration-test-setup - name: Run tests run: | cd test-poc mvn clean install check: name: Status Check - Keycloak CI if: always() needs: - conditional - build - unit-tests - base-integration-tests - adapter-integration-tests - quarkus-unit-tests - quarkus-integration-tests - jdk-integration-tests - store-integration-tests - persistent-sessions-tests - store-model-tests - clustering-integration-tests - fips-unit-tests - fips-integration-tests - forms-integration-tests - webauthn-integration-tests - sssd-unit-tests - migration-tests - external-infinispan-tests - test-poc runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - uses: ./.github/actions/status-check with: jobs: ${{ toJSON(needs) }}